Skocz do zawartości

  • 👋 Witaj na MPCForum!

    Przeglądasz forum jako gość, co oznacza, że wiele świetnych funkcji jest jeszcze przed Tobą! 😎

    • Pełny dostęp do działów i ukrytych treści
    • Możliwość pisania i odpowiadania w tematach
    • System prywatnych wiadomości
    • Zbieranie reputacji i rozwijanie swojego profilu
    • Członkostwo w jednej z największych społeczności graczy

    👉 Dołączenie zajmie Ci mniej niż minutę – a zyskasz znacznie więcej!

    Zarejestruj się teraz
  • 0

Trojan VBR/Dropper

Huracan

Pytanie zadane przez Huracan ,

Pytanie

Huracan Specjalista

Huracan

Opublikowano
Specjalista

Huracan

Opublikowano

Elo, nie wiem jakim cudem ale na moim komputerze znalazł się trojan VBR/Dropper, mój AVG wariuje i uważa wszystko za wirusy, gry, foldery, aplikacje totalnie wszystko a gdy próbuje usunąć jakimś cudem to i tak wyskakuje mi ciągle że AVG znalazł wirus, możecie mi pomóc? jak się pozbyć tego trojana? 

7 odpowiedzi na to pytanie

Rekomendowane odpowiedzi

Huracan Specjalista

Huracan

Opublikowano
Specjalista

Huracan

  • Autor
Opublikowano

@DnaloP

 

Pomogło w kwestii wyskakujących zagrożeń przez AVG jak szalone ale teraz wyskoczyło mi takie coś:

 

http://www.mpcforum.pl/uploads/images/3269414536598931200255.jpeg

 

Dodatkowo jakieś foldery i rozszerzenia .ini pokazały mi się na pulpicie, co z tym zrobić? 

 

Logi z fixu FRST:

 

Rezultat naprawy Farbar Recovery Scan Tool (x86) Wersja:24-01-2016

Uruchomiony przez ppp (2016-01-24 19:10:20) Run:1
Uruchomiony z C:\Users\ppp\Desktop\Nowy folder
Załadowane profile: ppp (Dostępne profile: ppp)
Tryb startu: Normal
 
==============================================
 
fixlist - zawartość:
*****************
closeprocesses:
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-homes.com/?type=hp&ts=1434109305&z=8d90a9f4f201c4de59ed375g8zdcdzbgce0t1oct6m&from=ient06122&uid=126614527_331762_34882826
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.key-find.com/web/?type=ds&ts=1424710306&from=cor&uid=126614527_331762_34882826&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?type=hp&ts=1434109305&z=8d90a9f4f201c4de59ed375g8zdcdzbgce0t1oct6m&from=ient06122&uid=126614527_331762_34882826
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.key-find.com/web/?type=ds&ts=1424710306&from=cor&uid=126614527_331762_34882826&q={searchTerms}
HKU\S-1-5-21-1512337231-836916100-4245332658-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.key-find.com/web/?type=dspp&ts=1424710477&from=cor&uid=126614527_331762_34882826&q={searchTerms}
HKU\S-1-5-21-1512337231-836916100-4245332658-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={898CB1F7-4A71-44C7-850E-9AC7E47D06A5}&mid=93a8d8e39d8147d2ba17d15e7712a207-280eebffd4b62125f56ac22c8758693e69e718be〈=pl&ds=AVG&coid=avgtbavg&cmpid=1215tb&pr=fr&d=2014-11-09 11:55:04&v=4.2.1.951&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-1512337231-836916100-4245332658-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?type=hp&ts=1434109305&z=8d90a9f4f201c4de59ed375g8zdcdzbgce0t1oct6m&from=ient06122&uid=126614527_331762_34882826
HKU\S-1-5-21-1512337231-836916100-4245332658-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.key-find.com/web/?type=dspp&ts=1424710477&from=cor&uid=126614527_331762_34882826&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1512337231-836916100-4245332658-1000 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1512337231-836916100-4245332658-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1512337231-836916100-4245332658-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1512337231-836916100-4245332658-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={898CB1F7-4A71-44C7-850E-9AC7E47D06A5}&mid=93a8d8e39d8147d2ba17d15e7712a207-280eebffd4b62125f56ac22c8758693e69e718be〈=pl&ds=AVG&coid=avgtbavg&cmpid=1215tb&pr=fr&d=2014-11-09 11:55:04&v=4.2.1.951&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1512337231-836916100-4245332658-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.delta-homes.com/?type=sc&ts=1434109305&z=8d90a9f4f201c4de59ed375g8zdcdzbgce0t1oct6m&from=ient06122&uid=126614527_331762_34882826
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: AVG Secure Search
FF SelectedSearchEngine: delta-homes
FF Homepage: hxxps://mysearch.avg.com/?cid={898CB1F7-4A71-44C7-850E-9AC7E47D06A5}&mid=93a8d8e39d8147d2ba17d15e7712a207-280eebffd4b62125f56ac22c8758693e69e718be〈=pl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-11-09 11:55:04&v=4.2.1.951&pid=wtu&sg=&sap=hp
FF Plugin: @microsoft.com/GENUINE -> disabled [brak pliku]
FF SearchPlugin: C:\Users\ppp\AppData\Roaming\Mozilla\Firefox\Profiles\yc9ocxqk.default\searchplugins\avg-secure-search.xml [2015-12-03]
FF SearchPlugin: C:\Users\ppp\AppData\Roaming\Mozilla\Firefox\Profiles\yc9ocxqk.default\searchplugins\delta-homes.xml [2015-12-16]
FF SearchPlugin: C:\Users\ppp\AppData\Roaming\Mozilla\Firefox\Profiles\yc9ocxqk.default\searchplugins\key-find.xml [2015-04-30]
FF Extension: Coupon Cafe - C:\Users\ppp\AppData\Roaming\Mozilla\Firefox\Profiles\yc9ocxqk.default\extensions\[email protected] [2014-11-17] [brak podpisu cyfrowego]
FF Extension: Solution Real 1.0.1 - C:\Users\ppp\AppData\Roaming\Mozilla\Firefox\Profiles\yc9ocxqk.default\extensions\{a5c25b9e-3974-4e91-9864-34f9aca33ff3}.xpi [2014-12-30] [brak podpisu cyfrowego]
FF Extension: Default NewTab - C:\Users\ppp\AppData\Roaming\Mozilla\Firefox\Profiles\yc9ocxqk.default\extensions\[email protected] [2015-07-05] [brak podpisu cyfrowego]
FF Extension: Default SearchProtected  - C:\Users\ppp\AppData\Roaming\Mozilla\Firefox\Profiles\yc9ocxqk.default\extensions\[email protected] [2015-08-12] [brak podpisu cyfrowego]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Users\ppp\AppData\Roaming\Mozilla\Firefox\Profiles\yc9ocxqk.default\extensions\[email protected] => nie znaleziono
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Users\ppp\AppData\Roaming\Mozilla\Firefox\Profiles\yc9ocxqk.default\extensions\[email protected] => nie znaleziono
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Users\ppp\AppData\Roaming\Mozilla\Firefox\Profiles\yc9ocxqk.default\extensions\[email protected] => nie znaleziono
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Users\ppp\AppData\Roaming\Mozilla\Firefox\Profiles\yc9ocxqk.default\extensions\[email protected] => nie znaleziono
StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe hxxp://www.delta-homes.com/?type=sc&ts=1434109305&z=8d90a9f4f201c4de59ed375g8zdcdzbgce0t1oct6m&from=ient06122&uid=126614527_331762_34882826
 CHR HomePage: Default -> mysearch.avg.com/?rvt=1
CHR StartupUrls: Default -> "hxxp://www.delta-homes.com/?type=hp&ts=1434109305&z=8d90a9f4f201c4de59ed375g8zdcdzbgce0t1oct6m&from=ient06122&uid=126614527_331762_34882826"
CHR DefaultSearchURL: Default -> hxxp://search.delta-homes.com/web/?type=ds&ts=1434109305&z=8d90a9f4f201c4de59ed375g8zdcdzbgce0t1oct6m&from=ient06122&uid=126614527_331762_34882826&q={searchTerms}
CHR DefaultSearchKeyword: Default -> delta-homes
CHR Extension: (Coupon Cafe) - C:\Users\ppp\AppData\Local\Google\Chrome\User Data\Default\Extensions\caficnijbecdceenmgfphpoaamopmmjg [2016-01-23]
S3 Origin Client Service; "D:\Program Files\Origin Games\OriginClientService.exe" [X]
R1 {a5c25b9e-3974-4e91-9864-34f9aca33ff3}Gw; C:\Windows\System32\drivers\{a5c25b9e-3974-4e91-9864-34f9aca33ff3}Gw.sys [43160 2014-12-30] (StdLib)
S3 BRDriver_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver.sys [X]
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
S1 pfnfd_1_10_0_9; system32\drivers\pfnfd_1_10_0_9.sys [X]
S1 wpnfd_1_10_0_5; system32\drivers\wpnfd_1_10_0_5.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
Task: {4B2C11D9-64A1-49CF-B1B0-87326A20CD30} - System32\Tasks\Advanced System~Protector_startup => C:\Program Files\ASP\AdvancedSystemProtector.exe <==== UWAGA
Task: {7C36F315-2F9A-4D8F-9E79-BF756DBBF628} - System32\Tasks\SPBIW_UpdateTask_Time_323933353836303735342d3437415a556c2a3223346c41 => Wscript.exe //B "C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe /invoke /f:check_services /l:0 <==== UWAGA
 
ShortcutWithArgument: C:\Users\ppp\Desktop\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.delta-homes.com/?type=sc&ts=1434109305&z=8d90a9f4f201c4de59ed375g8zdcdzbgce0t1oct6m&from=ient06122&uid=126614527_331762_34882826
ShortcutWithArgument: C:\Users\ppp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.delta-homes.com/?type=sc&ts=1434109305&z=8d90a9f4f201c4de59ed375g8zdcdzbgce0t1oct6m&from=ient06122&uid=126614527_331762_34882826
ShortcutWithArgument: C:\Users\ppp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.delta-homes.com/?type=sc&ts=1434109305&z=8d90a9f4f201c4de59ed375g8zdcdzbgce0t1oct6m&from=ient06122&uid=126614527_331762_34882826
ShortcutWithArgument: C:\Users\ppp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Opera.lnk -> C:\Program Files\Opera\launcher.exe (Opera Software) -> hxxp://www.delta-homes.com/?type=sc&ts=1434109305&z=8d90a9f4f201c4de59ed375g8zdcdzbgce0t1oct6m&from=ient06122&uid=126614527_331762_34882826
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.delta-homes.com/?type=sc&ts=1434109305&z=8d90a9f4f201c4de59ed375g8zdcdzbgce0t1oct6m&from=ient06122&uid=126614527_331762_34882826
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.delta-homes.com/?type=sc&ts=1434109305&z=8d90a9f4f201c4de59ed375g8zdcdzbgce0t1oct6m&from=ient06122&uid=126614527_331762_34882826
ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.delta-homes.com/?type=sc&ts=1434109305&z=8d90a9f4f201c4de59ed375g8zdcdzbgce0t1oct6m&from=ient06122&uid=126614527_331762_34882826
 AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\ProgramData:NT2
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\Users\All Users:NT2
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT2
AlternateDataStreams: C:\ProgramData\Dane aplikacji:NT
AlternateDataStreams: C:\ProgramData\Dane aplikacji:NT2
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2
AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
AlternateDataStreams: C:\Users\ppp\Dane aplikacji:NT
AlternateDataStreams: C:\Users\ppp\Dane aplikacji:NT2
AlternateDataStreams: C:\Users\ppp\AppData\Roaming:NT
AlternateDataStreams: C:\Users\ppp\AppData\Roaming:NT2
EmptyTemp:
*****************
 
