x-kom hosting

wirus policyjny

smenkare
utworzono
utworzono

zle zrobilem robiac sie za to sam. Na poczatku startowal normalnie tryb awaryjny, uruchomilem zwykla avire i przeskanowalem system, znalezione wirusy zostaly przemieszczone do kwarantanny, pogrzebalem troche w rejestrze i usunalem kilka podejrzanych rzeczy. Po wlaczeniu normalnego trybu wirus wciaz tam byl wiec zresetowalem kompa aby znow wejsc w tryb awaryjny. System zaczal sie pozniej sypac, za nic nie moglem uruchomic zadnego trybu awaryjnego. Po 10 resetach przy wlaczaniu pc zaznaczylem opcje aby system naprawil uszkodzone pliki. O dziwo system awaryjny nadal nie startuje ale zalogowalem sie na swoje konto i poki co wirus policyjny sie nie odzywa. Niestety wciaz mam dziwne przeczucie ze mam go lub jakies pozostalosci. Srednio znam sie na komputerach, co powinienem zrobic? Dziekuje za pomoc zalaczam jeszcze screen z msconfig poniewaz mam tam jakis ruski program czy cos ktory wydaje mi sie podejrzany

edit. wlasnie zrobilem restart,wirus wciaz aktywny, nie rozumiem dlaczego ten jeden raz system uruchomil sie normalnie. Tryb awaryjny za to znow dziala...


edit. moje przypuszczenia okazaly sie chyba trafione, wylaczylem ten podejrzany ruski program w msconfig, windows wydaje sie dzialac normalnie aczkolwiek wirus wciaz tu jest. Prosze o pomoc w usunieciu


[log]OTL Extras logfile created on: 2012-12-26 23:10:02 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tobiaryna\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,98 Gb Total Physical Memory | 2,36 Gb Available Physical Memory | 59,25% Memory free
7,96 Gb Paging File | 5,85 Gb Available in Paging File | 73,50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 298,09 Gb Total Space | 22,64 Gb Free Space | 7,60% Space Free | Partition Type: NTFS
Drive D: | 1,87 Gb Total Space | 1,87 Gb Free Space | 99,94% Space Free | Partition Type: FAT32

