Wolniejsza praca kompa

Reiden · 2 Lutego 2014

Witam

Ostatnio komputer zaczął mi trochę mulic, dzisiaj pojawia się co chwile ze micro zostało podłączone/odłączone,

Przeskanowalem dzisiaj komter przez OTL

OTL Extras logfile created on: 2014-02-02 22:14:14 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\reiy\Downloads
 An unknown product  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
3,50 Gb Total Physical Memory | 2,19 Gb Available Physical Memory | 62,68% Memory free
7,00 Gb Paging File | 5,52 Gb Available in Paging File | 78,95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 195,21 Gb Total Space | 43,24 Gb Free Space | 22,15% Space Free | Partition Type: NTFS
Drive D: | 270,45 Gb Total Space | 16,62 Gb Free Space | 6,15% Space Free | Partition Type: NTFS
Drive F: | 33,03 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: REIYY | User Name: reiy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = OperaStable] -- C:\Program Files\Opera\Launcher.exe (Opera Software)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programy\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
 
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{013979FD-FE03-4808-B282-5D4F5FC66C55}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{02BB1219-DBB2-403F-B723-EC2F86C5B1AD}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{0573FA1C-D630-4098-8E18-E54497F29477}" = lport=1542 | protocol=17 | dir=in | name=realtek wps udp prot |
"{0947B59B-734F-4F0A-8DC4-099B7EF81B76}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0C0016C0-C137-45F9-B062-FF279CDAB07A}" = rport=137 | protocol=17 | dir=out | app=system |
"{0C6555E5-8BD3-4D97-8160-CB87D36F8130}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{197F9040-12E6-4A69-A176-FA5DCC9C3E78}" = lport=138 | protocol=17 | dir=in | app=system |
"{23AB8EB1-34E8-4029-9DB5-C9B544832248}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2622BC6C-3CED-4445-8055-97AEA05CE787}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{2C0A6FC0-5619-4951-BF56-E337783F2A0C}" = lport=58346 | protocol=6 | dir=in | name=pando media booster |
"{3260E491-78C3-44A3-87F2-20FFB952B803}" = lport=139 | protocol=6 | dir=in | app=system |
"{363B9D5C-0E3E-4963-BC5B-42A8AEE67A1E}" = lport=80 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\netservice\nvnetworkservice.exe |
"{3B3A1BB7-04AE-4C47-B97B-D9B9ACC262C7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3C0C7D1B-C69F-4163-8179-BBE007574252}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3EE23790-0820-47A9-9459-7023B8F6FAB7}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{415B19E7-0D0A-4E13-9DD8-C14A5D206F0D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4424FC07-6F23-4A74-879F-68177A18A0E9}" = lport=445 | protocol=6 | dir=in | app=system |
"{47471DAE-335E-4DBE-A59C-A1C29D04517F}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{4AD5262A-1237-4085-A4D2-90D07E033EC4}" = lport=53 | protocol=17 | dir=in | name=rtldns-port-2 |
"{4B7D1A9B-376B-4275-AD35-C45F0A79EC64}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{517282C7-9FF8-4B68-9BFA-06E0D4EA5007}" = lport=58346 | protocol=17 | dir=in | name=pando media booster |
"{521AEC21-0A3A-43F7-BCB8-A06F5A9A951D}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{541C8B73-F39A-4E40-B5A3-4A99E685FAE2}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{68DB0CBF-0C37-47E0-B570-8ED8543BED01}" = lport=53 | protocol=17 | dir=in | name=realtek ap udp prot |
"{693C2131-884D-458E-AECC-D8BC535F09A0}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{6BDAA307-010C-474C-B9F3-278607F9A933}" = rport=138 | protocol=17 | dir=out | app=system |
"{6C470E00-333B-4641-86E0-1671F8FA8FD2}" = lport=58346 | protocol=17 | dir=in | name=pando media booster |
"{6F8AE711-C40D-4390-BACF-0A57985C86F7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{7835D2E4-C52E-4FCB-ADF0-9497796B3005}" = lport=53 | protocol=6 | dir=in | name=rtldns-port |
"{7CAADB12-67D6-4F16-BF1A-C80D3011D890}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7EA6409D-D867-4D35-BDB5-F45B3E44F749}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{7F09E7DC-5545-40C4-B4D0-AAEC47AF0CD6}" = lport=58346 | protocol=6 | dir=in | name=pando media booster |
"{86E41438-BAD3-4788-8916-4616931F11D6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{894B099B-D066-43F2-B507-F0B42AC51471}" = lport=67 | protocol=17 | dir=in | name=rtldhcp-port |
"{8AE612ED-3EE4-4C98-99BF-974EA58E44AD}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8EAC7772-C9C4-4F2D-857B-30AD8023CBED}" = lport=443 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\netservice\nvnetworkservice.exe |
"{94CF2166-1A28-4309-9C4A-EC6E1B19FC08}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{98882AF6-AEA4-4F37-BA15-690C07D84551}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{A5A0E39B-C989-43F4-868C-DF9453125CC7}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{A807962D-7F50-4034-8565-FBC0C1F2061B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B0FBC98F-C26B-463D-AF74-39E61C49A427}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B3035B97-195B-4394-AA17-7B4733E4594E}" = lport=68 | protocol=17 | dir=in | name=rtldhcp-port-2 |
"{B3CF1566-DC94-47AA-836E-A94B1854E2AA}" = lport=1542 | protocol=6 | dir=in | name=realtek wps tcp prot |
"{B6ABD927-AD2B-4309-BCAD-8F0DAEF68B89}" = rport=445 | protocol=6 | dir=out | app=system |
"{BAB361E8-B621-4920-840E-667521AE6BE2}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BBC22518-F067-4696-B9A3-66DAA09FA13B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{CE9663E2-9D4F-4369-8D30-B409112B06E1}" = lport=137 | protocol=17 | dir=in | app=system |
"{CF2814B7-B7BD-43D8-B88A-02BC6A910808}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D38104DA-90FB-4238-BE9D-9D37DAF7A869}" = lport=10243 | protocol=6 | dir=in | app=system |
"{F735963C-D18E-4F1D-B999-1E42D86939DF}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{F9F7C5ED-7A9D-4C5E-90B9-549A4089D352}" = rport=139 | protocol=6 | dir=out | app=system |
"{FD88B919-4DA0-4FFB-B99D-4003266AB5AC}" = rport=10243 | protocol=6 | dir=out | app=system |
 
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0590CA68-4EA5-43D9-96F6-78EBC1DAE303}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{0AD59D8C-8EA1-428D-B67A-D6E84935B4FB}" = protocol=58 | dir=out | [email protected],-28546 |
"{10721CE9-911A-44EF-A0FA-33640551136E}" = protocol=6 | dir=in | app=c:\programy\avg\avg10\avgemcx.exe |
"{10AC9DAC-865F-44EB-A00C-F97734380C6E}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{12878711-FFC2-4840-AAFA-FC71EE8E2994}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1323BC44-6667-4F44-887D-C9A71B546204}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{18450F41-94D5-423D-A55B-AA9E64079FB3}" = protocol=17 | dir=in | app=c:\program files\ubisoft\might & magic heroes vi\might & magic heroes vi.exe |
"{1975E8F0-7C70-4E3C-A57E-04268E020DAB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{24C0D894-730B-45A4-995F-DA02F5935894}" = protocol=6 | dir=in | app=c:\programy\bittorrent\bittorrent.exe |
"{270B677E-66F2-445F-B628-619D696B832A}" = protocol=17 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{331CF1E0-DEBE-469E-99F2-A8A4AD96F41D}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{3416C316-2817-4B72-8FB0-23A9CFE18EA4}" = protocol=17 | dir=in | app=c:\program files\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{37A7A04C-9D5E-4715-AF67-73CD96C3BCB5}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{3C23F6F5-7469-49BB-AD64-758366BFDE49}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{40112AC1-1E07-4250-9480-2A03B48E929B}" = protocol=17 | dir=in | app=c:\programy\avg\avg10\avgemcx.exe |
"{43DA3809-123C-42C4-B48B-BB157C509859}" = protocol=17 | dir=in | app=c:\gry\the elder scrolls v skyrim\launcher.exe |
"{498C4CF8-23E8-4C4A-A394-FD3D401551B5}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{4F492EF7-B14E-4526-A50F-CE925734D392}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{53F7026F-51D5-4CA3-AE03-814D566E91FE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6A2CE173-E254-43D6-A128-7E2F7E4B8D8A}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{6C7DAC27-771D-48F6-99C4-BFE7D6DA5A86}" = protocol=6 | dir=in | app=c:\program files\ubisoft\might & magic heroes vi\might & magic heroes vi.exe |
"{7157DE81-9A9E-4E16-95B7-B9EE15428E34}" = protocol=1 | dir=in | [email protected],-28543 |
"{71D89F14-589E-43AE-B6A0-CC1AF6373905}" = protocol=6 | dir=in | app=c:\gry\the elder scrolls v skyrim\launcher.exe |
"{74CE1A69-7121-47E6-AAED-2179E8525CC6}" = protocol=17 | dir=in | app=c:\programy\avg\avg10\avgdiagex.exe |
"{78D39323-46A6-4267-8D20-7016A80A3464}" = protocol=17 | dir=in | app=c:\programy\bittorrent\bittorrent.exe |
"{832E6651-CB6B-4647-B805-769D9E9E8111}" = protocol=17 | dir=in | app=c:\programy\avg\avg10\avgmfapx.exe |
"{88E9053B-FFA1-42D7-A0F6-754A45AFA4FF}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{8D5461D1-BA70-44AD-90C5-2C25D1BDF6E7}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{8D97C3EE-3E0F-4B31-9FD8-271BC09CBBCD}" = protocol=6 | dir=in | app=c:\programy\avg\avg10\avgmfapx.exe |
"{94D68933-3541-490B-B303-20DEA4040C47}" = protocol=17 | dir=in | app=c:\program files\origin games\battlefield 4\bf4_x86.exe |
"{95AF2B16-5605-4326-8C1C-71B7EB007095}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9C579DEB-1D98-4C81-AFCD-0C4571B53D7A}" = protocol=58 | dir=in | [email protected],-28545 |
"{9F759B30-A6F1-4BB8-9D2C-251A099BB126}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{A78F1A9A-8B47-4FB9-B6F6-D49C595A1798}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AC120ACA-AC05-4342-ABE9-C14759515A5B}" = protocol=6 | dir=out | app=system |
"{ACA6A500-FE37-42EF-9AC7-3BD3E17A3176}" = protocol=17 | dir=in | app=c:\programy\avg\avg10\avgnsx.exe |
"{B3CDBC13-6A79-4A04-A7E4-E5BA6CE92522}" = protocol=6 | dir=in | app=c:\programy\avg\avg10\avgdiagex.exe |
"{B3DB5AF0-CA90-4853-AB07-B98AF86CD2F2}" = protocol=6 | dir=in | app=c:\programy\avg\avg10\avgnsx.exe |
"{BB09D0AD-5C59-412B-A3DB-E1C87D5DD868}" = protocol=6 | dir=in | app=c:\program files\codemasters\grid\grid.exe |
"{C935D5AE-D6EE-447D-B530-3DF6B56F6152}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D0C61689-FEA2-468D-B4B3-5ED5A193E45F}" = protocol=6 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{D444BAD1-7D56-4D42-ABD9-AE6D47600A0D}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{DC65E45E-A017-4F7D-90FA-6EE09F19848B}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{DED05FA2-5355-4715-BE60-561483EBE4B8}" = protocol=6 | dir=in | app=c:\program files\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{E1FD6B95-018E-4B24-87E3-72A8095E29B3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E2191B77-FCF0-48C4-A164-4CC06E066B22}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E8436034-7F27-4F96-A7DF-AC075501B68B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F3BDA2BD-F29E-4834-95F9-78E71611A154}" = protocol=6 | dir=in | app=c:\program files\origin games\battlefield 4\bf4_x86.exe |
"{F7CA63CB-C554-4A2C-8F92-6DCB0A07CE29}" = protocol=17 | dir=in | app=c:\program files\codemasters\grid\grid.exe |
"{FB4537B0-8413-4E7E-9D9B-E9ED055AC50F}" = protocol=1 | dir=out | [email protected],-28544 |
"TCP Query User{18BACC72-15B2-4FC7-89E4-EECE54EEC175}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{7BAD28B0-DD72-4765-8FBB-036C55610490}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{8A04A4DD-2217-490C-A474-36C8307ACB4B}C:\gry2\electronic arts\need for speed world\data\nfsw.exe" = protocol=6 | dir=in | app=c:\gry2\electronic arts\need for speed world\data\nfsw.exe |
"TCP Query User{D27BF5BD-1E33-412C-93ED-B60BF7D5632C}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{54F812FB-C7E2-4E0F-8644-34E89ADF3C42}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{81666C25-9236-46B6-9EF0-1FEF358D971F}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{C300117F-3125-452C-9B4B-CAA02A012808}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{DE0266C1-7906-4E2E-B350-EE2A0CFEFB1E}C:\gry2\electronic arts\need for speed world\data\nfsw.exe" = protocol=17 | dir=in | app=c:\gry2\electronic arts\need for speed world\data\nfsw.exe |
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{1CA458AD-F4E8-4B84-90C1-F3748AD2F869}" = AVG 2011
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1" = World of Tanks
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 25
"{2AA44AF4-C116-4219-B800-4573E7E6D421}_is1" = Advanced Disk Recovery
"{319D91C6-3D44-436C-9F79-36C0D22372DC}" = TP-LINK Wireless Configuration Utility
"{32A3A4F4-B792-11D6-A78A-00B0D0170210}" = Java SE Development Kit 7 Update 21
"{38A1E3ED-D913-41D2-9953-A93D5ACE3ADF}" = TP-LINK 150Mbps Wireless N USB Adapter Driver
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56504C77-8B9F-4EB2-B33B-C5B9F50B5D64}" = AVG 2011
"{5A0B7BA5-4682-4273-81C2-69B17E649103}" = GRID
"{5DE67937-45D5-45E4-923C-0B7F7EC929A7}" = League of Legends
"{745D37C2-26F4-4B65-BA13-F9840EBFA75B}" = Might & Magic Heroes VI
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{887868A2-D6DE-3255-AA92-AA0B5A59B874}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8EBB8452-274B-465D-8324-00B0832FBB00}" = Ashampoo Office 2010
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{95723791-2C44-454B-9220-C65D47D70E9C}" = WEBZEN Browser Extension
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{ABADE36E-EC37-413B-8179-B432AD3FACE7}" = Battlefield 4™
"{AC76BA86-7AD7-1045-7B44-AA1000000001}" = Adobe Reader X (10.1.7) - Polish
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 331.93
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 331.93
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 331.93
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.8.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 331.93
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.13.0725
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 10.11.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.3.26.4
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 10.11.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.19
"{B9EA2597-73DA-46DD-A794-10EEEFA622B1}_is1" = TS3 Mega Pack v1
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.165
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AIMP3" = AIMP3
"ALLPlayer_is1" = ALLPlayer V4.X
"Any Video Converter 5_is1" = Any Video Converter 5 5.0.4
"Ashampoo Burning Studio 9_is1" = Ashampoo Burning Studio 9.04
"Ashampoo Undeleter_is1" = Ashampoo Undeleter v.1.00
"AVG" = AVG 2011
"BitTorrent" = BitTorrent
"C9(Continent of the Ninth Seal)_is1" = C9
"CCleaner" = CCleaner
"DAEMON Tools Lite" = DAEMON Tools Lite
"DokanLibrary" = Dokan Library 0.6.0
"Dzielenie i łączenie plików_is1" = Dzielenie i łączenie plików v1.2.2
"ESN Sonar-0.70.4" = ESN Sonar
"GameSpy Arcade" = GameSpy Arcade
"GIMP-2_is1" = GIMP 2.8.0
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.8.0 (Full)
"League of Legends 3.0.1" = League of Legends
"Legion PL" = Legion PL
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.75.0.1300
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Minecraft1.6.4" = Minecraft1.6.4
"Mozilla Firefox 26.0 (x86 pl)" = Mozilla Firefox 26.0 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MySSID_is1" = Vtune 7.13
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"Opera 18.0.1284.68" = Opera Stable 18.0.1284.68
"Origin" = Origin
"PLAY ONLINE" = PLAY ONLINE
"PunkBusterSvc" = PunkBuster Services
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"The Elder Scrolls V Skyrim_is1" = The Elder Scrolls V Skyrim
"WinRAR archiver" = WinRAR 4.20 (32-bitowy)
"Wise Registry Cleaner_is1" = Wise Registry Cleaner 7.91
"ZRwTINhSZfduKONYrSCTiCiGPggQZdcLRvoAVxyCOXXpkHeC~1DC3968F_is1" = Aslain's XVM Mod wersja 3.1.15
 
[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Bonanza" = Update_for_BonanzaDeals
"GG" = GG
"Update Bonanza" = Update Bonanza
 
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 2014-02-01 12:23:29 | Computer Name = reiyy | Source = NvStreamSvc | ID = 131073
Description =
 
Error - 2014-02-01 16:29:51 | Computer Name = reiyy | Source = NvStreamSvc | ID = 131073
Description =
 
Error - 2014-02-01 16:29:51 | Computer Name = reiyy | Source = NvStreamSvc | ID = 131073
Description =
 
Error - 2014-02-02 07:50:28 | Computer Name = reiyy | Source = NvStreamSvc | ID = 131073
Description =
 
Error - 2014-02-02 07:50:28 | Computer Name = reiyy | Source = NvStreamSvc | ID = 131073
Description =
 
Error - 2014-02-02 13:43:58 | Computer Name = reiyy | Source = NvStreamSvc | ID = 131073
Description =
 
Error - 2014-02-02 13:43:58 | Computer Name = reiyy | Source = NvStreamSvc | ID = 131073
Description =
 
Error - 2014-02-02 14:20:55 | Computer Name = reiyy | Source = NvStreamSvc | ID = 131073
Description =
 
Error - 2014-02-02 14:20:55 | Computer Name = reiyy | Source = NvStreamSvc | ID = 131073
Description =
 
Error - 2014-02-02 16:56:04 | Computer Name = reiyy | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: svchost.exe_AudioEndpointBuilder,
 wersja: 6.1.7600.16385, sygnatura czasowa: 0x4a5bc100  Nazwa modułu powodującego
błąd: ntdll.dll, wersja: 6.1.7600.16385, sygnatura czasowa: 0x4a5bdadb  Kod wyjątku:
 0xc0000005  Przesunięcie błędu: 0x00051ffe  Identyfikator procesu powodującego błąd:
 0x494  Godzina uruchomienia aplikacji powodującej błąd: 0x01cf20437016a7fe  Ścieżka
 aplikacji powodującej błąd: C:\Windows\System32\svchost.exe  Ścieżka modułu powodującego
 błąd: C:\Windows\SYSTEM32\ntdll.dll  Identyfikator raportu: 6d9b92cc-8c4c-11e3-9d96-406186e68b72
 
[ System Events ]
Error - 2013-10-19 14:38:00 | Computer Name = reiyy | Source = Application Popup | ID = 875
Description = Sterownik sfsync02.sys został zablokowany dla ładowania.
 