Procesy zostały pomyślnie zamknięte.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Wartość pomyślnie przywrócono
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyślnie przywrócono
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wartość pomyślnie przywrócono
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Wartość pomyślnie przywrócono
HKU\S-1-5-21-1512337231-836916100-4245332658-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyślnie przywrócono
HKU\S-1-5-21-1512337231-836916100-4245332658-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => Wartość pomyślnie przywrócono
HKU\S-1-5-21-1512337231-836916100-4245332658-1000\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wartość pomyślnie przywrócono
HKU\S-1-5-21-1512337231-836916100-4245332658-1000\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => Wartość pomyślnie przywrócono
HKU\S-1-5-21-1512337231-836916100-4245332658-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wartość pomyślnie usunięto
"HKU\S-1-5-21-1512337231-836916100-4245332658-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => klucz pomyślnie usunięto
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => klucz nie znaleziono. 
"HKU\S-1-5-21-1512337231-836916100-4245332658-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}" => klucz pomyślnie usunięto
HKCR\CLSID\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} => klucz nie znaleziono. 
"HKU\S-1-5-21-1512337231-836916100-4245332658-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}" => klucz pomyślnie usunięto
"HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}" => klucz pomyślnie usunięto
"HKU\S-1-5-21-1512337231-836916100-4245332658-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}" => klucz pomyślnie usunięto
HKCR\CLSID\{E733165D-CBCF-4FDA-883E-ADEF965B476C} => klucz nie znaleziono. 
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Wartość pomyślnie przywrócono
Firefox "newtab" pomyślnie usunięto
Firefox DefaultSearchEngine pomyślnie usunięto
Firefox SelectedSearchEngine pomyślnie usunięto
Firefox "homepage" pomyślnie usunięto
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => klucz pomyślnie usunięto
C:\Users\ppp\AppData\Roaming\Mozilla\Firefox\Profiles\yc9ocxqk.default\searchplugins\avg-secure-search.xml => pomyślnie przeniesiono
C:\Users\ppp\AppData\Roaming\Mozilla\Firefox\Profiles\yc9ocxqk.default\searchplugins\delta-homes.xml => pomyślnie przeniesiono
C:\Users\ppp\AppData\Roaming\Mozilla\Firefox\Profiles\yc9ocxqk.default\searchplugins\key-find.xml => pomyślnie przeniesiono
C:\Users\ppp\AppData\Roaming\Mozilla\Firefox\Profiles\yc9ocxqk.default\extensions\[email protected] => pomyślnie przeniesiono
C:\Users\ppp\AppData\Roaming\Mozilla\Firefox\Profiles\yc9ocxqk.default\extensions\[email protected] => ścieżki pomyślnie usunięto
C:\Users\ppp\AppData\Roaming\Mozilla\Firefox\Profiles\yc9ocxqk.default\extensions\{a5c25b9e-3974-4e91-9864-34f9aca33ff3}.xpi => pomyślnie przeniesiono
C:\Users\ppp\AppData\Roaming\Mozilla\Firefox\Profiles\yc9ocxqk.default\extensions\{a5c25b9e-3974-4e91-9864-34f9aca33ff3}.xpi => ścieżki pomyślnie usunięto
C:\Users\ppp\AppData\Roaming\Mozilla\Firefox\Profiles\yc9ocxqk.default\extensions\[email protected] => pomyślnie przeniesiono
C:\Users\ppp\AppData\Roaming\Mozilla\Firefox\Profiles\yc9ocxqk.default\extensions\[email protected] => ścieżki pomyślnie usunięto
C:\Users\ppp\AppData\Roaming\Mozilla\Firefox\Profiles\yc9ocxqk.default\extensions\[email protected] => pomyślnie przeniesiono
C:\Users\ppp\AppData\Roaming\Mozilla\Firefox\Profiles\yc9ocxqk.default\extensions\[email protected] => ścieżki pomyślnie usunięto
HKLM\Software\Mozilla\Firefox\Extensions\\[email protected] => Wartość pomyślnie usunięto
HKLM\Software\Mozilla\Firefox\Extensions\\[email protected] => Wartość pomyślnie usunięto
HKLM\Software\Mozilla\Firefox\Extensions\\[email protected] => Wartość pomyślnie usunięto
HKLM\Software\Mozilla\Firefox\Extensions\\[email protected] => Wartość pomyślnie usunięto
HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command\\Default => Wartość pomyślnie przywrócono
Chrome HomePage => pomyślnie usunięto
Chrome StartupUrls => pomyślnie usunięto
Chrome DefaultSearchURL => pomyślnie usunięto
Chrome DefaultSearchKeyword => pomyślnie usunięto
C:\Users\ppp\AppData\Local\Google\Chrome\User Data\Default\Extensions\caficnijbecdceenmgfphpoaamopmmjg => pomyślnie przeniesiono
Origin Client Service => serwis pomyślnie usunięto
{a5c25b9e-3974-4e91-9864-34f9aca33ff3}Gw => Usługa pomyślnie zatrzymana.
{a5c25b9e-3974-4e91-9864-34f9aca33ff3}Gw => serwis pomyślnie usunięto
BRDriver_1_3_3_E02B25FC => serwis pomyślnie usunięto
EagleXNt => serwis pomyślnie usunięto
FairplayKD => serwis pomyślnie usunięto
pfnfd_1_10_0_9 => serwis pomyślnie usunięto
wpnfd_1_10_0_5 => serwis pomyślnie usunięto
xhunter1 => serwis pomyślnie usunięto
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4B2C11D9-64A1-49CF-B1B0-87326A20CD30} => klucz nie znaleziono. 
C:\Windows\System32\Tasks\Advanced System~Protector_startup => nie znaleziono.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Advanced System~Protector_startup => klucz nie znaleziono. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7C36F315-2F9A-4D8F-9E79-BF756DBBF628}" => klucz pomyślnie usunięto
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7C36F315-2F9A-4D8F-9E79-BF756DBBF628}" => klucz pomyślnie usunięto
C:\Windows\System32\Tasks\SPBIW_UpdateTask_Time_323933353836303735342d3437415a556c2a3223346c41 => pomyślnie przeniesiono
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SPBIW_UpdateTask_Time_323933353836303735342d3437415a556c2a3223346c41" => klucz pomyślnie usunięto
C:\Users\ppp\Desktop\Google Chrome.lnk => Skrót - argument pomyślnie usunięto.
C:\Users\ppp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk => Skrót - argument pomyślnie usunięto.
C:\Users\ppp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk => Skrót - argument pomyślnie usunięto.
C:\Users\ppp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Opera.lnk => Skrót - argument pomyślnie usunięto.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk => Skrót - argument pomyślnie usunięto.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk => Skrót - argument pomyślnie usunięto.
C:\Users\Public\Desktop\Mozilla Firefox.lnk => Skrót - argument pomyślnie usunięto.
C:\ProgramData => ":NT" ADS pomyślnie usunięto.
C:\ProgramData => ":NT2" ADS pomyślnie usunięto.
"C:\Users\All Users" => ":NT" ADS nie znaleziono.
"C:\Users\All Users" => ":NT2" ADS nie znaleziono.
"C:\ProgramData\Application Data" => ":NT" ADS nie znaleziono.
"C:\ProgramData\Application Data" => ":NT2" ADS nie znaleziono.
"C:\ProgramData\Dane aplikacji" => ":NT" ADS nie znaleziono.
"C:\ProgramData\Dane aplikacji" => ":NT2" ADS nie znaleziono.
C:\ProgramData\MTA San Andreas All => ":NT" ADS pomyślnie usunięto.
C:\ProgramData\MTA San Andreas All => ":NT2" ADS pomyślnie usunięto.
C:\ProgramData\TEMP => ":0B4227B4" ADS pomyślnie usunięto.
C:\ProgramData\TEMP => ":56E2E879" ADS pomyślnie usunięto.
"C:\Users\ppp\Dane aplikacji" => ":NT" ADS nie znaleziono.
"C:\Users\ppp\Dane aplikacji" => ":NT2" ADS nie znaleziono.
C:\Users\ppp\AppData\Roaming => ":NT" ADS pomyślnie usunięto.
C:\Users\ppp\AppData\Roaming => ":NT2" ADS pomyślnie usunięto.
EmptyTemp: => 9.5 GB danych tymczasowych Usunięto.
 
 
System wymagał restartu.
 
==== Koniec  Fixlog 19:14:12 ====

Huracan Specjalista

Huracan

Opublikowano
Specjalista

Huracan

  • Autor
Opublikowano

@DonaloP Proszę:

 

 

 

 

FRST:

 

Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x86) Wersja:24-01-2016

Uruchomiony przez ppp (administrator)  ZACHARY (24-01-2016 17:51:51)
Uruchomiony z C:\Users\ppp\Downloads
Załadowane profile: ppp (Dostępne profile: ppp)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) Język: Polski (Polska)
Internet Explorer Wersja 11 (Domyślna przeglądarka: Opera)
Tryb startu: Normal
 
==================== Procesy (filtrowane) =================
 
(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgcsrvx.exe
() C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgui.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgwdsvcx.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Windows\System32\PnkBstrA.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\40.2.4\ToolbarUpdater.exe
(Opera Software) C:\Program Files\Opera\launcher.exe
(Opera Software) C:\Program Files\Opera\34.0.2036.41\opera.exe
(Opera Software) C:\Program Files\Opera\34.0.2036.41\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\34.0.2036.41\opera.exe
(Opera Software) C:\Program Files\Opera\34.0.2036.41\opera.exe
(Opera Software) C:\Program Files\Opera\34.0.2036.41\opera.exe
(Opera Software) C:\Program Files\Opera\34.0.2036.41\opera.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Rejestr (filtrowane) ===========================
 
(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
 
HKLM\...\Run: [startCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-30] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\Av\avgui.exe [3874216 2016-01-08] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [Lightshot] => C:\Program Files\Skillbrains\lightshot\Lightshot.exe
HKLM\...\Run: [sunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [179624 2016-01-12] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-21-1512337231-836916100-4245332658-1000\...\Run: [uTorrent] => "C:\Users\ppp\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
HKU\S-1-5-21-1512337231-836916100-4245332658-1000\...\Run: [Akamai NetSession Interface] => C:\Users\ppp\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1512337231-836916100-4245332658-1000\...\Run: [GG] => C:\Users\ppp\AppData\Local\GG\Application\gghub.exe [4078144 2015-04-23] (GG Network S.A.)
HKU\S-1-5-21-1512337231-836916100-4245332658-1000\...\Run: [spotify Web Helper] => C:\Users\ppp\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2346096 2016-01-17] (Spotify Ltd)
HKU\S-1-5-21-1512337231-836916100-4245332658-1000\...\Run: [ManyCam] => "C:\Program Files\ManyCam\ManyCam.exe" --silent
HKU\S-1-5-21-1512337231-836916100-4245332658-1000\...\Run: [steam] => D:\Program Files\Steam\steam.exe [3013712 2015-12-14] (Valve Corporation)
HKU\S-1-5-21-1512337231-836916100-4245332658-1000\...\Run: [DevidAgent] => C:\Users\ppp\Downloads\Dev_Agent_Setup.exe /autorun
HKU\S-1-5-21-1512337231-836916100-4245332658-1000\...\Run: [Overwolf] => C:\Program Files\Overwolf\Overwolf.exe [45296 2016-01-06] (Overwolf LTD)
HKU\S-1-5-21-1512337231-836916100-4245332658-1000\...\Run: [spotify] => C:\Users\ppp\AppData\Roaming\Spotify\Spotify.exe [8387696 2016-01-17] (Spotify Ltd)
HKU\S-1-5-21-1512337231-836916100-4245332658-1000\...\Run: [{5DE67937-45D5-45E4-923C-0B7F7EC929A7}] => "C:\Users\ppp\Downloads\LeagueofLegends_EUNE_Installer_9_15_2014.exe" /cmdloc "HKCU\Software\Riot Games AiTemp\{5DE67937-45D5-45E4-923C-0B7F7EC929A7}"
HKU\S-1-5-21-1512337231-836916100-4245332658-1000\...\Run: [skype] => C:\Program Files\Skype\Phone\Skype.exe [50378880 2015-12-17] (Skype Technologies S.A.)
HKU\S-1-5-21-1512337231-836916100-4245332658-1000\...\Run: [WTFast Tray] => C:\Program Files\WTFast\WTFast.exe [5255256 2015-09-14] (AAA Internet Publishing, Inc.)
HKU\S-1-5-21-1512337231-836916100-4245332658-1000\...\MountPoints2: {484cff85-9303-11e3-87bb-806e6f6e6963} - E:\cda_menu.exe
HKU\S-1-5-21-1512337231-836916100-4245332658-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> 
ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.)
ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.)
ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.)
ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.)
BootExecute: sasnative32autocheck autochk * 
 