Computer Name: LORDZIK | User Name: Tobiaryna | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1485770423-532772460-667618788-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" ()
Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" ()
Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1F8783EA-7E37-40D0-BDF7-6245D5D00606}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{2781A5BD-2774-4DB7-A214-99BC691A5B60}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4446FC62-D264-4122-90EF-CC0D98251AC4}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5C15D521-048B-40F5-8047-AA270B71F71D}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{5C6C8C4D-E639-45EB-8918-0632AD0C4C36}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{64DE61CF-E14F-40E1-B2AE-E0FF7AA900B5}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6FA80340-9B32-48A1-A199-4C4A6C245BAF}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{94D217E3-1DE6-4CF6-A698-65E923667599}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9CD4FB7A-B375-4C28-BB2C-BE5A3FBE4A63}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A2D64ED2-F9B7-4B0E-B5C2-19C06B2ACEAA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A93F7D63-B479-4F65-9182-7786B245E73C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B284F21F-1353-4CC1-AF35-D1376C3B080E}" = rport=10243 | protocol=6 | dir=out | app=system |
"{E1A2720D-5BC7-463C-95E5-0256EF9B878D}" = lport=10243 | protocol=6 | dir=in | app=system |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01319C62-4939-4DD5-A44D-A8A3ECFCB1B4}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"{023471B6-83F5-4FBA-AA8A-F1FFA7BE3237}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{03B0D326-0F71-4C19-A64A-E7BD5998CC6F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\realm of the mad god\realm of the mad god.exe |
"{05D5FD6A-36C8-44A7-A180-F06B14B2ED0C}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"{05E5B4CF-D041-4D76-BEF6-BDE1BA187A41}" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe |
"{066F32CE-4399-42A8-A40E-9EA07A6C10A7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{0938741B-6CA2-4C28-9C69-4F03567FFAA5}" = protocol=17 | dir=in | app=c:\gry\assassinscreedbrotherhood.exe |
"{0FC5F3C4-611C-4C9C-8C24-1F47C9E3FD23}" = dir=in | app=c:\users\tobiaryna\documents\the war z\warz.exe |
"{10E487E4-FF73-4DD1-9DA7-F7A8D5610C53}" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"{12354948-6CDC-43C6-B29C-95984FE70345}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{130FF641-2ABC-46CD-8E43-D446B1C1BB1C}" = protocol=17 | dir=in | app=c:\program files (x86)\bitcomet\bitcomet.exe |
"{13A9B62C-2EA5-4180-89F1-21F3DE9904EB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{15754087-73A8-4A10-92B6-B4C8681F87BC}" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii public test\diablo iii.exe |
"{1640CA4E-4F5D-43C0-8602-732A3D39274C}" = protocol=6 | dir=in | app=c:\star wars the force unleashed 2\swtfu2.exe |
"{16A4F106-AEC9-444E-B538-BF1DC520218A}" = protocol=17 | dir=in | app=c:\star wars the force unleashed 2\swtfu2.exe |
"{1701091F-7166-4077-83BE-191A7766E6CB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{175A2D7D-A09D-43E3-BA00-29289C8C2913}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"{1C2A6872-2EC4-4DD8-B5A0-C4370D839DEE}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{1D91EF02-6BA4-4CFD-99B1-B4BB81D46440}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1EC8F177-E2CA-4417-8B4F-C529D63E5277}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{20801F10-2B51-424C-A90A-47CBC9BD5EED}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\farcry3_d3d11.exe |
"{20B84340-F6B6-40E0-8FEA-7B8141DDE5D9}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{2233059A-A222-43CC-9C1A-F94BB98DC8AF}" = protocol=17 | dir=in | app=c:\program files (x86)\adobe\adobe bridge cs3\bridge.exe |
"{22E15D01-4AA9-468D-84C0-5BD3B4A196A9}" = protocol=17 | dir=in | app=c:\d3\diablo iii\diablo iii.exe |
"{23810076-D7ED-4B9C-85CD-7AD19AFC5EF1}" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{259A8348-F508-4C8E-A440-BA08EC560899}" = protocol=6 | dir=in | app=c:\mass effect 3\binaries\win32\masseffect3.exe |
"{280D6991-6AA1-409A-83B2-53D29A41B26D}" = protocol=6 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe |
"{285CF39A-D178-483A-A243-ECED7726BBAE}" = protocol=17 | dir=in | app=c:\gry\acbsp.exe |
"{2D5940F9-49C4-4A69-864A-15C175F7BDB2}" = protocol=6 | dir=in | app=c:\gry\acbsp.exe |
"{2DD8309A-E125-48B3-974A-21CF63700DF6}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{2E162B2B-42A5-4FB4-9DD2-FECDBA8B9E00}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\might & magic heroes v\might & magic heroes vi.exe |
"{304F1D43-B3DF-4E6C-929F-91F7767F1757}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.516\agent.exe |
"{305D0C73-E72B-44CB-9F95-ACE30DB625C5}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{349D6ABF-9CCE-4135-AF53-74BBA30C8A7C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe |
"{350C891A-222B-4194-BCAD-61C164610017}" = protocol=17 | dir=in | app=c:\users\tobiaryna\downloads\terrariaserver.exe |
"{35841F7F-295E-4E0E-A42F-DB4276490A35}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{360B4CE1-BB40-4355-871C-8E2F4079E0F7}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
"{37A8E540-D74A-4702-A39D-35C8CBA90034}" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii beta\diablo iii.exe |
"{380424A4-926C-47D7-BF8D-7AE8B124CFFD}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{3A50E01B-07A2-4657-8DCF-1E872DEAFBA5}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{3BAC5E56-365B-45C7-98F1-E290780D2691}" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\rockstar games social club\rgsclauncher.exe |
"{3C19D57E-04EF-4520-8BD4-5DE52133E230}" = protocol=17 | dir=in | app=c:\gry\uplaybrowser.exe |
"{3D11220F-976E-4B21-9B33-9DE26E8F9F5B}" = protocol=6 | dir=in | app=c:\nexon\vindictus eu\en-eu\nmservice.exe |
"{411FFCCA-0F10-4F41-8D46-7E01970D65F6}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{4193636B-114C-47EA-A49C-890E75E53A14}" = protocol=6 | dir=in | app=c:\users\tobiaryna\downloads\terrariaserver.exe |
"{42DA3EB1-7466-4F23-90D6-C40144D4275C}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.649\agent.exe |
"{447716DE-C962-4659-B8DE-CADD116840EB}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4545AD4D-4EE0-4A7B-A3DF-72CBF5A255AC}" = protocol=6 | dir=in | app=c:\users\tobiaryna\appdata\local\mooext\mooege\mooege.exe |
"{483D3986-E496-4496-9292-9690BF63E407}" = protocol=17 | dir=in | app=c:\users\tobiaryna\downloads\release mooege-fe8687c\mooege.exe |
"{493A005E-8EE2-47E7-A1E9-DFFE5EFE6080}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\farcry3_d3d11.exe |
"{496A0117-9D5E-49A7-B971-D1CCE3DAF2FE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{4E8A518F-BB2D-4D31-93E8-A54489FB550A}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{4F427980-7641-407D-8043-4176096738FC}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\backgrounddownloader.exe |
"{4F6909B2-EF8C-4AE1-83EE-14B64A49FD3B}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{51E48B52-29C8-40B5-89C8-EE0489E00024}" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\rockstar games social club\rgsclauncher.exe |
"{523A5840-D01E-456A-90B5-0B26B7342D89}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{527C7907-7F1C-4655-BA3A-E8C2441A306D}" = protocol=6 | dir=in | app=c:\users\tobiaryna\appdata\roaming\dropbox\bin\dropbox.exe |
"{53242EFE-A26D-4246-90F2-7886CC7C2915}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\apb reloaded\binaries\apb.exe |
"{54692A66-E63A-4B44-B6DD-DBE97872AB5C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{54E0FBBC-157B-421E-99A3-7483CE6EEE62}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.patch.exe |
"{57A8A2AD-C17F-4D38-A5EF-588AD5FA4772}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\red alert 3\data\ra3_1.12.game |
"{587FDD0F-729F-4684-9B39-243860298EB3}" = protocol=6 | dir=in | app=c:\program files (x86)\adobe\adobe bridge cs3\bridge.exe |
"{589C5564-1F53-4BB9-93CA-6D9D0797C815}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{59C372A2-96C3-473E-BEF5-1175CD08BF87}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.516\agent.exe |
"{5AFE712E-7338-401D-8783-5AA5A2724959}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars-the old republic\betatest\retailclient\swtor.exe |
"{5B442DE3-F4F1-4972-A13B-6B64959F07CE}" = protocol=17 | dir=in | app=c:\users\tobiaryna\appdata\local\mooext\mooege\mooege.exe |
"{5C6ABDC8-ED51-457E-8357-A9034AB4B8FE}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
"{5D782D78-9540-41A6-92F7-7982788529D3}" = protocol=6 | dir=in | app=c:\gry\uplaybrowser.exe |
"{5DA4C5FF-98D3-4ECD-B987-38A910AC51FE}" = protocol=6 | dir=in | app=c:\users\tobiaryna\appdata\roaming\dropbox\bin\dropbox.exe |
"{6020A497-8386-48EE-B402-017446A0F4CF}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{6097D5A6-2B12-440D-B636-B1F558E09402}" = protocol=6 | dir=in | app=c:\program files (x86)\gadu-gadu 10\gg.exe |
"{60C73153-934A-4DA4-BA5E-9DB8BAF13082}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\farcry3.exe |
"{622E527B-C537-41E9-8A60-170679D206B4}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{62F11061-C9DE-4220-9209-C7E7B46595CE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe |
"{640ACB44-803A-49CC-8077-C002107437B1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\brawl busters\bin\pbclient.exe |
"{64AF5936-3702-4F4F-B7E4-77B562D8494A}" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii public test\diablo iii.exe |
"{65044ABE-9369-418E-A692-1474C88622AE}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{6613EA34-D68B-4A6A-BF20-43F680AA4E04}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{687D3641-3972-4464-9954-36900CD62156}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{69B81C16-38A9-4492-BD5C-7446BA5BF8AB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\realm of the mad god\realm of the mad god.exe |
"{6A4C0D6A-7ADF-4DDD-86A8-D78C1279CFC2}" = protocol=17 | dir=in | app=c:\users\tobiaryna\downloads\mooege-mooege-2c16804\src\mooege\bin\debug\mooege.vshost.exe |
"{6B222FBC-F3D5-41AB-8BDE-0A967A985ECC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\apb reloaded\binaries\apb.exe |
"{6B54D599-4855-414C-AC48-5714C0F1124C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{6FC17611-6090-4531-8D5C-C533202EB61F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trine 2\trine2_launcher.exe |
"{7240C01F-92DB-426B-8F8B-64B272BBD54B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\apb reloaded\binaries\vivoxvoiceservice.exe |
"{73400C7A-E5AF-4BFF-9CCC-349C30148371}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{73FE6D1A-226E-4C05-8C97-9C2BC49B010F}" = protocol=6 | dir=out | app=system |
"{75B9CAC4-960E-4B7B-8F1F-E68C1E443020}" = protocol=17 | dir=in | app=c:\users\tobiaryna\appdata\local\temp\rar$ex53.280\terrariaserver.exe |
"{76205A1D-675D-43BF-8D38-CE7C9AC214D7}" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{76812715-6043-4BDE-B859-895B5C0B98C3}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\mass effect 3 demo\binaries\win32\masseffect3demo.exe |
"{7897EF0A-9CA8-4051-A641-71753D81AF0F}" = protocol=17 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe |
"{78A0C161-67D3-4F68-B976-1DFCD9E08B9C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{7CC83FB6-FAC0-4DA2-A007-931E8C83BB93}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{7DC90FCC-3387-4476-9439-8452657E19CA}" = protocol=6 | dir=in | app=c:\users\tobiaryna\downloads\release mooege-fe8687c\mooege.exe |
"{7EFC29C2-1DF3-41DA-B0EA-7EB67D2F1EC8}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{7F23D152-2737-40FC-A431-14F92B4AD78E}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\fc3editor.exe |
"{824E97B5-2CCC-470B-8F75-1FC067485970}" = protocol=17 | dir=in | app=c:\program files (x86)\hamachi\hamachi.exe |
"{8293FBA7-3421-453A-A5DB-C96C29C7979C}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{8329CC57-2100-4A2F-BD12-2699C5782601}" = protocol=17 | dir=in | app=c:\program files (x86)\orcs must die!\build\release\orcsmustdie.exe |
"{85A42E14-BD84-46FC-8BA5-1D95B5BEB062}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\realm of the mad god\realm of the mad god.exe |
"{8646F2A0-FE49-4E7D-BC49-AD902B93A788}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{877D26CE-686B-4B6F-B477-866058EBA3A7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\brawl busters\bin\pblauncher.exe |
"{8A76A509-29EB-4446-B44B-0EA34F8A1F35}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii public test.exe |
"{8AFB2A21-DE4E-4E2E-94E7-385EA2F4A7BB}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\farcry3.exe |
"{8B0A3648-75A6-45C4-A76F-5B8286FA2009}" = protocol=17 | dir=in | app=c:\nexon\vindictus eu\en-eu\nmservice.exe |
"{8D7FBE20-7112-46DA-91A8-526226337EAF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\realm of the mad god\realm of the mad god.exe |
"{91150796-6EAC-4078-BFDC-4555393BD1AD}" = protocol=17 | dir=in | app=c:\program files (x86)\trendy entertainment\dungeon defenders\binaries\win32\dundefgame.exe |
"{92B01AAD-470E-495B-BAD6-6B072975941A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{952A8A9B-808F-430C-B586-73282593B317}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{9A15FDE0-84D9-43BA-BFB2-383841F46FF0}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{9A756AB0-74E6-456B-854C-F7F93004F39E}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{9C22B966-77CA-43A4-9FF3-790798B10889}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{9D2E88B6-A9DE-40AD-A6E9-4F6ED1ED7836}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9E438E72-B430-40D0-92D3-752EF69465F3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\tobiaryna\team fortress 2\hl2.exe |
"{9F0723A2-D7B3-489A-A5E7-4D0BE79F631A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\airmech\airmech.exe |
"{A3B15134-09B2-4EFF-8FAB-41D253346605}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A3E38895-B66F-49FA-A197-63EA50DF540E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A68A768E-C6D7-44CB-92D7-17EC23454798}" = protocol=6 | dir=in | app=c:\gry\assassinscreedbrotherhood.exe |
"{A8BD88DB-7F0C-4EEC-9C5D-B98EC208380B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{A8BF975E-B935-45F0-84FC-C415C354CA45}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\fc3updater.exe |
"{A8CA2F63-0236-4E0A-8F83-6173084A0FA7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\tobiaryna\team fortress 2\hl2.exe |
"{A964AE3F-C25C-44E8-82B4-A0FA37732416}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{AAEAA242-1D38-4122-AC85-725A6EE05DAC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{AB0A685C-A2A2-468D-97BA-618BB3BAF698}" = protocol=6 | dir=in | app=c:\program files (x86)\orcs must die!\build\release\orcsmustdie.exe |
"{AB516E32-2591-49FF-A5F6-9A81CF276179}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.patch.exe |
"{AD261937-51F0-4DAF-B55F-18E4CAF7BFC2}" = protocol=17 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe |
"{ADFFAE20-DE4A-4AA1-85B1-198A8DDA0CA9}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{AEA1CD0F-15BB-41AE-ABCB-CAB2BB9D6FD0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B176AA1A-A0B3-489C-AB3C-32210251F958}" = protocol=17 | dir=in | app=c:\gry\acbmp.exe |
"{B19F4CFE-9FE4-4DEB-9797-572161A28F39}" = protocol=6 | dir=in | app=c:\program files (x86)\bitcomet\bitcomet.exe |
"{B1BBEA62-5A98-4B11-9E05-C634A14DE001}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{B6DC6B1E-31A1-475F-B37A-0D8BF89D51F4}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\backgrounddownloader.exe |
"{B70F20C0-3E9B-47E0-B238-BFA51845DEF0}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\mass effect 3 demo\binaries\win32\masseffect3demo.exe |
"{B8C0A8B7-2385-4664-AC65-BABA399ABAA3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BA3D3DE3-133B-4D45-ADEC-5F30A9F43E60}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{BBBCF2A8-ECF8-45CD-BF04-399051500847}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.516\agent.exe |