Error - 2013-10-19 14:38:03 | Computer Name = reiyy | Source = Application Popup | ID = 875
Description = Sterownik sfhlp01.sys został zablokowany dla ładowania.
 
Error - 2013-10-19 14:38:03 | Computer Name = reiyy | Source = Application Popup | ID = 875
Description = Sterownik sfdrv01.sys został zablokowany dla ładowania.
 
Error - 2013-10-19 14:38:03 | Computer Name = reiyy | Source = Application Popup | ID = 875
Description = Sterownik prosync1.sys został zablokowany dla ładowania.
 
Error - 2013-10-19 14:38:03 | Computer Name = reiyy | Source = Application Popup | ID = 875
Description = Sterownik prohlp02.sys został zablokowany dla ładowania.
 
Error - 2013-10-19 14:38:07 | Computer Name = reiyy | Source = Application Popup | ID = 875
Description = Sterownik prodrv06.sys został zablokowany dla ładowania.
 
Error - 2013-10-19 14:38:36 | Computer Name = reiyy | Source = Service Control Manager | ID = 7009
Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się
 z usługą PLAY ONLINE. OUC.
 
Error - 2013-10-19 14:38:36 | Computer Name = reiyy | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi PLAY ONLINE. OUC z powodu następującego
 błędu:   %%1053
 
Error - 2013-10-19 14:38:44 | Computer Name = reiyy | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego:   prodrv06  prohlp02  prosync1  sfdrv01  sfhlp01  sfsync02
 
Error - 2013-10-19 15:13:55 | Computer Name = reiyy | Source = athur | ID = 5002
Description = TP-LINK Wireless USB Adapter: stwierdzono, że karta sieciowa nie działa
 właściwie.
 
 
< End of report >

OTL logfile created on: 2014-02-02 22:14:14 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\reiy\Downloads
 An unknown product  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
3,50 Gb Total Physical Memory | 2,19 Gb Available Physical Memory | 62,68% Memory free
7,00 Gb Paging File | 5,52 Gb Available in Paging File | 78,95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 195,21 Gb Total Space | 43,24 Gb Free Space | 22,15% Space Free | Partition Type: NTFS
Drive D: | 270,45 Gb Total Space | 16,62 Gb Free Space | 6,15% Space Free | Partition Type: NTFS
Drive F: | 33,03 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: REIYY | User Name: reiy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2014-02-02 22:13:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\reiy\Downloads\OTL.exe
PRC - [2013-12-20 12:44:21 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Programy\Mozilla Firefox\firefox.exe
PRC - [2013-12-10 03:15:27 | 002,279,712 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2013-12-10 03:14:56 | 001,494,304 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2013-12-10 03:14:51 | 014,658,848 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
PRC - [2013-11-23 18:44:30 | 001,821,984 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2013-11-23 18:44:30 | 000,932,640 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2013-11-23 12:18:34 | 000,414,496 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013-11-08 21:49:00 | 001,028,384 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013-09-14 12:44:00 | 000,514,048 | ---- | M] () -- C:\Programy\PLAY ONLINE\PLAY ONLINE.exe
PRC - [2013-09-14 12:43:52 | 000,246,112 | ---- | M] () -- C:\ProgramData\PLAY ONLINE\OnlineUpdate\ouc.exe
PRC - [2013-05-10 08:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012-10-18 14:28:00 | 000,846,848 | ---- | M] () -- C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
PRC - [2012-08-01 03:48:54 | 002,345,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programy\AVG\AVG10\avgtray.exe
PRC - [2012-01-31 14:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programy\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2011-09-09 02:10:56 | 001,082,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programy\AVG\AVG10\avgnsx.exe
PRC - [2011-08-18 00:33:26 | 000,659,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programy\AVG\AVG10\avgrsx.exe
PRC - [2011-05-23 13:13:04 | 000,657,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programy\AVG\AVG10\avgchsvx.exe
PRC - [2011-03-28 02:00:52 | 000,351,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programy\AVG\AVG10\avgcsrvx.exe
PRC - [2011-03-16 15:05:20 | 001,025,888 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programy\AVG\AVG10\avgemcx.exe
PRC - [2011-03-14 16:27:28 | 000,271,712 | ---- | M] () -- C:\ProgramData\DatacardService\HWDeviceService.exe
PRC - [2011-03-14 16:27:28 | 000,236,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2011-02-10 06:55:18 | 001,148,256 | ---- | M] () -- C:\Programy\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011-02-08 04:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programy\AVG\AVG10\avgwdsvc.exe
PRC - [2011-01-10 13:49:20 | 000,014,848 | ---- | M] () -- C:\Program Files\Dokan\DokanLibrary\mounter.exe
PRC - [2010-09-02 09:59:16 | 002,158,592 | ---- | M] () -- C:\Program Files\Vtune\TBPANEL.exe
PRC - [2009-07-14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009-07-14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009-07-14 02:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2013-12-20 12:44:20 | 003,559,024 | ---- | M] () -- C:\Programy\Mozilla Firefox\mozjs.dll
MOD - [2013-09-14 12:44:00 | 000,514,048 | ---- | M] () -- C:\Programy\PLAY ONLINE\PLAY ONLINE.exe
MOD - [2013-09-14 12:43:52 | 009,515,520 | ---- | M] () -- C:\Programy\PLAY ONLINE\QtGui4.dll
MOD - [2013-09-14 12:43:52 | 002,415,104 | ---- | M] () -- C:\Programy\PLAY ONLINE\QtCore4.dll
MOD - [2013-09-14 12:43:52 | 001,148,416 | ---- | M] () -- C:\Programy\PLAY ONLINE\QtNetwork4.dll
MOD - [2013-09-14 12:43:52 | 001,101,824 | ---- | M] () -- C:\Programy\PLAY ONLINE\NDISAPI.dll
MOD - [2013-09-14 12:43:52 | 001,077,248 | ---- | M] () -- C:\Programy\PLAY ONLINE\AddrBookPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,808,960 | ---- | M] () -- C:\Programy\PLAY ONLINE\SMSUIPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,739,328 | ---- | M] () -- C:\Programy\PLAY ONLINE\AddrBookUIPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,670,720 | ---- | M] () -- C:\Programy\PLAY ONLINE\SmsAppPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,550,400 | ---- | M] () -- C:\Programy\PLAY ONLINE\CallAppPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,547,840 | ---- | M] () -- C:\Programy\PLAY ONLINE\CallLogSrvPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,545,280 | ---- | M] () -- C:\Programy\PLAY ONLINE\PluginContainer.dll
MOD - [2013-09-14 12:43:52 | 000,495,104 | ---- | M] () -- C:\Programy\PLAY ONLINE\DeviceMgrUIPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,483,328 | ---- | M] () -- C:\Programy\PLAY ONLINE\NetInfoUIExPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,428,032 | ---- | M] () -- C:\Programy\PLAY ONLINE\core.dll
MOD - [2013-09-14 12:43:52 | 000,427,008 | ---- | M] () -- C:\Programy\PLAY ONLINE\DialupUIPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,384,512 | ---- | M] () -- C:\Programy\PLAY ONLINE\USSDUIPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,381,952 | ---- | M] () -- C:\Programy\PLAY ONLINE\Proxy.dll
MOD - [2013-09-14 12:43:52 | 000,370,176 | ---- | M] () -- C:\Programy\PLAY ONLINE\plugins\imageformats\qtiff4.dll
MOD - [2013-09-14 12:43:52 | 000,350,720 | ---- | M] () -- C:\Programy\PLAY ONLINE\plugins\imageformats\qmng4.dll
MOD - [2013-09-14 12:43:52 | 000,338,432 | ---- | M] () -- C:\Programy\PLAY ONLINE\DeviceAppPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,334,848 | ---- | M] () -- C:\Programy\PLAY ONLINE\MainpagePlugin.dll
MOD - [2013-09-14 12:43:52 | 000,333,312 | ---- | M] () -- C:\Programy\PLAY ONLINE\NetConnectPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,310,272 | ---- | M] () -- C:\Programy\PLAY ONLINE\StatusBarMgrPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,301,056 | ---- | M] () -- C:\Programy\PLAY ONLINE\DeviceSrvPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,278,528 | ---- | M] () -- C:\Programy\PLAY ONLINE\NetInfoSrvPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,269,824 | ---- | M] () -- C:\Programy\PLAY ONLINE\LiveUpdateInterface.dll
MOD - [2013-09-14 12:43:52 | 000,264,704 | ---- | M] () -- C:\Programy\PLAY ONLINE\AddrBookSrvPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,261,632 | ---- | M] () -- C:\Programy\PLAY ONLINE\sdk.dll
MOD - [2013-09-14 12:43:52 | 000,249,344 | ---- | M] () -- C:\Programy\PLAY ONLINE\MenuMgrPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,240,128 | ---- | M] () -- C:\Programy\PLAY ONLINE\ToolBarMgrPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,238,080 | ---- | M] () -- C:\Programy\PLAY ONLINE\AtCodec.dll
MOD - [2013-09-14 12:43:52 | 000,235,008 | ---- | M] () -- C:\Programy\PLAY ONLINE\NetSrvPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,218,112 | ---- | M] () -- C:\Programy\PLAY ONLINE\Common.dll
MOD - [2013-09-14 12:43:52 | 000,217,600 | ---- | M] () -- C:\Programy\PLAY ONLINE\SmsSrvPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,211,968 | ---- | M] () -- C:\Programy\PLAY ONLINE\DialUpPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,192,000 | ---- | M] () -- C:\Programy\PLAY ONLINE\plugins\imageformats\qjpeg4.dll
MOD - [2013-09-14 12:43:52 | 000,190,464 | ---- | M] () -- C:\Programy\PLAY ONLINE\XFramePlugin.dll
MOD - [2013-09-14 12:43:52 | 000,180,224 | ---- | M] () -- C:\Programy\PLAY ONLINE\NDISPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,176,128 | ---- | M] () -- C:\Programy\PLAY ONLINE\CallSrvPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,159,232 | ---- | M] () -- C:\Programy\PLAY ONLINE\XCodec.dll
MOD - [2013-09-14 12:43:52 | 000,158,720 | ---- | M] () -- C:\Programy\PLAY ONLINE\NetConnectSrvPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,157,184 | ---- | M] () -- C:\Programy\PLAY ONLINE\DataServicePlugin.dll
MOD - [2013-09-14 12:43:52 | 000,156,672 | ---- | M] () -- C:\Programy\PLAY ONLINE\STKSrvPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,142,336 | ---- | M] () -- C:\Programy\PLAY ONLINE\USSDSrvPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,135,168 | ---- | M] () -- C:\Programy\PLAY ONLINE\Trace.dll
MOD - [2013-09-14 12:43:52 | 000,133,120 | ---- | M] () -- C:\Programy\PLAY ONLINE\OSDialup.dll
MOD - [2013-09-14 12:43:52 | 000,131,072 | ---- | M] () -- C:\Programy\PLAY ONLINE\OSNDIS.dll
MOD - [2013-09-14 12:43:52 | 000,123,392 | ---- | M] () -- C:\Programy\PLAY ONLINE\ATR2SMgr.dll
MOD - [2013-09-14 12:43:52 | 000,118,272 | ---- | M] () -- C:\Programy\PLAY ONLINE\LayoutPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,106,496 | ---- | M] () -- C:\Programy\PLAY ONLINE\Win7Support.dll
MOD - [2013-09-14 12:43:52 | 000,101,376 | ---- | M] () -- C:\Programy\PLAY ONLINE\OSAdapt.dll
MOD - [2013-09-14 12:43:52 | 000,093,184 | ---- | M] () -- C:\Programy\PLAY ONLINE\NotifyServicePlugin.dll
MOD - [2013-09-14 12:43:52 | 000,082,944 | ---- | M] () -- C:\Programy\PLAY ONLINE\plugins\imageformats\qgif4.dll
MOD - [2013-09-14 12:43:52 | 000,081,920 | ---- | M] () -- C:\Programy\PLAY ONLINE\plugins\imageformats\qico4.dll
MOD - [2013-09-14 12:43:52 | 000,065,536 | ---- | M] () -- C:\Programy\PLAY ONLINE\OSPowerMgr.dll
MOD - [2013-09-14 12:43:52 | 000,062,976 | ---- | M] () -- C:\Programy\PLAY ONLINE\OSCall.dll
MOD - [2013-09-14 12:43:52 | 000,043,008 | ---- | M] () -- C:\Programy\PLAY ONLINE\libgcc_s_dw2-1.dll
MOD - [2013-09-14 12:43:52 | 000,011,362 | ---- | M] () -- C:\Programy\PLAY ONLINE\mingwm10.dll
MOD - [2012-10-18 14:28:02 | 000,137,728 | ---- | M] () -- C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF.dll
MOD - [2012-10-18 14:28:02 | 000,116,224 | ---- | M] () -- C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF_WPS_WIN7.dll
MOD - [2012-10-18 14:28:00 | 001,411,072 | ---- | M] () -- C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll
MOD - [2012-10-18 14:28:00 | 000,846,848 | ---- | M] () -- C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
MOD - [2012-06-12 13:43:58 | 000,193,024 | ---- | M] () -- C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll
MOD - [2011-02-10 06:55:18 | 001,148,256 | ---- | M] () -- C:\Programy\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
MOD - [2010-09-02 09:59:16 | 002,158,592 | ---- | M] () -- C:\Program Files\Vtune\TBPANEL.exe
MOD - [1998-10-31 03:55:56 | 000,005,120 | ---- | M] () -- C:\Program Files\Vtune\TBMANAGE.DLL
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - [2013-12-20 12:44:21 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013-12-11 22:28:41 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-12-10 03:14:56 | 001,494,304 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2013-12-10 03:14:51 | 014,658,848 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV - [2013-11-23 12:18:34 | 000,414,496 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013-09-14 12:43:52 | 000,246,112 | ---- | M] () [Auto | Stopped] -- C:\Programy\PLAY ONLINE\UpdateDog\ouc.exe -- (PLAY ONLINE. RunOuc)
SRV - [2013-05-10 08:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013-02-04 17:43:22 | 000,155,824 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2012-01-31 14:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Programy\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011-03-14 16:27:28 | 000,271,712 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService.exe -- (HWDeviceService.exe)
SRV - [2011-02-08 04:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Programy\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2011-01-10 13:49:20 | 000,014,848 | ---- | M] () [Auto | Running] -- C:\Program Files\Dokan\DokanLibrary\mounter.exe -- (DokanMounter)
SRV - [2009-07-16 16:04:16 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009-07-14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-07-14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | Auto | Stopped] -- C -- (S)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RTL8192su.sys -- (RTL8192su)
DRV - [2013-12-05 09:42:30 | 000,034,080 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvvad32v.sys -- (nvvad_WaveExtensible)
DRV - [2013-11-23 20:09:31 | 010,446,112 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2013-11-03 11:38:37 | 000,243,128 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2013-09-14 12:43:52 | 000,195,072 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_juwwanecm.sys -- (huawei_wwanecm)
DRV - [2013-09-14 12:43:52 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2013-09-14 12:43:52 | 000,095,616 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jucdcacm.sys -- (huawei_cdcacm)
DRV - [2013-09-14 12:43:52 | 000,076,544 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2013-09-14 12:43:52 | 000,027,520 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_juextctrl.sys -- (huawei_ext_ctrl)
DRV - [2013-09-14 12:43:52 | 000,011,136 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)
DRV - [2013-08-25 19:03:25 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2013-06-16 13:38:15 | 000,161,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2012-11-12 03:47:48 | 000,255,968 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012-10-18 14:04:12 | 001,570,304 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athur.sys -- (athur)
DRV - [2011-05-27 18:05:32 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011-04-04 23:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011-03-16 15:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011-03-01 13:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011-02-22 07:12:50 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV - [2011-02-10 06:53:42 | 000,021,968 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011-02-10 06:53:40 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011-01-10 13:49:28 | 000,095,744 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Auto | Running] -- C:\Windows\System32\drivers\dokan.sys -- (Dokan)
DRV - [2009-11-19 14:06:46 | 000,098,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039bus.sys -- (s1039bus)
DRV - [2009-11-19 14:06:46 | 000,025,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039nd5.sys -- (s1039nd5)
DRV - [2009-11-19 14:06:45 | 000,124,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mdm.sys -- (s1039mdm)
DRV - [2009-11-19 14:06:45 | 000,123,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039unic.sys -- (s1039unic)
DRV - [2009-11-19 14:06:45 | 000,117,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mgmt.sys -- (s1039mgmt)
DRV - [2009-11-19 14:06:45 | 000,113,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039obex.sys -- (s1039obex)
DRV - [2009-11-19 14:06:44 | 000,014,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mdfl.sys -- (s1039mdfl)
DRV - [2009-07-14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009-07-14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009-07-14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009-07-14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009-07-14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009-07-14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009-07-14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2007-03-16 09:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TBPanel.sys -- (TBPanel)
DRV - [2007-03-16 09:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\TBPanel.sys -- (Cardex)
DRV - [2005-08-10 15:06:28 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfsync02.sys -- (sfsync02)
DRV - [2005-08-10 13:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfdrv01.sys -- (sfdrv01)
DRV - [2005-05-16 14:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfhlp02.sys -- (sfhlp02)
DRV - [2004-08-09 12:33:26 | 000,114,016 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004-08-09 12:29:28 | 000,053,920 | ---- | M] (Protection Technology) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2004-07-19 15:49:54 | 000,007,040 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\prosync1.sys -- (prosync1)
DRV - [2003-12-01 16:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfhlp01.sys -- (sfhlp01)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/webhp?hl=pl&tab=ww"
FF - prefs.js..extensions.enabledAddons: cryenginebrowserplugin%40crytek.com:0.39.0
FF - prefs.js..extensions.enabledAddons: %7Bf9d03c26-0575-497e-821d-f7956d23e0ca%7D:3.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.3.2: C:\Program Files\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@Webzen.com/NPBrowserExt: C:\Program Files\WEBZEN\BrowserExtension\NPWZCmnCtrl.dll (WEBZEN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Programy\AVG\AVG10\Firefox4\ [2013-05-24 10:51:27 | 000,000,000 | ---D | M]
 
[2013-05-22 16:17:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\reiy\AppData\Roaming\mozilla\Extensions
[2014-01-02 22:11:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\reiy\AppData\Roaming\mozilla\Firefox\Profiles\ckyauas7.default\extensions
[2013-11-07 15:06:17 | 000,000,000 | ---D | M] (GFACE Experience Plugin) -- C:\Users\reiy\AppData\Roaming\mozilla\Firefox\Profiles\ckyauas7.default\extensions\[email protected]
[2013-05-24 10:46:36 | 000,010,043 | ---- | M] () (No name found) -- C:\Users\reiy\AppData\Roaming\mozilla\firefox\profiles\ckyauas7.default\extensions\[email protected]
[2013-12-18 18:20:00 | 000,002,839 | ---- | M] () (No name found) -- C:\Users\reiy\AppData\Roaming\mozilla\firefox\profiles\ckyauas7.default\extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca}.xpi
[2014-01-02 22:11:39 | 000,555,162 | ---- | M] () (No name found) -- C:\Users\reiy\AppData\Roaming\mozilla\firefox\profiles\ckyauas7.default\extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi
 
