marcin4444 utworzono 10 stycznia 2009 utworzono 10 stycznia 2009 Witam Moglibyście mi powiedzieć co usunąć z tego wpisu hi jack ? Logfile of Trend Micro HijackThis v2.0.2Scan saved at 19:41:29, on 2009-01-10Platform: Windows Vista SP1 (WinNT 6.00.1905)MSIE: Internet Explorer v7.00 (7.00.6001.18000)Boot mode: NormalRunning processes:C:\Windows\system32\Dwm.exeC:\Windows\system32\taskeng.exeC:\Windows\Explorer.EXEC:\Program Files\Windows Defender\MSASCui.exeC:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exeC:\Program Files\Grisoft\AVG7\avgcc.exeC:\Windows\RtHDVCpl.exeC:\Windows\System32\wpcumi.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Windows\System32\p2phost.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Windows\system32\wbem\unsecapp.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\taskeng.exeC:\Program Files\cFosSpeed\cfosspeed.exeC:\Windows\system32\taskeng.exeD:\Program Files\BearShare\BearShare.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\taskeng.exeD:\PROGRAMY\mozilla\firefox.exeC:\Windows\system32\taskeng.exeD:\PROGRAMY\DAP\DAP.EXEC:\Windows\system32\taskeng.exeC:\Windows\system32\taskeng.exeC:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exeC:\Windows\system32\conime.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\taskeng.exeD:\My Downloads\HiJackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.entretieneteds.vze.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dllR3 - URLSearchHook: gossiper Toolbar - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - C:\Program Files\gossiper\tbgoss.dllR3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO1 - Hosts: ::1 localhostO2 - BHO: (no name) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - (no file)O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dllO2 - BHO: gossiper Toolbar - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - C:\Program Files\gossiper\tbgoss.dllO2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dllO2 - BHO: speed-bit Toolbar - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - C:\Program Files\speed-bit\tbspe0.dllO2 - BHO: (no name) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - (no file)O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dllO2 - BHO: (no name) - {DDFA1356-E6ED-42a5-9D62-93211D424A90} - (no file)O2 - BHO: (no name) - {E8DF67A1-B618-4F3F-9E7C-CBE175ADEF5B} - (no file)O3 - Toolbar: speed-bit Toolbar - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - C:\Program Files\speed-bit\tbspe0.dllO3 - Toolbar: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - (no file)O3 - Toolbar: (no name) - {37B85A29-692B-4205-9CAD-2626E4993404} - (no file)O3 - Toolbar: gossiper Toolbar - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - C:\Program Files\gossiper\tbgoss.dllO3 - Toolbar: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - (no file)O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dllO3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dllO3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hideO4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -bootO4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUPO4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exeO4 - HKLM\..\Run: [TkBellExe] "realsched.exe" -osbootO4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exeO4 - HKLM\..\Run: [cFosSpeed] C:\Program Files\cFosSpeed\cFosSpeed.exeO4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRunO4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -sO4 - HKCU\..\Run: [DownloadAccelerator] "D:\PROGRAMY\DAP\DAP.EXE" /STARTUPO4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO8 - Extra context menu item: &Clean Traces - D:\PROGRAMY\DAP\Privacy Package\dapcleanerie.htmO8 - Extra context menu item: &Download FLV by WinAVI... - D:\PROGRAMY\win2\flv_link.htmO8 - Extra context menu item: &Download with &DAP - D:\PROGRAMY\DAP\dapextie.htmO8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...html?p=ZKfox000O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.htmlO8 - Extra context menu item: Download &all with DAP - D:\PROGRAMY\DAP\dapextie2.htmO8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dllO9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dllO9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLLO9 - Extra button: WinAVI FLV Manager - {DE365254-2F9B-4908-9E3A-7AAA6EC90BCC} - (no file)O9 - Extra 'Tools' menuitem: WinAVI FLV Manager - {DE365254-2F9B-4908-9E3A-7AAA6EC90BCC} - (no file)O9 - Extra button: Wybierz kierunek tłumaczenia - {CCCE5D70-9AA2-40F1-9C6B-12A255F08500} - D:\PROGRAMY\TRANSLATICA\Translatica Integration\bin\win\int\browser\iepolengextension.dll (HKCU)O9 - Extra 'Tools' menuitem: Wybierz kierunek tłumaczenia - {CCCE5D70-9AA2-40F1-9C6B-12A255F08500} - D:\PROGRAMY\TRANSLATICA\Translatica Integration\bin\win\int\browser\iepolengextension.dll (HKCU)O9 - Extra button: Tłumacz - {CCCE5D71-9AA2-40F1-9C6B-12A255F08500} - D:\PROGRAMY\TRANSLATICA\Translatica Integration\bin\win\int\browser\iepolengextension.dll (HKCU)O9 - Extra 'Tools' menuitem: Tłumacz - {CCCE5D71-9AA2-40F1-9C6B-12A255F08500} - D:\PROGRAMY\TRANSLATICA\Translatica Integration\bin\win\int\browser\iepolengextension.dll (HKCU)O9 - Extra button: Zachowaj przetłumaczoną stronę - {CCCE5D72-9AA2-40F1-9C6B-12A255F08500} - D:\PROGRAMY\TRANSLATICA\Translatica Integration\bin\win\int\browser\iepolengextension.dll (HKCU)O9 - Extra 'Tools' menuitem: Zachowaj przetłumaczoną stronę - {CCCE5D72-9AA2-40F1-9C6B-12A255F08500} - D:\PROGRAMY\TRANSLATICA\Translatica Integration\bin\win\int\browser\iepolengextension.dll (HKCU)O9 - Extra button: Opcje - {CCCE5D73-9AA2-40F1-9C6B-12A255F08500} - D:\PROGRAMY\TRANSLATICA\Translatica Integration\bin\win\int\browser\iepolengextension.dll (HKCU)O9 - Extra 'Tools' menuitem: Opcje - {CCCE5D73-9AA2-40F1-9C6B-12A255F08500} - D:\PROGRAMY\TRANSLATICA\Translatica Integration\bin\win\int\browser\iepolengextension.dll (HKCU)O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dllO10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dllO10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dllO10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dllO10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dllO10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dllO10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dllO10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dllO10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dllO13 - Gopher Prefix: O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dllO16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jin...indows-i586.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cabO20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dllO23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exeO23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exeO23 - Service: Urządzenie mobilne Apple (Apple Mobile Device) - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeO23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exeO23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exeO23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exeO23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exeO23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exeO23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Program Files\cFosSpeed\spd.exeO23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exeO23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXEO23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXEO23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwssvc.exeO23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exeO23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe--End of file - 12135 bytes
Mateusz J. komentarz 11 stycznia 2009 komentarz 11 stycznia 2009 Proszę wykonać log z ComboFix, a następnie nowy z HijackThis. Oba pokazujesz na forum.