"{BCCBA1C2-3AFC-43B6-A404-EF4AC77D42A0}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{BDBA211D-6161-4460-9C06-F2257B555EB8}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\fc3editor.exe |
"{BF1BC8A1-5E20-43C9-9482-C49E01DCEB29}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{C1180CF0-5701-40F2-8736-CEEB5A8E920B}" = protocol=6 | dir=in | app=c:\d3\diablo iii\diablo iii.exe |
"{C1640FDF-2D05-42D4-A39E-17A15D6D4B0C}" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii beta\diablo iii.exe |
"{C1DC7CC7-5858-4910-AE17-6F31923977DC}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{C244E897-B2BE-4457-B991-3E4C9C119744}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{C4523A85-5AE1-416F-8846-E6DBC29CD627}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{C817D7A1-DA22-429D-98E0-1982CD299781}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{CAE63E9A-687F-4C39-A0D6-11C1B7A5C1AE}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{CFB81AB6-A43E-4DC6-83D1-57820E97E326}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\apb reloaded\binaries\vivoxvoiceservice.exe |
"{D0A5CC09-78CF-4947-AA54-0D09EA8A9A11}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.440\agent.exe |
"{D1AA5627-260E-4FFD-A3E3-D923966FD70D}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base15405\sc2.exe |
"{D271D305-328F-4696-A784-79F5340CFD30}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.439\agent.exe |
"{D38D6F4C-A1D5-4646-A517-5443F6279312}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe |
"{D86C16A1-E8EB-434B-AF61-0BDCB3CACB04}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{D899A194-23E7-42C6-B7DB-72DBCE9B747D}" = protocol=6 | dir=in | app=c:\gry\acbmp.exe |
"{D9FBCC73-3206-4A67-A278-ADE93E8E0D57}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DB1B8617-2C1A-47C2-A325-9F760209EAB3}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{DB3E8589-BAE2-4FB2-B530-53454CF339B9}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.516\agent.exe |
"{DC330238-D775-4DEE-87E2-77ED50F06C49}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{DDC76996-137B-4A21-A1DF-37DAD18936DC}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.649\agent.exe |
"{DE0995D4-F6A4-46C2-A195-9C484180BAD9}" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe |
"{DF4CA2E3-1207-475C-AFB2-7BFF95A6916D}" = protocol=6 | dir=in | app=c:\users\tobiaryna\appdata\local\temp\rar$ex53.280\terrariaserver.exe |
"{E0379A0A-FF8F-438B-A72D-292DF137E9EB}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{E1D3BC80-E809-4232-A23A-AC7C753EC16E}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\might & magic heroes v\might & magic heroes vi.exe |
"{E29A5C6D-7268-4A29-93C7-8969F8C0EC89}" = protocol=6 | dir=in | app=c:\program files (x86)\trendy entertainment\dungeon defenders\binaries\win32\dundefgame.exe |
"{E5901241-860D-47CC-8AEC-AAE78B7D0BB0}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.439\agent.exe |
"{E5EFAA1A-C716-4520-AC45-FAFE282EBB4F}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii public test.exe |
"{E5F59C09-9017-4B7D-95D6-9A9C3E51C129}" = protocol=6 | dir=in | app=c:\program files (x86)\hamachi\hamachi.exe |
"{E672EEB6-9E73-499C-BB08-D8131E6DD3C4}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe |
"{E717FA0E-4841-4AEF-B215-99A39234DB79}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\fc3updater.exe |
"{E737CDCB-74E9-4EC1-8B86-4863056896AB}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{E7AF8D5F-00BD-4FA4-B07E-13929866B032}" = protocol=6 | dir=in | app=c:\users\tobiaryna\downloads\mooege-mooege-2c16804\src\mooege\bin\debug\mooege.vshost.exe |
"{E80C91B4-1720-46EA-8C91-8BA58273886B}" = protocol=58 | dir=in | app=system |
"{E834070E-72C9-42CA-973B-CF4182795C19}" = protocol=6 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe |
"{E9CCFD58-F57E-4DAF-8142-499A0C5309D6}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars-the old republic\betatest\retailclient\swtor.exe |
"{EAE73FAB-304B-4530-B2D1-E74FB813E680}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base15405\sc2.exe |
"{EFD10A08-65B0-4FBA-A6AE-0C09555BF5A0}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{F0CF7372-EF8A-48C1-8D57-7385D8D84E55}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\brawl busters\bin\pblauncher.exe |
"{F3583B33-452F-4548-B11B-23997E7C088C}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"{F373231B-3D57-4121-AA26-E98C6E61128A}" = protocol=17 | dir=in | app=c:\users\tobiaryna\appdata\roaming\dropbox\bin\dropbox.exe |
"{F4233EEF-F3E0-4252-A8C9-0B77BBDD68F0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\brawl busters\bin\pbclient.exe |
"{F719B6AC-D99C-418D-91AB-E5D709DC71B5}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\red alert 3\data\ra3_1.12.game |
"{F850AE75-16CD-4653-920C-0CD4926CC57A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trine 2\trine2_launcher.exe |
"{FBD02CE9-E697-453D-BF26-B5FED0CF68AA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\airmech\airmech.exe |
"{FCA8F850-227F-4652-BA52-357846AD571E}" = protocol=17 | dir=in | app=c:\users\tobiaryna\appdata\roaming\dropbox\bin\dropbox.exe |
"{FDDCFE19-4E2E-436D-94D1-80492A7F5C13}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.440\agent.exe |
"{FF13407B-AF8B-4F5C-AFE4-0B1CAC030944}" = protocol=17 | dir=in | app=c:\program files (x86)\gadu-gadu 10\gg.exe |
"{FF7A19EA-BBAD-47ED-A947-5BCD81BB08C2}" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"{FF88C35A-683F-42F2-B234-4F8B9AC670F9}" = protocol=17 | dir=in | app=c:\mass effect 3\binaries\win32\masseffect3.exe |
"TCP Query User{055F462E-D306-4E91-ABA8-AF27E0C2B859}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe |
"TCP Query User{073A3453-8443-40D2-A573-D2D77B4B4E17}C:\program files (x86)\starcraft ii\versions\base18574\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base18574\sc2.exe |
"TCP Query User{09743E92-271E-46B1-9ADA-BFCACEE46FB4}C:\program files (x86)\orcs must die!\build\release\orcsmustdie.exe" = protocol=6 | dir=in | app=c:\program files (x86)\orcs must die!\build\release\orcsmustdie.exe |
"TCP Query User{0B7A1789-E041-4A60-AA8E-91E244E47571}C:\program files (x86)\worms revolution\wormsrevolution.exe" = protocol=6 | dir=in | app=c:\program files (x86)\worms revolution\wormsrevolution.exe |
"TCP Query User{0DA43D2C-8792-40B9-A3E7-DBD25E98B8D5}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe |
"TCP Query User{19085184-B6A7-4C0E-A571-1C72F7A29219}C:\program files (x86)\origin games\red alert 3\data\ra3_1.12.game" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\red alert 3\data\ra3_1.12.game |
"TCP Query User{1C652CDC-E3B7-4738-A06A-30AAD633F0D5}C:\program files (x86)\ubisoft\heroes of might and magic iv - zlota edycja\heroes4p.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\heroes of might and magic iv - zlota edycja\heroes4p.exe |
"TCP Query User{20B371DD-7D55-4DCE-AC5A-E9BC09A56423}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe |
"TCP Query User{25F14117-9BF5-49D8-9F72-91A848779EED}C:\programdata\battle.net\agent\agent.749\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.749\agent.exe |
"TCP Query User{31585D35-1914-4B6D-A2AE-A500C0107E1C}C:\program files (x86)\trendy entertainment\dungeon defenders\binaries\win32\dundefgame.exe" = protocol=6 | dir=in | app=c:\program files (x86)\trendy entertainment\dungeon defenders\binaries\win32\dundefgame.exe |
"TCP Query User{33C04F8A-035E-42A1-99EE-3D3A0C939C78}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe |
"TCP Query User{33E91FBD-5E77-4906-A7F7-B5CB336FEF80}C:\program files (x86)\steam\steamapps\tobiaryna\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\tobiaryna\team fortress 2\hl2.exe |
"TCP Query User{3A3FC816-A841-479F-B6F9-6258B9BD5ABD}C:\windows\syswow64\dpnsvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dpnsvr.exe |
"TCP Query User{4877B598-3AF9-41CC-A6AB-1CA6F9A0CE9E}C:\program files (x86)\origin games\alice madness returns\game\alice2\binaries\win32\alicemadnessreturns.exe" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\alice madness returns\game\alice2\binaries\win32\alicemadnessreturns.exe |
"TCP Query User{4DE383AF-0D40-4B98-9B65-0AA043CB4687}C:\programdata\battle.net\agent\agent.998\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"TCP Query User{511566AC-ADE5-4D8C-AFEB-AFEE44B04450}C:\programdata\battle.net\agent\agent.913\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.913\agent.exe |
"TCP Query User{5B288093-874B-4B70-A06E-E91B916C13C9}C:\dead island\deadislandgame.exe" = protocol=6 | dir=in | app=c:\dead island\deadislandgame.exe |
"TCP Query User{5C775493-52C2-4310-810C-98C72A4F88AB}C:\programdata\battle.net\agent\agent.1040\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"TCP Query User{66D7909F-50B6-460F-B2D0-1CE94B0D0E11}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{6737D72F-CAC1-4AFB-8E92-73AC2E856F75}C:\users\tobiaryna\downloads\mooege.exe" = protocol=6 | dir=in | app=c:\users\tobiaryna\downloads\mooege.exe |
"TCP Query User{688F4D8E-02B3-46B7-BDF6-A69990DBE8AE}C:\program files (x86)\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gadu-gadu 10\gg.exe |
"TCP Query User{6A370AD4-8E3B-4CAD-A51D-C84EF88A3054}C:\program files (x86)\steam\steamapps\common\sid meier's civilization v\civilizationv_dx11.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v\civilizationv_dx11.exe |
"TCP Query User{6B9D87A4-7624-4E7E-B106-C02215823FA7}C:\program files (x86)\bethesda softworks\dishonored\binaries\win32\dishonored.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bethesda softworks\dishonored\binaries\win32\dishonored.exe |
"TCP Query User{6BB4C189-DF52-4BCB-9BE3-06100E484AFC}C:\program files (x86)\origin games\alice madness returns\game\alice2\binaries\win32\alicemadnessreturns.exe" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\alice madness returns\game\alice2\binaries\win32\alicemadnessreturns.exe |
"TCP Query User{74726A6D-5D05-4DA9-B73A-94C7B02D49C0}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"TCP Query User{7D295D4B-59E3-44B5-997C-AA20504D0EF8}C:\program files (x86)\heroes3\blade\h3blade.exe" = protocol=6 | dir=in | app=c:\program files (x86)\heroes3\blade\h3blade.exe |
"TCP Query User{7DA2963C-F889-4F04-BF6E-5B1589AB3E8E}C:\users\tobiaryna\downloads\new server crack and fix to 0.3.0.7447\d3sharp.exe" = protocol=6 | dir=in | app=c:\users\tobiaryna\downloads\new server crack and fix to 0.3.0.7447\d3sharp.exe |
"TCP Query User{8451696A-4151-4743-B151-A9D3A321DF86}C:\program files (x86)\diablo iii beta\diablo iii.exe" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii beta\diablo iii.exe |
"TCP Query User{85E28727-982C-45C0-B942-058B179D6FA6}C:\users\tobiaryna\downloads\diablo-iii-8370-engb-installer-downloader.exe" = protocol=6 | dir=in | app=c:\users\tobiaryna\downloads\diablo-iii-8370-engb-installer-downloader.exe |
"TCP Query User{87CE2435-5F5C-4D2B-BE07-BEFE72AB463D}C:\program files (x86)\2k games\borderlands 2\binaries\win32\borderlands2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\2k games\borderlands 2\binaries\win32\borderlands2.exe |
"TCP Query User{88984ACA-6A17-4B83-B359-98A32B25735D}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{8CB12FB7-61C8-4164-8F2B-DB6E9A69DC11}C:\program files (x86)\starcraft ii\versions\base23260\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base23260\sc2.exe |
"TCP Query User{95108AA1-A5B9-4F31-BAD9-F5E5006F9F44}C:\users\tobiaryna\appdata\local\temp\gw2.exe" = protocol=6 | dir=in | app=c:\users\tobiaryna\appdata\local\temp\gw2.exe |
"TCP Query User{96D67EB1-67BF-487B-A1C1-ED9B59618C28}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe |
"TCP Query User{9DEBAB18-A7A9-4D77-B172-C931610D91C9}C:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe |
"TCP Query User{A211D079-F2AA-4B45-A5E0-9D70D939D20D}C:\programdata\battle.net\agent\agent.976\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"TCP Query User{A7841951-AE37-41AA-AA90-ECD9CC3797F1}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"TCP Query User{A819415E-C3D6-4431-BF8E-EC3387BDA1BE}C:\program files (x86)\bitcomet\bitcomet.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bitcomet\bitcomet.exe |
"TCP Query User{AA73E292-CBB8-4AC2-8161-97E8C70E54C0}C:\mp3\rockstar games\max payne 3\maxpayne3.exe" = protocol=6 | dir=in | app=c:\mp3\rockstar games\max payne 3\maxpayne3.exe |
"TCP Query User{AF121223-C285-434B-8D51-2D15B2F04E4E}C:\program files (x86)\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\backgrounddownloader.exe |
"TCP Query User{B13AB2E3-DFAD-483A-A400-5367E412F62B}C:\program files (x86)\steam\steamapps\common\sid meier's civilization v\civilizationv_dx11.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v\civilizationv_dx11.exe |
"TCP Query User{C21448DC-90F4-4261-AFC8-2D0A75B13021}C:\users\tobiaryna\appdata\local\mooext\mooege\mooege.exe" = protocol=6 | dir=in | app=c:\users\tobiaryna\appdata\local\mooext\mooege\mooege.exe |
"TCP Query User{C751C947-1472-4909-A11D-AB32E3FDFBE5}C:\users\tobiaryna\downloads\release mooege-fe8687c\mooege.exe" = protocol=6 | dir=in | app=c:\users\tobiaryna\downloads\release mooege-fe8687c\mooege.exe |
"TCP Query User{C86DF1B6-60CD-4DB1-A274-1189FD4D3843}C:\programdata\battle.net\agent\agent.515\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe |
"TCP Query User{CB2D298C-35E0-4E46-9673-39B705CA211D}C:\gry\acbsp.exe" = protocol=6 | dir=in | app=c:\gry\acbsp.exe |
"TCP Query User{D31D1ECC-ABA0-4317-B5AA-6F7A00277ECF}C:\program files (x86)\electronic arts\bioware\star wars-the old republic\betatest\retailclient\swtor.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars-the old republic\betatest\retailclient\swtor.exe |
"TCP Query User{D8C82336-72BF-43B2-9134-023DFEAE4A02}C:\gry\acbmp.exe" = protocol=6 | dir=in | app=c:\gry\acbmp.exe |
"TCP Query User{D9D09C63-86C2-44D3-862D-BFD70F840B31}C:\program files (x86)\steam\steam.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"TCP Query User{DBAE4BE3-B9D5-4269-BEF3-4E8ACF7E6AD9}C:\mp3\rockstar games\max payne 3\maxpayne3.exe" = protocol=6 | dir=in | app=c:\mp3\rockstar games\max payne 3\maxpayne3.exe |
"TCP Query User{E1DD4A4A-3DCE-4A3E-90FF-D16B13037B7C}C:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe |
"TCP Query User{E4AD2603-6C5F-4BD6-85E5-C9C2DFA07DBD}C:\users\tobiaryna\downloads\mooege-mooege-2c16804\src\mooege\bin\debug\mooege.vshost.exe" = protocol=6 | dir=in | app=c:\users\tobiaryna\downloads\mooege-mooege-2c16804\src\mooege\bin\debug\mooege.vshost.exe |
"TCP Query User{E6164732-2B2B-4C61-A43F-4C7B930D6E52}C:\programdata\battle.net\agent\agent.868\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"TCP Query User{E934514C-C66C-4FA4-B379-A01906B6A8E0}C:\program files (x86)\electronic arts\dead space\dead space.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\dead space\dead space.exe |
"TCP Query User{ED5E6A59-D654-4F3C-870D-9C8FAAC473E7}C:\programdata\battle.net\agent\agent.954\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"TCP Query User{F639F58B-41A3-4897-9A0D-D3CDEE04BCE1}C:\users\tobiaryna\appdata\local\temp\rar$ex53.280\terrariaserver.exe" = protocol=6 | dir=in | app=c:\users\tobiaryna\appdata\local\temp\rar$ex53.280\terrariaserver.exe |
"TCP Query User{FC19DD78-2EBD-4095-83E0-4696C86280D2}C:\program files (x86)\terraria\terrariaserver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\terraria\terrariaserver.exe |
"TCP Query User{FEE784B9-8708-4615-8249-354A8718DD6B}C:\program files (x86)\counter-strike 1.6 v42 digitalzone\hl.exe" = protocol=6 | dir=in | app=c:\program files (x86)\counter-strike 1.6 v42 digitalzone\hl.exe |
"TCP Query User{FF382A0F-4D47-4FA6-9764-01FD21ECB9AC}C:\users\tobiaryna\downloads\terrariaserver.exe" = protocol=6 | dir=in | app=c:\users\tobiaryna\downloads\terrariaserver.exe |
"UDP Query User{0910C90A-0A77-4CE5-AFE3-44A50EE3AF17}C:\program files (x86)\steam\steamapps\common\sid meier's civilization v\civilizationv_dx11.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v\civilizationv_dx11.exe |
"UDP Query User{0F9F725C-4FAC-4FFB-80DA-30B425B662A7}C:\users\tobiaryna\downloads\diablo-iii-8370-engb-installer-downloader.exe" = protocol=17 | dir=in | app=c:\users\tobiaryna\downloads\diablo-iii-8370-engb-installer-downloader.exe |