O1 HOSTS File: ([2009-06-10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [AVG_TRAY] C:\Programy\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [NvBackend] C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [Nvtmru] C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [ShadowPlay] C:\Windows\System32\nvspcap.dll (NVIDIA Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKCU..\Run: [TBPanel] C:\Program Files\Vtune\TBPanel.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2693D15B-AC01-4A31-9311-06CCB859B048}: NameServer = 89.108.202.20 89.108.195.20
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{36CEE20D-2B5A-4BC3-BF4B-944CEB472A3A}: NameServer = 89.108.202.21 89.108.195.21
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5E92636F-E258-4FF8-BCF8-7A9FF56E234E}: NameServer = 89.108.202.21 89.108.195.21
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BAE000DC-841A-4B69-B9B0-A41475D0FCD7}: NameServer = 89.108.202.20 89.108.195.20
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F891092C-6B0C-412F-B19D-35986AE966C7}: NameServer = 89.108.202.20 89.108.195.20
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programy\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011-03-15 08:27:22 | 000,148,320 | R--- | M] () - F:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2008-10-11 10:12:34 | 000,000,045 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{045d1081-1d39-11e3-94c0-406186e68b72}\Shell - "" = AutoRun
O33 - MountPoints2\{045d1081-1d39-11e3-94c0-406186e68b72}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011-03-15 08:27:22 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{06d1cb63-f131-11e2-a55f-406186e68b72}\Shell - "" = AutoRun
O33 - MountPoints2\{06d1cb63-f131-11e2-a55f-406186e68b72}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011-03-15 08:27:22 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{06d1cb8c-f131-11e2-a55f-406186e68b72}\Shell - "" = AutoRun
O33 - MountPoints2\{06d1cb8c-f131-11e2-a55f-406186e68b72}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011-03-15 08:27:22 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{21c20025-445d-11e3-b0d2-406186e68b72}\Shell - "" = AutoRun
O33 - MountPoints2\{21c20025-445d-11e3-b0d2-406186e68b72}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011-03-15 08:27:22 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{2347f2b2-c2f2-11e2-9834-406186e68b72}\Shell - "" = AutoRun
O33 - MountPoints2\{2347f2b2-c2f2-11e2-9834-406186e68b72}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011-03-15 08:27:22 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{2347f2c0-c2f2-11e2-9834-406186e68b72}\Shell - "" = AutoRun
O33 - MountPoints2\{2347f2c0-c2f2-11e2-9834-406186e68b72}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011-03-15 08:27:22 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{3e4a8d21-88da-11e3-9ced-406186e68b72}\Shell - "" = AutoRun
O33 - MountPoints2\{3e4a8d21-88da-11e3-9ced-406186e68b72}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011-03-15 08:27:22 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{6ac90ec1-7ab7-11e3-99ce-406186e68b72}\Shell - "" = AutoRun
O33 - MountPoints2\{6ac90ec1-7ab7-11e3-99ce-406186e68b72}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011-03-15 08:27:22 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{6c0d5e54-1d2d-11e3-9879-406186e68b72}\Shell - "" = AutoRun
O33 - MountPoints2\{6c0d5e54-1d2d-11e3-9879-406186e68b72}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011-03-15 08:27:22 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{6cf15bc8-e6c9-11e2-80b0-ecc4c85fb600}\Shell - "" = AutoRun
O33 - MountPoints2\{6cf15bc8-e6c9-11e2-80b0-ecc4c85fb600}\Shell\AutoRun\command - "" = F:\Startme.exe
O33 - MountPoints2\{ea848f6b-cb8c-11e2-83a9-a980f8e2a0e8}\Shell - "" = AutoRun
O33 - MountPoints2\{ea848f6b-cb8c-11e2-83a9-a980f8e2a0e8}\Shell\AutoRun\command - "" = F:\Startme.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\Programy\AVG\AVG10\avgchsvx.exe /sync)
O34 - HKLM BootExecute: (C:\Programy\AVG\AVG10\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2014-01-31 11:57:12 | 000,000,000 | ---D | C] -- C:\Users\reiy\AppData\Roaming\UpdateBonanza
[2014-01-30 23:00:55 | 000,000,000 | R--D | C] -- C:\Users\reiy\Documents\Notes
[2014-01-27 14:51:32 | 000,000,000 | ---D | C] -- C:\Users\reiy\Desktop\res_mods
[2014-01-20 21:36:59 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014-01-17 20:52:41 | 000,000,000 | ---D | C] -- C:\Users\reiy\Desktop\vehicles
[2014-01-17 20:01:02 | 000,000,000 | ---D | C] -- C:\Users\reiy\Desktop\audio
[2014-01-12 11:30:59 | 000,000,000 | ---D | C] -- C:\Users\reiy\AppData\Local\Opera Software
[2014-01-12 11:30:57 | 000,000,000 | ---D | C] -- C:\Users\reiy\AppData\Roaming\Opera Software
[2014-01-12 11:30:53 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2014-02-02 21:57:05 | 000,000,288 | ---- | M] () -- C:\Windows\tasks\Update Bonanza.job
[2014-02-02 21:57:00 | 000,000,286 | ---- | M] () -- C:\Windows\tasks\Bonanza.job
[2014-02-02 21:27:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014-02-02 19:28:26 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014-02-02 19:28:26 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014-02-02 19:26:32 | 000,746,852 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2014-02-02 19:26:32 | 000,660,218 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014-02-02 19:26:32 | 000,159,444 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2014-02-02 19:26:32 | 000,124,408 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014-02-02 19:20:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014-02-02 19:20:17 | 2817,974,272 | -HS- | M] () -- C:\hiberfil.sys
[2014-02-02 12:55:32 | 152,225,622 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2014-02-01 23:41:28 | 000,749,348 | ---- | M] () -- C:\Users\reiy\Desktop\20140201_2334_france-AMX_13_90_04_himmelsdorf.wotreplay
[2014-01-31 18:03:55 | 000,158,596 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2014-01-31 11:57:05 | 000,000,137 | ---- | M] () -- C:\Users\reiy\AppData\Roaming\WB.CFG
[2014-01-29 16:14:54 | 338,846,185 | ---- | M] () -- C:\Users\reiy\Desktop\Zabójcze ciało (lektor pl).rmvb
[2014-01-29 13:12:11 | 000,062,683 | ---- | M] () -- C:\Users\reiy\AppData\Local\recently-used.xbel
[2014-01-29 01:21:08 | 000,610,655 | ---- | M] () -- C:\Users\reiy\Desktop\20140129_0115_france-AMX_50_100_19_monastery.wotreplay
[2014-01-18 00:43:32 | 374,402,473 | ---- | M] () -- C:\Users\reiy\Desktop\47 roninów - 47 Ronin (2013) Napisy.PL.CAMRip.XViD-MORS.rmvb
[2014-01-17 01:56:07 | 000,307,608 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014-01-12 11:30:54 | 000,001,047 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2014-01-10 19:30:36 | 000,834,334 | ---- | M] () -- C:\Users\reiy\Desktop\20140110_1922_china-Ch24_Type64_02_malinovka.wotreplay
[2014-01-10 18:18:03 | 000,057,859 | ---- | M] () -- C:\Users\reiy\Documents\arachiel.png
[2014-01-09 16:57:32 | 000,437,566 | ---- | M] () -- C:\Users\reiy\Desktop\20140109_1653_china-Ch24_Type64_01_karelia.wotreplay
[2014-01-04 00:49:46 | 736,524,288 | ---- | M] () -- C:\Users\reiy\Desktop\Ninja 2 - Shadow of a Tear (2013) Napisy.PL.WEB-DL.XviD-GHW.avi
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2014-02-02 18:54:32 | 1891,366,024 | ---- | C] () -- C:\Users\reiy\Desktop\g i joe odwet 2013 lektor pl.avi
[2014-02-02 18:54:11 | 338,846,185 | ---- | C] () -- C:\Users\reiy\Desktop\Zabójcze ciało (lektor pl).rmvb
[2014-02-01 23:46:02 | 000,749,348 | ---- | C] () -- C:\Users\reiy\Desktop\20140201_2334_france-AMX_13_90_04_himmelsdorf.wotreplay
[2014-01-31 11:57:12 | 000,000,288 | ---- | C] () -- C:\Windows\tasks\Update Bonanza.job
[2014-01-29 13:12:11 | 000,062,683 | ---- | C] () -- C:\Users\reiy\AppData\Local\recently-used.xbel
[2014-01-29 01:22:40 | 000,610,655 | ---- | C] () -- C:\Users\reiy\Desktop\20140129_0115_france-AMX_50_100_19_monastery.wotreplay
[2014-01-18 19:16:23 | 374,402,473 | ---- | C] () -- C:\Users\reiy\Desktop\47 roninów - 47 Ronin (2013) Napisy.PL.CAMRip.XViD-MORS.rmvb
[2014-01-12 11:30:54 | 000,001,047 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2014-01-12 11:30:54 | 000,001,047 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2014-01-10 19:36:09 | 000,834,334 | ---- | C] () -- C:\Users\reiy\Desktop\20140110_1922_china-Ch24_Type64_02_malinovka.wotreplay
[2014-01-10 18:17:20 | 000,057,859 | ---- | C] () -- C:\Users\reiy\Documents\arachiel.png
[2014-01-10 16:40:54 | 736,524,288 | ---- | C] () -- C:\Users\reiy\Desktop\Ninja 2 - Shadow of a Tear (2013) Napisy.PL.WEB-DL.XviD-GHW.avi
[2014-01-09 16:04:21 | 000,437,566 | ---- | C] () -- C:\Users\reiy\Desktop\20140109_1653_china-Ch24_Type64_01_karelia.wotreplay
[2014-01-08 11:57:02 | 000,000,137 | ---- | C] () -- C:\Users\reiy\AppData\Roaming\WB.CFG
[2013-12-20 11:14:42 | 003,498,475 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin
[2013-11-19 13:24:31 | 000,000,083 | ---- | C] () -- C:\Users\reiy\.gtk-bookmarks
[2013-11-17 15:06:14 | 304,169,078 | ---- | C] () -- C:\Users\reiy\AppData\Roaming\.minecraft.rar
[2013-10-19 19:07:56 | 000,000,000 | ---- | C] () -- C:\Users\reiy\AppData\Local\{0129B846-055D-47FC-B820-785BAA553A54}
[2013-10-11 22:05:56 | 000,007,609 | ---- | C] () -- C:\Users\reiy\AppData\Local\Resmon.ResmonCfg
[2013-06-06 16:35:22 | 000,139,552 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2013-06-06 16:35:22 | 000,138,904 | ---- | C] () -- C:\Users\reiy\AppData\Roaming\PnkBstrK.sys
[2013-06-06 16:35:11 | 000,291,296 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2013-06-06 16:35:09 | 000,669,184 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
[2013-06-06 16:35:09 | 000,076,888 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2013-05-22 17:49:22 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2013-05-22 17:49:21 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2013-05-22 17:49:21 | 000,074,752 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2013-05-22 17:49:21 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2013-05-22 17:48:00 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2013-05-22 17:48:00 | 000,258,048 | ---- | C] () -- C:\Windows\System32\libFLAC.dll
[2013-05-22 16:12:07 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009-07-14 08:27:10 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009-07-14 02:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009-07-14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >

Ktoś dostrzega tu jakies przyczyny?

Nezvik · 3 Lutego 2014

Zrób skan plików na virustotal.com:

C:\Programy\PLAY ONLINE\UpdateDog\ouc.exe

C:\Users\reiy\AppData\Local\{0129B846-055D-47FC-B820-785BAA553A54}

I wklej linki. O ile się nie mylę, to ten dziwny klucz to jest plik. Jeśli nic nie znajdzie wykonaj:

:OTL

[2013-07-06 09:05:26 | 000,000,000 | ---D | M] -- C:\Users\reiy\AppData\Roaming\646

[2013-12-29 10:57:55 | 000,000,000 | ---D | M] -- C:\Users\reiy\AppData\Roaming\Bonanza

[2013-07-07 19:31:23 | 000,000,000 | ---D | M] -- C:\Users\reiy\AppData\Roaming\AnvSoft

[2014-02-03 10:14:50 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2014-02-03 10:14:50 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

FF - HKLM\Software\MozillaPlugins\@Webzen.com/NPBrowserExt: C:\Program Files\WEBZEN\BrowserExtension\NPWZCmnCtrl.dll (WEBZEN)

DRV - [2005-08-10 15:06:28 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfsync02.sys -- (sfsync02)

DRV - [2005-08-10 13:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfdrv01.sys -- (sfdrv01)

DRV - [2005-05-16 14:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfhlp02.sys -- (sfhlp02)

DRV - [2004-08-09 12:33:26 | 000,114,016 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\prohlp02.sys -- (prohlp02)

DRV - [2004-08-09 12:29:28 | 000,053,920 | ---- | M] (Protection Technology) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\prodrv06.sys -- (prodrv06)

DRV - [2004-07-19 15:49:54 | 000,007,040 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\prosync1.sys -- (prosync1)

DRV - [2003-12-01 16:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfhlp01.sys -- (sfhlp01)

DRV - [2012-10-18 14:04:12 | 001,570,304 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athur.sys -- (athur)

SRV - [2011-03-14 16:27:28 | 000,271,712 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService.exe -- (HWDeviceService.exe)

Wstaw log usuwania, kliknij w OTL sprzątanie.

Logi będą czyste. Powinno być już ok.

Gdybyś mógł to napisz czy komputer chodzi szybciej.

Reiden · 3 Lutego 2014

Po wykonaniu skryptu

All processes killed
========== OTL ==========
C:\Users\reiy\AppData\Roaming\UpdateBonanza\UpdateProc folder moved successfully.
C:\Users\reiy\AppData\Roaming\UpdateBonanza folder moved successfully.
C:\Windows\Tasks\Update Bonanza.job moved successfully.
C:\Windows\Tasks\Bonanza.job moved successfully.
C:\Users\reiy\AppData\Roaming\WB.CFG moved successfully.
Service DokanMounter stopped successfully!
Service DokanMounter deleted successfully!
C:\Program Files\Dokan\DokanLibrary\mounter.exe moved successfully.
No active process named mounter.exe was found!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\autoexec.bat moved successfully.
File move failed. F:\AutoRun.exe scheduled to be moved on reboot.
File F:\AUTORUN.INF not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{045d1081-1d39-11e3-94c0-406186e68b72}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{045d1081-1d39-11e3-94c0-406186e68b72}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{045d1081-1d39-11e3-94c0-406186e68b72}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{045d1081-1d39-11e3-94c0-406186e68b72}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{06d1cb63-f131-11e2-a55f-406186e68b72}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{06d1cb63-f131-11e2-a55f-406186e68b72}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{06d1cb63-f131-11e2-a55f-406186e68b72}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{06d1cb63-f131-11e2-a55f-406186e68b72}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{06d1cb8c-f131-11e2-a55f-406186e68b72}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{06d1cb8c-f131-11e2-a55f-406186e68b72}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{06d1cb8c-f131-11e2-a55f-406186e68b72}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{06d1cb8c-f131-11e2-a55f-406186e68b72}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21c20025-445d-11e3-b0d2-406186e68b72}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21c20025-445d-11e3-b0d2-406186e68b72}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21c20025-445d-11e3-b0d2-406186e68b72}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21c20025-445d-11e3-b0d2-406186e68b72}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2347f2b2-c2f2-11e2-9834-406186e68b72}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2347f2b2-c2f2-11e2-9834-406186e68b72}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2347f2b2-c2f2-11e2-9834-406186e68b72}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2347f2b2-c2f2-11e2-9834-406186e68b72}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2347f2c0-c2f2-11e2-9834-406186e68b72}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2347f2c0-c2f2-11e2-9834-406186e68b72}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2347f2c0-c2f2-11e2-9834-406186e68b72}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2347f2c0-c2f2-11e2-9834-406186e68b72}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3e4a8d21-88da-11e3-9ced-406186e68b72}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3e4a8d21-88da-11e3-9ced-406186e68b72}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3e4a8d21-88da-11e3-9ced-406186e68b72}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3e4a8d21-88da-11e3-9ced-406186e68b72}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6ac90ec1-7ab7-11e3-99ce-406186e68b72}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6ac90ec1-7ab7-11e3-99ce-406186e68b72}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6ac90ec1-7ab7-11e3-99ce-406186e68b72}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6ac90ec1-7ab7-11e3-99ce-406186e68b72}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6c0d5e54-1d2d-11e3-9879-406186e68b72}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6c0d5e54-1d2d-11e3-9879-406186e68b72}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6c0d5e54-1d2d-11e3-9879-406186e68b72}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6c0d5e54-1d2d-11e3-9879-406186e68b72}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6cf15bc8-e6c9-11e2-80b0-ecc4c85fb600}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6cf15bc8-e6c9-11e2-80b0-ecc4c85fb600}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6cf15bc8-e6c9-11e2-80b0-ecc4c85fb600}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6cf15bc8-e6c9-11e2-80b0-ecc4c85fb600}\ not found.
File F:\Startme.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ea848f6b-cb8c-11e2-83a9-a980f8e2a0e8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ea848f6b-cb8c-11e2-83a9-a980f8e2a0e8}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ea848f6b-cb8c-11e2-83a9-a980f8e2a0e8}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ea848f6b-cb8c-11e2-83a9-a980f8e2a0e8}\ not found.
File F:\Startme.exe not found.
========== FILES ==========
C:\Windows\System32\ISSRemoveSP.exe moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
[EMPTYFLASH]
 
User: All Users
 
User: Default
 
User: Default User
 
User: hedev
 
User: Public
 
User: reiy
->Flash cache emptied: 9330 bytes
 
User: UpdatusUser
 
Total Flash Files Cleaned = 0,00 mb
 
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: hedev
->Temp folder emptied: 43164427 bytes
 
User: Public
 
User: reiy
->Temp folder emptied: 316078318 bytes
->Temporary Internet Files folder emptied: 54457556 bytes
->Java cache emptied: 32821 bytes
->FireFox cache emptied: 572108967 bytes
->Flash cache emptied: 0 bytes
 
User: UpdatusUser
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 1610800 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 940338 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 943,00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 02032014_101525

Files\Folders moved on Reboot...
File\Folder F:\AutoRun.exe not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Nowe logi

OTL Extras logfile created on: 2014-02-03 10:22:08 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\reiy\Downloads
 An unknown product  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
3,50 Gb Total Physical Memory | 2,30 Gb Available Physical Memory | 65,82% Memory free
7,00 Gb Paging File | 5,61 Gb Available in Paging File | 80,14% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 195,21 Gb Total Space | 44,14 Gb Free Space | 22,61% Space Free | Partition Type: NTFS
Drive D: | 270,45 Gb Total Space | 16,62 Gb Free Space | 6,15% Space Free | Partition Type: NTFS
 
Computer Name: REIYY | User Name: reiy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = OperaStable] -- C:\Program Files\Opera\Launcher.exe (Opera Software)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programy\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.

