Wysokie użycie CPU na niczym

Post20 sty 2014, 10:00

Użycie CPU skacze mi miedzy 100% a 60%. Mam Windows7 32bity, 2GB ram, procesor: 2 rdzenie, 2.10GHz.
Problem zaczął się dzisiaj rano. Ostatnio instalowałem tylko Steama i Jave. AVG nie wykrywa żadnych wirusów.
Czyściłem rejest CCleaner. Dodatkowo zauważyłem, że komputer włączył się wyjątkowo cicho(ogółem jak się włącza trochę buczy i czeba poczekać jak się włączy i użycie cpu spadnie i cza go trochę stuknąć). Kiedyś wymieniałem obudowę wiatraka na procesorze. W autostarcie tez nie mam dużo programów. Problem prawie znika po odłączeniu od internetu. Automatyczne aktualizacje są wyłączone.

OTL:

Kod: Zaznacz cały

OTL logfile created on: 2014-01-20 09:06:28 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = D:\
 Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
2,00 Gb Total Physical Memory | 0,77 Gb Available Physical Memory | 38,42% Memory free
4,00 Gb Paging File | 2,23 Gb Available in Paging File | 55,73% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 48,73 Gb Total Space | 16,85 Gb Free Space | 34,58% Space Free | Partition Type: NTFS
Drive D: | 184,05 Gb Total Space | 116,72 Gb Free Space | 63,41% Space Free | Partition Type: NTFS
 
Computer Name: PC-KOMPUTER | User Name: PC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2014-01-20 09:05:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\OTL.exe
PRC - [2014-01-16 13:10:49 | 044,986,208 | ---- | M] (Opera Software) -- C:\Program Files\Opera Next\19.0.1326.34\opera.exe
PRC - [2014-01-16 13:10:49 | 001,378,144 | ---- | M] () -- C:\Program Files\Opera Next\19.0.1326.34\opera_crashreporter.exe
PRC - [2014-01-16 12:51:40 | 000,097,064 | ---- | M] () -- C:\Program Files\WebConnect\updateWebConnect.exe
PRC - [2014-01-16 12:18:35 | 000,097,064 | ---- | M] () -- C:\Program Files\WebConnect\bin\utilWebConnect.exe
PRC - [2014-01-05 07:31:06 | 001,142,864 | ---- | M] (BitTorrent Inc.) -- C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe
PRC - [2014-01-02 08:33:40 | 000,499,856 | ---- | M] (Cherished Technololgy LIMITED) -- C:\ProgramData\WPM\wprotectmanager.exe
PRC - [2013-12-19 19:37:25 | 001,819,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2013-12-19 19:37:25 | 000,930,592 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2013-12-19 12:20:16 | 000,411,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013-12-10 03:22:32 | 002,279,712 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2013-12-10 03:21:14 | 001,494,304 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2013-12-10 03:20:56 | 014,658,848 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
PRC - [2013-11-29 16:20:48 | 003,806,544 | ---- | M] (LogMeIn Inc.) -- D:\Programy\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2013-11-29 16:20:40 | 001,664,336 | ---- | M] (LogMeIn Inc.) -- D:\Programy\LogMeIn Hamachi\hamachi-2.exe
PRC - [2013-10-11 17:46:58 | 000,960,014 | ---- | M] () -- C:\Users\PC\AppData\Roaming\minert\cgminer.exe
PRC - [2013-10-11 11:51:12 | 000,375,056 | ---- | M] (LogMeIn, Inc.) -- D:\Programy\LogMeIn Hamachi\LMIGuardianSvc.exe
PRC - [2013-09-06 15:51:58 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2013-08-14 14:19:22 | 000,039,056 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2013-06-10 16:59:32 | 001,120,256 | ---- | M] (keepvid.com Company) -- C:\Users\PC\AppData\Local\keepvid.com.exe
PRC - [2013-06-05 00:01:52 | 004,489,472 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\PC\AppData\Local\Akamai\netsession_win.exe
PRC - [2012-12-20 11:32:18 | 000,056,904 | ---- | M] (Simplygen) -- C:\Program Files\Protected Search\ProtectedSearch.exe
PRC - [2012-11-08 13:10:20 | 000,997,320 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
PRC - [2012-10-02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012-04-14 08:08:51 | 000,040,960 | ---- | M] (Rusky) -- C:\Users\PC\AppData\Local\Temp\masas.exe
PRC - [2012-01-06 23:16:31 | 000,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2012-01-06 23:16:30 | 000,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe
PRC - [2012-01-06 23:16:26 | 002,042,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
PRC - [2012-01-06 23:16:26 | 000,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2012-01-06 23:16:24 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2012-01-06 23:16:23 | 001,370,488 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgfws8.exe
PRC - [2012-01-06 23:16:23 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe
PRC - [2012-01-06 23:16:22 | 000,832,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgam.exe
PRC - [2010-11-20 22:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010-11-20 22:29:19 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010-11-20 22:29:10 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2010-11-20 22:29:07 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
PRC - [2010-04-01 10:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2014-01-16 13:10:51 | 000,907,616 | ---- | M] () -- C:\Program Files\Opera Next\19.0.1326.34\libGLESv2.dll
MOD - [2014-01-16 13:10:51 | 000,108,896 | ---- | M] () -- C:\Program Files\Opera Next\19.0.1326.34\libEGL.dll
MOD - [2014-01-16 13:10:50 | 000,890,208 | ---- | M] () -- C:\Program Files\Opera Next\19.0.1326.34\ffmpegsumo.dll
MOD - [2014-01-16 13:10:49 | 001,378,144 | ---- | M] () -- C:\Program Files\Opera Next\19.0.1326.34\opera_crashreporter.exe
MOD - [2013-10-11 17:46:58 | 000,960,014 | ---- | M] () -- C:\Users\PC\AppData\Roaming\minert\cgminer.exe
MOD - [2013-10-11 17:46:58 | 000,538,126 | ---- | M] () -- C:\Users\PC\AppData\Roaming\minert\libcurl-4.dll
MOD - [2013-10-11 17:46:58 | 000,084,992 | ---- | M] () -- C:\Users\PC\AppData\Roaming\minert\zlib1.dll
MOD - [2013-08-22 10:19:31 | 000,187,888 | ---- | M] () -- C:\Users\PC\AppData\Roaming\BabSolution\Shared\enhancedNT.dll
MOD - [2012-11-08 13:10:20 | 000,997,320 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
MOD - [2012-11-08 13:10:20 | 000,566,728 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\DNTInstaller\13.2.0\avgdttbx.dll
MOD - [2012-11-08 13:10:20 | 000,134,600 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\SiteSafety.dll
MOD - [2010-11-20 22:54:50 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\6f3b99ed0b791ff4d8aa52f2f0cd0bcf\System.Management.ni.dll
MOD - [2010-11-20 22:52:10 | 012,432,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3afcd5168c7a6cb02eab99d7fd71e102\System.Windows.Forms.ni.dll
MOD - [2010-11-20 22:52:03 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dbfe8642a8ed7b2b103ad28e0c96418a\System.Drawing.ni.dll
MOD - [2010-11-20 22:50:36 | 007,963,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9e0a3b9b9f457233a335d7fba8f95419\System.ni.dll
MOD - [2010-11-20 22:50:29 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62a0b3e4b40ec0e8c5cfaa0c8848e64a\mscorlib.ni.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - [2014-01-16 12:51:40 | 000,097,064 | ---- | M] () [Auto | Running] -- C:\Program Files\WebConnect\updateWebConnect.exe -- (Update WebConnect)
SRV - [2014-01-16 12:18:35 | 000,097,064 | ---- | M] () [Auto | Running] -- C:\Program Files\WebConnect\bin\utilWebConnect.exe -- (Util WebConnect)
SRV - [2014-01-02 08:33:40 | 000,499,856 | ---- | M] (Cherished Technololgy LIMITED) [Auto | Running] -- C:\ProgramData\WPM\wprotectmanager.exe -- (Wpm)
SRV - [2013-12-19 12:20:16 | 000,411,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013-12-10 18:56:34 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-12-10 03:21:14 | 001,494,304 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2013-12-10 03:20:56 | 014,658,848 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV - [2013-11-29 16:20:40 | 001,664,336 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- D:\Programy\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2013-11-26 06:06:38 | 000,569,768 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013-09-05 09:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013-08-24 13:55:13 | 000,148,000 | ---- | M] (DealPly Technologies Ltd) [On_Demand | Stopped] -- C:\Program Files\DealPlyLive\Update\DealPlyLive.exe -- (dealplylivem)
SRV - [2013-08-24 13:55:13 | 000,148,000 | ---- | M] (DealPly Technologies Ltd) [Auto | Stopped] -- C:\Program Files\DealPlyLive\Update\DealPlyLive.exe -- (dealplylive)
SRV - [2013-08-14 14:19:22 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2012-11-08 13:10:20 | 000,711,112 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe -- (vToolbarUpdater13.2.0)
SRV - [2012-10-02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012-01-06 23:16:24 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2012-01-06 23:16:23 | 001,370,488 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgfws8.exe -- (avgfws8)
SRV - [2012-01-06 23:16:23 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc)
SRV - [2012-01-06 22:52:33 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011-08-02 05:24:00 | 003,889,424 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2009-07-14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-07-14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva397.sys -- (XDva397)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | On_Demand | Unknown] --  -- (a3fqz2pf)
DRV - [2013-12-19 21:26:04 | 010,471,712 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2013-12-05 09:42:30 | 000,034,080 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvvad32v.sys -- (nvvad_WaveExtensible)
DRV - [2013-10-31 20:30:09 | 000,013,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\apf003.sys -- (apf003)
DRV - [2013-04-24 20:25:44 | 000,037,064 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\taphss6.sys -- (taphss6)
DRV - [2013-04-15 10:50:32 | 000,113,608 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2012-11-08 13:10:20 | 000,026,984 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2012-01-06 23:16:30 | 000,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2012-01-06 23:16:30 | 000,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2012-01-06 23:16:26 | 000,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2012-01-06 23:16:23 | 000,023,832 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgfwd6x.sys -- (Avgfwfd)
DRV - [2012-01-06 23:16:22 | 000,012,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (AvgRkx86)
DRV - [2012-01-06 23:06:15 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2010-11-20 22:29:34 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010-11-20 22:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010-11-20 22:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010-11-20 22:29:03 | 000,112,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - [2010-11-20 22:29:03 | 000,077,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV - [2010-11-20 22:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010-11-20 22:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010-11-20 22:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010-11-20 22:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010-11-20 22:29:03 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\terminpt.sys -- (terminpt)
DRV - [2010-11-20 22:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010-11-20 22:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010-03-04 11:26:56 | 000,296,936 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET)
DRV - [2010-01-27 03:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (npf)
DRV - [2009-07-14 00:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2009-07-13 23:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009-03-18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?type=hp&ts=1388596718&from=wpm0102&uid=395049983_397233_1C0DC389
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?type=ds&ts=1388596718&from=wpm0102&uid=395049983_397233_1C0DC389&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si=41460&tid=3231&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?type=ds&ts=1388596718&from=wpm0102&uid=395049983_397233_1C0DC389&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certified-toolbar.com?si=41460&home=true&tid=3231
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?type=hp&ts=1388596718&from=wpm0102&uid=395049983_397233_1C0DC389
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si=41460&tid=3231&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.certified-toolbar.com?si=41460&tid=3231&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.certified-toolbar.com?si=41460&tid=3231&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certified-toolbar.com?si=41460&home=true&tid=3231
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certified-toolbar.com?si=41460&home=true&tid=3231
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\URLSearchHook: {130a876e-28f8-41f2-911d-084e557b057a} - C:\Program Files\Fun_Media_Bar_V10\prxtbFun_.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.delta-homes.com/web/?type=ds&ts=1388596718&from=wpm0102&uid=395049983_397233_1C0DC389&q={searchTerms}
IE - HKLM\..\SearchScopes\{AA74FE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://search.gboxapp.com/?q={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1708250
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?type=hp&ts=1388596718&from=wpm0102&uid=395049983_397233_1C0DC389
IE - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si=41460&tid=3231&bs=true&q=
IE - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si=41460&tid=3231&bs=true&q=
IE - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si=41460&tid=3231&bs=true&q=
IE - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certified-toolbar.com?si=41460&home=true&tid=3231
IE - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?type=hp&ts=1388596718&from=wpm0102&uid=395049983_397233_1C0DC389
IE - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si=41460&tid=3231&bs=true&q=
IE - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.certified-toolbar.com?si=41460&tid=3231&bs=true&q=
IE - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.certified-toolbar.com?si=41460&tid=3231&bs=true&q=
IE - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certified-toolbar.com?si=41460&home=true&tid=3231
IE - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certified-toolbar.com?si=41460&home=true&tid=3231
IE - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000\..\URLSearchHook:  - No CLSID value found
IE - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000\..\URLSearchHook: {130a876e-28f8-41f2-911d-084e557b057a} - C:\Program Files\Fun_Media_Bar_V10\prxtbFun_.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000\..\URLSearchHook: {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - No CLSID value found
IE - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000\..\URLSearchHook: {51a86bb3-6602-4c85-92a5-130ee4864f13} - No CLSID value found
IE - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000\..\URLSearchHook: {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - No CLSID value found
IE - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - No CLSID value found
IE - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://isearch.babylon.com/?q={searchTerms}&babsrc=SP_ss_Btisdt3&mntrId=1C0D7A7919562636&affID=119357&tsp=4984
IE - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000\..\SearchScopes\{2B9035E9-89B4-4F1F-A5E1-54747F96D611}: "URL" = http://start.funmoods.com/results.php?f=4&a=ironto&q={searchTerms}
IE - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.delta-homes.com/web/?type=ds&ts=1388596718&from=wpm0102&uid=395049983_397233_1C0DC389&q={searchTerms}
IE - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000\..\SearchScopes\{3888B0A1-9A82-4D29-B6D6-418DA8F79825}: "URL" = http://search.softonic.com/MON00005/tb_v1?q={searchTerms}&SearchSource=4&cc=&r=722
IE - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000\..\SearchScopes\{768B206B-DD2E-408B-A5C7-B95B2EF9E9A1}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3312806&CUI=UN28722033661006327&UM=1
IE - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={3E8B7C54-0E59-4941-9CBC-B627050B4069}&mid=8d70939bca0d89a27733af7a78e8fb99-25914cbf794a3d8bd6dda1e98c52ec25e7a048e4&lang=pl&ds=st011&pr=sa&d=2012-03-03 14:01:22&v=12.2.5.32&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000\..\SearchScopes\{AA74FE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://search.gboxapp.com/?q={searchTerms}
IE - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredibar.com/mb165/?search={searchTerms}&loc=IB_DS&a=6OyKjymhOr&i=26
IE - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000\..\SearchScopes\{E30F5DC1-238B-4FCE-AEFC-3C0933A0EB28}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=U3&apn_dtid=OSJ000YYPL&apn_uid=7BAF8159-1E87-4CD7-AD17-B672F64E22E2&apn_sauid=4804FDE5-1127-4589-8344-40973446CCEF
IE - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=3: C:\Program Files\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll (DealPly Technologies Ltd)
FF - HKLM\Software\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=9: C:\Program Files\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll (DealPly Technologies Ltd)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@nsroblox.roblox.com/launcher: C:\Program Files\Roblox\Versions\version-8031f568a8214a5f\\NPRobloxProxy.dll ()
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: D:\Programy\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\13.2.0.5 [2012-11-08 13:10:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\fbphotozoom@installdaddy.com: C:\Program Files\fbphotozoom\fbphotozoom13.xpi [2012-03-05 18:46:07 | 000,102,233 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\auyo@camrag.co.uk: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\m44pjsjq.default\extensions\auyo@camrag.co.uk
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-09-06 15:52:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013-09-06 15:52:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\xz123@ya456.com: C:\Program Files\BetterSurf\ff [2013-11-14 13:38:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\12x3q@3244516.com: C:\Program Files\Better-Surf\ff [2013-11-25 13:30:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\ext@bettersurfplus.com: C:\Program Files\BetterSurf\BetterSurfPlus\ff [2013-12-09 13:10:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\ext@WebexpEnhancedV1alpha777.net: C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha777\ff [2013-12-19 18:30:14 | 000,000,000 | ---D | M]
 