==================== Internet (filtrowane) ====================
 
(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
 
Winsock: Catalog9 01 C:\Windows\system32\WTFastDrv.dll [72296 2015-04-08] (Initex)
Winsock: Catalog9 02 C:\Windows\system32\WTFastDrv.dll [72296 2015-04-08] (Initex)
Winsock: Catalog9 06 C:\Windows\system32\WTFastDrv.dll [72296 2015-04-08] (Initex)
Winsock: Catalog9 07 C:\Windows\system32\WTFastDrv.dll [72296 2015-04-08] (Initex)
Winsock: Catalog9 21 C:\Windows\system32\WTFastDrv.dll [72296 2015-04-08] (Initex)
Tcpip\..\Interfaces\{9E3219F1-684B-4C8F-949C-A54DB30DA4F3}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-homes.com/?type=hp&ts=1434109305&z=8d90a9f4f201c4de59ed375g8zdcdzbgce0t1oct6m&from=ient06122&uid=126614527_331762_34882826
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.key-find.com/web/?type=ds&ts=1424710306&from=cor&uid=126614527_331762_34882826&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?type=hp&ts=1434109305&z=8d90a9f4f201c4de59ed375g8zdcdzbgce0t1oct6m&from=ient06122&uid=126614527_331762_34882826
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.key-find.com/web/?type=ds&ts=1424710306&from=cor&uid=126614527_331762_34882826&q={searchTerms}
HKU\S-1-5-21-1512337231-836916100-4245332658-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.key-find.com/web/?type=dspp&ts=1424710477&from=cor&uid=126614527_331762_34882826&q={searchTerms}
HKU\S-1-5-21-1512337231-836916100-4245332658-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={898CB1F7-4A71-44C7-850E-9AC7E47D06A5}&mid=93a8d8e39d8147d2ba17d15e7712a207-280eebffd4b62125f56ac22c8758693e69e718be〈=pl&ds=AVG&coid=avgtbavg&cmpid=1215tb&pr=fr&d=2014-11-09 11:55:04&v=4.2.1.951&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-1512337231-836916100-4245332658-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?type=hp&ts=1434109305&z=8d90a9f4f201c4de59ed375g8zdcdzbgce0t1oct6m&from=ient06122&uid=126614527_331762_34882826
HKU\S-1-5-21-1512337231-836916100-4245332658-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.key-find.com/web/?type=dspp&ts=1424710477&from=cor&uid=126614527_331762_34882826&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1512337231-836916100-4245332658-1000 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1512337231-836916100-4245332658-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1512337231-836916100-4245332658-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1512337231-836916100-4245332658-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={898CB1F7-4A71-44C7-850E-9AC7E47D06A5}&mid=93a8d8e39d8147d2ba17d15e7712a207-280eebffd4b62125f56ac22c8758693e69e718be〈=pl&ds=AVG&coid=avgtbavg&cmpid=1215tb&pr=fr&d=2014-11-09 11:55:04&v=4.2.1.951&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1512337231-836916100-4245332658-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-17] (Oracle Corporation)
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.2.4.155\AVG Web TuneUp.dll [2015-12-16] (AVG)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-17] (Oracle Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.delta-homes.com/?type=sc&ts=1434109305&z=8d90a9f4f201c4de59ed375g8zdcdzbgce0t1oct6m&from=ient06122&uid=126614527_331762_34882826
 
FireFox:
========
FF ProfilePath: C:\Users\ppp\AppData\Roaming\Mozilla\Firefox\Profiles\yc9ocxqk.default
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: AVG Secure Search
FF SelectedSearchEngine: delta-homes
FF Homepage: hxxps://mysearch.avg.com/?cid={898CB1F7-4A71-44C7-850E-9AC7E47D06A5}&mid=93a8d8e39d8147d2ba17d15e7712a207-280eebffd4b62125f56ac22c8758693e69e718be〈=pl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-11-09 11:55:04&v=4.2.1.951&pid=wtu&sg=&sap=hp
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-20] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1209149.dll [2014-01-29] (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-17] (Oracle Corporation)
FF Plugin: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll [brak pliku]
FF Plugin: @microsoft.com/GENUINE -> disabled [brak pliku]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll [2015-10-30] (Nexon)
FF Plugin: @ogplanet.com/npOGPPlugin -> C:\Windows\system32\npOGPPlugin.dll [2009-11-19] (OGPlanet)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [brak pliku]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1512337231-836916100-4245332658-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [brak pliku]
FF user.js: detected! => C:\Users\ppp\AppData\Roaming\Mozilla\Firefox\Profiles\yc9ocxqk.default\user.js [2015-06-21]
FF SearchPlugin: C:\Users\ppp\AppData\Roaming\Mozilla\Firefox\Profiles\yc9ocxqk.default\searchplugins\avg-secure-search.xml [2015-12-03]
FF SearchPlugin: C:\Users\ppp\AppData\Roaming\Mozilla\Firefox\Profiles\yc9ocxqk.default\searchplugins\delta-homes.xml [2015-12-16]
FF SearchPlugin: C:\Users\ppp\AppData\Roaming\Mozilla\Firefox\Profiles\yc9ocxqk.default\searchplugins\key-find.xml [2015-04-30]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2015-12-16]
FF Extension: Music Helper - C:\Users\ppp\AppData\Roaming\Mozilla\Firefox\Profiles\yc9ocxqk.default\extensions\[email protected] [2014-05-17] [brak podpisu cyfrowego]
FF Extension: Coupon Cafe - C:\Users\ppp\AppData\Roaming\Mozilla\Firefox\Profiles\yc9ocxqk.default\extensions\[email protected] [2014-11-17] [brak podpisu cyfrowego]
FF Extension: Solution Real 1.0.1 - C:\Users\ppp\AppData\Roaming\Mozilla\Firefox\Profiles\yc9ocxqk.default\extensions\{a5c25b9e-3974-4e91-9864-34f9aca33ff3}.xpi [2014-12-30] [brak podpisu cyfrowego]
FF Extension: Stylish - C:\Users\ppp\AppData\Roaming\Mozilla\Firefox\Profiles\yc9ocxqk.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2015-07-01]
FF Extension: Default NewTab - C:\Users\ppp\AppData\Roaming\Mozilla\Firefox\Profiles\yc9ocxqk.default\extensions\[email protected] [2015-07-05] [brak podpisu cyfrowego]
FF Extension: Default SearchProtected  - C:\Users\ppp\AppData\Roaming\Mozilla\Firefox\Profiles\yc9ocxqk.default\extensions\[email protected] [2015-08-12] [brak podpisu cyfrowego]
FF Extension: AVG Web TuneUp - C:\Users\ppp\AppData\Roaming\Mozilla\Firefox\Profiles\yc9ocxqk.default\extensions\[email protected] [2015-12-16]
FF Extension: MEGA - C:\Users\ppp\AppData\Roaming\Mozilla\Firefox\Profiles\yc9ocxqk.default\Extensions\[email protected] [2015-06-24] [brak podpisu cyfrowego]
FF Extension: Adblock Plus - C:\Users\ppp\AppData\Roaming\Mozilla\Firefox\Profiles\yc9ocxqk.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-07-31]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Users\ppp\AppData\Roaming\Mozilla\Firefox\Profiles\yc9ocxqk.default\extensions\[email protected] => nie znaleziono
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Users\ppp\AppData\Roaming\Mozilla\Firefox\Profiles\yc9ocxqk.default\extensions\[email protected] => nie znaleziono
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Users\ppp\AppData\Roaming\Mozilla\Firefox\Profiles\yc9ocxqk.default\extensions\[email protected] => nie znaleziono
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Users\ppp\AppData\Roaming\Mozilla\Firefox\Profiles\yc9ocxqk.default\extensions\[email protected] => nie znaleziono
StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe hxxp://www.delta-homes.com/?type=sc&ts=1434109305&z=8d90a9f4f201c4de59ed375g8zdcdzbgce0t1oct6m&from=ient06122&uid=126614527_331762_34882826
 
Chrome: 
=======
CHR HomePage: Default -> mysearch.avg.com/?rvt=1
CHR StartupUrls: Default -> "hxxp://www.delta-homes.com/?type=hp&ts=1434109305&z=8d90a9f4f201c4de59ed375g8zdcdzbgce0t1oct6m&from=ient06122&uid=126614527_331762_34882826"
CHR DefaultSearchURL: Default -> hxxp://search.delta-homes.com/web/?type=ds&ts=1434109305&z=8d90a9f4f201c4de59ed375g8zdcdzbgce0t1oct6m&from=ient06122&uid=126614527_331762_34882826&q={searchTerms}
CHR DefaultSearchKeyword: Default -> delta-homes
CHR Profile: C:\Users\ppp\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\ppp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-07]
CHR Extension: (Dysk Google) - C:\Users\ppp\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\ppp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Coupon Cafe) - C:\Users\ppp\AppData\Local\Google\Chrome\User Data\Default\Extensions\caficnijbecdceenmgfphpoaamopmmjg [2016-01-23]
CHR Extension: (AVG Secure Search) - C:\Users\ppp\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2015-12-26]
CHR Extension: (Google Search) - C:\Users\ppp\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Stylish) - C:\Users\ppp\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2015-10-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\ppp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-24]
CHR Extension: (AdBlock) - C:\Users\ppp\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-01-24]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\ppp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-30]
CHR Extension: (Battlefield Play4Free) - C:\Users\ppp\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh [2015-01-11]
CHR Extension: (Gmail) - C:\Users\ppp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR HKU\S-1-5-21-1512337231-836916100-4245332658-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx
 
Opera: 
=======
OPR Extension: (Adblock Plus) - C:\Users\ppp\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2016-01-05]
 
==================== Usługi (filtrowane) ========================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2013-04-29] (Advanced Micro Devices, Inc.) [brak podpisu cyfrowego]
S3 AvgAMPS; C:\Program Files\AVG\Av\avgamps.exe [627544 2016-01-08] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files\AVG\Av\avgidsagent.exe [3906568 2016-01-08] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [865704 2016-01-12] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\Av\avgwdsvcx.exe [583936 2016-01-08] (AVG Technologies CZ, s.r.o.)
S3 EasyAntiCheat; C:\Windows\system32\EasyAntiCheat.exe [238376 2015-04-30] (EasyAntiCheat Ltd)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [131072 2016-01-17] (Macrovision Corporation) [brak podpisu cyfrowego]
S3 OverwolfUpdater; C:\Program Files\Overwolf\OverwolfUpdater.exe [1009904 2016-01-06] (Overwolf LTD)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2015-01-11] ()
R2 vToolbarUpdater40.2.4; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\40.2.4\ToolbarUpdater.exe [1923984 2015-12-16] (AVG Secure Search)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe [1164688 2015-12-16] ()
S3 Origin Client Service; "D:\Program Files\Origin Games\OriginClientService.exe" [X]
 
