Problem, chyba ściągłem sobie wirusa

[Slawko]

Witam

Przy okazji ściągania programu do konwertowania plików ściągnąłem chyba jakiegoś wirusa. Antywirus w ostatniej chwili alarmował o robaku. Później przeglądarka zaczęła wariować. Uruchomiłem ponownie komputer. Zalogowałem się zastałem czarny ekran zero ikonek dostępu do czegokolwiek. Umiałem tylko włączyć managera zadań i wyłączyć komputer. Poza tym uruchamia się program pc mechanic 2015 i wylicza mi błędy na kompie po czym otwiera przeglądarkę i przekierowuje na stronkę gdzie mogę kupić odpowiednie oprogramowanie. Tutaj zamieszczam link:

http://www.uniblue.com/cm/oc/pcmechanicpm/pcm_roe/purchase/?app_pm_button=pm-live-update&app_pm_registry=752&app_pm_junk_total=367&app_pm_junk_size=776675628&app_pm_startup=5&app_pm_speed_issues=27&language=en&app_pm_os=win7

Jestem laikiem w takich sprawach stąd moje duże wątpliwości cze jestem sam sobie z tym poradzić puki co nie wiem od czego zacząć. Proszę więc o pomoc, jakiś przewodnik jak to naprawić czy może od razu oddać komputer do serwisu?
Z góry dzięki
Sławek

[PLUser]

Jak sie nie jest ostrożnym i nie patrzy co jest wciskane podczas instalacji, to zawsze wirusy, trojany, toolbary i fałszywe programy zainstalują sie razem z programem który jest instalowany przez użytkownika. Najlepsza rada przy instalacji kolejnych programów to: Wybranie instalacji użytkownika, pomijać i odznaczać wszystkie przyciski dotyczące zmiany ustawień przeglądarki, instalacji niechcianych programów, instalacji toolbara czy nawet fałszywego programu.

[ordynat]

Uruchom komputer w Trybie Awaryjnym (F8 przed startem Systemu).

Zrób logi z FRST > http://forum.programosy.pl/frst-otl-zoek-vt139692.html
Przed skanem zaznacz "Additional" oraz "Shortcut"
.

[Slawko]

Witam
zrobiłem scan:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-04-2015
Ran by qwerty (administrator) on QWERTY-KOMPUTER on 19-04-2015 12:22:00
Running from C:\Users\qwerty\Desktop
Loaded Profiles: qwerty (Available profiles: qwerty & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polski (Polska)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Pokki) C:\Users\qwerty\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe
(Pokki) C:\Users\qwerty\AppData\Local\Pokki\Engine\HostAppService.exe
(Price Fountain) C:\Users\qwerty\AppData\Local\PriceFountain\pricefountainw.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Pokki) C:\Users\qwerty\AppData\Local\Pokki\Engine\HostAppService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Pokki) C:\Users\qwerty\AppData\Local\Pokki\Engine\StartMenuIndexer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12632168 2011-07-21] (Realtek Semiconductor)
HKLM-x32\...\Run: [NPSStartup] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227648 2015-03-30] (AVAST Software)
HKLM-x32\...\RunOnce: [PriceFountain] => C:\Windows\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\qwerty\AppData\Roaming\PriceFountain\UpdateProc\bkup.dat"
HKU\S-1-5-21-3444423886-3902486669-11926437-1000\...\Run: [Pokki] => "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON
HKU\S-1-5-21-3444423886-3902486669-11926437-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-3444423886-3902486669-11926437-1000\...\Run: [pricefountainw.exe] => C:\Users\qwerty\AppData\Local\PriceFountain\pricefountainw.exe [464384 2015-04-16] (Price Fountain)
HKU\S-1-5-21-3444423886-3902486669-11926437-1000\...\RunOnce: [PriceFountain] => C:\Windows\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\qwerty\AppData\Roaming\PriceFountain\UpdateProc\bkup.dat"
HKU\S-1-5-21-3444423886-3902486669-11926437-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [osk.exe] => C:\Windows\system32\osk.exe [692736 2014-06-18] (Microsoft Corporation)
AppInit_DLLs-x32: c:\progra~3\browse~1\261249~1.132\{c16c1~1\browse~1.dll => "c:\progra~3\browse~1\261249~1.132\{c16c1~1\browse~1.dll" File Not Found
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => No File
ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => No File
ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => No File
ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => No File
ShellIconOverlayIdentifiers: [Uchwyt nakładania ikony podpisu cyfrowego] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://do-search.com/?type=hp&ts=1429306441&from=cor&uid=WDCXWD5000AAKX-001CA0_WD-WMAYUD21715417154
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://do-search.com/?type=hp&ts=1429306441&from=cor&uid=WDCXWD5000AAKX-001CA0_WD-WMAYUD21715417154
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://do-search.com/web/?type=ds&ts=1429306441&from=cor&uid=WDCXWD5000AAKX-001CA0_WD-WMAYUD21715417154&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://do-search.com/web/?type=ds&ts=1429306441&from=cor&uid=WDCXWD5000AAKX-001CA0_WD-WMAYUD21715417154&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://do-search.com/?type=hp&ts=1429306441&from=cor&uid=WDCXWD5000AAKX-001CA0_WD-WMAYUD21715417154
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://do-search.com/?type=hp&ts=1429306441&from=cor&uid=WDCXWD5000AAKX-001CA0_WD-WMAYUD21715417154
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://do-search.com/web/?type=ds&ts=1429306441&from=cor&uid=WDCXWD5000AAKX-001CA0_WD-WMAYUD21715417154&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://do-search.com/web/?type=ds&ts=1429306441&from=cor&uid=WDCXWD5000AAKX-001CA0_WD-WMAYUD21715417154&q={searchTerms}
HKU\S-1-5-21-3444423886-3902486669-11926437-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://do-search.com/?type=hp&ts=1429306441&from=cor&uid=WDCXWD5000AAKX-001CA0_WD-WMAYUD21715417154
HKU\S-1-5-21-3444423886-3902486669-11926437-1000\Software\Microsoft\Internet Explorer\Main,Start Page Restore = http://home.sweetim.com/?barid={FD42A1D3-6C5E-4DBF-B556-03A4B8EC8E20}
HKU\S-1-5-21-3444423886-3902486669-11926437-1000\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.delta-search.com/?affID=119535&tt=171011_prot~171011_prot&babsrc=HP_ss&mntrId=76149bb200000000000050e549c241a4
HKU\S-1-5-21-3444423886-3902486669-11926437-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://do-search.com/?type=hp&ts=1429306441&from=cor&uid=WDCXWD5000AAKX-001CA0_WD-WMAYUD21715417154
URLSearchHook: HKU\S-1-5-21-3444423886-3902486669-11926437-1000 - (No Name) - {d43723ae-1ae1-4a25-a6a4-bf0929273cab} - No File
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://do-search.com/web/?type=ds&ts=1429306441&from=cor&uid=WDCXWD5000AAKX-001CA0_WD-WMAYUD21715417154&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://do-search.com/web/?type=ds&ts=1429306441&from=cor&uid=WDCXWD5000AAKX-001CA0_WD-WMAYUD21715417154&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://do-search.com/web/?type=ds&ts=1429306441&from=cor&uid=WDCXWD5000AAKX-001CA0_WD-WMAYUD21715417154&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://do-search.com/web/?type=ds&ts=1429306441&from=cor&uid=WDCXWD5000AAKX-001CA0_WD-WMAYUD21715417154&q={searchTerms}
SearchScopes: HKLM-x32 -> {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = http://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20120325122043025&tb_oid=25-03-2012&tb_mrud=25-03-2012
SearchScopes: HKU\S-1-5-21-3444423886-3902486669-11926437-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://do-search.com/web/?type=ds&ts=1429306441&from=cor&uid=WDCXWD5000AAKX-001CA0_WD-WMAYUD21715417154&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3444423886-3902486669-11926437-1000 -> bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-3444423886-3902486669-11926437-1000 -> {0388404D-6072-4CEB-B521-8F090FEAEE57} URL = http://klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=PL&install_date=20120325&user_guid=F19A7642EF354F1AB5FED3D3C2189E3B&machine_id=fafcd72463c024412cd56b5d25223ff3&browser=IE&os=win&os_version=6.1-x64-SP1&iesrc={referrer:source}
SearchScopes: HKU\S-1-5-21-3444423886-3902486669-11926437-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.delta-search.com/?q={searchTerms}&affID=119535&tt=171011_prot~171011_prot&babsrc=SP_ss&mntrId=76149bb200000000000050e549c241a4
SearchScopes: HKU\S-1-5-21-3444423886-3902486669-11926437-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://do-search.com/web/?type=ds&ts=1429306441&from=cor&uid=WDCXWD5000AAKX-001CA0_WD-WMAYUD21715417154&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3444423886-3902486669-11926437-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={59152CEE-99E4-49FD-B3C2-7B3B63E57F50}&mid=33f922a2a43b47d0bd4a81ac0f26a857-cc2fcc4c12a3299e5ecdd56e7fc9a989a7c57740&lang=pl&ds=AVG&pr=fr&d=2013-01-22 07:27:38&v=14.0.2.14&pid=avg&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3444423886-3902486669-11926437-1000 -> {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = http://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20120325122043025&tb_oid=25-03-2012&tb_mrud=25-03-2012
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-12-26] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-12-26] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: PriceFountain -> {b608cc98-54de-4775-96c9-097de398500c} -> C:\Users\qwerty\AppData\Local\PriceFountain\PriceFountainIE.dll [2015-03-12] ()
Toolbar: HKLM-x32 - @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\Program Files (x86)\No1 Video Converter\msdxm.ocx [2000-04-20] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-3444423886-3902486669-11926437-1000 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
Handler-x32: vnd.ms.radio - {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\Program Files (x86)\No1 Video Converter\msdxm.ocx [2000-04-20] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.10.81.124 192.166.202.10
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.dosearches.com/?utm_source=b&utm_medium=cor&utm_campaign=rg&utm_content=sc&from=cor&uid=WDCXWD5000AAKX-001CA0_WD-WMAYUD21715417154&ts=1383973410

FireFox:
========
FF ProfilePath: C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: do-search
FF DefaultSearchUrl: hxxp://search.conduit.com/ResultsExt.aspx?SSPV=FFOB6&ctid=CT2481033&SearchSource=3&q={searchTerms}
FF SelectedSearchEngine: do-search
FF Homepage: hxxp://do-search.com/?type=hp&ts=1429306441&from=cor&uid=WDCXWD5000AAKX-001CA0_WD-WMAYUD21715417154
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-09-04] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-09-04] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\searchplugins\babylon.xml [2013-05-02]
FF SearchPlugin: C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\searchplugins\BrowserProtect.xml [2013-05-02]
FF SearchPlugin: C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\searchplugins\conduit.xml [2012-04-19]
FF SearchPlugin: C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\searchplugins\delta.xml [2013-02-27]
FF SearchPlugin: C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\searchplugins\do-search.xml [2015-04-19]
FF SearchPlugin: C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\searchplugins\freemake.xml [2013-04-05]
FF SearchPlugin: C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\searchplugins\sweetim.xml [2012-03-25]
FF SearchPlugin: C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\searchplugins\yahoo-zugo.xml [2012-03-25]
FF Extension: Babylon - C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\Extensions\ffxtlbr@babylon.com [2012-07-14]
FF Extension: No Name - C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\Extensions\quick_searchff@gmail.com [2015-04-17]
FF Extension: Search Enginer - C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\Extensions\sweetsearch@gmail.com [2015-04-17]
FF Extension: PriceFountain - C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\Extensions\{b6a94784-0ffb-4121-88c6-435139067ee2}.xpi [2015-04-17]
FF Extension: Adblock Plus - C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-10-16]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: No Name - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-04-05]
FF HKLM-x32\...\Firefox\Extensions: [quick_searchff@gmail.com] - C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\extensions\quick_searchff@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [sweetsearch@gmail.com] - C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\extensions\sweetsearch@gmail.com