OTL logfile created on: 2014-02-03 10:22:08 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\reiy\Downloads
 An unknown product  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
3,50 Gb Total Physical Memory | 2,30 Gb Available Physical Memory | 65,82% Memory free
7,00 Gb Paging File | 5,61 Gb Available in Paging File | 80,14% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 195,21 Gb Total Space | 44,14 Gb Free Space | 22,61% Space Free | Partition Type: NTFS
Drive D: | 270,45 Gb Total Space | 16,62 Gb Free Space | 6,15% Space Free | Partition Type: NTFS
 
Computer Name: REIYY | User Name: reiy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2014-02-03 10:14:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\reiy\Downloads\OTL.exe
PRC - [2013-12-20 12:44:21 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Programy\Mozilla Firefox\firefox.exe
PRC - [2013-12-11 22:28:36 | 001,862,536 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
PRC - [2013-12-10 03:15:27 | 002,279,712 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2013-12-10 03:14:56 | 001,494,304 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2013-12-10 03:14:51 | 014,658,848 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
PRC - [2013-11-23 18:44:30 | 001,821,984 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2013-11-23 18:44:30 | 000,932,640 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2013-11-23 12:18:34 | 000,414,496 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013-11-08 21:49:00 | 001,028,384 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013-09-14 12:44:00 | 000,514,048 | ---- | M] () -- C:\Programy\PLAY ONLINE\PLAY ONLINE.exe
PRC - [2013-09-14 12:43:52 | 000,246,112 | ---- | M] () -- C:\ProgramData\PLAY ONLINE\OnlineUpdate\ouc.exe
PRC - [2013-05-10 08:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012-10-18 14:28:00 | 000,846,848 | ---- | M] () -- C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
PRC - [2012-08-01 03:48:54 | 002,345,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programy\AVG\AVG10\avgtray.exe
PRC - [2012-01-31 14:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programy\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2011-09-09 02:10:56 | 001,082,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programy\AVG\AVG10\avgnsx.exe
PRC - [2011-08-18 00:33:26 | 000,659,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programy\AVG\AVG10\avgrsx.exe
PRC - [2011-05-23 13:13:04 | 000,657,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programy\AVG\AVG10\avgchsvx.exe
PRC - [2011-03-16 15:05:20 | 001,025,888 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programy\AVG\AVG10\avgemcx.exe
PRC - [2011-03-14 16:27:28 | 000,271,712 | ---- | M] () -- C:\ProgramData\DatacardService\HWDeviceService.exe
PRC - [2011-03-14 16:27:28 | 000,236,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2011-02-10 06:55:18 | 001,148,256 | ---- | M] () -- C:\Programy\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011-02-08 04:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programy\AVG\AVG10\avgwdsvc.exe
PRC - [2010-09-02 09:59:16 | 002,158,592 | ---- | M] () -- C:\Program Files\Vtune\TBPANEL.exe
PRC - [2009-07-14 02:14:46 | 000,115,200 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE
PRC - [2009-07-14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009-07-14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009-07-14 02:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2013-12-20 12:44:20 | 003,559,024 | ---- | M] () -- C:\Programy\Mozilla Firefox\mozjs.dll
MOD - [2013-12-11 22:28:36 | 016,242,056 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_9_900_170.dll
MOD - [2013-09-14 12:44:00 | 000,514,048 | ---- | M] () -- C:\Programy\PLAY ONLINE\PLAY ONLINE.exe
MOD - [2013-09-14 12:43:52 | 009,515,520 | ---- | M] () -- C:\Programy\PLAY ONLINE\QtGui4.dll
MOD - [2013-09-14 12:43:52 | 002,415,104 | ---- | M] () -- C:\Programy\PLAY ONLINE\QtCore4.dll
MOD - [2013-09-14 12:43:52 | 001,148,416 | ---- | M] () -- C:\Programy\PLAY ONLINE\QtNetwork4.dll
MOD - [2013-09-14 12:43:52 | 001,101,824 | ---- | M] () -- C:\Programy\PLAY ONLINE\NDISAPI.dll
MOD - [2013-09-14 12:43:52 | 001,077,248 | ---- | M] () -- C:\Programy\PLAY ONLINE\AddrBookPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,808,960 | ---- | M] () -- C:\Programy\PLAY ONLINE\SMSUIPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,739,328 | ---- | M] () -- C:\Programy\PLAY ONLINE\AddrBookUIPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,670,720 | ---- | M] () -- C:\Programy\PLAY ONLINE\SmsAppPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,550,400 | ---- | M] () -- C:\Programy\PLAY ONLINE\CallAppPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,547,840 | ---- | M] () -- C:\Programy\PLAY ONLINE\CallLogSrvPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,545,280 | ---- | M] () -- C:\Programy\PLAY ONLINE\PluginContainer.dll
MOD - [2013-09-14 12:43:52 | 000,495,104 | ---- | M] () -- C:\Programy\PLAY ONLINE\DeviceMgrUIPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,483,328 | ---- | M] () -- C:\Programy\PLAY ONLINE\NetInfoUIExPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,428,032 | ---- | M] () -- C:\Programy\PLAY ONLINE\core.dll
MOD - [2013-09-14 12:43:52 | 000,427,008 | ---- | M] () -- C:\Programy\PLAY ONLINE\DialupUIPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,384,512 | ---- | M] () -- C:\Programy\PLAY ONLINE\USSDUIPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,381,952 | ---- | M] () -- C:\Programy\PLAY ONLINE\Proxy.dll
MOD - [2013-09-14 12:43:52 | 000,370,176 | ---- | M] () -- C:\Programy\PLAY ONLINE\plugins\imageformats\qtiff4.dll
MOD - [2013-09-14 12:43:52 | 000,350,720 | ---- | M] () -- C:\Programy\PLAY ONLINE\plugins\imageformats\qmng4.dll
MOD - [2013-09-14 12:43:52 | 000,338,432 | ---- | M] () -- C:\Programy\PLAY ONLINE\DeviceAppPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,334,848 | ---- | M] () -- C:\Programy\PLAY ONLINE\MainpagePlugin.dll
MOD - [2013-09-14 12:43:52 | 000,333,312 | ---- | M] () -- C:\Programy\PLAY ONLINE\NetConnectPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,310,272 | ---- | M] () -- C:\Programy\PLAY ONLINE\StatusBarMgrPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,301,056 | ---- | M] () -- C:\Programy\PLAY ONLINE\DeviceSrvPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,278,528 | ---- | M] () -- C:\Programy\PLAY ONLINE\NetInfoSrvPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,269,824 | ---- | M] () -- C:\Programy\PLAY ONLINE\LiveUpdateInterface.dll
MOD - [2013-09-14 12:43:52 | 000,264,704 | ---- | M] () -- C:\Programy\PLAY ONLINE\AddrBookSrvPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,261,632 | ---- | M] () -- C:\Programy\PLAY ONLINE\sdk.dll
MOD - [2013-09-14 12:43:52 | 000,249,344 | ---- | M] () -- C:\Programy\PLAY ONLINE\MenuMgrPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,240,128 | ---- | M] () -- C:\Programy\PLAY ONLINE\ToolBarMgrPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,238,080 | ---- | M] () -- C:\Programy\PLAY ONLINE\AtCodec.dll
MOD - [2013-09-14 12:43:52 | 000,235,008 | ---- | M] () -- C:\Programy\PLAY ONLINE\NetSrvPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,218,112 | ---- | M] () -- C:\Programy\PLAY ONLINE\Common.dll
MOD - [2013-09-14 12:43:52 | 000,217,600 | ---- | M] () -- C:\Programy\PLAY ONLINE\SmsSrvPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,211,968 | ---- | M] () -- C:\Programy\PLAY ONLINE\DialUpPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,192,000 | ---- | M] () -- C:\Programy\PLAY ONLINE\plugins\imageformats\qjpeg4.dll
MOD - [2013-09-14 12:43:52 | 000,190,464 | ---- | M] () -- C:\Programy\PLAY ONLINE\XFramePlugin.dll
MOD - [2013-09-14 12:43:52 | 000,180,224 | ---- | M] () -- C:\Programy\PLAY ONLINE\NDISPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,176,128 | ---- | M] () -- C:\Programy\PLAY ONLINE\CallSrvPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,159,232 | ---- | M] () -- C:\Programy\PLAY ONLINE\XCodec.dll
MOD - [2013-09-14 12:43:52 | 000,158,720 | ---- | M] () -- C:\Programy\PLAY ONLINE\NetConnectSrvPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,157,184 | ---- | M] () -- C:\Programy\PLAY ONLINE\DataServicePlugin.dll
MOD - [2013-09-14 12:43:52 | 000,156,672 | ---- | M] () -- C:\Programy\PLAY ONLINE\STKSrvPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,142,336 | ---- | M] () -- C:\Programy\PLAY ONLINE\USSDSrvPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,135,168 | ---- | M] () -- C:\Programy\PLAY ONLINE\Trace.dll
MOD - [2013-09-14 12:43:52 | 000,133,120 | ---- | M] () -- C:\Programy\PLAY ONLINE\OSDialup.dll
MOD - [2013-09-14 12:43:52 | 000,131,072 | ---- | M] () -- C:\Programy\PLAY ONLINE\OSNDIS.dll
MOD - [2013-09-14 12:43:52 | 000,123,392 | ---- | M] () -- C:\Programy\PLAY ONLINE\ATR2SMgr.dll
MOD - [2013-09-14 12:43:52 | 000,118,272 | ---- | M] () -- C:\Programy\PLAY ONLINE\LayoutPlugin.dll
MOD - [2013-09-14 12:43:52 | 000,106,496 | ---- | M] () -- C:\Programy\PLAY ONLINE\Win7Support.dll
MOD - [2013-09-14 12:43:52 | 000,101,376 | ---- | M] () -- C:\Programy\PLAY ONLINE\OSAdapt.dll
MOD - [2013-09-14 12:43:52 | 000,093,184 | ---- | M] () -- C:\Programy\PLAY ONLINE\NotifyServicePlugin.dll
MOD - [2013-09-14 12:43:52 | 000,082,944 | ---- | M] () -- C:\Programy\PLAY ONLINE\plugins\imageformats\qgif4.dll
MOD - [2013-09-14 12:43:52 | 000,081,920 | ---- | M] () -- C:\Programy\PLAY ONLINE\plugins\imageformats\qico4.dll
MOD - [2013-09-14 12:43:52 | 000,065,536 | ---- | M] () -- C:\Programy\PLAY ONLINE\OSPowerMgr.dll
MOD - [2013-09-14 12:43:52 | 000,062,976 | ---- | M] () -- C:\Programy\PLAY ONLINE\OSCall.dll
MOD - [2013-09-14 12:43:52 | 000,043,008 | ---- | M] () -- C:\Programy\PLAY ONLINE\libgcc_s_dw2-1.dll
MOD - [2013-09-14 12:43:52 | 000,011,362 | ---- | M] () -- C:\Programy\PLAY ONLINE\mingwm10.dll
MOD - [2012-10-18 14:28:02 | 000,137,728 | ---- | M] () -- C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF.dll
MOD - [2012-10-18 14:28:02 | 000,116,224 | ---- | M] () -- C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF_WPS_WIN7.dll
MOD - [2012-10-18 14:28:00 | 001,411,072 | ---- | M] () -- C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll
MOD - [2012-10-18 14:28:00 | 000,846,848 | ---- | M] () -- C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
MOD - [2012-06-12 13:43:58 | 000,193,024 | ---- | M] () -- C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll
MOD - [2011-02-10 06:55:18 | 001,148,256 | ---- | M] () -- C:\Programy\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
MOD - [2010-09-02 09:59:16 | 002,158,592 | ---- | M] () -- C:\Program Files\Vtune\TBPANEL.exe
MOD - [1998-10-31 03:55:56 | 000,005,120 | ---- | M] () -- C:\Program Files\Vtune\TBMANAGE.DLL
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - [2013-12-20 12:44:21 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013-12-11 22:28:41 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-12-10 03:14:56 | 001,494,304 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2013-12-10 03:14:51 | 014,658,848 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV - [2013-11-23 12:18:34 | 000,414,496 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013-09-14 12:43:52 | 000,246,112 | ---- | M] () [Auto | Stopped] -- C:\Programy\PLAY ONLINE\UpdateDog\ouc.exe -- (PLAY ONLINE. RunOuc)
SRV - [2013-05-10 08:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013-02-04 17:43:22 | 000,155,824 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2012-01-31 14:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Programy\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011-03-14 16:27:28 | 000,271,712 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService.exe -- (HWDeviceService.exe)
SRV - [2011-02-08 04:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Programy\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2009-07-16 16:04:16 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009-07-14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-07-14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | Auto | Stopped] -- C -- (S)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RTL8192su.sys -- (RTL8192su)
DRV - [2013-12-05 09:42:30 | 000,034,080 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvvad32v.sys -- (nvvad_WaveExtensible)
DRV - [2013-11-23 20:09:31 | 010,446,112 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2013-11-03 11:38:37 | 000,243,128 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2013-09-14 12:43:52 | 000,195,072 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_juwwanecm.sys -- (huawei_wwanecm)
DRV - [2013-09-14 12:43:52 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2013-09-14 12:43:52 | 000,095,616 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jucdcacm.sys -- (huawei_cdcacm)
DRV - [2013-09-14 12:43:52 | 000,076,544 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2013-09-14 12:43:52 | 000,027,520 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_juextctrl.sys -- (huawei_ext_ctrl)
DRV - [2013-09-14 12:43:52 | 000,011,136 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)
DRV - [2013-08-25 19:03:25 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2013-06-16 13:38:15 | 000,161,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2012-11-12 03:47:48 | 000,255,968 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012-10-18 14:04:12 | 001,570,304 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athur.sys -- (athur)
DRV - [2011-05-27 18:05:32 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011-04-04 23:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011-03-16 15:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011-03-01 13:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011-02-22 07:12:50 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV - [2011-02-10 06:53:42 | 000,021,968 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011-02-10 06:53:40 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011-01-10 13:49:28 | 000,095,744 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Auto | Running] -- C:\Windows\System32\drivers\dokan.sys -- (Dokan)
DRV - [2009-11-19 14:06:46 | 000,098,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039bus.sys -- (s1039bus)
DRV - [2009-11-19 14:06:46 | 000,025,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039nd5.sys -- (s1039nd5)
DRV - [2009-11-19 14:06:45 | 000,124,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mdm.sys -- (s1039mdm)
DRV - [2009-11-19 14:06:45 | 000,123,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039unic.sys -- (s1039unic)
DRV - [2009-11-19 14:06:45 | 000,117,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mgmt.sys -- (s1039mgmt)
DRV - [2009-11-19 14:06:45 | 000,113,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039obex.sys -- (s1039obex)
DRV - [2009-11-19 14:06:44 | 000,014,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mdfl.sys -- (s1039mdfl)
DRV - [2009-07-14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009-07-14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009-07-14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009-07-14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009-07-14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009-07-14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009-07-14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2007-03-16 09:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TBPanel.sys -- (TBPanel)
DRV - [2007-03-16 09:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\TBPanel.sys -- (Cardex)
DRV - [2005-08-10 15:06:28 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfsync02.sys -- (sfsync02)
DRV - [2005-08-10 13:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfdrv01.sys -- (sfdrv01)
DRV - [2005-05-16 14:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfhlp02.sys -- (sfhlp02)
DRV - [2004-08-09 12:33:26 | 000,114,016 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004-08-09 12:29:28 | 000,053,920 | ---- | M] (Protection Technology) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2004-07-19 15:49:54 | 000,007,040 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\prosync1.sys -- (prosync1)
DRV - [2003-12-01 16:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfhlp01.sys -- (sfhlp01)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/webhp?hl=pl&tab=ww"
FF - prefs.js..extensions.enabledAddons: cryenginebrowserplugin%40crytek.com:0.39.0
FF - prefs.js..extensions.enabledAddons: %7Bf9d03c26-0575-497e-821d-f7956d23e0ca%7D:3.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.3.2: C:\Program Files\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@Webzen.com/NPBrowserExt: C:\Program Files\WEBZEN\BrowserExtension\NPWZCmnCtrl.dll (WEBZEN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Programy\AVG\AVG10\Firefox4\ [2013-05-24 10:51:27 | 000,000,000 | ---D | M]
 
[2013-05-22 16:17:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\reiy\AppData\Roaming\mozilla\Extensions
[2014-01-02 22:11:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\reiy\AppData\Roaming\mozilla\Firefox\Profiles\ckyauas7.default\extensions
[2013-11-07 15:06:17 | 000,000,000 | ---D | M] (GFACE Experience Plugin) -- C:\Users\reiy\AppData\Roaming\mozilla\Firefox\Profiles\ckyauas7.default\extensions\[email protected]
[2013-05-24 10:46:36 | 000,010,043 | ---- | M] () (No name found) -- C:\Users\reiy\AppData\Roaming\mozilla\firefox\profiles\ckyauas7.default\extensions\[email protected]
[2013-12-18 18:20:00 | 000,002,839 | ---- | M] () (No name found) -- C:\Users\reiy\AppData\Roaming\mozilla\firefox\profiles\ckyauas7.default\extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca}.xpi
[2014-01-02 22:11:39 | 000,555,162 | ---- | M] () (No name found) -- C:\Users\reiy\AppData\Roaming\mozilla\firefox\profiles\ckyauas7.default\extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi
 