marcin4444 komentarz 12 stycznia 2009 Autor komentarz 12 stycznia 2009 No więc zrobiłem tak jak poradziłeś oto log z hi jack'a Logfile of Trend Micro HijackThis v2.0.2Scan saved at 14:38:13, on 2009-01-12Platform: Windows Vista SP1 (WinNT 6.00.1905)MSIE: Internet Explorer v7.00 (7.00.6001.18000)Boot mode: NormalRunning processes:C:\Windows\system32\Dwm.exeC:\Windows\system32\taskeng.exeC:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exeC:\Program Files\Grisoft\AVG7\avgcc.exeC:\Windows\RtHDVCpl.exeC:\Program Files\cFosSpeed\cfosspeed.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Windows\System32\p2phost.exeD:\PROGRAMY\DAP\DAP.exeC:\Program Files\Tlen.pl\tlen.exeC:\Windows\system32\wbem\unsecapp.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Windows\system32\taskeng.exeC:\Windows\Explorer.exeC:\Windows\system32\taskeng.exeD:\My Downloads\HiJackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.entretieneteds.vze.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dllR3 - URLSearchHook: gossiper Toolbar - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - C:\Program Files\gossiper\tbgoss.dllR3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dllO2 - BHO: gossiper Toolbar - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - C:\Program Files\gossiper\tbgoss.dllO2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dllO2 - BHO: speed-bit Toolbar - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - C:\Program Files\speed-bit\tbspe0.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dllO2 - BHO: (no name) - {E8DF67A1-B618-4F3F-9E7C-CBE175ADEF5B} - (no file)O3 - Toolbar: speed-bit Toolbar - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - C:\Program Files\speed-bit\tbspe0.dllO3 - Toolbar: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - (no file)O3 - Toolbar: (no name) - {37B85A29-692B-4205-9CAD-2626E4993404} - (no file)O3 - Toolbar: gossiper Toolbar - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - C:\Program Files\gossiper\tbgoss.dllO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dllO3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dllO3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -bootO4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUPO4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exeO4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exeO4 - HKLM\..\Run: [cFosSpeed] C:\Program Files\cFosSpeed\cFosSpeed.exeO4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRunO4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -sO4 - HKCU\..\Run: [DownloadAccelerator] "D:\PROGRAMY\DAP\DAP.EXE" /STARTUPO4 - HKCU\..\Run: [Komunikator] C:\Program Files\Tlen.pl\tlen.exeO4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')O8 - Extra context menu item: &Clean Traces - D:\PROGRAMY\DAP\Privacy Package\dapcleanerie.htmO8 - Extra context menu item: &Download FLV by WinAVI... - D:\PROGRAMY\win2\flv_link.htmO8 - Extra context menu item: &Download with &DAP - D:\PROGRAMY\DAP\dapextie.htmO8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...html?p=ZKfox000O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.htmlO8 - Extra context menu item: Download &all with DAP - D:\PROGRAMY\DAP\dapextie2.htmO8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dllO9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dllO9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLLO9 - Extra button: WinAVI FLV Manager - {DE365254-2F9B-4908-9E3A-7AAA6EC90BCC} - (no file)O9 - Extra 'Tools' menuitem: WinAVI FLV Manager - {DE365254-2F9B-4908-9E3A-7AAA6EC90BCC} - (no file)O9 - Extra button: Wybierz kierunek tłumaczenia - {CCCE5D70-9AA2-40F1-9C6B-12A255F08500} - D:\PROGRAMY\TRANSLATICA\Translatica Integration\bin\win\int\browser\iepolengextension.dll (HKCU)O9 - Extra 'Tools' menuitem: Wybierz kierunek tłumaczenia - {CCCE5D70-9AA2-40F1-9C6B-12A255F08500} - D:\PROGRAMY\TRANSLATICA\Translatica Integration\bin\win\int\browser\iepolengextension.dll (HKCU)O9 - Extra button: Tłumacz - {CCCE5D71-9AA2-40F1-9C6B-12A255F08500} - D:\PROGRAMY\TRANSLATICA\Translatica Integration\bin\win\int\browser\iepolengextension.dll (HKCU)O9 - Extra 'Tools' menuitem: Tłumacz - {CCCE5D71-9AA2-40F1-9C6B-12A255F08500} - D:\PROGRAMY\TRANSLATICA\Translatica Integration\bin\win\int\browser\iepolengextension.dll (HKCU)O9 - Extra button: Zachowaj przetłumaczoną stronę - {CCCE5D72-9AA2-40F1-9C6B-12A255F08500} - D:\PROGRAMY\TRANSLATICA\Translatica Integration\bin\win\int\browser\iepolengextension.dll (HKCU)O9 - Extra 'Tools' menuitem: Zachowaj przetłumaczoną stronę - {CCCE5D72-9AA2-40F1-9C6B-12A255F08500} - D:\PROGRAMY\TRANSLATICA\Translatica Integration\bin\win\int\browser\iepolengextension.dll (HKCU)O9 - Extra button: Opcje - {CCCE5D73-9AA2-40F1-9C6B-12A255F08500} - D:\PROGRAMY\TRANSLATICA\Translatica Integration\bin\win\int\browser\iepolengextension.dll (HKCU)O9 - Extra 'Tools' menuitem: Opcje - {CCCE5D73-9AA2-40F1-9C6B-12A255F08500} - D:\PROGRAMY\TRANSLATICA\Translatica Integration\bin\win\int\browser\iepolengextension.dll (HKCU)O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dllO10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dllO10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dllO10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dllO10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dllO10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dllO10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dllO10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dllO10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dllO13 - Gopher Prefix: O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dllO16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jin...indows-i586.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cabO20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dllO23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exeO23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exeO23 - Service: Urządzenie mobilne Apple (Apple Mobile Device) - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeO23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exeO23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exeO23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exeO23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exeO23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exeO23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Program Files\cFosSpeed\spd.exeO23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exeO23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXEO23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXEO23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exeO23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe--End of file - 10311 bytes a to log z tego programu ComboFix 09-01-11.03 - marcin 2009-01-12 14:24:39.1 - NTFSx86Microsoft? Windows Vista? Home Basic 6.0.6001.1.1250.1.1045.18.3071.2026 [GMT 1:00]Uruchomiony z: d:\my downloads\ComboFix.exeAV: AVG 7.5.552 *On-access scanning disabled* (Outdated) * Utworzono nowy punkt przywracania.((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))).c:\program files\MyWebSearchc:\program files\MyWebSearch\bar\2.bin\MWSSVC.EXEc:\program files\ShoppingReportc:\users\Administrator\AppData\Roaming\urlredir.cfgc:\users\Juzer\AppData\Roaming\urlredir.cfgc:\users\marcin\AppData\Roaming\urlredir.cfgc:\windows\system32\DcadsSocial-uninstall.exec:\windows\system32\mysidesearch_sidebar_uninstall.exe.((((((((((((((((((((((((((((((((((((((( Sterowniki/Usługi ))))))))))))))))))))))))))))))))))))))))))))))))).-------\Service_MyWebSearchService((((((((((((((((((((((((( Pliki utworzone od 2008-12-12 do 2009-01-12 ))))))))))))))))))))))))))))))).2009-01-08 15:54 . 2009-01-08 15:55 151,056 --a------ c:\users\marcin\cc_20090108_155439.reg2009-01-08 15:52 . 2009-01-08 15:52 <DIR> d-------- c:\program files\Yahoo!2008-12-27 18:21 . 2008-06-25 10:33 732,376 -ra------ c:\windows\System32\drivers\cfosspeed.sys2008-12-27 18:20 . 2009-01-12 14:29 <DIR> d-------- c:\program files\cFosSpeed2008-12-27 18:20 . 2008-06-25 10:33 290,008 --a------ c:\windows\System32\cfosspeed.dll2008-12-25 14:12 . 2008-12-25 14:12 <DIR> d-------- c:\program files\VistaCodecPack2008-12-24 18:40 . 2008-12-24 18:40 <DIR> d-------- c:\users\marcin\AppData\Roaming\AceBIT2008-12-24 18:40 . 2008-01-30 11:05 629,584 --a------ c:\windows\System32\acebitaw.dll2008-12-24 18:40 . 2008-01-31 16:38 185,344 --a------ c:\windows\System32\pwd_shell.dll2008-12-24 15:53 . 2008-12-24 15:53 <DIR> d-------- c:\program files\Wyzo2008-12-23 20:01 . 2008-12-23 20:01 <DIR> d-------- c:\users\marcin\AppData\Roaming\PCF-VLC2008-12-23 19:59 . 