"UDP Query User{1AC70150-AB7D-42F0-B27C-149756A1CA6F}C:\program files (x86)\origin games\alice madness returns\game\alice2\binaries\win32\alicemadnessreturns.exe" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\alice madness returns\game\alice2\binaries\win32\alicemadnessreturns.exe |
"UDP Query User{28AC1EAA-980F-4057-8C39-ACE69376FD65}C:\programdata\battle.net\agent\agent.749\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.749\agent.exe |
"UDP Query User{2B0D5AEC-C01F-419F-856D-37D623D378BE}C:\program files (x86)\starcraft ii\versions\base23260\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base23260\sc2.exe |
"UDP Query User{306890C8-877C-4356-88D3-9D2D6487B07E}C:\program files (x86)\starcraft ii\versions\base18574\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base18574\sc2.exe |
"UDP Query User{31DA5521-57F3-4306-B376-F544F342DFD6}C:\program files (x86)\steam\steamapps\common\sid meier's civilization v\civilizationv_dx11.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v\civilizationv_dx11.exe |
"UDP Query User{33919BE5-A20A-4933-B430-964D1BE5561D}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{33F740D2-66CA-4426-BED4-DE0A2993FF80}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe |
"UDP Query User{39AAE2FF-5A80-4C1C-9EA0-F8C2C150EF7B}C:\program files (x86)\origin games\alice madness returns\game\alice2\binaries\win32\alicemadnessreturns.exe" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\alice madness returns\game\alice2\binaries\win32\alicemadnessreturns.exe |
"UDP Query User{40A06FEC-625F-4474-B25C-89D90A5763B2}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe |
"UDP Query User{437EFCF7-ACCD-46E8-8765-16FCFA109612}C:\programdata\battle.net\agent\agent.954\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"UDP Query User{4696D18B-41A4-46E3-8547-FBD6C418EFFE}C:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe |
"UDP Query User{48645D9A-A797-4F04-8E54-76483E2F3553}C:\program files (x86)\heroes3\blade\h3blade.exe" = protocol=17 | dir=in | app=c:\program files (x86)\heroes3\blade\h3blade.exe |
"UDP Query User{4DADAFF0-EA08-41AD-9549-3E75CA98F49E}C:\program files (x86)\orcs must die!\build\release\orcsmustdie.exe" = protocol=17 | dir=in | app=c:\program files (x86)\orcs must die!\build\release\orcsmustdie.exe |
"UDP Query User{4DB4A60D-8909-4F3A-9898-4714535D58AB}C:\programdata\battle.net\agent\agent.976\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"UDP Query User{50B31271-0B3C-40A0-9DAB-192B00238D20}C:\program files (x86)\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\backgrounddownloader.exe |
"UDP Query User{52A8C25B-EEF5-4DDA-AFB0-C1C53898F7D9}C:\program files (x86)\worms revolution\wormsrevolution.exe" = protocol=17 | dir=in | app=c:\program files (x86)\worms revolution\wormsrevolution.exe |
"UDP Query User{55F3771C-9B1E-4D6C-8FE0-18762224AFC4}C:\users\tobiaryna\appdata\local\mooext\mooege\mooege.exe" = protocol=17 | dir=in | app=c:\users\tobiaryna\appdata\local\mooext\mooege\mooege.exe |
"UDP Query User{569CE525-17CA-47DD-B724-CD3ED859663A}C:\dead island\deadislandgame.exe" = protocol=17 | dir=in | app=c:\dead island\deadislandgame.exe |
"UDP Query User{577E3450-3434-4F6A-99A9-B59EBC54321A}C:\programdata\battle.net\agent\agent.1040\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"UDP Query User{5D82BC4D-0860-4054-BA49-D59637A664B0}C:\program files (x86)\ubisoft\heroes of might and magic iv - zlota edycja\heroes4p.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\heroes of might and magic iv - zlota edycja\heroes4p.exe |
"UDP Query User{5FE059E6-7590-4351-B3AB-EDEB3B2A2627}C:\program files (x86)\terraria\terrariaserver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\terraria\terrariaserver.exe |
"UDP Query User{6015A71B-5314-4EA4-A7AD-B366AA116DDD}C:\program files (x86)\electronic arts\bioware\star wars-the old republic\betatest\retailclient\swtor.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars-the old republic\betatest\retailclient\swtor.exe |
"UDP Query User{65DCC631-FFE1-47FF-BBCB-E5F5960C0850}C:\program files (x86)\trendy entertainment\dungeon defenders\binaries\win32\dundefgame.exe" = protocol=17 | dir=in | app=c:\program files (x86)\trendy entertainment\dungeon defenders\binaries\win32\dundefgame.exe |
"UDP Query User{67E9BE9F-4D7A-4CF1-A341-1808793CF9FA}C:\users\tobiaryna\downloads\release mooege-fe8687c\mooege.exe" = protocol=17 | dir=in | app=c:\users\tobiaryna\downloads\release mooege-fe8687c\mooege.exe |
"UDP Query User{6859E41D-FCBC-4285-B792-F09F04352410}C:\programdata\battle.net\agent\agent.913\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.913\agent.exe |
"UDP Query User{693F0200-8C57-49F5-9D9D-34991EB329D0}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"UDP Query User{6C5A9B0A-8DD0-44F6-8A38-FA045508EC10}C:\users\tobiaryna\appdata\local\temp\rar$ex53.280\terrariaserver.exe" = protocol=17 | dir=in | app=c:\users\tobiaryna\appdata\local\temp\rar$ex53.280\terrariaserver.exe |
"UDP Query User{77C3A308-527E-4791-BA9D-F605FFC73A03}C:\program files (x86)\2k games\borderlands 2\binaries\win32\borderlands2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\2k games\borderlands 2\binaries\win32\borderlands2.exe |
"UDP Query User{7A9223C4-3984-4A59-B43B-6B59D94E65D2}C:\program files (x86)\bethesda softworks\dishonored\binaries\win32\dishonored.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bethesda softworks\dishonored\binaries\win32\dishonored.exe |
"UDP Query User{7DC9A284-A45B-461F-BA7E-6AD67C18234D}C:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe |
"UDP Query User{818866D5-49C6-4C1C-92C5-B1CA6E88FE5B}C:\windows\syswow64\dpnsvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dpnsvr.exe |
"UDP Query User{8220A1CA-5538-429E-B618-EB8DBD8481B1}C:\programdata\battle.net\agent\agent.998\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"UDP Query User{82B9103E-111B-4291-B4D0-8462DFED9BE1}C:\program files (x86)\diablo iii beta\diablo iii.exe" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii beta\diablo iii.exe |
"UDP Query User{8342C3E9-A386-4EEC-A922-DFC16EBB20C0}C:\programdata\battle.net\agent\agent.868\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"UDP Query User{861096AC-43B4-42FB-B9B5-F7691220CC76}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe |
"UDP Query User{86C2CC54-C612-44D1-92C7-BB6F672F36E7}C:\program files (x86)\counter-strike 1.6 v42 digitalzone\hl.exe" = protocol=17 | dir=in | app=c:\program files (x86)\counter-strike 1.6 v42 digitalzone\hl.exe |
"UDP Query User{8C3887B6-F12A-439F-968C-5A9E5ED0CFC2}C:\program files (x86)\steam\steamapps\tobiaryna\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\tobiaryna\team fortress 2\hl2.exe |
"UDP Query User{8C8E1CD8-477A-4060-A439-31CD4BF61AB5}C:\users\tobiaryna\downloads\terrariaserver.exe" = protocol=17 | dir=in | app=c:\users\tobiaryna\downloads\terrariaserver.exe |
"UDP Query User{8D6CCB44-B95E-4EE6-87CA-2F4121135696}C:\users\tobiaryna\appdata\local\temp\gw2.exe" = protocol=17 | dir=in | app=c:\users\tobiaryna\appdata\local\temp\gw2.exe |
"UDP Query User{8F5D57E5-FB59-416E-BBB2-34B9265A85DD}C:\gry\acbsp.exe" = protocol=17 | dir=in | app=c:\gry\acbsp.exe |
"UDP Query User{9900FABE-4763-4C61-9070-B57A1EAA0F67}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe |
"UDP Query User{9A51417D-A601-4D44-A21B-23E7704A41ED}C:\programdata\battle.net\agent\agent.515\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe |
"UDP Query User{9E683D02-CF76-491C-9B4B-ECBBD81909D2}C:\program files (x86)\bitcomet\bitcomet.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bitcomet\bitcomet.exe |
"UDP Query User{A2E9C6F3-7214-471D-BB30-8F43994A835F}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe |
"UDP Query User{AAE5A921-3A2D-4900-9A93-C76637B7978D}C:\program files (x86)\electronic arts\dead space\dead space.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\dead space\dead space.exe |
"UDP Query User{B69DA648-4913-4132-A845-842560A90B33}C:\mp3\rockstar games\max payne 3\maxpayne3.exe" = protocol=17 | dir=in | app=c:\mp3\rockstar games\max payne 3\maxpayne3.exe |
"UDP Query User{C1A1E0F4-43BC-406F-A87B-21985F2ADB52}C:\program files (x86)\origin games\red alert 3\data\ra3_1.12.game" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\red alert 3\data\ra3_1.12.game |
"UDP Query User{C1A46D53-AB54-412C-A4BB-8D4D42EFC7FA}C:\program files (x86)\steam\steam.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"UDP Query User{CA5670F0-B048-4E9A-A206-BEEBF62F630B}C:\program files (x86)\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gadu-gadu 10\gg.exe |
"UDP Query User{CAA3FDF1-3F57-45A3-A0D4-DCF99B3B5837}C:\gry\acbmp.exe" = protocol=17 | dir=in | app=c:\gry\acbmp.exe |
"UDP Query User{CCC22B15-A2DD-41D4-A86E-5A7D0749753B}C:\users\tobiaryna\downloads\new server crack and fix to 0.3.0.7447\d3sharp.exe" = protocol=17 | dir=in | app=c:\users\tobiaryna\downloads\new server crack and fix to 0.3.0.7447\d3sharp.exe |
"UDP Query User{D22F8584-0FCA-48D2-A179-0CC7BC4343BD}C:\users\tobiaryna\downloads\mooege-mooege-2c16804\src\mooege\bin\debug\mooege.vshost.exe" = protocol=17 | dir=in | app=c:\users\tobiaryna\downloads\mooege-mooege-2c16804\src\mooege\bin\debug\mooege.vshost.exe |
"UDP Query User{DBADB0A5-FFCF-4F39-9D34-B7D7E8DDF90D}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"UDP Query User{E3EC5DB5-20AB-43BC-A00E-4272A89729F3}C:\mp3\rockstar games\max payne 3\maxpayne3.exe" = protocol=17 | dir=in | app=c:\mp3\rockstar games\max payne 3\maxpayne3.exe |
"UDP Query User{E6105229-9A62-410C-B8FC-E74E40982F96}C:\users\tobiaryna\downloads\mooege.exe" = protocol=17 | dir=in | app=c:\users\tobiaryna\downloads\mooege.exe |
"UDP Query User{F45A66DF-3EB2-4B32-AA92-F90E3CA8CD26}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0006AB1D-9B22-43DF-8D14-6EBD18DED4EE}" = Intel® Network Connections 16.0.19.0
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86416030FF}" = Java™ 6 Update 30 (64-bit)
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8E5DA9A6-7A9F-3A6F-BC5C-D6CBCA6A29C7}" = Microsoft .NET Framework 4 Extended PLK Language Pack
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2007
"{94D70749-4281-39AC-AD90-B56A0E0A402E}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.5.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.2.24.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{BCA26999-EC22-3007-BB79-638913079C9A}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"Creative VF0420" = Creative Live! Cam Vista IM Driver (1.00.03.0000)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"PROSetDX" = Intel® Network Connections 16.0.19.0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = OXPDFCreator
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08A25478-C5DD-4EA7-B168-3D687CA987FF}" = The Sims™ 3 Master Suite Stuff
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{106B4413-ACBB-4CDE-8707-587DB9BD77EC}" = LogMeIn Hamachi
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
"{117B6BF6-82C3-420C-B284-9247C8568E53}" = The Sims™ 3 Outdoor Living Stuff
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = Browser Manager
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{289AC7E0-0AEE-4a7b-913C-709D9803D23E}" = Nexon Game Manager
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{33443826-34AD-47BE-828D-C393FE0E9A64}_is1" = Mafia 2 + DLC Pack wersja 1.5
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3BBFD444-5FAB-49F6-98B1-A1954E831399}" = The Sims™ 3 Showtime
"{3D7E3EC9-46CF-4359-9289-39CE01DFB82F}" = Adobe Photoshop CS3
"{3EFF5902-2310-4F66-9144-1B11783A7E54}_is1" = Counter-Strike 1.6 DiGiTALZONE
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = The Sims™ 3 Late Night
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{59F24743-2EA1-3A45-B8C2-6E0E1E078FA8}" = Microsoft Visual C# 2010 Express - ENU
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6C20FA28-D3BC-4D0C-BB7F-A997F4645EC8}" = Path of Exile
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = The Sims™ 3 High-End Loft Stuff
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73AD5A08-FCFE-44EA-9436-3F7BEAF60049}" = Angry Birds
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{75D84EF7-0D8C-4e70-SIMS3-7B42A5D4E0EB}_is1" = The Sims 3 Complete Edition version 1.02
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{7B11296A-F894-449C-8DF6-6AAAA7D4D118}" = The Sims™ 3 Town Life Stuff
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{90850415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = The Sims™ 3 Ambitions
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{93A3AB24-36E8-41BA-80C6-CCEC237836DC}" = Alice Madness Returns
"{94B4E2D8-A184-415C-BF9E-F699D76466BD}" = Heroes of Might and Magic IV - Złota Edycja
"{95120000-003F-0415-0000-0000000FF1CE}" = Microsoft Office Excel Viewer
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9530AE42-DAE1-4619-9594-B23487285D17}" = NVIDIA PhysX
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B2506E3-9A3F-45B5-96BF-509CAD584650}" = The Sims™ 3 Katy Perry's Sweet Treats
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A2F166A0-F031-4E27-A057-C69733219435}_is1" = RaiderZ
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1045-7B44-A94000000001}" = Adobe Reader 9.4.0 - Polish
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = The Sims™ 3 World Adventures
"{BC3051A7-1021-4B57-A3DA-AAC24566FAE7}_is1" = The War Z version alpha
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C12631C6-804D-4B32-B0DD-8A496462F106}" = The Sims™ 3 Pets
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D08A30AC-A663-4EA8-8D81-B98E17F19F1C}_is1" = ISO to USB version 1.0
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D62576C2-C084-4698-974A-5BE77714FDDD}" = System Requirements Lab Test
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}" = Far Cry 3
"{E5F05232-96B6-4552-A480-785A60A94B21}" = System Requirements Lab CYRI
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}" = The Sims™ 3 Generations
"{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}" = The Sims™ 3 Fast Lane Stuff
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{FF11004C-F42A-4A31-9BCF-7F5C8FDBE53C}" = Adobe Setup
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_719d6f144d0c086a0dfa7ff76bb9ac1" = Adobe Photoshop CS3
"ALLPlayer_is1" = ALLPlayer V4.X
"Any Video Converter_is1" = Any Video Converter 3.3.0
"Astroburn Lite" = Astroburn Lite
"Audacity_is1" = Audacity 2.0.2
"Avira AntiVir Desktop" = Avira Free Antivirus
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"Battlelog Web Plugins" = Battlelog Web Plugins
"BitComet" = BitComet 1.30
"DAEMON Tools Lite" = DAEMON Tools Lite
"Diablo III" = Diablo III
"ESN Sonar-0.70.4" = ESN Sonar
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Faster Than Light_is1" = Faster Than Light
"Fraps" = Fraps (remove only)
"Gadu-Gadu 10" = Gadu-Gadu 10
"GameDesire-Pool & Snooker" = GameDesire-Pool & Snooker
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HyperCam 2" = HyperCam 2
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"LAME_is1" = LAME v3.99.3 (for Windows)
"LogMeIn Hamachi" = LogMeIn Hamachi
"Microsoft Visual C# 2010 Express - ENU" = Microsoft Visual C# 2010 Express - ENU
"Mozilla Firefox 17.0.1 (x86 pl)" = Mozilla Firefox 17.0.1 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NapiProjekt_is1" = NapiProjekt (2.0.0.2151)
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"Origin" = Origin
"PokerStars.eu" = PokerStars.eu
"PunkBusterSvc" = PunkBuster Services
"Rockstar Games Social Club" = Rockstar Games Social Club
"StarCraft II" = StarCraft II
"Steam App 200210" = Realm of the Mad God
"Steam App 206500" = AirMech
"Steam App 43110" = Metro 2033
"Steam App 550" = Left 4 Dead 2
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Steam App 8930" = Sid Meier's Civilization V
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Uplay" = Uplay
"WinRAR archiver" = WinRAR 4.01 (32-bitowy)
"World of Warcraft" = World of Warcraft
"Worms Reloaded_is1" = Worms Reloaded
"Worms Revolution_is1" = Worms Revolution