[2012-03-05 18:50:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\Extensions
[2013-06-09 12:47:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\m44pjsjq.default\extensions
[2013-06-09 12:47:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\m44pjsjq.default\extensions\{a5ae8924-4036-420f-b7f6-a47e4b8f692e}
[2013-08-24 13:55:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
 
O1 HOSTS File: ([2012-01-06 22:52:37 | 000,000,864 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 validation.sls.microsoft.com
O2 - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\PC\AppData\Roaming\Complitly\Complitly.dll (SimplyGen)
O2 - BHO: (Fun Media Bar V10 Toolbar) - {130a876e-28f8-41f2-911d-084e557b057a} - C:\Program Files\Fun_Media_Bar_V10\prxtbFun_.dll (Conduit Ltd.)
O2 - BHO: (Better Surf Plus) - {1824FF90-C98E-48A6-838F-E3B6572B0C77} - C:\Program Files\BetterSurf\BetterSurfPlus\ie\BetterSrf.dll ()
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Webexp Enhanced) - {3e27aade-f97d-444e-863b-360db6183445} - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha777\ie\WebexpEnhancedV1alpha777.dll ()
O2 - BHO: (keepvid.com) - {49ed9900-38cd-453c-bba7-3f2613317f5a} - C:\Windows\System32\keepvid.dll (keepvid.com Company)
O2 - BHO: (BetterSurf) - {6E3C6B04-08FE-43BC-8E50-F90285024DEA} - C:\Program Files\BetterSurf\ie\BetterSurf.dll ()
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Better-Surf) - {8271B5D6-76D3-4ABF-AEB3-1721161C76BC} - C:\Program Files\Better-Surf\ie\BetterSrf.dll ()
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files\Delta\delta\1.8.24.6\bh\delta.dll (Delta-search.com)
O2 - BHO: (Help the General-Search Project) - {CA4520F3-AE13-4FB1-A513-58E23991C86D} - C:\Users\PC\AppData\Roaming\Media Finder\Extensions\gencrawler_gc.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (Fun Media Bar V10 Toolbar) - {130a876e-28f8-41f2-911d-084e557b057a} - C:\Program Files\Fun_Media_Bar_V10\prxtbFun_.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files\Delta\delta\1.8.24.6\deltaTlbr.dll (Delta-search.com)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - No CLSID value found.
O3 - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000\..\Toolbar\WebBrowser: (no name) - {51A86BB3-6602-4C85-92A5-130EE4864F13} - No CLSID value found.
O3 - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000\..\Toolbar\WebBrowser: (no name) - {57CC715D-37CA-44E4-9EC2-8C2CBDDB25EC} - No CLSID value found.
O3 - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000\..\Toolbar\WebBrowser: (no name) - {687578B9-7132-4A7A-80E4-30EE31099E03} - No CLSID value found.
O3 - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [igfxtray Module] C:\Users\PC\AppData\Local\Temp\masas.exe (Rusky)
O4 - HKLM..\Run: [keepvid] C:\Users\PC\AppData\Local\keepvid.com.exe (keepvid.com Company)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] D:\Programy\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [NvBackend] C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [ShadowPlay] C:\Windows\System32\nvspcap.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000..\Run: [Akamai NetSession Interface] C:\Users\PC\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000..\Run: [BackgroundContainer] C:\Users\PC\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll (Conduit Ltd.)
O4 - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000..\Run: [minert] C:\Users\PC\AppData\Roaming\minert\nircmd.exe (NirSoft)
O4 - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000..\Run: [NTRedirect] C:\Users\PC\AppData\Roaming\BabSolution\Shared\enhancedNT.dll ()
O4 - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000..\Run: [uTorrent] C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files\Media Finder\hook.html File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.51.2)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.51.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.100.252
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9E19EE7F-4C16-4F5D-AC91-92243823B682}: DhcpNameServer = 192.168.100.252
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22 - SharedTaskScheduler: {1984D045-52CF-49cd-DB77-08F378FEA4DB} - ObjectDockShellExt - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{4e5eb899-38b5-11e1-aa49-001d7dbef115}\Shell - "" = AutoRun
O33 - MountPoints2\{4e5eb899-38b5-11e1-aa49-001d7dbef115}\Shell\AutoRun\command - "" = K:\autorun.exe
O33 - MountPoints2\{babb51f5-683f-11e1-8654-001d7dbef115}\Shell - "" = AutoRun
O33 - MountPoints2\{babb51f5-683f-11e1-8654-001d7dbef115}\Shell\AutoRun\command - "" = G:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2014-01-20 07:36:00 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2014-01-20 07:35:49 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2014-01-20 07:35:49 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2014-01-20 07:35:49 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2014-01-18 09:58:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2014-01-17 19:16:57 | 000,982,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvspcap.dll
[2014-01-17 19:16:27 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\NVIDIA
[2014-01-17 19:15:50 | 000,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies
[2014-01-17 19:10:16 | 000,034,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvvad32v.sys
[2014-01-17 19:10:16 | 000,032,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvaudcap32v.dll
[2014-01-17 19:10:11 | 022,960,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2014-01-17 19:10:11 | 010,471,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2014-01-17 19:10:11 | 009,657,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvopencl.dll
[2014-01-17 19:10:11 | 000,893,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispgenco3233221.dll
[2014-01-17 19:10:11 | 000,852,768 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NvIFR.dll
[2014-01-17 19:10:11 | 000,847,648 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NvFBC.dll
[2014-01-17 19:10:10 | 002,947,872 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2014-01-17 19:10:10 | 002,747,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2014-01-17 19:10:10 | 001,049,888 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco3233221.dll
[2014-01-17 19:10:07 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2014-01-17 18:56:57 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Borderlands.2.Incl.All.24.DLC.[1.7].W.B.Repack
[2014-01-17 16:14:02 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
[2014-01-16 15:26:10 | 000,000,000 | -HSD | C] -- C:\Users\PC\wc
[2014-01-16 15:26:04 | 000,000,000 | ---D | C] -- C:\Users\PC\Documents\Universe Sandbox
[2014-01-16 15:26:04 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\Universe Sandbox
[2014-01-16 15:26:02 | 000,000,000 | -HSD | C] -- C:\Users\PC\AppData\Roaming\wyUpdate AU
[2014-01-01 18:18:38 | 000,000,000 | ---D | C] -- C:\Windows\System32\log
[2014-01-01 18:18:32 | 000,000,000 | ---D | C] -- C:\ProgramData\WPM
[2013-12-31 17:21:03 | 000,000,000 | ---D | C] -- C:\Users\PC\Documents\Amnesia
[2013-12-31 17:16:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Frictional Games
[2013-12-26 08:23:47 | 000,000,000 | ---D | C] -- C:\Users\PC\minecraft
[2013-12-25 17:26:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlast PL [BDIP]
[2013-10-14 13:57:19 | 000,089,088 | ---- | C] (keepvid.com Company) -- C:\Users\PC\AppData\Local\keepvid.dll
[2013-10-14 13:57:07 | 008,581,632 | ---- | C] (Digia Plc and/or its subsidiary(-ies)) -- C:\Users\PC\AppData\Local\QtGui4.dll
[2013-10-14 13:57:07 | 001,053,696 | ---- | C] (Digia Plc and/or its subsidiary(-ies)) -- C:\Users\PC\AppData\Local\QtNetwork4.dll
[2013-10-14 13:57:06 | 002,598,912 | ---- | C] (Digia Plc and/or its subsidiary(-ies)) -- C:\Users\PC\AppData\Local\QtCore4.dll
[2013-10-14 13:57:06 | 001,122,304 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\Users\PC\AppData\Local\libeay32.dll
[2013-10-14 13:57:06 | 000,773,968 | ---- | C] (Microsoft Corporation) -- C:\Users\PC\AppData\Local\msvcr100.dll
[2013-10-14 13:57:06 | 000,274,432 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\Users\PC\AppData\Local\ssleay32.dll
[2013-10-14 13:57:05 | 001,120,256 | ---- | C] (keepvid.com Company) -- C:\Users\PC\AppData\Local\keepvid.com.exe
[2013-10-14 13:57:05 | 000,421,200 | ---- | C] (Microsoft Corporation) -- C:\Users\PC\AppData\Local\msvcp100.dll
[2012-03-14 18:36:57 | 002,371,152 | ---- | C] (DownVision                                                  ) -- C:\Users\PC\AppData\Local\setup.exe
[1 C:\Users\PC\AppData\Local\*.tmp files -> C:\Users\PC\AppData\Local\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2014-01-20 09:13:10 | 000,180,345 | ---- | M] () -- C:\Windows\System32\helper.dat
[2014-01-20 09:13:10 | 000,089,088 | ---- | M] (keepvid.com Company) -- C:\Windows\System32\keepvid.dll
[2014-01-20 09:06:01 | 000,001,028 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014-01-20 09:00:01 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\DealPlyLiveUpdateTaskMachineUA.job
[2014-01-20 08:55:00 | 000,000,286 | ---- | M] () -- C:\Windows\tasks\Dealply.job
[2014-01-20 08:50:13 | 000,001,024 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014-01-20 08:50:13 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\DealPlyLiveUpdateTaskMachineCore.job
[2014-01-20 08:50:13 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\AmiUpdXp.job
[2014-01-20 08:50:00 | 000,000,372 | -H-- | M] () -- C:\Windows\tasks\OptimizerProUpdaterLogonTask.job
[2014-01-20 08:50:00 | 000,000,368 | -H-- | M] () -- C:\Windows\tasks\OptimizerProUpdaterTask{C696282F-5642-4E9E-87F2-7A9B3CCBFF6C}.job
[2014-01-20 08:50:00 | 000,000,352 | -H-- | M] () -- C:\Windows\tasks\OptimizerProUpdaterRefreshTask.job
[2014-01-20 08:49:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014-01-20 08:49:53 | 1610,260,480 | -HS- | M] () -- C:\hiberfil.sys
[2014-01-20 08:48:11 | 002,733,566 | ---- | M] () -- C:\Users\PC\Documents\AutoRuns.arn
[2014-01-20 08:25:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014-01-20 07:35:26 | 000,027,408 | ---- | M] () -- C:\Users\PC\Documents\rejestr 20 styczenien 2014.reg
[2014-01-17 16:14:02 | 000,000,704 | ---- | M] () -- C:\Users\Public\Desktop\WarThunder.lnk
[2014-01-08 12:55:02 | 000,000,080 | ---- | M] () -- C:\Users\PC\AppData\Roaming\WB.CFG
[2014-01-06 20:20:50 | 000,002,885 | ---- | M] () -- C:\Users\PC\AppData\Local\recently-used.xbel
[1 C:\Users\PC\AppData\Local\*.tmp files -> C:\Users\PC\AppData\Local\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2014-01-20 08:48:11 | 002,733,566 | ---- | C] () -- C:\Users\PC\Documents\AutoRuns.arn
[2014-01-20 07:35:24 | 000,027,408 | ---- | C] () -- C:\Users\PC\Documents\rejestr 20 styczenien 2014.reg
[2014-01-17 16:14:02 | 000,000,704 | ---- | C] () -- C:\Users\Public\Desktop\WarThunder.lnk
[2014-01-16 15:25:51 | 000,000,808 | ---- | C] () -- C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Universe Sandbox.lnk
[2014-01-06 20:20:50 | 000,002,885 | ---- | C] () -- C:\Users\PC\AppData\Local\recently-used.xbel
[2014-01-05 07:31:57 | 000,001,091 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 18.lnk
[2013-12-18 13:55:02 | 000,000,080 | ---- | C] () -- C:\Users\PC\AppData\Roaming\WB.CFG
[2013-12-15 13:12:11 | 000,201,802 | ---- | C] () -- C:\Windows\System32\poclbm130302GeForce 8600 GTSv1w256l4.bin
[2013-12-12 08:47:36 | 000,000,120 | ---- | C] () -- C:\Users\PC\AppData\Roaming\ec67f1ea.dat
[2013-11-24 11:19:27 | 000,000,000 | ---- | C] () -- C:\Users\PC\AppData\Local\{E17F26D6-0A97-4B34-909B-B81C7F72C589}
[2013-10-31 20:30:09 | 000,016,304 | ---- | C] () -- C:\Windows\System32\apl003.sys
[2013-10-31 20:30:09 | 000,013,232 | ---- | C] () -- C:\Windows\System32\apf003.sys
[2013-10-14 15:07:37 | 000,217,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2013-10-14 14:00:27 | 000,020,799 | ---- | C] () -- C:\Windows\System32\main.dat
[2013-10-14 14:00:27 | 000,000,448 | ---- | C] () -- C:\Windows\System32\user.dat
[2013-10-14 14:00:09 | 000,157,586 | ---- | C] () -- C:\Windows\System32\helper.dat
[2013-10-14 13:57:20 | 000,000,450 | RHS- | C] () -- C:\Users\PC\ntuser.pol
[2013-10-14 13:57:18 | 000,013,077 | ---- | C] () -- C:\Users\PC\AppData\Local\helper.dat
[2013-10-14 13:57:06 | 000,108,032 | ---- | C] () -- C:\Users\PC\AppData\Local\ContentAgent.exe
[2013-10-05 05:51:29 | 000,012,005 | ---- | C] () -- C:\Users\PC\AppData\Roaming\alsoft.ini
[2013-06-09 10:29:08 | 043,980,197 | ---- | C] () -- C:\Users\PC\AppData\Roaming\.minecraft.rar
[2013-05-18 08:19:08 | 000,000,000 | ---- | C] () -- C:\Windows\zSpy.INI
[2013-05-16 13:15:00 | 000,000,098 | ---- | C] () -- C:\Windows\h3maped.INI
[2013-05-07 16:06:17 | 000,007,605 | ---- | C] () -- C:\Users\PC\AppData\Local\Resmon.ResmonCfg
[2013-05-01 12:01:51 | 000,000,256 | ---- | C] () -- C:\Windows\_delis32.ini
[2013-04-29 18:15:53 | 000,000,001 | ---- | C] () -- C:\Windows\System32\SI.bin
[2013-04-19 19:45:40 | 000,086,016 | ---- | C] () -- C:\Windows\System32\1899.dll
[2013-04-15 20:41:57 | 000,086,016 | ---- | C] () -- C:\Windows\System32\2067.dll
[2013-04-15 20:41:18 | 000,086,016 | ---- | C] () -- C:\Windows\System32\264.dll
[2013-04-12 19:08:45 | 000,202,240 | ---- | C] () -- C:\Windows\System32\patchw32.dll
[2013-04-12 19:08:28 | 000,349,696 | ---- | C] () -- C:\Windows\System32\mss32.dll
[2013-04-12 19:08:24 | 003,167,501 | ---- | C] () -- C:\Windows\System32\metin2.bin
[2013-01-11 10:17:59 | 000,011,264 | ---- | C] () -- C:\Windows\Launcher.exe
[2012-11-14 14:44:31 | 000,000,147 | ---- | C] () -- C:\Windows\WA.INI
[2012-11-10 18:13:58 | 000,040,960 | ---- | C] () -- C:\Windows\System32\psfind.dll
[2012-11-03 12:52:26 | 000,138,032 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2012-11-03 12:52:25 | 000,138,056 | ---- | C] () -- C:\Users\PC\AppData\Roaming\PnkBstrK.sys
[2012-10-14 09:15:32 | 001,582,899 | ---- | C] () -- C:\Windows\WANEUninstaller.exe
[2012-08-16 19:24:13 | 000,281,688 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2012-08-16 19:24:00 | 000,076,888 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2012-08-16 16:15:49 | 000,893,394 | ---- | C] () -- C:\Windows\System32\osu!.exe.zip
[2012-08-16 16:15:41 | 000,954,748 | ---- | C] () -- C:\Windows\System32\osu!test.exe.zip
[2012-08-16 16:13:37 | 015,265,249 | ---- | C] () -- C:\Windows\System32\osu.dll.zip
[2012-08-16 16:13:37 | 004,409,856 | ---- | C] () -- C:\Windows\System32\avcodec-51.dll
[2012-08-16 16:13:37 | 000,711,680 | ---- | C] () -- C:\Windows\System32\avformat-52.dll
[2012-08-16 16:13:37 | 000,062,464 | ---- | C] () -- C:\Windows\System32\avutil-49.dll
[2012-08-16 16:13:20 | 000,012,520 | ---- | C] () -- C:\Windows\System32\osu!framework.dll
[2012-08-16 16:12:55 | 000,294,632 | ---- | C] () -- C:\Windows\System32\_osume.exe
[2012-08-13 10:48:04 | 000,000,019 | ---- | C] () -- C:\Windows\D.ini
[2012-07-26 10:56:52 | 000,280,869 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2012-07-23 08:25:34 | 000,000,000 | ---- | C] () -- C:\Windows\System32\Access.dat
[2012-07-21 15:43:05 | 000,000,126 | ---- | C] () -- C:\Users\PC\wxDownloadFast.ini
[2012-07-09 09:24:17 | 000,008,192 | ---- | C] () -- C:\Windows\d3dx.dat
[2012-04-29 18:38:24 | 000,000,563 | ---- | C] () -- C:\Windows\SIERRA.INI
[2012-04-14 08:08:31 | 000,000,021 | ---- | C] () -- C:\Users\PC\AppData\Roaming\fexec.dat
[2012-03-14 18:37:04 | 000,006,439 | ---- | C] () -- C:\Users\PC\AppData\Local\angielskie.nazwy.miast.w.skyrim.torrent
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009-07-14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010-11-20 22:29:11 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 22:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2013-09-11 18:20:24 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\.aethericcrusade
[2013-11-26 17:01:24 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\.electriciansjourney
[2013-09-14 12:40:01 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\.medieval
[2013-11-22 19:18:44 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\.melinagier
[2014-01-20 08:03:25 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\.minecraft
[2013-01-17 08:41:59 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\.minecraft fed the best
[2013-01-12 16:00:37 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\.minecraft oldpack
[2013-11-16 13:50:14 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\.minecraftzyczu
[2013-11-22 19:32:32 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\.minecraft_pixelmon252
[2012-02-05 07:45:02 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\.Nitrous
[2013-08-24 13:55:50 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\0F1F1C2Y1H1P1C0I0T
[2012-09-27 15:30:57 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Aeria Games & Entertainment
[2013-12-17 19:52:17 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Ambient Design
[2012-09-06 13:46:07 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Ascaron Entertainment
[2012-11-29 20:41:58 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\AudioConverterPackages
[2013-08-24 13:55:22 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\BabSolution
[2012-03-05 18:49:27 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Babylon
[2013-03-10 20:22:09 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Balmora.pl
[2012-06-20 05:53:08 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Blockscape
[2012-12-11 20:15:08 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Complitly
[2013-12-04 16:25:01 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Crash Reports
[2013-03-03 13:28:25 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\CRMixiDJTB
[2014-01-20 07:34:28 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\DAEMON Tools Lite
[2013-08-24 13:55:10 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Dealply
[2013-08-24 13:55:31 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Delta
[2013-06-21 08:27:09 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\do .minecraft
[2013-03-09 15:38:26 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Doublefine
[2012-05-29 11:45:08 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Downloaded Installations
[2013-11-27 16:34:25 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\FEZ
[2013-02-19 20:34:33 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Gadu-Gadu 10
[2013-04-29 18:14:34 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\GameRanger
[2013-01-26 13:10:30 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\gd.sos.McPixel
[2013-12-24 08:37:29 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\GG
[2012-12-05 21:16:25 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\IonFx
[2012-10-28 09:03:08 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\LolClient
[2012-02-15 16:01:37 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\MargonemMapki
[2012-03-21 20:25:13 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Media Finder
[2012-07-07 18:44:59 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Media Get LLC
[2012-05-05 13:04:12 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\minecraft mods
[2013-10-20 12:08:08 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\miner
[2013-12-14 21:47:42 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\minert
[2013-05-10 16:08:28 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Mount&Blade
[2012-10-13 15:55:16 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Mount&Blade Warband
[2012-10-12 14:47:57 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Mount&Blade With Fire and Sword
[2013-06-15 14:19:26 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Need for Speed World
[2012-04-26 13:34:01 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\New Worl
[2012-05-07 16:05:14 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Notepad++
[2013-02-18 19:34:22 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\OpenCandy
[2012-01-10 14:32:23 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\OpenFM
[2012-12-15 17:25:55 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Opera
[2014-01-05 07:32:00 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Opera Software
[2013-06-05 15:03:39 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\PowerISO
[2012-08-16 19:23:55 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\PunkBuster
[2012-01-16 17:22:20 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\pymclevel
[2012-11-12 20:03:30 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Rovio
[2012-12-11 20:15:58 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Stardock
[2012-04-25 12:35:02 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\SumatraPDF
[2013-10-31 21:06:20 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\System
[2012-11-23 17:43:27 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Theta
[2014-01-12 16:37:17 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\TS3Client
[2012-12-21 19:22:01 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\TuneUp Software
[2013-11-26 17:45:14 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\TunkDesign
[2012-07-23 20:32:50 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Tunngle
[2013-06-08 14:38:05 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Unity
[2014-01-20 09:16:20 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\uTorrent
[2012-04-09 17:45:29 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\wargaming.net
[2013-05-12 17:30:08 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Wings3D
[2014-01-16 15:26:21 | 000,000,000 | -HSD | M] -- C:\Users\PC\AppData\Roaming\wyUpdate AU
[2013-04-26 13:17:14 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Zeal Game Studio
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >

Extras:

Kod: Zaznacz cały

OTL Extras logfile created on: 2014-01-20 09:06:28 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = D:\
 Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
2,00 Gb Total Physical Memory | 0,77 Gb Available Physical Memory | 38,42% Memory free
4,00 Gb Paging File | 2,23 Gb Available in Paging File | 55,73% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 48,73 Gb Total Space | 16,85 Gb Free Space | 34,58% Space Free | Partition Type: NTFS
Drive D: | 184,05 Gb Total Space | 116,72 Gb Free Space | 63,41% Space Free | Partition Type: NTFS
 
Computer Name: PC-KOMPUTER | User Name: PC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = WinHelpCustomView.Scenario] -- Reg Error: Key error. File not found
.html [@ = OperaStable] -- C:\Program Files\Opera\Launcher.exe (Opera Software)
 
[HKEY_USERS\S-1-5-21-3884073618-2342960157-2434547727-1000\SOFTWARE\Classes\<extension>]
.html [@ = OperaNext] -- C:\Program Files\Opera Next\Launcher.exe (Opera Software)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UACDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
 
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{003CD7E2-44FF-4C20-98C1-5DBAD4EBB4C3}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{08963318-CC94-47A8-8726-4836F4E10180}" = lport=443 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\netservice\nvnetworkservice.exe | 
"{0A881200-29D5-4099-8F90-6251C5D455B0}" = lport=80 | protocol=6 | dir=in | name=war thunder | 
"{0AB660EB-5C5F-4B0D-9701-EF666CAFC893}" = lport=3478 | protocol=17 | dir=in | name=war thunder | 
"{0C3C8BF6-B767-47A1-914A-9DAA9B796F9E}" = lport=3478 | protocol=17 | dir=in | name=war thunder | 
"{0EC18F2B-45DB-48D6-8996-17FE1FF95039}" = lport=7850 | protocol=6 | dir=in | name=war thunder | 
"{1148DB72-C065-4C6C-9A9F-DEDBB507DEBB}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{115A4DEA-221B-47B1-AF8E-DFE070C71FAE}" = lport=443 | protocol=6 | dir=in | name=war thunder | 
"{1A7F9897-4D80-4FA5-9BED-3C01E8C3DD2C}" = lport=7852 | protocol=6 | dir=in | name=war thunder | 
"{1CF6B0A3-0FE7-4E87-B375-99F4823D0930}" = lport=20443 | protocol=6 | dir=in | name=war thunder | 
"{1E4F7BBF-6E57-4846-9B38-02B7BC1D0C6C}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface | 
"{1ED5A7F5-4FA9-43E8-9C40-447F6015C065}" = lport=20010 | protocol=17 | dir=in | name=war thunder | 
"{351CFF07-497A-41EE-B8EA-C5CD8CA0D254}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{35EE67FE-297F-4C71-9784-D8027E784622}" = lport=8090 | protocol=6 | dir=in | name=war thunder | 
"{3960C249-88DF-48E4-B2AC-4FBE0AF2CFB9}" = lport=20443 | protocol=6 | dir=in | name=war thunder | 
"{39BE9A06-14AD-40AE-9E1F-F4D3CE0D828E}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{4FC552B2-9442-479D-AF67-C74ADF1FDC0A}" = lport=7853 | protocol=6 | dir=in | name=war thunder | 
"{50615AA3-83D9-4566-A7C2-D581B17B2BED}" = lport=59020 | protocol=6 | dir=in | name=pando media booster | 
"{523A63C0-86FA-43C6-961C-F18BDE60BE72}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{56FD5B3A-FE75-4C5F-9D1B-4DD33E813908}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{6537BD97-79F6-4656-9E68-6F9FE5DF4D08}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{6A145249-1B3C-49E6-86FB-D6D33C11E8E3}" = lport=59020 | protocol=17 | dir=in | name=pando media booster | 
"{6E51CFB0-FF8C-44BB-80A6-FF017038B914}" = lport=59020 | protocol=6 | dir=in | name=pando media booster | 
"{75A87A15-DE98-4E0F-BC0E-D357CBBF95A0}" = lport=80 | protocol=6 | dir=in | name=war thunder | 
"{91EC4C05-C8BB-409F-8DB3-25C0C53B385A}" = lport=443 | protocol=6 | dir=in | name=war thunder | 
"{9907C5EF-134F-4831-AE3B-25CF1423F4A2}" = lport=49240 | protocol=6 | dir=in | name=akamai netsession interface | 
"{A558DD3C-9CBB-435B-8D43-F391EF04028D}" = lport=7853 | protocol=6 | dir=in | name=war thunder | 
"{A5EB808C-ED6B-4AF9-9628-BC473D4389A3}" = lport=33333 | protocol=6 | dir=in | name=war thunder | 
"{A5F4D114-0A50-4FDD-A749-00BDAFE213FA}" = lport=27022 | protocol=6 | dir=in | name=war thunder | 
"{AC0190C0-9A84-4681-9BB9-CDAC322CE445}" = lport=6881 | protocol=6 | dir=in | name=war thunder | 
"{AC90AD84-BC40-46AC-9DE2-C334AB390527}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{ACB5E3B6-0820-42C0-9431-F80FC38A0322}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{AD0A6EC7-5425-421C-AA7A-27DA6FB7CFDB}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{AF026744-8695-46EB-8A8E-FE2A955B6F04}" = lport=20010 | protocol=17 | dir=in | name=war thunder | 
"{BBAE8A8F-598A-4D81-9A1C-5808D475ECF2}" = lport=7852 | protocol=6 | dir=in | name=war thunder | 
"{BF2E97A3-7E00-492F-87FB-AD3F7CF1DD99}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{CBC6D06C-C7E1-4D31-8E50-7D283D21635E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{D092F9EF-5676-493C-BFF4-B8E452CD8F26}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{D32E4ED5-A281-4588-B6DC-8F472307A324}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{D4C013FC-E3CD-4034-AEF3-70394D06F742}" = lport=6881 | protocol=6 | dir=in | name=war thunder | 
"{DA06F89F-64C7-4E4C-B7EF-6B37BB757146}" = lport=8090 | protocol=6 | dir=in | name=war thunder | 
"{DFD5AAA2-F0E6-4B96-AB45-2400F26E178C}" = lport=27022 | protocol=6 | dir=in | name=war thunder | 
"{E1B78C61-80C1-4441-B3B7-A4B1691C350D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{EBF8C16A-238A-480A-AC88-B0A621D9F210}" = lport=59020 | protocol=17 | dir=in | name=pando media booster | 
"{F292298C-F7C3-4F03-8D1B-B7783B48CAAE}" = lport=33333 | protocol=6 | dir=in | name=war thunder | 
"{F889F565-1AD8-4165-B95B-1530D781A998}" = lport=7850 | protocol=6 | dir=in | name=war thunder | 
"{FF5AF3C1-1F05-4DD5-8396-65F6CA5AD2D5}" = lport=80 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\netservice\nvnetworkservice.exe | 
 