O1 HOSTS File: ([2014-02-03 10:15:33 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [AVG_TRAY] C:\Programy\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [NvBackend] C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [Nvtmru] C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [ShadowPlay] C:\Windows\System32\nvspcap.dll (NVIDIA Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKCU..\Run: [TBPanel] C:\Program Files\Vtune\TBPanel.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2693D15B-AC01-4A31-9311-06CCB859B048}: NameServer = 89.108.202.20 89.108.195.20
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{36CEE20D-2B5A-4BC3-BF4B-944CEB472A3A}: NameServer = 89.108.202.21 89.108.195.21
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5E92636F-E258-4FF8-BCF8-7A9FF56E234E}: NameServer = 89.108.202.21 89.108.195.21
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B1EEC0F5-8ECC-4D1F-A8AE-47DCD3B30DEA}: DhcpNameServer = 8.8.8.8 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BAE000DC-841A-4B69-B9B0-A41475D0FCD7}: NameServer = 89.108.202.20 89.108.195.20
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F891092C-6B0C-412F-B19D-35986AE966C7}: NameServer = 89.108.202.20 89.108.195.20
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programy\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\Programy\AVG\AVG10\avgchsvx.exe /sync)
O34 - HKLM BootExecute: (C:\Programy\AVG\AVG10\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2014-02-03 10:15:25 | 000,000,000 | ---D | C] -- C:\_OTL
[2014-02-03 10:14:40 | 000,000,000 | ---D | C] -- C:\Users\reiy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperia Online
[2014-01-30 23:00:55 | 000,000,000 | R--D | C] -- C:\Users\reiy\Documents\Notes
[2014-01-27 14:51:32 | 000,000,000 | ---D | C] -- C:\Users\reiy\Desktop\res_mods
[2014-01-20 21:36:59 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014-01-17 20:52:41 | 000,000,000 | ---D | C] -- C:\Users\reiy\Desktop\vehicles
[2014-01-17 20:01:02 | 000,000,000 | ---D | C] -- C:\Users\reiy\Desktop\audio
[2014-01-12 11:30:59 | 000,000,000 | ---D | C] -- C:\Users\reiy\AppData\Local\Opera Software
[2014-01-12 11:30:57 | 000,000,000 | ---D | C] -- C:\Users\reiy\AppData\Roaming\Opera Software
[2014-01-12 11:30:53 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2014-02-03 10:23:23 | 000,746,852 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2014-02-03 10:23:23 | 000,660,218 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014-02-03 10:23:23 | 000,159,444 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2014-02-03 10:23:23 | 000,124,408 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014-02-03 10:17:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014-02-03 10:17:05 | 2817,974,272 | -HS- | M] () -- C:\hiberfil.sys
[2014-02-03 10:15:33 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2014-02-03 10:14:50 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014-02-03 10:14:50 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014-02-03 10:14:40 | 000,001,791 | ---- | M] () -- C:\Users\reiy\Desktop\Imperia Online.lnk
[2014-02-03 10:12:57 | 152,256,894 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2014-02-02 22:27:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014-02-01 23:41:28 | 000,749,348 | ---- | M] () -- C:\Users\reiy\Desktop\20140201_2334_france-AMX_13_90_04_himmelsdorf.wotreplay
[2014-01-31 18:03:55 | 000,158,596 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2014-01-29 16:14:54 | 338,846,185 | ---- | M] () -- C:\Users\reiy\Desktop\Zabójcze ciało (lektor pl).rmvb
[2014-01-29 13:12:11 | 000,062,683 | ---- | M] () -- C:\Users\reiy\AppData\Local\recently-used.xbel
[2014-01-29 01:21:08 | 000,610,655 | ---- | M] () -- C:\Users\reiy\Desktop\20140129_0115_france-AMX_50_100_19_monastery.wotreplay
[2014-01-18 00:43:32 | 374,402,473 | ---- | M] () -- C:\Users\reiy\Desktop\47 roninów - 47 Ronin (2013) Napisy.PL.CAMRip.XViD-MORS.rmvb
[2014-01-17 01:56:07 | 000,307,608 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014-01-12 11:30:54 | 000,001,047 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2014-01-10 19:30:36 | 000,834,334 | ---- | M] () -- C:\Users\reiy\Desktop\20140110_1922_china-Ch24_Type64_02_malinovka.wotreplay
[2014-01-10 18:18:03 | 000,057,859 | ---- | M] () -- C:\Users\reiy\Documents\arachiel.png
[2014-01-09 16:57:32 | 000,437,566 | ---- | M] () -- C:\Users\reiy\Desktop\20140109_1653_china-Ch24_Type64_01_karelia.wotreplay
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2014-02-03 10:14:40 | 000,001,791 | ---- | C] () -- C:\Users\reiy\Desktop\Imperia Online.lnk
[2014-02-02 18:54:32 | 1891,366,024 | ---- | C] () -- C:\Users\reiy\Desktop\g i joe odwet 2013 lektor pl.avi
[2014-02-02 18:54:11 | 338,846,185 | ---- | C] () -- C:\Users\reiy\Desktop\Zabójcze ciało (lektor pl).rmvb
[2014-02-01 23:46:02 | 000,749,348 | ---- | C] () -- C:\Users\reiy\Desktop\20140201_2334_france-AMX_13_90_04_himmelsdorf.wotreplay
[2014-01-29 13:12:11 | 000,062,683 | ---- | C] () -- C:\Users\reiy\AppData\Local\recently-used.xbel
[2014-01-29 01:22:40 | 000,610,655 | ---- | C] () -- C:\Users\reiy\Desktop\20140129_0115_france-AMX_50_100_19_monastery.wotreplay
[2014-01-18 19:16:23 | 374,402,473 | ---- | C] () -- C:\Users\reiy\Desktop\47 roninów - 47 Ronin (2013) Napisy.PL.CAMRip.XViD-MORS.rmvb
[2014-01-12 11:30:54 | 000,001,047 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2014-01-12 11:30:54 | 000,001,047 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2014-01-10 19:36:09 | 000,834,334 | ---- | C] () -- C:\Users\reiy\Desktop\20140110_1922_china-Ch24_Type64_02_malinovka.wotreplay
[2014-01-10 18:17:20 | 000,057,859 | ---- | C] () -- C:\Users\reiy\Documents\arachiel.png
[2014-01-10 16:40:54 | 736,524,288 | ---- | C] () -- C:\Users\reiy\Desktop\Ninja 2 - Shadow of a Tear (2013) Napisy.PL.WEB-DL.XviD-GHW.avi
[2014-01-09 16:04:21 | 000,437,566 | ---- | C] () -- C:\Users\reiy\Desktop\20140109_1653_china-Ch24_Type64_01_karelia.wotreplay
[2013-12-20 11:14:42 | 003,498,475 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin
[2013-11-19 13:24:31 | 000,000,083 | ---- | C] () -- C:\Users\reiy\.gtk-bookmarks
[2013-11-17 15:06:14 | 304,169,078 | ---- | C] () -- C:\Users\reiy\AppData\Roaming\.minecraft.rar
[2013-10-19 19:07:56 | 000,000,000 | ---- | C] () -- C:\Users\reiy\AppData\Local\{0129B846-055D-47FC-B820-785BAA553A54}
[2013-10-11 22:05:56 | 000,007,609 | ---- | C] () -- C:\Users\reiy\AppData\Local\Resmon.ResmonCfg
[2013-06-06 16:35:22 | 000,139,552 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2013-06-06 16:35:22 | 000,138,904 | ---- | C] () -- C:\Users\reiy\AppData\Roaming\PnkBstrK.sys
[2013-06-06 16:35:11 | 000,291,296 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2013-06-06 16:35:09 | 000,669,184 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
[2013-06-06 16:35:09 | 000,076,888 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2013-05-22 17:49:22 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2013-05-22 17:49:21 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2013-05-22 17:49:21 | 000,074,752 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2013-05-22 17:49:21 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2013-05-22 17:48:00 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2013-05-22 17:48:00 | 000,258,048 | ---- | C] () -- C:\Windows\System32\libFLAC.dll
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009-07-14 08:27:10 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009-07-14 02:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009-07-14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2014-01-06 15:16:41 | 000,000,000 | ---D | M] -- C:\Users\reiy\AppData\Roaming\.minecraft
[2013-07-06 09:05:26 | 000,000,000 | ---D | M] -- C:\Users\reiy\AppData\Roaming\646
[2014-01-29 18:31:10 | 000,000,000 | ---D | M] -- C:\Users\reiy\AppData\Roaming\AIMP3
[2013-07-07 19:31:23 | 000,000,000 | ---D | M] -- C:\Users\reiy\AppData\Roaming\AnvSoft
[2013-05-30 22:20:25 | 000,000,000 | ---D | M] -- C:\Users\reiy\AppData\Roaming\Ashampoo
[2013-05-22 15:44:46 | 000,000,000 | ---D | M] -- C:\Users\reiy\AppData\Roaming\AVG10
[2013-12-27 14:06:13 | 000,000,000 | ---D | M] -- C:\Users\reiy\AppData\Roaming\BitTorrent
[2013-12-29 10:57:55 | 000,000,000 | ---D | M] -- C:\Users\reiy\AppData\Roaming\Bonanza
[2013-11-02 15:43:24 | 000,000,000 | ---D | M] -- C:\Users\reiy\AppData\Roaming\Craften Terminal
[2013-12-19 17:27:29 | 000,000,000 | ---D | M] -- C:\Users\reiy\AppData\Roaming\DAEMON Tools Lite
[2014-01-16 18:54:46 | 000,000,000 | ---D | M] -- C:\Users\reiy\AppData\Roaming\GG
[2013-10-20 09:09:19 | 000,000,000 | ---D | M] -- C:\Users\reiy\AppData\Roaming\LolClient
[2013-11-03 15:30:47 | 000,000,000 | ---D | M] -- C:\Users\reiy\AppData\Roaming\Might & Magic Heroes VI
[2013-06-23 10:09:26 | 000,000,000 | ---D | M] -- C:\Users\reiy\AppData\Roaming\Need for Speed World
[2014-01-12 11:30:57 | 000,000,000 | ---D | M] -- C:\Users\reiy\AppData\Roaming\Opera Software
[2013-12-19 17:25:43 | 000,000,000 | ---D | M] -- C:\Users\reiy\AppData\Roaming\Origin
[2013-10-19 19:37:19 | 000,000,000 | ---D | M] -- C:\Users\reiy\AppData\Roaming\Riot Games
[2013-11-07 11:54:09 | 000,000,000 | ---D | M] -- C:\Users\reiy\AppData\Roaming\SoftMaker
[2013-07-06 07:01:56 | 000,000,000 | ---D | M] -- C:\Users\reiy\AppData\Roaming\T-Mobile
[2013-11-02 09:06:41 | 000,000,000 | ---D | M] -- C:\Users\reiy\AppData\Roaming\TP-LINK
[2014-02-02 22:02:52 | 000,000,000 | ---D | M] -- C:\Users\reiy\AppData\Roaming\TS3Client
[2013-09-29 14:48:14 | 000,000,000 | ---D | M] -- C:\Users\reiy\AppData\Roaming\Ubisoft
[2013-05-22 21:49:11 | 000,000,000 | ---D | M] -- C:\Users\reiy\AppData\Roaming\Wargaming.net
[2013-12-10 12:49:26 | 000,000,000 | ---D | M] -- C:\Users\reiy\AppData\Roaming\Wise Registry Cleaner
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >

Reiden · 3 Lutego 2014

OTL Extras logfile created on: 2014-02-03 22:06:41 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\reiy\Downloads
 An unknown product  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
3,50 Gb Total Physical Memory | 1,03 Gb Available Physical Memory | 29,37% Memory free
7,00 Gb Paging File | 4,01 Gb Available in Paging File | 57,36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 195,21 Gb Total Space | 43,46 Gb Free Space | 22,26% Space Free | Partition Type: NTFS
Drive D: | 270,45 Gb Total Space | 16,62 Gb Free Space | 6,15% Space Free | Partition Type: NTFS
 
Computer Name: REIYY | User Name: reiy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = OperaStable] -- C:\Program Files\Opera\Launcher.exe (Opera Software)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programy\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
 
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{013979FD-FE03-4808-B282-5D4F5FC66C55}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{02BB1219-DBB2-403F-B723-EC2F86C5B1AD}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{0573FA1C-D630-4098-8E18-E54497F29477}" = lport=1542 | protocol=17 | dir=in | name=realtek wps udp prot |
"{0947B59B-734F-4F0A-8DC4-099B7EF81B76}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0C0016C0-C137-45F9-B062-FF279CDAB07A}" = rport=137 | protocol=17 | dir=out | app=system |
"{0C6555E5-8BD3-4D97-8160-CB87D36F8130}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{197F9040-12E6-4A69-A176-FA5DCC9C3E78}" = lport=138 | protocol=17 | dir=in | app=system |
"{23AB8EB1-34E8-4029-9DB5-C9B544832248}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2622BC6C-3CED-4445-8055-97AEA05CE787}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{2C0A6FC0-5619-4951-BF56-E337783F2A0C}" = lport=58346 | protocol=6 | dir=in | name=pando media booster |
"{3260E491-78C3-44A3-87F2-20FFB952B803}" = lport=139 | protocol=6 | dir=in | app=system |
"{363B9D5C-0E3E-4963-BC5B-42A8AEE67A1E}" = lport=80 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\netservice\nvnetworkservice.exe |
"{3B3A1BB7-04AE-4C47-B97B-D9B9ACC262C7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3C0C7D1B-C69F-4163-8179-BBE007574252}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3EE23790-0820-47A9-9459-7023B8F6FAB7}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{415B19E7-0D0A-4E13-9DD8-C14A5D206F0D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4424FC07-6F23-4A74-879F-68177A18A0E9}" = lport=445 | protocol=6 | dir=in | app=system |
"{47471DAE-335E-4DBE-A59C-A1C29D04517F}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{4AD5262A-1237-4085-A4D2-90D07E033EC4}" = lport=53 | protocol=17 | dir=in | name=rtldns-port-2 |
"{4B7D1A9B-376B-4275-AD35-C45F0A79EC64}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{517282C7-9FF8-4B68-9BFA-06E0D4EA5007}" = lport=58346 | protocol=17 | dir=in | name=pando media booster |
"{521AEC21-0A3A-43F7-BCB8-A06F5A9A951D}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{541C8B73-F39A-4E40-B5A3-4A99E685FAE2}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{68DB0CBF-0C37-47E0-B570-8ED8543BED01}" = lport=53 | protocol=17 | dir=in | name=realtek ap udp prot |
"{693C2131-884D-458E-AECC-D8BC535F09A0}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{6BDAA307-010C-474C-B9F3-278607F9A933}" = rport=138 | protocol=17 | dir=out | app=system |
"{6C470E00-333B-4641-86E0-1671F8FA8FD2}" = lport=58346 | protocol=17 | dir=in | name=pando media booster |
"{6F8AE711-C40D-4390-BACF-0A57985C86F7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{7835D2E4-C52E-4FCB-ADF0-9497796B3005}" = lport=53 | protocol=6 | dir=in | name=rtldns-port |
"{7CAADB12-67D6-4F16-BF1A-C80D3011D890}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7EA6409D-D867-4D35-BDB5-F45B3E44F749}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{7F09E7DC-5545-40C4-B4D0-AAEC47AF0CD6}" = lport=58346 | protocol=6 | dir=in | name=pando media booster |
"{86E41438-BAD3-4788-8916-4616931F11D6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{894B099B-D066-43F2-B507-F0B42AC51471}" = lport=67 | protocol=17 | dir=in | name=rtldhcp-port |
"{8AE612ED-3EE4-4C98-99BF-974EA58E44AD}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8EAC7772-C9C4-4F2D-857B-30AD8023CBED}" = lport=443 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\netservice\nvnetworkservice.exe |
"{94CF2166-1A28-4309-9C4A-EC6E1B19FC08}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{98882AF6-AEA4-4F37-BA15-690C07D84551}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{A5A0E39B-C989-43F4-868C-DF9453125CC7}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{A807962D-7F50-4034-8565-FBC0C1F2061B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B0FBC98F-C26B-463D-AF74-39E61C49A427}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B3035B97-195B-4394-AA17-7B4733E4594E}" = lport=68 | protocol=17 | dir=in | name=rtldhcp-port-2 |
"{B3CF1566-DC94-47AA-836E-A94B1854E2AA}" = lport=1542 | protocol=6 | dir=in | name=realtek wps tcp prot |
"{B6ABD927-AD2B-4309-BCAD-8F0DAEF68B89}" = rport=445 | protocol=6 | dir=out | app=system |
"{BAB361E8-B621-4920-840E-667521AE6BE2}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BBC22518-F067-4696-B9A3-66DAA09FA13B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{CE9663E2-9D4F-4369-8D30-B409112B06E1}" = lport=137 | protocol=17 | dir=in | app=system |
"{CF2814B7-B7BD-43D8-B88A-02BC6A910808}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D38104DA-90FB-4238-BE9D-9D37DAF7A869}" = lport=10243 | protocol=6 | dir=in | app=system |
"{F735963C-D18E-4F1D-B999-1E42D86939DF}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{F9F7C5ED-7A9D-4C5E-90B9-549A4089D352}" = rport=139 | protocol=6 | dir=out | app=system |
"{FD88B919-4DA0-4FFB-B99D-4003266AB5AC}" = rport=10243 | protocol=6 | dir=out | app=system |
 