Chrome:
=======
CHR HomePage: Default -> https://www.google.pl/
CHR StartupUrls: Default -> "hxxp://do-search.com/?type=hp&ts=1429306441&from=cor&uid=WDCXWD5000AAKX-001CA0_WD-WMAYUD21715417154"
CHR DefaultSearchKeyword: Default -> do-search
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\qwerty\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avast Online Security) - C:\Users\qwerty\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-04-05]
CHR Extension: (SweetIM for Facebook) - C:\Users\qwerty\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn [2013-05-28]
CHR Extension: (Google Wallet) - C:\Users\qwerty\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-20]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-26]
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\qwerty\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx [2012-03-25]
CHR HKLM-x32\...\Chrome\Extension: [pgafcinpmmpklohkojmllohdhomoefph] - C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-26] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-12-26] (Avast Software)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2012-04-19] () [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 BrowserProtect; C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-26] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-26] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-26] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-26] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-26] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-26] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-26] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-26] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-03-20] (DT Soft Ltd)
S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] ()
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-12-26] (Avast Software)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 EtronHub3; System32\Drivers\EtronHub3.sys [X]
S3 EtronXHCI; System32\Drivers\EtronXHCI.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-19 12:22 - 2015-04-19 12:22 - 00021756 _____ () C:\Users\qwerty\Desktop\FRST.txt
2015-04-19 12:09 - 2015-04-19 12:22 - 00000000 ___DC () C:\FRST
2015-04-19 12:07 - 2015-04-19 12:06 - 02098176 _____ (Farbar) C:\Users\qwerty\Desktop\FRST64.exe
2015-04-19 12:06 - 2015-04-19 12:06 - 02098176 _____ (Farbar) C:\Users\qwerty\Downloads\FRST64.exe
2015-04-19 10:56 - 2015-04-19 10:56 - 00000197 _____ () C:\Windows\system32\2015-04-19-08-56-25.089-AvastVBoxSVC.exe-2736.log
2015-04-18 19:48 - 2015-04-18 19:48 - 00000197 _____ () C:\Windows\system32\2015-04-18-17-48-39.057-AvastVBoxSVC.exe-2372.log
2015-04-18 14:51 - 2015-04-18 14:52 - 00002221 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-18 14:51 - 2015-04-18 14:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-04-18 14:50 - 2015-04-19 11:55 - 00001048 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-18 14:50 - 2015-04-19 10:54 - 00001044 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-18 14:50 - 2015-04-18 14:50 - 00880208 _____ (Google Inc.) C:\Users\qwerty\Desktop\ChromeSetup.exe
2015-04-18 14:50 - 2015-04-18 14:50 - 00004044 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-04-18 14:50 - 2015-04-18 14:50 - 00003792 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-04-18 14:49 - 2015-04-18 14:49 - 00000000 ____D () C:\Users\qwerty\AppData\Local\Avg2013
2015-04-18 13:18 - 2015-04-18 13:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-18 12:18 - 2015-04-18 12:18 - 00000197 _____ () C:\Windows\system32\2015-04-18-10-18-01.055-AvastVBoxSVC.exe-2328.log
2015-04-18 07:18 - 2015-04-18 07:18 - 00000197 _____ () C:\Windows\system32\2015-04-18-05-18-27.072-AvastVBoxSVC.exe-2804.log
2015-04-18 07:09 - 2015-04-18 07:09 - 00000197 _____ () C:\Windows\system32\2015-04-18-05-09-29.014-AvastVBoxSVC.exe-2232.log
2015-04-17 23:52 - 2015-04-17 23:52 - 00000197 _____ () C:\Windows\system32\2015-04-17-21-52-45.017-AvastVBoxSVC.exe-2244.log
2015-04-17 23:42 - 2015-04-17 23:43 - 00000197 _____ () C:\Windows\system32\2015-04-17-21-42-59.043-AvastVBoxSVC.exe-2180.log
2015-04-17 23:35 - 2015-04-17 23:35 - 00000000 ____D () C:\Users\qwerty\Documents\Anvsoft
2015-04-17 23:35 - 2015-04-17 23:35 - 00000000 ____D () C:\Users\qwerty\AppData\Roaming\AnvsoftPdfTools
2015-04-17 23:34 - 2015-04-19 11:35 - 00000296 _____ () C:\Windows\Tasks\Price Fountain.job
2015-04-17 23:34 - 2015-04-17 23:34 - 36546096 _____ (pdfmate.com ) C:\Users\qwerty\Downloads\setup_free_pdf_converter.exe
2015-04-17 23:34 - 2015-04-17 23:34 - 00003252 _____ () C:\Windows\System32\Tasks\Price Fountain
2015-04-17 23:34 - 2015-04-17 23:34 - 00000000 ____D () C:\Users\qwerty\AppData\Roaming\PriceFountain
2015-04-17 23:34 - 2015-04-17 23:34 - 00000000 ____D () C:\Users\qwerty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PriceFountain
2015-04-17 23:34 - 2015-04-17 23:34 - 00000000 ____D () C:\Users\qwerty\AppData\Roaming\do-search
2015-04-17 23:34 - 2015-04-17 23:34 - 00000000 ____D () C:\Users\qwerty\AppData\Local\PriceFountain
2015-04-17 23:34 - 2015-04-17 23:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft
2015-04-17 23:34 - 2015-04-17 23:34 - 00000000 ____D () C:\Program Files (x86)\AnvSoft
2015-04-17 23:32 - 2015-04-17 23:32 - 00738232 _____ (Generic internet ) C:\Users\qwerty\Downloads\PDFMate-Free-PDF-Converter(34070)-dp.exe
2015-04-17 22:54 - 2015-04-17 22:54 - 00000000 ____D () C:\Users\qwerty\Desktop\puław
2015-04-17 22:53 - 2015-04-17 22:53 - 05378871 _____ () C:\Users\qwerty\Downloads\skany.rar
2015-04-17 22:53 - 2015-04-17 22:53 - 00863742 _____ () C:\Users\qwerty\Downloads\2 plan sytuacyjny v10 do zieleni.dwg
2015-04-17 22:53 - 2015-04-17 22:53 - 00716996 _____ () C:\Users\qwerty\Downloads\mapa pulawy 042015.dwg
2015-04-17 22:53 - 2015-04-17 22:53 - 00086597 _____ () C:\Users\qwerty\Downloads\drzewa pow 10 lat - Puławy.dxf
2015-04-17 22:43 - 2015-04-17 22:43 - 00000197 _____ () C:\Windows\system32\2015-04-17-20-43-20.096-AvastVBoxSVC.exe-2224.log
2015-04-16 22:53 - 2015-04-16 22:54 - 00000197 _____ () C:\Windows\system32\2015-04-16-20-53-55.051-AvastVBoxSVC.exe-2176.log
2015-04-15 17:59 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 17:59 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 17:59 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 17:59 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 17:59 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 17:59 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 17:59 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 17:59 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 17:59 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 17:59 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 17:59 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 17:59 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-15 17:59 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-15 17:59 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-15 17:59 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-15 17:59 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-15 17:58 - 2015-04-02 02:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-15 17:58 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-15 17:58 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 17:58 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 17:58 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 17:58 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 17:58 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 17:58 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-15 17:58 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 17:58 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 17:58 - 2015-03-17 07:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 17:58 - 2015-03-17 07:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-15 17:58 - 2015-03-17 07:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-15 17:58 - 2015-03-17 07:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 17:58 - 2015-03-17 07:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-15 17:58 - 2015-03-17 07:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-15 17:58 - 2015-03-17 07:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-15 17:58 - 2015-03-17 07:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-15 17:58 - 2015-03-17 07:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-15 17:58 - 2015-03-17 07:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-15 17:58 - 2015-03-17 07:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-15 17:58 - 2015-03-17 07:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-15 17:58 - 2015-03-17 07:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-15 17:58 - 2015-03-17 07:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-15 17:58 - 2015-03-17 07:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-15 17:58 - 2015-03-17 07:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-15 17:58 - 2015-03-17 07:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-15 17:58 - 2015-03-17 07:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-15 17:58 - 2015-03-17 07:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-15 17:58 - 2015-03-17 07:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-15 17:58 - 2015-03-17 07:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-15 17:58 - 2015-03-17 07:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-15 17:58 - 2015-03-17 07:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-15 17:58 - 2015-03-17 07:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-15 17:58 - 2015-03-17 07:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-15 17:58 - 2015-03-17 07:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-15 17:58 - 2015-03-17 07:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-15 17:58 - 2015-03-17 07:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-15 17:58 - 2015-03-17 07:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-15 17:58 - 2015-03-17 07:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-15 17:58 - 2015-03-17 07:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-15 17:58 - 2015-03-17 07:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-15 17:58 - 2015-03-17 07:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-15 17:58 - 2015-03-17 07:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-15 17:58 - 2015-03-17 07:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 07:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-15 17:58 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-15 17:58 - 2015-03-17 06:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-15 17:58 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-15 17:58 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-15 17:58 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-15 17:58 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-15 17:58 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-15 17:58 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-15 17:58 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-15 17:58 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-15 17:58 - 2015-03-17 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-15 17:58 - 2015-03-17 06:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-15 17:58 - 2015-03-17 06:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-15 17:58 - 2015-03-17 06:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-15 17:58 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-15 17:58 - 2015-03-17 06:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-15 17:58 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-15 17:58 - 2015-03-17 06:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-15 17:58 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-15 17:58 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-15 17:58 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-15 17:58 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-15 17:58 - 2015-03-17 06:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 06:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 05:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-15 17:58 - 2015-03-17 05:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-15 17:58 - 2015-03-17 05:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 05:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 17:58 - 2015-03-17 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 17:58 - 2015-03-13 06:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-15 17:58 - 2015-03-13 06:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 17:58 - 2015-03-13 06:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-15 17:58 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 17:58 - 2015-03-13 06:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-15 17:58 - 2015-03-13 06:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-15 17:58 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 17:58 - 2015-03-13 06:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-15 17:58 - 2015-03-13 06:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-15 17:58 - 2015-03-13 05:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-15 17:58 - 2015-03-13 05:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-15 17:58 - 2015-03-13 05:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-15 17:58 - 2015-03-13 05:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-15 17:58 - 2015-03-13 05:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-15 17:58 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 17:58 - 2015-03-13 05:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 17:58 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-15 17:58 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-15 17:58 - 2015-03-13 05:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-15 17:58 - 2015-03-13 05:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 17:58 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-15 17:58 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-15 17:58 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-15 17:58 - 2015-03-13 05:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-15 17:58 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-15 17:58 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 17:58 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-15 17:58 - 2015-03-13 05:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-15 17:58 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-15 17:58 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-15 17:58 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-15 17:58 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-15 17:58 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-15 17:58 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-15 17:58 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-15 17:58 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 17:58 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-15 17:58 - 2015-03-13 05:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-15 17:58 - 2015-03-13 05:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-15 17:58 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-15 17:58 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 17:58 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-15 17:58 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-15 17:58 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-15 17:58 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-15 17:58 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 17:58 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-15 17:58 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-15 17:58 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-15 17:58 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-15 17:58 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 17:58 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-15 17:58 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-15 17:58 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-15 17:58 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-15 17:58 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 17:58 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-15 17:58 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-15 17:58 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-15 17:58 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 17:58 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-15 17:58 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-15 17:57 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 17:56 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 17:56 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 17:56 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-15 17:49 - 2015-04-15 17:49 - 00000197 _____ () C:\Windows\system32\2015-04-15-15-49-09.017-AvastVBoxSVC.exe-2100.log
2015-04-14 22:44 - 2015-04-14 22:44 - 00000197 _____ () C:\Windows\system32\2015-04-14-20-44-47.033-AvastVBoxSVC.exe-2216.log
2015-04-14 09:38 - 2015-04-14 09:38 - 00000197 _____ () C:\Windows\system32\2015-04-14-07-38-36.042-AvastVBoxSVC.exe-2160.log
2015-04-13 14:52 - 2015-04-13 14:53 - 00000197 _____ () C:\Windows\system32\2015-04-13-12-52-50.003-AvastVBoxSVC.exe-2352.log
2015-04-12 04:47 - 2015-04-12 04:47 - 00000197 _____ () C:\Windows\system32\2015-04-12-02-47-12.099-AvastVBoxSVC.exe-2264.log
2015-04-11 14:12 - 2015-04-11 14:12 - 00000197 _____ () C:\Windows\system32\2015-04-11-12-12-13.080-AvastVBoxSVC.exe-2132.log
2015-04-11 06:34 - 2015-04-11 06:34 - 00000197 _____ () C:\Windows\system32\2015-04-11-04-34-14.063-AvastVBoxSVC.exe-2104.log
2015-04-10 13:44 - 2015-04-10 13:45 - 00000197 _____ () C:\Windows\system32\2015-04-10-11-44-43.011-AvastVBoxSVC.exe-2096.log
2015-04-09 12:31 - 2015-04-09 12:31 - 00000197 _____ () C:\Windows\system32\2015-04-09-10-31-15.028-AvastVBoxSVC.exe-2200.log
2015-04-08 16:04 - 2015-04-08 16:04 - 00000000 ____D () C:\Users\qwerty\Documents\Stronghold Kingdoms
2015-04-08 16:04 - 2015-04-08 16:04 - 00000000 ____D () C:\Users\qwerty\AppData\Roaming\Firefly Studios
2015-04-08 16:04 - 2015-04-08 16:04 - 00000000 ____D () C:\Users\qwerty\AppData\Local\Geckofx
2015-04-08 15:56 - 2015-04-08 15:56 - 00000000 ____D () C:\ProgramData\Firefly Studios
2015-04-08 15:52 - 2015-04-08 15:53 - 20677928 _____ (Firefly Studios ) C:\Users\qwerty\Downloads\StrongholdKingdoms-Setup.exe
2015-04-08 13:54 - 2015-04-08 13:54 - 00000197 _____ () C:\Windows\system32\2015-04-08-11-54-40.015-AvastVBoxSVC.exe-2180.log
2015-04-07 09:09 - 2015-04-07 09:09 - 00000197 _____ () C:\Windows\system32\2015-04-07-07-09-13.067-AvastVBoxSVC.exe-2120.log
2015-04-06 21:40 - 2015-04-06 21:40 - 00000197 _____ () C:\Windows\system32\2015-04-06-19-40-24.076-AvastVBoxSVC.exe-2176.log
2015-04-06 17:15 - 2015-04-06 17:24 - 00000000 ____D () C:\Users\qwerty\Desktop\składanka
2015-04-06 16:38 - 2015-04-06 16:39 - 50544368 _____ () C:\Users\qwerty\Downloads\08 - One More Time , Aerodynamic.flac
2015-04-06 16:33 - 2015-04-06 16:33 - 00002212 _____ () C:\Users\qwerty\Downloads\Alive 2007.cue
2015-04-06 16:32 - 2015-04-06 16:35 - 39209725 _____ () C:\Users\qwerty\Downloads\02 - Touch It , Technologic.flac
2015-04-06 16:32 - 2015-04-06 16:35 - 36487284 _____ () C:\Users\qwerty\Downloads\03 - Television Rules The Nation , Crescendolls.flac
2015-04-06 16:32 - 2015-04-06 16:34 - 23759905 _____ () C:\Users\qwerty\Downloads\09 - Aerodynamic Beats , Forget About The World.flac
2015-04-06 16:32 - 2015-04-06 16:33 - 00001277 _____ () C:\Users\qwerty\Downloads\Daft Punk - Alive 2007.m3u
2015-04-06 16:28 - 2015-04-06 16:31 - 52987230 _____ () C:\Users\qwerty\Downloads\04 - Too Long , Steam Machine.flac
2015-04-06 16:28 - 2015-04-06 16:31 - 52640206 _____ () C:\Users\qwerty\Downloads\06 - Burnin' , Too Long.flac
2015-04-06 16:28 - 2015-04-06 16:31 - 46480378 _____ () C:\Users\qwerty\Downloads\01 - Robot Rock , Oh Yeah.flac
2015-04-06 16:22 - 2015-04-06 16:22 - 49422701 _____ () C:\Users\qwerty\Downloads\11 - Da Funk , Daftendirekt.flac
2015-04-06 10:18 - 2015-04-06 10:18 - 00000197 _____ () C:\Windows\system32\2015-04-06-08-18-13.081-AvastVBoxSVC.exe-2236.log
2015-04-05 09:41 - 2015-04-05 09:41 - 00000197 _____ () C:\Windows\system32\2015-04-05-07-41-15.028-AvastVBoxSVC.exe-2088.log
2015-04-05 00:04 - 2015-04-05 00:04 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-05 00:04 - 2015-04-05 00:04 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-04 09:21 - 2015-04-04 09:21 - 00000197 _____ () C:\Windows\system32\2015-04-04-07-21-21.091-AvastVBoxSVC.exe-2784.log
2015-04-03 22:41 - 2015-04-03 22:41 - 00000197 _____ () C:\Windows\system32\2015-04-03-20-41-22.096-AvastVBoxSVC.exe-2092.log
2015-04-03 09:55 - 2015-04-03 09:56 - 00000197 _____ () C:\Windows\system32\2015-04-03-07-55-39.086-AvastVBoxSVC.exe-1880.log
2015-04-03 05:42 - 2015-04-03 05:42 - 00000197 _____ () C:\Windows\system32\2015-04-03-03-42-15.035-AvastVBoxSVC.exe-2120.log
2015-04-02 22:43 - 2015-04-02 22:44 - 00000197 _____ () C:\Windows\system32\2015-04-02-20-43-56.058-AvastVBoxSVC.exe-2284.log
2015-04-02 08:20 - 2015-04-02 08:20 - 00000197 _____ () C:\Windows\system32\2015-04-02-06-20-13.001-AvastVBoxSVC.exe-1640.log
2015-04-01 15:03 - 2015-04-01 15:04 - 00000197 _____ () C:\Windows\system32\2015-04-01-13-03-46.088-AvastVBoxSVC.exe-2176.log
2015-03-31 16:17 - 2015-03-31 16:17 - 00000197 _____ () C:\Windows\system32\2015-03-31-14-17-20.041-AvastVBoxSVC.exe-2396.log
2015-03-30 08:12 - 2015-03-30 08:12 - 00000197 _____ () C:\Windows\system32\2015-03-30-06-12-18.001-AvastVBoxSVC.exe-2180.log
2015-03-29 15:29 - 2015-03-29 15:29 - 00000197 _____ () C:\Windows\system32\2015-03-29-13-29-00.091-AvastVBoxSVC.exe-2056.log
2015-03-28 15:42 - 2015-03-28 15:43 - 00000197 _____ () C:\Windows\system32\2015-03-28-13-42-30.044-AvastVBoxSVC.exe-2128.log
2015-03-27 22:37 - 2015-03-27 22:37 - 00000197 _____ () C:\Windows\system32\2015-03-27-20-37-03.088-AvastVBoxSVC.exe-2388.log
2015-03-27 10:34 - 2015-03-27 10:34 - 00000197 _____ () C:\Windows\system32\2015-03-27-08-34-14.052-AvastVBoxSVC.exe-2180.log
2015-03-27 08:21 - 2015-03-27 08:21 - 00000197 _____ () C:\Windows\system32\2015-03-27-06-21-32.099-AvastVBoxSVC.exe-1868.log
2015-03-26 13:49 - 2015-03-26 13:49 - 00000197 _____ () C:\Windows\system32\2015-03-26-11-49-15.074-AvastVBoxSVC.exe-2148.log
2015-03-25 15:56 - 2015-03-25 15:57 - 00000197 _____ () C:\Windows\system32\2015-03-25-13-56-23.022-AvastVBoxSVC.exe-2196.log
2015-03-24 15:03 - 2015-03-24 15:03 - 00000197 _____ () C:\Windows\system32\2015-03-24-13-03-17.042-AvastVBoxSVC.exe-2156.log
2015-03-23 12:56 - 2015-03-23 12:56 - 00000197 _____ () C:\Windows\system32\2015-03-23-10-56-02.077-AvastVBoxSVC.exe-2316.log
2015-03-22 13:51 - 2015-03-22 13:51 - 00000197 _____ () C:\Windows\system32\2015-03-22-11-51-21.067-AvastVBoxSVC.exe-2336.log
2015-03-21 10:40 - 2015-03-21 10:40 - 00000197 _____ () C:\Windows\system32\2015-03-21-08-40-39.034-AvastVBoxSVC.exe-2152.log
2015-03-20 10:42 - 2015-03-20 10:42 - 00000197 _____ () C:\Windows\system32\2015-03-20-08-42-54.022-AvastVBoxSVC.exe-2200.log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-19 12:15 - 2012-03-20 00:39 - 01472784 _____ () C:\Windows\WindowsUpdate.log
2015-04-19 12:00 - 2014-05-14 23:25 - 00000000 ____D () C:\Users\qwerty\AppData\Local\Pokki
2015-04-19 11:44 - 2012-08-23 17:45 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-19 11:02 - 2009-07-14 06:45 - 00029120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-19 11:02 - 2009-07-14 06:45 - 00029120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-19 10:54 - 2013-06-03 09:06 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2015-04-19 10:54 - 2012-03-20 00:46 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-19 10:54 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-19 00:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-04-19 00:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-18 19:46 - 2012-04-26 07:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-18 15:04 - 2012-03-20 02:56 - 00000000 ____D () C:\ProgramData\MFAData
2015-04-18 14:51 - 2012-03-20 18:10 - 00000000 ____D () C:\Program Files (x86)\Google
2015-04-18 14:47 - 2015-03-06 10:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
2015-04-18 13:49 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-04-17 23:34 - 2013-04-05 12:14 - 00000000 ____D () C:\Users\qwerty\AppData\Roaming\OpenCandy
2015-04-17 22:48 - 2011-04-12 15:21 - 00740422 _____ () C:\Windows\system32\perfh015.dat
2015-04-17 22:48 - 2011-04-12 15:21 - 00155996 _____ () C:\Windows\system32\perfc015.dat
2015-04-17 22:48 - 2009-07-14 07:13 - 01670518 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-16 22:51 - 2014-12-24 14:33 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-16 22:51 - 2014-05-06 20:49 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-16 22:51 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-16 00:53 - 2012-03-25 10:28 - 01642188 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-16 00:52 - 2013-09-09 09:28 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-16 00:46 - 2013-09-09 09:28 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-15 18:44 - 2012-08-23 17:45 - 00003868 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-15 18:44 - 2012-08-06 17:33 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-15 18:44 - 2012-03-19 21:12 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-15 01:27 - 2014-03-05 14:57 - 00000000 ____D () C:\Users\qwerty\AppData\Local\Battle.net
2015-04-12 14:27 - 2014-04-05 23:02 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-03-20 10:42 - 2014-05-14 23:25 - 00002241 _____ () C:\Users\qwerty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk

==================== Files in the root of some directories =======

2012-10-18 21:34 - 2013-04-05 10:22 - 0001057 _____ () C:\Users\qwerty\AppData\Roaming\vso_ts_preview.xml
2012-03-24 19:44 - 2013-04-05 12:27 - 0006144 _____ () C:\Users\qwerty\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-08-13 18:16 - 2012-08-13 18:16 - 0027520 _____ () C:\Users\qwerty\AppData\Local\dt.dat
2013-01-07 14:33 - 2013-01-07 14:33 - 0000000 _____ () C:\ProgramData\LauncherAccess.dt

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-15 18:42

==================== End Of Log ============================




Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-04-2015
Ran by qwerty at 2015-04-19 12:22:32
Running from C:\Users\qwerty\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.273 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Aktualizacje NVIDIA 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
ASUS nVidia Driver (x32 Version: 1.00.0000 - ASUSTek) Hidden
AutoCAD Civil 3D 2012 - Polski (HKLM\...\AutoCAD Civil 3D 2012 - Polski) (Version: 9.0.1619.0 - Autodesk)
AutoCAD Civil 3D 2012 - Polski (Version: 9.0.1619.0 - Autodesk) Hidden
Autodesk Design Review 2012 (HKLM-x32\...\Autodesk Design Review 2012) (Version: 12.0.0.93 - Autodesk, Inc.)
Autodesk Design Review 2012 (x32 Version: 12.0.0.93 - Autodesk, Inc.) Hidden
Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BrowserProtect (HKLM-x32\...\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}) (Version: - ) <==== ATTENTION
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.4.2.3442 - CDBurnerXP)
ConvertXtoDVD 4.1.19.365 (HKLM-x32\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.1.19.365 - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.3.0297 - DT Soft Ltd)
Diablo II (HKLM-x32\...\Diablo II) (Version: - Blizzard Entertainment)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
do-search uninstall (HKLM-x32\...\do-search uninstall) (Version: - do-search) <==== ATTENTION!
Dropbox (HKU\S-1-5-21-3444423886-3902486669-11926437-1000\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
Duel of Champions (HKU\S-1-5-21-3444423886-3902486669-11926437-1000\...\MMDoC-PDCLive) (Version: - Ubisoft)
Fotosizer 2.09 (HKLM-x32\...\Fotosizer) (Version: 2.09.0.548 - Fotosizer.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Heroes of Might and Magic II (HKLM-x32\...\{99D467AE-03D8-442C-AF74-EB5DA85DCA12}) (Version: 2.1 - )
Heroes of Might and Magic III - Złota Edycja (HKLM-x32\...\{8B743AA0-53B2-11D2-808A-00600895FB43}) (Version: 1.0 - )
Heroes of Might and Magic IV - Złota Edycja (HKLM-x32\...\{94B4E2D8-A184-415C-BF9E-F699D76466BD}) (Version: 3.0 - )
Heroes of Might and Magic V - Tribes of the East (HKLM-x32\...\{66FF4C48-0083-4E60-8556-B883AB200092}) (Version: - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
K-Lite Codec Pack 8.6.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 8.6.0 - )
Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual Basic Power Packs 3.0 (HKLM-x32\...\{7B4D193B-D76D-308B-8B12-5D9BB1CBCE6C}) (Version: 9.0.30214 - Microsoft)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{3bcf8c72-b231-4d28-9f39-3405c22d8b5a}) (Version: 11.0.61030.0 - Microsoft Corporation)
Movavi Video Converter 11 (HKLM-x32\...\Movavi Video Converter 11) (Version: 11.5.1 - Movavi)
Mozilla Firefox 37.0.1 (x86 pl) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 pl)) (Version: 37.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NC Launcher (GameForge) (HKLM-x32\...\NCLauncher_GameForge) (Version: - NCsoft)
Nero BurningROM 12 (HKLM-x32\...\{4AC7B4F3-1B75-4BA7-82C4-F9A22B430A3D}) (Version: 12.5.00900 - Nero AG)
NVIDIA 3D Vision Controller Driver 267.85 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 267.85 - NVIDIA Corporation)
NVIDIA Oprogramowanie systemu PhysX 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Sterownik 3D Vision 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Sterownik dźwięku HD 1.2.22.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.22.1 - NVIDIA Corporation)
NVIDIA Sterownik graficzny 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
Pakiet językowy programu AutoCAD Civil 3D 2012 – język polski (Version: 9.0.1619.0 - Autodesk) Hidden
Panel sterowania NVIDIA 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden
PDFMate PDF Converter 1.7.5 (HKLM-x32\...\PDFMate PDF Converter_is1) (Version: - pdfmate.com)
Pokki (HKU\S-1-5-21-3444423886-3902486669-11926437-1000\...\Pokki) (Version: 0.269.7.573 - Pokki)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
PriceFountain (remove only) (HKU\S-1-5-21-3444423886-3902486669-11926437-1000\...\PriceFountain) (Version: 1.1.1.6 - Price_Fountain) <==== ATTENTION!
Qtrax Player (HKLM-x32\...\{58C91689-85E3-4B25-ADEC-2697986DF817}) (Version: 1.00.0001 - Qtrax)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.46.531.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6423 - Realtek Semiconductor Corp.)
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version: - )
Samsung PC Studio 3 (x32 Version: 3.0.0.71009 - Samsung Electronics Co., Ltd.) Hidden
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.57a - Ghisler Software GmbH)
Update for PriceFountain (HKU\S-1-5-21-3444423886-3902486669-11926437-1000\...\Price Fountain) (Version: - Update for PriceFountain) <==== ATTENTION
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3444423886-3902486669-11926437-1000_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\Autodesk\AutoCAD Civil 3D 2012\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3444423886-3902486669-11926437-1000_Classes\CLSID\{B77E471C-FBF3-4CB5-880F-D7528AD4B349}\localserver32 -> C:\Program Files\Autodesk\AutoCAD Civil 3D 2012\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3444423886-3902486669-11926437-1000_Classes\CLSID\{C92FB640-AD4D-498A-9979-A51A2540C977}\localserver32 -> C:\Program Files\Autodesk\AutoCAD Civil 3D 2012\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3444423886-3902486669-11926437-1000_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\AutoCAD Civil 3D 2012\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3444423886-3902486669-11926437-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD Civil 3D 2012\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3444423886-3902486669-11926437-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\qwerty\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3444423886-3902486669-11926437-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\qwerty\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3444423886-3902486669-11926437-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\qwerty\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3444423886-3902486669-11926437-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\qwerty\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

==================== Restore Points =========================

06-03-2015 10:33:34 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
06-03-2015 16:52:25 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
05-04-2015 00:03:52 Windows Update
06-04-2015 16:42:28 Removed GstarCAD8.
08-04-2015 15:54:55 Zainstalowany program DirectX
10-04-2015 13:48:20 Windows Update
14-04-2015 09:42:28 Windows Update
16-04-2015 00:44:39 Windows Update
17-04-2015 23:34:55 Uniblue PC Mechanic installation
18-04-2015 07:08:51 Uniblue PC Mechanic installation