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00D7DBAC-C569-4DE6-8C3B-AD54B7A0D22D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{0322F85F-E971-4E02-A31C-1C883E84151F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{0C220A43-71EF-4325-BF22-C77983F4AD62}" = dir=in | app=c:\program files\avg\avg8\avgdiagex.exe | 
"{0C66EF02-D80E-4FAB-8647-60BB98A3DFF6}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe | 
"{0F4AE2C2-6B02-4F0D-8746-0DD01B1EBA7C}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{0FEE4886-7A47-4F5D-9AE4-A5B57AB55E6C}" = dir=in | app=c:\program files\protected search\protectedsearch.exe | 
"{108A7C60-601C-4D8E-83CB-BF69557670E7}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{125E27F3-CDE1-4844-95E7-873DD2AF6927}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{15AD6A30-CA27-4BB2-B7DA-2CCBA2B18BEB}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{1FB8B257-CF2E-41E7-9185-30028555E475}" = protocol=17 | dir=in | app=d:\programy\steam\steam.exe | 
"{2639DF25-15EC-430F-AC86-3526EE4206D8}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{335C520B-943E-480B-84E4-A74537B1EF51}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{3D389E7B-4CAB-46CE-A48C-FAD76646E015}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{4227C549-169B-4943-AAEE-8B07972704B8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{444BF97A-4515-4907-938C-930E588F4008}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe | 
"{44B01495-484B-4BC3-8747-5D5C0EE90323}" = protocol=17 | dir=in | app=c:\users\pc\appdata\local\mediaget2\mediaget.exe | 
"{587ED32F-3E87-4DEA-850F-B2E25EE6D54A}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 | 
"{5BE16C6F-A95C-4A2F-8675-DF3E4AD33E62}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{5DC70AAD-C360-4748-87FB-9DCCF957A3A1}" = protocol=6 | dir=in | app=d:\gry\warthunder\launcher.exe | 
"{65F8C552-116C-4E3F-BE30-29868C229304}" = protocol=6 | dir=in | app=c:\users\pc\appdata\roaming\utorrent\utorrent.exe | 
"{69C50335-E470-45F0-B93D-66F9B2B869E7}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{7BBEF912-AF22-456E-B6E7-5AC2542A0AD2}" = protocol=58 | dir=in | app=system | 
"{7ED41581-491D-4A12-A404-7EB9276CCFDF}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{865FE287-3E00-40F9-B5A5-385543B43842}" = protocol=6 | dir=in | app=c:\users\pc\appdata\local\mediaget2\mediaget.exe | 
"{89ADE896-0D0A-4A47-AA12-131C1FAE0479}" = protocol=6 | dir=in | app=d:\programy\steam\steam.exe | 
"{8C4C4AC6-FEBA-47D5-BCDD-1D6A300786C3}" = protocol=17 | dir=in | app=c:\users\pc\appdata\roaming\utorrent\utorrent.exe | 
"{8FF89F21-C300-4868-999E-4CF1C5535858}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{95298777-59A0-41BC-B503-3E3E1C135DDF}" = dir=in | app=c:\program files\protected search\protectedsearch.exe | 
"{9703C3E3-F33A-4EBA-B04D-3E0299018F54}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{A8A9BF8E-BB23-4F3A-A42C-6C2A86AF7448}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{ACCC05B0-503C-44BC-8E37-AB5F624EA21D}" = protocol=17 | dir=in | app=d:\gry\warthunder\launcher.exe | 
"{B9175F30-DD95-4018-BC40-90A5B3F03A1D}" = protocol=6 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{BFE202F4-18A5-4DDB-AF1D-AA963EC4F0FE}" = dir=in | app=c:\program files\avg\avg8\avgam.exe | 
"{C0B4FEB2-F48A-4C78-8762-67CBE28709B4}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{C10204C0-6857-40F8-A5D3-CB10E358F7A4}" = dir=in | app=c:\program files\avg\avg8\avgemc.exe | 
"{C52D70D9-170A-4819-973C-0F859FBAD4DF}" = protocol=6 | dir=out | app=system | 
"{C5BF9B4B-0FDF-41B5-82C8-D6AC13968DCA}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{CEBACF64-A4B4-4B04-AEB7-5483A71DD0E3}" = protocol=17 | dir=in | app=d:\gry\warthunder\launcher.exe | 
"{CF1D5A38-E2AC-469C-A867-72886BA22AB0}" = dir=in | app=c:\program files\avg\avg8\avgupd.exe | 
"{E62EA8E2-C30B-4DD7-8287-AF6E41900859}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{E717CB2A-E168-4172-A3AC-0B76BFCDF655}" = protocol=17 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{E9719C48-C1B7-4D19-9B28-0CA7C1573ACA}" = dir=in | app=c:\program files\avg\avg8\avgnsx.exe | 
"{EA8FD2CA-3D7A-414E-BE4A-D02D283F1FD3}" = protocol=6 | dir=in | app=d:\gry\warthunder\launcher.exe | 
"{EAD56AC0-FB18-484D-8DB4-9954B153314C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{ED24754C-6462-45F7-947A-2D696B8F449F}" = dir=out | app=c:\program files\protected search\protectedsearch.exe | 
"{EEA5A467-65EB-4B23-8AFE-173E85F29EB7}" = dir=in | app=c:\program files\avg\avg8\avgdiag.exe | 
"{EFBE6403-DD54-4CBA-B664-CADA22507C5B}" = dir=out | app=c:\program files\protected search\protectedsearch.exe | 
"{F1C450D5-7633-43B5-8015-6F93666A559D}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 51
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}" = ROBLOX Studio 2013
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{32A3A4F4-B792-11D6-A78A-00B0D0170090}" = Java SE Development Kit 7 Update 9
"{32A3A4F4-B792-11D6-A78A-00B0D0170130}" = Java SE Development Kit 7 Update 13
"{373B1718-8CC5-4567-8EE2-9033AD08A680}" = ROBLOX Player
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}" = Titan Quest
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}" = Google Earth Plug-in
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{4FFBB818-B13C-11E0-931D-B2664824019B}_is1" = Complitly
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5C19E2DC-4CCF-3114-B40A-6E565987025F}" = Microsoft .NET Framework 4 Extended PLK Language Pack
"{66B6D13A-9CC1-417D-B6F2-58AA539D1045}" = Nero 7 Essentials
"{6C772996-BFF3-3C8C-860B-B3D48FF05D65}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
"{6FB6D550-DDC4-4996-9CDF-91C34F0A4C4A}" = Gothic II - Noc Kruka
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75773FB3-929A-4B08-A411-04A075071E10}" = Worms Forts - Oblężenie
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{886EDF51-C894-4AF2-844C-FFC365B3C1A2}" = PIT pro 2012
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Twierdza Krzyżowiec (Warchest)
"{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
"{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}" = Software Version Updater
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B4E5CB1-7A1A-420A-B851-3F9206B5D0C1}" = Worms Armageddon
"{A1264D7F-CEF6-4033-8F9D-3E27392E3627}" = Terraria v1.2.0.2 cracked-KEBAB
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AC76BA86-7AD7-1045-7B44-A95000000001}" = Adobe Reader 9.5.1 - Polish
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 332.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 332.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 332.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.8.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 332.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.13.0725
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 10.11.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 10.11.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.19
"{B49962AF-CAB9-44DE-8729-A4369F44BA0D}" = MixiDJ Chrome Toolbar
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{C3592426-531E-4110-911D-BFECE2CE284C}" = osu!
"{C3F3165C-74D3-6FDB-3274-14FDA8698CFA}" = BRowsE2soave
"{C66A542D-B66B-4E67-84EA-F2D0383FBC14}" = TuneUp Utilities Language Pack (pl-PL)
"{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}" = RealDownloader
"{D731FCB5-E7D0-4EE1-AC0A-8994FF2F9EBB}_is1" = Outlast PL [BDIP] wersja 1.0
"{D84F41A8-33E6-402A-8DD6-D2244235BCB8}" = LogMeIn Hamachi
"{DDDA784F-1F6F-4ECA-B432-EBE0374C322D}" = Angry Birds Star Wars
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E43ED0A0-C85E-40F0-807C-6A8A9D2FAEF3}_is1" = King's Bounty. The Legend (Remove Only)
"{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
"{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1" = War Thunder Launcher 1.0.1.302
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F9A9C54B-1438-4553-B27C-4A4BBC69920A}" = Amnesia: Mroczny Obłęd
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AVG Secure Search" = AVG Security Toolbar
"AVG8Uninstall" = AVG 8.5
"Better Surf Plus" = Better Surf Plus
"Borderlands.2.Incl.All.24.DLC.[1.7].W.B.Repack" = Borderlands.2.Incl.All.24.DLC.[1.7].W.B.Repack
"CCleaner" = CCleaner
"Cheat Engine 6.2_is1" = Cheat Engine 6.2
"DealPly" = DealPly (remove only)
"delta" = Delta toolbar  
"Delta Chrome Toolbar" = Delta Chrome Toolbar
"FilesFrog Update Checker" = FilesFrog Update Checker
"Frater_is1" = Frater v1.4 Patch
"GBoxUpdater" = Gbox Updater
"Gothic" = Gothic
"Heroes of Might and Magic III - Złota Edycja_is1" = Heroes of Might and Magic III - Złota Edycja
"IECT3312806" = Fun Media Bar V10 Toolbar for IE
"KLiteCodecPack_is1" = K-Lite Codec Pack 10.0.0 Basic
"LogMeIn Hamachi" = LogMeIn Hamachi
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended
"Music Codec Pack_is1" = Music Codec Pack
"Neverwinter" = Neverwinter
"Notepad++" = Notepad++
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"Opera 12.16.1860" = Opera 12.16
"Opera 18.0.1284.68" = Opera Stable 18.0.1284.68
"Opera 19.0.1326.34" = Opera Next 19.0.1326.34
"Port Royale 2_is1" = Port Royale 2
"PowerISO" = PowerISO
"Protected Search_is1" = Protected Search 1.1
"RealPlayer 16.0" = RealPlayer
"Steam" = Steam
"T3V0bGFzdA==_is1" = Outlast
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"The KMPlayer" = The KMPlayer (remove only)
"Universe Sandbox" = Universe Sandbox
"WebConnect" = WebConnect 3.0.0
"Webexp Enhanced" = Webexp Enhanced
"Winamp" = Winamp
"Wings 3D 1.4.1" = Wings 3D 1.4.1
"WinPcapInst" = WinPcap 4.1.1
"WinRAR archiver" = Archiwizator WinRAR
"World of Goo/PL-Polish_is1" = World of Goo
 
[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
 
[HKEY_USERS\S-1-5-21-3884073618-2342960157-2434547727-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Dealply" = Dealply
"GG" = GG
"GG 11 Packages" = GG 11 Packages
"lollipop" = Lollipop
"MediaGet" = MediaGet
"UnityWebPlayer" = Unity Web Player
"uTorrent" = µTorrent
"Winamp Detect" = Detektor Winampa
 
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 2014-01-20 03:28:38 | Computer Name = PC-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: ix_updater.exe, wersja: 0.0.0.0,
 sygnatura czasowa: 0x4fd4a9ac  Nazwa modułu powodującego błąd: ix_updater.exe, wersja:
 0.0.0.0, sygnatura czasowa: 0x4fd4a9ac  Kod wyjątku: 0xc0000005  Przesunięcie błędu:
 0x000077bc  Identyfikator procesu powodującego błąd: 0xc78  Godzina uruchomienia aplikacji
 powodującej błąd: 0x01cf15b1343fd920  Ścieżka aplikacji powodującej błąd: C:\ProgramData\GboxUpdater\ix_updater.exe
Ścieżka
 modułu powodującego błąd: C:\ProgramData\GboxUpdater\ix_updater.exe  Identyfikator
 raportu: 7a309a00-81a4-11e3-abc1-001d7dbef115
 
Error - 2014-01-20 03:28:43 | Computer Name = PC-Komputer | Source = WinMgmt | ID = 10
Description = 
 
Error - 2014-01-20 03:28:51 | Computer Name = PC-Komputer | Source = NvStreamSvc | ID = 131073
Description = 
 
Error - 2014-01-20 03:28:51 | Computer Name = PC-Komputer | Source = NvStreamSvc | ID = 131073
Description = 
 
Error - 2014-01-20 03:38:45 | Computer Name = PC-Komputer | Source = .NET Runtime | ID = 1022
Description = 
 
Error - 2014-01-20 03:50:28 | Computer Name = PC-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: ix_updater.exe, wersja: 0.0.0.0,
 sygnatura czasowa: 0x4fd4a9ac  Nazwa modułu powodującego błąd: ix_updater.exe, wersja:
 0.0.0.0, sygnatura czasowa: 0x4fd4a9ac  Kod wyjątku: 0xc0000005  Przesunięcie błędu:
 0x000077bc  Identyfikator procesu powodującego błąd: 0xc10  Godzina uruchomienia aplikacji
 powodującej błąd: 0x01cf15b43f44ae60  Ścieżka aplikacji powodującej błąd: C:\ProgramData\GboxUpdater\ix_updater.exe
Ścieżka
 modułu powodującego błąd: C:\ProgramData\GboxUpdater\ix_updater.exe  Identyfikator
 raportu: 86fdfa40-81a7-11e3-ac7b-001d7dbef115
 
Error - 2014-01-20 03:50:34 | Computer Name = PC-Komputer | Source = WinMgmt | ID = 10
Description = 
 
Error - 2014-01-20 03:50:43 | Computer Name = PC-Komputer | Source = NvStreamSvc | ID = 131073
Description = 
 
Error - 2014-01-20 03:50:43 | Computer Name = PC-Komputer | Source = NvStreamSvc | ID = 131073
Description = 
 
Error - 2014-01-20 03:53:07 | Computer Name = PC-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: update_checker.exe, wersja: 4.3.0.0,
 sygnatura czasowa: 0x525d9c67  Nazwa modułu powodującego błąd: ntdll.dll, wersja:
 6.1.7601.17514, sygnatura czasowa: 0x4ce7b96e  Kod wyjątku: 0xc0000005  Przesunięcie
 błędu: 0x00055fb6  Identyfikator procesu powodującego błąd: 0x117c  Godzina uruchomienia
 aplikacji powodującej błąd: 0x01cf15b44c1fe910  Ścieżka aplikacji powodującej błąd:
 C:\Users\PC\AppData\Local\FilesFrog Update Checker\update_checker.exe  Ścieżka modułu
 powodującego błąd: C:\Windows\SYSTEM32\ntdll.dll  Identyfikator raportu: e5ffe080-81a7-11e3-ac7b-001d7dbef115
 
[ Media Center Events ]
Error - 2012-09-30 01:07:14 | Computer Name = PC-Komputer | Source = MCUpdate | ID = 0
Description = 07:07:13 - Błąd podczas nawiązywania połączenia z Internetem.  07:07:14
 -     Nie można skontaktować się z serwerem..  
 
Error - 2012-10-08 06:34:32 | Computer Name = PC-Komputer | Source = MCUpdate | ID = 0
Description = 12:34:32 - Nie można pobrać pakietu Directory (Błąd: Połączenie podstawowe
 zostało zakończone: Wystąpił nieoczekiwany błąd przy odbiorze.)  
 
Error - 2012-10-20 01:45:55 | Computer Name = PC-Komputer | Source = MCUpdate | ID = 0
Description = 07:45:45 - Błąd podczas nawiązywania połączenia z Internetem.  07:45:45
 -     Nie można skontaktować się z serwerem..  
 
Error - 2012-10-20 02:46:37 | Computer Name = PC-Komputer | Source = MCUpdate | ID = 0
Description = 08:46:11 - Błąd podczas nawiązywania połączenia z Internetem.  08:46:12
 -     Nie można skontaktować się z serwerem..  
 
Error - 2013-07-28 00:32:57 | Computer Name = PC-Komputer | Source = MCUpdate | ID = 0
Description = 06:32:57 - Błąd podczas nawiązywania połączenia z Internetem.  06:32:57
 -     Nie można skontaktować się z serwerem..  
 
Error - 2013-07-28 00:33:08 | Computer Name = PC-Komputer | Source = MCUpdate | ID = 0
Description = 06:33:03 - Błąd podczas nawiązywania połączenia z Internetem.  06:33:03
 -     Nie można skontaktować się z serwerem..  
 
Error - 2013-07-28 01:35:33 | Computer Name = PC-Komputer | Source = MCUpdate | ID = 0
Description = 07:35:33 - Błąd podczas nawiązywania połączenia z Internetem.  07:35:33
 -     Nie można skontaktować się z serwerem..  
 
Error - 2013-07-28 01:36:07 | Computer Name = PC-Komputer | Source = MCUpdate | ID = 0
Description = 07:36:02 - Błąd podczas nawiązywania połączenia z Internetem.  07:36:02
 -     Nie można skontaktować się z serwerem..  
 
Error - 2013-07-28 02:36:40 | Computer Name = PC-Komputer | Source = MCUpdate | ID = 0
Description = 08:36:38 - Błąd podczas nawiązywania połączenia z Internetem.  08:36:40
 -     Nie można skontaktować się z serwerem..  
 
Error - 2013-07-28 02:36:53 | Computer Name = PC-Komputer | Source = MCUpdate | ID = 0
Description = 08:36:47 - Błąd podczas nawiązywania połączenia z Internetem.  08:36:47
 -     Nie można skontaktować się z serwerem..  
 
[ System Events ]
Error - 2014-01-20 03:20:40 | Computer Name = PC-Komputer | Source = Service Control Manager | ID = 7009
Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się
 z usługą LogMeIn Hamachi Tunneling Engine.
 
Error - 2014-01-20 03:20:40 | Computer Name = PC-Komputer | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi LogMeIn Hamachi Tunneling Engine z powodu
 następującego błędu:   %%1053
 
Error - 2014-01-20 03:20:45 | Computer Name = PC-Komputer | Source = Service Control Manager | ID = 7034
Description = Usługa AVG8 WatchDog niespodziewanie zakończyła pracę. Wystąpiło to
 razy: 1.
 
Error - 2014-01-20 03:20:50 | Computer Name = PC-Komputer | Source = Service Control Manager | ID = 7024
Description = Usługa Windows Search zakończyła działanie; wystąpił specyficzny dla
 niej błąd %%-1073473535.
 
Error - 2014-01-20 03:20:50 | Computer Name = PC-Komputer | Source = Service Control Manager | ID = 7031
Description = Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło 
to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna:
 Uruchom usługę ponownie.
 
Error - 2014-01-20 03:20:57 | Computer Name = PC-Komputer | Source = Service Control Manager | ID = 7034
Description = Usługa AVG8 E-mail Scanner niespodziewanie zakończyła pracę. Wystąpiło
 to razy: 1.
 
Error - 2014-01-20 03:28:27 | Computer Name = PC-Komputer | Source = Microsoft-Windows-GroupPolicy | ID = 1096
Description = Przetwarzanie zasad grupy nie powiodło się. System Windows nie może
 zastosować opartych na rejestrze ustawień zasad dla obiektu zasad grupy LocalGPO.
 Ustawienia zasad grupy nie będą rozpoznawane do czasu rozwiązania tego problemu.
 Wyświetl szczegóły zdarzenia, aby uzyskać więcej informacji o nazwie i ścieżce 
pliku, który spowodował błąd.
 