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0590CA68-4EA5-43D9-96F6-78EBC1DAE303}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{0AD59D8C-8EA1-428D-B67A-D6E84935B4FB}" = protocol=58 | dir=out | [email protected],-28546 |
"{10721CE9-911A-44EF-A0FA-33640551136E}" = protocol=6 | dir=in | app=c:\programy\avg\avg10\avgemcx.exe |
"{10AC9DAC-865F-44EB-A00C-F97734380C6E}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{12878711-FFC2-4840-AAFA-FC71EE8E2994}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1323BC44-6667-4F44-887D-C9A71B546204}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{18450F41-94D5-423D-A55B-AA9E64079FB3}" = protocol=17 | dir=in | app=c:\program files\ubisoft\might & magic heroes vi\might & magic heroes vi.exe |
"{1975E8F0-7C70-4E3C-A57E-04268E020DAB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{24C0D894-730B-45A4-995F-DA02F5935894}" = protocol=6 | dir=in | app=c:\programy\bittorrent\bittorrent.exe |
"{270B677E-66F2-445F-B628-619D696B832A}" = protocol=17 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{331CF1E0-DEBE-469E-99F2-A8A4AD96F41D}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{3416C316-2817-4B72-8FB0-23A9CFE18EA4}" = protocol=17 | dir=in | app=c:\program files\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{37A7A04C-9D5E-4715-AF67-73CD96C3BCB5}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{3C23F6F5-7469-49BB-AD64-758366BFDE49}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{40112AC1-1E07-4250-9480-2A03B48E929B}" = protocol=17 | dir=in | app=c:\programy\avg\avg10\avgemcx.exe |
"{43DA3809-123C-42C4-B48B-BB157C509859}" = protocol=17 | dir=in | app=c:\gry\the elder scrolls v skyrim\launcher.exe |
"{498C4CF8-23E8-4C4A-A394-FD3D401551B5}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{4F492EF7-B14E-4526-A50F-CE925734D392}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{53F7026F-51D5-4CA3-AE03-814D566E91FE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6A2CE173-E254-43D6-A128-7E2F7E4B8D8A}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{6C7DAC27-771D-48F6-99C4-BFE7D6DA5A86}" = protocol=6 | dir=in | app=c:\program files\ubisoft\might & magic heroes vi\might & magic heroes vi.exe |
"{7157DE81-9A9E-4E16-95B7-B9EE15428E34}" = protocol=1 | dir=in | [email protected],-28543 |
"{71D89F14-589E-43AE-B6A0-CC1AF6373905}" = protocol=6 | dir=in | app=c:\gry\the elder scrolls v skyrim\launcher.exe |
"{74CE1A69-7121-47E6-AAED-2179E8525CC6}" = protocol=17 | dir=in | app=c:\programy\avg\avg10\avgdiagex.exe |
"{78D39323-46A6-4267-8D20-7016A80A3464}" = protocol=17 | dir=in | app=c:\programy\bittorrent\bittorrent.exe |
"{832E6651-CB6B-4647-B805-769D9E9E8111}" = protocol=17 | dir=in | app=c:\programy\avg\avg10\avgmfapx.exe |
"{88E9053B-FFA1-42D7-A0F6-754A45AFA4FF}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{8D5461D1-BA70-44AD-90C5-2C25D1BDF6E7}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{8D97C3EE-3E0F-4B31-9FD8-271BC09CBBCD}" = protocol=6 | dir=in | app=c:\programy\avg\avg10\avgmfapx.exe |
"{94D68933-3541-490B-B303-20DEA4040C47}" = protocol=17 | dir=in | app=c:\program files\origin games\battlefield 4\bf4_x86.exe |
"{95AF2B16-5605-4326-8C1C-71B7EB007095}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9C579DEB-1D98-4C81-AFCD-0C4571B53D7A}" = protocol=58 | dir=in | [email protected],-28545 |
"{9F759B30-A6F1-4BB8-9D2C-251A099BB126}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{A78F1A9A-8B47-4FB9-B6F6-D49C595A1798}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AC120ACA-AC05-4342-ABE9-C14759515A5B}" = protocol=6 | dir=out | app=system |
"{ACA6A500-FE37-42EF-9AC7-3BD3E17A3176}" = protocol=17 | dir=in | app=c:\programy\avg\avg10\avgnsx.exe |
"{B3CDBC13-6A79-4A04-A7E4-E5BA6CE92522}" = protocol=6 | dir=in | app=c:\programy\avg\avg10\avgdiagex.exe |
"{B3DB5AF0-CA90-4853-AB07-B98AF86CD2F2}" = protocol=6 | dir=in | app=c:\programy\avg\avg10\avgnsx.exe |
"{BB09D0AD-5C59-412B-A3DB-E1C87D5DD868}" = protocol=6 | dir=in | app=c:\program files\codemasters\grid\grid.exe |
"{C935D5AE-D6EE-447D-B530-3DF6B56F6152}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D0C61689-FEA2-468D-B4B3-5ED5A193E45F}" = protocol=6 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{D444BAD1-7D56-4D42-ABD9-AE6D47600A0D}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{DC65E45E-A017-4F7D-90FA-6EE09F19848B}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{DED05FA2-5355-4715-BE60-561483EBE4B8}" = protocol=6 | dir=in | app=c:\program files\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{E1FD6B95-018E-4B24-87E3-72A8095E29B3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E2191B77-FCF0-48C4-A164-4CC06E066B22}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E8436034-7F27-4F96-A7DF-AC075501B68B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F3BDA2BD-F29E-4834-95F9-78E71611A154}" = protocol=6 | dir=in | app=c:\program files\origin games\battlefield 4\bf4_x86.exe |
"{F7CA63CB-C554-4A2C-8F92-6DCB0A07CE29}" = protocol=17 | dir=in | app=c:\program files\codemasters\grid\grid.exe |
"{FB4537B0-8413-4E7E-9D9B-E9ED055AC50F}" = protocol=1 | dir=out | [email protected],-28544 |
"TCP Query User{18BACC72-15B2-4FC7-89E4-EECE54EEC175}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{7BAD28B0-DD72-4765-8FBB-036C55610490}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{8A04A4DD-2217-490C-A474-36C8307ACB4B}C:\gry2\electronic arts\need for speed world\data\nfsw.exe" = protocol=6 | dir=in | app=c:\gry2\electronic arts\need for speed world\data\nfsw.exe |
"TCP Query User{D27BF5BD-1E33-412C-93ED-B60BF7D5632C}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{54F812FB-C7E2-4E0F-8644-34E89ADF3C42}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{81666C25-9236-46B6-9EF0-1FEF358D971F}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{C300117F-3125-452C-9B4B-CAA02A012808}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{DE0266C1-7906-4E2E-B350-EE2A0CFEFB1E}C:\gry2\electronic arts\need for speed world\data\nfsw.exe" = protocol=17 | dir=in | app=c:\gry2\electronic arts\need for speed world\data\nfsw.exe |
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{1CA458AD-F4E8-4B84-90C1-F3748AD2F869}" = AVG 2011
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1" = World of Tanks
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 25
"{2AA44AF4-C116-4219-B800-4573E7E6D421}_is1" = Advanced Disk Recovery
"{319D91C6-3D44-436C-9F79-36C0D22372DC}" = TP-LINK Wireless Configuration Utility
"{32A3A4F4-B792-11D6-A78A-00B0D0170210}" = Java SE Development Kit 7 Update 21
"{38A1E3ED-D913-41D2-9953-A93D5ACE3ADF}" = TP-LINK 150Mbps Wireless N USB Adapter Driver
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56504C77-8B9F-4EB2-B33B-C5B9F50B5D64}" = AVG 2011
"{5A0B7BA5-4682-4273-81C2-69B17E649103}" = GRID
"{5DE67937-45D5-45E4-923C-0B7F7EC929A7}" = League of Legends
"{745D37C2-26F4-4B65-BA13-F9840EBFA75B}" = Might & Magic Heroes VI
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{887868A2-D6DE-3255-AA92-AA0B5A59B874}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8EBB8452-274B-465D-8324-00B0832FBB00}" = Ashampoo Office 2010
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{95723791-2C44-454B-9220-C65D47D70E9C}" = WEBZEN Browser Extension
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{ABADE36E-EC37-413B-8179-B432AD3FACE7}" = Battlefield 4™
"{AC76BA86-7AD7-1045-7B44-AA1000000001}" = Adobe Reader X (10.1.7) - Polish
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 331.93
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 331.93
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 331.93
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.8.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 331.93
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.13.0725
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 10.11.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.3.26.4
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 10.11.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.19
"{B9EA2597-73DA-46DD-A794-10EEEFA622B1}_is1" = TS3 Mega Pack v1
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.165
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AIMP3" = AIMP3
"ALLPlayer_is1" = ALLPlayer V4.X
"Any Video Converter 5_is1" = Any Video Converter 5 5.0.4
"Ashampoo Burning Studio 9_is1" = Ashampoo Burning Studio 9.04
"Ashampoo Undeleter_is1" = Ashampoo Undeleter v.1.00
"AVG" = AVG 2011
"BitTorrent" = BitTorrent
"C9(Continent of the Ninth Seal)_is1" = C9
"CCleaner" = CCleaner
"DAEMON Tools Lite" = DAEMON Tools Lite
"DokanLibrary" = Dokan Library 0.6.0
"Dzielenie i łączenie plików_is1" = Dzielenie i łączenie plików v1.2.2
"ESN Sonar-0.70.4" = ESN Sonar
"GameSpy Arcade" = GameSpy Arcade
"GIMP-2_is1" = GIMP 2.8.0
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.8.0 (Full)
"League of Legends 3.0.1" = League of Legends
"Legion PL" = Legion PL
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.75.0.1300
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Minecraft1.6.4" = Minecraft1.6.4
"Mozilla Firefox 26.0 (x86 pl)" = Mozilla Firefox 26.0 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MySSID_is1" = Vtune 7.13
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"Opera 18.0.1284.68" = Opera Stable 18.0.1284.68
"Origin" = Origin
"PLAY ONLINE" = PLAY ONLINE
"PunkBusterSvc" = PunkBuster Services
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"The Elder Scrolls V Skyrim_is1" = The Elder Scrolls V Skyrim
"WinRAR archiver" = WinRAR 4.20 (32-bitowy)
"Wise Registry Cleaner_is1" = Wise Registry Cleaner 7.91
"ZRwTINhSZfduKONYrSCTiCiGPggQZdcLRvoAVxyCOXXpkHeC~1DC3968F_is1" = Aslain's XVM Mod wersja 3.1.15
 
[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Bonanza" = Update_for_BonanzaDeals
"GG" = GG
 
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 2014-02-03 05:17:44 | Computer Name = reiyy | Source = NvStreamSvc | ID = 131073
Description =
 
Error - 2014-02-03 08:15:02 | Computer Name = reiyy | Source = Application Hang | ID = 1002
Description = Program firefox.exe w wersji 26.0.0.5087 zatrzymał interakcję z systemem
 Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji
 dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum
 akcji.    Identyfikator procesu: df0    Godzina rozpoczęcia: 01cf20c0ed283265    Godzina zakończenia:
 143    Ścieżka aplikacji: C:\Programy\Mozilla Firefox\firefox.exe    Identyfikator raportu:
 c9232277-8ccc-11e3-80cc-406186e68b72  
 
Error - 2014-02-03 09:30:27 | Computer Name = reiyy | Source = NvStreamSvc | ID = 131073
Description =
 
Error - 2014-02-03 09:30:27 | Computer Name = reiyy | Source = NvStreamSvc | ID = 131073
Description =
 
Error - 2014-02-03 09:33:44 | Computer Name = reiyy | Source = NvStreamSvc | ID = 131073
Description =
 
Error - 2014-02-03 09:33:44 | Computer Name = reiyy | Source = NvStreamSvc | ID = 131073
Description =
 
Error - 2014-02-03 09:55:14 | Computer Name = reiyy | Source = NvStreamSvc | ID = 131073
Description =
 
Error - 2014-02-03 09:55:14 | Computer Name = reiyy | Source = NvStreamSvc | ID = 131073
Description =
 
Error - 2014-02-03 14:35:37 | Computer Name = reiyy | Source = NvStreamSvc | ID = 131073
Description =
 
Error - 2014-02-03 14:35:37 | Computer Name = reiyy | Source = NvStreamSvc | ID = 131073
Description =
 
[ System Events ]
Error - 2013-10-19 20:24:59 | Computer Name = reiyy | Source = volsnap | ID = 393252
Description = Wykonywanie kopii w tle woluminu C: zostało przerwane, ponieważ nie
 można powiększyć magazynu kopii w tle z powodu limitu wprowadzonego przez użytkownika.
 
Error - 2013-10-20 01:52:04 | Computer Name = reiyy | Source = Application Popup | ID = 875
Description = Sterownik sfsync02.sys został zablokowany dla ładowania.
 
Error - 2013-10-20 01:52:07 | Computer Name = reiyy | Source = Application Popup | ID = 875
Description = Sterownik sfhlp01.sys został zablokowany dla ładowania.
 
Error - 2013-10-20 01:52:07 | Computer Name = reiyy | Source = Application Popup | ID = 875
Description = Sterownik sfdrv01.sys został zablokowany dla ładowania.
 
Error - 2013-10-20 01:52:07 | Computer Name = reiyy | Source = Application Popup | ID = 875
Description = Sterownik prosync1.sys został zablokowany dla ładowania.
 
Error - 2013-10-20 01:52:07 | Computer Name = reiyy | Source = Application Popup | ID = 875
Description = Sterownik prohlp02.sys został zablokowany dla ładowania.
 
Error - 2013-10-20 01:52:10 | Computer Name = reiyy | Source = Application Popup | ID = 875
Description = Sterownik prodrv06.sys został zablokowany dla ładowania.
 
Error - 2013-10-20 01:52:22 | Computer Name = reiyy | Source = Service Control Manager | ID = 7009
Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się
 z usługą PLAY ONLINE. OUC.
 
Error - 2013-10-20 01:52:22 | Computer Name = reiyy | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi PLAY ONLINE. OUC z powodu następującego
 błędu:   %%1053
 
Error - 2013-10-20 01:52:26 | Computer Name = reiyy | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego:   prodrv06  prohlp02  prosync1  sfdrv01  sfhlp01  sfsync02
 
 
< End of report >

OTL logfile created on: 2014-02-03 22:06:41 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\reiy\Downloads
 An unknown product  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
3,50 Gb Total Physical Memory | 1,03 Gb Available Physical Memory | 29,37% Memory free
7,00 Gb Paging File | 4,01 Gb Available in Paging File | 57,36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 195,21 Gb Total Space | 43,46 Gb Free Space | 22,26% Space Free | Partition Type: NTFS
Drive D: | 270,45 Gb Total Space | 16,62 Gb Free Space | 6,15% Space Free | Partition Type: NTFS
 