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-1485770423-532772460-667618788-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2012-12-26 15:50:22 | Computer Name = Lordzik | Source = SideBySide | ID = 16842832
Description = Nie można wygenerować kontekstu aktywacji dla „C:\Users\Tobiaryna\Downloads\SoftonicDownloader_dla_audacity.exe”.
Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana
przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna.
Składniki
powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Składnik
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error - 2012-12-26 15:51:11 | Computer Name = Lordzik | Source = WinMgmt | ID = 10
Description =

Error - 2012-12-26 15:57:05 | Computer Name = Lordzik | Source = WinMgmt | ID = 10
Description =

Error - 2012-12-26 16:09:33 | Computer Name = Lordzik | Source = WinMgmt | ID = 10
Description =

Error - 2012-12-26 16:17:30 | Computer Name = Lordzik | Source = WinMgmt | ID = 10
Description =

Error - 2012-12-26 16:21:06 | Computer Name = Lordzik | Source = WinMgmt | ID = 10
Description =

Error - 2012-12-26 17:35:27 | Computer Name = Lordzik | Source = WinMgmt | ID = 10
Description =

Error - 2012-12-26 17:45:02 | Computer Name = Lordzik | Source = WinMgmt | ID = 10
Description =

Error - 2012-12-26 17:53:19 | Computer Name = Lordzik | Source = WinMgmt | ID = 10
Description =

Error - 2012-12-26 17:57:08 | Computer Name = Lordzik | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 2012-12-26 17:43:52 | Computer Name = Lordzik | Source = Ntfs | ID = 262199
Description = Struktura systemu plików na dysku jest uszkodzona i nie nadaje się
do użytku. Uruchom narzędzie chkdsk na woluminie Nowy.

Error - 2012-12-26 17:43:52 | Computer Name = Lordzik | Source = Ntfs | ID = 262199
Description = Struktura systemu plików na dysku jest uszkodzona i nie nadaje się
do użytku. Uruchom narzędzie chkdsk na woluminie C:.

Error - 2012-12-26 17:45:23 | Computer Name = Lordzik | Source = Service Control Manager | ID = 7009
Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się
z usługą Menedżer tożsamości sieci równorzędnej.

Error - 2012-12-26 17:45:23 | Computer Name = Lordzik | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Menedżer tożsamości sieci równorzędnej
z powodu następującego błędu: %%1053

Error - 2012-12-26 17:45:23 | Computer Name = Lordzik | Source = Service Control Manager | ID = 7001
Description = Usługa Grupowanie sieci równorzędnej zależy od usługi Menedżer tożsamości
sieci równorzędnej, której nie można uruchomić z powodu następującego błędu: %%1053

Error - 2012-12-26 17:45:23 | Computer Name = Lordzik | Source = Service Control Manager | ID = 7001
Description = Usługa Protokół rozpoznawania nazw równorzędnych zależy od usługi
Menedżer tożsamości sieci równorzędnej, której nie można uruchomić z powodu następującego
błędu: %%1053

Error - 2012-12-26 17:51:42 | Computer Name = Lordzik | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 22:45:03 na ?2012-?12-?26 było
nieoczekiwane.

Error - 2012-12-26 17:55:54 | Computer Name = Lordzik | Source = Service Control Manager | ID = 7011
Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji
z usługi wlidsvc.

Error - 2012-12-26 17:57:24 | Computer Name = Lordzik | Source = Service Control Manager | ID = 7009
Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się
z usługą Usługa buforowania czcionek platformy Windows Presentation Foundation,
wersja 3.0.0.0.