===================== Sterowniki (filtrowane) ==========================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [83872 2015-09-29] ()
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [149936 2015-11-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [257456 2015-12-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [231344 2015-08-20] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [31664 2015-11-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [229296 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [308656 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [194992 2015-12-04] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [37296 2015-12-04] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [231856 2015-10-08] (AVG Technologies CZ, s.r.o.)
S3 gdrv; C:\Windows\gdrv.sys [15600 2014-06-02] (Windows ® 2000 DDK provider)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2015-09-29] ()
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [48280 2014-12-15] (Visicom Media Inc.)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv.sys [30488 2014-12-15] (Visicom Media Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [13216 2009-07-16] ()
R3 nvmpu401; C:\Windows\System32\drivers\nvmpu401.sys [10240 2006-08-31] (NVIDIA Corporation) [brak podpisu cyfrowego]
S3 SCREAMINGBDRIVER; C:\Windows\System32\drivers\ScreamingBAudio.sys [34896 2014-02-07] (Screaming Bee LLC)
S0 sfdrv01; C:\Windows\System32\drivers\sfdrv01.sys [47616 2005-01-14] (Protection Technology) [brak podpisu cyfrowego]
R0 sfhlp02; C:\Windows\System32\drivers\sfhlp02.sys [6656 2004-10-28] (Protection Technology) [brak podpisu cyfrowego]
S0 sfsync02; C:\Windows\System32\drivers\sfsync02.sys [20544 2004-12-03] (Protection Technology) [brak podpisu cyfrowego]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [320120 2014-04-17] (Duplex Secure Ltd.)
R3 VCSVADHWSer; C:\Windows\System32\DRIVERS\vcsvad.sys [17792 2008-12-26] (Avnex)
R2 WinDivert32; C:\Windows\System32\drivers\WinDivert32.sys [33792 2014-12-10] (Basil's Projects) [brak podpisu cyfrowego]
R1 {a5c25b9e-3974-4e91-9864-34f9aca33ff3}Gw; C:\Windows\System32\drivers\{a5c25b9e-3974-4e91-9864-34f9aca33ff3}Gw.sys [43160 2014-12-30] (StdLib)
S3 BRDriver_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver.sys [X]
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
S1 pfnfd_1_10_0_9; system32\drivers\pfnfd_1_10_0_9.sys [X]
S1 wpnfd_1_10_0_5; system32\drivers\wpnfd_1_10_0_5.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
 
==================== NetSvcs (filtrowane) ===================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
 
==================== Jeden miesiąc - utworzone pliki i foldery ========
 
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
 
2016-01-24 17:51 - 2016-01-24 17:53 - 00024234 _____ C:\Users\ppp\Downloads\FRST.txt
2016-01-24 17:50 - 2016-01-24 17:51 - 01721856 _____ (Farbar) C:\Users\ppp\Downloads\FRST.exe
2016-01-24 13:59 - 2016-01-24 13:59 - 00000000 ____D C:\Users\ppp\AppData\Local\AAA_Internet_Publishing,_
2016-01-24 13:59 - 2016-01-24 13:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WTFast
2016-01-24 13:59 - 2016-01-24 13:59 - 00000000 ____D C:\Program Files\WTFast
2016-01-24 13:59 - 2015-04-08 15:15 - 00072296 _____ (Initex) C:\Windows\system32\WTFastDrv.dll
2016-01-24 13:59 - 2015-04-08 15:15 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\SPORDER.DLL
2016-01-24 13:56 - 2016-01-24 13:57 - 07016240 _____ (Initex & AAA Internet Publishing ) C:\Users\ppp\Downloads\WTFastSetup.3.5.9.511.exe
2016-01-24 12:13 - 2016-01-24 17:15 - 01294336 _____ C:\Users\ppp\Downloads\rads_user_kernel.exe
2016-01-23 17:32 - 2016-01-23 17:33 - 01152625 _____ C:\Users\ppp\Downloads\LoLBuilder.net - by Mistrzu. MPC 6.1.rar
2016-01-23 10:39 - 2016-01-23 10:39 - 00000738 _____ C:\Users\ppp\Downloads\key.txt
2016-01-23 09:32 - 2016-01-23 09:32 - 00000000 ____D C:\Users\ppp\AppData\Roaming\Systweak
2016-01-22 23:13 - 2016-01-24 12:10 - 00000000 ____D C:\Program Files\ASP
2016-01-22 23:13 - 2016-01-23 10:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System~Protector
2016-01-22 23:13 - 2016-01-23 09:31 - 00000000 ____D C:\ProgramData\Systweak
2016-01-22 23:13 - 2016-01-22 23:13 - 05822720 _____ (Advanced System Protector ) C:\Users\ppp\Downloads\aspsetup.exe
2016-01-22 23:13 - 2016-01-22 23:13 - 00000000 ____D C:\Users\ppp\AppData\Local\Systweak
2016-01-22 23:13 - 2016-01-20 19:23 - 00017896 _____ C:\Windows\system32\sasnative32.exe
2016-01-22 23:03 - 2016-01-24 15:35 - 00056320 _____ (SOFTWIN S.R.L.) C:\Windows\ExplorerSrv.exe
2016-01-22 22:44 - 2016-01-24 17:51 - 00000000 ____D C:\FRST
2016-01-22 22:15 - 2016-01-22 22:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT
2016-01-19 06:54 - 2016-01-19 06:54 - 01196845 _____ C:\Windows\unins000.exe
2016-01-17 18:35 - 2016-01-17 18:35 - 00000000 ____D C:\Users\ppp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2016-01-17 18:21 - 2016-01-17 18:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2016-01-09 20:51 - 2016-01-22 18:47 - 00000000 ____D C:\Users\ppp\AppData\Local\Akamai
2016-01-07 23:47 - 2016-01-07 23:48 - 00000000 ____D C:\Users\ppp\AppData\Roaming\TSNotifier
2016-01-07 23:44 - 2015-07-18 14:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-01-07 23:44 - 2015-07-18 14:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-01-07 23:44 - 2015-07-18 14:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-01-07 23:44 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-01-07 23:44 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-01-07 23:44 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-01-07 23:44 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-01-07 23:44 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-01-07 23:44 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-01-07 23:44 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-01-07 23:44 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-01-07 23:44 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-01-07 23:44 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-01-07 23:44 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-01-07 23:44 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-01-07 23:44 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-01-07 23:44 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-01-07 23:44 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-01-07 23:44 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-01-07 23:44 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2016-01-07 23:44 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-01-07 23:44 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-01-07 23:44 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-01-07 23:44 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-01-07 23:35 - 2016-01-08 11:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TSNotifier
2016-01-07 23:35 - 2016-01-08 11:28 - 00000000 ____D C:\Program Files\TS Notifier
2016-01-07 15:54 - 2016-01-07 15:54 - 00000000 ____D C:\Users\ppp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RadioSure
2016-01-01 22:15 - 2016-01-23 11:03 - 00249856 _____ (Creative Technology Ltd) C:\Users\ppp\Downloads\eax.dll
 
==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========
 
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
 
2016-01-24 17:27 - 2014-02-12 12:28 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-24 17:20 - 2009-07-14 05:34 - 00021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-24 17:20 - 2009-07-14 05:34 - 00021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-24 17:16 - 2014-02-11 16:29 - 00001036 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-24 17:11 - 2014-12-25 11:40 - 00000000 ____D C:\Users\ppp\AppData\Roaming\Spotify
2016-01-24 17:11 - 2014-11-17 13:06 - 00000400 _____ C:\Windows\Tasks\newSI_605.job
2016-01-24 17:11 - 2014-10-21 10:55 - 00001032 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-24 17:11 - 2014-02-15 21:20 - 00000000 ____D C:\Users\ppp\AppData\Roaming\GG
2016-01-24 17:10 - 2014-12-25 11:41 - 00000000 ____D C:\Users\ppp\AppData\Local\Spotify
2016-01-24 17:10 - 2014-02-25 17:41 - 00000000 ____D C:\Users\ppp\AppData\Roaming\Skype
2016-01-24 17:10 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-24 16:43 - 2014-03-14 15:09 - 00000000 ____D C:\ProgramData\MFAData
2016-01-24 16:34 - 2015-02-16 15:13 - 00000372 _____ C:\Windows\Tasks\update-sys.job
2016-01-24 15:14 - 2015-02-16 15:13 - 00000372 _____ C:\Windows\Tasks\update-S-1-5-21-1512337231-836916100-4245332658-1000.job
2016-01-24 12:10 - 2015-10-02 10:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
2016-01-23 11:10 - 2014-12-28 16:42 - 00000000 ___RD C:\Users\ppp\Desktop\Gry
2016-01-23 10:41 - 2015-11-14 17:32 - 00000000 ____D C:\Program Files\Cheat Engine 6.4
2016-01-23 10:41 - 2014-02-11 16:40 - 00000000 ____D C:\Users\ppp\AppData\Roaming\uTorrent
2016-01-23 10:38 - 2014-11-09 11:54 - 00000000 ____D C:\Program Files\Common Files\AVG Secure Search
2016-01-22 23:03 - 2009-07-14 03:37 - 00000000 ____D C:\Windows
2016-01-22 22:26 - 2014-02-11 14:48 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-01-22 22:12 - 2015-04-30 14:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCWest
2016-01-22 22:12 - 2015-04-30 14:27 - 00000000 ____D C:\Program Files\NCWest
2016-01-22 20:04 - 2015-04-27 20:07 - 00000000 ____D C:\Users\ppp\AppData\Local\NXEPassportClient
2016-01-22 14:41 - 2015-11-19 10:33 - 00000000 ____D C:\Users\ppp\AppData\LocalLow\uTorrent
2016-01-21 21:42 - 2015-06-25 15:41 - 00000000 ____D C:\Program Files\Overwolf
2016-01-21 21:42 - 2015-06-25 15:41 - 00000000 ____D C:\Program Files\Common Files\Overwolf
2016-01-21 02:13 - 2014-03-27 18:39 - 00000000 ____D C:\Users\ppp\AppData\Local\Overwolf
2016-01-20 21:48 - 2014-03-31 12:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-01-20 20:26 - 2014-02-11 11:17 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-01-20 20:26 - 2014-02-11 11:17 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-01-20 17:51 - 2014-02-12 21:46 - 00000000 ____D C:\Windows\system32\directx
2016-01-19 15:48 - 2014-02-15 21:20 - 00000000 ____D C:\Users\ppp\AppData\Local\GG
2016-01-19 06:54 - 2014-02-12 11:18 - 00036543 _____ C:\Windows\unins000.dat
2016-01-17 20:36 - 2015-03-17 11:30 - 00000000 ____D C:\Program Files\Sanny Builder 3
2016-01-17 20:35 - 2015-02-14 19:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sanny Builder 3
2016-01-17 12:33 - 2014-04-14 17:31 - 00000000 ____D C:\Program Files\Opera
2016-01-14 17:29 - 2011-02-01 20:37 - 00739694 _____ C:\Windows\system32\perfh015.dat
2016-01-14 17:29 - 2011-02-01 20:37 - 00155268 _____ C:\Windows\system32\perfc015.dat
2016-01-14 17:29 - 2010-11-20 22:01 - 01668226 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-14 17:29 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2016-01-14 16:41 - 2014-02-19 22:54 - 00000000 ____D C:\Users\ppp\AppData\Roaming\TS3Client
2016-01-09 20:06 - 2014-03-11 20:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon
2016-01-08 12:25 - 2014-02-11 14:26 - 00000000 ____D C:\Users\ppp\AppData\Local\ElevatedDiagnostics
2016-01-07 23:46 - 2014-02-12 18:00 - 00000000 ____D C:\ProgramData\Package Cache
2016-01-07 15:54 - 2014-05-18 09:17 - 00000000 ____D C:\Users\ppp\AppData\Local\RadioSure
2016-01-06 13:15 - 2015-11-22 13:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
 