2008-12-23 19:59 <DIR> d-------- c:\users\marcin\AppData\Roaming\Participatory Culture Foundation2008-12-23 19:58 . 2008-12-23 19:58 <DIR> d-------- c:\program files\Participatory Culture Foundation2008-12-23 19:53 . 2008-12-24 10:42 45 --a------ c:\windows\System32\initdebug.nfo2008-12-22 12:55 . 2008-12-22 12:56 <DIR> d-------- c:\program files\valve2008-12-16 21:14 . 2008-12-16 21:14 <DIR> d-------- c:\program files\Counter-Strike Source.(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))).2009-01-12 13:18 --------- d---a-w c:\programdata\TEMP2009-01-09 13:46 --------- d-----w c:\users\marcin\AppData\Roaming\AVG72009-01-08 16:05 --------- d-----w c:\users\marcin\AppData\Roaming\Tlen.pl2009-01-08 14:56 --------- d--h--w c:\program files\InstallShield Installation Information2009-01-04 12:24 --------- d-----w c:\users\marcin\AppData\Roaming\uTorrent2009-01-01 10:15 717,296 ----a-w c:\windows\system32\drivers\sptd.sys2008-12-28 15:01 183,112 ----a-w c:\windows\System32\PnkBstrB.exe2008-12-28 15:01 138,184 ----a-w c:\windows\system32\drivers\PnkBstrK.sys2008-12-25 13:11 --------- d-----w c:\programdata\VistaCodecs2008-12-23 19:10 --------- d-----w c:\users\marcin\AppData\Roaming\Desktopicon2008-12-22 19:57 --------- d-----w c:\programdata\Codemasters2008-12-21 17:54 --------- d-----w c:\programdata\CanonIJPLM2008-12-12 09:15 --------- d-----w c:\program files\Windows Mail2008-12-11 20:03 --------- d-----w c:\programdata\Microsoft Help2008-12-09 18:52 --------- d-----w c:\users\Administrator\AppData\Roaming\AVG72008-12-08 12:49 --------- d-----w c:\users\Administrator\AppData\Roaming\Nowe Gadu-Gadu2008-12-08 12:48 --------- d-----w c:\users\Administrator\AppData\Roaming\PeerNetworking2008-12-08 12:48 --------- d-----w c:\users\Administrator\AppData\Roaming\DAEMON Tools2008-12-07 12:08 795,648 ----a-w c:\windows\System32\xvidcore.dll2008-12-07 12:08 130,048 ----a-w c:\windows\System32\xvidvfw.dll2008-12-03 20:49 --------- dc-h--w c:\programdata\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}2008-12-03 20:49 --------- d-----w c:\program files\Uniblue2008-12-02 15:15 66,872 ----a-w c:\windows\System32\PnkBstrA.exe2008-12-02 15:00 --------- d-----w c:\program files\Electronic Arts2008-12-02 14:59 1,582 ----a-w c:\windows\System32\ealregsnapshot1.reg2008-12-02 14:58 --------- d-----w c:\users\marcin\AppData\Roaming\Leadertech2008-11-29 17:46 --------- d-----w c:\program files\Ascentive2008-11-28 18:14 --------- d-----w c:\program files\Tlen.pl2008-11-26 15:29 --------- d-----w c:\programdata\NVIDIA2008-11-24 14:32 57,344 ----a-w c:\windows\System32\ff_vfw.dll2008-11-24 14:09 --------- d-----w c:\program files\Dialer Killer2008-11-20 19:55 --------- d-----w c:\users\marcin\AppData\Roaming\Nowe Gadu-Gadu2008-11-01 03:44 541,696 ----a-w c:\windows\AppPatch\AcLayers.dll2008-11-01 03:44 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll2008-11-01 03:44 460,288 ----a-w c:\windows\AppPatch\AcSpecfc.dll2008-11-01 03:44 28,672 ----a-w c:\windows\System32\Apphlpdm.dll2008-11-01 03:44 2,154,496 ----a-w c:\windows\AppPatch\AcGenral.dll2008-11-01 03:44 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll2008-11-01 01:21 4,240,384 ----a-w c:\windows\System32\GameUXLegacyGDFs.dll2008-10-29 06:29 2,927,104 ----a-w c:\windows\explorer.exe2008-10-22 05:47 995,328 ----a-w c:\windows\System32\VSFilter.dll2008-10-22 03:57 241,152 ----a-w c:\windows\System32\PortableDeviceApi.dll2008-10-22 01:22 2,048 ----a-w c:\windows\System32\tzres.dll2008-10-21 05:25 296,960 ----a-w c:\windows\System32\gdi32.dll2008-10-21 05:25 1,645,568 ----a-w c:\windows\System32\connect.dll2008-10-16 21:13 1,809,944 ----a-w c:\windows\System32\wuaueng.dll2008-10-16 21:12 561,688 ----a-w c:\windows\System32\wuapi.dll2008-10-16 21:09 51,224 ----a-w c:\windows\System32\wuauclt.exe2008-10-16 21:09 43,544 ----a-w c:\windows\System32\wups2.dll2008-10-16 21:08 34,328 ----a-w c:\windows\System32\wups.dll2008-10-16 20:56 1,524,736 ----a-w c:\windows\System32\wucltux.dll2008-10-16 20:55 83,456 ----a-w c:\windows\System32\wudriver.dll2008-10-16 13:08 162,064 ----a-w c:\windows\System32\wuwebv.dll2008-10-16 12:56 31,232 ----a-w c:\windows\System32\wuapp.exe2008-10-16 04:47 827,392 ----a-w c:\windows\System32\wininet.dll2008-07-21 09:01 56 ---ha-w c:\users\All Users\ezsidmv.dat2008-07-21 09:01 56 ---ha-w c:\programdata\ezsidmv.dat2008-05-09 14:55 174 --sha-w c:\program files\desktop.ini.((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))..*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]"{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "c:\program files\Winamp Toolbar\winamptb.dll" [2008-07-16 1266992]"{0a452a47-c5a8-4854-a237-4b9b06b376f0}"= "c:\program files\gossiper\tbgoss.dll" [2008-02-28 1470488][HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}][HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1][HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}][HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch][HKEY_CLASSES_ROOT\clsid\{0a452a47-c5a8-4854-a237-4b9b06b376f0}][HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0a452a47-c5a8-4854-a237-4b9b06b376f0}]2008-02-28 14:59 1470488 --a------ c:\program files\gossiper\tbgoss.dll[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2ba521ac-b9b9-4433-ba45-dba2f02cba5a}]2007-07-31 16:33 1391640 --a------ c:\program files\speed-bit\tbspe0.dll[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]"{2ba521ac-b9b9-4433-ba45-dba2f02cba5a}"= "c:\program files\speed-bit\tbspe0.dll" [2007-07-31 1391640]"{0a452a47-c5a8-4854-a237-4b9b06b376f0}"= "c:\program files\gossiper\tbgoss.dll" [2008-02-28 1470488][HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]"{0A452A47-C5A8-4854-A237-4B9B06B376F0}"= "c:\program files\gossiper\tbgoss.dll" [2008-02-28 1470488][HKEY_CLASSES_ROOT\clsid\{0a452a47-c5a8-4854-a237-4b9b06b376f0}][HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]"CollaborationHost"="c:\windows\system32\p2phost.exe" [2008-01-19 192000]"DownloadAccelerator"="d:\programy\DAP\DAP.EXE" [2008-09-16 3061248]"Komunikator"="c:\program files\Tlen.pl\tlen.exe" [2008-11-28 5837800][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]"AVG7_CC"="c:\progra~1\Grisoft\AVG7\avgcc.exe" [2008-10-17 590848]"WPCUMI"="c:\windows\system32\WpcUmi.exe" [2006-11-02 176128]"cFosSpeed"="c:\program files\cFosSpeed\cFosSpeed.exe" [2008-06-25 867544]"RtHDVCpl"="RtHDVCpl.exe" [2007-07-06 c:\windows\RtHDVCpl.exe][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"AVG7_Run"="c:\progra~1\Grisoft\AVG7\avgw.exe" [2008-02-19 219136][HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"EnableUIADesktopToggle"= 0 (0x0)[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgwlntf]2008-02-19 11:47 9216 c:\windows\System32\avgwlntf.dll[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]"msacm.divxa32"= divxa32.acm[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]BootExecute REG_MULTI_SZ autocheck autochk *\[u]0[/u]autocheck lsdelete[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]--a------ 2008-01-11 22:16 39792 d:\programy\Adobe\Reader\reader_sl.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]--a------ 2007-04-03 17:50 1603152 c:\program files\Canon\MyPrinter\BJMYPRT.EXE[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]--a------ 2007-04-03 17:00 644696 c:\program files\Canon\SolutionMenu\CNSLMAIN.EXE[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DialerKiller]--a------ 2008-08-08 14:53 253952 c:\program files\Dialer Killer\DialKill.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DownloadAccelerator]--a------ 2008-09-16 16:23 3061248 d:\programy\DAP\DAP.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Komunikator]--a------ 2008-11-28 11:48 5837800 c:\program files\Tlen.pl\tlen.