Error - 2012-12-26 17:57:24 | Computer Name = Lordzik | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Usługa buforowania czcionek platformy Windows
Presentation Foundation, wersja 3.0.0.0 z powodu następującego błędu: %%1053


< End of report >[/log]




[log]OTL logfile created on: 2012-12-26 23:10:02 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tobiaryna\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,98 Gb Total Physical Memory | 2,36 Gb Available Physical Memory | 59,25% Memory free
7,96 Gb Paging File | 5,85 Gb Available in Paging File | 73,50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 298,09 Gb Total Space | 22,64 Gb Free Space | 7,60% Space Free | Partition Type: NTFS
Drive D: | 1,87 Gb Total Space | 1,87 Gb Free Space | 99,94% Space Free | Partition Type: FAT32

Computer Name: LORDZIK | User Name: Tobiaryna | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012-12-26 23:08:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tobiaryna\Downloads\OTL.exe
PRC - [2012-12-22 04:01:00 | 028,538,560 | ---- | M] (Dropbox, Inc.) -- C:\Users\Tobiaryna\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012-12-21 20:41:42 | 000,541,760 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2012-12-13 14:05:24 | 001,807,800 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe
PRC - [2012-12-10 17:29:46 | 002,254,768 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeInf Hamachi\hamachi-2-ui.exe
PRC - [2012-12-07 13:44:30 | 000,916,960 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012-12-05 06:06:02 | 001,354,736 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2012-10-11 09:33:58 | 000,842,680 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012-10-11 09:33:54 | 000,309,688 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2012-10-11 09:33:52 | 000,966,072 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
PRC - [2012-10-10 12:24:19 | 002,309,656 | ---- | M] () -- C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
PRC - [2012-08-11 12:23:51 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012-05-10 00:40:39 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012-05-10 00:40:38 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012-03-12 00:45:58 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011-10-15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011-10-15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011-08-02 08:33:30 | 004,910,912 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2011-02-01 06:24:42 | 002,656,280 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011-02-01 06:24:40 | 000,326,168 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2007-04-30 01:00:00 | 000,032,768 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\V0420Mon.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2012-12-21 20:42:33 | 000,647,168 | ---- | M] () -- C:\Program Files (x86)\Steam\SDL.dll
MOD - [2012-12-21 20:41:39 | 020,320,240 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2012-12-21 20:41:13 | 000,969,280 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.DLL
MOD - [2012-12-21 20:41:13 | 000,124,416 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012-12-21 20:41:12 | 001,100,800 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012-12-21 20:41:12 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012-12-13 14:05:24 | 014,586,296 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll
MOD - [2012-12-07 13:44:30 | 002,397,152 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012-11-06 00:12:24 | 017,632,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\3989b4ca6cf904061992daec9e7d5644\PresentationFramework.ni.dll
MOD - [2012-10-10 12:24:19 | 002,309,656 | ---- | M] () -- C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
MOD - [2012-10-10 12:23:16 | 002,068,504 | ---- | M] () -- C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll
MOD - [2011-10-16 18:04:24 | 000,220,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\6e7f1bdc845816dfc797f8002b76b5e8\System.ServiceProcess.ni.dll
MOD - [2011-10-16 18:04:16 | 000,767,488 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\dc1f0dbf1d3ba856eccec90b62b55d79\System.Runtime.Remoting.ni.dll
MOD - [2011-10-16 18:03:55 | 001,776,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\035910922f160d304fb834aae41f45a6\System.Xaml.ni.dll
MOD - [2011-10-16 13:49:54 | 005,571,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\e997d0200c25f7db6bd32313d50b729d\System.Xml.ni.dll
MOD - [2011-10-16 13:49:53 | 011,057,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\3963e9ce8d44f50e8367e92a8e3e42e6\PresentationCore.ni.dll
MOD - [2011-10-16 13:49:50 | 000,973,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ac18c2dcd06bd2a0589bac94ccae5716\System.Configuration.ni.dll
MOD - [2011-10-16 13:49:48 | 007,025,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\713647b987b140a17e3c4ffe4c721f85\System.Core.ni.dll
MOD - [2011-10-16 13:49:44 | 003,779,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\d17606e813f01376bd0def23726ecc62\WindowsBase.ni.dll
MOD - [2011-10-16 13:49:41 | 009,000,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\964da027ebca3b263a05cadb8eaa20a3\System.ni.dll
MOD - [2011-10-16 13:49:35 | 014,415,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\246f1a5abb686b9dcdf22d3505b08cea\mscorlib.ni.dll
MOD - [2011-10-15 00:54:26 | 000,265,536 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2010-12-06 11:00:08 | 000,164,008 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012-12-21 20:41:42 | 000,541,760 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012-12-13 14:05:25 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-12-10 17:29:46 | 002,465,712 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeInf Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012-12-07 13:44:30 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-10-10 12:24:19 | 002,309,656 | ---- | M] () [Auto | Running] -- C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe -- (Browser Manager)
SRV - [2012-07-13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-05-10 00:40:39 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012-05-10 00:40:38 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012-03-12 00:45:58 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011-10-26 20:26:46 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011-10-15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011-10-15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011-02-01 06:24:42 | 002,656,280 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011-02-01 06:24:40 | 000,326,168 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010-12-28 09:00:34 | 001,296,728 | ---- | M] (www.BitComet.com) [On_Demand | Stopped] -- C:\Program Files (x86)\BitComet\tools\BitCometService.exe -- (BITCOMET_HELPER_SERVICE)
SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2012-06-27 09:37:56 | 000,172,032 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssm_mdm.sys -- (ssm_mdm)
DRV:[b]64bit:[/b] - [2012-06-27 09:37:56 | 000,136,192 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssm_bus.sys -- (ssm_bus)
DRV:[b]64bit:[/b] - [2012-06-27 09:37:56 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssm_mdfl.sys -- (ssm_mdfl)
DRV:[b]64bit:[/b] - [2012-05-10 00:40:39 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:[b]64bit:[/b] - [2012-05-10 00:40:39 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:[b]64bit:[/b] - [2011-10-16 10:32:12 | 000,270,912 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:[b]64bit:[/b] - [2011-09-15 22:55:03 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:[b]64bit:[/b] - [2011-07-08 00:21:28 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:[b]64bit:[/b] - [2010-12-20 18:31:00 | 000,316,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress)
DRV:[b]64bit:[/b] - [2010-11-21 04:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2010-11-21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010-10-19 09:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009-03-18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:[b]64bit:[/b] - [2007-05-31 09:33:32 | 000,107,072 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\V0420Vid.sys -- (V0420VID)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1485770423-532772460-667618788-1000\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://search.babylon.com/?affID=110823&tt=120912_pcp_3812_7&babsrc=HP_ss&mntrId=a4c588cb000000000000e069953bb12a
IE - HKU\S-1-5-21-1485770423-532772460-667618788-1000\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = http://search.babylon.com/?affID=110823&tt=120912_pcp_3812_7&babsrc=HP_ss&mntrId=a4c588cb000000000000e069953bb12a
IE - HKU\S-1-5-21-1485770423-532772460-667618788-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=110823&tt=120912_pcp_3812_7&babsrc=HP_ss&mntrId=a4c588cb000000000000e069953bb12a
IE - HKU\S-1-5-21-1485770423-532772460-667618788-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-1485770423-532772460-667618788-1000\..\SearchScopes,BrowserMngrDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-1485770423-532772460-667618788-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-1485770423-532772460-667618788-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1485770423-532772460-667618788-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=110823&tt=120912_pcp_3812_7&babsrc=SP_ss&mntrId=a4c588cb000000000000e069953bb12a
IE - HKU\S-1-5-21-1485770423-532772460-667618788-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1485770423-532772460-667618788-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/?affID=110823&tt=120912_pcp_3812_7&babsrc=HP_ss&mntrId=a4c588cb000000000000e069953bb12a"
FF - prefs.js..extensions.enabledAddons: DivXWebPlayer%40divx.com:2.0.2.039
FF - prefs.js..extensions.enabledAddons: IplextoALL%40ALLPlayer.org:0.7.0
FF - prefs.js..extensions.enabledAddons: %7Bb64982b1-d112-42b5-b1e4-d3867c4533f8%7D:2.3.787.43
FF - prefs.js..extensions.enabledAddons: support%40mozilla.com:2.3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Search the web (Babylon)"


FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.110.0: C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.138.0: C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.140.0: C:\Program Files (x86)\Battlelog Web Plugins\1.140.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: C:\Program Files (x86)\Ganymede\Plugins\npganymedenet.dll ( )
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\3.0.40818.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-12-07 13:44:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-08-04 17:31:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\support@mozilla.com: C:\Users\Tobiaryna\AppData\Roaming\support@mozilla.com [2012-09-04 14:20:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension [2012-10-11 17:16:27 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-12-07 13:44:30 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-08-04 17:31:51 | 000,000,000 | ---D | M]