==================== Pliki w katalogu głównym wybranych folderów =======
 
2014-03-15 18:24 - 2014-06-09 15:49 - 0003744 _____ () C:\Program Files\Mozilla Firefoxsafeguard-secure-search.xml
2015-02-23 17:50 - 2015-02-23 17:50 - 0016116 _____ () C:\Users\ppp\AppData\Roaming\ICSW_1J1F1H1E2Y2Z1P1C1B2W1L1T2ZtJ1V0N1F1C2Z1F1GtAyCtD.txt
2014-02-12 17:59 - 2015-01-11 17:15 - 0138056 _____ () C:\Users\ppp\AppData\Roaming\PnkBstrK.sys
2014-05-13 13:28 - 2014-05-13 13:28 - 0000000 ___SH () C:\Users\ppp\AppData\Local\LumaEmu
2015-11-15 18:12 - 2015-11-15 18:12 - 0002067 _____ () C:\Users\ppp\AppData\Local\recently-used.xbel
2015-11-21 17:15 - 2015-12-15 17:13 - 0007605 _____ () C:\Users\ppp\AppData\Local\Resmon.ResmonCfg
2015-02-16 15:13 - 2015-02-16 15:13 - 0000003 _____ () C:\Users\ppp\AppData\Local\updater.log
2015-02-16 15:13 - 2015-10-02 10:24 - 0000412 _____ () C:\Users\ppp\AppData\Local\UserProducts.xml
2014-05-28 12:50 - 2014-05-28 12:50 - 0000000 _____ () C:\Users\ppp\AppData\Local\{023287B7-DDB0-4E3E-983D-13CC5C66943A}
2015-11-26 13:14 - 2015-11-26 13:14 - 0000000 _____ () C:\Users\ppp\AppData\Local\{D02B66B6-45DF-467B-B0F3-778C4C51ABFC}
2014-05-24 11:25 - 2014-05-24 11:25 - 0000000 _____ () C:\Users\ppp\AppData\Local\{F23233E1-F861-4C55-BC68-3CAC58A1F5E8}
2015-09-22 15:03 - 2015-12-18 11:16 - 0000000 _____ () C:\ProgramData\mitmtest-service.log
 
Niektóre pliki w TEMP:
====================
C:\Users\ppp\AppData\Local\Temp\05989ba9835688c880afaaa90a04c180.dll
C:\Users\ppp\AppData\Local\Temp\55293cc010b044aaf687c50a4403ccca.dll
C:\Users\ppp\AppData\Local\Temp\5548f9322bf1545559eeff5bf934ec39.dll
C:\Users\ppp\AppData\Local\Temp\64cb76b38fd91e032a62d7a6dcbd9f3a.dll
C:\Users\ppp\AppData\Local\Temp\6a246669c4722113966d0cbd29442eb9.dll
C:\Users\ppp\AppData\Local\Temp\a43fc081bdd79bbed009a1f1a388e792.dll
C:\Users\ppp\AppData\Local\Temp\ab5e31d07b6ea746979d10d903f463d5.dll
C:\Users\ppp\AppData\Local\Temp\AF.dll
C:\Users\ppp\AppData\Local\Temp\AutoRun.exe
C:\Users\ppp\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\ppp\AppData\Local\Temp\bdfilters.dll
C:\Users\ppp\AppData\Local\Temp\BRSVC_5151546_hlp.exe
C:\Users\ppp\AppData\Local\Temp\c266c820bf534926216552275446683f.dll
C:\Users\ppp\AppData\Local\Temp\CH.dll
C:\Users\ppp\AppData\Local\Temp\d5302b98d1cc294e735eb30584a7ac86.dll
C:\Users\ppp\AppData\Local\Temp\drm_dialogs.dll
C:\Users\ppp\AppData\Local\Temp\drm_dyndata_7380012.dll
C:\Users\ppp\AppData\Local\Temp\drm_dyndata_7380013.dll
C:\Users\ppp\AppData\Local\Temp\drm_dyndata_7410004.dll
C:\Users\ppp\AppData\Local\Temp\ed6e8e8c4b588010c8f64663407c6196.dll
C:\Users\ppp\AppData\Local\Temp\ggdrive-menu.exe
C:\Users\ppp\AppData\Local\Temp\ggdrive-overlay.exe
C:\Users\ppp\AppData\Local\Temp\GLF8F62.tmp.dll
C:\Users\ppp\AppData\Local\Temp\ICSW_1J1F1H1E2Y2Z1P1C1B2W1L1T2Z.exe
C:\Users\ppp\AppData\Local\Temp\installstats.exe
C:\Users\ppp\AppData\Local\Temp\NGMDll.dll
C:\Users\ppp\AppData\Local\Temp\NGMResource.dll
C:\Users\ppp\AppData\Local\Temp\SkypeSetup.exe
C:\Users\ppp\AppData\Local\Temp\steambackup.exe for just cause 2__10924_i1460519771_il1577972.exe
C:\Users\ppp\AppData\Local\Temp\unicows.dll
C:\Users\ppp\AppData\Local\Temp\_isFE94.exe
 
 
==================== Bamital & volsnap =================
 
(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
 
C:\Windows\explorer.exe => Plik podpisany cyfrowo
C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo
C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo
C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo
C:\Windows\system32\services.exe => Plik podpisany cyfrowo
C:\Windows\system32\User32.dll => Plik podpisany cyfrowo
C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo
C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo
C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo
C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo
 
 
LastRegBack: 2016-01-11 20:05
 
==================== Koniec  FRST.txt ============================

 
Addition:

Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x86) Wersja:24-01-2016

Uruchomiony przez ppp (2016-01-24 17:54:40)
Uruchomiony z C:\Users\ppp\Downloads
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) (2014-02-11 10:07:55)
Tryb startu: Normal
==========================================================
 
 
==================== Konta użytkowników: =============================
 
Administrator (S-1-5-21-1512337231-836916100-4245332658-500 - Administrator - Disabled)
Gość (S-1-5-21-1512337231-836916100-4245332658-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1512337231-836916100-4245332658-1003 - Limited - Enabled)
ppp (S-1-5-21-1512337231-836916100-4245332658-1000 - Administrator - Enabled) => C:\Users\ppp
 
==================== Centrum zabezpieczeń ========================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie.)
 
AV: ESET NOD32 Antivirus 4.2 (Enabled - Out of date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET NOD32 Antivirus 4.2 (Enabled - Out of date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Zainstalowane programy ======================
 
(W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.)
 
µTorrent (HKU\S-1-5-21-1512337231-836916100-4245332658-1000\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.8.0.1430 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Flash Player 20 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) - Polish (HKLM\...\{AC76BA86-7AD7-1045-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.9.149 - Adobe Systems, Inc.)
Advanced System Protector (HKLM\...\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~9338DF9D_is1) (Version: 2.2.1000.19163 - Advanced System Protector) <==== UWAGA
Akamai NetSession Interface (HKU\S-1-5-21-1512337231-836916100-4245332658-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
AMD Catalyst Install Manager (HKLM\...\{B448BC74-1CB7-7A57-3313-5E075AFB413E}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
AVG (HKLM\...\AvgZen) (Version: 1.31.1.48846 - AVG Technologies)
AVG (Version: 16.31.7357 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4522 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.31.7357 - AVG Technologies)
AVG Web TuneUp (HKLM\...\AVG Web TuneUp) (Version: 4.2.4.155 - AVG Technologies)
AVG Zen (Version: 1.31.9 - AVG Technologies) Hidden
Bandisoft MPEG-1 Decoder (HKLM\...\BandiMPEG1) (Version:  - Bandisoft.com)
Battle.net (HKLM\...\Battle.net) (Version:  - Blizzard Entertainment)
BLOCKADE 3D (HKLM\...\Steam App 302830) (Version:  - Shumkov Dmitriy)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
Cheat Engine 6.4 (HKLM\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
CLEO 4.3 (HKLM\...\{A8F37EB0-C741-41D7-8CAB-5B40ECEEF094}_is1) (Version: 4.3 - Seemann, Deji, Alien)
Combat Arms EU (HKLM\...\Combat Arms EU) (Version:  - )
Counter-Strike: Global Offensive (HKLM\...\{6E50DE62-987E-49E8-83BD-45453D84D8E9}_is1) (Version: 1.32.5.1 - Valve, Tolyak26)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
CPUID CPU-Z 1.72 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Deus Ex: Game of the Year Edition (HKLM\...\Steam App 6910) (Version:  - Ion Storm)
Driver San Francisco (HKLM\...\Driver San Francisco) (Version: 1.1.0.0 - Ubisoft)
EVEREST Home Edition v2.20 (HKLM\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Fable III (Version: 1.0.0001.131 - Microsoft Game Studios) Hidden
FIFA 09 (HKLM\...\{2315B23D-3E21-4920-837D-AE6460934ECB}) (Version: 1.0.1.1 - Electronic Arts)
FMW 1 (Version: 1.52.1 - AVG Technologies) Hidden
Garrys Mod version 14.07.10 (HKLM\...\{C8F834F5-46EA-4933-8AA9-F6CD7D29EED0}_is1) (Version: 14.07.10 - Strogino CS Portal)
GG (HKU\S-1-5-21-1512337231-836916100-4245332658-1000\...\GG) (Version: 12 - GG Network S.A.)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM\...\Google Chrome) (Version: 47.0.2526.111 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.29.1 - Google Inc.) Hidden
Gothic II - Noc Kruka (HKLM\...\{6FB6D550-DDC4-4996-9CDF-91C34F0A4C4A}) (Version: 2.60.000 - )
Gothic III v1.12 (HKLM\...\Gothic III_is1) (Version:  - )
Gothic Multiplayer (HKLM\...\Gothic Multiplayer) (Version: 0.1.11.0 - Gothic Multiplayer Team)
GTA San Andreas (HKLM\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
Hearthstone (HKLM\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
HxD Hex Editor version 1.7.7.0 (HKLM\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
Interstellar Marines (HKLM\...\Steam App 236370) (Version:  - Zero Point Software)
Java 8 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
K-Lite Codec Pack 6.0.4 (Basic) (HKLM\...\KLiteCodecPack_is1) (Version: 6.0.4 - )
League of Legends (HKLM\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (Version: 3.0.1 - Riot Games) Hidden
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM\...\{F97E3841-CA9D-4964-9D64-26066241D26F}) (Version: 3.3.24.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{8FB1B528-E260-451E-9B55-E9152F94B80B}) (Version: 3.2.3.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft_VC100_CRT_x86 (HKLM\...\{6FDDB201-2CA0-42BD-973F-7B2C4A61EA3F}) (Version: 1.0.0 - Microsoft)
Mozilla Firefox 34.0.5 (x86 pl) (HKLM\...\Mozilla Firefox 34.0.5 (x86 pl)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 32.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MTA:SA v1.5.1 (HKLM\...\MTA:SA 1.5) (Version: v1.5.1 - Multi Theft Auto)
NCSOFT Game Launcher (HKLM\...\NCLauncher_NCWest) (Version:  - NCSOFT)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.57.35 - NVIDIA Corporation)
NVIDIA PhysX (HKLM\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Opera Stable 34.0.2036.41 (HKLM\...\Opera 34.0.2036.41) (Version: 34.0.2036.41 - Opera Software)
Overwolf (HKLM\...\Overwolf) (Version: 0.91.246.0 - Overwolf Ltd.)
Pando Media Booster (HKLM\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
Path of Exile (HKLM\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 1.3.1.42574 - Grinding Gear Games)
Payday The Heist © OVERKILL Software version 1 (HKLM\...\Payday The Heist © OVERKILL Software_is1) (Version: 1 - )
Polski pakiet językowy dla programu Microsoft .NET Framework 4.5 PLK (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50709 - Microsoft Corporation)
Postal 2 (HKLM\...\Postal 2) (Version:  - )
Postal 2 Apocalypse Weekend Expansion Pack (HKLM\...\Postal 2 Apocalypse Weekend Expansion Pack) (Version:  - )
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
RadioSure (HKU\S-1-5-21-1512337231-836916100-4245332658-1000\...\RadioSure) (Version:  - )
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Sanny Builder 3.2.2 (HKLM\...\Sanny Builder 3_is1) (Version:  - )
Skype™ 7.17 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1512337231-836916100-4245332658-1000\...\Spotify) (Version: 1.0.20.94.g8f8543b3 - Spotify AB)
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TS Notifier (HKLM\...\{A8C69D46-A92E-40FA-B393-0E3A417D8F2A}) (Version: 1.6.0000 - Andreas Gebert)
Unturned (HKLM\...\Steam App 304930) (Version:  - Nelson Sexton)
Vegas Pro 11.0 (HKLM\...\{E6F012B0-E930-11E0-A67A-F04DA23A5C58}) (Version: 11.0.370 - Sony)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WarRock (HKLM\...\Warrock EU) (Version:  - )
WinRAR 5.00 (32-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Wooxy version 1.2 (HKLM\...\{C183CD14-47D8-4F98-AF06-4744CB834C8E}_is1) (Version: 1.2 - Chewy)
WTFast 3.5 (HKLM\...\{12B4121D-5221-4AFC-9EDC-63B0CA139856}_is1) (Version: 3.5.9.511 - Initex & AAA Internet Publishing)
 
==================== Niestandardowe rejestracje CLSID (filtrowane): ==========================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
CustomCLSID: HKU\S-1-5-21-1512337231-836916100-4245332658-1000_Classes\CLSID\{31261F21-2B16-45EE-BEAB-07C4CFA18B65}\InprocServer32 -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-1512337231-836916100-4245332658-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\ppp\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.)
 