Error - 2014-01-20 03:50:14 | Computer Name = PC-Komputer | Source = Microsoft-Windows-GroupPolicy | ID = 1096
Description = Przetwarzanie zasad grupy nie powiodło się. System Windows nie może
 zastosować opartych na rejestrze ustawień zasad dla obiektu zasad grupy LocalGPO.
 Ustawienia zasad grupy nie będą rozpoznawane do czasu rozwiązania tego problemu.
 Wyświetl szczegóły zdarzenia, aby uzyskać więcej informacji o nazwie i ścieżce 
pliku, który spowodował błąd.
 
Error - 2014-01-20 04:01:29 | Computer Name = PC-Komputer | Source = VDS Basic Provider | ID = 33554433
Description = 
 
Error - 2014-01-20 04:01:30 | Computer Name = PC-Komputer | Source = VDS Basic Provider | ID = 33554433
Description = 
 
 
< End of report >

--Edit--
Sprawdziłem jak bardzo się laguje. Włączyłem film na youtube, gre a aktualizacje windowsa w tle se leciała. Jak się okazało tylko youtube zaczęło lagowac tak to gra chodziła mi jak zawsze na 80 FPS.

Post20 sty 2014, 12:22

1) Użyj >Dostępne tylko dla zarejestrowanych użytkowników (aby pobrać kliknij na dużą zieloną strzałkę po prawej).
najpierw kliknij na SZUKAJ, a dopiero po zakończeniu skanowania, gdy uaktywni się przycisk USUŃ, to kliknij na niego.
Pokaż raport z niego C:\AdwCleaner\AdwCleaner.txt

2) Odinstaluj niepotrzebny Akamai NetSession Interface

3) Uruchom OTL i w oknie Własne opcje skanowania/Skrypt wklej to:

:OTL
[2014-01-16 15:26:21 | 000,000,000 | -HSD | M] -- C:\Users\PC\AppData\Roaming\wyUpdate AU
[2013-08-24 13:55:10 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Dealply
[2013-08-24 13:55:31 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Delta
[2012-12-11 20:15:08 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Complitly
[2013-08-24 13:55:22 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\BabSolution
[2012-03-05 18:49:27 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Babylon
[2013-12-12 08:47:36 | 000,000,120 | ---- | C] () -- C:\Users\PC\AppData\Roaming\ec67f1ea.dat
[2014-01-20 08:50:13 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\DealPlyLiveUpdateTaskMachineCore.job
[2014-01-20 08:50:13 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\AmiUpdXp.job
[2014-01-20 08:50:00 | 000,000,372 | -H-- | M] () -- C:\Windows\tasks\OptimizerProUpdaterLogonTask.job
[2014-01-20 08:50:00 | 000,000,368 | -H-- | M] () -- C:\Windows\tasks\OptimizerProUpdaterTask{C696282F-5642-4E9E-87F2-7A9B3CCBFF6C}.job
[2014-01-20 08:50:00 | 000,000,352 | -H-- | M] () -- C:\Windows\tasks\OptimizerProUpdaterRefreshTask.job
[2014-01-20 09:00:01 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\DealPlyLiveUpdateTaskMachineUA.job
[2014-01-20 08:55:00 | 000,000,286 | ---- | M] () -- C:\Windows\tasks\Dealply.job
[2014-01-20 09:13:10 | 000,180,345 | ---- | M] () -- C:\Windows\System32\helper.dat
[2014-01-20 09:13:10 | 000,089,088 | ---- | M] (keepvid.com Company) -- C:\Windows\System32\keepvid.dll
[2013-10-14 13:57:19 | 000,089,088 | ---- | C] (keepvid.com Company) -- C:\Users\PC\AppData\Local\keepvid.dll
[2014-01-01 18:18:38 | 000,000,000 | ---D | C] -- C:\Windows\System32\log
[2014-01-01 18:18:32 | 000,000,000 | ---D | C] -- C:\ProgramData\WPM
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll ()
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} Dostępne tylko dla zarejestrowanych użytkowników (Java Plug-in 10.51.2)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} Dostępne tylko dla zarejestrowanych użytkowników (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} Dostępne tylko dla zarejestrowanych użytkowników (Java Plug-in 10.51.2)
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files\Media Finder\hook.html File not found
O4 - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000..\Run: [minert] C:\Users\PC\AppData\Roaming\minert\nircmd.exe (NirSoft)
O4 - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000..\Run: [NTRedirect] C:\Users\PC\AppData\Roaming\BabSolution\Shared\enhancedNT.dll ()
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000..\Run: [Akamai NetSession Interface] C:\Users\PC\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000..\Run: [BackgroundContainer] C:\Users\PC\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll (Conduit Ltd.)
O4 - HKLM..\Run: [igfxtray Module] C:\Users\PC\AppData\Local\Temp\masas.exe (Rusky)
O4 - HKLM..\Run: [keepvid] C:\Users\PC\AppData\Local\keepvid.com.exe (keepvid.com Company)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (Fun Media Bar V10 Toolbar) - {130a876e-28f8-41f2-911d-084e557b057a} - C:\Program Files\Fun_Media_Bar_V10\prxtbFun_.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files\Delta\delta\1.8.24.6\deltaTlbr.dll (Delta-search.com)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - No CLSID value found.
O3 - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000\..\Toolbar\WebBrowser: (no name) - {51A86BB3-6602-4C85-92A5-130EE4864F13} - No CLSID value found.
O3 - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000\..\Toolbar\WebBrowser: (no name) - {57CC715D-37CA-44E4-9EC2-8C2CBDDB25EC} - No CLSID value found.
O3 - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000\..\Toolbar\WebBrowser: (no name) - {687578B9-7132-4A7A-80E4-30EE31099E03} - No CLSID value found.
O3 - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-3884073618-2342960157-2434547727-1000\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files\Delta\delta\1.8.24.6\bh\delta.dll (Delta-search.com)
O2 - BHO: (Help the General-Search Project) - {CA4520F3-AE13-4FB1-A513-58E23991C86D} - C:\Users\PC\AppData\Roaming\Media Finder\Extensions\gencrawler_gc.dll ()
O2 - BHO: (Better-Surf) - {8271B5D6-76D3-4ABF-AEB3-1721161C76BC} - C:\Program Files\Better-Surf\ie\BetterSrf.dll ()
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll ()
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Webexp Enhanced) - {3e27aade-f97d-444e-863b-360db6183445} - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha777\ie\WebexpEnhancedV1alpha777.dll ()
O2 - BHO: (keepvid.com) - {49ed9900-38cd-453c-bba7-3f2613317f5a} - C:\Windows\System32\keepvid.dll (keepvid.com Company)
O2 - BHO: (BetterSurf) - {6E3C6B04-08FE-43BC-8E50-F90285024DEA} - C:\Program Files\BetterSurf\ie\BetterSurf.dll ()
O2 - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\PC\AppData\Roaming\Complitly\Complitly.dll (SimplyGen)
O2 - BHO: (Fun Media Bar V10 Toolbar) - {130a876e-28f8-41f2-911d-084e557b057a} - C:\Program Files\Fun_Media_Bar_V10\prxtbFun_.dll (Conduit Ltd.)
O2 - BHO: (Better Surf Plus) - {1824FF90-C98E-48A6-838F-E3B6572B0C77} - C:\Program Files\BetterSurf\BetterSurfPlus\ie\BetterSrf.dll ()
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva397.sys -- (XDva397)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a3fqz2pf)
DRV - [2012-11-08 13:10:20 | 000,026,984 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
SRV - [2013-08-24 13:55:13 | 000,148,000 | ---- | M] (DealPly Technologies Ltd) [On_Demand | Stopped] -- C:\Program Files\DealPlyLive\Update\DealPlyLive.exe -- (dealplylivem)
SRV - [2013-08-24 13:55:13 | 000,148,000 | ---- | M] (DealPly Technologies Ltd) [Auto | Stopped] -- C:\Program Files\DealPlyLive\Update\DealPlyLive.exe -- (dealplylive)
SRV - [2012-11-08 13:10:20 | 000,711,112 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe -- (vToolbarUpdater13.2.0)
SRV - [2014-01-16 12:51:40 | 000,097,064 | ---- | M] () [Auto | Running] -- C:\Program Files\WebConnect\updateWebConnect.exe -- (Update WebConnect)
SRV - [2014-01-16 12:18:35 | 000,097,064 | ---- | M] () [Auto | Running] -- C:\Program Files\WebConnect\bin\utilWebConnect.exe -- (Util WebConnect)
SRV - [2014-01-02 08:33:40 | 000,499,856 | ---- | M] (Cherished Technololgy LIMITED) [Auto | Running] -- C:\ProgramData\WPM\wprotectmanager.exe -- (Wpm)
MOD - [2013-10-11 17:46:58 | 000,960,014 | ---- | M] () -- C:\Users\PC\AppData\Roaming\minert\cgminer.exe
MOD - [2013-10-11 17:46:58 | 000,538,126 | ---- | M] () -- C:\Users\PC\AppData\Roaming\minert\libcurl-4.dll
MOD - [2013-10-11 17:46:58 | 000,084,992 | ---- | M] () -- C:\Users\PC\AppData\Roaming\minert\zlib1.dll
MOD - [2013-08-22 10:19:31 | 000,187,888 | ---- | M] () -- C:\Users\PC\AppData\Roaming\BabSolution\Shared\enhancedNT.dll
MOD - [2012-11-08 13:10:20 | 000,997,320 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
MOD - [2012-11-08 13:10:20 | 000,566,728 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\DNTInstaller\13.2.0\avgdttbx.dll
MOD - [2012-11-08 13:10:20 | 000,134,600 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\SiteSafety.dll

:Files
C:\Users\PC\AppData\Roaming\minert
C:\Program Files\WebexpEnhancedV1
C:\Program Files\BetterSurf
C:\Program Files\Web Assistant
C:\ProgramData\AVG Secure Search

:Commands
[emptytemp]

Kliknij w Wykonaj Skrypt. Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie.
Następnie uruchom OTL ponownie, tym razem kliknij Skanuj.
Pokaż nowy log OTL.txt oraz raport z usuwania Skryptem.

F.

Post20 sty 2014, 12:41

Log z AdwCleanera:

Kod: Zaznacz cały

# AdwCleaner v3.017 - Log utworzony 20/01/2014 o 12:36:51
# Aktualizacja 12/01/2014 przez Xplode
# System operacyjny : Windows 7 Ultimate Service Pack 1 (32 bits)
# Użytkownik : PC - PC-KOMPUTER
# Ścieżka : D:\AdwCleaner.exe
# Opcja : Usuń

***** [ Usługi ] *****

[#] Usługa Usunięto : dealplylive
[#] Usługa Usunięto : dealplylivem
[#] Usługa Usunięto : Update WebConnect
Usługa Usunięto : Wpm

***** [ Pliki / Foldery ] *****

Folder Usunięto : C:\ProgramData\Ask
Folder Usunięto : C:\ProgramData\AVG Secure Search
Folder Usunięto : C:\ProgramData\Babylon
Folder Usunięto : C:\ProgramData\boost_interprocess
Folder Usunięto : C:\ProgramData\DealPlyLive
Folder Usunięto : C:\ProgramData\eSafe
Folder Usunięto : C:\ProgramData\GboxUpdater
Folder Usunięto : C:\ProgramData\Premium
Folder Usunięto : C:\ProgramData\Tarma Installer
Folder Usunięto : C:\ProgramData\Uniblue\DriverScanner
Folder Usunięto : C:\ProgramData\WPM
Folder Usunięto : C:\ProgramData\wxDfast
Folder Usunięto : C:\ProgramData\BRowsE2soave
Folder Usunięto : C:\ProgramData\WxDFastUpdater
Folder Usunięto : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder
Folder Usunięto : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search
Folder Usunięto : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BRowsE2soave
Folder Usunięto : C:\Program Files\1ClickDownload
Folder Usunięto : C:\Program Files\AVG Secure Search
Folder Usunięto : C:\Program Files\BetterSurf
Folder Usunięto : C:\Program Files\Better-Surf
Folder Usunięto : C:\Program Files\DealPly
Folder Usunięto : C:\Program Files\DealPlyLive
Folder Usunięto : C:\Program Files\Delta
Folder Usunięto : C:\Program Files\fbphotozoom
Folder Usunięto : C:\Program Files\PC Speed Maximizer
Folder Usunięto : C:\Program Files\Protected Search
Folder Usunięto : C:\Program Files\Red Sky
Folder Usunięto : C:\Program Files\WebConnect
Folder Usunięto : C:\Program Files\Yontoo
Folder Usunięto : C:\Program Files\Fun_Media_Bar_V10
Folder Usunięto : C:\Program Files\Common Files\AVG Secure Search
Folder Usunięto : C:\Users\PC\AppData\Local\AVG Secure Search
Folder Usunięto : C:\Users\PC\AppData\Local\DealPlyLive
Folder Usunięto : C:\Users\PC\AppData\Local\DownTango
Folder Usunięto : C:\Users\PC\AppData\Local\FilesFrog Update Checker
Folder Usunięto : C:\Users\PC\AppData\Local\lollipop
Folder Usunięto : C:\Users\PC\AppData\Local\PackageAware
Folder Usunięto : C:\Users\PC\AppData\Local\SwvUpdater
Folder Usunięto : C:\Users\PC\AppData\LocalLow\AVG Secure Search
Folder Usunięto : C:\Users\PC\AppData\LocalLow\BabylonToolbar
Folder Usunięto : C:\Users\PC\AppData\LocalLow\Delta
Folder Usunięto : C:\Users\PC\AppData\LocalLow\Funmoods
Folder Usunięto : C:\Users\PC\AppData\LocalLow\incredibar.com
Folder Usunięto : C:\Users\PC\AppData\LocalLow\mixidj
Folder Usunięto : C:\Users\PC\AppData\LocalLow\SimplyTech
Folder Usunięto : C:\Users\PC\AppData\LocalLow\Softonic
Folder Usunięto : C:\Users\PC\AppData\LocalLow\Fun_Media_Bar_V10
Folder Usunięto : C:\Users\PC\AppData\Roaming\BabSolution
Folder Usunięto : C:\Users\PC\AppData\Roaming\Babylon
Folder Usunięto : C:\Users\PC\AppData\Roaming\CRMixiDJTB
Folder Usunięto : C:\Users\PC\AppData\Roaming\DealPly
Folder Usunięto : C:\Users\PC\AppData\Roaming\Delta
Folder Usunięto : C:\Users\PC\AppData\Roaming\Media Finder
Folder Usunięto : C:\Users\PC\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
Folder Usunięto : C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
Folder Usunięto : C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
Folder Usunięto : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\m44pjsjq.default\Extensions\{a5ae8924-4036-420f-b7f6-a47e4b8f692e}
Plik Usunięto : C:\END
Plik Usunięto : C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\lollipop.lnk
Plik Usunięto : C:\Windows\Tasks\AmiUpdXp.job
Plik Usunięto : C:\Windows\System32\Tasks\AmiUpdXp
Plik Usunięto : C:\Windows\System32\Tasks\BackgroundContainer Startup Task
Plik Usunięto : C:\Windows\Tasks\Dealply.job
Plik Usunięto : C:\Windows\System32\Tasks\Dealply
Plik Usunięto : C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job
Plik Usunięto : C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineCore
Plik Usunięto : C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job
Plik Usunięto : C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineUA
Plik Usunięto : C:\Windows\System32\Tasks\DealPlyUpdate
Plik Usunięto : C:\Windows\System32\Tasks\EPUpdater
Plik Usunięto : C:\Windows\Tasks\GboxUpdaterLogonTask.job
Plik Usunięto : C:\Windows\System32\Tasks\GboxUpdaterLogonTask
Plik Usunięto : C:\Windows\Tasks\GboxUpdaterRefreshTask.job
Plik Usunięto : C:\Windows\System32\Tasks\GboxUpdaterRefreshTask
Plik Usunięto : C:\Windows\System32\Tasks\ProtectedSearch

***** [ Skróty ] *****

Skrót Wyleczono : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
Skrót Wyleczono : C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Skrót Wyleczono : C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Skrót Wyleczono : C:\Users\PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