[2011-10-14 20:58:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tobiaryna\AppData\Roaming\mozilla\Extensions
[2012-10-24 18:30:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tobiaryna\AppData\Roaming\mozilla\Firefox\Profiles\c7opignd.default\extensions
[2012-02-21 18:40:28 | 000,550,833 | ---- | M] () (No name found) -- C:\Users\Tobiaryna\AppData\Roaming\mozilla\firefox\profiles\c7opignd.default\extensions\DivXWebPlayer@divx.com.xpi
[2011-11-01 22:47:45 | 000,010,043 | ---- | M] () (No name found) -- C:\Users\Tobiaryna\AppData\Roaming\mozilla\firefox\profiles\c7opignd.default\extensions\IplextoALL@ALLPlayer.org.xpi
[2012-05-05 20:38:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012-01-21 20:53:51 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012-10-11 17:16:27 | 000,000,000 | ---D | M] (Browser Manager) -- C:\PROGRAMDATA\BROWSER MANAGER\2.3.787.43\{16CDFF19-861D-48E3-A751-D99A27784753}\FIREFOXEXTENSION
[2012-09-04 14:20:51 | 000,000,000 | ---D | M] (Firefox Extension Manager) -- C:\USERS\TOBIARYNA\APPDATA\ROAMING\SUPPORT@MOZILLA.COM
[2012-12-07 13:44:30 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011-12-20 10:33:56 | 000,120,984 | ---- | M] ( ) -- C:\Program Files (x86)\mozilla firefox\plugins\npganymedenet.dll
[2011-09-29 01:52:42 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2012-09-24 00:46:27 | 000,002,360 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2011-09-29 01:52:42 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2011-09-29 01:52:42 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2011-09-29 01:52:42 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2011-09-29 01:52:42 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2011-09-29 01:52:42 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {2EECD738-5844-4a99-B4B6-146BF802613B} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~2\ALLPLA~1\Iplex\IPLEXT~1.DLL (ALLCinema Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [Virtual PDF Printer] C:\Program Files\Virtual PDF Printer\VirtualPDFPrinter.exe File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeInf Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [V0420Mon.exe] C:\Windows\V0420Mon.exe (Creative Technology Ltd.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1485770423-532772460-667618788-1000..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-1485770423-532772460-667618788-1000..\Run: [ALLUpdate] C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe ()
O4 - HKU\S-1-5-21-1485770423-532772460-667618788-1000..\Run: [ChomikBox] C:\Program Files (x86)\ChomikBox\chomikbox.exe File not found
O4 - HKU\S-1-5-21-1485770423-532772460-667618788-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1485770423-532772460-667618788-1000..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics)
O4 - HKU\S-1-5-21-1485770423-532772460-667618788-1000..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-21-1485770423-532772460-667618788-1000..\Run: [Oracle Java] C:\Windows\SysWow64\javaw.exe (Oracle Corporation)
O4 - HKU\S-1-5-21-1485770423-532772460-667618788-1000..\Run: [phx] C:\Users\Tobiaryna\AppData\Roaming\phx\lm32.exe ()
O4 - HKU\S-1-5-21-1485770423-532772460-667618788-1000..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc.)
O4 - HKU\S-1-5-21-1485770423-532772460-667618788-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-1485770423-532772460-667618788-1000..\Run: [syshost32] C:\Users\Tobiaryna\AppData\Local\{A2794852-2C07-35D7-BF79-59C89DDDB1CB}\syshost.exe File not found
O4 - HKU\S-1-5-21-1485770423-532772460-667618788-1001..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-1485770423-532772460-667618788-1000..\RunOnce: [CPUM] C:\Users\Tobiaryna\AppData\Roaming\cpum\conhost.exe ()
O4 - HKU\S-1-5-21-1485770423-532772460-667618788-1001..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Tobiaryna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Tobiaryna\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files (x86)\PokerStars.EU\PokerStarsUpdate.exe File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1485770423-532772460-667618788-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1485770423-532772460-667618788-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1485770423-532772460-667618788-1000\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1485770423-532772460-667618788-1000\..Trusted Domains: sony.com ([]* in Trusted sites)
O16:[b]64bit:[/b] - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{674B4E9A-639B-433D-9057-1026E3D57DC3}: DhcpNameServer = 192.168.1.1
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~3\browse~1\23787~1.43\{16cdf~1\browse~1.dll) - c:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll ()
O20 - AppInit_DLLs: (c:\progra~3\browse~1\22643~1.41\{16cdf~1\browse~1.dll) - File not found
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012-09-10 09:16:28 | 000,649,864 | ---- | M] (Sysinternals - www.sysinternals.com) - D:\autoruns.exe -- [ FAT32 ]
O32 - AutoRun File - [2012-09-10 09:16:28 | 000,567,944 | ---- | M] (Sysinternals - www.sysinternals.com) - D:\autorunsc.exe -- [ FAT32 ]
O32 - AutoRun File - [2011-11-05 13:52:32 | 000,049,648 | ---- | M] () - D:\autoruns.chm -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012-12-26 22:50:06 | 000,000,000 | -HSD | C] -- C:\found.000
[2012-12-26 21:18:57 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0
[2012-12-26 20:59:48 | 000,000,000 | ---D | C] -- C:\ssss
[2012-12-26 20:36:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ISO to USB
[2012-12-26 20:36:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ISO to USB
[2012-12-26 19:27:40 | 000,204,664 | ---- | C] (Корпорация Майкрософт) -- C:\Users\Tobiaryna\wgsdgsdgdsgsd.dll
[2012-12-13 12:15:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2012-12-13 12:15:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeInf Hamachi
[2012-12-11 13:48:40 | 000,000,000 | ---D | C] -- C:\Users\Tobiaryna\AppData\Local\Introversion
[2012-12-07 16:09:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
[2012-12-07 16:09:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GOG.com
[2012-12-07 14:16:03 | 000,000,000 | ---D | C] -- C:\Users\Tobiaryna\AppData\Roaming\Carbon
[2012-12-05 21:53:22 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
[2012-12-05 13:04:08 | 000,000,000 | ---D | C] -- C:\Users\Tobiaryna\AppData\Roaming\dist8
[2012-12-01 15:24:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Orbit
[2012-12-01 15:21:35 | 000,000,000 | ---D | C] -- C:\Users\Tobiaryna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
[2012-11-28 00:37:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
[2012-11-28 00:37:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\World of Warcraft
[2012-11-27 00:40:45 | 000,000,000 | ---D | C] -- C:\Users\Tobiaryna\AppData\Local\SCE
[2012-11-27 00:40:45 | 000,000,000 | ---D | C] -- C:\Crash
[2012-11-27 00:40:42 | 000,000,000 | ---D | C] -- C:\Users\Tobiaryna\AppData\Local\Sony Online Entertainment
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012-12-26 23:05:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-12-26 23:03:33 | 000,021,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-12-26 23:03:33 | 000,021,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-12-26 23:00:17 | 001,662,996 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-12-26 23:00:17 | 000,737,844 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2012-12-26 23:00:17 | 000,652,052 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-12-26 23:00:17 | 000,154,532 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2012-12-26 23:00:17 | 000,120,984 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-12-26 22:59:08 | 095,023,320 | ---- | M] () -- C:\ProgramData\dsgsdgdsgdsgw.pad
[2012-12-26 22:55:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-12-26 22:55:10 | 3204,292,608 | -HS- | M] () -- C:\hiberfil.sys
[2012-12-26 22:51:04 | 000,003,304 | ---- | M] () -- C:\bootsqm.dat
[2012-12-26 20:36:41 | 000,000,957 | ---- | M] () -- C:\Users\Public\Desktop\ISO to USB.lnk
[2012-12-26 19:27:42 | 000,002,959 | ---- | M] () -- C:\ProgramData\dsgsdgdsgdsgw.js
[2012-12-26 19:27:42 | 000,001,055 | ---- | M] () -- C:\Users\Tobiaryna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk
[2012-12-26 19:27:40 | 000,204,664 | ---- | M] (Корпорация Майкрософт) -- C:\Users\Tobiaryna\wgsdgsdgdsgsd.dll
[2012-12-26 18:13:07 | 000,281,688 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012-12-26 18:13:07 | 000,281,688 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012-12-26 17:30:40 | 000,281,688 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012-12-24 12:47:45 | 003,982,463 | ---- | M] () -- C:\Users\Tobiaryna\Desktop\awsd copy.jpg
[2012-12-24 12:46:14 | 003,919,375 | ---- | M] () -- C:\Users\Tobiaryna\Desktop\awsd.jpg
[2012-12-24 12:29:16 | 000,043,225 | ---- | M] () -- C:\Users\Tobiaryna\Desktop\nwa.jpg
[2012-12-24 11:33:10 | 000,001,056 | ---- | M] () -- C:\Users\Tobiaryna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012-12-24 11:32:56 | 000,001,032 | ---- | M] () -- C:\Users\Tobiaryna\Desktop\Dropbox.lnk
[2012-12-23 12:12:26 | 000,817,520 | ---- | M] () -- C:\Users\Tobiaryna\Desktop\Zdjęcie0051.jpg
[2012-12-23 12:12:24 | 000,809,496 | ---- | M] () -- C:\Users\Tobiaryna\Desktop\Zdjęcie0052.jpg
[2012-12-20 23:37:38 | 000,225,790 | ---- | M] () -- C:\Users\Tobiaryna\Desktop\wq.jpg
[2012-12-20 23:33:25 | 000,181,836 | ---- | M] () -- C:\Users\Tobiaryna\Desktop\Zdjęcie0045 cowpy.jpg
[2012-12-20 23:30:15 | 001,003,202 | ---- | M] () -- C:\Users\Tobiaryna\Desktop\Zdjęcie0045 copy.jpg
[2012-12-20 23:23:32 | 000,190,531 | ---- | M] () -- C:\Users\Tobiaryna\Desktop\2-26024.jpg
[2012-12-20 23:12:38 | 000,027,714 | ---- | M] () -- C:\Users\Tobiaryna\Desktop\$(KGrHqF,!l0E+F6w271IBPylt8tbZQ~~60_35.JPG
[2012-12-20 23:09:54 | 000,012,363 | ---- | M] () -- C:\Users\Tobiaryna\Desktop\new-eradisney-cheshire-cat-59fifty-fitt-407423l.jpg
[2012-12-20 23:03:56 | 000,670,422 | ---- | M] () -- C:\Users\Tobiaryna\Desktop\Zdjęcie0045.jpg
[2012-12-13 17:15:00 | 000,000,221 | ---- | M] () -- C:\Users\Tobiaryna\Desktop\Metro 2033.url
[2012-12-13 14:05:24 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012-12-13 14:05:24 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012-12-12 16:46:50 | 000,033,211 | ---- | M] () -- C:\Users\Tobiaryna\Desktop\str.rtf
[2012-12-12 16:43:03 | 000,573,580 | ---- | M] () -- C:\Users\Tobiaryna\Desktop\robak.rtf
[2012-12-07 16:09:29 | 000,002,103 | ---- | M] () -- C:\Users\Public\Desktop\Faster Than Light.lnk
[2012-12-07 14:14:32 | 000,000,222 | ---- | M] () -- C:\Users\Tobiaryna\Desktop\AirMech.url
[2012-12-05 22:13:18 | 000,114,067 | ---- | M] () -- C:\Users\Tobiaryna\Desktop\IMG_9882.jpg
[2012-12-01 18:24:44 | 000,001,683 | ---- | M] () -- C:\Users\Tobiaryna\Desktop\farcry3.exe.lnk
[2012-12-01 15:21:35 | 000,001,205 | ---- | M] () -- C:\Users\Tobiaryna\Desktop\Uplay.lnk
[2012-11-28 00:37:31 | 000,001,291 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-12-26 22:51:04 | 000,003,304 | ---- | C] () -- C:\bootsqm.dat
[2012-12-26 20:36:41 | 000,000,957 | ---- | C] () -- C:\Users\Public\Desktop\ISO to USB.lnk
[2012-12-26 19:27:42 | 000,002,959 | ---- | C] () -- C:\ProgramData\dsgsdgdsgdsgw.js
[2012-12-26 19:27:42 | 000,001,055 | ---- | C] () -- C:\Users\Tobiaryna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk
[2012-12-26 19:27:41 | 095,023,320 | ---- | C] () -- C:\ProgramData\dsgsdgdsgdsgw.pad
[2012-12-24 12:47:43 | 003,982,463 | ---- | C] () -- C:\Users\Tobiaryna\Desktop\awsd copy.jpg
[2012-12-24 12:38:20 | 003,919,375 | ---- | C] () -- C:\Users\Tobiaryna\Desktop\awsd.jpg
[2012-12-24 12:29:14 | 000,043,225 | ---- | C] () -- C:\Users\Tobiaryna\Desktop\nwa.jpg
[2012-12-24 12:13:47 | 000,817,520 | ---- | C] () -- C:\Users\Tobiaryna\Desktop\Zdjęcie0051.jpg
[2012-12-24 12:13:47 | 000,809,496 | ---- | C] () -- C:\Users\Tobiaryna\Desktop\Zdjęcie0052.jpg
[2012-12-20 23:37:37 | 000,225,790 | ---- | C] () -- C:\Users\Tobiaryna\Desktop\wq.jpg
[2012-12-20 23:33:25 | 000,181,836 | ---- | C] () -- C:\Users\Tobiaryna\Desktop\Zdjęcie0045 cowpy.jpg
[2012-12-20 23:30:14 | 001,003,202 | ---- | C] () -- C:\Users\Tobiaryna\Desktop\Zdjęcie0045 copy.jpg
[2012-12-20 23:23:31 | 000,190,531 | ---- | C] () -- C:\Users\Tobiaryna\Desktop\2-26024.jpg
[2012-12-20 23:12:37 | 000,027,714 | ---- | C] () -- C:\Users\Tobiaryna\Desktop\$(KGrHqF,!l0E+F6w271IBPylt8tbZQ~~60_35.JPG
[2012-12-20 23:09:51 | 000,012,363 | ---- | C] () -- C:\Users\Tobiaryna\Desktop\new-eradisney-cheshire-cat-59fifty-fitt-407423l.jpg
[2012-12-20 23:03:26 | 000,670,422 | ---- | C] () -- C:\Users\Tobiaryna\Desktop\Zdjęcie0045.jpg
[2012-12-13 17:15:00 | 000,000,221 | ---- | C] () -- C:\Users\Tobiaryna\Desktop\Metro 2033.url
[2012-12-12 16:46:50 | 000,033,211 | ---- | C] () -- C:\Users\Tobiaryna\Desktop\str.rtf
[2012-12-12 16:43:02 | 000,573,580 | ---- | C] () -- C:\Users\Tobiaryna\Desktop\robak.rtf
[2012-12-07 16:09:29 | 000,002,103 | ---- | C] () -- C:\Users\Public\Desktop\Faster Than Light.lnk
[2012-12-07 14:14:32 | 000,000,222 | ---- | C] () -- C:\Users\Tobiaryna\Desktop\AirMech.url
[2012-12-01 18:24:18 | 000,001,683 | ---- | C] () -- C:\Users\Tobiaryna\Desktop\farcry3.exe.lnk
[2012-12-01 15:21:35 | 000,001,205 | ---- | C] () -- C:\Users\Tobiaryna\Desktop\Uplay.lnk
[2012-11-28 00:37:26 | 000,001,291 | ---- | C] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2012-10-11 15:25:40 | 000,103,669 | ---- | C] () -- C:\Users\Tobiaryna\Obraz.jpeg
[2012-09-26 20:57:16 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012-09-26 20:57:14 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012-09-26 20:57:14 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012-09-26 20:57:14 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012-09-26 20:57:14 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2012-09-04 14:20:50 | 001,335,014 | ---- | C] () -- C:\Users\Tobiaryna\AppData\Roaming\sqlite.jar
[2012-07-18 12:29:21 | 000,007,597 | ---- | C] () -- C:\Users\Tobiaryna\AppData\Local\Resmon.ResmonCfg
[2012-07-05 19:18:41 | 000,000,040 | ---- | C] () -- C:\ProgramData\ra3.ini
[2012-04-30 16:21:55 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2012-03-24 20:00:44 | 000,281,688 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012-02-27 15:03:11 | 000,122,884 | ---- | C] () -- C:\Windows\UnGins.exe
[2011-11-01 00:19:34 | 000,644,608 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011-11-01 00:19:34 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll
[2011-10-20 16:32:43 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2011-10-16 13:51:20 | 001,637,518 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011-10-15 00:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011-10-14 21:28:20 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011-05-31 07:39:50 | 000,058,368 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2011-05-31 07:38:18 | 000,015,360 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
[2011-04-09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2010-11-21 04:23:55 | 014,174,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010-11-21 04:24:02 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== LOP Check ==========[/color]