==================== Zaplanowane zadania (filtrowane) =============
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
Task: {2055E9B0-850D-496E-ACBA-B89E9CC38BB4} - System32\Tasks\{B549C309-DEB4-4CA4-928B-C0BEAA5DAB93} => pcalua.exe -a D:\install.exe -d D:\
Task: {35093A61-C62F-48F4-A683-9A9479267CFE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {36B95796-4087-4C29-97AD-FEE0277AE591} - System32\Tasks\{92542613-8F6B-4677-B322-D48E1D605C0B} => pcalua.exe -a C:\Users\ppp\Downloads\32bit_Win7_Win8_Win81_R275.exe -d C:\Users\ppp\Downloads
Task: {4B2C11D9-64A1-49CF-B1B0-87326A20CD30} - System32\Tasks\Advanced System~Protector_startup => C:\Program Files\ASP\AdvancedSystemProtector.exe <==== UWAGA
Task: {4D882514-201D-40A4-A8CD-C262DE6D545C} - System32\Tasks\update-S-1-5-21-1512337231-836916100-4245332658-1000 => C:\Program Files\Skillbrains\Updater\Updater.exe
Task: {571B8002-B8F9-4C54-9E0F-E215FBAA976E} - System32\Tasks\{D9EF2C23-A302-40EF-AAE6-AFBD60890D5C} => c:\program files\opera\launcher.exe [2015-12-15] (Opera Software)
Task: {6AEF0C98-2CB4-4B67-8C70-4C977C7355CC} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
Task: {7C36F315-2F9A-4D8F-9E79-BF756DBBF628} - System32\Tasks\SPBIW_UpdateTask_Time_323933353836303735342d3437415a556c2a3223346c41 => Wscript.exe //B "C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe /invoke /f:check_services /l:0 <==== UWAGA
Task: {8BC0005B-B52B-47DD-ABF9-F053AD17518A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-20] (Adobe Systems Incorporated)
Task: {9806BDA9-D51A-485A-851E-4510970A6CB3} - System32\Tasks\Opera scheduled Autoupdate 1450528803 => C:\Program Files\Opera\launcher.exe [2015-12-15] (Opera Software)
Task: {A19146F6-02BC-4833-8BA4-0A6C22161DE1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {A54B2120-E1FF-4E49-95A3-69FC7A897F5F} - System32\Tasks\update-sys => C:\Program Files\Skillbrains\Updater\Updater.exe
Task: {A70DBFA6-6E2D-48EC-A3D4-5D888CECC9C8} - System32\Tasks\Overwolf Updater Task => C:\Program Files\Overwolf\OverwolfUpdater.exe [2016-01-06] (Overwolf LTD)
Task: {B71C8692-DB0A-40E7-B6D2-F976CB0B48FC} - System32\Tasks\{D72E373D-C0CE-4A84-97E5-0D981119E3B6} => pcalua.exe -a C:\Users\ppp\Downloads\TagesSetup.exe -d C:\Users\ppp\Downloads
Task: {CA000A95-D8E0-4153-95B9-9352F2CB7BEF} - System32\Tasks\Advanced System~Protector => C:\Program Files\ASP\AspManager.exe [2016-01-20] ()
Task: {CD940799-08C8-4482-8FDC-ACFDD98CEF61} - System32\Tasks\{830CF9F5-57A1-4B64-97D4-47EE56804C55} => c:\program files\opera\launcher.exe [2015-12-15] (Opera Software)
Task: {D3505B98-C792-4416-9BCC-F72D33D067D2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {D622195C-D680-4FEA-9C56-59660C7C9E94} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {EDE4D403-630C-42C7-83CF-18D459421E04} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {EDF7CD11-7064-4BC5-ADF8-1AAEBD54C113} - System32\Tasks\{93E34CD7-AE29-4427-B789-D981F58BD2EF} => pcalua.exe -a C:\Windows\unvise32.exe -c C:\Program Files\Postal2\uninstal.log
Task: {F832F906-F674-4322-B3A8-7B68EC42050A} - System32\Tasks\newSI_605 => C:\Users\ppp\AppData\Roaming\newSI_605\s_inst.exe
Task: {FD781A20-BC64-476E-AFB1-88F6EC50BF30} - System32\Tasks\{80D8C653-E936-4E75-BEBB-D7A6C8E57CE0} => pcalua.exe -a C:\Users\ppp\Downloads\Freeplay_Mod_1.3.exe -d C:\Users\ppp\Downloads
 
(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\newSI_605.job => C:\Users\ppp\AppData\Roaming\newSI_605\s_inst.exe
Task: C:\Windows\Tasks\update-S-1-5-21-1512337231-836916100-4245332658-1000.job => C:\Program Files\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files\Skillbrains\Updater\Updater.exe
 
==================== Skróty =============================
 
(Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.)
 
ShortcutWithArgument: C:\Users\ppp\Desktop\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.delta-homes.com/?type=sc&ts=1434109305&z=8d90a9f4f201c4de59ed375g8zdcdzbgce0t1oct6m&from=ient06122&uid=126614527_331762_34882826
ShortcutWithArgument: C:\Users\ppp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.delta-homes.com/?type=sc&ts=1434109305&z=8d90a9f4f201c4de59ed375g8zdcdzbgce0t1oct6m&from=ient06122&uid=126614527_331762_34882826
ShortcutWithArgument: C:\Users\ppp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.delta-homes.com/?type=sc&ts=1434109305&z=8d90a9f4f201c4de59ed375g8zdcdzbgce0t1oct6m&from=ient06122&uid=126614527_331762_34882826
ShortcutWithArgument: C:\Users\ppp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Opera.lnk -> C:\Program Files\Opera\launcher.exe (Opera Software) -> hxxp://www.delta-homes.com/?type=sc&ts=1434109305&z=8d90a9f4f201c4de59ed375g8zdcdzbgce0t1oct6m&from=ient06122&uid=126614527_331762_34882826
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.delta-homes.com/?type=sc&ts=1434109305&z=8d90a9f4f201c4de59ed375g8zdcdzbgce0t1oct6m&from=ient06122&uid=126614527_331762_34882826
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.delta-homes.com/?type=sc&ts=1434109305&z=8d90a9f4f201c4de59ed375g8zdcdzbgce0t1oct6m&from=ient06122&uid=126614527_331762_34882826
ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.delta-homes.com/?type=sc&ts=1434109305&z=8d90a9f4f201c4de59ed375g8zdcdzbgce0t1oct6m&from=ient06122&uid=126614527_331762_34882826
 
==================== Załadowane moduły (filtrowane) ==============
 
2015-06-11 13:25 - 2015-12-16 18:52 - 01164688 _____ () C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe
2013-04-29 23:24 - 2013-04-29 23:24 - 00095232 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2015-01-11 16:20 - 2015-01-11 17:47 - 00076888 _____ () C:\Windows\system32\PnkBstrA.exe
2015-12-19 13:40 - 2015-12-15 11:04 - 61563000 _____ () C:\Program Files\Opera\34.0.2036.41\opera.dll
2015-12-19 13:40 - 2015-12-15 11:04 - 01983096 _____ () C:\Program Files\Opera\34.0.2036.41\libglesv2.dll
2015-12-19 13:40 - 2015-12-15 11:04 - 00081528 _____ () C:\Program Files\Opera\34.0.2036.41\libegl.dll
 
==================== Alternate Data Streams (filtrowane) =========
 
(Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.)
 
AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\ProgramData:NT2
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\Users\All Users:NT2
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT2
AlternateDataStreams: C:\ProgramData\Dane aplikacji:NT
AlternateDataStreams: C:\ProgramData\Dane aplikacji:NT2
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2
AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
AlternateDataStreams: C:\Users\ppp\Dane aplikacji:NT
AlternateDataStreams: C:\Users\ppp\Dane aplikacji:NT2
AlternateDataStreams: C:\Users\ppp\AppData\Roaming:NT
AlternateDataStreams: C:\Users\ppp\AppData\Roaming:NT2
 
==================== Tryb awaryjny (filtrowane) ===================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.)
 
 
==================== EXE - Powiązania (filtrowane) ===============
 
(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.)
 
 
==================== Internet Explorer - Witryny zaufane i z ograniczeniami ===============
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.)
 
 
==================== Hosts - zawartość: ===============================
 
(Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.)
 
2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Inne obszary ============================
 
(Obecnie brak automatycznej naprawy dla tej sekcji.)
 
HKU\S-1-5-21-1512337231-836916100-4245332658-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\ppp\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Zapora systemu Windows [funkcja włączona]
 
==================== MSCONFIG/TASK MANAGER - Wyłączone elementy ==
 
(Obecnie brak automatycznej naprawy dla tej sekcji.)
 