***** [ Rejestr ] *****

Wartość Usunięto : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403A-B9D2-65C292C39087}]
Wartość Usunięto : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [12x3q@3244516.com]
Wartość Usunięto : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Wartość Usunięto : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [xz123@ya456.com]
Wartość Usunięto : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [auyo@camrag.co.uk]
Klucz Usunięto : HKLM\SOFTWARE\Google\Chrome\Extensions\boipimhfjpakfgckhbljjengakjhkcbp
Klucz Usunięto : HKLM\SOFTWARE\Google\Chrome\Extensions\dedmngkbaffkenlfdcbganndoghblmap
Klucz Usunięto : HKLM\SOFTWARE\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Klucz Usunięto : HKLM\SOFTWARE\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda
Klucz Usunięto : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Klucz Usunięto : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Klucz Usunięto : HKLM\SOFTWARE\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki
Klucz Usunięto : HKLM\SOFTWARE\Google\Chrome\Extensions\ieakfmpjhljbpbfpldjkddkjmmgjmgon
Klucz Usunięto : HKLM\SOFTWARE\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai
Klucz Usunięto : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Klucz Usunięto : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Klucz Usunięto : HKLM\SOFTWARE\Google\Chrome\Extensions\poheodfamflhhhdcmjfeggbgigeefaco
Klucz Usunięto : HKLM\SOFTWARE\Google\Chrome\Extensions\jgnpinhcdbifhbpndaojglmjonljjlek
[#] Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F9F30D1A-CB19-4DEF-B122-97E9DEABACB3}
[#] Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F9F30D1A-CB19-4DEF-B122-97E9DEABACB3}
[#] Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EA6B0347-3876-4ED6-A638-4FF7BE148C03}
[#] Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EA6B0347-3876-4ED6-A638-4FF7BE148C03}
[#] Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FB0F81B0-8E3B-477B-B9B5-47F6ED65F00D}
[#] Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{65BC4A9D-EB5E-4A3A-B711-3FA897AE4FB2}
[#] Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{68147345-227B-4CE2-BFD8-C879648B274A}
[#] Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F347D0C-50DE-42C5-AA24-E2B23AA37BF9}
[#] Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FB0F81B0-8E3B-477B-B9B5-47F6ED65F00D}
[#] Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{65BC4A9D-EB5E-4A3A-B711-3FA897AE4FB2}
[#] Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{68147345-227B-4CE2-BFD8-C879648B274A}
[#] Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8F347D0C-50DE-42C5-AA24-E2B23AA37BF9}
[#] Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{18E99A9E-1A15-4172-BD0C-8E700556F932}
[#] Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{18E99A9E-1A15-4172-BD0C-8E700556F932}
[#] Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3F4C0205-680C-4097-BA6E-5F2E3AEA3F51}
[#] Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3F4C0205-680C-4097-BA6E-5F2E3AEA3F51}
[#] Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E5ADD0E1-EC87-4025-A8E0-51F45D5B9445}
[#] Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E5ADD0E1-EC87-4025-A8E0-51F45D5B9445}
[#] Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F0A78A9-1BF7-473C-B188-C51F11D210E4}
Klucz Usunięto : HKCU\Software\Classes\Applications\lollipop.exe
Klucz Usunięto : HKCU\Software\Classes\pokki
Klucz Usunięto : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
Wartość Usunięto : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Wartość Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NTRedirect]
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\Complitly.DLL
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\dealplylive.exe
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Klucz Usunięto : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Klucz Usunięto : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Klucz Usunięto : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Klucz Usunięto : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Klucz Usunięto : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Klucz Usunięto : HKLM\SOFTWARE\Classes\d
Klucz Usunięto : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickCtrl.9
Klucz Usunięto : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickProcessLauncherMachine
Klucz Usunięto : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickProcessLauncherMachine.1.0
Klucz Usunięto : HKLM\SOFTWARE\Classes\DealPlyLive.Update3WebControl.3
Klucz Usunięto : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoCreateAsync
Klucz Usunięto : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoCreateAsync.1.0
Klucz Usunięto : HKLM\SOFTWARE\Classes\dealplyliveupdate.coreclass
Klucz Usunięto : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreClass.1
Klucz Usunięto : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClass
Klucz Usunięto : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClass.1
Klucz Usunięto : HKLM\SOFTWARE\Classes\dealplyliveupdate.credentialdialogmachine
Klucz Usunięto : HKLM\SOFTWARE\Classes\dealplyliveupdate.credentialdialogmachine.1.0
Klucz Usunięto : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclassmachine
Klucz Usunięto : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachine.1.0
Klucz Usunięto : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclassmachinefallback
Klucz Usunięto : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclassmachinefallback.1.0
Klucz Usunięto : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassSvc
Klucz Usunięto : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclasssvc.1.0
Klucz Usunięto : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.ProcessLauncher
Klucz Usunięto : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.ProcessLauncher.1.0
Klucz Usunięto : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService
Klucz Usunięto : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService.1.0
Klucz Usunięto : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachine
Klucz Usunięto : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachine.1.0
Klucz Usunięto : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachinefallback
Klucz Usunięto : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachinefallback.1.0
Klucz Usunięto : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3websvc
Klucz Usunięto : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3websvc.1.0
Klucz Usunięto : HKLM\SOFTWARE\Classes\delta.deltaappCore
Klucz Usunięto : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Klucz Usunięto : HKLM\SOFTWARE\Classes\delta.deltadskBnd
Klucz Usunięto : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1
Klucz Usunięto : HKLM\SOFTWARE\Classes\delta.deltaHlpr
Klucz Usunięto : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1
Klucz Usunięto : HKLM\SOFTWARE\Classes\driverscanner
Klucz Usunięto : HKLM\SOFTWARE\Classes\escort.escortIEPane
Klucz Usunięto : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Klucz Usunięto : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Klucz Usunięto : HKLM\SOFTWARE\Classes\esrv.deltaESrvc
Klucz Usunięto : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1
Klucz Usunięto : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc
Klucz Usunięto : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc.1
Klucz Usunięto : HKLM\SOFTWARE\Classes\f
Klucz Usunięto : HKLM\SOFTWARE\Classes\funmoods.dskBnd
Klucz Usunięto : HKLM\SOFTWARE\Classes\funmoods.dskBnd.1
Klucz Usunięto : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr
Klucz Usunięto : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr.1
Klucz Usunięto : HKLM\SOFTWARE\Classes\funmoodsApp.appCore
Klucz Usunięto : HKLM\SOFTWARE\Classes\funmoodsApp.appCore.1
Klucz Usunięto : HKLM\SOFTWARE\Classes\gencrawler_gc.GenCrawler
Klucz Usunięto : HKLM\SOFTWARE\Classes\MF
Klucz Usunięto : HKLM\SOFTWARE\Classes\Prod.cap
Klucz Usunięto : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Klucz Usunięto : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Klucz Usunięto : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Klucz Usunięto : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Klucz Usunięto : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Klucz Usunięto : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Klucz Usunięto : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Klucz Usunięto : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Klucz Usunięto : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Klucz Usunięto : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Klucz Usunięto : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Wartość Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Media Finder
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASAPI32
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASMANCS
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\I Want This_RASAPI32
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\I Want This_RASMANCS
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasapi32
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasmancs
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASAPI32
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASMANCS
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\updateWebConnect_RASAPI32
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\updateWebConnect_RASMANCS
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dealplylive.exe
Wartość Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Klucz Usunięto : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Klucz Usunięto : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=3
Klucz Usunięto : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=9
Klucz Usunięto : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Klucz Usunięto : HKCU\Software\5a55de8de73fe448
Klucz Usunięto : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_dla_ace-of-spades_RASAPI32
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_dla_ace-of-spades_RASMANCS
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_dla_alien-shooter-ii_RASAPI32
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_dla_alien-shooter-ii_RASMANCS
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_dla_jazz-jackrabbit-2_RASAPI32
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_dla_jazz-jackrabbit-2_RASMANCS
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_dla_tag-the-power-of-paint_RASAPI32
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_dla_tag-the-power-of-paint_RASMANCS
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_dla_the-sims-3(1)_RASAPI32
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_dla_the-sims-3(1)_RASMANCS
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_dla_the-sims-3-patch_RASAPI32
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_dla_the-sims-3-patch_RASMANCS
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_dla_ventrilo-2-1-4_RASAPI32
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_dla_ventrilo-2-1-4_RASMANCS
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_osu_RASAPI32
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_osu_RASMANCS
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_roblox (1)_RASAPI32
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_roblox (1)_RASMANCS
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_roblox_RASAPI32
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_roblox_RASMANCS
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_steam_RASAPI32
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_steam_RASMANCS
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_stronghold-crusader_RASAPI32
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_stronghold-crusader_RASMANCS
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{A2773ED4-83BD-488A-A186-73590706C916}
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{0D89DE71-3D99-4288-84DC-F18F1047A7D8}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{1E0C9B2A-6447-452C-B012-2314A0C29412}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{34A8CEB6-89BB-49F1-B5E4-0D0D6C21F3B1}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{3A4DBD3A-98CC-41CE-AD21-352D42B6F754}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{4F8A50F6-69DE-4BE3-A33A-A1079B9AC0DB}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{501CB57A-D4E2-4855-96AD-EDB0A9083395}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{6FF2C4DD-77A4-4BB5-BA4C-B42DEFBF9137}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{83ABA270-8390-4CA6-AE48-FC089F55629E}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{8B218A5F-1A3D-4347-94EF-A79575EB8094}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{9BDB5E09-4BBA-4422-8C2B-529B281C32B8}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{9CF699CA-2174-4ED8-BEC1-BA82095EDCE0}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{C536F080-57B7-46D6-8894-C647553F2889}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{CA4520F3-AE13-4FB1-A513-58E23991C86D}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{CA5D945F-E738-4D0B-A0B5-25AC51C64659}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{F7698761-4ABA-45C2-A5BB-D2163922C725}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{FFCC53E6-2655-47FC-A89B-54E8D7F305D1}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{130A876E-28F8-41F2-911D-084E557B057A}
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{A75BECDC-7CB5-482E-BECA-95D1C12B9EA1}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{462862BE-9A5C-49A5-9CBD-A649EAC63645}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{0113A098-06EA-4776-A011-D75590778F1E}
Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3}
Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{BEAA0C04-ED15-4C17-800B-28716025A4E4}
Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA4520F3-AE13-4FB1-A513-58E23991C86D}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{130A876E-28F8-41F2-911D-084E557B057A}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2316C625-B487-4410-A1A5-FF040B65245F}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403A-B9D2-65C292C39087}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4D6A9BBF-402C-4301-B1EF-28D04F71D761}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CF699CA-2174-4ED8-BEC1-BA82095EDCE0}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA4520F3-AE13-4FB1-A513-58E23991C86D}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7FC85E96-D7D7-62AC-EADC-A2E4E8AC706D}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{90A63824-E0BD-2D7C-F2CC-40EF00B8D628}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403A-B9D2-65C292C39087}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D6A9BBF-402C-4301-B1EF-28D04F71D761}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CF699CA-2174-4ED8-BEC1-BA82095EDCE0}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CA4520F3-AE13-4FB1-A513-58E23991C86D}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7FC85E96-D7D7-62AC-EADC-A2E4E8AC706D}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{90A63824-E0BD-2D7C-F2CC-40EF00B8D628}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A75BECDC-7CB5-482E-BECA-95D1C12B9EA1}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C536F080-57B7-46D6-8894-C647553F2889}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C87FC351-A80D-43E9-9A86-CF1E29DC443A}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A50E4624-7641-4FF0-AFB0-33DF7825C5F0}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DA575BEA-11BB-4535-96C6-5996C174551C}
Klucz Usunięto : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Klucz Usunięto : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klucz Usunięto : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klucz Usunięto : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AA74FE59-BC4C-4172-9AC4-73315F71CFFE}
Klucz Usunięto : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA74FE59-BC4C-4172-9AC4-73315F71CFFE}
Wartość Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{82E1477C-B154-48D3-9891-33D83C26BCD3}]
Wartość Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Wartość Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}]
Wartość Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{130A876E-28F8-41F2-911D-084E557B057A}]
Wartość Usunięto : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Wartość Usunięto : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Wartość Usunięto : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Wartość Usunięto : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{130A876E-28F8-41F2-911D-084E557B057A}]
Wartość Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{130A876E-28F8-41F2-911D-084E557B057A}]
Dane Przywrócono : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Klucz Usunięto : HKCU\Software\1ClickDownload
Klucz Usunięto : HKCU\Software\anchorfree
Klucz Usunięto : HKCU\Software\APN PIP
Klucz Usunięto : HKCU\Software\AVG Secure Search
Klucz Usunięto : HKCU\Software\BabSolution
Klucz Usunięto : HKCU\Software\DealPly
Klucz Usunięto : HKCU\Software\DealPlyLive
Klucz Usunięto : HKCU\Software\Delta
Klucz Usunięto : HKCU\Software\Funmoods
Klucz Usunięto : HKCU\Software\IM
Klucz Usunięto : HKCU\Software\ImInstaller
Klucz Usunięto : HKCU\Software\InstallCore
Klucz Usunięto : HKCU\Software\lollipop
Klucz Usunięto : HKCU\Software\MediaFinder
Klucz Usunięto : HKCU\Software\ProtectedSearch
Klucz Usunięto : HKCU\Software\Softonic
Klucz Usunięto : HKCU\Software\Somoto
Klucz Usunięto : HKCU\Software\WebConnect
Klucz Usunięto : HKCU\Software\AppDataLow\SProtector
Klucz Usunięto : HKCU\Software\AppDataLow\Software\BackgroundContainer
Klucz Usunięto : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Klucz Usunięto : HKCU\Software\AppDataLow\Software\Crossrider
Klucz Usunięto : HKCU\Software\AppDataLow\Software\simplytech
Klucz Usunięto : HKCU\Software\AppDataLow\Software\SmartBar
Klucz Usunięto : HKCU\Software\AppDataLow\Software\Fun_Media_Bar_V10
Klucz Usunięto : HKLM\Software\AVG Secure Search
Klucz Usunięto : HKLM\Software\Babylon
Klucz Usunięto : HKLM\Software\BetterSurf
Klucz Usunięto : HKLM\Software\DealPly
Klucz Usunięto : HKLM\Software\DealPlyLive
Klucz Usunięto : HKLM\Software\Delta
Klucz Usunięto : HKLM\Software\delta-homesSoftware
Klucz Usunięto : HKLM\Software\dt soft\daemon tools toolbar
Klucz Usunięto : HKLM\Software\Funmoods
Klucz Usunięto : HKLM\Software\Iminent
Klucz Usunięto : HKLM\Software\PIP
Klucz Usunięto : HKLM\Software\qone8Software
Klucz Usunięto : HKLM\Software\SimplyGen
Klucz Usunięto : HKLM\Software\SProtector
Klucz Usunięto : HKLM\Software\supWPM
Klucz Usunięto : HKLM\Software\systweak
Klucz Usunięto : HKLM\Software\Tarma Installer
Klucz Usunięto : HKLM\Software\Uniblue
Klucz Usunięto : HKLM\Software\Web Assistant
Klucz Usunięto : HKLM\Software\WebConnect
Klucz Usunięto : HKLM\Software\Fun_Media_Bar_V10
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\lollipop
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B49962AF-CAB9-44DE-8729-A4369F44BA0D}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C3F3165C-74D3-6FDB-3274-14FDA8698CFA}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Protected Search_is1
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebConnect

***** [ Przeglądarki internetowe ] *****

-\\ Internet Explorer v10.0.9200.16750

Ustawienie Przywrócono : HKCU\Software\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
Ustawienie Przywrócono : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
Ustawienie Przywrócono : HKCU\Software\Microsoft\Internet Explorer\Search [Start Page]
Ustawienie Przywrócono : HKCU\Software\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Ustawienie Przywrócono : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Ustawienie Przywrócono : HKCU\Software\Microsoft\Internet Explorer\Search [Search Bar]
Ustawienie Przywrócono : HKCU\Software\Microsoft\Internet Explorer\Search [Search Page]
Ustawienie Przywrócono : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Page]
Ustawienie Przywrócono : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Ustawienie Przywrócono : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Bar]
Ustawienie Przywrócono : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page]
Ustawienie Przywrócono : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [(Default)]
Ustawienie Przywrócono : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)]

-\\ Mozilla Firefox v

*************************

AdwCleaner[R0].txt - [49345 octets] - [20/01/2014 12:34:53]
AdwCleaner[S0].txt - [45966 octets] - [20/01/2014 12:36:51]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [46027 octets] ##########

Post20 sty 2014, 12:48

nie wiem, czy zauważyłeś moje następne zalecenia w moim poprzednim poście?