[2012-01-07 17:28:08 | 000,000,000 | ---D | M] -- C:\Users\Tobiaryna\AppData\Roaming\.minecraft
[2011-11-04 11:12:32 | 000,000,000 | ---D | M] -- C:\Users\Tobiaryna\AppData\Roaming\AnvSoft
[2012-11-14 17:10:53 | 000,000,000 | ---D | M] -- C:\Users\Tobiaryna\AppData\Roaming\Audacity
[2012-09-24 00:46:22 | 000,000,000 | ---D | M] -- C:\Users\Tobiaryna\AppData\Roaming\Babylon
[2012-12-16 23:06:45 | 000,000,000 | ---D | M] -- C:\Users\Tobiaryna\AppData\Roaming\BitComet
[2012-12-07 14:16:03 | 000,000,000 | ---D | M] -- C:\Users\Tobiaryna\AppData\Roaming\Carbon
[2012-09-04 14:20:50 | 000,000,000 | ---D | M] -- C:\Users\Tobiaryna\AppData\Roaming\Chrome_manager
[2012-11-06 13:17:18 | 000,000,000 | ---D | M] -- C:\Users\Tobiaryna\AppData\Roaming\cpum
[2011-10-16 12:27:16 | 000,000,000 | ---D | M] -- C:\Users\Tobiaryna\AppData\Roaming\DAEMON Tools Lite
[2012-09-09 11:33:16 | 000,000,000 | ---D | M] -- C:\Users\Tobiaryna\AppData\Roaming\dist2
[2012-09-09 16:54:02 | 000,000,000 | ---D | M] -- C:\Users\Tobiaryna\AppData\Roaming\dist3
[2012-09-12 22:16:38 | 000,000,000 | ---D | M] -- C:\Users\Tobiaryna\AppData\Roaming\dist4
[2012-09-21 14:14:55 | 000,000,000 | ---D | M] -- C:\Users\Tobiaryna\AppData\Roaming\dist5
[2012-09-25 21:17:15 | 000,000,000 | ---D | M] -- C:\Users\Tobiaryna\AppData\Roaming\dist6
[2012-10-09 23:18:04 | 000,000,000 | ---D | M] -- C:\Users\Tobiaryna\AppData\Roaming\dist7
[2012-12-05 13:04:09 | 000,000,000 | ---D | M] -- C:\Users\Tobiaryna\AppData\Roaming\dist8
[2012-12-26 22:57:11 | 000,000,000 | ---D | M] -- C:\Users\Tobiaryna\AppData\Roaming\Dropbox
[2012-08-08 22:58:56 | 000,000,000 | ---D | M] -- C:\Users\Tobiaryna\AppData\Roaming\Empty Clip Studios
[2012-02-12 14:26:39 | 000,000,000 | ---D | M] -- C:\Users\Tobiaryna\AppData\Roaming\Gadu-Gadu 10
[2012-06-11 01:06:34 | 000,000,000 | ---D | M] -- C:\Users\Tobiaryna\AppData\Roaming\GanymedeNet
[2012-04-07 23:33:17 | 000,000,000 | ---D | M] -- C:\Users\Tobiaryna\AppData\Roaming\GG
[2011-10-27 01:09:21 | 000,000,000 | ---D | M] -- C:\Users\Tobiaryna\AppData\Roaming\Hive Cluster
[2012-07-02 23:22:41 | 000,000,000 | ---D | M] -- C:\Users\Tobiaryna\AppData\Roaming\IGC
[2012-05-16 09:52:20 | 000,000,000 | ---D | M] -- C:\Users\Tobiaryna\AppData\Roaming\Kalypso Media
[2011-11-05 16:24:44 | 000,000,000 | ---D | M] -- C:\Users\Tobiaryna\AppData\Roaming\LolClient
[2012-05-29 20:18:45 | 000,000,000 | ---D | M] -- C:\Users\Tobiaryna\AppData\Roaming\LolClient2
[2011-10-17 10:05:57 | 000,000,000 | ---D | M] -- C:\Users\Tobiaryna\AppData\Roaming\Mount&Blade Warband
[2012-05-22 01:37:41 | 000,000,000 | ---D | M] -- C:\Users\Tobiaryna\AppData\Roaming\NapiProjekt
[2012-02-03 15:24:00 | 000,000,000 | ---D | M] -- C:\Users\Tobiaryna\AppData\Roaming\OpenFM
[2012-08-17 15:12:51 | 000,000,000 | ---D | M] -- C:\Users\Tobiaryna\AppData\Roaming\Origin
[2012-09-05 20:49:29 | 000,000,000 | ---D | M] -- C:\Users\Tobiaryna\AppData\Roaming\phx
[2011-10-14 21:28:18 | 000,000,000 | ---D | M] -- C:\Users\Tobiaryna\AppData\Roaming\PunkBuster
[2011-10-30 02:15:46 | 000,000,000 | ---D | M] -- C:\Users\Tobiaryna\AppData\Roaming\Red Alert 3
[2012-02-25 00:32:33 | 000,000,000 | ---D | M] -- C:\Users\Tobiaryna\AppData\Roaming\RotMG.Production
[2012-07-05 23:32:48 | 000,000,000 | ---D | M] -- C:\Users\Tobiaryna\AppData\Roaming\Rovio
[2012-12-05 21:53:22 | 000,000,000 | ---D | M] -- C:\Users\Tobiaryna\AppData\Roaming\Samsung
[2012-11-06 14:56:59 | 000,000,000 | ---D | M] -- C:\Users\Tobiaryna\AppData\Roaming\SplitMediaLabs
[2012-09-04 14:20:51 | 000,000,000 | ---D | M] -- C:\Users\Tobiaryna\AppData\Roaming\support@mozilla.com
[2012-01-02 16:36:41 | 000,000,000 | ---D | M] -- C:\Users\Tobiaryna\AppData\Roaming\Trine2
[2011-12-16 23:20:47 | 000,000,000 | ---D | M] -- C:\Users\Tobiaryna\AppData\Roaming\TS3Client
[2011-10-14 23:24:34 | 000,000,000 | ---D | M] -- C:\Users\Tobiaryna\AppData\Roaming\Ubisoft
[2012-10-08 03:27:05 | 000,000,000 | ---D | M] -- C:\Users\Tobiaryna\AppData\Roaming\Unity

[color=#E56717]========== Purity Check ==========[/color]



< End of report >[/log]



[color=#000080][b]Screen[/b][/color]


http://img820.imageshack.us/img820/566/screentyp.jpg

Gość
komentarz
komentarz

To trojan ja też go miałem próbowałem skanować komputer nodem comodo kaspersky żaden go nie zdołał usunąć jak Ci się nie uruchamia po starcie systemu to go zostaw on nie jest szkodliwy
jak będzie Ci się pojawiał znowu ściąg CCleaner i zablokuj go w procesach (ctfmon.exe) u mnie taki jest u Ciebie może być inny

smenkare
komentarz
komentarz

zablokowalem go w msconfig, nie uruchamia sie. Wiem jednak ze mozna go na stale usunac z komputera i wolalbym to zrobic

Natsuki Kuga
komentarz
komentarz

Odinstaluj [b]Babylon[/b], następnie do OTL wklej:
[code]
:Processes
killallprocesses

:OTL
IE - HKU\S-1-5-21-1485770423-532772460-667618788-1000\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://search.babylo...000e069953bb12a
IE - HKU\S-1-5-21-1485770423-532772460-667618788-1000\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = http://search.babylo...000e069953bb12a
IE - HKU\S-1-5-21-1485770423-532772460-667618788-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylo...000e069953bb12a
IE - HKU\S-1-5-21-1485770423-532772460-667618788-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...000e069953bb12a
FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/?affID=110823&tt=120912_pcp_3812_7&babsrc=HP_ss&mntrId=a4c588cb000000000000e069953bb12a"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Search the web (Babylon)"
[2012-09-24 00:46:27 | 000,002,360 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
O2 - BHO: (no name) - {2EECD738-5844-4a99-B4B6-146BF802613B} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No CLSID value found.
O4 - HKU\S-1-5-21-1485770423-532772460-667618788-1000..\Run: [phx] C:\Users\Tobiaryna\AppData\Roaming\phx\lm32.exe ()
O4 - HKU\S-1-5-21-1485770423-532772460-667618788-1000..\Run: [syshost32] C:\Users\Tobiaryna\AppData\Local\{A2794852-2C07-35D7-BF79-59C89DDDB1CB}\syshost.exe File not found
O4 - HKU\S-1-5-21-1485770423-532772460-667618788-1000..\RunOnce: [CPUM] C:\Users\Tobiaryna\AppData\Roaming\cpum\conhost.exe ()

:Files
C:\Users\Tobiaryna\wgsdgsdgdsgsd.dll
C:\ProgramData\dsgsdgdsgdsgw.js
C:\Users\Tobiaryna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk
C:\Users\Tobiaryna\AppData\Roaming\phx
C:\Users\Tobiaryna\AppData\Roaming\cpum

:Commands
[emptytemp]
[emptyflash]
[Reboot]
[/code]
[b]Wykonaj skrypt,[/b] pokaż raport.

Uruchom OTL ponownie i wklej:
[code]
C:\ssss\*.*
C:\Users\Tobiaryna\AppData\Roaming
C:\Users\Tobiaryna
[/code]
[b]Skanuj,[/b] pokaż log.

[code]
C:\Users\Tobiaryna\Desktop\$(KGrHqF,!l0E+F6w271IBPylt8tbZQ~~60_35.JPG
[/code]
Czy to Twój plik?

Po wykonaniu wszystkiego zobacz, czy tryb awaryjny działa.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.