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]--a------ 2008-09-17 23:55 13580832 c:\windows\System32\nvcpl.dll[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]--a------ 2008-09-17 23:55 92704 c:\windows\System32\nvmctray.dll[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]--a------ 2006-09-01 14:57 282624 d:\program\Qujck time\qttask.exe[HKEY_LOCAL_MACHINE\software\microsoft\security center]"UacDisableNotify"=dword:00000001"InternetSettingsDisableNotify"=dword:00000001"AutoUpdateDisableNotify"=dword:00000001[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]"UDP Query User{B07BA7CD-9FD8-46EB-A858-0FB1DBC32F33}d:\\programy\\alftp\\alftp.exe"= TCP:d:\programy\alftp\alftp.exe:ALFTP"TCP Query User{1B5F73CE-FE35-45ED-B607-7981BCEB16D5}d:\\programy\\alftp\\alftp.exe"= UDP:d:\programy\alftp\alftp.exe:ALFTP"{4513F004-731E-494C-9D01-9B370F8B0EA7}"= TCP:d:\programy\DAP\DAP.exe:Download Accelerator Plus (DAP)"{8E6CAE1D-D4A2-41B5-9F4D-F613AAAF1CCD}"= UDP:d:\programy\DAP\DAP.exe:Download Accelerator Plus (DAP)"UDP Query User{4585F5A6-FAB4-4545-9961-3794CB5C1B34}d:\\programy\\tlen.pl\\tlen.exe"= TCP:d:\programy\tlen.pl\tlen.exe:Komunikator Tlen.pl"TCP Query User{E362EA4F-866D-4B85-9E0D-36F952C98CAD}d:\\programy\\tlen.pl\\tlen.exe"= UDP:d:\programy\tlen.pl\tlen.exe:Komunikator Tlen.pl"UDP Query User{516AC6F9-93F2-4736-A408-EFC7D6BB3125}d:\\programy\\gadu-gadu\\gg.exe"= TCP:d:\programy\gadu-gadu\gg.exe:Gadu-Gadu - program główny"TCP Query User{72539A53-57D9-4E82-B865-DBF1A433EBFB}d:\\programy\\gadu-gadu\\gg.exe"= UDP:d:\programy\gadu-gadu\gg.exe:Gadu-Gadu - program główny"UDP Query User{A172375F-7D3D-454D-8F4F-69BC8597CC30}d:\\gry\\cstrike\\hl.exe"= TCP:d:\gry\cstrike\hl.exe:Half-Life Launcher"TCP Query User{89AE8A4A-F49B-4756-BE8A-935FAAAB7F00}d:\\gry\\cstrike\\hl.exe"= UDP:d:\gry\cstrike\hl.exe:Half-Life Launcher"UDP Query User{699BA533-4D93-4093-B70E-45B69AEE9214}k:\\counter strike + half life\\hltv.exe"= TCP:k:\counter strike + half life\hltv.exe:HLTV Launcher"TCP Query User{6C6D2B34-8ADF-4148-A625-DD3C9B0372C4}k:\\counter strike + half life\\hltv.exe"= UDP:k:\counter strike + half life\hltv.exe:HLTV Launcher"UDP Query User{9035821D-A8B1-45C7-B79E-9BE1E9BA3AEE}d:\\gry\\cstrike\\counter strike + half life\\hl.exe"= TCP:d:\gry\cstrike\counter strike + half life\hl.exe:Half-Life Launcher"TCP Query User{4F347E94-872B-4FC1-A377-2C36125A5BAF}d:\\gry\\cstrike\\counter strike + half life\\hl.exe"= UDP:d:\gry\cstrike\counter strike + half life\hl.exe:Half-Life Launcher"UDP Query User{0703E9CB-282D-4232-B0F0-596FDEE901BC}k:\\counter strike + half life\\hl.exe"= TCP:k:\counter strike + half life\hl.exe:Half-Life Launcher"TCP Query User{0B856B97-13C4-46B9-98F2-8BDCDADD4C63}k:\\counter strike + half life\\hl.exe"= UDP:k:\counter strike + half life\hl.exe:Half-Life Launcher"UDP Query User{B6CD681D-D105-446D-8818-66C9E69DC548}d:\\gry\\motogp2 demo\\motogp2_demo.exe"= TCP:d:\gry\motogp2 demo\motogp2_demo.exe:motogp2_demo"TCP Query User{01BA323A-D46F-4BAC-ACB4-02F081A2764C}d:\\gry\\motogp2 demo\\motogp2_demo.exe"= UDP:d:\gry\motogp2 demo\motogp2_demo.exe:motogp2_demo"UDP Query User{AEA11A7F-059A-44B2-9DCE-7241BDBDE3DF}d:\\gry\\nfs\\speed2.exe"= TCP:d:\gry\nfs\speed2.exe:speed2"TCP Query User{A62CAD4B-ED5E-4E40-AE78-3FE542154600}d:\\gry\\nfs\\speed2.exe"= UDP:d:\gry\nfs\speed2.exe:speed2"{D99735F7-9299-4CBD-9C19-184B84098FBD}"= d:\programy\Cyber link\PowerDirector\PDR.EXE:CyberLink PowerDirector"UDP Query User{84A8DE8E-39C0-4D6F-8C6E-AC677D824A41}d:\\gry\\soldat\\soldat\\soldat.exe"= TCP:d:\gry\soldat\soldat\soldat.exe:Soldat"TCP Query User{73077D15-962D-4DCA-A75E-B12E653AF12B}d:\\gry\\soldat\\soldat\\soldat.exe"= UDP:d:\gry\soldat\soldat\soldat.exe:Soldat"{80391830-27F9-470C-A3E2-45F60510339D}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote"{56C266B3-F8DA-4BA1-9036-D17DA85DCCAB}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote"TCP Query User{6AAAB044-D4FC-47E7-9F25-FFCEBEA3032B}d:\\gry\\cstrike\\hltv.exe"= UDP:d:\gry\cstrike\hltv.exe:HLTV Launcher"UDP Query User{9C13C2DC-826E-489D-A694-C12BC71809B1}d:\\gry\\cstrike\\hltv.exe"= TCP:d:\gry\cstrike\hltv.exe:HLTV Launcher"{2E8CD0FB-C950-40AA-807D-246B7D0E24FD}"= UDP:d:\gry\ProjectTorque\ProjectTorque.bin:Project Torque"{4CE4F166-8064-480F-B104-AFE8097CA900}"= TCP:d:\gry\ProjectTorque\ProjectTorque.bin:Project Torque"{297EBE50-5BE7-43C8-A764-834055876B99}"= UDP:c:\program files\Winamp Remote\bin\Orb.exe:Orb"{4357882B-468F-4667-BD0E-1B4BE888F18F}"= TCP:c:\program files\Winamp Remote\bin\Orb.exe:Orb"{38934DB6-1BC8-46B3-89F2-25B3A3903C1C}"= UDP:c:\program files\Winamp Remote\bin\OrbTray.exe:OrbTray"{ABCAE1C7-A962-4CBF-8D60-E9F5651E8D12}"= TCP:c:\program files\Winamp Remote\bin\OrbTray.exe:OrbTray"{401E22E3-0CAB-4D18-B28D-B89FB5753B2B}"= UDP:c:\program files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client"{AB2F4EA7-5AAC-4CB4-91E3-BB8B0BAED32F}"= TCP:c:\program files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client"TCP Query User{7666AB28-FE3E-47EF-9B00-C91F2796AB20}d:\\gry\\heroes\\bin\\h5_game.exe"= UDP:d:\gry\heroes\bin\h5_game.exe:Heroes of Might and Magic V"UDP Query User{B87F3C2E-BA97-4B7C-9918-FD51D9BACA2B}d:\\gry\\heroes\\bin\\h5_game.exe"= TCP:d:\gry\heroes\bin\h5_game.exe:Heroes of Might and Magic V"TCP Query User{17C404EF-241E-49B7-A069-A75CB3D7CD36}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:uTorrent"UDP Query User{CE988B27-EA32-4588-AEE4-CE06B37E22E4}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:uTorrent"TCP Query User{CA8E0FBB-17D1-4D55-B6DD-837810706231}d:\\programy\\god\\god.exe"= UDP:d:\programy\god\god.exe:GoD"UDP Query User{D3BA49CD-A978-48A2-A973-B8D26C1E2E7D}d:\\programy\\god\\god.exe"= TCP:d:\programy\god\god.exe:GoD"TCP Query User{AFB13679-9963-431A-AF49-45ACF5BED076}d:\\program files\\bearshare applications\\bearshare\\bearshare.exe"= Disabled:UDP:d:\program files\bearshare applications\bearshare\bearshare.exe:BearShare"UDP Query User{F0245233-C36E-431B-927D-8978DFD25D3C}d:\\program files\\bearshare applications\\bearshare\\bearshare.exe"= Disabled:TCP:d:\program files\bearshare applications\bearshare\bearshare.exe:BearShare"TCP Query User{9BB59820-C419-4447-9E21-67A9948D09CA}d:\\programy\\bearshare\\bearshare.exe"= Disabled:UDP:d:\programy\bearshare\bearshare.exe:BearShare"UDP Query User{8E479763-3E8B-48D7-9E48-0C6A595F1656}d:\\programy\\bearshare\\bearshare.exe"= Disabled:TCP:d:\programy\bearshare\bearshare.exe:BearShare"TCP Query User{4B309800-3EA4-4995-A2D0-1C1663CD5E44}d:\\programy\\bear share\\bearshare.exe"= Disabled:UDP:d:\programy\bear share\bearshare.exe:BearShare"UDP Query User{DA400437-FB80-4903-A819-80BF237DA402}d:\\programy\\bear share\\bearshare.exe"= Disabled:TCP:d:\programy\bear share\bearshare.exe:BearShare"TCP Query User{6AB199AA-F69D-4C6E-954E-70403EC46B96}d:\\program files\\bearshare\\bearshare.exe"= Disabled:UDP:d:\program files\bearshare\bearshare.exe:BearShare"UDP Query User{4410D32E-FDED-4BF8-9FFA-528882301882}d:\\program files\\bearshare\\bearshare.exe"= Disabled:TCP:d:\program files\bearshare\bearshare.exe:BearShare"TCP Query User{70478482-A186-497A-B508-DA07E76BAD49}c:\\program files\\bearshare\\bearshare.exe"= Disabled:UDP:c:\program files\bearshare\bearshare.exe:BearShare"UDP Query User{25BEAF83-7FEA-4D62-850B-752BCDA31F97}c:\\program files\\bearshare\\bearshare.exe"= Disabled:TCP:c:\program files\bearshare\bearshare.exe:BearShare"TCP Query User{B7C72E56-F5F9-4EE7-9B03-628D80345252}c:\\users\\marcin\\appdata\\local\\temp\\mrt37e1.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrt37e1.tmp\stdrt.exe:stdrt.exe"UDP Query User{EE65ED32-412E-4121-8AFC-A59C09D6E3B2}c:\\users\\marcin\\appdata\\local\\temp\\mrt37e1.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrt37e1.tmp\stdrt.exe:stdrt.exe"TCP Query User{9347C799-FE94-450E-B741-5159C1CFDC92}c:\\users\\marcin\\appdata\\local\\temp\\mrtc69b.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrtc69b.tmp\stdrt.exe:stdrt.exe"UDP Query User{BF4862A6-8B18-44AC-BA3A-783B02DA8CB1}c:\\users\\marcin\\appdata\\local\\temp\\mrtc69b.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrtc69b.tmp\stdrt.exe:stdrt.exe"TCP Query User{2C58F71B-B0AB-4B1F-97C5-CB6A6C732D73}c:\\users\\marcin\\appdata\\local\\temp\\mrt200f.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrt200f.tmp\stdrt.exe:stdrt.exe"UDP Query User{79427826-C444-4F18-8475-53F96636B358}c:\\users\\marcin\\appdata\\local\\temp\\mrt200f.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrt200f.tmp\stdrt.exe:stdrt.exe"TCP Query User{7BC8A1B9-E1C1-452C-AFBE-4AB3D7000D73}c:\\users\\marcin\\appdata\\local\\temp\\mrt7e35.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrt7e35.tmp\stdrt.exe:stdrt.exe"UDP Query User{BF519AD2-F977-4CA2-94D0-449EE600B162}c:\\users\\marcin\\appdata\\local\\temp\\mrt7e35.