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {06906E2C-17A2-4613-9507-42070B0582DA} - System32\Tasks\Price Fountain => C:\Users\qwerty\AppData\Roaming\PriceFountain\UpdateProc\UpdateTask.exe [2015-04-17] ()
Task: {0DFF9DC5-204A-4708-B72D-2C3C7A92C5A8} - System32\Tasks\{13B7D7DF-26A0-4CB3-8188-2E0336E75526} => pcalua.exe -a C:\Users\qwerty\Desktop\ashampoo_firewall_sm_1.2-(dobreprogramy.pl).exe -d C:\Users\qwerty\Desktop
Task: {0E4889DC-D162-459A-AAE0-7A4DE6FD15C0} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {12086A72-A4B0-443E-A3CC-0918ACE41618} - System32\Tasks\{817CD78B-4E7C-4938-B018-C2E3D273229E} => E:\Gry\Diablo 2\Diablo II\D2Loader.exe [2010-07-22] (Tsinghua Unversity)
Task: {1AE9E2FB-03B1-4C8B-9F61-D2819B165B98} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{14A34389-08D0-4072-A406-51F003BB4A3F}.exe
Task: {200B25DE-0DD2-448D-BC69-13B0A0F89453} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-18] (Google Inc.)
Task: {38D8CBA5-A96B-47C7-9B4D-1D71BF1FEB12} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {59DD061D-F616-4D47-90FD-851B64EED0A4} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {7A7156D2-CEF2-4A97-9897-4EF97791C6BE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)
Task: {86A950D6-47FE-4F0D-AA04-570FD887F944} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {A78A2409-ED35-4FCC-84A1-E2854B3E32A4} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {B0751DC0-EDFF-49A0-A6FD-177E97A025CD} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-26] (AVAST Software)
Task: {B2675AF6-34D8-4E03-8C88-BD64E0760C3C} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {D4ED5160-F9CB-4FBE-AC60-720078544061} - \Program aktualizacji online firmy Adobe. No Task File <==== ATTENTION
Task: {EC13E2C0-C2CE-4BFE-95DE-DAFFF79E68A5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-18] (Google Inc.)
Task: {F2F55DB7-C7B0-4290-A59E-2C142722C124} - System32\Tasks\{3A222707-B40B-4B25-B65E-80A5F3F5D5F3} => D:\Programy\Autodesk Products 2012 Keygen 64bit.exe
Task: {F6E87692-9694-4C14-8A66-7DD2AE6E8FAE} - System32\Tasks\{C6E79BDA-E886-4108-8679-347BCA73A05C} => D:\Programy\Autodesk Products 2012 Keygen 64bit.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{14A34389-08D0-4072-A406-51F003BB4A3F}.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Price Fountain.job => C:\Users\qwerty\AppData\Roaming\PRICEF~1\UPDATE~1\UPDATE~1.EXE

==================== Loaded Modules (whitelisted) ==============

2012-11-19 17:54 - 2013-01-18 17:00 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-01-30 02:40 - 2010-01-30 02:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-12-26 12:54 - 2014-12-26 12:54 - 00388208 ____C () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2014-12-26 12:54 - 2014-12-26 12:54 - 05851328 ____C () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2015-01-21 04:06 - 2015-01-21 04:06 - 00057344 ____C () C:\Program Files\CCleaner\lang\lang-1045.dll
2015-04-17 22:43 - 2015-04-17 22:43 - 02926080 ____C () C:\Program Files\AVAST Software\Avast\defs\15041700\algo.dll
2014-12-26 12:54 - 2014-12-26 12:54 - 04495336 ____C () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2015-04-19 11:37 - 2015-04-19 11:37 - 02926080 ____C () C:\Program Files\AVAST Software\Avast\defs\15041900\algo.dll
2010-01-30 02:41 - 2010-01-30 02:41 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-04-18 14:51 - 2015-04-13 23:55 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\libglesv2.dll
2015-04-18 14:51 - 2015-04-13 23:55 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\libegl.dll
2015-04-18 14:51 - 2015-04-13 23:55 - 14980424 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\PepperFlash\pepflashplayer.dll
2015-03-13 17:19 - 2015-03-13 17:19 - 38714440 ____C () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-01-04 06:06 - 2015-01-04 06:06 - 00569856 _____ () C:\Users\qwerty\AppData\Local\Pokki\Engine\ppGoogleNaClPluginChrome.dll
2015-01-04 06:06 - 2015-01-04 06:06 - 01400846 _____ () C:\Users\qwerty\AppData\Local\Pokki\Engine\avcodec-54.dll
2015-01-04 06:06 - 2015-01-04 06:06 - 00151054 _____ () C:\Users\qwerty\AppData\Local\Pokki\Engine\avutil-51.dll
2015-01-04 06:06 - 2015-01-04 06:06 - 00222734 _____ () C:\Users\qwerty\AppData\Local\Pokki\Engine\avformat-54.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3444423886-3902486669-11926437-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Tapeta pulpitu.bmp
DNS Servers: 10.10.81.124 - 192.166.202.10

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-3444423886-3902486669-11926437-500 - Administrator - Disabled)
Gość (S-1-5-21-3444423886-3902486669-11926437-501 - Limited - Disabled)
qwerty (S-1-5-21-3444423886-3902486669-11926437-1000 - Administrator - Enabled) => C:\Users\qwerty
UpdatusUser (S-1-5-21-3444423886-3902486669-11926437-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============

Name: Kontroler Uniwersalnej magistrali szeregowej (USB)
Description: Kontroler Uniwersalnej magistrali szeregowej (USB)
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/19/2015 10:54:26 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2015 00:38:23 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Nie można wygenerować kontekstu aktywacji dla "FARO.LS,processorArchitecture="x86",publicKeyToken="1d23f5635ba800ab",type="win32",version="1.1.406.58"1".
Nie można odnaleźć zestawu zależnego FARO.LS,processorArchitecture="x86",publicKeyToken="1d23f5635ba800ab",type="win32",version="1.1.406.58".
Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error: (04/18/2015 07:46:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/18/2015 00:16:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/18/2015 07:16:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/18/2015 07:07:30 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/17/2015 11:50:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/17/2015 11:48:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/17/2015 11:40:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/17/2015 11:38:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (04/19/2015 10:56:24 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi NVIDIA Update Service Daemon z powodu następującego błędu:
%%1069

Error: (04/19/2015 10:56:24 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Usługa nvUpdatusService nie może zalogować się jako .\UpdatusUser za pomocą obecnie skonfigurowanego hasła z powodu następującego błędu:
%%1330

Aby upewnić się, że usługa jest skonfigurowana prawidłowo, użyj przystawki Usługi w programie Microsoft Management Console (MMC).

Error: (04/19/2015 10:54:17 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego:
StarOpen

Error: (04/19/2015 10:54:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi BrowserProtect z powodu następującego błędu:
%%2

Error: (04/19/2015 10:54:03 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Ładowanie sterownika \SystemRoot\SysWow64\Drivers\StarOpen.SYS zostało zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania w celu uzyskania zgodnej wersji sterownika.

Error: (04/18/2015 07:48:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi NVIDIA Update Service Daemon z powodu następującego błędu:
%%1069

Error: (04/18/2015 07:48:37 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Usługa nvUpdatusService nie może zalogować się jako .\UpdatusUser za pomocą obecnie skonfigurowanego hasła z powodu następującego błędu:
%%1330

Aby upewnić się, że usługa jest skonfigurowana prawidłowo, użyj przystawki Usługi w programie Microsoft Management Console (MMC).

Error: (04/18/2015 07:46:34 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego:
StarOpen

Error: (04/18/2015 07:46:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi BrowserProtect z powodu następującego błędu:
%%2

Error: (04/18/2015 07:46:17 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Ładowanie sterownika \SystemRoot\SysWow64\Drivers\StarOpen.SYS zostało zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania w celu uzyskania zgodnej wersji sterownika.


Microsoft Office Sessions:
=========================
Error: (04/19/2015 10:54:26 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2015 00:38:23 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: FARO.LS,processorArchitecture="x86",publicKeyToken="1d23f5635ba800ab",type="win32",version="1.1.406.58"c:\program files\Autodesk\autocad civil 3d 2012\FaroImporter.exe

Error: (04/18/2015 07:46:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/18/2015 00:16:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/18/2015 07:16:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/18/2015 07:07:30 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/17/2015 11:50:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/17/2015 11:48:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/17/2015 11:40:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/17/2015 11:38:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Percentage of memory in use: 30%
Total physical RAM: 8175.12 MB
Available physical RAM: 5655.69 MB
Total Pagefile: 16348.43 MB
Available Pagefile: 13633.77 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:99.51 GB) (Free:21 GB) NTFS
Drive d: () (Fixed) (Total:200.2 GB) (Free:190.98 GB) NTFS
Drive e: () (Fixed) (Total:165.96 GB) (Free:116.98 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or (Size: 465.8 GB) (Disk ID: 021FBE2E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=99.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=200.2 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=166 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Users shortcut scan result (x64) Version: 19-04-2015
Ran by qwerty at 2015-04-19 12:22:54
Running from C:\Users\qwerty\Desktop
Boot Mode: Normal
==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)



Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk -> C:\Windows\Installer\{AC76BA86-7AD7-1045-7B44-AA1000000001}\SC_Reader.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk -> C:\Program Files (x86)\CDBurnerXP\cdbxpp.exe (Canneverbe Limited)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk -> C:\Windows\ehome\ehshell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk -> C:\Windows\System32\WindowsAnytimeUpgradeUI.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -> C:\Program Files\DVD Maker\DVDMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk -> C:\Program Files (x86)\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk -> C:\Program Files (x86)\WinRAR\WhatsNew.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk -> C:\Program Files (x86)\WinRAR\WinRAR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files (x86)\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO\ConvertXtoDVD 4\ConvertXtoDVD 4.lnk -> C:\Program Files (x86)\VSO\ConvertX\4\ConvertXtoDvd.exe (VSO Software SARL)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO\ConvertXtoDVD 4\Deinstalacja programu ConvertXToDVD.lnk -> C:\Program Files (x86)\VSO\ConvertX\4\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO\ConvertXtoDVD 4\l glp license.lnk -> C:\Program Files (x86)\VSO\ConvertX\4\lgpl-2.1.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Game Manual.lnk -> E:\Gry\Heroes\Heroes of Might and Magic V - Tribes of the East\Game Manual 3.0.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Heroes of Might and Magic V - Tribes of the East.lnk -> E:\Gry\Heroes\Heroes of Might and Magic V - Tribes of the East\bin\H5_Game.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V - Tribes of the East\MapEditor.lnk -> E:\Gry\Heroes\Heroes of Might and Magic V - Tribes of the East\bin\H5_MapEditor.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Readme.lnk -> E:\Gry\Heroes\Heroes of Might and Magic V - Tribes of the East\Readme 3.0.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Update.lnk -> E:\Gry\Heroes\Heroes of Might and Magic V - Tribes of the East\bin\UpgradeLauncher.exe (Nival Interactive)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Manuals\Combat Replays.lnk -> E:\Gry\Heroes\Heroes of Might and Magic V - Tribes of the East\Editor Documentation\HOMM5_Combat_Replay.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Manuals\Dialog Replays.lnk -> E:\Gry\Heroes\Heroes of Might and Magic V - Tribes of the East\Editor Documentation\HOMM5_Dialogs_Replay.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Manuals\Random Map Generator.lnk -> E:\Gry\Heroes\Heroes of Might and Magic V - Tribes of the East\Editor Documentation\HOMM5_RMG_Tutorial.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Manuals\User Campaigns.lnk -> E:\Gry\Heroes\Heroes of Might and Magic V - Tribes of the East\Editor Documentation\HOMM5_Users_Campaign_Editor.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Manuals\Editor Manual\Cheat Codes.lnk -> E:\Gry\Heroes\Heroes of Might and Magic V - Tribes of the East\Editor Documentation\HOMM5_CheatCodes.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Manuals\Editor Manual\Custom Duel Presets.lnk -> E:\Gry\Heroes\Heroes of Might and Magic V - Tribes of the East\Editor Documentation\HOMM5_Preset_Editor.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Manuals\Editor Manual\Editor Practical Guide.lnk -> E:\Gry\Heroes\Heroes of Might and Magic V - Tribes of the East\Editor Documentation\HOMM5_Editor_Practical_Guide.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Manuals\Editor Manual\Editor Theory.lnk -> E:\Gry\Heroes\Heroes of Might and Magic V - Tribes of the East\Editor Documentation\HOMM5_Editor_Theory.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Manuals\Editor Manual\Hero Level and Experience.lnk -> E:\Gry\Heroes\Heroes of Might and Magic V - Tribes of the East\Editor Documentation\HOMM5_Hero_Level_and_Experience.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Manuals\Editor Manual\IDs for Scripts.lnk -> E:\Gry\Heroes\Heroes of Might and Magic V - Tribes of the East\Editor Documentation\HOMM5_IDs_for_Scripts.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Manuals\Editor Manual\New IDs for Scripts.lnk -> E:\Gry\Heroes\Heroes of Might and Magic V - Tribes of the East\Editor Documentation\HOMM5_A2_IDs_for_Scripts.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Manuals\Editor Manual\New Script Functions.lnk -> E:\Gry\Heroes\Heroes of Might and Magic V - Tribes of the East\Editor Documentation\HOMM5_A2_Script_Functions.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Manuals\Editor Manual\Script Functions.lnk -> E:\Gry\Heroes\Heroes of Might and Magic V - Tribes of the East\Editor Documentation\HOMM5_Script_Functions.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Fans Content\Fans Manual.lnk -> E:\Gry\Heroes\Heroes of Might and Magic V - Tribes of the East\FanDocuments\Heroes5_Manual_3.0.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Fans Content\Skill Wheel.lnk -> E:\Gry\Heroes\Heroes of Might and Magic V - Tribes of the East\FanDocuments\Skillwheel.exe (Aurelain)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic IV\Edytor kampanii.lnk -> E:\Gry\Heroes\campaign_editor.exe (The 3DO Company)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic IV\Heroes of Might and Magic IV - Złota Edycja.lnk -> E:\Gry\Heroes\heroes4p.exe (The 3DO Company)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic IV\Dokumentacja\Drzewka rozwoju.lnk -> E:\Gry\Heroes\Instrukcja\Drzewko.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic IV\Dokumentacja\Plik CzytajTo.lnk -> E:\Gry\Heroes\readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic IV\Dokumentacja\Pomoc do edytora kampanii.lnk -> E:\Gry\Heroes\campaign_editor_help.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic II\Edytor.lnk -> C:\Program Files (x86)\Ubisoft\Heroes of Might and Magic II\Editor2w.exe (New World Computing)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic II\Heroes of Might and Magic II.lnk -> C:\Program Files (x86)\Ubisoft\Heroes of Might and Magic II\Heroes2w.exe (New World Computing)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic II\Dokumentacja\Instrukcja użytkownika.lnk -> C:\Program Files (x86)\Ubisoft\Heroes of Might and Magic II\Instrukcja\Instrukcja.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic II\Dokumentacja\Plik CzytajTo.lnk -> C:\Program Files (x86)\Ubisoft\Heroes of Might and Magic II\Readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic II\Dokumentacja\Plik pomocy.lnk -> C:\Program Files (x86)\Ubisoft\Heroes of Might and Magic II\Help\Heroes2.hlp ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic II\Dokumentacja\Pomoc techniczna offline.lnk -> C:\Program Files (x86)\Ubisoft\Heroes of Might and Magic II\Pomoc\index.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic II\Dokumentacja\Poradnik do gry.lnk -> C:\Program Files (x86)\Ubisoft\Heroes of Might and Magic II\Instrukcja\Poradnik.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint\Microsoft SharePoint Workspace 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\grvicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung PC Studio 3\Multimedia Player.lnk -> C:\Program Files (x86)\Samsung\Samsung PC Studio 3\Multimedia player.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung PC Studio 3\Samsung PC Studio 3.lnk -> C:\Program Files (x86)\Samsung\Samsung PC Studio 3\Launcher.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PIT Format 2012\Deinstalacja programu PIT Format 2012.lnk -> C:\PIT Format 2012\unins000.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF To JPG\PDF To JPG.lnk -> C:\PDFToJPG\PDFJPG.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF To JPG\Uninstall PDF To JPG.lnk -> C:\PDFToJPG\unins000.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision Photo Viewer.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe (NVIDIA Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero\Nero ControlCenter.lnk -> C:\Windows\Installer\{ABC88553-8770-4B97-B43E-5A90647A5B63}\ScControlCenterSta_FC2653898C5047A6A872CAF6433C43A8.exe (Acresso Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero\Nero 12\Nero Burning ROM.lnk -> C:\Windows\Installer\{CF508721-0E1E-4F99-A359-59E4EA8DAEC1}\ARPPRODUCTICON.exe (Acresso Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movavi Video Converter 11\Odinstaluj Movavi Video Converter 11.lnk -> C:\Program Files (x86)\Movavi Video Converter 11\uninst.exe (Movavi)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movavi Video Converter 11\Strona Główna Movavi Video Converter.lnk -> C:\Program Files (x86)\Movavi Video Converter 11\Movavi Video Converter 11.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movavi Video Converter 11\Narzędzia\Obserwuj katalog.lnk -> C:\Program Files (x86)\Movavi Video Converter 11\WatchFolder.exe (http://movavi.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movavi Video Converter 11\Narzędzia\PSP Uploader.lnk -> C:\Program Files (x86)\Movavi Video Converter 11\PSPUploader.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Access 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\accicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Excel 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\xlicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft InfoPath Filler 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\inficon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft OneNote 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\joticon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Outlook 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\outicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft PowerPoint 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\pptico.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Publisher 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\pubs.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft SharePoint Workspace 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\grvicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Narzędzia pakietu Microsoft Office 2010\Centrum Microsoft Office 2010 Upload Center.lnk -> C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\msouc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Narzędzia pakietu Microsoft Office 2010\Certyfikat cyfrowy dla projektów VBA.lnk -> C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Narzędzia pakietu Microsoft Office 2010\Microsoft Clip Organizer.lnk -> C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\cagicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Narzędzia pakietu Microsoft Office 2010\Microsoft Office Picture Manager.lnk -> C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\oisicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Narzędzia pakietu Microsoft Office 2010\Preferencje językowe pakietu Microsoft Office 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk -> C:\Windows\System32\recdisc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk -> C:\Windows\System32\msra.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Codec Tweak Tool.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Media Player Classic.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe (MPC-HC Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Uninstall\Uninstall K-Lite Codec Pack.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\GraphStudioNext.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\GraphStudioNext.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\MediaInfo.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\mediainfo.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\VobSubStrip.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\VobSubStrip.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\Win7DSFilterTweaker.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\Win7DSFilterTweaker.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Help\Frequently Asked Questions.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Info\faq.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of Might and Magic III - Złota Edycja\Informacje o systemie.lnk -> E:\Gry\Herose 3\Support\sysinfo.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of Might and Magic III - Złota Edycja\Dokumentacja\Armageddon's Blade.lnk -> E:\Gry\Herose 3\instrukcja\instrukcja2.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of Might and Magic III - Złota Edycja\Dokumentacja\Plik CzytajTo.lnk -> E:\Gry\Herose 3\Readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of Might and Magic III - Złota Edycja\Dokumentacja\Poradnik do gry.lnk -> E:\Gry\Herose 3\Instrukcja\Poradnik.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of Might and Magic III - Złota Edycja\Dokumentacja\Restoration of Erathia.lnk -> E:\Gry\Herose 3\instrukcja\instrukcja1.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of Might and Magic III - Złota Edycja\Dokumentacja\Shadow of Death.lnk -> E:\Gry\Herose 3\instrukcja\instrukcja3.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge\NCLauncher\Uninstall - NCLauncher.lnk -> C:\Program Files (x86)\GameForge\NCLauncher\Uninstall.exe (NCsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fotosizer\Fotosizer Homepage.lnk -> C:\Program Files (x86)\Fotosizer\Fotosizer.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fotosizer\Fotosizer.lnk -> C:\Program Files (x86)\Fotosizer\Fotosizer.exe (Fotosizer.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fotosizer\Uninstall Fotosizer.lnk -> C:\Program Files (x86)\Fotosizer\uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III\Diablo III - Instrukcja.lnk -> E:\Gry\Diablo 3\Diablo III\Manual.url (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III\Diablo III.lnk -> E:\Gry\Diablo 3\Diablo III\Diablo III Launcher.exe (Blizzard Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III\Pomoc techniczna Blizzard.lnk -> E:\Gry\Diablo 3\Diablo III\TechSupport.url (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III\Zarządzanie kontem Battle.net.lnk -> E:\Gry\Diablo 3\Diablo III\BattlenetAccount.url (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo II\Diablo II - dezinstalacja.lnk -> C:\Program Files (x86)\Common Files\Blizzard Entertainment\Diablo II\Uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo II\Diablo II - Lord of Destruction.lnk -> E:\Gry\Diablo 2\Diablo II\Diablo II.exe (Blizzard North)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo II\Test karty graficznej.lnk -> E:\Gry\Diablo 2\Diablo II\D2VidTst.exe (Blizzard North)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo II\Zarejestruj grę Diablo II - Lord of Destruction.lnk -> E:\Gry\Diablo 2\Diablo II\Register Diablo II.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite\DAEMON Tools Lite.lnk -> C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite\DTGadget.lnk -> C:\Program Files (x86)\DAEMON Tools Lite\DT.gadget ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite\SPTD Setup.lnk -> C:\Program Files (x86)\DAEMON Tools Lite\SPTDinst-x64.exe (Duplex Secure Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net\Battle.net.lnk -> E:\Gry\Diablo 3\Diablo III\Battle.net\Battle.net Launcher.exe (Blizzard Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\Autodesk Design Review 2012.lnk -> C:\Program Files (x86)\Autodesk\Autodesk Design Review 2012\DesignReview.exe (Autodesk, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\AutoCAD Civil 3D 2012 - Polski\Autodesk Content Browser.lnk -> C:\Program Files\Autodesk\AutoCAD Civil 3D 2012\AecCB.exe (Autodesk, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\AutoCAD Civil 3D 2012 - Polski\Dołącz podpisy cyfrowe.lnk -> C:\Program Files\Autodesk\AutoCAD Civil 3D 2012\AcSignApply.exe (Autodesk, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\AutoCAD Civil 3D 2012 - Polski\Edytor skrótów do danych.lnk -> C:\Program Files\Autodesk\AutoCAD Civil 3D 2012\ShortcutEditor.exe (Autodesk, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\AutoCAD Civil 3D 2012 - Polski\Menedżer odnośników.lnk -> C:\Program Files\Autodesk\AutoCAD Civil 3D 2012\AdRefMan.exe (Autodesk, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\AutoCAD Civil 3D 2012 - Polski\Wsadowy kontroler standardów.lnk -> C:\Program Files\Autodesk\AutoCAD Civil 3D 2012\DwgCheckStandards.exe (Autodesk, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft\PDFMate PDF Converter\Deinstalacja programu PDFMate PDF Converter.lnk -> C:\Program Files (x86)\AnvSoft\PDFMate PDF Converter\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft\PDFMate PDF Converter\PDFMate PDF Converter.lnk -> C:\Program Files (x86)\AnvSoft\PDFMate PDF Converter\PDFMateFree.exe (AnvSoft Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft\PDFMate PDF Converter\Strona WWW programu PDFMate PDF Converter.lnk -> C:\Program Files (x86)\AnvSoft\PDFMate PDF Converter\PDFMateFree.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk -> C:\Windows\System32\displayswitch.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk -> C:\Windows\System32\mobsync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\Windowspowershell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk -> C:\Windows\System32\rstrui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk -> C:\Windows\System32\migwiz\PostMig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{E8AE0286-9A63-4F4F-B479-0E4E4A2A8EB5}\PlayTasks\0\Play.lnk -> E:\Gry\Diablo 3\Diablo III\Diablo III Launcher.exe (Blizzard Entertainment)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Adobe Reader X.lnk -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\Public\Desktop\Avast Free Antivirus.lnk -> C:\Program Files\AVAST Software\Avast\avastui.exe (AVAST Software)
Shortcut: C:\Users\Public\Desktop\Battle.net.lnk -> E:\Gry\Diablo 3\Diablo III\Battle.net\Battle.net Launcher.exe (Blizzard Entertainment)
Shortcut: C:\Users\Public\Desktop\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
Shortcut: C:\Users\Public\Desktop\CDBurnerXP.lnk -> C:\Program Files (x86)\CDBurnerXP\cdbxpp.exe (Canneverbe Limited)
Shortcut: C:\Users\Public\Desktop\DAEMON Tools Lite.lnk -> C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
Shortcut: C:\Users\Public\Desktop\Diablo II - Lord of Destruction.lnk -> E:\Gry\Diablo 2\Diablo II\Diablo II.exe (Blizzard North)
Shortcut: C:\Users\Public\Desktop\Fotosizer.lnk -> C:\Program Files (x86)\Fotosizer\Fotosizer.exe (Fotosizer.com)
Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Public\Desktop\Heroes of Might and Magic II.lnk -> C:\Program Files (x86)\Ubisoft\Heroes of Might and Magic II\Heroes2w.exe (New World Computing)
Shortcut: C:\Users\Public\Desktop\Heroes of Might and Magic III - Złota Edycja.lnk -> E:\Gry\Herose 3\Heroes3.exe (The 3DO Company)
Shortcut: C:\Users\Public\Desktop\Heroes of Might and Magic IV - Złota Edycja.lnk -> E:\Gry\Heroes\heroes4p.exe (The 3DO Company)
Shortcut: C:\Users\Public\Desktop\Heroes of Might and Magic V - Tribes of the East.lnk -> E:\Gry\Heroes\Heroes of Might and Magic V - Tribes of the East\bin\H5_Game.exe ()
Shortcut: C:\Users\Public\Desktop\Movavi Video Converter 11.lnk -> C:\Program Files (x86)\Movavi Video Converter 11\VideoConverter.exe (http://movavi.com)
Shortcut: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Public\Desktop\OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (No File)
Shortcut: C:\Users\Public\Desktop\Total Commander.lnk -> C:\totalcmd\TOTALCMD.EXE (Ghisler Software GmbH)
Shortcut: C:\Users\Public\Desktop\Winamp.lnk -> C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft, Inc.)
Shortcut: C:\Users\qwerty\Links\Desktop.lnk -> C:\Users\qwerty\Desktop ()
Shortcut: C:\Users\qwerty\Links\Downloads.lnk -> C:\Users\qwerty\Downloads ()
Shortcut: C:\Users\qwerty\Desktop\#1 Video Converter.lnk -> C:\Program Files (x86)\No1 Video Converter\#1 Video Converter.exe ()
Shortcut: C:\Users\qwerty\Desktop\ConvertXtoDVD 4.lnk -> C:\Program Files (x86)\VSO\ConvertX\4\ConvertXtoDvd.exe (VSO Software SARL)
Shortcut: C:\Users\qwerty\Desktop\Duel of Champions Launcher.lnk -> C:\Users\qwerty\AppData\Roaming\Ubisoft\MMDoC-PDCLive\Launcher.exe (Ubisoft)
Shortcut: C:\Users\qwerty\Desktop\Microsoft Excel 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\xlicons.exe ()
Shortcut: C:\Users\qwerty\Desktop\Microsoft Word 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\wordicon.exe ()
Shortcut: C:\Users\qwerty\Desktop\muzyka — skrót.lnk -> E:\muzyka ()
Shortcut: C:\Users\qwerty\AppData\Roaming\Microsoft\Windows\Start Menu\Video Converter Uninstall Video Converter.lnk -> C:\Program Files (x86)\VideoConverter\Uninstall\Uninstall.exe (No File)
Shortcut: C:\Users\qwerty\AppData\Roaming\Microsoft\Windows\Start Menu\Video Converter Video Converter.lnk -> C:\Program Files (x86)\VideoConverter\VideoConverter.exe (No File)
Shortcut: C:\Users\qwerty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\qwerty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk -> C:\Program Files (x86)\WinRAR\Rar.txt ()
Shortcut: C:\Users\qwerty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk -> C:\Program Files (x86)\WinRAR\WhatsNew.txt ()
Shortcut: C:\Users\qwerty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk -> C:\Program Files (x86)\WinRAR\WinRAR.chm ()
Shortcut: C:\Users\qwerty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files (x86)\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\qwerty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Basic 2005 Power Packs\3.0\PrintForm Sample.lnk -> C:\Users\qwerty\Documents\Microsoft Visual Basic 2005 Power Packs\3.0\Samples\PrintForm\PrintForm Sample.sln ()
Shortcut: C:\Users\qwerty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Duel of Champions Launcher\Duel of Champions Launcher Website.lnk -> C:\Users\qwerty\AppData\Roaming\Ubisoft\MMDoC-PDCLive\MMDoC-PDCLive website.url (No File)
Shortcut: C:\Users\qwerty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Duel of Champions Launcher\Duel of Champions Launcher.lnk -> C:\Users\qwerty\AppData\Roaming\Ubisoft\MMDoC-PDCLive\Launcher.exe (Ubisoft)
Shortcut: C:\Users\qwerty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Duel of Champions Launcher\Uninstall Duel of Champions Launcher.lnk -> C:\Users\qwerty\AppData\Roaming\Ubisoft\MMDoC-PDCLive\uninstall.exe (Ubisoft)
Shortcut: C:\Users\qwerty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Uninstall Dropbox.lnk -> C:\Users\qwerty\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe (Dropbox, Inc.)
Shortcut: C:\Users\qwerty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\qwerty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\qwerty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\qwerty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\qwerty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\qwerty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\qwerty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\qwerty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\qwerty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\#1 Video Converter\#1 Video Converter.lnk -> C:\Program Files (x86)\No1 Video Converter\#1 Video Converter.exe ()
Shortcut: C:\Users\qwerty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\#1 Video Converter\homepage.lnk -> C:\Program Files (x86)\No1 Video Converter\homepage.url ()
Shortcut: C:\Users\qwerty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\#1 Video Converter\Uninstall.lnk -> C:\Program Files (x86)\No1 Video Converter\Uninstall.exe ()
Shortcut: C:\Users\qwerty\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ConvertXtoDVD 4.lnk -> C:\Program Files (x86)\VSO\ConvertX\4\ConvertXtoDvd.exe (VSO Software SARL)
Shortcut: C:\Users\qwerty\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Fotosizer.lnk -> C:\Program Files (x86)\Fotosizer\Fotosizer.exe (Fotosizer.com)
Shortcut: C:\Users\qwerty\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\qwerty\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\qwerty\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\Users\qwerty\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\qwerty\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\qwerty\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\b15f30ab853b7d31\Diablo III.lnk -> C:\Program Files (x86)\Diablo III\Diablo III Launcher.exe (No File)
Shortcut: C:\Users\qwerty\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\qwerty\AppData\Roaming\Autodesk\C3D 2012\plk\Plotters\Dodaj ploter.lnk -> C:\Program Files\Autodesk\AutoCAD Civil 3D 2012\addplwiz.exe (Autodesk, Inc.)
Shortcut: C:\Users\qwerty\AppData\Roaming\Autodesk\C3D 2012\plk\Plotters\Plot Styles\Dodaj tabelę stylów wydruku.lnk -> C:\Program Files\Autodesk\AutoCAD Civil 3D 2012\styshwiz.exe (Autodesk, Inc.)
Shortcut: C:\Users\qwerty\AppData\Local\Microsoft\Windows\GameExplorer\{FCC960DB-90B8-444A-B632-CD811A931FD2}\PlayTasks\0\Zagraj.lnk -> C:\Program Files (x86)\Ubisoft\Heroes of Might and Magic II\Heroes2w.exe (New World Computing)
Shortcut: C:\Users\qwerty\AppData\Local\Microsoft\Windows\GameExplorer\{C5A4E335-A88B-4F75-A33E-921BD4365A42}\PlayTasks\0\Zagraj.lnk -> E:\Gry\Diablo 2\Diablo II\Diablo II.exe (Blizzard North)
Shortcut: C:\Users\qwerty\AppData\Local\Microsoft\Windows\GameExplorer\{B037BEF3-A4A1-4CFB-B720-C5226CC4D763}\PlayTasks\0\Zagraj.lnk -> E:\Gry\Diablo 2\Diablo II\Diablo II.exe (Blizzard North)
Shortcut: C:\Users\qwerty\AppData\Local\Microsoft\Windows\GameExplorer\{097952BD-95F5-450C-B21C-6161812D591A}\PlayTasks\0\Zagraj.lnk -> E:\Gry\Heroes\Heroes of Might and Magic V - Tribes of the East\bin\H5_Game.exe ()
Shortcut: C:\Users\qwerty\AppData\Local\Microsoft\Windows\GameExplorer\{06FE14E4-AA06-45B7-8A20-DE01678E694B}\PlayTasks\0\Zagraj.lnk -> E:\Gry\S4.exe ()
Shortcut: C:\Users\qwerty\AppData\Local\GG\Application.old\gg.lnk -> C:\Users\qwerty\AppData\Local\GG\Application\gghub.exe (No File)
Shortcut: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\Desktop\Wierszownik.lnk -> C:\Program Files (x86)\Wierszownik\Wierszownik.exe (No File)
Shortcut: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)




ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk -> C:\Windows\System32\wuapp.exe (Microsoft Corporation) -> startmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) -> /showgadgets
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO\ConvertXtoDVD 4\ Drivers\ Remover Driver (Modo de Compatibilidade).lnk -> C:\Program Files (x86)\VSO\pcsetup\PcSetup.exe (VSO Software SARL) -> /remove /removeatip " Kompatibilitätsmodus wird eingerichtet... Bitte anschließend neu starten!"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Register the Game.lnk -> E:\Gry\Heroes\Heroes of Might and Magic V - Tribes of the East\registration\RegistrationReminder.exe () -> -g Heroes of Might & Magic 5 - Tribes of the East -i 2579 -l English
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Uninstall.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{66FF4C48-0083-4E60-8556-B883AB200092}\Setup.exe (InstallShield Software Corporation) -> -l0x9
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic IV\Usuń grę Heroes of Might and Magic IV - Złota Edycja.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{94B4E2D8-A184-415C-BF9E-F699D76466BD}\setup.exe" -l0x15
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic II\Usuń grę Heroes of Might and Magic II.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{99D467AE-03D8-442C-AF74-EB5DA85DCA12}\SETUP.EXE" -l0x15
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung PC Studio 3\Multimedia Manager.lnk -> C:\Program Files (x86)\Samsung\Samsung PC Studio 3\Launcher.exe () -> -MManager
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision preview pack 1.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe (NVIDIA Corporation) -> /show
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Disable 3D Vision.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe (NVIDIA Corporation) -> /disable
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Enable 3D Vision.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe (NVIDIA Corporation) -> /enable
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movavi Video Converter 11\Narzędzia\Linia poleceń.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /K "C:\Program Files (x86)\Movavi Video Converter 11\Mvccl.exe" /help
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft InfoPath Designer 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\inficon.exe () -> /design
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.BackupAndRestore
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\DirectVobSub.lnk -> C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\vsfilter.dll",DirectVobSub
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow audio decoder.lnk -> C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\ffdshow\ffdshow.ax",configureAudio
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow DXVA video decoder.lnk -> C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\ffdshow\ffdshow.ax",configureDXVA
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow video decoder.lnk -> C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\ffdshow\ffdshow.ax",configure
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\Haali Media Splitter.lnk -> C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\Haali\splitter.ax",Configure
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\Haali video renderer.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\dsconfig.exe (MONOGRAM Multimedia, s.r.o.) -> {760A8F35-97E7-479D-AAF5-DA9EFF95D751}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Audio.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\lavaudio.ax",OpenConfiguration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Splitter.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\lavsplitter.ax",OpenConfiguration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Video.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\lavvideo.ax",OpenConfiguration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\madFLAC.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\dsconfig.exe (MONOGRAM Multimedia, s.r.o.) -> {6B257121-CBB6-46B3-ABFA-B14DFA98C4A6}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\Reset to recommended settings.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe () -> /showsections=reset_settings
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\VP7 decoder.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\dsconfig.exe (MONOGRAM Multimedia, s.r.o.) -> {C204438D-6E1A-4309-B09C-0C0F749863AF}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of Might and Magic III - Złota Edycja\Usuń grę Heroes of Might and Magic III - Złota Edycja.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{8B743AA0-53B2-11D2-808A-00600895FB43}\setup.exe" -l0x15
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\AutoCAD Civil 3D 2012 - Polski\AutoCAD Civil 3D 2012 - Polski Polska.lnk -> C:\Program Files\Autodesk\AutoCAD Civil 3D 2012\acad.exe (Autodesk, Inc.) -> /ld "C:\Program Files\Autodesk\AutoCAD Civil 3D 2012\AecBase.dbx" /p "<<C3D_Poland>>"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\AutoCAD Civil 3D 2012 - Polski\AutoCAD Civil 3D 2012 - Polski — calowe.lnk -> C:\Program Files\Autodesk\AutoCAD Civil 3D 2012\acad.exe (Autodesk, Inc.) -> /ld "C:\Program Files\Autodesk\AutoCAD Civil 3D 2012\AecBase.dbx" /p "<<C3D_Imperial>>"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\AutoCAD Civil 3D 2012 - Polski\AutoCAD Civil 3D 2012 - Polski — metryczne.lnk -> C:\Program Files\Autodesk\AutoCAD Civil 3D 2012\acad.exe (Autodesk, Inc.) -> /ld "C:\Program Files\Autodesk\AutoCAD Civil 3D 2012\AecBase.dbx" /p "<<C3D_Metric>>"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\AutoCAD Civil 3D 2012 - Polski\AutoCAD Civil 3D as AutoCAD 2012.lnk -> C:\Windows\Installer\{5783F2D7-A000-0415-0102-0060B0CE6BBA}\Acad162_icon.exe () -> /P AutoCAD
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\AutoCAD Civil 3D 2012 - Polski\Narzędzie transferu licencji.lnk -> C:\Program Files\Common Files\Autodesk Shared\AdLM\R4\LTU.exe (Autodesk, Inc.) -> 237D1 2012.0.0.F -d SA -l pl-PL
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -NoExit -ImportSystemModules
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) -> /open
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Public\Desktop\AutoCAD Civil 3D 2012 - Polski Polska.lnk -> C:\Program Files\Autodesk\AutoCAD Civil 3D 2012\acad.exe (Autodesk, Inc.) -> /ld "C:\Program Files\Autodesk\AutoCAD Civil 3D 2012\AecBase.dbx" /p "<<C3D_Poland>>"
ShortcutWithArgument: C:\Users\qwerty\Links\GG dysk.lnk -> C:\Users\qwerty\GG dysk () -> --ggiconindex=-201 --ggiconpath=C:\Users\qwerty\AppData\Local\GG\Application\ggdrive\ggdrive-resources.dll
ShortcutWithArgument: C:\Users\qwerty\Favorites\GG dysk.lnk -> C:\Users\qwerty\GG dysk () -> --ggiconindex=-201 --ggiconpath=C:\Users\qwerty\AppData\Local\GG\Application\ggdrive\ggdrive-resources.dll
ShortcutWithArgument: C:\Users\qwerty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk -> C:\Users\qwerty\AppData\Local\Pokki\Engine\HostAppService.exe (Pokki) -> /OPEN"f22abfeae27a67446927d078890381efc546d3e1"
ShortcutWithArgument: C:\Users\qwerty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Menu.lnk -> C:\Users\qwerty\AppData\Local\Pokki\Engine\HostAppService.exe (Pokki) -> /OPEN"menu"
ShortcutWithArgument: C:\Users\qwerty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QTRAX\Uninstall Qtrax Player.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {58C91689-85E3-4B25-ADEC-2697986DF817}
ShortcutWithArgument: C:\Users\qwerty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PriceFountain\Uninstall PriceFountain.lnk -> C:\Users\qwerty\AppData\Local\PriceFountain\uninst.exe (Price_Fountain) -> /uninstall
ShortcutWithArgument: C:\Users\qwerty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk -> C:\Users\qwerty\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) -> /home
ShortcutWithArgument: C:\Users\qwerty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\qwerty\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\qwerty\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Pokki Menu.lnk -> C:\Users\qwerty\AppData\Local\Pokki\Engine\HostAppService.exe (Pokki) -> /OPEN"menu"
ShortcutWithArgument: C:\Users\qwerty\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\70f62c6a7f1739bd\pinned.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> %systemRoot%\system32\shell32.dll,Options_RunDLL 1
ShortcutWithArgument: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo


InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Links\Developer Web Site.url -> hxxp://www.nival.com/homm5/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Links\Game Web Site.url -> hxxp://www.mightandmagicgame.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Links\Publisher Web Site.url -> hxxp://www.ubisoft.com
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic IV\Internet\Pomoc techniczna CD Projekt.url -> hxxp://www.cdprojekt.info/pomoc.asp
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic IV\Internet\Rejestracja elektroniczna CD Projekt.url -> hxxp://www.cdprojekt.info/rejestracja.asp
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic IV\Internet\www.cdprojekt.info.url -> hxxp://www.cdprojekt.info/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic IV\Internet\www.ubi.com.url -> hxxp://www.ubi.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic II\Internet\Forum dyskusyjne Gram.pl.url -> hxxp://www.gram.pl/forum
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic II\Internet\Pomoc techniczna CD Projekt.url -> hxxp://www.gram.pl/pomoc
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic II\Internet\Rejestracja elektroniczna Gram.pl.url -> hxxp://www.gram.pl/rejestracja
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic II\Internet\Sklep Gram.pl.url -> hxxp://www.gram.pl/sklep
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic II\Internet\www.gram.pl.url -> hxxp://www.gram.pl/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic II\Internet\www.ubi.com.url -> hxxp://www.ubi.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF To JPG\PDF To JPG on the Web.url -> hxxp://www.PDFJPG.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of Might and Magic III - Złota Edycja\Internet\Pomoc techniczna CD Projekt.url -> hxxp://www.gram.pl/pomoc/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of Might and Magic III - Złota Edycja\Internet\Rejestracja elektroniczna CD Projekt.url -> hxxp://www.gram.pl/rejestracja/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of Might and Magic III - Złota Edycja\Internet\www.gram.pl.url -> hxxp://www.gram.pl/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of Might and Magic III - Złota Edycja\Internet\www.ubisoft.com.url -> hxxp://www.ubisoft.com/
InternetURL: C:\Users\qwerty\Favorites\Windows Live\Galeria gadżetów Windows Live.url -> hxxp://go.microsoft.com/fwlink/?LinkID=70742
InternetURL: C:\Users\qwerty\Favorites\Windows Live\Poczta usługi Windows Live.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72681
InternetURL: C:\Users\qwerty\Favorites\Windows Live\Programy usługi Windows Live.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72700
InternetURL: C:\Users\qwerty\Favorites\Windows Live\Windows Live Spaces.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72682
InternetURL: C:\Users\qwerty\Favorites\MSN — witryny sieci Web\MSN Gospodarka.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68923
InternetURL: C:\Users\qwerty\Favorites\MSN — witryny sieci Web\MSN Rozrywka.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68924
InternetURL: C:\Users\qwerty\Favorites\MSN — witryny sieci Web\MSN Sport.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68921
InternetURL: C:\Users\qwerty\Favorites\MSN — witryny sieci Web\MSN Technologie.url -> hxxp://go.microsoft.com/fwlink/?LinkId=55143
InternetURL: C:\Users\qwerty\Favorites\MSN — witryny sieci Web\MSN Wideo.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68922
InternetURL: C:\Users\qwerty\Favorites\MSN — witryny sieci Web\Portal MSN.url -> hxxp://go.microsoft.com/fwlink/?LinkId=54729
InternetURL: C:\Users\qwerty\Favorites\Microsoft — witryny sieci Web\Centrum bezpieczeństwa Microsoft.url -> hxxp://go.microsoft.com/fwlink/?LinkID=72887
InternetURL: C:\Users\qwerty\Favorites\Microsoft — witryny sieci Web\Dodatki programu Internet Explorer.url -> hxxp://go.microsoft.com/fwlink/?LinkId=50893
InternetURL: C:\Users\qwerty\Favorites\Microsoft — witryny sieci Web\Microsoft Office Online.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72885
InternetURL: C:\Users\qwerty\Favorites\Microsoft — witryny sieci Web\Microsoft Store.url -> hxxp://go.microsoft.com/fwlink/?linkid=140813
InternetURL: C:\Users\qwerty\Favorites\Microsoft — witryny sieci Web\Microsoft Technet.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72886
InternetURL: C:\Users\qwerty\Favorites\Microsoft — witryny sieci Web\Microsoft w Polsce.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72520
InternetURL: C:\Users\qwerty\Favorites\Microsoft — witryny sieci Web\Oryginalne oprogramowanie firmy Microsoft.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72900
InternetURL: C:\Users\qwerty\Favorites\Microsoft — witryny sieci Web\Strona główna programu Internet Explorer.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72186
InternetURL: C:\Users\qwerty\Favorites\Microsoft — witryny sieci Web\Strona główna systemu Windows.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72629
InternetURL: C:\Users\qwerty\Favorites\Microsoft — witryny sieci Web\Technologia RSS.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72889
InternetURL: C:\Users\qwerty\Favorites\Microsoft — witryny sieci Web\W domu.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72406
InternetURL: C:\Users\qwerty\Favorites\Microsoft — witryny sieci Web\W pracy.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72407
InternetURL: C:\Users\qwerty\Favorites\Links for Polska\Bezpieczeństwo w trybie online.url -> hxxp://go.microsoft.com/fwlink/?LinkId=142211
InternetURL: C:\Users\qwerty\Favorites\Links for Polska\Bezpieczny Internet.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129626
InternetURL: C:\Users\qwerty\Favorites\Links for Polska\Kultura.pl.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129625
InternetURL: C:\Users\qwerty\Favorites\Links for Polska\Pogodynka.pl — oficjalny serwis pogodowy IMGW.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129624
InternetURL: C:\Users\qwerty\Favorites\Links for Polska\Polska.pl.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129622
InternetURL: C:\Users\qwerty\Favorites\Links\Galeria obiektów Web Slice.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315
InternetURL: C:\Users\qwerty\Favorites\Links\Sugerowane witryny.url -> https://ieonline.microsoft.com/#ieslice
InternetURL: C:\Users\qwerty\AppData\Roaming\Ubisoft\MMDoC-PDCLive\Duel of Champions Launcher website.url -> hxxp://www.duelofchampions.com
InternetURL: C:\Users\qwerty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PriceFountain\PriceFountain Help.url -> hxxp://support.PriceFountain.net/
InternetURL: C:\Users\qwerty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PriceFountain\PriceFountain.url -> hxxp://www.PriceFountain.net/
InternetURL: C:\Users\qwerty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox Website.URL -> hxxp://www.dropbox.com
InternetURL: C:\Users\qwerty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\#1 Video Converter\buynow.url -> 0

==================== End of log =============================

[ordynat]

1) Spróbuj odinstalować te programy:

BrowserProtect (HKLM-x32\...\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}) (Version: - ) <==== ATTENTION
do-search uninstall (HKLM-x32\...\do-search uninstall) (Version: - do-search) <==== ATTENTION!
PriceFountain (remove only) (HKU\S-1-5-21-3444423886-3902486669-11926437-1000\...\PriceFountain) (Version: 1.1.1.6 - Price_Fountain) <==== ATTENTION!
Update for PriceFountain (HKU\S-1-5-21-3444423886-3902486669-11926437-1000\...\Price Fountain) (Version: - Update for PriceFountain) <==== ATTENTION

2) Użyj Adw-Cleaner http://www.programosy.pl/program,adwcleaner.html
najpierw kliknij na SZUKAJ (SCAN), a dopiero po zakończeniu skanowania, gdy uaktywni się przycisk USUŃ (CLEANING), to kliknij na niego.


3) Otwórz Notatnik i wklej w nim:

Task: {06906E2C-17A2-4613-9507-42070B0582DA} - System32\Tasks\Price Fountain => C:\Users\qwerty\AppData\Roaming\PriceFountain\UpdateProc\UpdateTask.exe [2015-04-17] ()
C:\Users\qwerty\AppData\Roaming\PriceFountain
Reg: reg delete "HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f
Task: {1AE9E2FB-03B1-4C8B-9F61-D2819B165B98} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{14A34389-08D0-4072-A406-51F003BB4A3F}.exe
Task: {D4ED5160-F9CB-4FBE-AC60-720078544061} - \Program aktualizacji online firmy Adobe. No Task File <==== ATTENTION
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{14A34389-08D0-4072-A406-51F003BB4A3F}.exe
Task: C:\Windows\Tasks\Price Fountain.job => C:\Users\qwerty\AppData\Roaming\PRICEF~1\UPDATE~1\UPDATE~1.EXE
C:\Users\qwerty\AppData\Roaming\OpenCandy
C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
C:\Users\qwerty\Downloads\PDFMate-Free-PDF-Converter(34070)-dp.exe
C:\Windows\System32\Tasks\Price Fountain
C:\Users\qwerty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PriceFountain
C:\Users\qwerty\AppData\Roaming\do-search
C:\Users\qwerty\AppData\Local\PriceFountain
C:\Windows\Tasks\Price Fountain.job
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 EtronHub3; System32\Drivers\EtronHub3.sys [X]
S3 EtronXHCI; System32\Drivers\EtronXHCI.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S2 BrowserProtect; C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [X]
C:\ProgramData\BrowserProtect
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\qwerty\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx [2012-03-25]
CHR HKLM-x32\...\Chrome\Extension: [pgafcinpmmpklohkojmllohdhomoefph] - C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.crx [Not Found]
CHR Extension: (SweetIM for Facebook) - C:\Users\qwerty\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn [2013-05-28]
CHR StartupUrls: Default -> "hxxp://do-search.com/?type=hp&ts=1429306441&from=cor&uid=WDCXWD5000AAKX-001CA0_WD-WMAYUD21715417154"
CHR DefaultSearchKeyword: Default -> do-search
FF HKLM-x32\...\Firefox\Extensions: [quick_searchff@gmail.com] - C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\extensions\quick_searchff@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [sweetsearch@gmail.com] - C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\extensions\sweetsearch@gmail.com
FF SearchPlugin: C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\searchplugins\babylon.xml [2013-05-02]
FF SearchPlugin: C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\searchplugins\BrowserProtect.xml [2013-05-02]
FF SearchPlugin: C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\searchplugins\conduit.xml [2012-04-19]
FF SearchPlugin: C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\searchplugins\delta.xml [2013-02-27]
FF SearchPlugin: C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\searchplugins\do-search.xml [2015-04-19]
FF SearchPlugin: C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\searchplugins\freemake.xml [2013-04-05]
FF SearchPlugin: C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\searchplugins\sweetim.xml [2012-03-25]
FF SearchPlugin: C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\searchplugins\yahoo-zugo.xml [2012-03-25]
FF Extension: Babylon - C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\Extensions\ffxtlbr@babylon.com [2012-07-14]
FF Extension: No Name - C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\Extensions\quick_searchff@gmail.com [2015-04-17]
FF Extension: Search Enginer - C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\Extensions\sweetsearch@gmail.com [2015-04-17]
FF Extension: PriceFountain - C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\Extensions\{b6a94784-0ffb-4121-88c6-435139067ee2}.xpi [2015-04-17]
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: do-search
FF DefaultSearchUrl: hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF SelectedSearchEngine: do-search
FF Homepage: hxxp://do-search.com/?type=hp&ts=142930 ... 1715417154
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.dosearches.com/?utm_source=b ... 1383973410
Toolbar: HKU\S-1-5-21-3444423886-3902486669-11926437-1000 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
BHO-x32: PriceFountain -> {b608cc98-54de-4775-96c9-097de398500c} -> C:\Users\qwerty\AppData\Local\PriceFountain\PriceFountainIE.dll [2015-03-12] ()
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://do-search.com/?type=hp&ts=142930 ... 1715417154
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://do-search.com/?type=hp&ts=142930 ... 1715417154
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://do-search.com/web/?type=ds&ts=14 ... 5417154&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://do-search.com/web/?type=ds&ts=14 ... 5417154&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://do-search.com/?type=hp&ts=142930 ... 1715417154
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://do-search.com/?type=hp&ts=142930 ... 1715417154
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://do-search.com/web/?type=ds&ts=14 ... 5417154&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://do-search.com/web/?type=ds&ts=14 ... 5417154&q={searchTerms}
HKU\S-1-5-21-3444423886-3902486669-11926437-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://do-search.com/?type=hp&ts=142930 ... 1715417154
HKU\S-1-5-21-3444423886-3902486669-11926437-1000\Software\Microsoft\Internet Explorer\Main,Start Page Restore = http://home.sweetim.com/?barid={FD42A1D3-6C5E-4DBF-B556-03A4B8EC8E20}
HKU\S-1-5-21-3444423886-3902486669-11926437-1000\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.delta-search.com/?affID=1195 ... e549c241a4
HKU\S-1-5-21-3444423886-3902486669-11926437-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://do-search.com/?type=hp&ts=142930 ... 1715417154
URLSearchHook: HKU\S-1-5-21-3444423886-3902486669-11926437-1000 - (No Name) - {d43723ae-1ae1-4a25-a6a4-bf0929273cab} - No File
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://do-search.com/web/?type=ds&ts=14 ... 5417154&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://do-search.com/web/?type=ds&ts=14 ... 5417154&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://do-search.com/web/?type=ds&ts=14 ... 5417154&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://do-search.com/web/?type=ds&ts=14 ... 5417154&q={searchTerms}
SearchScopes: HKLM-x32 -> {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = http://slirsredirect.search.aol.com/red ... 685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20120325122043025&tb_oid=25-03-2012&tb_mrud=25-03-2012
SearchScopes: HKU\S-1-5-21-3444423886-3902486669-11926437-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://do-search.com/web/?type=ds&ts=14 ... 5417154&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3444423886-3902486669-11926437-1000 -> bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-3444423886-3902486669-11926437-1000 -> {0388404D-6072-4CEB-B521-8F090FEAEE57} URL = http://klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=PL&install_date=20120325&user_guid=F19A7642EF354F1AB5FED3D3C2189E3B&machine_id=fafcd72463c024412cd56b5d25223ff3&browser=IE&os=win&os_version=6.1-x64-SP1&iesrc={referrer:source}
SearchScopes: HKU\S-1-5-21-3444423886-3902486669-11926437-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.delta-search.com/?q={searchTerms}&affID=119535&tt=171011_prot~171011_prot&babsrc=SP_ss&mntrId=76149bb200000000000050e549c241a4
SearchScopes: HKU\S-1-5-21-3444423886-3902486669-11926437-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://do-search.com/web/?type=ds&ts=14 ... 5417154&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3444423886-3902486669-11926437-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={59152CEE-99E4-49FD-B3C2-7B3B63E57F50}&mid=33f922a2a43b47d0bd4a81ac0f26a857-cc2fcc4c12a3299e5ecdd56e7fc9a989a7c57740&lang=pl&ds=AVG&pr=fr&d=2013-01-22 07:27:38&v=14.0.2.14&pid=avg&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3444423886-3902486669-11926437-1000 -> {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = http://slirsredirect.search.aol.com/red ... 685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20120325122043025&tb_oid=25-03-2012&tb_mrud=25-03-2012
AppInit_DLLs-x32: c:\progra~3\browse~1\261249~1.132\{c16c1~1\browse~1.dll => "c:\progra~3\browse~1\261249~1.132\{c16c1~1\browse~1.dll" File Not Found
HKU\S-1-5-21-3444423886-3902486669-11926437-1000\...\Run: [pricefountainw.exe] => C:\Users\qwerty\AppData\Local\PriceFountain\pricefountainw.exe [464384 2015-04-16] (Price Fountain)
HKU\S-1-5-21-3444423886-3902486669-11926437-1000\...\RunOnce: [PriceFountain] => C:\Windows\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\qwerty\AppData\Roaming\PriceFountain\UpdateProc\bkup.dat"
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST.exe
Uruchom FRST i kliknij przycisk Fix.


----------------------
Jeśli będzie OK, to będziemy kończyć:
Otwórz Notatnik i wklej w nim:

DeleteQuarantine:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST. Uruchom FRST i kliknij w Fix.
przez SHIFT+DEL usuń pozostały folder C:\FRST.

W Adw-Cleaner kliknij na przycisk Odinstaluj (UNINSTALL).
.