 
==================== Reguły Zapory systemu Windows (filtrowane) ===============
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
FirewallRules: [{62AFC05F-30D2-4CB2-B88F-19886625846A}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{E9EC2732-848A-4E75-889B-A7288A71355F}C:\program files\ubisoft\xiii\system\xiii.exe] => (Allow) C:\program files\ubisoft\xiii\system\xiii.exe
FirewallRules: [uDP Query User{A368ACEE-61D6-466B-A7AE-CFCAA6853DBB}C:\program files\ubisoft\xiii\system\xiii.exe] => (Allow) C:\program files\ubisoft\xiii\system\xiii.exe
FirewallRules: [TCP Query User{F0C805E5-9EF1-4535-8FFE-DE9BF67110EC}D:\pandoramt2\metin2.bin] => (Allow) D:\pandoramt2\metin2.bin
FirewallRules: [uDP Query User{4D58181C-15DD-4A83-A2C7-CEA3FCD1A045}D:\pandoramt2\metin2.bin] => (Allow) D:\pandoramt2\metin2.bin
FirewallRules: [TCP Query User{4C3DF501-230E-49BF-8298-5DF7AD7D66AB}D:\pandoramt2\pandoramt2(bez_patchera).exe] => (Allow) D:\pandoramt2\pandoramt2(bez_patchera).exe
FirewallRules: [uDP Query User{F769524F-FE6B-4611-A12B-E2E469FC219B}D:\pandoramt2\pandoramt2(bez_patchera).exe] => (Allow) D:\pandoramt2\pandoramt2(bez_patchera).exe
FirewallRules: [{C3BE077A-1E7E-40C3-91A6-DB4B75F63726}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{E45491E8-C050-47E1-8575-B08A9DB89233}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{FDB873E4-623F-4AEA-BC20-AFE0F50986A8}] => (Allow) C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{4D52B79E-F580-47F1-892E-5E8F12AC2144}] => (Allow) C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{B7F51ED3-F6EF-4291-96D9-408B983ED202}] => (Allow) D:\Program Files\APB Reloaded\Binaries\APB.exe
FirewallRules: [{2B376AF5-9BEA-4B4F-A7BE-851F37E72BCE}] => (Allow) D:\Program Files\APB Reloaded\Binaries\APB.exe
FirewallRules: [{271A87A0-BF0B-4B12-AEFB-D62C0C6D795D}] => (Allow) D:\Program Files\APB Reloaded\Binaries\VivoxVoiceService.exe
FirewallRules: [{C07F8E04-B32C-4A1D-AB17-D48A9BEE1BC1}] => (Allow) D:\Program Files\APB Reloaded\Binaries\VivoxVoiceService.exe
FirewallRules: [{57CFA40E-1538-4DBE-BAE1-2DD106DBBF91}] => (Allow) LPort=80
FirewallRules: [{9CC11FEC-7B51-42F7-B6AC-9FF5889A0D25}] => (Allow) LPort=443
FirewallRules: [{375D6D75-1A0C-491B-9033-50F28A37F4C6}] => (Allow) LPort=20010
FirewallRules: [{720EDE75-C0E2-429C-BC25-47534CE586DC}] => (Allow) LPort=3478
FirewallRules: [{11561BBF-5906-4802-88A8-FF4D45C37CE3}] => (Allow) LPort=7850
FirewallRules: [{DCC275CC-A70B-4B5C-BD72-3B42BAD197BB}] => (Allow) LPort=7852
FirewallRules: [{A028912B-22E2-4C8E-A176-9BD1988B28BE}] => (Allow) LPort=7853
FirewallRules: [{972129D4-9AF5-4EB4-9593-C453437AAD9D}] => (Allow) LPort=27022
FirewallRules: [{C3F699DC-B2E1-4471-A705-5544EC136A32}] => (Allow) LPort=6881
FirewallRules: [{736C0818-DC6A-44DA-B8A7-BF056377851A}] => (Allow) LPort=33333
FirewallRules: [{F5C931AE-FACF-40C1-B45D-CDC602F8DC95}] => (Allow) LPort=20443
FirewallRules: [{67EB04B2-7984-47B1-B05D-D00E08A48213}] => (Allow) LPort=8090
FirewallRules: [TCP Query User{A33F979B-F7CF-4353-8245-6D90A4E06577}D:\left4dead\left4dead.exe] => (Allow) D:\left4dead\left4dead.exe
FirewallRules: [uDP Query User{B8240AEB-C88A-4E11-A2BF-0F69D4E1AC5D}D:\left4dead\left4dead.exe] => (Allow) D:\left4dead\left4dead.exe
FirewallRules: [{5D04C888-5F98-4924-AD56-D8C9A7D872A9}] => (Allow) D:\Program Files\Infestation Survivor Stories\Infestation.exe
FirewallRules: [{F20AC959-8430-4A09-9DE2-4F9850A78B32}] => (Allow) C:\Users\ppp\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{C2BD9918-49C9-4E5E-AD27-367682B1310D}D:\programdata\electronic arts\need for speed world\data\nfsw.exe] => (Allow) D:\programdata\electronic arts\need for speed world\data\nfsw.exe
FirewallRules: [uDP Query User{5B983A70-61D3-4F2A-A936-AA3E0FA21BE5}D:\programdata\electronic arts\need for speed world\data\nfsw.exe] => (Allow) D:\programdata\electronic arts\need for speed world\data\nfsw.exe
FirewallRules: [TCP Query User{5F39B234-BF03-425B-A910-6F7D01ED1B90}C:\users\ppp\desktop\gry\alien2\alien2.pl.exe] => (Allow) C:\users\ppp\desktop\gry\alien2\alien2.pl.exe
FirewallRules: [uDP Query User{5FCA6610-1BBD-4604-A401-E8AAB5A1001F}C:\users\ppp\desktop\gry\alien2\alien2.pl.exe] => (Allow) C:\users\ppp\desktop\gry\alien2\alien2.pl.exe
FirewallRules: [TCP Query User{0A858BCC-ED47-43F0-B336-ECA03A19D323}D:\program files\metin2 ravia.eu\game] => (Allow) D:\program files\metin2 ravia.eu\game
FirewallRules: [uDP Query User{EDF831B4-5EA6-43A8-A836-AED3E4D73466}D:\program files\metin2 ravia.eu\game] => (Allow) D:\program files\metin2 ravia.eu\game
FirewallRules: [{D0A612C3-1322-406B-B187-08EC3B9355F5}] => (Allow) C:\Users\ppp\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{D5004643-FEEC-449C-A883-0F4E6CFAD916}D:\pandoramt2\metin2mod_2011sf.exe] => (Allow) D:\pandoramt2\metin2mod_2011sf.exe
FirewallRules: [uDP Query User{3C1956CE-6EA0-454A-BC7C-C3FCC730FF8D}D:\pandoramt2\metin2mod_2011sf.exe] => (Allow) D:\pandoramt2\metin2mod_2011sf.exe
FirewallRules: [TCP Query User{E75A911A-71BF-43F7-AE60-0841C32731C2}D:\pandoramt2\metin2mod_2012sf.exe] => (Allow) D:\pandoramt2\metin2mod_2012sf.exe
FirewallRules: [uDP Query User{7500BD88-CA00-4BF4-A9FB-5AB6AB42E00B}D:\pandoramt2\metin2mod_2012sf.exe] => (Allow) D:\pandoramt2\metin2mod_2012sf.exe
FirewallRules: [TCP Query User{62F18694-4FE7-42AC-BCF3-FE0A06248CB4}C:\users\ppp\desktop\pandoramt2\metin2.bin] => (Allow) C:\users\ppp\desktop\pandoramt2\metin2.bin
FirewallRules: [uDP Query User{95C31E45-64BD-4BAB-8DB0-2F180E23DAE7}C:\users\ppp\desktop\pandoramt2\metin2.bin] => (Allow) C:\users\ppp\desktop\pandoramt2\metin2.bin
FirewallRules: [TCP Query User{5BA6F21E-1B24-4BF0-A0C0-A505B5CF61AB}C:\users\ppp\desktop\pandoramt2\pandoramt2(bez_patchera).exe] => (Allow) C:\users\ppp\desktop\pandoramt2\pandoramt2(bez_patchera).exe
FirewallRules: [uDP Query User{A32D24DC-68A8-4E42-9313-2C462FAAC183}C:\users\ppp\desktop\pandoramt2\pandoramt2(bez_patchera).exe] => (Allow) C:\users\ppp\desktop\pandoramt2\pandoramt2(bez_patchera).exe
FirewallRules: [{9148EA68-FD13-4395-8603-5E21CCB35A25}] => (Allow) C:\Users\ppp\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8F4F2755-294A-458A-87E6-9C1FFD684BF2}] => (Allow) C:\Users\ppp\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{296D150F-E809-4269-9FD8-AD30CC4DB780}] => (Allow) C:\Users\ppp\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3A53AA09-C19B-43E4-9754-AA400238B890}] => (Allow) C:\Users\ppp\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{178DF97E-E864-4607-A66E-B742FDEC75CD}C:\users\ppp\desktop\pandoramt2\metin2mod_2012sf.exe] => (Allow) C:\users\ppp\desktop\pandoramt2\metin2mod_2012sf.exe
FirewallRules: [uDP Query User{EFBB6568-ED36-424E-A13E-C7DEDE6DA553}C:\users\ppp\desktop\pandoramt2\metin2mod_2012sf.exe] => (Allow) C:\users\ppp\desktop\pandoramt2\metin2mod_2012sf.exe
FirewallRules: [{7BEC8480-DA4E-47B1-A224-9012FE9A52DD}] => (Allow) C:\Users\ppp\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{BA6FF5BC-FA0B-4633-8586-166E3080D724}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe
FirewallRules: [{CE5C84DE-8947-470A-9B92-2B18478DC489}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe
FirewallRules: [TCP Query User{EBF5428B-9A27-4FF2-999C-182B2E1D5869}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [uDP Query User{D7BB6554-4EAD-4070-992B-80D66D7D174C}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{8C310045-EF8C-494B-8A3E-D05416E8637F}] => (Allow) C:\Program Files\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{062DABCC-5261-461A-B59C-7159E5A02998}] => (Allow) C:\Program Files\AVG\AVG2014\avgmfapx.exe
FirewallRules: [TCP Query User{FB0D2A41-F74A-4E40-A718-7DCE55E08671}C:\program files\ares\ares.exe] => (Allow) C:\program files\ares\ares.exe
FirewallRules: [uDP Query User{B64F1A37-6785-4D95-9595-ABC42F0C7931}C:\program files\ares\ares.exe] => (Allow) C:\program files\ares\ares.exe
FirewallRules: [{8EF71851-9370-4F32-B658-941195DA06AD}] => (Allow) C:\Program Files\VSO\VSO Downloader\3\VsoDownloader.exe
FirewallRules: [{F70964DF-7ECB-47B9-A3C6-3C12C34F5D2F}] => (Allow) C:\Program Files\VSO\VSO Downloader\3\VsoDownloader.exe
FirewallRules: [TCP Query User{F1FDAB31-36EE-4E97-80DE-C6ECE5EFCE6F}C:\users\ppp\desktop\pandoramt2\metin2client.exe] => (Allow) C:\users\ppp\desktop\pandoramt2\metin2client.exe
FirewallRules: [uDP Query User{7E2A33E0-F105-4E03-8ED9-F4CF574632C2}C:\users\ppp\desktop\pandoramt2\metin2client.exe] => (Allow) C:\users\ppp\desktop\pandoramt2\metin2client.exe
FirewallRules: [TCP Query User{051F52C5-7417-4368-BA70-A5C0180FA99C}C:\users\ppp\desktop\pandoramt2\metin2mod_2011sf.exe] => (Allow) C:\users\ppp\desktop\pandoramt2\metin2mod_2011sf.exe
FirewallRules: [uDP Query User{299E8814-B3DE-40B7-9CCD-B11FEA3E121A}C:\users\ppp\desktop\pandoramt2\metin2mod_2011sf.exe] => (Allow) C:\users\ppp\desktop\pandoramt2\metin2mod_2011sf.exe
FirewallRules: [TCP Query User{032BCBA5-4126-47B2-8A8B-E7C8E8C799DE}C:\users\ppp\desktop\gry\pandoramt2\pandoramt2(bez_patchera).exe] => (Allow) C:\users\ppp\desktop\gry\pandoramt2\pandoramt2(bez_patchera).exe
FirewallRules: [uDP Query User{1A225CB3-21D7-4C2F-A6ED-6A4A16000689}C:\users\ppp\desktop\gry\pandoramt2\pandoramt2(bez_patchera).exe] => (Allow) C:\users\ppp\desktop\gry\pandoramt2\pandoramt2(bez_patchera).exe
FirewallRules: [TCP Query User{D9F1861B-8C91-491B-B23B-2AF5C9C6DAA9}C:\users\ppp\desktop\gry\mortyriusz.pl\_mortyriusz.pl.exe] => (Allow) C:\users\ppp\desktop\gry\mortyriusz.pl\_mortyriusz.pl.exe