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrt7e35.tmp\stdrt.exe:stdrt.exe"TCP Query User{0E47DCAF-3F9C-4186-8EB1-A73C6E74C2D2}c:\\users\\marcin\\appdata\\local\\temp\\mrtb7bb.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrtb7bb.tmp\stdrt.exe:stdrt.exe"UDP Query User{38C81162-2B77-4A99-BF82-1B8E8F75F7EB}c:\\users\\marcin\\appdata\\local\\temp\\mrtb7bb.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrtb7bb.tmp\stdrt.exe:stdrt.exe"TCP Query User{18DBF418-0AC4-48C0-BA0A-0F87259226FF}c:\\users\\marcin\\appdata\\local\\temp\\mrt1c17.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrt1c17.tmp\stdrt.exe:stdrt.exe"UDP Query User{16751027-A447-457A-BAA2-F21683E6EE28}c:\\users\\marcin\\appdata\\local\\temp\\mrt1c17.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrt1c17.tmp\stdrt.exe:stdrt.exe"TCP Query User{EA78AA91-A20A-4F23-9846-5253DB68FBF6}c:\\users\\marcin\\appdata\\local\\temp\\mrtafed.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrtafed.tmp\stdrt.exe:stdrt.exe"UDP Query User{DD4E45A2-BF58-4D62-AA33-C7430DCEB697}c:\\users\\marcin\\appdata\\local\\temp\\mrtafed.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrtafed.tmp\stdrt.exe:stdrt.exe"TCP Query User{9B58DA7C-CADE-440E-92AD-3EE6DEA11BD1}c:\\users\\marcin\\appdata\\local\\temp\\mrt1a72.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrt1a72.tmp\stdrt.exe:stdrt.exe"UDP Query User{8A9091F5-F65C-482E-AAC0-51C3B97F5128}c:\\users\\marcin\\appdata\\local\\temp\\mrt1a72.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrt1a72.tmp\stdrt.exe:stdrt.exe"TCP Query User{70877359-43A0-4798-8C8F-86A2B26F66C8}c:\\users\\marcin\\appdata\\local\\temp\\mrt4124.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrt4124.tmp\stdrt.exe:stdrt.exe"UDP Query User{33B44BC4-A604-4726-B4AF-2D5802870EF0}c:\\users\\marcin\\appdata\\local\\temp\\mrt4124.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrt4124.tmp\stdrt.exe:stdrt.exe"TCP Query User{A7775C0F-5393-45CD-BF33-82C4EA38FB1F}c:\\users\\marcin\\appdata\\local\\temp\\mrtfd90.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrtfd90.tmp\stdrt.exe:stdrt.exe"UDP Query User{204170E5-62CF-40B6-86FE-CA35671AC62F}c:\\users\\marcin\\appdata\\local\\temp\\mrtfd90.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrtfd90.tmp\stdrt.exe:stdrt.exe"TCP Query User{81AF50A1-CD7B-4B0B-BFD5-4E4B61E5D665}c:\\users\\marcin\\appdata\\local\\temp\\mrt8ec7.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrt8ec7.tmp\stdrt.exe:stdrt.exe"UDP Query User{F85E178C-4A4E-40C8-9438-FA4048065827}c:\\users\\marcin\\appdata\\local\\temp\\mrt8ec7.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrt8ec7.tmp\stdrt.exe:stdrt.exe"TCP Query User{E272A712-5CA9-4E3E-BBAC-89F85BB84CDF}c:\\users\\marcin\\appdata\\local\\temp\\mrt3321.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrt3321.tmp\stdrt.exe:stdrt.exe"UDP Query User{C45A7854-0FE5-4AEB-BC9A-59372960169F}c:\\users\\marcin\\appdata\\local\\temp\\mrt3321.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrt3321.tmp\stdrt.exe:stdrt.exe"TCP Query User{618603EC-6437-41C8-97C4-9C54B35F79A2}c:\\users\\marcin\\appdata\\local\\temp\\mrtc7f1.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrtc7f1.tmp\stdrt.exe:stdrt.exe"UDP Query User{6E1C56C1-7CB7-4B02-BD86-502B17870728}c:\\users\\marcin\\appdata\\local\\temp\\mrtc7f1.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrtc7f1.tmp\stdrt.exe:stdrt.exe"TCP Query User{0C30248B-650A-429C-86E9-76372D8BC2A1}c:\\users\\marcin\\appdata\\local\\temp\\mrtb922.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrtb922.tmp\stdrt.exe:stdrt.exe"UDP Query User{A0B076A9-FCB1-41F9-B64E-6BDB932E2817}c:\\users\\marcin\\appdata\\local\\temp\\mrtb922.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrtb922.tmp\stdrt.exe:stdrt.exe"TCP Query User{0CBB810C-CCF3-4EDF-AA65-B1BD58D16467}c:\\users\\marcin\\appdata\\local\\temp\\mrtb55a.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrtb55a.tmp\stdrt.exe:stdrt.exe"UDP Query User{CAECAC37-070C-4AFA-9DEF-853043DCC046}c:\\users\\marcin\\appdata\\local\\temp\\mrtb55a.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrtb55a.tmp\stdrt.exe:stdrt.exe"TCP Query User{DEAA625A-AACD-4331-8EBC-485011D3FBAC}c:\\users\\marcin\\appdata\\local\\temp\\mrt112f.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrt112f.tmp\stdrt.exe:stdrt.exe"UDP Query User{C63ED888-AE91-4B62-BCBB-CFA00D01480F}c:\\users\\marcin\\appdata\\local\\temp\\mrt112f.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrt112f.tmp\stdrt.exe:stdrt.exe"TCP Query User{494F5EA6-FD94-40B2-84D6-071146862B5C}c:\\users\\marcin\\appdata\\local\\temp\\mrtbde2.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrtbde2.tmp\stdrt.exe:stdrt.exe"UDP Query User{8D1466BF-76CF-4AA2-990D-4B5C10F522A9}c:\\users\\marcin\\appdata\\local\\temp\\mrtbde2.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrtbde2.tmp\stdrt.exe:stdrt.exe"TCP Query User{2B6330CB-7183-4310-8CAF-8945AB9C183F}c:\\users\\marcin\\appdata\\local\\temp\\mrtcc34.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrtcc34.tmp\stdrt.exe:stdrt.exe"UDP Query User{E9485E00-4D6F-4E40-B150-30E2948BCB72}c:\\users\\marcin\\appdata\\local\\temp\\mrtcc34.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrtcc34.tmp\stdrt.exe:stdrt.exe"TCP Query User{C343A889-5FD0-4BB7-9CE9-A7D8354AE5A3}c:\\users\\marcin\\appdata\\local\\temp\\mrtbc6b.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrtbc6b.tmp\stdrt.exe:stdrt.exe"UDP Query User{2017242D-0BE5-4169-A91D-C1FFDB5A9129}c:\\users\\marcin\\appdata\\local\\temp\\mrtbc6b.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrtbc6b.tmp\stdrt.exe:stdrt.exe"TCP Query User{6EB6D8F2-93A0-401F-B500-2222A598FF68}c:\\users\\marcin\\appdata\\local\\temp\\mrtfc67.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrtfc67.tmp\stdrt.exe:stdrt.exe"UDP Query User{74819E55-ADA3-4CC4-B2B0-73BFC3BCED0F}c:\\users\\marcin\\appdata\\local\\temp\\mrtfc67.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrtfc67.tmp\stdrt.exe:stdrt.exe"TCP Query User{A3FD1B6A-936B-49E9-B8D7-1D7F638A1991}c:\\users\\marcin\\appdata\\local\\temp\\mrt26f0.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrt26f0.tmp\stdrt.exe:stdrt.exe"UDP Query User{5555194D-BE57-489C-A5E6-079E0BBF378F}c:\\users\\marcin\\appdata\\local\\temp\\mrt26f0.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrt26f0.tmp\stdrt.exe:stdrt.exe"TCP Query User{39ACE1E5-882F-41E9-97F6-7CD8C5D1D97D}c:\\users\\marcin\\appdata\\local\\temp\\mrtf90d.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrtf90d.tmp\stdrt.exe:stdrt.exe"UDP Query User{54DFB20C-3D5E-43AE-AB56-708187DEB522}c:\\users\\marcin\\appdata\\local\\temp\\mrtf90d.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrtf90d.tmp\stdrt.exe:stdrt.exe"TCP Query User{DB4D7CD6-8D27-4158-B397-0E64A8AF7F5E}c:\\users\\marcin\\appdata\\local\\temp\\mrt6d33.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrt6d33.tmp\stdrt.exe:stdrt.exe"UDP Query User{3C47D822-541E-4A14-91C2-16A507C7CDD9}c:\\users\\marcin\\appdata\\local\\temp\\mrt6d33.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrt6d33.tmp\stdrt.exe:stdrt.exe"TCP Query User{47F58026-31F4-451B-9935-A6ABE870FD5F}c:\\users\\marcin\\appdata\\local\\temp\\mrt9e80.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrt9e80.tmp\stdrt.exe:stdrt.exe"UDP Query User{3B8979BA-5DBF-46F8-9A3C-F05D7CA808F3}c:\\users\\marcin\\appdata\\local\\temp\\mrt9e80.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrt9e80.tmp\stdrt.exe:stdrt.exe"TCP Query User{71A003BE-50AC-413A-B10D-7648D7D6834D}c:\\users\\marcin\\appdata\\local\\temp\\mrt339f.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrt339f.tmp\stdrt.exe:stdrt.exe"UDP Query User{6C95EE80-CA3C-40AA-ACDB-3E2E0220EA96}c:\\users\\marcin\\appdata\\local\\temp\\mrt339f.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrt339f.tmp\stdrt.exe:stdrt.exe"TCP Query User{85FE7E11-416C-4505-8CC8-57F8689D05FC}c:\\users\\marcin\\appdata\\local\\temp\\mrtb125.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrtb125.tmp\stdrt.exe:stdrt.exe"UDP Query User{99F0DD46-7B6D-4359-9518-B667B1236D7F}c:\\users\\marcin\\appdata\\local\\temp\\mrtb125.