[Slawko]

Zrobiłem wszystko oprócz dwóch ostatnich punktów. Wydaje mi się że jest ok, wszystko działa. To jest raport po tym jak zrobiłem jak użyłem FRST do naprawy :

bar Recovery Tool (FRST written by Farbar) (x64) Version: 19-04-2015
Ran by qwerty at 2015-04-19 14:43:07 Run:1
Running from C:\Users\qwerty\Desktop
Loaded Profiles: qwerty (Available profiles: qwerty & UpdatusUser)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Task: {06906E2C-17A2-4613-9507-42070B0582DA} - System32\Tasks\Price Fountain => C:\Users\qwerty\AppData\Roaming\PriceFountain\UpdateProc\UpdateTask.exe [2015-04-17] ()
C:\Users\qwerty\AppData\Roaming\PriceFountain
Reg: reg delete "HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f
Task: {1AE9E2FB-03B1-4C8B-9F61-D2819B165B98} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{14A34389-08D0-4072-A406-51F003BB4A3F}.exe
Task: {D4ED5160-F9CB-4FBE-AC60-720078544061} - \Program aktualizacji online firmy Adobe. No Task File <==== ATTENTION
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{14A34389-08D0-4072-A406-51F003BB4A3F}.exe
Task: C:\Windows\Tasks\Price Fountain.job => C:\Users\qwerty\AppData\Roaming\PRICEF~1\UPDATE~1\UPDATE~1.EXE
C:\Users\qwerty\AppData\Roaming\OpenCandy
C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
C:\Users\qwerty\Downloads\PDFMate-Free-PDF-Converter(34070)-dp.exe
C:\Windows\System32\Tasks\Price Fountain
C:\Users\qwerty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PriceFountain
C:\Users\qwerty\AppData\Roaming\do-search
C:\Users\qwerty\AppData\Local\PriceFountain
C:\Windows\Tasks\Price Fountain.job
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 EtronHub3; System32\Drivers\EtronHub3.sys [X]
S3 EtronXHCI; System32\Drivers\EtronXHCI.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S2 BrowserProtect; C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [X]
C:\ProgramData\BrowserProtect
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\qwerty\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx [2012-03-25]
CHR HKLM-x32\...\Chrome\Extension: [pgafcinpmmpklohkojmllohdhomoefph] - C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.crx [Not Found]
CHR Extension: (SweetIM for Facebook) - C:\Users\qwerty\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn [2013-05-28]
CHR StartupUrls: Default -> "hxxp://do-search.com/?type=hp&ts=1429306441&from=cor&uid=WDCXWD5000AAKX-001CA0_WD-WMAYUD21715417154"
CHR DefaultSearchKeyword: Default -> do-search
FF HKLM-x32\...\Firefox\Extensions: [quick_searchff@gmail.com] - C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\extensions\quick_searchff@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [sweetsearch@gmail.com] - C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\extensions\sweetsearch@gmail.com
FF SearchPlugin: C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\searchplugins\babylon.xml [2013-05-02]
FF SearchPlugin: C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\searchplugins\BrowserProtect.xml [2013-05-02]
FF SearchPlugin: C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\searchplugins\conduit.xml [2012-04-19]
FF SearchPlugin: C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\searchplugins\delta.xml [2013-02-27]
FF SearchPlugin: C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\searchplugins\do-search.xml [2015-04-19]
FF SearchPlugin: C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\searchplugins\freemake.xml [2013-04-05]
FF SearchPlugin: C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\searchplugins\sweetim.xml [2012-03-25]
FF SearchPlugin: C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\searchplugins\yahoo-zugo.xml [2012-03-25]
FF Extension: Babylon - C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\Extensions\ffxtlbr@babylon.com [2012-07-14]
FF Extension: No Name - C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\Extensions\quick_searchff@gmail.com [2015-04-17]
FF Extension: Search Enginer - C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\Extensions\sweetsearch@gmail.com [2015-04-17]
FF Extension: PriceFountain - C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\Extensions\{b6a94784-0ffb-4121-88c6-435139067ee2}.xpi [2015-04-17]
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: do-search
FF DefaultSearchUrl: hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF SelectedSearchEngine: do-search
FF Homepage: hxxp://do-search.com/?type=hp&ts=142930 ... 1715417154
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.dosearches.com/?utm_source=b ... 1383973410
Toolbar: HKU\S-1-5-21-3444423886-3902486669-11926437-1000 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
BHO-x32: PriceFountain -> {b608cc98-54de-4775-96c9-097de398500c} -> C:\Users\qwerty\AppData\Local\PriceFountain\PriceFountainIE.dll [2015-03-12] ()
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://do-search.com/?type=hp&ts=142930 ... 1715417154
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://do-search.com/?type=hp&ts=142930 ... 1715417154
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://do-search.com/web/?type=ds&ts=14 ... 5417154&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://do-search.com/web/?type=ds&ts=14 ... 5417154&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://do-search.com/?type=hp&ts=142930 ... 1715417154
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://do-search.com/?type=hp&ts=142930 ... 1715417154
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://do-search.com/web/?type=ds&ts=14 ... 5417154&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://do-search.com/web/?type=ds&ts=14 ... 5417154&q={searchTerms}
HKU\S-1-5-21-3444423886-3902486669-11926437-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://do-search.com/?type=hp&ts=142930 ... 1715417154
HKU\S-1-5-21-3444423886-3902486669-11926437-1000\Software\Microsoft\Internet Explorer\Main,Start Page Restore = http://home.sweetim.com/?barid={FD42A1D3-6C5E-4DBF-B556-03A4B8EC8E20}
HKU\S-1-5-21-3444423886-3902486669-11926437-1000\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.delta-search.com/?affID=1195 ... e549c241a4
HKU\S-1-5-21-3444423886-3902486669-11926437-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://do-search.com/?type=hp&ts=142930 ... 1715417154
URLSearchHook: HKU\S-1-5-21-3444423886-3902486669-11926437-1000 - (No Name) - {d43723ae-1ae1-4a25-a6a4-bf0929273cab} - No File
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://do-search.com/web/?type=ds&ts=14 ... 5417154&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://do-search.com/web/?type=ds&ts=14 ... 5417154&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://do-search.com/web/?type=ds&ts=14 ... 5417154&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://do-search.com/web/?type=ds&ts=14 ... 5417154&q={searchTerms}
SearchScopes: HKLM-x32 -> {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = http://slirsredirect.search.aol.com/red ... 685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20120325122043025&tb_oid=25-03-2012&tb_mrud=25-03-2012
SearchScopes: HKU\S-1-5-21-3444423886-3902486669-11926437-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://do-search.com/web/?type=ds&ts=14 ... 5417154&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3444423886-3902486669-11926437-1000 -> bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-3444423886-3902486669-11926437-1000 -> {0388404D-6072-4CEB-B521-8F090FEAEE57} URL = http://klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=PL&install_date=20120325&user_guid=F19A7642EF354F1AB5FED3D3C2189E3B&machine_id=fafcd72463c024412cd56b5d25223ff3&browser=IE&os=win&os_version=6.1-x64-SP1&iesrc={referrer:source}
SearchScopes: HKU\S-1-5-21-3444423886-3902486669-11926437-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.delta-search.com/?q={searchTerms}&affID=119535&tt=171011_prot~171011_prot&babsrc=SP_ss&mntrId=76149bb200000000000050e549c241a4
SearchScopes: HKU\S-1-5-21-3444423886-3902486669-11926437-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://do-search.com/web/?type=ds&ts=14 ... 5417154&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3444423886-3902486669-11926437-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={59152CEE-99E4-49FD-B3C2-7B3B63E57F50}&mid=33f922a2a43b47d0bd4a81ac0f26a857-cc2fcc4c12a3299e5ecdd56e7fc9a989a7c57740&lang=pl&ds=AVG&pr=fr&d=2013-01-22 07:27:38&v=14.0.2.14&pid=avg&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3444423886-3902486669-11926437-1000 -> {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = http://slirsredirect.search.aol.com/red ... 685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20120325122043025&tb_oid=25-03-2012&tb_mrud=25-03-2012
AppInit_DLLs-x32: c:\progra~3\browse~1\261249~1.132\{c16c1~1\browse~1.dll => "c:\progra~3\browse~1\261249~1.132\{c16c1~1\browse~1.dll" File Not Found
HKU\S-1-5-21-3444423886-3902486669-11926437-1000\...\Run: [pricefountainw.exe] => C:\Users\qwerty\AppData\Local\PriceFountain\pricefountainw.exe [464384 2015-04-16] (Price Fountain)
HKU\S-1-5-21-3444423886-3902486669-11926437-1000\...\RunOnce: [PriceFountain] => C:\Windows\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\qwerty\AppData\Roaming\PriceFountain\UpdateProc\bkup.dat"
EmptyTemp:
*****************

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{06906E2C-17A2-4613-9507-42070B0582DA} => Key not found.
C:\Windows\System32\Tasks\Price Fountain not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Price Fountain => Key not found.
"C:\Users\qwerty\AppData\Roaming\PriceFountain" => File/Directory not found.

========= reg delete "HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes" /f =========

Operacja ukoäczona pomy˜lnie.



========= End of Reg: =========


========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f =========

Operacja ukoäczona pomy˜lnie.



========= End of Reg: =========


========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f =========

Operacja ukoäczona pomy˜lnie.



========= End of Reg: =========

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1AE9E2FB-03B1-4C8B-9F61-D2819B165B98}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1AE9E2FB-03B1-4C8B-9F61-D2819B165B98}" => Key deleted successfully.
C:\Windows\System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG-Secure-Search-Update_JUNE2013_TB_rmv" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D4ED5160-F9CB-4FBE-AC60-720078544061}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D4ED5160-F9CB-4FBE-AC60-720078544061}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Program aktualizacji online firmy Adobe." => Key deleted successfully.
C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => Moved successfully.
C:\Windows\Tasks\Price Fountain.job not found.
"C:\Users\qwerty\AppData\Roaming\OpenCandy" => File/Directory not found.
"C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job" => File/Directory not found.
C:\Users\qwerty\Downloads\PDFMate-Free-PDF-Converter(34070)-dp.exe => Moved successfully.
"C:\Windows\System32\Tasks\Price Fountain" => File/Directory not found.
"C:\Users\qwerty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PriceFountain" => File/Directory not found.
"C:\Users\qwerty\AppData\Roaming\do-search" => File/Directory not found.
"C:\Users\qwerty\AppData\Local\PriceFountain" => File/Directory not found.
"C:\Windows\Tasks\Price Fountain.job" => File/Directory not found.
EagleX64 => Service deleted successfully.
EtronHub3 => Service deleted successfully.
EtronXHCI => Service deleted successfully.
gdrv => Service deleted successfully.
BrowserProtect => Service not found.
"C:\ProgramData\BrowserProtect" => File/Directory not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj => Key not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn => Key not found.
C:\Users\qwerty\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph => Key not found.
C:\Users\qwerty\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn directory not found.
Chrome StartupUrls not detected.
Chrome DefaultSearchKeyword not detected.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\quick_searchff@gmail.com => value deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\sweetsearch@gmail.com => value deleted successfully.
"C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\searchplugins\babylon.xml" => not found.
"C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\searchplugins\BrowserProtect.xml" => not found.
"C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\searchplugins\conduit.xml" => not found.
"C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\searchplugins\delta.xml" => not found.
"C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\searchplugins\do-search.xml" => not found.
C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\searchplugins\freemake.xml => Moved successfully.
"C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\searchplugins\sweetim.xml" => not found.
"C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\searchplugins\yahoo-zugo.xml" => not found.
C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\Extensions\ffxtlbr@babylon.com not found.
C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\Extensions\quick_searchff@gmail.com => Moved successfully.
C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\Extensions\sweetsearch@gmail.com not found.
C:\Users\qwerty\AppData\Roaming\Mozilla\Firefox\Profiles\igqfq4kw.default\Extensions\{b6a94784-0ffb-4121-88c6-435139067ee2}.xpi not found.
Firefox newtab deleted successfully.
Firefox DefaultSearchEngine deleted successfully.
Firefox DefaultSearchUrl deleted successfully.
Firefox SelectedSearchEngine deleted successfully.
Firefox homepage deleted successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully.
HKU\S-1-5-21-3444423886-3902486669-11926437-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => Value not found.
HKCR\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b608cc98-54de-4775-96c9-097de398500c} => Key not found.
HKCR\Wow6432Node\CLSID\{b608cc98-54de-4775-96c9-097de398500c} => Key not found.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKU\S-1-5-21-3444423886-3902486669-11926437-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-3444423886-3902486669-11926437-1000\Software\Microsoft\Internet Explorer\Main\\Start Page Restore => value deleted successfully.
HKU\S-1-5-21-3444423886-3902486669-11926437-1000\Software\Microsoft\Internet Explorer\Main\\bProtector Start Page => Value not found.
HKU\S-1-5-21-3444423886-3902486669-11926437-1000\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKU\S-1-5-21-3444423886-3902486669-11926437-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{d43723ae-1ae1-4a25-a6a4-bf0929273cab} => value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} => Key not found.
HKCR\Wow6432Node\CLSID\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} => Key not found.
HKU\S-1-5-21-3444423886-3902486669-11926437-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-21-3444423886-3902486669-11926437-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\bProtectorDefaultScope => Value not found.
HKU\S-1-5-21-3444423886-3902486669-11926437-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57} => Key not found.
HKCR\CLSID\{0388404D-6072-4CEB-B521-8F090FEAEE57} => Key not found.
HKU\S-1-5-21-3444423886-3902486669-11926437-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found.
HKCR\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found.
HKU\S-1-5-21-3444423886-3902486669-11926437-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKU\S-1-5-21-3444423886-3902486669-11926437-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key not found.
HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key not found.
HKU\S-1-5-21-3444423886-3902486669-11926437-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} => Key not found.
HKCR\CLSID\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} => Key not found.
"c:\progra~3\browse~1\261249~1.132\{c16c1~1\browse~1.dll" => Value Data not found.
HKU\S-1-5-21-3444423886-3902486669-11926437-1000\Software\Microsoft\Windows\CurrentVersion\Run\\pricefountainw.exe => Value not found.
HKU\S-1-5-21-3444423886-3902486669-11926437-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\PriceFountain => Value not found.
EmptyTemp: => Removed 696.9 MB temporary data.


The system needed a reboot.

==== End of Fixlog 14:43:14 ====

[ordynat]

Powinno być OK.
Teraz możesz już wykonać te kroki:
Otwórz Notatnik i wklej w nim:

DeleteQuarantine:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST. Uruchom FRST i kliknij w Fix.
przez SHIFT+DEL usuń pozostały folder C:\FRST.

W Adw-Cleaner kliknij na przycisk Odinstaluj (UNINSTALL).
.

[Slawko]

Ok to będę kończył. Jak dla mnie niesamowite że to tak łatwo i skutecznie poszło, super roboty robicie, dziękuje za pomoc.
pozdrawiam