Computer Name: REIYY | User Name: reiy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2014-02-03 22:06:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\reiy\Downloads\OTL.exe
PRC - [2014-02-03 18:06:01 | 000,514,048 | ---- | M] () -- C:\Program Files\PLAY ONLINE\PLAY ONLINE.exe
PRC - [2014-02-03 18:05:27 | 000,246,112 | ---- | M] () -- C:\ProgramData\PLAY ONLINE\OnlineUpdate\ouc.exe
PRC - [2014-02-02 22:13:08 | 000,613,720 | ---- | M] () -- C:\Users\reiy\Downloads\OTL_3.2.70.2 (25180).exe
PRC - [2013-12-20 12:44:21 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Programy\Mozilla Firefox\firefox.exe
PRC - [2013-12-17 15:43:40 | 015,900,016 | ---- | M] (Wargaming.net) -- C:\Games\World_of_Tanks\WorldOfTanks.exe
PRC - [2013-12-11 22:28:36 | 001,862,536 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
PRC - [2013-12-10 03:15:27 | 002,279,712 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2013-12-10 03:14:56 | 001,494,304 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2013-12-10 03:14:51 | 014,658,848 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
PRC - [2013-11-23 18:44:30 | 001,821,984 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2013-11-23 18:44:30 | 000,932,640 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2013-11-23 12:18:34 | 000,414,496 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013-11-08 21:49:00 | 001,028,384 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013-10-26 19:52:17 | 009,547,240 | ---- | M] (TeamSpeak Systems GmbH) -- C:\Programy\TeamSpeak 3 Client\ts3client_win32.exe
PRC - [2013-05-10 08:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012-10-18 14:28:00 | 000,846,848 | ---- | M] () -- C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
PRC - [2012-08-01 03:48:54 | 002,345,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programy\AVG\AVG10\avgtray.exe
PRC - [2012-01-31 14:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programy\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2011-09-09 02:10:56 | 001,082,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programy\AVG\AVG10\avgnsx.exe
PRC - [2011-08-18 00:33:26 | 000,659,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programy\AVG\AVG10\avgrsx.exe
PRC - [2011-05-23 13:13:04 | 000,657,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programy\AVG\AVG10\avgchsvx.exe
PRC - [2011-03-28 02:00:52 | 000,351,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programy\AVG\AVG10\avgcsrvx.exe
PRC - [2011-03-16 15:05:20 | 001,025,888 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programy\AVG\AVG10\avgemcx.exe
PRC - [2011-03-14 16:27:28 | 000,271,712 | ---- | M] () -- C:\ProgramData\DatacardService\HWDeviceService.exe
PRC - [2011-03-14 16:27:28 | 000,236,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2011-02-10 06:55:18 | 001,148,256 | ---- | M] () -- C:\Programy\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011-02-08 04:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programy\AVG\AVG10\avgwdsvc.exe
PRC - [2010-09-02 09:59:16 | 002,158,592 | ---- | M] () -- C:\Program Files\Vtune\TBPANEL.exe
PRC - [2009-07-14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009-07-14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009-07-14 02:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2014-02-03 18:06:01 | 000,514,048 | ---- | M] () -- C:\Program Files\PLAY ONLINE\PLAY ONLINE.exe
MOD - [2014-02-03 18:05:27 | 009,515,520 | ---- | M] () -- C:\Program Files\PLAY ONLINE\QtGui4.dll
MOD - [2014-02-03 18:05:27 | 002,415,104 | ---- | M] () -- C:\Program Files\PLAY ONLINE\QtCore4.dll
MOD - [2014-02-03 18:05:27 | 001,148,416 | ---- | M] () -- C:\Program Files\PLAY ONLINE\QtNetwork4.dll
MOD - [2014-02-03 18:05:27 | 001,101,824 | ---- | M] () -- C:\Program Files\PLAY ONLINE\NDISAPI.dll
MOD - [2014-02-03 18:05:27 | 001,077,248 | ---- | M] () -- C:\Program Files\PLAY ONLINE\AddrBookPlugin.dll
MOD - [2014-02-03 18:05:27 | 000,808,960 | ---- | M] () -- C:\Program Files\PLAY ONLINE\SMSUIPlugin.dll
MOD - [2014-02-03 18:05:27 | 000,739,328 | ---- | M] () -- C:\Program Files\PLAY ONLINE\AddrBookUIPlugin.dll
MOD - [2014-02-03 18:05:27 | 000,670,720 | ---- | M] () -- C:\Program Files\PLAY ONLINE\SmsAppPlugin.dll
MOD - [2014-02-03 18:05:27 | 000,550,400 | ---- | M] () -- C:\Program Files\PLAY ONLINE\CallAppPlugin.dll
MOD - [2014-02-03 18:05:27 | 000,547,840 | ---- | M] () -- C:\Program Files\PLAY ONLINE\CallLogSrvPlugin.dll
MOD - [2014-02-03 18:05:27 | 000,545,280 | ---- | M] () -- C:\Program Files\PLAY ONLINE\PluginContainer.dll
MOD - [2014-02-03 18:05:27 | 000,495,104 | ---- | M] () -- C:\Program Files\PLAY ONLINE\DeviceMgrUIPlugin.dll
MOD - [2014-02-03 18:05:27 | 000,483,328 | ---- | M] () -- C:\Program Files\PLAY ONLINE\NetInfoUIExPlugin.dll
MOD - [2014-02-03 18:05:27 | 000,428,032 | ---- | M] () -- C:\Program Files\PLAY ONLINE\core.dll
MOD - [2014-02-03 18:05:27 | 000,427,008 | ---- | M] () -- C:\Program Files\PLAY ONLINE\DialupUIPlugin.dll
MOD - [2014-02-03 18:05:27 | 000,384,512 | ---- | M] () -- C:\Program Files\PLAY ONLINE\USSDUIPlugin.dll
MOD - [2014-02-03 18:05:27 | 000,381,952 | ---- | M] () -- C:\Program Files\PLAY ONLINE\Proxy.dll
MOD - [2014-02-03 18:05:27 | 000,370,176 | ---- | M] () -- C:\Program Files\PLAY ONLINE\plugins\imageformats\qtiff4.dll
MOD - [2014-02-03 18:05:27 | 000,350,720 | ---- | M] () -- C:\Program Files\PLAY ONLINE\plugins\imageformats\qmng4.dll
MOD - [2014-02-03 18:05:27 | 000,338,432 | ---- | M] () -- C:\Program Files\PLAY ONLINE\DeviceAppPlugin.dll
MOD - [2014-02-03 18:05:27 | 000,334,848 | ---- | M] () -- C:\Program Files\PLAY ONLINE\MainpagePlugin.dll
MOD - [2014-02-03 18:05:27 | 000,333,312 | ---- | M] () -- C:\Program Files\PLAY ONLINE\NetConnectPlugin.dll
MOD - [2014-02-03 18:05:27 | 000,310,272 | ---- | M] () -- C:\Program Files\PLAY ONLINE\StatusBarMgrPlugin.dll
MOD - [2014-02-03 18:05:27 | 000,301,056 | ---- | M] () -- C:\Program Files\PLAY ONLINE\DeviceSrvPlugin.dll
MOD - [2014-02-03 18:05:27 | 000,278,528 | ---- | M] () -- C:\Program Files\PLAY ONLINE\NetInfoSrvPlugin.dll
MOD - [2014-02-03 18:05:27 | 000,269,824 | ---- | M] () -- C:\Program Files\PLAY ONLINE\LiveUpdateInterface.dll
MOD - [2014-02-03 18:05:27 | 000,264,704 | ---- | M] () -- C:\Program Files\PLAY ONLINE\AddrBookSrvPlugin.dll
MOD - [2014-02-03 18:05:27 | 000,261,632 | ---- | M] () -- C:\Program Files\PLAY ONLINE\sdk.dll
MOD - [2014-02-03 18:05:27 | 000,249,344 | ---- | M] () -- C:\Program Files\PLAY ONLINE\MenuMgrPlugin.dll
MOD - [2014-02-03 18:05:27 | 000,240,128 | ---- | M] () -- C:\Program Files\PLAY ONLINE\ToolBarMgrPlugin.dll
MOD - [2014-02-03 18:05:27 | 000,238,080 | ---- | M] () -- C:\Program Files\PLAY ONLINE\AtCodec.dll
MOD - [2014-02-03 18:05:27 | 000,235,008 | ---- | M] () -- C:\Program Files\PLAY ONLINE\NetSrvPlugin.dll
MOD - [2014-02-03 18:05:27 | 000,218,112 | ---- | M] () -- C:\Program Files\PLAY ONLINE\Common.dll
MOD - [2014-02-03 18:05:27 | 000,217,600 | ---- | M] () -- C:\Program Files\PLAY ONLINE\SmsSrvPlugin.dll
MOD - [2014-02-03 18:05:27 | 000,211,968 | ---- | M] () -- C:\Program Files\PLAY ONLINE\DialUpPlugin.dll
MOD - [2014-02-03 18:05:27 | 000,192,000 | ---- | M] () -- C:\Program Files\PLAY ONLINE\plugins\imageformats\qjpeg4.dll
MOD - [2014-02-03 18:05:27 | 000,190,464 | ---- | M] () -- C:\Program Files\PLAY ONLINE\XFramePlugin.dll
MOD - [2014-02-03 18:05:27 | 000,180,224 | ---- | M] () -- C:\Program Files\PLAY ONLINE\NDISPlugin.dll
MOD - [2014-02-03 18:05:27 | 000,176,128 | ---- | M] () -- C:\Program Files\PLAY ONLINE\CallSrvPlugin.dll
MOD - [2014-02-03 18:05:27 | 000,159,232 | ---- | M] () -- C:\Program Files\PLAY ONLINE\XCodec.dll
MOD - [2014-02-03 18:05:27 | 000,158,720 | ---- | M] () -- C:\Program Files\PLAY ONLINE\NetConnectSrvPlugin.dll
MOD - [2014-02-03 18:05:27 | 000,157,184 | ---- | M] () -- C:\Program Files\PLAY ONLINE\DataServicePlugin.dll
MOD - [2014-02-03 18:05:27 | 000,156,672 | ---- | M] () -- C:\Program Files\PLAY ONLINE\STKSrvPlugin.dll
MOD - [2014-02-03 18:05:27 | 000,142,336 | ---- | M] () -- C:\Program Files\PLAY ONLINE\USSDSrvPlugin.dll
MOD - [2014-02-03 18:05:27 | 000,135,168 | ---- | M] () -- C:\Program Files\PLAY ONLINE\Trace.dll
MOD - [2014-02-03 18:05:27 | 000,133,120 | ---- | M] () -- C:\Program Files\PLAY ONLINE\OSDialup.dll
MOD - [2014-02-03 18:05:27 | 000,131,072 | ---- | M] () -- C:\Program Files\PLAY ONLINE\OSNDIS.dll
MOD - [2014-02-03 18:05:27 | 000,123,392 | ---- | M] () -- C:\Program Files\PLAY ONLINE\ATR2SMgr.dll
MOD - [2014-02-03 18:05:27 | 000,118,272 | ---- | M] () -- C:\Program Files\PLAY ONLINE\LayoutPlugin.dll
MOD - [2014-02-03 18:05:27 | 000,106,496 | ---- | M] () -- C:\Program Files\PLAY ONLINE\Win7Support.dll
MOD - [2014-02-03 18:05:27 | 000,101,376 | ---- | M] () -- C:\Program Files\PLAY ONLINE\OSAdapt.dll
MOD - [2014-02-03 18:05:27 | 000,093,184 | ---- | M] () -- C:\Program Files\PLAY ONLINE\NotifyServicePlugin.dll
MOD - [2014-02-03 18:05:27 | 000,082,944 | ---- | M] () -- C:\Program Files\PLAY ONLINE\plugins\imageformats\qgif4.dll
MOD - [2014-02-03 18:05:27 | 000,081,920 | ---- | M] () -- C:\Program Files\PLAY ONLINE\plugins\imageformats\qico4.dll
MOD - [2014-02-03 18:05:27 | 000,065,536 | ---- | M] () -- C:\Program Files\PLAY ONLINE\OSPowerMgr.dll
MOD - [2014-02-03 18:05:27 | 000,062,976 | ---- | M] () -- C:\Program Files\PLAY ONLINE\OSCall.dll
MOD - [2014-02-03 18:05:27 | 000,043,008 | ---- | M] () -- C:\Program Files\PLAY ONLINE\libgcc_s_dw2-1.dll
MOD - [2014-02-03 18:05:27 | 000,011,362 | ---- | M] () -- C:\Program Files\PLAY ONLINE\mingwm10.dll
MOD - [2014-02-02 22:13:08 | 000,613,720 | ---- | M] () -- C:\Users\reiy\Downloads\OTL_3.2.70.2 (25180).exe
MOD - [2013-12-20 12:44:20 | 003,559,024 | ---- | M] () -- C:\Programy\Mozilla Firefox\mozjs.dll
MOD - [2013-12-11 22:28:36 | 016,242,056 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_9_900_170.dll
MOD - [2013-10-26 19:52:16 | 000,555,496 | ---- | M] () -- C:\Programy\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
MOD - [2013-10-26 19:52:16 | 000,431,080 | ---- | M] () -- C:\Programy\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
MOD - [2013-10-26 19:52:16 | 000,237,032 | ---- | M] () -- C:\Programy\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win32.dll
MOD - [2013-10-26 19:52:16 | 000,230,376 | ---- | M] () -- C:\Programy\TeamSpeak 3 Client\soundbackends\directsound_win32.dll
MOD - [2013-09-04 19:10:18 | 000,327,680 | ---- | M] () -- C:\Games\World_of_Tanks\voip.dll
MOD - [2013-07-16 08:35:19 | 000,321,520 | ---- | M] () -- C:\Games\World_of_Tanks\ortp.dll
MOD - [2013-04-18 00:30:40 | 000,386,600 | ---- | M] () -- C:\Games\World_of_Tanks\NxCooking.dll
MOD - [2013-04-18 00:30:40 | 000,270,336 | ---- | M] () -- C:\Games\World_of_Tanks\libcurl.dll
MOD - [2013-04-18 00:30:40 | 000,071,208 | ---- | M] () -- C:\Games\World_of_Tanks\PhysXLoader.dll
MOD - [2012-10-18 14:28:02 | 000,137,728 | ---- | M] () -- C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF.dll
MOD - [2012-10-18 14:28:02 | 000,116,224 | ---- | M] () -- C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF_WPS_WIN7.dll
MOD - [2012-10-18 14:28:00 | 001,411,072 | ---- | M] () -- C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll
MOD - [2012-10-18 14:28:00 | 000,846,848 | ---- | M] () -- C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
MOD - [2012-06-12 13:43:58 | 000,193,024 | ---- | M] () -- C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll
MOD - [2011-02-10 06:55:18 | 001,148,256 | ---- | M] () -- C:\Programy\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
MOD - [2010-09-02 09:59:16 | 002,158,592 | ---- | M] () -- C:\Program Files\Vtune\TBPANEL.exe
MOD - [1998-10-31 03:55:56 | 000,005,120 | ---- | M] () -- C:\Program Files\Vtune\TBMANAGE.DLL
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - [2014-02-03 18:05:27 | 000,246,112 | ---- | M] () [Auto | Stopped] -- C:\Program Files\PLAY ONLINE\UpdateDog\ouc.exe -- (PLAY ONLINE. RunOuc)
SRV - [2013-12-20 12:44:21 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013-12-11 22:28:41 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-12-10 03:14:56 | 001,494,304 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2013-12-10 03:14:51 | 014,658,848 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV - [2013-11-23 12:18:34 | 000,414,496 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013-05-10 08:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013-02-04 17:43:22 | 000,155,824 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2012-01-31 14:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Programy\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011-03-14 16:27:28 | 000,271,712 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService.exe -- (HWDeviceService.exe)
SRV - [2011-02-08 04:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Programy\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2009-07-16 16:04:16 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009-07-14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-07-14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | Auto | Stopped] -- C -- (S)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RTL8192su.sys -- (RTL8192su)
DRV - [2014-02-03 18:05:27 | 000,195,072 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_juwwanecm.sys -- (huawei_wwanecm)
DRV - [2014-02-03 18:05:27 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2014-02-03 18:05:27 | 000,095,616 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jucdcacm.sys -- (huawei_cdcacm)
DRV - [2014-02-03 18:05:27 | 000,076,544 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2014-02-03 18:05:27 | 000,027,520 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_juextctrl.sys -- (huawei_ext_ctrl)
DRV - [2014-02-03 18:05:27 | 000,011,136 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)
DRV - [2013-12-05 09:42:30 | 000,034,080 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvvad32v.sys -- (nvvad_WaveExtensible)
DRV - [2013-11-23 20:09:31 | 010,446,112 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2013-11-03 11:38:37 | 000,243,128 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2013-08-25 19:03:25 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2013-06-16 13:38:15 | 000,161,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2012-11-12 03:47:48 | 000,255,968 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012-10-18 14:04:12 | 001,570,304 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athur.sys -- (athur)
DRV - [2011-05-27 18:05:32 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011-04-04 23:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011-03-16 15:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011-03-01 13:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011-02-22 07:12:50 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV - [2011-02-10 06:53:42 | 000,021,968 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011-02-10 06:53:40 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011-01-10 13:49:28 | 000,095,744 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Auto | Running] -- C:\Windows\System32\drivers\dokan.sys -- (Dokan)
DRV - [2009-11-19 14:06:46 | 000,098,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039bus.sys -- (s1039bus)
DRV - [2009-11-19 14:06:46 | 000,025,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039nd5.sys -- (s1039nd5)
DRV - [2009-11-19 14:06:45 | 000,124,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mdm.sys -- (s1039mdm)
DRV - [2009-11-19 14:06:45 | 000,123,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039unic.sys -- (s1039unic)
DRV - [2009-11-19 14:06:45 | 000,117,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mgmt.sys -- (s1039mgmt)
DRV - [2009-11-19 14:06:45 | 000,113,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039obex.sys -- (s1039obex)
DRV - [2009-11-19 14:06:44 | 000,014,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mdfl.sys -- (s1039mdfl)
DRV - [2009-07-14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009-07-14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009-07-14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009-07-14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009-07-14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009-07-14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009-07-14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2007-03-16 09:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TBPanel.sys -- (TBPanel)
DRV - [2007-03-16 09:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\TBPanel.sys -- (Cardex)
DRV - [2005-08-10 15:06:28 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfsync02.sys -- (sfsync02)
DRV - [2005-08-10 13:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfdrv01.sys -- (sfdrv01)
DRV - [2005-05-16 14:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfhlp02.sys -- (sfhlp02)
DRV - [2004-08-09 12:33:26 | 000,114,016 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004-08-09 12:29:28 | 000,053,920 | ---- | M] (Protection Technology) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2004-07-19 15:49:54 | 000,007,040 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\prosync1.sys -- (prosync1)
DRV - [2003-12-01 16:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfhlp01.sys -- (sfhlp01)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/webhp?hl=pl&tab=ww"
FF - prefs.js..extensions.enabledAddons: cryenginebrowserplugin%40crytek.com:0.39.0
FF - prefs.js..extensions.enabledAddons: %7Bf9d03c26-0575-497e-821d-f7956d23e0ca%7D:3.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.3.2: C:\Program Files\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@Webzen.com/NPBrowserExt: C:\Program Files\WEBZEN\BrowserExtension\NPWZCmnCtrl.dll (WEBZEN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Programy\AVG\AVG10\Firefox4\ [2013-05-24 10:51:27 | 000,000,000 | ---D | M]
 
[2013-05-22 16:17:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\reiy\AppData\Roaming\mozilla\Extensions
[2014-01-02 22:11:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\reiy\AppData\Roaming\mozilla\Firefox\Profiles\ckyauas7.default\extensions
[2013-11-07 15:06:17 | 000,000,000 | ---D | M] (GFACE Experience Plugin) -- C:\Users\reiy\AppData\Roaming\mozilla\Firefox\Profiles\ckyauas7.default\extensions\[email protected]
[2013-05-24 10:46:36 | 000,010,043 | ---- | M] () (No name found) -- C:\Users\reiy\AppData\Roaming\mozilla\firefox\profiles\ckyauas7.default\extensions\[email protected]
[2013-12-18 18:20:00 | 000,002,839 | ---- | M] () (No name found) -- C:\Users\reiy\AppData\Roaming\mozilla\firefox\profiles\ckyauas7.default\extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca}.xpi
[2014-01-02 22:11:39 | 000,555,162 | ---- | M] () (No name found) -- C:\Users\reiy\AppData\Roaming\mozilla\firefox\profiles\ckyauas7.default\extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi
 