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrtb125.tmp\stdrt.exe:stdrt.exe"TCP Query User{BCCC0FAC-E603-4BB5-AA31-91F74C46B611}c:\\users\\marcin\\appdata\\local\\temp\\mrt1c4.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrt1c4.tmp\stdrt.exe:stdrt.exe"UDP Query User{8F453242-DC94-4D07-ADFF-39A8FDC3DB4F}c:\\users\\marcin\\appdata\\local\\temp\\mrt1c4.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrt1c4.tmp\stdrt.exe:stdrt.exe"TCP Query User{DD098A4F-9435-41C4-AA47-B670CCD186EB}c:\\users\\marcin\\appdata\\local\\temp\\mrt5715.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrt5715.tmp\stdrt.exe:stdrt.exe"UDP Query User{9D290758-E20A-477F-813E-16A7A40E0D5B}c:\\users\\marcin\\appdata\\local\\temp\\mrt5715.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrt5715.tmp\stdrt.exe:stdrt.exe"TCP Query User{6CF3ED86-986F-4F78-8BB0-1982AB7BA629}c:\\users\\marcin\\appdata\\local\\temp\\mrt207c.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrt207c.tmp\stdrt.exe:stdrt.exe"UDP Query User{577EB880-C629-4E27-9E43-585A1309FFB0}c:\\users\\marcin\\appdata\\local\\temp\\mrt207c.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrt207c.tmp\stdrt.exe:stdrt.exe"TCP Query User{7E603143-D52D-4FCB-9401-CEA4C63055AD}c:\\users\\marcin\\appdata\\local\\temp\\mrtc505.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrtc505.tmp\stdrt.exe:stdrt.exe"UDP Query User{697D297B-F8A9-460D-AFF7-98B8F294DACE}c:\\users\\marcin\\appdata\\local\\temp\\mrtc505.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrtc505.tmp\stdrt.exe:stdrt.exe"TCP Query User{0C1C5B57-B170-4180-AEDB-B1F617E3AAE3}c:\\users\\marcin\\appdata\\local\\temp\\mrtc2e3.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrtc2e3.tmp\stdrt.exe:stdrt.exe"UDP Query User{7689ADEE-1CD6-41EF-932D-FA358B7D4A65}c:\\users\\marcin\\appdata\\local\\temp\\mrtc2e3.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrtc2e3.tmp\stdrt.exe:stdrt.exe"TCP Query User{E433C3C7-0893-4B5E-93B0-28C58282BC48}c:\\users\\marcin\\appdata\\local\\temp\\mrt1248.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrt1248.tmp\stdrt.exe:stdrt.exe"UDP Query User{6B26CA7F-17A7-4D2F-8FA0-A75188E87702}c:\\users\\marcin\\appdata\\local\\temp\\mrt1248.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrt1248.tmp\stdrt.exe:stdrt.exe"TCP Query User{7666411C-7230-4DA0-895D-C2F10F29888D}c:\\users\\marcin\\appdata\\local\\temp\\mrt3dca.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrt3dca.tmp\stdrt.exe:stdrt.exe"UDP Query User{ABCCDC94-5624-4C1D-AA07-B259F7792CDF}c:\\users\\marcin\\appdata\\local\\temp\\mrt3dca.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrt3dca.tmp\stdrt.exe:stdrt.exe"TCP Query User{FA6D4EE3-BE5B-4855-B1F0-2760001E7988}c:\\users\\marcin\\appdata\\local\\temp\\mrt9ebe.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrt9ebe.tmp\stdrt.exe:stdrt.exe"UDP Query User{1A41471C-BCFB-46BB-AB0C-4DDB55471B36}c:\\users\\marcin\\appdata\\local\\temp\\mrt9ebe.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrt9ebe.tmp\stdrt.exe:stdrt.exe"TCP Query User{783128B0-8C5A-4314-B38F-36D80A998441}c:\\users\\marcin\\appdata\\local\\temp\\mrt55bd.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrt55bd.tmp\stdrt.exe:stdrt.exe"UDP Query User{B011F4A7-05F0-40C9-BB86-6549C8D5EB0A}c:\\users\\marcin\\appdata\\local\\temp\\mrt55bd.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrt55bd.tmp\stdrt.exe:stdrt.exe"TCP Query User{FA4ACA3D-65CF-4D77-BD63-07990336A0AA}c:\\users\\marcin\\appdata\\local\\temp\\mrt7b28.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrt7b28.tmp\stdrt.exe:stdrt.exe"UDP Query User{10DE584F-E950-420E-9833-B435B9B75B74}c:\\users\\marcin\\appdata\\local\\temp\\mrt7b28.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrt7b28.tmp\stdrt.exe:stdrt.exe"TCP Query User{224004F7-FAFE-4CF5-8DCF-3FEA781CEFE0}c:\\users\\marcin\\appdata\\local\\temp\\mrt5e93.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrt5e93.tmp\stdrt.exe:stdrt.exe"UDP Query User{614021E2-ABEB-4318-AA14-AD2D3DE91327}c:\\users\\marcin\\appdata\\local\\temp\\mrt5e93.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrt5e93.tmp\stdrt.exe:stdrt.exe"TCP Query User{528AEE6E-30C6-4FB2-974C-06F49DE50385}c:\\users\\marcin\\appdata\\local\\temp\\mrte9e1.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrte9e1.tmp\stdrt.exe:stdrt.exe"UDP Query User{1D4BE1F6-6535-4B14-A4EA-420A13A1FF60}c:\\users\\marcin\\appdata\\local\\temp\\mrte9e1.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrte9e1.tmp\stdrt.exe:stdrt.exe"TCP Query User{E464FE64-B2D5-405A-BC42-E145A0049B3B}c:\\users\\marcin\\appdata\\local\\temp\\mrtf382.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrtf382.tmp\stdrt.exe:stdrt.exe"UDP Query User{DBBAEB46-519E-4E3F-812D-4ECFBD22245B}c:\\users\\marcin\\appdata\\local\\temp\\mrtf382.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrtf382.tmp\stdrt.exe:stdrt.exe"TCP Query User{1ED81692-EFF8-4408-8E8C-D2E62A527F88}c:\\users\\marcin\\appdata\\local\\temp\\mrt1361.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrt1361.tmp\stdrt.exe:stdrt.exe"UDP Query User{8B5E75FC-55B3-4038-A79D-EA03523762C9}c:\\users\\marcin\\appdata\\local\\temp\\mrt1361.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrt1361.tmp\stdrt.exe:stdrt.exe"TCP Query User{3A7813E8-6112-44F2-96A2-FF5E098EA8C7}c:\\users\\marcin\\appdata\\local\\temp\\mrtcc73.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrtcc73.tmp\stdrt.exe:stdrt.exe"UDP Query User{7DDD883B-F5B3-41AF-BDE2-2D6C7008DF58}c:\\users\\marcin\\appdata\\local\\temp\\mrtcc73.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrtcc73.tmp\stdrt.exe:stdrt.exe"TCP Query User{563D527A-C592-4E13-8D61-EB608A6E8CD0}c:\\users\\marcin\\appdata\\local\\temp\\mrtb72e.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrtb72e.tmp\stdrt.exe:stdrt.exe"UDP Query User{0CB858C0-2AEE-418E-AD48-65DB6527B821}c:\\users\\marcin\\appdata\\local\\temp\\mrtb72e.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrtb72e.tmp\stdrt.exe:stdrt.exe"TCP Query User{ED771CDE-B12C-4AFF-A847-43735EF30854}c:\\users\\marcin\\appdata\\local\\temp\\mrtad9d.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrtad9d.tmp\stdrt.exe:stdrt.exe"UDP Query User{CA3A20A4-D0DF-4B7A-AF4F-BC5B79616939}c:\\users\\marcin\\appdata\\local\\temp\\mrtad9d.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrtad9d.tmp\stdrt.exe:stdrt.exe"TCP Query User{5CDF927D-6CD5-4C96-A382-0449CCD74838}c:\\users\\marcin\\appdata\\local\\temp\\mrta939.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrta939.tmp\stdrt.exe:stdrt.exe"UDP Query User{56A66B64-0DD2-47CC-830F-C37FFF71455F}c:\\users\\marcin\\appdata\\local\\temp\\mrta939.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrta939.tmp\stdrt.exe:stdrt.exe"TCP Query User{936F1FBD-0072-44B2-A9EC-5941865E2774}c:\\users\\marcin\\appdata\\local\\temp\\mrt3ed5.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrt3ed5.tmp\stdrt.exe:stdrt.exe"UDP Query User{02E00649-7AB3-4E01-A989-31E41F63CAFB}c:\\users\\marcin\\appdata\\local\\temp\\mrt3ed5.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrt3ed5.tmp\stdrt.exe:stdrt.exe"TCP Query User{30293E22-943F-4D1A-8D24-ACDAE132F544}c:\\users\\marcin\\appdata\\local\\temp\\mrtfe1d.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrtfe1d.tmp\stdrt.exe:stdrt.exe"UDP Query User{B4E2F801-5E06-4F68-A32B-46C155B7CF3A}c:\\users\\marcin\\appdata\\local\\temp\\mrtfe1d.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrtfe1d.tmp\stdrt.exe:stdrt.exe"TCP Query User{9962EAAC-224A-4CFB-BE43-0338EF5F9678}c:\\users\\marcin\\appdata\\local\\temp\\mrtb106.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrtb106.tmp\stdrt.exe:stdrt.exe"UDP Query User{3A146EA1-CCB3-4AD2-A60A-3BA8C5668707}c:\\users\\marcin\\appdata\\local\\temp\\mrtb106.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrtb106.tmp\stdrt.exe:stdrt.exe"TCP Query User{0DCF4F82-48E8-46BA-92B8-D0B998FE0A21}c:\\users\\marcin\\appdata\\local\\temp\\mrt927f.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrt927f.tmp\stdrt.exe:stdrt.exe"UDP Query User{7C72AB29-F74E-49BB-885D-EFD88E2AA6C2}c:\\users\\marcin\\appdata\\local\\temp\\mrt927f.