F.

Post20 sty 2014, 13:14

Widziałem i zrobiłem to co kazałeś. Ale nie dam logu ze OTL ponieważ jak go robiłem prąd w domu mi wywalił.
Ale zauważyłem poprawę. Nawet nie poprawe wszystko działa ale mam pytanie. Na pulpicie pojawiły mi się 2 pliki
desktop.ini z pół przezroczystymi ikonami. Jak chcesz mogę spróbować zrobić 2 raz to z OTL.
To co mi się pojawiło na pulpicie:

Kod: Zaznacz cały

[.ShellClassInfo]
LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21799

[LocalizedFileNames]

i

Kod: Zaznacz cały

[.ShellClassInfo]
LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21769
IconResource=%SystemRoot%\system32\imageres.dll,-183

[LocalizedFileNames]

Post20 sty 2014, 13:23

te desktop.ini możesz usunąć ręcznie, to efekt OTL.

Zrób nowy log z OTL.

F.

Post20 sty 2014, 13:38

desktop.ini pojawiły się bo odznaczyło się aby ukryte foldery i pliki były dalej ukryte. A nowego log'a już robię.

--Edit--
Log:

Kod: Zaznacz cały

OTL logfile created on: 2014-01-20 13:17:56 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = D:\
 Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16750)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
2,00 Gb Total Physical Memory | 0,85 Gb Available Physical Memory | 42,42% Memory free
4,00 Gb Paging File | 2,32 Gb Available in Paging File | 57,98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 48,73 Gb Total Space | 15,62 Gb Free Space | 32,05% Space Free | Partition Type: NTFS
Drive D: | 184,05 Gb Total Space | 117,03 Gb Free Space | 63,58% Space Free | Partition Type: NTFS
 
Computer Name: PC-KOMPUTER | User Name: PC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2014-01-20 10:05:46 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2014-01-20 09:05:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\OTL.exe
PRC - [2014-01-16 13:10:49 | 044,986,208 | ---- | M] (Opera Software) -- C:\Program Files\Opera Next\19.0.1326.34\opera.exe
PRC - [2014-01-16 13:10:49 | 001,378,144 | ---- | M] () -- C:\Program Files\Opera Next\19.0.1326.34\opera_crashreporter.exe
PRC - [2014-01-05 07:31:06 | 001,142,864 | ---- | M] (BitTorrent Inc.) -- C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe
PRC - [2013-12-19 19:37:25 | 001,819,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2013-12-19 19:37:25 | 000,930,592 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2013-12-19 12:20:16 | 000,411,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013-12-10 03:22:32 | 002,279,712 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2013-12-10 03:21:14 | 001,494,304 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2013-12-10 03:20:56 | 014,658,848 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
PRC - [2013-09-06 15:51:58 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2013-08-14 14:19:22 | 000,039,056 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2013-08-02 01:52:57 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2012-10-02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012-01-06 23:16:31 | 000,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2012-01-06 23:16:30 | 000,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe
PRC - [2012-01-06 23:16:26 | 002,042,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
PRC - [2012-01-06 23:16:26 | 000,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2012-01-06 23:16:24 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2012-01-06 23:16:23 | 001,370,488 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgfws8.exe
PRC - [2012-01-06 23:16:23 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe
PRC - [2012-01-06 23:16:22 | 000,832,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgam.exe
PRC - [2010-11-20 22:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010-11-20 22:29:07 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
PRC - [2010-04-01 10:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2014-01-16 13:10:51 | 000,907,616 | ---- | M] () -- C:\Program Files\Opera Next\19.0.1326.34\libGLESv2.dll
MOD - [2014-01-16 13:10:51 | 000,108,896 | ---- | M] () -- C:\Program Files\Opera Next\19.0.1326.34\libEGL.dll
MOD - [2014-01-16 13:10:50 | 000,890,208 | ---- | M] () -- C:\Program Files\Opera Next\19.0.1326.34\ffmpegsumo.dll
MOD - [2014-01-16 13:10:49 | 001,378,144 | ---- | M] () -- C:\Program Files\Opera Next\19.0.1326.34\opera_crashreporter.exe
MOD - [2013-12-10 18:56:34 | 016,242,056 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_9_900_170.dll
MOD - [2011-07-18 22:04:08 | 000,296,448 | ---- | M] () -- D:\Programy\Notepad++\NppShell_04.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - File not found [Disabled | Stopped] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe -- (vToolbarUpdater13.2.0)
SRV - File not found [Auto | Stopped] -- C:\Program Files\WebConnect\bin\utilWebConnect.exe -- (Util WebConnect)
SRV - [2013-12-19 12:20:16 | 000,411,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013-12-10 18:56:34 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-12-10 03:21:14 | 001,494,304 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2013-12-10 03:20:56 | 014,658,848 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV - [2013-11-29 16:20:40 | 001,664,336 | ---- | M] (LogMeIn Inc.) [Auto | Stopped] -- D:\Programy\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2013-11-26 06:06:38 | 000,569,768 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013-09-05 09:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013-08-14 14:19:22 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2013-05-27 05:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012-10-02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012-01-06 23:16:24 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2012-01-06 23:16:23 | 001,370,488 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgfws8.exe -- (avgfws8)
SRV - [2012-01-06 23:16:23 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc)
SRV - [2012-01-06 22:52:33 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011-08-02 05:24:00 | 003,889,424 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2009-07-14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva397.sys -- (XDva397)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | On_Demand | Unknown] --  -- (ag0ymsfp)
DRV - [2013-12-19 21:26:04 | 010,471,712 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2013-12-05 09:42:30 | 000,034,080 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvvad32v.sys -- (nvvad_WaveExtensible)
DRV - [2013-10-31 20:30:09 | 000,013,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\apf003.sys -- (apf003)
DRV - [2013-04-24 20:25:44 | 000,037,064 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\taphss6.sys -- (taphss6)
DRV - [2013-04-15 10:50:32 | 000,113,608 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2012-11-08 13:10:20 | 000,026,984 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2012-01-06 23:16:30 | 000,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2012-01-06 23:16:30 | 000,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2012-01-06 23:16:26 | 000,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2012-01-06 23:16:23 | 000,023,832 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgfwd6x.sys -- (Avgfwfd)
DRV - [2012-01-06 23:16:22 | 000,012,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (AvgRkx86)
DRV - [2012-01-06 23:06:15 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2010-11-20 22:29:34 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010-11-20 22:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010-11-20 22:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010-11-20 22:29:03 | 000,112,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - [2010-11-20 22:29:03 | 000,077,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV - [2010-11-20 22:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010-11-20 22:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010-11-20 22:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010-11-20 22:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010-11-20 22:29:03 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\terminpt.sys -- (terminpt)
DRV - [2010-11-20 22:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010-11-20 22:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010-03-04 11:26:56 | 000,296,936 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET)
DRV - [2010-01-27 03:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (npf)
DRV - [2009-07-13 23:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009-03-18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\..\URLSearchHook: {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - No CLSID value found
IE - HKCU\..\URLSearchHook: {51a86bb3-6602-4c85-92a5-130ee4864f13} - No CLSID value found
IE - HKCU\..\URLSearchHook: {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = 
IE - HKCU\..\SearchScopes\${searchCLSID}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{2B9035E9-89B4-4F1F-A5E1-54747F96D611}: "URL" = http://start.funmoods.com/results.php?f=4&a=ironto&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@nsroblox.roblox.com/launcher: C:\Program Files\Roblox\Versions\version-8031f568a8214a5f\\NPRobloxProxy.dll ()
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: D:\Programy\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\fbphotozoom@installdaddy.com: C:\Program Files\fbphotozoom\fbphotozoom13.xpi
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-09-06 15:52:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013-09-06 15:52:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\ext@bettersurfplus.com: C:\Program Files\BetterSurf\BetterSurfPlus\ff
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\ext@WebexpEnhancedV1alpha777.net: C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha777\ff [2013-12-19 18:30:14 | 000,000,000 | ---D | M]
 
[2012-03-05 18:50:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\Extensions
[2014-01-20 12:37:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\m44pjsjq.default\extensions
[2013-08-24 13:55:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
 
