OTL OTL logfile created on: 2018-07-19 16:19:00 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Agnieszka\Downloads 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 7,89 Gb Total Physical Memory | 5,53 Gb Available Physical Memory | 70,16% Memory free 15,77 Gb Paging File | 13,43 Gb Available in Paging File | 85,14% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 227,68 Gb Total Space | 62,78 Gb Free Space | 27,57% Space Free | Partition Type: NTFS Drive D: | 238,08 Gb Total Space | 213,99 Gb Free Space | 89,88% Space Free | Partition Type: NTFS Computer Name: LAPTOP | User Name: Agnieszka | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2018-07-19 16:18:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Agnieszka\Downloads\OTL.exe PRC - [2018-07-18 12:12:40 | 010,828,504 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2018-07-18 10:28:47 | 000,322,464 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2018-04-20 10:53:04 | 003,943,664 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe PRC - [2018-04-20 10:51:12 | 003,892,256 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe PRC - [2018-04-20 10:48:08 | 006,788,032 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe PRC - [2018-03-21 02:21:48 | 000,083,984 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2013-05-04 15:16:41 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe PRC - [2012-07-17 14:57:22 | 000,365,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2012-07-17 14:57:20 | 000,277,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2012-07-13 17:37:46 | 000,017,376 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe PRC - [2012-06-25 17:19:24 | 000,178,848 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe PRC - [2012-06-25 15:54:28 | 000,322,208 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe PRC - [2012-06-25 10:57:14 | 000,166,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe PRC - [2012-06-19 13:59:04 | 000,174,752 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe PRC - [2012-05-28 10:04:48 | 000,113,312 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe PRC - [2012-05-07 15:10:20 | 001,121,448 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe PRC - [2012-05-03 15:13:10 | 000,309,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe PRC - [2012-04-24 02:17:00 | 002,458,944 | R--- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2012-04-13 10:14:00 | 000,277,120 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe PRC - [2012-02-21 14:49:04 | 000,102,568 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe PRC - [2012-02-21 14:49:00 | 000,162,456 | ---- | M] (ASUSTeK) -- C:\Windows\SysWOW64\ACEngSvr.exe PRC - [2012-02-16 16:01:36 | 000,473,728 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe PRC - [2012-02-07 06:12:52 | 000,291,608 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe PRC - [2011-11-21 14:22:08 | 000,080,512 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe PRC - [2011-11-21 14:19:50 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe PRC - [2009-06-19 10:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe PRC - [2009-06-19 10:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe PRC - [2008-12-22 17:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2018-07-18 10:30:39 | 067,126,928 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll MOD - [2018-07-18 10:28:51 | 000,483,544 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\streamback.dll MOD - [2018-07-18 10:28:42 | 000,282,840 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll MOD - [2012-02-21 14:49:00 | 000,009,216 | ---- | M] () -- C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2018-07-18 10:28:47 | 000,322,464 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV:[b]64bit:[/b] - [2018-07-18 10:28:43 | 007,780,400 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe -- (aswbIDSAgent) SRV:[b]64bit:[/b] - [2017-08-14 12:30:26 | 002,291,904 | ---- | M] (Disc Soft Ltd) [On_Demand | Running] -- C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe -- (Disc Soft Lite Bus Service) SRV:[b]64bit:[/b] - [2016-05-10 09:56:46 | 000,037,504 | ---- | M] (The OpenVPN Project) [On_Demand | Stopped] -- C:\Program Files\OpenVPN\bin\openvpnserv.exe -- (OpenVPNService) SRV:[b]64bit:[/b] - [2012-04-20 14:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Disabled | Stopped] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R) SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2018-07-18 10:25:01 | 000,194,512 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2018-07-18 10:18:53 | 000,335,872 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2018-05-22 12:54:56 | 000,779,392 | ---- | M] (EasyAntiCheat Ltd) [Disabled | Stopped] -- C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe -- (EasyAntiCheat) SRV - [2018-03-21 02:21:48 | 000,083,984 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012-07-17 14:57:22 | 000,365,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2012-07-17 14:57:20 | 000,277,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2012-07-09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2012-06-25 10:57:14 | 000,166,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service) SRV - [2012-04-24 02:17:00 | 002,458,944 | R--- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012-04-13 10:14:00 | 000,277,120 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe -- (ASUS InstantOn) SRV - [2012-02-22 09:18:24 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) SRV - [2011-12-29 15:27:48 | 000,158,880 | ---- | M] (Atheros) [Disabled | Stopped] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt&Wlan Coex Agent) SRV - [2011-12-29 15:09:24 | 000,106,144 | ---- | M] (Atheros Commnucations) [Disabled | Stopped] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc) SRV - [2011-11-21 14:22:08 | 000,080,512 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService) SRV - [2011-11-21 14:19:50 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv) SRV - [2010-01-25 08:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) [Disabled | Stopped] -- C:\Program Files (x86)\Browny02\BrYNSvc.exe -- (BrYNSvc) SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2018-07-18 10:28:56 | 000,463,080 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:[b]64bit:[/b] - [2018-07-18 10:28:56 | 000,381,584 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm) DRV:[b]64bit:[/b] - [2018-07-18 10:28:56 | 000,211,160 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm) DRV:[b]64bit:[/b] - [2018-07-18 10:28:56 | 000,159,640 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:[b]64bit:[/b] - [2018-07-18 10:28:56 | 000,085,968 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt) DRV:[b]64bit:[/b] - [2018-07-18 10:28:56 | 000,046,976 | ---- | M] (AVAST Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid) DRV:[b]64bit:[/b] - [2018-07-18 10:28:55 | 000,197,160 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswArPot.sys -- (aswArPot) DRV:[b]64bit:[/b] - [2018-07-18 10:28:55 | 000,111,872 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:[b]64bit:[/b] - [2018-07-18 10:28:45 | 001,027,728 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:[b]64bit:[/b] - [2018-07-18 10:28:42 | 000,239,680 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswHdsKe.sys -- (aswHdsKe) DRV:[b]64bit:[/b] - [2018-07-18 10:28:41 | 000,346,664 | ---- | M] (AVAST Software) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\aswbloga.sys -- (aswblog) DRV:[b]64bit:[/b] - [2018-07-18 10:28:41 | 000,201,328 | ---- | M] (AVAST Software) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\aswbidsha.sys -- (aswbidsh) DRV:[b]64bit:[/b] - [2018-07-18 10:28:41 | 000,059,592 | ---- | M] (AVAST Software) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\aswbuniva.sys -- (aswbuniv) DRV:[b]64bit:[/b] - [2018-07-18 10:28:40 | 000,229,392 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswbidsdrivera.sys -- (aswbidsdriver) DRV:[b]64bit:[/b] - [2017-09-03 17:19:57 | 000,047,672 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtliteusbbus.sys -- (dtliteusbbus) DRV:[b]64bit:[/b] - [2017-09-03 17:19:32 | 000,030,264 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtlitescsibus.sys -- (dtlitescsibus) DRV:[b]64bit:[/b] - [2016-04-21 11:10:04 | 000,027,136 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901) DRV:[b]64bit:[/b] - [2015-03-05 11:00:00 | 004,137,472 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:[b]64bit:[/b] - [2012-07-13 17:37:48 | 000,049,824 | ---- | M] (ASUS Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsusTP.sys -- (ATP) DRV:[b]64bit:[/b] - [2012-07-13 17:37:48 | 000,035,968 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsusVBus.sys -- (AsusVBus) DRV:[b]64bit:[/b] - [2012-07-13 17:37:46 | 000,019,104 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsusVTouch.sys -- (AsusVTouch) DRV:[b]64bit:[/b] - [2012-07-02 15:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:[b]64bit:[/b] - [2012-05-07 15:10:18 | 000,017,152 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AiCharger.sys -- (AiCharger) DRV:[b]64bit:[/b] - [2012-04-24 02:17:00 | 000,028,992 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt) DRV:[b]64bit:[/b] - [2012-03-01 08:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2012-02-22 09:18:14 | 014,692,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2012-02-20 04:31:14 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:[b]64bit:[/b] - [2012-02-07 06:12:56 | 000,787,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc) DRV:[b]64bit:[/b] - [2012-02-07 06:12:54 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub) DRV:[b]64bit:[/b] - [2012-02-07 06:12:54 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs) DRV:[b]64bit:[/b] - [2012-02-01 11:06:18 | 000,292,968 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsBaStor.sys -- (RSBASTOR) DRV:[b]64bit:[/b] - [2011-12-29 15:18:54 | 000,548,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter) DRV:[b]64bit:[/b] - [2011-12-29 15:18:06 | 000,280,992 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP) DRV:[b]64bit:[/b] - [2011-12-29 15:17:54 | 000,068,256 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT) DRV:[b]64bit:[/b] - [2011-12-29 15:17:24 | 000,167,584 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP) DRV:[b]64bit:[/b] - [2011-12-29 15:17:06 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort) DRV:[b]64bit:[/b] - [2011-12-29 15:16:54 | 000,030,368 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS) DRV:[b]64bit:[/b] - [2011-12-29 15:16:36 | 000,110,752 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt) DRV:[b]64bit:[/b] - [2011-12-29 15:16:18 | 000,338,592 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP) DRV:[b]64bit:[/b] - [2011-12-23 05:09:00 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:[b]64bit:[/b] - [2011-08-23 15:57:24 | 000,565,352 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2009-07-20 11:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr) DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-07-14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam) DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2011-09-07 09:55:04 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO) DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2009-07-02 17:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.countryCode: "PL" FF - prefs.js..browser.search.region: "PL" FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1234204.