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrt927f.tmp\stdrt.exe:stdrt.exe"TCP Query User{3249B6DD-C5A9-4F35-92A0-F50E6AA120FB}d:\\nowy folder (3)\\grid\\grid.exe"= UDP:d:\nowy folder (3)\grid\grid.exe:GRID Executable"UDP Query User{53DE4D92-4E66-4777-9939-938247335C66}d:\\nowy folder (3)\\grid\\grid.exe"= TCP:d:\nowy folder (3)\grid\grid.exe:GRID Executable"TCP Query User{346D0D9F-D577-431B-B40B-B4E2A42D040C}c:\\users\\marcin\\appdata\\local\\temp\\mrtfe6b.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrtfe6b.tmp\stdrt.exe:stdrt.exe"UDP Query User{A63E2F8B-6C5E-4B0A-940D-F3EE2AAAB04E}c:\\users\\marcin\\appdata\\local\\temp\\mrtfe6b.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrtfe6b.tmp\stdrt.exe:stdrt.exe"TCP Query User{51CC6351-69FB-46B3-9EC0-313BD4D54C31}c:\\users\\marcin\\appdata\\local\\temp\\mrt224f.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrt224f.tmp\stdrt.exe:stdrt.exe"UDP Query User{F153FD7A-C432-4385-9482-D64DADB93DD2}c:\\users\\marcin\\appdata\\local\\temp\\mrt224f.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrt224f.tmp\stdrt.exe:stdrt.exe"TCP Query User{7BB5CDC8-F078-4A2A-B406-AC2B9BC4D691}d:\\programy\\wyzo\\wyzo.exe"= UDP:d:\programy\wyzo\wyzo.exe:Wyzo"UDP Query User{35A4D9A7-BC4E-4F7A-B839-FC664DF06953}d:\\programy\\wyzo\\wyzo.exe"= TCP:d:\programy\wyzo\wyzo.exe:Wyzo"TCP Query User{4764BAD7-64F6-4491-B1E3-EC2E755E8AA3}c:\\users\\marcin\\appdata\\local\\temp\\mrt6f46.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrt6f46.tmp\stdrt.exe:stdrt.exe"UDP Query User{B2EB52D1-1E61-4A68-BD19-8FD66A569A80}c:\\users\\marcin\\appdata\\local\\temp\\mrt6f46.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrt6f46.tmp\stdrt.exe:stdrt.exe"TCP Query User{EE16D700-C4F0-41E2-B841-05F16A044533}c:\\users\\marcin\\appdata\\local\\temp\\mrtfbec.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrtfbec.tmp\stdrt.exe:stdrt.exe"UDP Query User{40E1B6C5-CC3D-4AD9-9AE6-F782DCABDD6E}c:\\users\\marcin\\appdata\\local\\temp\\mrtfbec.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrtfbec.tmp\stdrt.exe:stdrt.exe"TCP Query User{E6279784-54C3-4AC0-8183-6B256BCD621C}c:\\users\\marcin\\appdata\\local\\temp\\mrt6882.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrt6882.tmp\stdrt.exe:stdrt.exe"UDP Query User{A1DB8B76-681F-4606-8B48-ABBB99633A85}c:\\users\\marcin\\appdata\\local\\temp\\mrt6882.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrt6882.tmp\stdrt.exe:stdrt.exe"TCP Query User{E2FCD25B-BBA9-40FD-9A44-B429377F9F94}c:\\users\\marcin\\appdata\\local\\temp\\mrt5dc8.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrt5dc8.tmp\stdrt.exe:stdrt.exe"UDP Query User{C5C37ED5-01DE-4544-B372-6B4FDC40FA3D}c:\\users\\marcin\\appdata\\local\\temp\\mrt5dc8.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrt5dc8.tmp\stdrt.exe:stdrt.exe"TCP Query User{286AC934-570E-4BCD-A4A0-1213BC8A8023}c:\\users\\marcin\\appdata\\local\\temp\\mrt3afd.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrt3afd.tmp\stdrt.exe:stdrt.exe"UDP Query User{DAE34305-5F37-46EF-A634-89112825BF05}c:\\users\\marcin\\appdata\\local\\temp\\mrt3afd.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrt3afd.tmp\stdrt.exe:stdrt.exe"TCP Query User{124B499C-4F9D-4249-97B9-EFF6333DE380}d:\\gry\\tmnationsforever\\tmforever.exe"= UDP:d:\gry\tmnationsforever\tmforever.exe:TmForever"UDP Query User{3E1450D6-9572-4F35-8083-E6E3FA89B8F4}d:\\gry\\tmnationsforever\\tmforever.exe"= TCP:d:\gry\tmnationsforever\tmforever.exe:TmForever"TCP Query User{80F9F656-E334-4C0E-A538-047A526BE849}d:\\programy\\gadu-gadu\\nowe gadu-gadu\\gg.exe"= UDP:d:\programy\gadu-gadu\nowe gadu-gadu\gg.exe:Nowe Gadu-Gadu beta"UDP Query User{E4627CD1-B467-4624-9D48-F8729FAE6D8F}d:\\programy\\gadu-gadu\\nowe gadu-gadu\\gg.exe"= TCP:d:\programy\gadu-gadu\nowe gadu-gadu\gg.exe:Nowe Gadu-Gadu beta"TCP Query User{FDC5FE04-AC46-412C-9792-991BA738E1E7}d:\\gry\\armies of exigo\\exigo.exe"= UDP:d:\gry\armies of exigo\exigo.exe:Armies of Exigo?"UDP Query User{3B1D48BE-D91E-4EFC-B9F6-FC8ECB8F7230}d:\\gry\\armies of exigo\\exigo.exe"= TCP:d:\gry\armies of exigo\exigo.exe:Armies of Exigo?"TCP Query User{2400680D-F021-425B-B024-BDEEB60E2F18}c:\\program files\\tlen.pl\\tlen.exe"= UDP:c:\program files\tlen.pl\tlen.exe:Komunikator Tlen.pl"UDP Query User{EFD448F0-40A7-4C11-BA29-8B86858791D9}c:\\program files\\tlen.pl\\tlen.exe"= TCP:c:\program files\tlen.pl\tlen.exe:Komunikator Tlen.pl"TCP Query User{A26842B9-6521-4ADF-8181-4DDF28371C00}d:\\gry\\flat out\\flatout2.exe"= UDP:d:\gry\flat out\flatout2.exe:FlatOut2"UDP Query User{3F61E8E5-B19E-4E98-8CB4-D6CF23E35C35}d:\\gry\\flat out\\flatout2.exe"= TCP:d:\gry\flat out\flatout2.exe:FlatOut2"{D96180AA-6F5E-4736-87BE-B2EA3D22835C}"= UDP:c:\program files\uTorrent\uTorrent.exe:?Torrent (TCP-In)"{F41682A4-5BAA-4ED8-ACA9-10EF565FEDFC}"= TCP:c:\program files\uTorrent\uTorrent.exe:?Torrent (UDP-In)"TCP Query User{6296117A-0285-46BC-A0CB-EDC56346C78B}d:\\gry\\counter-strike source\\hl2.exe"= UDP:d:\gry\counter-strike source\hl2.exe:hl2"UDP Query User{718E8F45-E917-4B32-B58D-0F10CE4884B9}d:\\gry\\counter-strike source\\hl2.exe"= TCP:d:\gry\counter-strike source\hl2.exe:hl2"TCP Query User{D6209843-D8A3-4B09-8818-03B44F00B6E2}d:\\gry\\counter strike + half life\\hlds.exe"= UDP:d:\gry\counter strike + half life\hlds.exe:HLDS Launcher"UDP Query User{66D67FF8-DEB4-4098-BF9A-4EEFE01FF772}d:\\gry\\counter strike + half life\\hlds.exe"= TCP:d:\gry\counter strike + half life\hlds.exe:HLDS Launcher"TCP Query User{ECA1298D-1B81-40A7-9221-B83A6E931871}c:\\program files\\participatory culture foundation\\miro\\xulrunner\\python\\miro_downloader.exe"= UDP:c:\program files\participatory culture foundation\miro\xulrunner\python\miro_downloader.exe:Miro_Downloader"UDP Query User{085FC8B2-4C8D-4C34-A0BD-2287F9AC40B0}c:\\program files\\participatory culture foundation\\miro\\xulrunner\\python\\miro_downloader.exe"= TCP:c:\program files\participatory culture foundation\miro\xulrunner\python\miro_downloader.exe:Miro_Downloader"TCP Query User{E97CE4AD-5DF6-4C2A-A014-D99E59A34200}c:\\users\\marcin\\appdata\\local\\temp\\mrta6d9.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrta6d9.tmp\stdrt.exe:stdrt.exe"UDP Query User{093494B5-ECA9-4129-A229-89E9DC8D56A1}c:\\users\\marcin\\appdata\\local\\temp\\mrta6d9.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrta6d9.tmp\stdrt.exe:stdrt.exe"TCP Query User{CE032351-7106-40E5-A63D-F278C3745B96}c:\\users\\marcin\\appdata\\local\\temp\\mrta997.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrta997.tmp\stdrt.exe:stdrt.exe"UDP Query User{1A6596F8-C859-4C7B-B2C8-010DE5397674}c:\\users\\marcin\\appdata\\local\\temp\\mrta997.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrta997.tmp\stdrt.exe:stdrt.exe"TCP Query User{4BB3D2AA-BE10-47E3-8582-A9F84546018B}c:\\users\\marcin\\appdata\\local\\temp\\mrtbe10.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrtbe10.tmp\stdrt.exe:stdrt.exe"UDP Query User{282B2D53-9EA9-4515-B69B-B38BEA8C3F14}c:\\users\\marcin\\appdata\\local\\temp\\mrtbe10.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrtbe10.tmp\stdrt.exe:stdrt.exe"TCP Query User{918AD2DE-3AAC-450F-BF8F-C083CA1B4114}c:\\users\\marcin\\appdata\\local\\temp\\mrt1831.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrt1831.tmp\stdrt.exe:stdrt.exe"UDP Query User{575137D9-173C-4342-B297-DD80BEE71261}c:\\users\\marcin\\appdata\\local\\temp\\mrt1831.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrt1831.tmp\stdrt.exe:stdrt.exe"TCP Query User{8C0E90CC-2B06-4766-B823-1F027BD6BBB4}c:\\users\\marcin\\appdata\\local\\temp\\mrtf4ca.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrtf4ca.tmp\stdrt.exe:stdrt.exe"UDP Query User{8FCBFADE-C959-44FA-82F3-759049216CCD}c:\\users\\marcin\\appdata\\local\\temp\\mrtf4ca.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrtf4ca.tmp\stdrt.exe:stdrt.exe"TCP Query User{0600C407-B8C7-4D26-A01F-308DDC83C5C8}c:\\users\\marcin\\appdata\\local\\temp\\mrt91f2.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrt91f2.tmp\stdrt.exe:stdrt.exe"UDP Query User{C1804803-AC81-436E-8EB4-0394A60552BF}c:\\users\\marcin\\appdata\\local\\temp\\mrt91f2.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrt91f2.tmp\stdrt.exe:stdrt.exe"TCP Query User{D4BD7939-4363-4E02-A300-29D457C64F1A}c:\\users\\marcin\\appdata\\local\\temp\\mrt826d.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrt826d.tmp\stdrt.exe:stdrt.exe"UDP Query User{B719B51A-2875-438F-8B31-7EFEA2BC86E7}c:\\users\\marcin\\appdata\\local\\temp\\mrt826d.