O1 HOSTS File: ([2012-01-06 22:52:37 | 000,000,864 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 validation.sls.microsoft.com
O2 - BHO: (Better Surf Plus) - {1824FF90-C98E-48A6-838F-E3B6572B0C77} - C:\Program Files\BetterSurf\BetterSurfPlus\ie\BetterSrf.dll File not found
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Webexp Enhanced) - {3e27aade-f97d-444e-863b-360db6183445} - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha777\ie\WebexpEnhancedV1alpha777.dll ()
O2 - BHO: (keepvid.com) - {49ed9900-38cd-453c-bba7-3f2613317f5a} - C:\Windows\system32\keepvid.dll File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {51A86BB3-6602-4C85-92A5-130EE4864F13} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {57CC715D-37CA-44E4-9EC2-8C2CBDDB25EC} - No CLSID value found.
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] D:\Programy\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [NvBackend] C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [ShadowPlay] C:\Windows\System32\nvspcap.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [uTorrent] C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9E19EE7F-4C16-4F5D-AC91-92243823B682}: DhcpNameServer = 192.168.100.252
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22 - SharedTaskScheduler: {1984D045-52CF-49cd-DB77-08F378FEA4DB} - ObjectDockShellExt - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2014-01-20 10:33:27 | 000,371,882 | ---- | M] () - D:\Autoruns.png -- [ NTFS ]
O33 - MountPoints2\{4e5eb899-38b5-11e1-aa49-001d7dbef115}\Shell - "" = AutoRun
O33 - MountPoints2\{4e5eb899-38b5-11e1-aa49-001d7dbef115}\Shell\AutoRun\command - "" = K:\autorun.exe
O33 - MountPoints2\{babb51f5-683f-11e1-8654-001d7dbef115}\Shell - "" = AutoRun
O33 - MountPoints2\{babb51f5-683f-11e1-8654-001d7dbef115}\Shell\AutoRun\command - "" = G:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2014-01-20 12:34:50 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014-01-20 10:51:48 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Remover
[2014-01-20 10:44:39 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2014-01-20 10:15:37 | 000,000,000 | ---D | C] -- C:\Windows\System32\MRT
[2014-01-20 10:06:37 | 000,745,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2014-01-20 10:06:37 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\elshyph.dll
[2014-01-20 10:06:36 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2014-01-20 10:06:36 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2014-01-20 10:06:35 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014-01-20 10:06:35 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2014-01-20 10:06:35 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2014-01-20 10:06:35 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2014-01-20 10:06:35 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014-01-20 10:06:34 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014-01-20 10:06:33 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014-01-20 10:06:33 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014-01-20 10:06:33 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2014-01-20 10:06:33 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2014-01-20 10:06:33 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2014-01-20 10:06:32 | 002,877,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014-01-20 10:06:32 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014-01-20 10:06:32 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2014-01-20 10:06:32 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2014-01-20 10:06:32 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2014-01-20 10:06:32 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2014-01-20 10:06:32 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2014-01-20 10:06:32 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2014-01-20 10:06:32 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2014-01-20 10:06:31 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014-01-20 10:06:31 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2014-01-20 10:06:31 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2014-01-20 10:06:31 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2014-01-20 10:06:31 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2014-01-20 10:06:31 | 000,242,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2014-01-20 10:06:31 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2014-01-20 10:06:31 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2014-01-20 10:06:31 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2014-01-20 10:06:31 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014-01-20 10:06:31 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014-01-20 10:06:31 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2014-01-20 10:05:46 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
[2014-01-20 10:03:35 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2014-01-20 10:03:35 | 003,913,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2014-01-20 10:03:02 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmpeg2vdec.dll
[2014-01-20 10:03:02 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2014-01-20 10:03:02 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2014-01-20 10:03:02 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014-01-20 10:03:02 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014-01-20 10:03:02 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014-01-20 10:03:02 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014-01-20 10:03:02 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
[2014-01-20 10:03:02 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014-01-20 10:03:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
[2014-01-20 10:03:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014-01-20 10:03:02 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014-01-20 10:03:01 | 001,247,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2014-01-20 10:03:01 | 001,080,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2014-01-20 10:03:01 | 000,604,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2014-01-20 10:03:01 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2014-01-20 10:03:01 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2014-01-20 10:03:01 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2014-01-20 10:03:01 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2014-01-20 10:03:01 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2014-01-20 10:03:00 | 003,419,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2014-01-20 10:03:00 | 001,988,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2014-01-20 10:03:00 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2014-01-20 10:03:00 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
[2014-01-20 10:00:36 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2014-01-20 09:54:38 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2014-01-20 09:54:38 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2014-01-20 09:53:06 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2014-01-20 09:53:06 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2014-01-20 09:53:06 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2014-01-20 09:53:06 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2014-01-20 09:53:06 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2014-01-20 09:53:06 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2014-01-20 09:53:06 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2014-01-20 09:53:06 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2014-01-20 09:53:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2014-01-20 09:53:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2014-01-20 09:53:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2014-01-20 09:53:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2014-01-20 09:53:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2014-01-20 09:53:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2014-01-20 09:53:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2014-01-20 09:53:05 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2014-01-20 09:53:05 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2014-01-20 09:53:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2014-01-20 09:53:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2014-01-20 09:53:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2014-01-20 09:53:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2014-01-20 09:53:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2014-01-20 09:53:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2014-01-20 09:53:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2014-01-20 09:53:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2014-01-20 09:53:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2014-01-20 09:53:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2014-01-20 09:53:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2014-01-20 09:53:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2014-01-20 09:53:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2014-01-20 09:52:58 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2014-01-20 09:52:58 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wdfres.dll
[2014-01-20 09:51:40 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2014-01-20 09:51:40 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2014-01-20 09:51:33 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll
[2014-01-20 09:51:33 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2014-01-20 09:51:18 | 000,918,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorets.dll
[2014-01-20 09:50:59 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe
[2014-01-20 09:50:47 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshwfp.dll
[2014-01-20 09:50:47 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2014-01-20 09:50:35 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcjt32.dll
[2014-01-20 09:50:35 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbctrac.dll
[2014-01-20 09:50:35 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2014-01-20 09:50:35 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccu32.dll
[2014-01-20 09:50:35 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccr32.dll
[2014-01-20 09:50:28 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2014-01-20 09:50:17 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll
[2014-01-20 09:50:17 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2014-01-20 09:50:17 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrmemptylst.exe
[2014-01-20 09:50:05 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll
[2014-01-20 09:34:53 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2014-01-20 09:34:53 | 000,101,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2014-01-20 09:18:55 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2014-01-20 09:18:55 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2014-01-20 09:18:46 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2014-01-20 09:18:46 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2014-01-20 09:18:46 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2014-01-20 09:18:39 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2014-01-20 09:18:39 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2014-01-20 07:36:00 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2014-01-20 07:35:49 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2014-01-20 07:35:49 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2014-01-20 07:35:49 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2014-01-18 09:58:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2014-01-17 19:16:57 | 000,982,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvspcap.dll
[2014-01-17 19:16:27 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\NVIDIA
[2014-01-17 19:15:50 | 000,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies
[2014-01-17 19:10:16 | 000,034,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvvad32v.sys
[2014-01-17 19:10:16 | 000,032,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvaudcap32v.dll
[2014-01-17 19:10:11 | 022,960,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2014-01-17 19:10:11 | 010,471,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2014-01-17 19:10:11 | 009,657,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvopencl.dll
[2014-01-17 19:10:11 | 000,893,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispgenco3233221.dll
[2014-01-17 19:10:11 | 000,852,768 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NvIFR.dll
[2014-01-17 19:10:11 | 000,847,648 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NvFBC.dll
[2014-01-17 19:10:10 | 002,947,872 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2014-01-17 19:10:10 | 002,747,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2014-01-17 19:10:10 | 001,049,888 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco3233221.dll
[2014-01-17 19:10:07 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2014-01-17 18:56:57 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Borderlands.2.Incl.All.24.DLC.[1.7].W.B.Repack
[2014-01-17 16:14:02 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
[2014-01-16 15:26:10 | 000,000,000 | -HSD | C] -- C:\Users\PC\wc
[2014-01-16 15:26:04 | 000,000,000 | ---D | C] -- C:\Users\PC\Documents\Universe Sandbox
[2014-01-16 15:26:04 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\Universe Sandbox
[2013-12-31 17:21:03 | 000,000,000 | ---D | C] -- C:\Users\PC\Documents\Amnesia
[2013-12-31 17:16:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Frictional Games
[2013-12-26 08:23:47 | 000,000,000 | ---D | C] -- C:\Users\PC\minecraft
[2013-12-25 17:26:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlast PL [BDIP]
[2013-10-14 13:57:07 | 008,581,632 | ---- | C] (Digia Plc and/or its subsidiary(-ies)) -- C:\Users\PC\AppData\Local\QtGui4.dll
[2013-10-14 13:57:07 | 001,053,696 | ---- | C] (Digia Plc and/or its subsidiary(-ies)) -- C:\Users\PC\AppData\Local\QtNetwork4.dll
[2013-10-14 13:57:06 | 002,598,912 | ---- | C] (Digia Plc and/or its subsidiary(-ies)) -- C:\Users\PC\AppData\Local\QtCore4.dll
[2013-10-14 13:57:06 | 001,122,304 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\Users\PC\AppData\Local\libeay32.dll
[2013-10-14 13:57:06 | 000,773,968 | ---- | C] (Microsoft Corporation) -- C:\Users\PC\AppData\Local\msvcr100.dll
[2013-10-14 13:57:06 | 000,274,432 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\Users\PC\AppData\Local\ssleay32.dll
[2013-10-14 13:57:05 | 000,421,200 | ---- | C] (Microsoft Corporation) -- C:\Users\PC\AppData\Local\msvcp100.dll
[2012-03-14 18:36:57 | 002,371,152 | ---- | C] (DownVision                                                  ) -- C:\Users\PC\AppData\Local\setup.exe
[1 C:\Users\PC\AppData\Local\*.tmp files -> C:\Users\PC\AppData\Local\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2014-01-20 13:25:01 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014-01-20 13:07:10 | 000,001,028 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014-01-20 13:05:31 | 000,001,024 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014-01-20 13:05:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014-01-20 13:05:11 | 1610,260,480 | -HS- | M] () -- C:\hiberfil.sys
[2014-01-20 11:11:56 | 000,019,522 | ---- | M] () -- C:\Users\PC\Documents\20 stycznia 2014  !!!!!.reg
[2014-01-20 11:04:00 | 000,023,680 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014-01-20 11:04:00 | 000,023,680 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014-01-20 11:02:40 | 000,355,088 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014-01-20 10:51:54 | 000,001,843 | ---- | M] () -- C:\Users\PC\Desktop\AD-R.lnk
[2014-01-20 10:06:37 | 000,745,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2014-01-20 10:06:37 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\elshyph.dll
[2014-01-20 10:06:36 | 000,158,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2014-01-20 10:06:36 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2014-01-20 10:06:35 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014-01-20 10:06:35 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2014-01-20 10:06:35 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2014-01-20 10:06:35 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2014-01-20 10:06:35 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014-01-20 10:06:34 | 000,493,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014-01-20 10:06:33 | 002,706,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014-01-20 10:06:33 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014-01-20 10:06:33 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2014-01-20 10:06:33 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2014-01-20 10:06:33 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2014-01-20 10:06:32 | 002,877,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014-01-20 10:06:32 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014-01-20 10:06:32 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2014-01-20 10:06:32 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2014-01-20 10:06:32 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2014-01-20 10:06:32 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2014-01-20 10:06:32 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2014-01-20 10:06:32 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2014-01-20 10:06:32 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2014-01-20 10:06:31 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014-01-20 10:06:31 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2014-01-20 10:06:31 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2014-01-20 10:06:31 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2014-01-20 10:06:31 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2014-01-20 10:06:31 | 000,242,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2014-01-20 10:06:31 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2014-01-20 10:06:31 | 000,226,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2014-01-20 10:06:31 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2014-01-20 10:06:31 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014-01-20 10:06:31 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014-01-20 10:06:31 | 000,025,185 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2014-01-20 10:06:31 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2014-01-20 10:05:46 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
[2014-01-20 10:03:35 | 003,968,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2014-01-20 10:03:35 | 003,913,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2014-01-20 10:03:02 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msmpeg2vdec.dll
[2014-01-20 10:03:02 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2014-01-20 10:03:02 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2014-01-20 10:03:02 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014-01-20 10:03:02 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014-01-20 10:03:02 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014-01-20 10:03:02 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014-01-20 10:03:02 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
[2014-01-20 10:03:02 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014-01-20 10:03:02 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
[2014-01-20 10:03:02 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014-01-20 10:03:02 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014-01-20 10:03:01 | 001,247,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2014-01-20 10:03:01 | 001,080,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2014-01-20 10:03:01 | 000,604,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2014-01-20 10:03:01 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2014-01-20 10:03:01 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2014-01-20 10:03:01 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2014-01-20 10:03:01 | 000,207,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2014-01-20 10:03:01 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2014-01-20 10:03:00 | 003,419,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2014-01-20 10:03:00 | 001,988,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2014-01-20 10:03:00 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2014-01-20 10:03:00 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
[2014-01-20 10:00:36 | 001,505,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2014-01-20 08:48:11 | 002,733,566 | ---- | M] () -- C:\Users\PC\Documents\AutoRuns.arn
[2014-01-20 07:35:26 | 000,027,408 | ---- | M] () -- C:\Users\PC\Documents\rejestr 20 styczenien 2014.reg
[2014-01-17 16:14:02 | 000,000,704 | ---- | M] () -- C:\Users\Public\Desktop\WarThunder.lnk
[2014-01-08 12:55:02 | 000,000,080 | ---- | M] () -- C:\Users\PC\AppData\Roaming\WB.CFG
[2014-01-06 20:20:50 | 000,002,885 | ---- | M] () -- C:\Users\PC\AppData\Local\recently-used.xbel
[1 C:\Users\PC\AppData\Local\*.tmp files -> C:\Users\PC\AppData\Local\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2014-01-20 11:11:53 | 000,019,522 | ---- | C] () -- C:\Users\PC\Documents\20 stycznia 2014  !!!!!.reg
[2014-01-20 10:51:54 | 000,001,843 | ---- | C] () -- C:\Users\PC\Desktop\AD-R.lnk
[2014-01-20 10:06:31 | 000,025,185 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2014-01-20 09:52:58 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2014-01-20 08:48:11 | 002,733,566 | ---- | C] () -- C:\Users\PC\Documents\AutoRuns.arn
[2014-01-20 07:35:24 | 000,027,408 | ---- | C] () -- C:\Users\PC\Documents\rejestr 20 styczenien 2014.reg
[2014-01-17 16:14:02 | 000,000,704 | ---- | C] () -- C:\Users\Public\Desktop\WarThunder.lnk
[2014-01-16 15:25:51 | 000,000,808 | ---- | C] () -- C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Universe Sandbox.lnk
[2014-01-06 20:20:50 | 000,002,885 | ---- | C] () -- C:\Users\PC\AppData\Local\recently-used.xbel
[2014-01-05 07:31:57 | 000,001,091 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 18.lnk
[2013-12-18 13:55:02 | 000,000,080 | ---- | C] () -- C:\Users\PC\AppData\Roaming\WB.CFG
[2013-12-15 13:12:11 | 000,201,802 | ---- | C] () -- C:\Windows\System32\poclbm130302GeForce 8600 GTSv1w256l4.bin
[2013-11-24 11:19:27 | 000,000,000 | ---- | C] () -- C:\Users\PC\AppData\Local\{E17F26D6-0A97-4B34-909B-B81C7F72C589}
[2013-10-31 20:30:09 | 000,016,304 | ---- | C] () -- C:\Windows\System32\apl003.sys
[2013-10-31 20:30:09 | 000,013,232 | ---- | C] () -- C:\Windows\System32\apf003.sys
[2013-10-14 15:07:37 | 000,217,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2013-10-14 14:00:27 | 000,020,799 | ---- | C] () -- C:\Windows\System32\main.dat
[2013-10-14 14:00:27 | 000,000,448 | ---- | C] () -- C:\Windows\System32\user.dat
[2013-10-14 13:57:20 | 000,000,450 | RHS- | C] () -- C:\Users\PC\ntuser.pol
[2013-10-14 13:57:18 | 000,013,077 | ---- | C] () -- C:\Users\PC\AppData\Local\helper.dat
[2013-10-14 13:57:06 | 000,108,032 | ---- | C] () -- C:\Users\PC\AppData\Local\ContentAgent.exe
[2013-10-05 05:51:29 | 000,012,005 | ---- | C] () -- C:\Users\PC\AppData\Roaming\alsoft.ini
[2013-06-09 10:29:08 | 043,980,197 | ---- | C] () -- C:\Users\PC\AppData\Roaming\.minecraft.rar
[2013-05-18 08:19:08 | 000,000,000 | ---- | C] () -- C:\Windows\zSpy.INI
[2013-05-16 13:15:00 | 000,000,098 | ---- | C] () -- C:\Windows\h3maped.INI
[2013-05-07 16:06:17 | 000,007,605 | ---- | C] () -- C:\Users\PC\AppData\Local\Resmon.ResmonCfg
[2013-05-01 12:01:51 | 000,000,256 | ---- | C] () -- C:\Windows\_delis32.ini
[2013-04-29 18:15:53 | 000,000,001 | ---- | C] () -- C:\Windows\System32\SI.bin
[2013-04-19 19:45:40 | 000,086,016 | ---- | C] () -- C:\Windows\System32\1899.dll
[2013-04-15 20:41:57 | 000,086,016 | ---- | C] () -- C:\Windows\System32\2067.dll
[2013-04-15 20:41:18 | 000,086,016 | ---- | C] () -- C:\Windows\System32\264.dll
[2013-04-12 19:08:45 | 000,202,240 | ---- | C] () -- C:\Windows\System32\patchw32.dll
[2013-04-12 19:08:28 | 000,349,696 | ---- | C] () -- C:\Windows\System32\mss32.dll
[2013-04-12 19:08:24 | 003,167,501 | ---- | C] () -- C:\Windows\System32\metin2.bin
[2013-01-11 10:17:59 | 000,011,264 | ---- | C] () -- C:\Windows\Launcher.exe
[2012-11-14 14:44:31 | 000,000,147 | ---- | C] () -- C:\Windows\WA.INI
[2012-11-10 18:13:58 | 000,040,960 | ---- | C] () -- C:\Windows\System32\psfind.dll
[2012-11-03 12:52:26 | 000,138,032 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2012-11-03 12:52:25 | 000,138,056 | ---- | C] () -- C:\Users\PC\AppData\Roaming\PnkBstrK.sys
[2012-10-14 09:15:32 | 001,582,899 | ---- | C] () -- C:\Windows\WANEUninstaller.exe
[2012-08-16 19:24:13 | 000,281,688 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2012-08-16 19:24:00 | 000,076,888 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2012-08-16 16:15:49 | 000,893,394 | ---- | C] () -- C:\Windows\System32\osu!.exe.zip
[2012-08-16 16:15:41 | 000,954,748 | ---- | C] () -- C:\Windows\System32\osu!test.exe.zip
[2012-08-16 16:13:37 | 015,265,249 | ---- | C] () -- C:\Windows\System32\osu.dll.zip
[2012-08-16 16:13:37 | 004,409,856 | ---- | C] () -- C:\Windows\System32\avcodec-51.dll
[2012-08-16 16:13:37 | 000,711,680 | ---- | C] () -- C:\Windows\System32\avformat-52.dll
[2012-08-16 16:13:37 | 000,062,464 | ---- | C] () -- C:\Windows\System32\avutil-49.dll
[2012-08-16 16:13:20 | 000,012,520 | ---- | C] () -- C:\Windows\System32\osu!framework.dll
[2012-08-16 16:12:55 | 000,294,632 | ---- | C] () -- C:\Windows\System32\_osume.exe
[2012-08-13 10:48:04 | 000,000,019 | ---- | C] () -- C:\Windows\D.ini
[2012-07-26 10:56:52 | 000,280,869 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2012-07-23 08:25:34 | 000,000,000 | ---- | C] () -- C:\Windows\System32\Access.dat
[2012-07-21 15:43:05 | 000,000,126 | ---- | C] () -- C:\Users\PC\wxDownloadFast.ini
[2012-07-09 09:24:17 | 000,008,192 | ---- | C] () -- C:\Windows\d3dx.dat
[2012-04-29 18:38:24 | 000,000,563 | ---- | C] () -- C:\Windows\SIERRA.INI
[2012-04-14 08:08:31 | 000,000,021 | ---- | C] () -- C:\Users\PC\AppData\Roaming\fexec.dat
[2012-03-14 18:37:04 | 000,006,439 | ---- | C] () -- C:\Users\PC\AppData\Local\angielskie.nazwy.miast.w.skyrim.torrent
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009-07-14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013-07-26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 22:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >

Jest możliwość że nie cały skrypt się wtedy wykonał. Może spróbować znowu?

Post20 sty 2014, 13:55

Uruchom OTL i w oknie Własne opcje skanowania/Skrypt wklej to:

:OTL
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {51A86BB3-6602-4C85-92A5-130EE4864F13} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {57CC715D-37CA-44E4-9EC2-8C2CBDDB25EC} - No CLSID value found.
O2 - BHO: (Webexp Enhanced) - {3e27aade-f97d-444e-863b-360db6183445} - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha777\ie\WebexpEnhancedV1alpha777.dll ()
O2 - BHO: (keepvid.com) - {49ed9900-38cd-453c-bba7-3f2613317f5a} - C:\Windows\system32\keepvid.dll File not found
O2 - BHO: (Better Surf Plus) - {1824FF90-C98E-48A6-838F-E3B6572B0C77} - C:\Program Files\BetterSurf\BetterSurfPlus\ie\BetterSrf.dll File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\ext@bettersurfplus.com: C:\Program Files\BetterSurf\BetterSurfPlus\ff
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\ext@WebexpEnhancedV1alpha777.net: C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha777\ff [2013-12-19 18:30:14 | 000,000,000 | ---D | M]
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - No CLSID value found
IE - HKCU\..\URLSearchHook: {51a86bb3-6602-4c85-92a5-130ee4864f13} - No CLSID value found
IE - HKCU\..\URLSearchHook: {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - No CLSID value found
IE - HKLM\..\URLSearchHook: - No CLSID value found
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva397.sys -- (XDva397)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ag0ymsfp)
SRV - File not found [Disabled | Stopped] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe -- (vToolbarUpdater13.2.0)
SRV - File not found [Auto | Stopped] -- C:\Program Files\WebConnect\bin\utilWebConnect.exe -- (Util WebConnect)

:Files
C:\Program Files\WebexpEnhancedV1

:Reg
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{2B9035E9-89B4-4F1F-A5E1-54747F96D611}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"

:Commands
[emptytemp]

Kliknij w Wykonaj Skrypt.

Raportu z tego już nie dawaj, kończymy:
W Adw-Cleaner kliknij na przycisk Odinstaluj (UNINSTALL)
W OTL kliknij na przycisk Sprzątanie - to go usunie razem z jego Kwarantanną.

F.

Post21 sty 2014, 11:47

Dzięki wielkie. Mam nadzieje że znowu nie wywali prądu.
--Edit--
Wszystko działa i już nic nie laguje.
Temat do zamknięcia.

Zamykam,
XMan.