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 61.0.1\extensions\\Components: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\COMPONENTS 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 61.0.1\extensions\\Plugins: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\PLUGINS FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013-05-04 16:07:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Agnieszka\AppData\Roaming\mozilla\Extensions [2017-11-17 11:33:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Agnieszka\AppData\Roaming\mozilla\SystemExtensionsDev [2018-07-19 12:18:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Agnieszka\AppData\Roaming\mozilla\Firefox\Profiles\hs2g5730.default-1531903920870\extensions [2018-07-19 12:18:25 | 002,457,020 | ---- | M] () (No name found) -- C:\Users\Agnieszka\AppData\Roaming\mozilla\firefox\profiles\hs2g5730.default-1531903920870\extensions\sp@avast.com.xpi O1 HOSTS File: ([2013-05-04 15:52:32 | 000,000,921 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 genuine.microsoft.com O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com O1 - Hosts: 127.0.0.1 sls.microsoft.com O2:[b]64bit:[/b] - BHO: (ASUS Browser Extension x64) - {78234974-0C4B-4111-BDEB-D9A104418772} - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x64\BrowserExtension64.dll (ASUSTeK Computer Inc.) O2:[b]64bit:[/b] - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O4:[b]64bit:[/b] - HKLM..\Run: [ASUS Quick Gesture (x64)] C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe (ASUSTeK Computer Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [ASUS Quick Gesture (x86)] C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe (ASUSTeK Computer Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [ASUS TP Center (x64)] C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (AsusTek) O4:[b]64bit:[/b] - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations) O4:[b]64bit:[/b] - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications) O4:[b]64bit:[/b] - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvLaunch.exe (AVAST Software) O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [ACMON] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS) O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS) O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS) O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.) O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation) O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd) O4 - HKCU..\Run: [DAEMON Tools Lite Automount] C:\Program Files\DAEMON Tools Lite\DTAgent.exe (Disc Soft Ltd) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 31.11.202.254 37.8.214.2 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A39DCEA6-AE18-446E-A073-25F0B53414D3}: DhcpNameServer = 31.11.202.254 37.8.214.2 O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:[b]64bit:[/b] - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\SYSTEM32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{1e689c3c-b4e9-11e2-967b-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{1e689c3c-b4e9-11e2-967b-806e6f6e6963}\Shell\AutoRun\command - "" = E:\InstAll.exe O33 - MountPoints2\{5905c1c1-0d6a-11e8-9d11-2016d8634425}\Shell - "" = AutoRun O33 - MountPoints2\{5905c1c1-0d6a-11e8-9d11-2016d8634425}\Shell\AutoRun\command - "" = G:\HiSuiteDownLoader.exe O33 - MountPoints2\{87335f18-68cc-11e5-bbf9-2016d8634425}\Shell - "" = AutoRun O33 - MountPoints2\{87335f18-68cc-11e5-bbf9-2016d8634425}\Shell\AutoRun\command - "" = F:\HiSuiteDownLoader.exe O33 - MountPoints2\{996c72d4-229a-11e3-8a4c-2016d8634425}\Shell - "" = AutoRun O33 - MountPoints2\{996c72d4-229a-11e3-8a4c-2016d8634425}\Shell\AutoRun\command - "" = F:\LGAutoRun.exe O33 - MountPoints2\{dc6e2375-a377-11e3-a288-2016d8634425}\Shell - "" = AutoRun O33 - MountPoints2\{dc6e2375-a377-11e3-a288-2016d8634425}\Shell\AutoRun\command - "" = F:\LGAutoRun.exe O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\autorun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2018-07-19 16:11:41 | 000,000,000 | R--D | C] -- C:\Users\Agnieszka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices [2018-07-19 12:26:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 [2018-07-19 12:26:24 | 000,032,168 | ---- | C] (Safer-Networking Ltd.) -- C:\Windows\SysNative\sdnclean64.exe [2018-07-19 12:26:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2018-07-19 12:26:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2 [2018-07-18 10:49:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2018-07-18 10:49:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2018-07-18 10:49:35 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip [2018-07-18 10:30:48 | 000,000,000 | ---D | C] -- C:\Users\Agnieszka\AppData\Roaming\AVAST Software [2018-07-18 10:30:46 | 000,000,000 | ---D | C] -- C:\Users\Agnieszka\AppData\Local\AVAST Software [2018-07-18 10:30:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software [2018-07-18 10:29:07 | 001,027,728 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2018-07-18 10:29:07 | 000,463,080 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2018-07-18 10:29:07 | 000,381,584 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswVmm.sys [2018-07-18 10:29:07 | 000,346,664 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswbloga.sys [2018-07-18 10:29:07 | 000,239,680 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswHdsKe.sys [2018-07-18 10:29:07 | 000,229,392 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswbidsdrivera.sys [2018-07-18 10:29:07 | 000,211,160 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys [2018-07-18 10:29:07 | 000,201,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswbidsha.sys [2018-07-18 10:29:07 | 000,197,160 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswArPot.sys [2018-07-18 10:29:07 | 000,159,640 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2018-07-18 10:29:07 | 000,111,872 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys [2018-07-18 10:29:07 | 000,085,968 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRvrt.sys [2018-07-18 10:29:07 | 000,059,592 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswbuniva.sys [2018-07-18 10:29:07 | 000,046,976 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswHwid.sys [2018-07-18 10:29:01 | 001,142,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ucrtbase.dll [2018-07-18 10:29:01 | 001,001,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ucrtbase.dll [2018-07-18 10:29:01 | 000,378,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2018-07-18 10:29:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVAST Software [2018-07-18 10:27:51 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2018-07-18 10:27:11 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2018-07-18 10:21:53 | 000,000,000 | ---D | C] -- C:\AdwCleaner [2018-07-06 13:23:27 | 000,000,000 | ---D | C] -- C:\Users\Agnieszka\AppData\Local\TDUeditor [2018-07-06 12:08:12 | 000,000,000 | ---D | C] -- C:\acr_logs [2018-07-06 08:36:31 | 000,000,000 | ---D | C] -- C:\Users\Agnieszka\Desktop\SARDU_324 [2018-07-05 17:54:57 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Steam [2018-07-05 17:16:52 | 006,981,240 | ---- | C] (ESET spol. s r.o.) -- C:\Users\Agnieszka\Desktop\esetonlinescanner_enu.exe [2018-07-05 16:44:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heliborne Dragons Awakening [2018-07-05 16:36:50 | 000,000,000 | ---D | C] -- C:\Users\Agnieszka\Desktop\Supreme.Commander.MULTi9 [2018-07-05 14:17:28 | 000,000,000 | ---D | C] -- C:\Users\Agnieszka\Documents\ZombieDriverHD [2018-07-05 13:59:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exor Studios [2018-07-05 12:56:39 | 000,000,000 | ---D | C] -- C:\Users\Agnieszka\AppData\Local\Targem [2018-07-05 12:56:39 | 000,000,000 | ---D | C] -- C:\Users\Agnieszka\Documents\My Games [2018-07-05 11:40:20 | 000,000,000 | ---D | C] -- C:\Users\Agnieszka\Documents\Test Drive Unlimited [2018-07-05 11:38:35 | 000,000,000 | ---D | C] -- C:\Users\Agnieszka\AppData\Local\paradise_launcher [2018-07-05 11:37:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Test Drive Unlimited [2018-07-05 11:36:34 | 000,000,000 | ---D | C] -- C:\Users\Agnieszka\AppData\Local\Gaijin [2018-07-05 11:36:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Gaijin [2018-07-05 11:36:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EasyAntiCheat [2018-07-05 11:36:31 | 000,000,000 | ---D | C] -- C:\Users\Agnieszka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Crossout [2018-07-05 11:35:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Test Drive Unlimited ReincarnaTion [2018-07-05 10:06:29 | 000,000,000 | ---D | C] -- C:\Users\Agnieszka\AppData\Roaming\uTorrent [2009-07-14 03:14:20 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Users\Agnieszka\OiNEFMLyeniag.exe [1 C:\Users\Agnieszka\Desktop\*.tmp files -> C:\Users\Agnieszka\Desktop\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2018-07-19 16:16:59 | 001,676,974 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2018-07-19 16:16:59 | 000,743,280 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2018-07-19 16:16:59 | 000,656,628 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2018-07-19 16:16:59 | 000,156,730 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2018-07-19 16:16:59 | 000,122,440 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2018-07-19 16:11:45 | 000,000,387 | ---- | M] () -- C:\Users\Agnieszka\AppData\Roaming\sp_data.sys [2018-07-19 16:09:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2018-07-19 16:09:06 | 2057,424,895 | -HS- | M] () -- C:\hiberfil.sys [2018-07-19 16:08:34 | 000,009,776 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2018-07-19 16:08:34 | 000,009,776 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2018-07-19 13:22:21 | 000,000,114 | ---- | M] () -- C:\Windows\wininit.ini [2018-07-19 12:26:33 | 000,001,379 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk [2018-07-18 10:50:34 | 000,001,066 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2018-07-18 10:49:57 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2018-07-18 10:30:44 | 000,001,922 | ---- | M] () -- C:\Users\Public\Desktop\Avast Free Antivirus.lnk [2018-07-18 10:28:56 | 000,463,080 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2018-07-18 10:28:56 | 000,381,584 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswVmm.sys [2018-07-18 10:28:56 | 000,211,160 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys [2018-07-18 10:28:56 | 000,159,640 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2018-07-18 10:28:56 | 000,085,968 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRvrt.sys [2018-07-18 10:28:56 | 000,046,976 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswHwid.sys [2018-07-18 10:28:55 | 000,378,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2018-07-18 10:28:55 | 000,197,160 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswArPot.sys [2018-07-18 10:28:55 | 000,111,872 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys [2018-07-18 10:28:53 | 001,142,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ucrtbase.dll [2018-07-18 10:28:53 | 001,001,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ucrtbase.dll [2018-07-18 10:28:45 | 001,027,728 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2018-07-18 10:28:42 | 000,239,680 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswHdsKe.sys [2018-07-18 10:28:41 | 000,346,664 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswbloga.sys [2018-07-18 10:28:41 | 000,201,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswbidsha.sys [2018-07-18 10:28:41 | 000,059,592 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswbuniva.sys [2018-07-18 10:28:40 | 000,229,392 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswbidsdrivera.sys [2018-07-18 10:18:53 | 000,842,240 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2018-07-18 10:18:53 | 000,175,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2018-07-06 11:46:57 | 000,422,152 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2018-07-05 21:04:30 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job [2018-07-05 17:16:57 | 006,981,240 | ---- | M] (ESET spol. s r.o.) -- C:\Users\Agnieszka\Desktop\esetonlinescanner_enu.exe [2018-07-05 10:18:14 | 000,000,002 | ---- | M] () -- C:\Users\Agnieszka\AppData\Local\WMI.ini [2018-07-05 10:06:29 | 000,000,853 | ---- | M] () -- C:\Users\Agnieszka\Desktop\µTorrent.lnk [2018-07-05 09:28:29 | 000,043,520 | ---- | M] () -- C:\Windows\SysWow64\CmdLineExt03.dll [1 C:\Users\Agnieszka\Desktop\*.tmp files -> C:\Users\Agnieszka\Desktop\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2018-07-19 16:10:46 | 000,001,268 | ---- | C] () -- C:\Users\Agnieszka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2018-07-19 13:22:21 | 000,000,114 | ---- | C] () -- C:\Windows\wininit.ini [2018-07-19 12:26:33 | 000,001,391 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk [2018-07-19 12:26:33 | 000,001,379 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk [2018-07-18 10:49:57 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2018-07-18 10:30:44 | 000,001,922 | ---- | C] () -- C:\Users\Public\Desktop\Avast Free Antivirus.lnk [2018-07-05 10:18:14 | 000,000,002 | ---- | C] () -- C:\Users\Agnieszka\AppData\Local\WMI.ini [2018-07-05 10:06:29 | 000,000,853 | ---- | C] () -- C:\Users\Agnieszka\Desktop\µTorrent.lnk [2018-07-05 09:28:29 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll [2018-02-02 15:43:47 | 000,001,320 | ---- | C] () -- C:\Users\Agnieszka\Freemake Video Converter.lnk [2017-09-01 17:08:02 | 000,013,312 | ---- | C] () -- C:\Windows\SDL_net.dll [2017-09-01 17:04:58 | 000,448,231 | ---- | C] () -- C:\Windows\sdl.dll [2016-06-22 13:27:00 | 000,227,365 | ---- | C] () -- C:\Users\Agnieszka\13509576_1132322483476306_2078620343_o(1).jpg [2016-05-08 15:05:35 | 000,164,757 | ---- | C] () -- C:\Users\Agnieszka\13177595_1101458853229336_236600193053475177_n.jpg [2015-05-13 13:16:35 | 001,728,113 | ---- | C] () -- C:\Users\Agnieszka\Łubińska Agnieszka.pdf [2015-03-02 23:28:55 | 000,070,691 | ---- | C] () -- C:\Users\Agnieszka\hgh.jpg [2014-04-20 18:18:49 | 000,112,241 | ---- | C] () -- C:\Users\Agnieszka\pandzia.jpg [2014-02-14 20:28:41 | 000,004,608 | ---- | C] () -- C:\Users\Agnieszka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013-09-04 19:04:48 | 001,536,596 | ---- | C] () -- C:\Users\Agnieszka\Sherry Argov - Dlaczego mezczyzni kochaja zolzy [PL] [.pdf].pdf [2013-09-01 21:36:31 | 000,000,860 | ---- | C] () -- C:\Users\Agnieszka\CCleaner.lnk [2013-05-05 19:46:17 | 004,598,588 | ---- | C] () -- C:\Users\Agnieszka\IMG_0013.JPG [2013-05-04 15:35:13 | 000,000,017 | ---- | C] () -- C:\Users\Agnieszka\AppData\Local\resmon.resmoncfg [2013-05-04 15:24:52 | 000,000,387 | ---- | C] () -- C:\Users\Agnieszka\AppData\Roaming\sp_data.sys [color=#E56717]========== ZeroAccess Check ==========[/color] [2009-07-14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 07:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 06:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009-07-14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report > Extras OTL Extras logfile created on: 2018-07-19 16:19:00 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Agnieszka\Downloads 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 7,89 Gb Total Physical Memory | 5,53 Gb Available Physical Memory | 70,16% Memory free 15,77 Gb Paging File | 13,43 Gb Available in Paging File | 85,14% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 227,68 Gb Total Space | 62,78 Gb Free Space | 27,57% Space Free | Partition Type: NTFS Drive D: | 238,08 Gb Total Space | 213,99 Gb Free Space | 89,88% Space Free | Partition Type: NTFS Computer Name: LAPTOP | User Name: Agnieszka | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" () Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang () Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" () Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang () Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access -- (Safer-Networking Ltd.) "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.) "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.) "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.) "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access -- (Safer-Networking Ltd.) "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.) "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.) "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.) [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{06455A94-E7E3-445F-BF09-20791838C2AB}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{06ECF59F-658F-49C3-ADFE-2D3BA4EC50DF}" = lport=139 | protocol=6 | dir=in | app=system | "{182F7726-303D-43DF-BF3A-4F9D74E5409A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{1E11EA80-75A7-47DE-843E-A93AB9D3A8C2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{2094A525-4E92-4410-8D0D-5132384DDF58}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{243C93D2-2C14-4A1B-8524-3BA5E3935B26}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{2FB166BE-294C-46FB-B6C6-FBF200E60E15}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{36DDCF61-8F4D-4F75-A553-5261E56511E2}" = lport=445 | protocol=6 | dir=in | app=system | "{3FED752E-6211-4AD7-86C1-52C300526825}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{422D2FE4-95CB-48AB-9FBE-043F6DD63F20}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{5243676D-7000-497D-BF35-4B9909912650}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{6B72C46F-449C-4566-A700-023A0DF11694}" = rport=10243 | protocol=6 | dir=out | app=system | "{70C7E9FA-92B2-4E54-B0BE-EAD50DDA86BA}" = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner | "{7E340CD0-9251-43C8-A90F-8CACB4126141}" = rport=445 | protocol=6 | dir=out | app=system | "{7E5C3FC3-3D18-47C3-B2F3-72561A9D47C7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{800BF457-3C72-4D8F-83A1-F99FD255CF52}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | "{91122527-71E8-42B7-B2E0-3E89ED4BED07}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{92482748-5928-4B26-9650-367D572F5FBD}" = lport=11155 | protocol=17 | dir=in | name=11155 \udp | "{93108E78-3181-4E7D-B0B2-F1383582CF53}" = rport=138 | protocol=17 | dir=out | app=system | "{95C23585-D99B-4A8C-A1CE-729B70F7DCC2}" = rport=137 | protocol=17 | dir=out | app=system | "{AFB92AFD-A061-446A-B5CC-AD93E5D199BA}" = lport=2869 | protocol=6 | dir=in | app=system | "{B3934B62-FB9B-49AB-BCC3-F91D6AE4E4DC}" = lport=137 | protocol=17 | dir=in | app=system | "{C79BB746-948F-4465-9771-D27E203FEB1E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{E94E7A77-F431-409A-B2CA-751E7C2974F4}" = lport=10243 | protocol=6 | dir=in | app=system | "{EB7F9817-F695-46D7-BDB9-E866DF9F96A0}" = lport=138 | protocol=17 | dir=in | app=system | "{F0E0F9D4-AA60-426C-A7F2-21C72149442B}" = lport=11155 | protocol=6 | dir=in | name=11155 \tcp | "{F6B2CC4A-F6B2-4F8D-AB9A-68A8A46CBDED}" = rport=139 | protocol=6 | dir=out | app=system | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{022591E1-3CB7-4AF2-93AB-F0D804F77450}" = dir=in | app=c:\users\agnieszka\oinefmlyeniag.exe | "{03C6624E-0A26-4AED-ABF0-88F229F09D39}" = protocol=17 | dir=in | app=c:\users\agnieszka\appdata\roaming\utorrent\utorrent.exe | "{07279CB7-ACC2-4A63-B51B-D1694F0FDC6A}" = dir=in | app=c:\windows\syswow64\svchost.exe | "{07482B67-4D10-42EA-AAAB-ED3614E0388D}" = dir=in | app=c:\windows\syswow64\svchost.exe | "{09DE66C7-B947-41F2-8193-504B3CBAD6F3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{0A46A35D-AD87-4024-AF9C-E12C711D9BE1}" = dir=in | app=c:\windows\syswow64\svchost.exe | "{0B9385DF-B481-49BC-BCF9-825704A02A13}" = dir=in | app=c:\windows\syswow64\svchost.exe | "{0CBA28F0-5E51-46E2-BC83-0F6E58E0E041}" = protocol=17 | dir=in | app=c:\program files\ccleaner\ccupdate.exe | "{0D422189-05F4-42BF-A1F4-3F1E2B85ACC8}" = protocol=6 | dir=in | app=c:\users\agnieszka\appdata\roaming\utorrent\utorrent.exe | "{0E91E4A1-9598-46AC-BEE6-3C44A5575963}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{10AE8020-6EE9-4BBE-97A9-AC933CDA2883}" = protocol=6 | dir=in | app=c:\program files\avast software\avast\avemupdate.exe | "{112D5403-603F-4750-B5A2-9C861108523F}" = dir=in | app=c:\windows\syswow64\svchost.exe | "{13C2F1FF-B1EE-442A-AA0F-DD2773C2D9C2}" = dir=in | app=c:\windows\syswow64\svchost.exe | "{14482028-9636-4D9F-9BD1-F16C537A105D}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | "{19C020EC-6AC7-45A6-9424-59CC49F142CB}" = dir=in | app=c:\windows\syswow64\svchost.exe | "{1D2DFC62-F4B0-462C-B4AF-03AAC4552F7A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{250A23D3-57DB-48F6-9F83-597890661AC5}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{26AF1E2F-B0EE-4187-9983-653FDF22CA58}" = protocol=6 | dir=out | app=system | "{27DC0601-A103-48D8-9D3D-CD106063EBD3}" = dir=in | app=c:\windows\syswow64\svchost.exe | "{31C2FBA1-73E5-49FF-85EF-5F42857EEA7F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{3732F758-558F-4785-90E9-4CA965AB206F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{391C73EB-3A9D-4171-AC2D-2B745FD2171A}" = dir=in | app=c:\windows\syswow64\svchost.exe | "{4345382A-28DC-4E3A-A7A8-9C37D774E9E1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{45BD1B89-B547-4EBD-96A5-0556FB655CA1}" = protocol=6 | dir=in | app=c:\gierki świniaka ;v\s.t.a.l.k.e.r. - shadow of chernobyl\bin\xr_3da.exe | "{48B037B8-4528-4527-82CA-499374AC219C}" = protocol=17 | dir=in | app=c:\program files (x86)\napiprojekt\napisy.exe | "{4EBFA56E-6B3F-4286-B906-0FEA0E3B7FEE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{502E34DE-4175-48E5-9691-373370026D80}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{509F12E6-6A95-4A58-A3AA-FCEA05566C69}" = dir=in | app=c:\windows\syswow64\svchost.exe | "{517BFEEB-7EAD-4E94-B585-A61C6458D7DC}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | "{536EFA19-D693-4B50-B212-1D5BD61BD55A}" = dir=in | app=c:\windows\syswow64\svchost.exe | "{590DD259-BCFC-473B-B8FF-BFD75E8434A3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{595935CA-EEA4-4999-8626-9A0B1B8F400F}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{599CD80B-FC4A-4C3A-AFC0-616CBC56AB74}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{5D8BA1E9-14EC-4A38-8560-1FD4FB088542}" = dir=in | app=c:\windows\syswow64\gvstey.exe | "{62DAB257-5448-476C-A713-6B33699A51FE}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe | "{6371CB51-1C0B-4B84-AD9C-749D519D0D6A}" = dir=in | app=c:\windows\syswow64\svchost.exe | "{63DCA7C8-0F8C-43C6-9686-62FE6AEA638F}" = dir=in | app=c:\windows\syswow64\svchost.exe | "{67048F4A-7C86-48CC-9689-3EF1944AD785}" = protocol=6 | dir=in | app=c:\program files (x86)\napiprojekt\napisy.exe | "{6ACCE22B-16FC-4FB5-B93F-8EECFB7E032C}" = dir=in | app=c:\windows\syswow64\svchost.exe | "{71446AC3-A42F-4BEB-8980-8CBE169A50EB}" = dir=in | app=c:\windows\syswow64\svchost.exe | "{7C9BD599-78D1-4BD5-8931-34E07E78D95B}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{7FE6F024-BE2D-4F78-96C2-BB061AA86F8C}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | "{80D69F94-D058-4C5C-850F-485E89799CDD}" = dir=in | app=c:\windows\syswow64\svchost.exe | "{8AC83572-E7FB-4EC9-86D7-21885559F7B6}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{8CA3C0D7-60E0-4188-B7A2-C2B4980DC8FC}" = dir=in | app=c:\windows\syswow64\svchost.exe | "{95FD78F6-D6A3-45D5-ABB2-B3BF9D0A96CD}" = dir=in | app=c:\program files (x86)\3cxphone\3cxphone.exe | "{9D5CD730-F811-4AD3-A19D-A269559EDACB}" = protocol=17 | dir=in | app=c:\gierki świniaka ;v\s.t.a.l.k.e.r. - shadow of chernobyl\bin\xr_3da.exe | "{A6033299-B2D4-4BAB-85C5-94FE4BA442FA}" = protocol=17 | dir=in | app=c:\program files\avast software\avast\avemupdate.exe | "{ACB20B78-BDFD-4E4F-BC99-F0FD70D7FA13}" = dir=in | app=c:\windows\syswow64\svchost.exe | "{AD84E723-2AB5-4A53-9D54-F1D69B6B8E13}" = protocol=6 | dir=in | app=c:\program files\ccleaner\ccupdate.exe | "{AF965D2A-B1F8-40C5-A00B-8446C6252E17}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe | "{B42F9553-AB26-4CA7-9873-A5482F3E72A0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{B52F6973-BEBB-45EA-8D0A-9EE74C994479}" = dir=in | app=c:\windows\syswow64\svchost.exe | "{B687E29B-D9F4-46B6-A238-114EFCA9B8FE}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{B99B80C8-1BC8-42F2-AE6B-0009E214DFFD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{BE57F5E5-3E00-4B9B-A63F-D829CAF4618A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{C7D428F0-54E9-4533-9E64-812B9D20B0DF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{D453F2E5-EE17-4FB5-923E-AE7DB5F674C9}" = dir=in | app=c:\windows\syswow64\svchost.exe | "{E37EC7D9-C019-4919-92F6-6F892751D839}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | "{E5B76B56-9171-4BA7-8649-5D4F45F1DDE0}" = dir=in | app=c:\windows\syswow64\svchost.exe | "{E6DBEC35-3D50-44A9-A42F-564FFAD4C963}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{E723476A-F6F2-4784-B964-3FAB6FC339A1}" = dir=in | app=c:\windows\syswow64\msiexec.exe | "{ED7A3E9A-418F-47C9-94AB-036FB8F0DE2B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{F4633F24-117B-4FC1-A6FE-0C533F536871}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "TCP Query User{02C313C3-5AFE-4A13-B665-7BE197BA037E}C:\gierki świniaka ;v\crashday\crashday -steam.exe" = protocol=6 | dir=in | app=c:\gierki świniaka ;v\crashday\crashday -steam.exe | "TCP Query User{1F82E831-02C2-4FAF-9FD1-093F543175E3}C:\gierki świniaka ;v\c&c\twisted insurrection 0.7\game.exe" = protocol=6 | dir=in | app=c:\gierki świniaka ;v\c&c\twisted insurrection 0.7\game.exe | "TCP Query User{310F9E84-C4EC-4F1E-B175-DBAE0CBBB9F5}D:\gierki\test drive unlimited\testdriveunlimited.exe" = protocol=6 | dir=in | app=d:\gierki\test drive unlimited\testdriveunlimited.exe | "TCP Query User{3C2D20C7-5656-4DC7-BD14-093CE9CBA5DB}C:\gierki świniaka ;v\crashday\crashday.exe" = protocol=6 | dir=in | app=c:\gierki świniaka ;v\crashday\crashday.exe | "TCP Query User{4CC13FB4-D5D9-4338-8D6C-899E7FC73EA7}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | "TCP Query User{523F56A3-3392-4F4F-829E-C5229CD42E02}D:\gierki\crossout\launcher.exe" = protocol=6 | dir=in | app=d:\gierki\crossout\launcher.exe | "TCP Query User{5720E2B3-86E3-40B0-9FC3-10A8E15A00D7}D:\gierki\test drive unlimited\testdriveunlimited.exe" = protocol=6 | dir=in | app=d:\gierki\test drive unlimited\testdriveunlimited.exe | "TCP Query User{83A0E1F3-2C2F-4913-A265-B02F9B6D83D3}C:\gierki świniaka ;v\c&c\dta\game.exe" = protocol=6 | dir=in | app=c:\gierki świniaka ;v\c&c\dta\game.exe | "TCP Query User{A32F6C0E-C526-46E7-AC6A-AFD751247F64}C:\gierki świniaka ;v\aerial destruction\binaries\win32\udk.exe" = protocol=6 | dir=in | app=c:\gierki świniaka ;v\aerial destruction\binaries\win32\udk.exe | "TCP Query User{D1C83E02-CADC-46DF-B226-2E995CEA0854}C:\gierki świniaka ;v\c&c\ts client\game.exe" = protocol=6 | dir=in | app=c:\gierki świniaka ;v\c&c\ts client\game.exe | "TCP Query User{E6234540-62FE-4D36-9D29-E443825A609B}C:\gierki świniaka ;v\enemy engaged 2\cohokum\ee2.exe" = protocol=6 | dir=in | app=c:\gierki świniaka ;v\enemy engaged 2\cohokum\ee2.exe | "TCP Query User{ECD982A3-3803-41AE-816F-30E6B735945A}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe | "UDP Query User{09D45FA5-B40F-4F81-A24C-0F88BE233E6A}C:\gierki świniaka ;v\crashday\crashday.exe" = protocol=17 | dir=in | app=c:\gierki świniaka ;v\crashday\crashday.exe | "UDP Query User{1FDF57B8-5FA7-4138-97CE-727FE176E0E3}D:\gierki\crossout\launcher.exe" = protocol=17 | dir=in | app=d:\gierki\crossout\launcher.exe | "UDP Query User{3F5C0608-1672-43F4-9814-8E068CC5E501}C:\gierki świniaka ;v\c&c\dta\game.exe" = protocol=17 | dir=in | app=c:\gierki świniaka ;v\c&c\dta\game.exe | "UDP Query User{42D92E73-9108-4F7E-8A62-6EFD5233B5F2}C:\gierki świniaka ;v\c&c\ts client\game.exe" = protocol=17 | dir=in | app=c:\gierki świniaka ;v\c&c\ts client\game.exe | "UDP Query User{62E354D2-2AC3-4548-862B-0BEA57204B72}D:\gierki\test drive unlimited\testdriveunlimited.exe" = protocol=17 | dir=in | app=d:\gierki\test drive unlimited\testdriveunlimited.exe | "UDP Query User{8D6AB85D-5366-492C-BE84-5031EE1A5B05}C:\gierki świniaka ;v\crashday\crashday -steam.exe" = protocol=17 | dir=in | app=c:\gierki świniaka ;v\crashday\crashday -steam.exe | "UDP Query User{AD7905A6-84C0-4FCA-95AB-390F949F2DFD}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe | "UDP Query User{B388D9C2-3E08-4E4C-9B6B-2E8122E52C95}C:\gierki świniaka ;v\enemy engaged 2\cohokum\ee2.exe" = protocol=17 | dir=in | app=c:\gierki świniaka ;v\enemy engaged 2\cohokum\ee2.exe | "UDP Query User{B8863803-9ED6-4F86-AF44-AB0F7E01F967}C:\gierki świniaka ;v\aerial destruction\binaries\win32\udk.exe" = protocol=17 | dir=in | app=c:\gierki świniaka ;v\aerial destruction\binaries\win32\udk.exe | "UDP Query User{CF139E3E-8D60-45D1-AD64-159F8897F3F9}D:\gierki\test drive unlimited\testdriveunlimited.exe" = protocol=17 | dir=in | app=d:\gierki\test drive unlimited\testdriveunlimited.exe | "UDP Query User{CF72C22B-36D0-4F07-8E94-03C3A67FD1F6}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | "UDP Query User{ECDC248B-4E15-4BBF-B76D-AF57B7E461A0}C:\gierki świniaka ;v\c&c\twisted insurrection 0.7\game.exe" = protocol=17 | dir=in | app=c:\gierki świniaka ;v\c&c\twisted insurrection 0.7\game.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5 "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Atheros Bluetooth Suite (64) "{23170F69-40C1-2702-1805-000001000000}" = 7-Zip 18.05 (x64 edition) "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2007 "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5 "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045" = Polski pakiet językowy dla programu Microsoft .NET Framework 4.5 PLK "{94C42BE9-B62A-3558-A793-AD49B354F7AA}" = Microsoft .NET Framework 4.5 PLK Language Pack "{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 296.67 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 296.67 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.7.13 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.7.13 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client "747C94D329BB5CCC3231C84E4D319B6CEC7BBAB3" = Pakiet sterowników systemu Windows - ASUS (ATP) Mouse (07/08/2012 1.0.0.93) "8461-7759-5462-8226" = Vuze "CCleaner" = CCleaner "DAEMON Tools Lite" = DAEMON Tools Lite "Mozilla Firefox 61.0.1 (x64 pl)" = Mozilla Firefox 61.0.1 (x64 pl) "OpenVPN" = OpenVPN 2.3.11-I601 "SKIDROW - Air Missions HIND" = Air Missions HIND "TAP-Windows" = TAP-Windows 9.21.2 "YWVyaWFsZGVzdHJ1Y3Rpb24_is1" = Aerial Destruction Frontline Assault [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology "{0DF8FA4D-299C-4250-9F09-C14E47E12224}" = 3CXPhone "{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 "{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3 "{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver "{42A4EC40-09BC-427C-B657-67978B784058}" = Rally Trophy "{4CA7F8A0-DB20-11D4-8B30-000021015D1C}" = Need for Speed 5 Porsche Unleashed "{4D3286A6-F6AB-498A-82A4-E4F040529F3D}" = ASUS Smart Gesture "{5172E572-C175-4F80-A6D5-5CB45826AD61}" = SceneSwitch "{5CB6A112-DA36-486B-9B1C-6341CB95DE37}" = Enemy Engaged 2 Speech "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS FaceLogon "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{749F674B-2674-47E8-879C-5626A06B2A91}" = InstantOn for NB "{78B1279E-7DFB-4289-B6E1-7C62A1A455A1}_is1" = STALKERSOUP 1.1.0016 "{7D916FA5-DAE9-4A25-B089-655C70EAF607}" = Qualcomm Atheros WiFi Driver Installation Program "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver "{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9C27ADE1-EAFB-4BB7-9FE3-5DD9BA9A3DD2}" = Crashday "{A48A1FF5-3393-481E-BEC1-3C705184816C}_is1" = Test Drive Unlimited ReincarnaTion, версия 1 "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}" = ASUS USB Charger Plus "{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package "{AC76BA86-0804-1033-1959-001824272646}" = Adobe Refresh Manager "{AC76BA86-7AD7-1045-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC - Polish "{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy "{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader "{DD1865F0-AD73-40FB-B23E-1822E02396FF}" = NVIDIA PhysX "{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera "{EF0D610C-92BE-4D8F-BD33-9F658F8754F1}" = GTI Racing "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 "{F8718F95-21A1-44B9-97EC-679C93020BAE}" = Colin McRae Rally 04 "{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 "{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}" = ASUS Live Update "{FB83EAC4-E3F6-4666-B45B-44522F2344B6}" = Brother MFL-Pro Suite DCP-J315W "{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) OpenCL CPU Runtime "Adobe Flash Player NPAPI" = Adobe Flash Player 30 NPAPI "Adobe Shockwave Player" = Adobe Shockwave Player 12.3 "ASUS K5 Series ScreenSaver" = ASUS K5 Series ScreenSaver "Avast Antivirus" = Avast Free Antivirus "Cities XXL_R.G. Mechanics_is1" = Cities XXL "Command and Conquer - Generals_R.G. Mechanics_is1" = Command and Conquer - Generals "CrossOutLauncher_is1" = Crossout Launcher 1.0.3.61 "Enemy Engaged 2_is1" = Enemy Engaged 2 "ENTERPRISE" = Microsoft Office Enterprise 2007 "Freemake Video Converter_is1" = Freemake Video Converter wersja 4.1.10 "InstallShield_{EF0D610C-92BE-4D8F-BD33-9F658F8754F1}" = GTI Racing "MozillaMaintenanceService" = Mozilla Maintenance Service "NapiProjekt_is1" = NapiProjekt (2.2.0.2399) "QWlyR3VhcmRpYW5z_is1" = Air Guardians "S.T.A.L.K.E.R. - Shadow of Chernobyl_is1" = S.T.A.L.K.E.R. - Shadow of Chernobyl [v1.0005] "Spintires_is1" = Spintires "Strike Fighters 2" = Strike Fighters 2 "Strike Fighters 2 Europe" = Strike Fighters 2 Europe "Strike Fighters 2 Expansion Pack 1" = Strike Fighters 2 Expansion Pack 1 "Strike Fighters 2 Expansion Pack 2" = Strike Fighters 2 Expansion Pack 2 "Strike Fighters 2 Extractor" = Strike Fighters 2 Extractor Jun 2011 "Strike Fighters 2 Guns Editor" = Strike Fighters 2 Guns Editor May 2011 "Strike Fighters 2 Israel" = Strike Fighters 2 Israel "Strike Fighters 2 North Atlantic" = Strike Fighters 2 North Atlantic "Strike Fighters 2 Vietnam" = Strike Fighters 2 Vietnam "Strike Fighters 2 Weapons Editor" = Strike Fighters 2 Weapons Editor Aug 2011 "SumatraPDF" = SumatraPDF "VLC media player" = VLC media player "Zombie Driver HD - Complete Edition_is1" = Zombie Driver HD - Complete Edition [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{a0a4ee0b-3284-483d-93ce-7bf190eacc8c}" = Citra "Photoscape Packages" = Photoscape Packages "ROTR Beta 1.85" = ROTR Beta 1.85 "ROTR Map Pack V2.0" = ROTR Map Pack V2.0 "uTorrent" = µTorrent [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2018-07-19 10:10:09 | Computer Name = laptop | Source = ESENT | ID = 455 Description = Windows (4016) Windows: Wystąpił błąd -1811 podczas otwierania pliku dziennika C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS0059B.log. Error - 2018-07-19 10:10:10 | Computer Name = laptop | Source = Windows Search Service | ID = 9000 Description = Error - 2018-07-19 10:10:10 | Computer Name = laptop | Source = Windows Search Service | ID = 7040 Description = Error - 2018-07-19 10:10:10 | Computer Name = laptop | Source = Windows Search Service | ID = 7042 Description = Error - 2018-07-19 10:10:10 | Computer Name = laptop | Source = Windows Search Service | ID = 9002 Description = Error - 2018-07-19 10:10:10 | Computer Name = laptop | Source = Windows Search Service | ID = 3029 Description = Error - 2018-07-19 10:10:14 | Computer Name = laptop | Source = Windows Search Service | ID = 3029 Description = Error - 2018-07-19 10:10:14 | Computer Name = laptop | Source = Windows Search Service | ID = 3028 Description = Error - 2018-07-19 10:10:14 | Computer Name = laptop | Source = Windows Search Service | ID = 3058 Description = Error - 2018-07-19 10:10:14 | Computer Name = laptop | Source = Windows Search Service | ID = 7010 Description = [ System Events ] Error - 2018-07-19 10:09:44 | Computer Name = laptop | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Spybot-S&D 2 Security Center Service z powodu następującego błędu: %%577 Error - 2018-07-19 10:10:15 | Computer Name = laptop | Source = Service Control Manager | ID = 7024 Description = Usługa Windows Search zakończyła działanie; wystąpił specyficzny dla niej błąd %%-1073473535. Error - 2018-07-19 10:10:15 | Computer Name = laptop | Source = Service Control Manager | ID = 7031 Description = Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. < End of report >