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrt826d.tmp\stdrt.exe:stdrt.exe"TCP Query User{3DB170DB-A9B6-4BA9-B67D-3DB852AA0125}c:\\users\\marcin\\appdata\\local\\temp\\mrt25f6.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrt25f6.tmp\stdrt.exe:stdrt.exe"UDP Query User{D04B4B6C-0FB5-45C6-9C5F-5E52A4AC96CA}c:\\users\\marcin\\appdata\\local\\temp\\mrt25f6.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrt25f6.tmp\stdrt.exe:stdrt.exe"TCP Query User{7A75749E-5D9B-4E43-82B9-FBB4C48AFBC6}c:\\users\\marcin\\appdata\\local\\temp\\mrt9c10.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrt9c10.tmp\stdrt.exe:stdrt.exe"UDP Query User{BF0A4260-DF78-475F-BB40-9022560743BB}c:\\users\\marcin\\appdata\\local\\temp\\mrt9c10.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrt9c10.tmp\stdrt.exe:stdrt.exe"TCP Query User{3C1CA3F1-408D-4624-96A3-1F53B9E31C74}c:\\users\\marcin\\appdata\\local\\temp\\mrt39e7.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrt39e7.tmp\stdrt.exe:stdrt.exe"UDP Query User{F1D381F9-B15D-41A2-A554-5A0E2A657A36}c:\\users\\marcin\\appdata\\local\\temp\\mrt39e7.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrt39e7.tmp\stdrt.exe:stdrt.exe"TCP Query User{62771D74-7E41-48E1-9F99-E3EFF980B238}d:\\gry\\cod 2\\cod2mp_s.exe"= UDP:d:\gry\cod 2\cod2mp_s.exe:CoD2MP_s"UDP Query User{41AEDF7F-0FAE-48C8-A238-2AAD7285BD23}d:\\gry\\cod 2\\cod2mp_s.exe"= TCP:d:\gry\cod 2\cod2mp_s.exe:CoD2MP_s"TCP Query User{72DF2120-F07B-4FC8-8F84-B7202A57BF1F}c:\\users\\marcin\\appdata\\local\\temp\\mrtf546.tmp\\stdrt.exe"= UDP:c:\users\marcin\appdata\local\temp\mrtf546.tmp\stdrt.exe:stdrt.exe"UDP Query User{8F1E7FBE-0C8E-4649-B030-4958AFF91784}c:\\users\\marcin\\appdata\\local\\temp\\mrtf546.tmp\\stdrt.exe"= TCP:c:\users\marcin\appdata\local\temp\mrtf546.tmp\stdrt.exe:stdrt.exeR3 AvgWFP;AVG7 Firewall Driver x86;c:\windows\System32\drivers\avgwfp.sys [2008-02-19 53768]S3 k510bus;Sony Ericsson K510 Driver driver (WDM);c:\windows\System32\drivers\k510bus.sys [2007-02-13 58288]S3 k510mdfl;Sony Ericsson K510 USB WMC Modem Filter;c:\windows\System32\drivers\k510mdfl.sys [2007-02-13 8336]S3 k510mdm;Sony Ericsson K510 USB WMC Modem Driver;c:\windows\System32\drivers\k510mdm.sys [2007-02-13 94064]S3 k510mgmt;Sony Ericsson K510 USB WMC Device Management Drivers (WDM);c:\windows\System32\drivers\k510mgmt.sys [2007-02-13 85408]--- Inne Uslugi/Sterowniki w Pamieci ---*Deregistered* - IDSvix86*Deregistered* - sptd*Deregistered* - SYMDNS*Deregistered* - SymEvent*Deregistered* - SYMFW*Deregistered* - SYMIDS*Deregistered* - SYMNDISV*Deregistered* - SYMREDRV*Deregistered* - SYMTDI*Deregistered* - TBPanel[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc.Zawartość folderu 'Zaplanowane zadania'2009-01-12 c:\windows\Tasks\User_Feed_Synchronization-{15336E7E-CAFD-4A02-94DD-2DD3AAD99982}.job- c:\windows\system32\msfeedssync.exe [2008-01-19 08:33]2009-01-12 c:\windows\Tasks\User_Feed_Synchronization-{4E4BDE1D-E8E3-418C-854E-9EAB6A1A355C}.job- c:\windows\system32\msfeedssync.exe [2008-01-19 08:33]2009-01-12 c:\windows\Tasks\User_Feed_Synchronization-{54C2C780-0614-4461-902D-8B9BA19BAEAE}.job- c:\windows\system32\msfeedssync.exe [2008-01-19 08:33].- - - - USUNIĘTO PUSTE WPISY - - - -BHO-{74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - (no file)HKLM-Run-TkBellExe - realsched.exe.------- Skan uzupełniający -------.uStart Page = hxxp://www.entretieneteds.vze.comIE: &Clean Traces - d:\programy\DAP\Privacy Package\dapcleanerie.htmIE: &Download FLV by WinAVI... - d:\programy\win2\flv_link.htmIE: &Download with &DAP - d:\programy\DAP\dapextie.htmIE: &Search - http://edits.mywebsearch.com/toolbaredits/...html?p=ZKfox000IE: &Winamp Search - c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.htmlIE: Download &all with DAP - d:\programy\DAP\dapextie2.htmIE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000IE: {{DE365254-2F9B-4908-9E3A-7AAA6EC90BCC} - {EC83A912-7EF4-410D-9CC7-3BDAA709CA71} -LSP: c:\windows\system32\wpclsp.dllName-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - d:\programy\DAP\dapie.dllName-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - d:\programy\DAP\dapie.dllFF - ProfilePath - c:\users\marcin\AppData\Roaming\Mozilla\Firefox\Profiles\tww0zejl.default\FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query=FF - prefs.js: browser.search.selectedEngine - Winamp SearchFF - prefs.js: browser.startup.homepage - hxxp://www.google.com/webhp?hl=plFF - prefs.js: keyword.URL - hxxp://search.speedbit.com/searchresults.asp?src=default&q=FF - component: d:\programy\DAP\DAPFireFox\components\DAPFireFox.dllFF - plugin: c:\program files\Java\jre1.5.0\bin\NPJava11.dllFF - plugin: c:\program files\Java\jre1.5.0\bin\NPJava12.dllFF - plugin: c:\program files\Java\jre1.5.0\bin\NPJava13.dllFF - plugin: c:\program files\Java\jre1.5.0\bin\NPJava14.dllFF - plugin: c:\program files\Java\jre1.5.0\bin\NPJava32.dllFF - plugin: c:\program files\Java\jre1.5.0\bin\NPJPI150.dllFF - plugin: c:\program files\Java\jre1.5.0\bin\NPOJI610.dllFF - plugin: c:\program files\VistaCodecPack\rm\browser\plugins\nppl3260.dllFF - plugin: c:\program files\VistaCodecPack\rm\browser\plugins\nprpjplug.dllFF - plugin: d:\program\Qujck time\Plugins\npqtplugin.dllFF - plugin: d:\program\Qujck time\Plugins\npqtplugin2.dllFF - plugin: d:\program\Qujck time\Plugins\npqtplugin3.dllFF - plugin: d:\program\Qujck time\Plugins\npqtplugin4.dllFF - plugin: d:\program\Qujck time\Plugins\npqtplugin5.dllFF - plugin: d:\program\Qujck time\Plugins\npqtplugin6.dllFF - plugin: d:\program\Qujck time\Plugins\npqtplugin7.dllFF - plugin: d:\programy\Adobe\Reader\browser\nppdf32.dllFF - plugin: d:\programy\divX\DivX Content Uploader\npUpload.dllFF - plugin: d:\programy\divX\DivX Player\npDivxPlayerPlugin.dllFF - plugin: d:\programy\divX\DivX Web Player\npdivx32.dllFF - plugin: d:\programy\realplayer\Netscape6\nppl3260.dllFF - plugin: d:\programy\realplayer\Netscape6\nprjplug.dllFF - plugin: d:\programy\realplayer\Netscape6\nprpjplug.dll.**************************************************************************catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2009-01-12 14:28:36Windows 6.0.6001 Service Pack 1 NTFSskanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ...skanowanie ukrytych plików ... skanowanie pomyślnie ukończoneukryte pliki: 0**************************************************************************.------------------------ Pozostałe uruchomione procesy ------------------------.c:\windows\System32\nvvsvc.exec:\windows\System32\audiodg.exec:\windows\System32\rundll32.exec:\program files\Lavasoft\Ad-Aware 2007\aawservice.exec:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exec:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exec:\progra~1\Grisoft\AVG7\avgamsvr.exec:\progra~1\Grisoft\AVG7\avgupsvc.exec:\progra~1\Grisoft\AVG7\avgrssvc.exec:\progra~1\Grisoft\AVG7\avgemc.exec:\progra~1\Grisoft\AVG7\avgrssvc.exec:\program files\cFosSpeed\spd.exec:\program files\Canon\IJPLM\ijplmsvc.exec:\windows\System32\conime.exec:\program files\Grisoft\AVG7\avgcc.exec:\windows\System32\wbem\unsecapp.exec:\windows\System32\wbem\WMIADAP.exec:\windows\System32\dllhost.exe.**************************************************************************.Czas ukończenia: 2009-01-12 14:32:44 - komputer został uruchomiony ponownieComboFix-quarantined-files.txt 2009-01-12 13:32:35Przed: 77 201 559 552 bajtów wolnychPo: 77,098,090,496 bajtów wolnych488 --- E O F --- 2009-01-09 14:15:53
Mateusz J. komentarz 12 stycznia 2009 komentarz 12 stycznia 2009 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.entretieneteds.vze.comO9 - Extra button: WinAVI FLV Manager - {DE365254-2F9B-4908-9E3A-7AAA6EC90BCC} - (no file)O9 - Extra 'Tools' menuitem: WinAVI FLV Manager - {DE365254-2F9B-4908-9E3A-7AAA6EC90BCC} - (no file)O2 - BHO: (no name) - {E8DF67A1-B618-4F3F-9E7C-CBE175ADEF5B} - (no file)O3 - Toolbar: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - (no file)O3 - Toolbar: (no name) - {37B85A29-692B-4205-9CAD-2626E4993404} - (no file)O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...html?p=ZKfox000 Fix w Hjt. Usuń folder c:\QooBox Ogólnie ok, ComboFix wywalił parę "śmieci".
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.