O1 HOSTS File: ([2014-02-03 10:15:33 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [AVG_TRAY] C:\Programy\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [NvBackend] C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [Nvtmru] C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [ShadowPlay] C:\Windows\System32\nvspcap.dll (NVIDIA Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKCU..\Run: [TBPanel] C:\Program Files\Vtune\TBPanel.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{526C7F48-7F6B-44CC-B20C-3B1CDEFDB0B7}: NameServer = 89.108.202.20 89.108.195.20
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B1EEC0F5-8ECC-4D1F-A8AE-47DCD3B30DEA}: DhcpNameServer = 8.8.8.8 8.8.4.4
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programy\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{afbd1b86-8cda-11e3-a34d-fbf6f47ef4ef}\Shell - "" = AutoRun
O33 - MountPoints2\{afbd1b86-8cda-11e3-a34d-fbf6f47ef4ef}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{afbd1b92-8cda-11e3-a34d-fbf6f47ef4ef}\Shell - "" = AutoRun
O33 - MountPoints2\{afbd1b92-8cda-11e3-a34d-fbf6f47ef4ef}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\Programy\AVG\AVG10\avgchsvx.exe /sync)
O34 - HKLM BootExecute: (C:\Programy\AVG\AVG10\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2014-02-03 18:06:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PLAY ONLINE
[2014-02-03 18:06:17 | 000,861,696 | ---- | C] (DiBcom SA) -- C:\Windows\System32\drivers\mod7700.sys
[2014-02-03 18:06:17 | 000,369,152 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbwwan.sys
[2014-02-03 18:06:17 | 000,199,168 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys
[2014-02-03 18:06:17 | 000,195,072 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_juwwanecm.sys
[2014-02-03 18:06:17 | 000,102,784 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_hwusbdev.sys
[2014-02-03 18:06:17 | 000,095,616 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcacm.sys
[2014-02-03 18:06:17 | 000,076,544 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jubusenum.sys
[2014-02-03 18:06:17 | 000,067,584 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcecm.sys
[2014-02-03 18:06:17 | 000,027,520 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_juextctrl.sys
[2014-02-03 18:06:17 | 000,025,856 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\Windows\System32\drivers\ewdcsc.sys
[2014-02-03 18:06:17 | 000,019,200 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_hwupgrade.sys
[2014-02-03 18:06:17 | 000,011,136 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_usbenumfilter.sys
[2014-02-03 18:05:24 | 000,000,000 | ---D | C] -- C:\Program Files\PLAY ONLINE
[2014-02-03 14:31:46 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2014-02-03 14:31:19 | 001,801,592 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll
[2014-02-03 14:31:19 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2014-02-03 14:31:19 | 001,379,760 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tosade.dll
[2014-02-03 14:31:18 | 000,819,648 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tadefxapo2.dll
[2014-02-03 14:31:18 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2014-02-03 14:31:18 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2014-02-03 14:31:18 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2014-02-03 14:31:18 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2014-02-03 14:31:18 | 000,134,584 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tadefxapo.dll
[2014-02-03 14:31:18 | 000,058,264 | ---- | C] (TOSHIBA CORPORATION.) -- C:\Windows\System32\TepeqAPO.dll
[2014-02-03 14:31:17 | 000,726,656 | ---- | C] (Sony Corporation) -- C:\Windows\System32\SFSS_APO.dll
[2014-02-03 14:31:17 | 000,214,368 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFNHK.dll
[2014-02-03 14:31:16 | 000,074,080 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFCOM.dll
[2014-02-03 14:31:16 | 000,068,960 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFAPO.dll
[2014-02-03 14:31:15 | 002,486,416 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll
[2014-02-03 14:31:15 | 001,501,840 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl
[2014-02-03 14:31:14 | 000,658,064 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll
[2014-02-03 14:31:14 | 000,096,400 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInstII.dll
[2014-02-03 14:31:14 | 000,013,416 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoLDR.dll
[2014-02-03 14:31:13 | 003,219,600 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll
[2014-02-03 14:31:12 | 000,359,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2014-02-03 14:31:12 | 000,170,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2014-02-03 14:31:12 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2014-02-03 14:31:12 | 000,064,856 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2014-02-03 14:31:11 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2014-02-03 14:31:11 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2014-02-03 14:31:10 | 008,847,360 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RCoRes.dat
[2014-02-03 14:31:09 | 007,162,128 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEP32A.dll
[2014-02-03 14:31:09 | 000,352,016 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EED32A.dll
[2014-02-03 14:31:09 | 000,106,768 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEL32A.dll
[2014-02-03 14:31:09 | 000,091,920 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEA32A.dll
[2014-02-03 14:31:09 | 000,062,224 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEG32A.dll
[2014-02-03 14:31:08 | 001,267,064 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek2.dll
[2014-02-03 14:31:08 | 000,349,048 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll
[2014-02-03 14:31:07 | 007,370,104 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll
[2014-02-03 14:31:06 | 001,929,080 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2014-02-03 14:31:06 | 000,742,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPOShell.dll
[2014-02-03 14:31:05 | 000,350,072 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll
[2014-02-03 14:31:05 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2014-02-03 14:31:05 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2014-02-03 14:31:04 | 000,357,712 | ---- | C] (Knowles Acoustics ) -- C:\Windows\System32\KAAPORT.dll
[2014-02-03 14:31:00 | 002,355,296 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2014-02-03 14:31:00 | 000,601,704 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll
[2014-02-03 14:31:00 | 000,426,952 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PLFX32.dll
[2014-02-03 14:31:00 | 000,402,888 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PGFX32.dll
[2014-02-03 14:31:00 | 000,346,056 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PREC32.dll
[2014-02-03 14:30:59 | 001,509,480 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll
[2014-02-03 14:30:59 | 001,292,904 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll
[2014-02-03 14:30:59 | 001,220,200 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll
[2014-02-03 14:30:59 | 000,631,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll
[2014-02-03 14:30:59 | 000,458,344 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll
[2014-02-03 14:30:59 | 000,389,736 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll
[2014-02-03 14:30:59 | 000,375,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll
[2014-02-03 14:30:59 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll
[2014-02-03 14:30:59 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll
[2014-02-03 14:30:59 | 000,218,216 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll
[2014-02-03 14:30:58 | 000,654,952 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll
[2014-02-03 14:30:58 | 000,090,624 | ---- | C] (Real Sound Lab SIA) -- C:\Windows\System32\CONEQMSAPOGUILibrary.dll
[2014-02-03 14:30:56 | 000,176,736 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll
[2014-02-03 14:30:56 | 000,095,840 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll
[2014-02-03 10:14:40 | 000,000,000 | ---D | C] -- C:\Users\reiy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperia Online
[2014-01-30 23:00:55 | 000,000,000 | R--D | C] -- C:\Users\reiy\Documents\Notes
[2014-01-27 14:51:32 | 000,000,000 | ---D | C] -- C:\Users\reiy\Desktop\res_mods
[2014-01-20 21:36:59 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014-01-17 20:52:41 | 000,000,000 | ---D | C] -- C:\Users\reiy\Desktop\vehicles
[2014-01-17 20:01:02 | 000,000,000 | ---D | C] -- C:\Users\reiy\Desktop\audio
[2014-01-12 11:30:59 | 000,000,000 | ---D | C] -- C:\Users\reiy\AppData\Local\Opera Software
[2014-01-12 11:30:57 | 000,000,000 | ---D | C] -- C:\Users\reiy\AppData\Roaming\Opera Software
[2014-01-12 11:30:53 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2014-02-03 21:27:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014-02-03 20:29:53 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014-02-03 20:29:53 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014-02-03 20:28:23 | 000,746,852 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2014-02-03 20:28:23 | 000,660,218 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014-02-03 20:28:23 | 000,159,444 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2014-02-03 20:28:23 | 000,124,408 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014-02-03 20:22:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014-02-03 20:22:07 | 2817,974,272 | -HS- | M] () -- C:\hiberfil.sys
[2014-02-03 18:45:15 | 152,317,176 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2014-02-03 18:44:45 | 000,158,596 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2014-02-03 18:06:33 | 000,000,961 | ---- | M] () -- C:\Users\Public\Desktop\PLAY ONLINE.lnk
[2014-02-03 18:05:27 | 001,112,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WdfCoInstaller01007.dll
[2014-02-03 18:05:27 | 001,112,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfCoInstaller01007.dll
[2014-02-03 18:05:27 | 000,861,696 | ---- | M] (DiBcom SA) -- C:\Windows\System32\drivers\mod7700.sys
[2014-02-03 18:05:27 | 000,369,152 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbwwan.sys
[2014-02-03 18:05:27 | 000,199,168 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys
[2014-02-03 18:05:27 | 000,195,072 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_juwwanecm.sys
[2014-02-03 18:05:27 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_hwusbdev.sys
[2014-02-03 18:05:27 | 000,095,616 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcacm.sys
[2014-02-03 18:05:27 | 000,076,544 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jubusenum.sys
[2014-02-03 18:05:27 | 000,067,584 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcecm.sys
[2014-02-03 18:05:27 | 000,027,520 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_juextctrl.sys
[2014-02-03 18:05:27 | 000,025,856 | ---- | M] (Huawei Tech. Co., Ltd.) -- C:\Windows\System32\drivers\ewdcsc.sys
[2014-02-03 18:05:27 | 000,019,200 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_hwupgrade.sys
[2014-02-03 18:05:27 | 000,011,136 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_usbenumfilter.sys
[2014-02-03 14:01:28 | 000,057,535 | ---- | M] () -- C:\Users\reiy\AppData\Local\recently-used.xbel
[2014-02-03 10:57:10 | 000,000,043 | ---- | M] () -- C:\Users\reiy\AppData\Roaming\WB.CFG
[2014-02-03 10:15:33 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2014-02-03 10:14:40 | 000,001,791 | ---- | M] () -- C:\Users\reiy\Desktop\Imperia Online.lnk
[2014-02-01 23:41:28 | 000,749,348 | ---- | M] () -- C:\Users\reiy\Desktop\20140201_2334_france-AMX_13_90_04_himmelsdorf.wotreplay
[2014-01-29 16:14:54 | 338,846,185 | ---- | M] () -- C:\Users\reiy\Desktop\Zabójcze ciało (lektor pl).rmvb
[2014-01-29 01:21:08 | 000,610,655 | ---- | M] () -- C:\Users\reiy\Desktop\20140129_0115_france-AMX_50_100_19_monastery.wotreplay
[2014-01-18 00:43:32 | 374,402,473 | ---- | M] () -- C:\Users\reiy\Desktop\47 roninów - 47 Ronin (2013) Napisy.PL.CAMRip.XViD-MORS.rmvb
[2014-01-17 01:56:07 | 000,307,608 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014-01-12 11:30:54 | 000,001,047 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2014-01-10 19:30:36 | 000,834,334 | ---- | M] () -- C:\Users\reiy\Desktop\20140110_1922_china-Ch24_Type64_02_malinovka.wotreplay
[2014-01-10 18:18:03 | 000,057,859 | ---- | M] () -- C:\Users\reiy\Documents\arachiel.png
[2014-01-09 16:57:32 | 000,437,566 | ---- | M] () -- C:\Users\reiy\Desktop\20140109_1653_china-Ch24_Type64_01_karelia.wotreplay
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2014-02-03 18:06:33 | 000,000,961 | ---- | C] () -- C:\Users\Public\Desktop\PLAY ONLINE.lnk
[2014-02-03 14:31:11 | 000,365,185 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2014-02-03 14:01:28 | 000,057,535 | ---- | C] () -- C:\Users\reiy\AppData\Local\recently-used.xbel
[2014-02-03 10:57:10 | 000,000,043 | ---- | C] () -- C:\Users\reiy\AppData\Roaming\WB.CFG
[2014-02-03 10:14:40 | 000,001,791 | ---- | C] () -- C:\Users\reiy\Desktop\Imperia Online.lnk
[2014-02-02 18:54:32 | 1891,366,024 | ---- | C] () -- C:\Users\reiy\Desktop\g i joe odwet 2013 lektor pl.avi
[2014-02-02 18:54:11 | 338,846,185 | ---- | C] () -- C:\Users\reiy\Desktop\Zabójcze ciało (lektor pl).rmvb
[2014-02-01 23:46:02 | 000,749,348 | ---- | C] () -- C:\Users\reiy\Desktop\20140201_2334_france-AMX_13_90_04_himmelsdorf.wotreplay
[2014-01-29 01:22:40 | 000,610,655 | ---- | C] () -- C:\Users\reiy\Desktop\20140129_0115_france-AMX_50_100_19_monastery.wotreplay
[2014-01-18 19:16:23 | 374,402,473 | ---- | C] () -- C:\Users\reiy\Desktop\47 roninów - 47 Ronin (2013) Napisy.PL.CAMRip.XViD-MORS.rmvb
[2014-01-12 11:30:54 | 000,001,047 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2014-01-12 11:30:54 | 000,001,047 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2014-01-10 19:36:09 | 000,834,334 | ---- | C] () -- C:\Users\reiy\Desktop\20140110_1922_china-Ch24_Type64_02_malinovka.wotreplay
[2014-01-10 18:17:20 | 000,057,859 | ---- | C] () -- C:\Users\reiy\Documents\arachiel.png
[2014-01-10 16:40:54 | 736,524,288 | ---- | C] () -- C:\Users\reiy\Desktop\Ninja 2 - Shadow of a Tear (2013) Napisy.PL.WEB-DL.XviD-GHW.avi
[2014-01-09 16:04:21 | 000,437,566 | ---- | C] () -- C:\Users\reiy\Desktop\20140109_1653_china-Ch24_Type64_01_karelia.wotreplay
[2013-12-20 11:14:42 | 003,498,475 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin
[2013-11-19 13:24:31 | 000,000,083 | ---- | C] () -- C:\Users\reiy\.gtk-bookmarks
[2013-11-17 15:06:14 | 304,169,078 | ---- | C] () -- C:\Users\reiy\AppData\Roaming\.minecraft.rar
[2013-10-19 19:07:56 | 000,000,000 | ---- | C] () -- C:\Users\reiy\AppData\Local\{0129B846-055D-47FC-B820-785BAA553A54}
[2013-10-11 22:05:56 | 000,007,609 | ---- | C] () -- C:\Users\reiy\AppData\Local\Resmon.ResmonCfg
[2013-06-06 16:35:22 | 000,139,552 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2013-06-06 16:35:22 | 000,138,904 | ---- | C] () -- C:\Users\reiy\AppData\Roaming\PnkBstrK.sys
[2013-06-06 16:35:11 | 000,291,296 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2013-06-06 16:35:09 | 000,669,184 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
[2013-06-06 16:35:09 | 000,076,888 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2013-05-22 17:49:22 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2013-05-22 17:49:21 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2013-05-22 17:49:21 | 000,074,752 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2013-05-22 17:49:21 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2013-05-22 17:48:00 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2013-05-22 17:48:00 | 000,258,048 | ---- | C] () -- C:\Windows\System32\libFLAC.dll
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009-07-14 08:27:10 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009-07-14 02:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009-07-14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2014-01-06 15:16:41 | 000,000,000 | ---D | M] -- C:\Users\reiy\AppData\Roaming\.minecraft
[2013-07-06 09:05:26 | 000,000,000 | ---D | M] -- C:\Users\reiy\AppData\Roaming\646
[2014-02-03 11:12:56 | 000,000,000 | ---D | M] -- C:\Users\reiy\AppData\Roaming\AIMP3
[2013-07-07 19:31:23 | 000,000,000 | ---D | M] -- C:\Users\reiy\AppData\Roaming\AnvSoft
[2013-05-30 22:20:25 | 000,000,000 | ---D | M] -- C:\Users\reiy\AppData\Roaming\Ashampoo
[2013-05-22 15:44:46 | 000,000,000 | ---D | M] -- C:\Users\reiy\AppData\Roaming\AVG10
[2013-12-27 14:06:13 | 000,000,000 | ---D | M] -- C:\Users\reiy\AppData\Roaming\BitTorrent
[2013-12-29 10:57:55 | 000,000,000 | ---D | M] -- C:\Users\reiy\AppData\Roaming\Bonanza
[2013-11-02 15:43:24 | 000,000,000 | ---D | M] -- C:\Users\reiy\AppData\Roaming\Craften Terminal
[2013-12-19 17:27:29 | 000,000,000 | ---D | M] -- C:\Users\reiy\AppData\Roaming\DAEMON Tools Lite
[2014-01-16 18:54:46 | 000,000,000 | ---D | M] -- C:\Users\reiy\AppData\Roaming\GG
[2013-10-20 09:09:19 | 000,000,000 | ---D | M] -- C:\Users\reiy\AppData\Roaming\LolClient
[2013-11-03 15:30:47 | 000,000,000 | ---D | M] -- C:\Users\reiy\AppData\Roaming\Might & Magic Heroes VI
[2013-06-23 10:09:26 | 000,000,000 | ---D | M] -- C:\Users\reiy\AppData\Roaming\Need for Speed World
[2014-01-12 11:30:57 | 000,000,000 | ---D | M] -- C:\Users\reiy\AppData\Roaming\Opera Software
[2013-12-19 17:25:43 | 000,000,000 | ---D | M] -- C:\Users\reiy\AppData\Roaming\Origin
[2013-10-19 19:37:19 | 000,000,000 | ---D | M] -- C:\Users\reiy\AppData\Roaming\Riot Games
[2013-11-07 11:54:09 | 000,000,000 | ---D | M] -- C:\Users\reiy\AppData\Roaming\SoftMaker
[2013-07-06 07:01:56 | 000,000,000 | ---D | M] -- C:\Users\reiy\AppData\Roaming\T-Mobile
[2013-11-02 09:06:41 | 000,000,000 | ---D | M] -- C:\Users\reiy\AppData\Roaming\TP-LINK
[2014-02-03 21:44:16 | 000,000,000 | ---D | M] -- C:\Users\reiy\AppData\Roaming\TS3Client
[2013-09-29 14:48:14 | 000,000,000 | ---D | M] -- C:\Users\reiy\AppData\Roaming\Ubisoft
[2013-05-22 21:49:11 | 000,000,000 | ---D | M] -- C:\Users\reiy\AppData\Roaming\Wargaming.net
[2013-12-10 12:49:26 | 000,000,000 | ---D | M] -- C:\Users\reiy\AppData\Roaming\Wise Registry Cleaner
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >

Nezvik · 3 Lutego 2014

Nie wiem co to za dziwny plik (ten 2), jednak wskazuje, że jest czysto. Wykonaj ~~log~~ nie wiem co miałem na myśli, ale na 100% nie log... chyba miałem na myśli sprzątanie (nie musiałeś wstawiać logów, sory za problem ) Edit2. Wykonaj FIX i to by było na tyle.

ReallSkill · 6 Lutego 2014

Zamykam na prośbę autora (raport).

Reiden · 3 Lutego 2014

https://www.virustotal.com/pl/file/115068c57570140c9389bd923a4e68236acebb4f733da09d05aeedad7317ab46/analysis/1391453927/

https://www.virustotal.com/pl/file/e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855/analysis/1391453756/

Nezvik · 2 Lutego 2014

Nie zaznaczyłeś LOP i Purity Check:

W polu wklej:

:OTL

[2014-01-31 11:57:12 | 000,000,000 | ---D | C] -- C:\Users\reiy\AppData\Roaming\UpdateBonanza

[2014-02-02 21:57:05 | 000,000,288 | ---- | M] () -- C:\Windows\tasks\Update Bonanza.job

[2014-02-02 21:57:00 | 000,000,286 | ---- | M] () -- C:\Windows\tasks\Bonanza.job

[2014-01-08 11:57:02 | 000,000,137 | ---- | C] () -- C:\Users\reiy\AppData\Roaming\WB.CFG

SRV - [2011-01-10 13:49:20 | 000,014,848 | ---- | M] () [Auto | Running] -- C:\Program Files\Dokan\DokanLibrary\mounter.exe -- (DokanMounter)

PRC - [2011-01-10 13:49:20 | 000,014,848 | ---- | M] () -- C:\Program Files\Dokan\DokanLibrary\mounter.exe

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O32 - AutoRun File - [2011-03-15 08:27:22 | 000,148,320 | R--- | M] () - F:\AutoRun.exe -- [ CDFS ]

O32 - AutoRun File - [2008-10-11 10:12:34 | 000,000,045 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]

O33 - MountPoints2\{045d1081-1d39-11e3-94c0-406186e68b72}\Shell - "" = AutoRun

O33 - MountPoints2\{045d1081-1d39-11e3-94c0-406186e68b72}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011-03-15 08:27:22 | 000,148,320 | R--- | M] ()

O33 - MountPoints2\{06d1cb63-f131-11e2-a55f-406186e68b72}\Shell - "" = AutoRun

O33 - MountPoints2\{06d1cb63-f131-11e2-a55f-406186e68b72}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011-03-15 08:27:22 | 000,148,320 | R--- | M] ()

O33 - MountPoints2\{06d1cb8c-f131-11e2-a55f-406186e68b72}\Shell - "" = AutoRun

O33 - MountPoints2\{06d1cb8c-f131-11e2-a55f-406186e68b72}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011-03-15 08:27:22 | 000,148,320 | R--- | M] ()

O33 - MountPoints2\{21c20025-445d-11e3-b0d2-406186e68b72}\Shell - "" = AutoRun

O33 - MountPoints2\{21c20025-445d-11e3-b0d2-406186e68b72}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011-03-15 08:27:22 | 000,148,320 | R--- | M] ()

O33 - MountPoints2\{2347f2b2-c2f2-11e2-9834-406186e68b72}\Shell - "" = AutoRun

O33 - MountPoints2\{2347f2b2-c2f2-11e2-9834-406186e68b72}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011-03-15 08:27:22 | 000,148,320 | R--- | M] ()

O33 - MountPoints2\{2347f2c0-c2f2-11e2-9834-406186e68b72}\Shell - "" = AutoRun

O33 - MountPoints2\{2347f2c0-c2f2-11e2-9834-406186e68b72}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011-03-15 08:27:22 | 000,148,320 | R--- | M] ()

O33 - MountPoints2\{3e4a8d21-88da-11e3-9ced-406186e68b72}\Shell - "" = AutoRun

O33 - MountPoints2\{3e4a8d21-88da-11e3-9ced-406186e68b72}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011-03-15 08:27:22 | 000,148,320 | R--- | M] ()

O33 - MountPoints2\{6ac90ec1-7ab7-11e3-99ce-406186e68b72}\Shell - "" = AutoRun

O33 - MountPoints2\{6ac90ec1-7ab7-11e3-99ce-406186e68b72}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011-03-15 08:27:22 | 000,148,320 | R--- | M] ()

O33 - MountPoints2\{6c0d5e54-1d2d-11e3-9879-406186e68b72}\Shell - "" = AutoRun

O33 - MountPoints2\{6c0d5e54-1d2d-11e3-9879-406186e68b72}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011-03-15 08:27:22 | 000,148,320 | R--- | M] ()

O33 - MountPoints2\{6cf15bc8-e6c9-11e2-80b0-ecc4c85fb600}\Shell - "" = AutoRun

O33 - MountPoints2\{6cf15bc8-e6c9-11e2-80b0-ecc4c85fb600}\Shell\AutoRun\command - "" = F:\Startme.exe

O33 - MountPoints2\{ea848f6b-cb8c-11e2-83a9-a980f8e2a0e8}\Shell - "" = AutoRun

O33 - MountPoints2\{ea848f6b-cb8c-11e2-83a9-a980f8e2a0e8}\Shell\AutoRun\command - "" = F:\Startme.exe

:Files

C:\Windows\System32\ISSRemoveSP.exe

:Commands

[resethosts]

[emptyflash]

[emptytemp]

Wstaw log usuwania + nowy log OTL.

Zaloguj się

👋 Witaj na MPCForum!

Wolniejsza praca kompa

Pytanie

Reiden

Reiden

7 odpowiedzi na to pytanie

Rekomendowane odpowiedzi

Nezvik

Nezvik

Reiden

Reiden

Reiden

Reiden

Nezvik

Nezvik

ReallSkill

ReallSkill

Reiden

Reiden

Nezvik

Nezvik

Zarchiwizowany