FirewallRules: [uDP Query User{EE6DF4AB-3DE2-4064-8593-5753C21C0D54}C:\users\ppp\desktop\gry\mortyriusz.pl\_mortyriusz.pl.exe] => (Allow) C:\users\ppp\desktop\gry\mortyriusz.pl\_mortyriusz.pl.exe
FirewallRules: [TCP Query User{3CEE624C-FEBA-4792-B82E-1D6A10991C7D}C:\users\ppp\desktop\gry\mortyriusz.pl\dzikie_psy.exe] => (Allow) C:\users\ppp\desktop\gry\mortyriusz.pl\dzikie_psy.exe
FirewallRules: [uDP Query User{5F636E3E-5FF3-405E-A4F2-123504D3681B}C:\users\ppp\desktop\gry\mortyriusz.pl\dzikie_psy.exe] => (Allow) C:\users\ppp\desktop\gry\mortyriusz.pl\dzikie_psy.exe
FirewallRules: [TCP Query User{46A6E828-E91B-4AE7-9A75-627FA0375DF3}C:\users\ppp\desktop\gry\mortyriusz.pl\zielone_miasta.exe] => (Allow) C:\users\ppp\desktop\gry\mortyriusz.pl\zielone_miasta.exe
FirewallRules: [uDP Query User{4A27CB81-0EE1-4EDB-BE27-0424C6A82104}C:\users\ppp\desktop\gry\mortyriusz.pl\zielone_miasta.exe] => (Allow) C:\users\ppp\desktop\gry\mortyriusz.pl\zielone_miasta.exe
FirewallRules: [TCP Query User{6462D06A-F22A-4333-A411-FACC04B8609B}D:\program files\valve\hl.exe] => (Allow) D:\program files\valve\hl.exe
FirewallRules: [uDP Query User{FC332656-2ECA-4AD8-8B7E-7BE25C1EEECE}D:\program files\valve\hl.exe] => (Allow) D:\program files\valve\hl.exe
FirewallRules: [TCP Query User{5D6A1F8E-7126-4508-AB5D-1CE7BE79E1F0}C:\program files\killingfloor\system\killingfloor.exe] => (Allow) C:\program files\killingfloor\system\killingfloor.exe
FirewallRules: [uDP Query User{8085AAAA-38C8-4EE2-BC5C-CFEB4E5AA40C}C:\program files\killingfloor\system\killingfloor.exe] => (Allow) C:\program files\killingfloor\system\killingfloor.exe
FirewallRules: [TCP Query User{4D635BCA-8B05-4765-99DB-C5773A41C393}D:\killing floor pc full game multiplayer + sp v_1.0.3.9 ^^nosteam^^\killingfloor\system\killingfloor.exe] => (Allow) D:\killing floor pc full game multiplayer + sp v_1.0.3.9 ^^nosteam^^\killingfloor\system\killingfloor.exe
FirewallRules: [uDP Query User{90CA2108-8794-430B-924D-CD314B1CCF97}D:\killing floor pc full game multiplayer + sp v_1.0.3.9 ^^nosteam^^\killingfloor\system\killingfloor.exe] => (Allow) D:\killing floor pc full game multiplayer + sp v_1.0.3.9 ^^nosteam^^\killingfloor\system\killingfloor.exe
FirewallRules: [{3CB64C2E-A893-4AB6-AA94-1396509204F1}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{6AED9C0A-615F-4EEF-AFA6-7360397A04C1}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{6181883C-E9B0-4021-A02E-D3F7CB8139C0}] => (Allow) C:\Program Files\Steam\SteamApps\common\nmrih\sdk\hl2.exe
FirewallRules: [{09199B62-5D81-4AA0-8927-7B9F3245E8F7}] => (Allow) C:\Program Files\Steam\SteamApps\common\nmrih\sdk\hl2.exe
FirewallRules: [TCP Query User{14567FF0-A444-4795-AF5D-63A767A06E50}C:\users\ppp\desktop\teamspeak3-server_win32\ts3server_win32.exe] => (Allow) C:\users\ppp\desktop\teamspeak3-server_win32\ts3server_win32.exe
FirewallRules: [uDP Query User{7B9F7B79-2EF4-474B-847A-1B058B415282}C:\users\ppp\desktop\teamspeak3-server_win32\ts3server_win32.exe] => (Allow) C:\users\ppp\desktop\teamspeak3-server_win32\ts3server_win32.exe
FirewallRules: [{AE6D503E-FD7D-427A-A422-69CADD2B0B9A}] => (Allow) C:\Program Files\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{3DF871C7-196C-44A0-AB99-23BDD708E7B1}] => (Allow) C:\Program Files\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [TCP Query User{D463698D-AE48-4D1D-8767-674739805645}C:\users\ppp\desktop\antyda.pl\antyda.pl.exe] => (Allow) C:\users\ppp\desktop\antyda.pl\antyda.pl.exe
FirewallRules: [uDP Query User{C2ECDF6B-34EA-4A52-84B1-71333E28D5ED}C:\users\ppp\desktop\antyda.pl\antyda.pl.exe] => (Allow) C:\users\ppp\desktop\antyda.pl\antyda.pl.exe
FirewallRules: [TCP Query User{2DF9C4D2-7CDC-4EC7-B7B7-460E7D1DF79D}C:\program files\ea games\battlefield play4free\bfp4f.exe] => (Allow) C:\program files\ea games\battlefield play4free\bfp4f.exe
FirewallRules: [uDP Query User{17F78BB6-85CE-45E6-9D3F-9BA9211231C9}C:\program files\ea games\battlefield play4free\bfp4f.exe] => (Allow) C:\program files\ea games\battlefield play4free\bfp4f.exe
FirewallRules: [{62F4EDEA-2125-491C-9B85-710814F63479}] => (Allow) C:\Users\ppp\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{022A9A9B-BC03-4AC4-A7D0-69F05C5E7CCB}] => (Allow) C:\Users\ppp\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{75B16F5E-A19B-444A-A1AE-BB9DE1199560}] => (Allow) D:\Program Files\GSC World Publishing\S.T.A.L.K.E.R. - Zew Prypeci\bin\xrEngine.exe
FirewallRules: [{4A5AD8B0-30FA-47BB-BB08-537F7DF578D4}] => (Allow) D:\Program Files\GSC World Publishing\S.T.A.L.K.E.R. - Zew Prypeci\bin\xrEngine.exe
FirewallRules: [{E2342B5D-1593-4EC2-81E5-4CD0D2C55909}] => (Allow) D:\Program Files\GSC World Publishing\S.T.A.L.K.E.R. - Zew Prypeci\bin\dedicated\xrEngine.exe
FirewallRules: [{B4F2289A-30B6-406F-AA62-5519E46D1976}] => (Allow) D:\Program Files\GSC World Publishing\S.T.A.L.K.E.R. - Zew Prypeci\bin\dedicated\xrEngine.exe
FirewallRules: [{383E400C-A62F-4B47-A234-3C851CF7F00E}] => (Allow) C:\Program Files\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{3FF4AB22-0C17-446C-B638-7ADFF18FBA6D}] => (Allow) C:\Program Files\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{82CBA959-CAED-4FF1-A1FD-C9C42DE93017}] => (Allow) C:\Program Files\Nero\KM\NMDllHost.exe
FirewallRules: [{2853CC6B-BA97-46BF-B4C5-DBED68C46469}] => (Allow) C:\Program Files\Nero\KM\NMDllHost.exe
FirewallRules: [{AAC7BAD7-2E9E-4D27-A545-1F7A829859FB}] => (Allow) D:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{A746F581-88E4-4FC2-9798-1975F66E5280}] => (Allow) D:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{04B18247-0E87-472E-8987-CAF2A2AEEA24}] => (Allow) D:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe
FirewallRules: [{BF7A733F-9ACE-44A0-9564-FD85CDA925A5}] => (Allow) D:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe
FirewallRules: [{37E67796-9F3F-4F7C-9F9C-CCDEB2918A6B}] => (Allow) C:\Users\ppp\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{98B46E39-AED4-432A-AD86-1CC25B88A1EF}] => (Allow) C:\Users\ppp\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D9620A7B-9A63-410E-B57C-C36D33F2C221}] => (Allow) D:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe
FirewallRules: [{36A0A2A5-4405-442E-8AD8-417BDB0BCFE6}] => (Allow) D:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe
FirewallRules: [{4224DF4A-C667-49CA-BDB6-50A50A9363A3}] => (Allow) D:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe
FirewallRules: [{6F9C8C2A-BD2B-4460-B481-6EFEE8A03740}] => (Allow) D:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe
FirewallRules: [{FFF712F7-C2DE-43AF-B8AB-97F7FD0337E0}] => (Allow) C:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe
FirewallRules: [{03B0C0C2-4D23-4C70-BF5C-BE59C4BEFEB2}] => (Allow) C:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe
FirewallRules: [TCP Query User{2D0D1AAF-8B8E-4912-8214-93E57FE57050}C:\users\ppp\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\ppp\appdata\local\akamai\netsession_win.exe
FirewallRules: [uDP Query User{5F0D235E-5ABF-405D-BB62-C6BA5F9EBC8A}C:\users\ppp\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\ppp\appdata\local\akamai\netsession_win.exe
FirewallRules: [{314C47B7-069C-4471-A2B7-DF07EE65351C}] => (Allow) C:\Nexon\Combat Arms EU\NMService.exe
FirewallRules: [{F6851FE8-D91F-4322-94BD-48C72F0D84F7}] => (Allow) C:\Nexon\Combat Arms EU\NMService.exe
FirewallRules: [TCP Query User{18E83029-DF9E-4E1E-9231-4C68A9D5895D}C:\users\ppp\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\ppp\appdata\local\akamai\netsession_win.exe
FirewallRules: [uDP Query User{50DB5504-A207-4813-BF2F-6E18D5FBDBCB}C:\users\ppp\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\ppp\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{F8533193-FDC1-4C8A-A7E6-09C40369E03A}D:\program files\rockstar games\gta san andreas\proxy_sa.exe] => (Allow) D:\program files\rockstar games\gta san andreas\proxy_sa.exe
FirewallRules: [uDP Query User{90CAD369-32C6-46DF-B608-E04FBFECCDC7}D:\program files\rockstar games\gta san andreas\proxy_sa.exe] => (Allow) D:\program files\rockstar games\gta san andreas\proxy_sa.exe
FirewallRules: [{D331BEFD-DD03-4984-8021-9ED5C1FFA9B5}] => (Allow) C:\Program Files\Raptr\raptr.exe
FirewallRules: [{A08A8948-5B8B-433C-A7C6-31B0C1D9D5D9}] => (Allow) C:\Program Files\Raptr\raptr.exe
FirewallRules: [{576970DD-87B5-4D93-98CC-70A0D7D87644}] => (Allow) C:\Program Files\Raptr\raptr_im.exe
FirewallRules: [{48C9F9A9-F011-4838-B621-09CF8B7BCF65}] => (Allow) C:\Program Files\Raptr\raptr_im.exe
FirewallRules: [{D05428ED-D633-4CFB-AA35-842C8F4C39BB}] => (Allow) C:\Program Files\AVG\AVG2014\avgnsx.exe
FirewallRules: [{1E4D6076-DE13-4010-A671-BE2E631BC2B9}] => (Allow) C:\Program Files\AVG\AVG2014\avgnsx.exe
FirewallRules: [{65A6ED6E-EB8C-46E8-A9DA-31EA1E82D819}] => (Allow) C:\Program Files\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{1870C33B-C0A0-471E-A964-48D5F51462FB}] => (Allow) C:\Program Files\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{EF7CCF39-5717-4406-A4A2-D7021B551240}] => (Allow) C:\Program Files\AVG\AVG2014\avgemcx.exe
FirewallRules: [{06CF6DC5-6988-4E8A-A886-14D27E218DEA}] => (Allow) C:\Program Files\AVG\AVG2014\avgemcx.exe
FirewallRules: [{D42B2318-1E2A-4151-B88E-76ED5965904B}] => (Allow) C:\Program Files\GameforgeLive\Games\POL_pol\S.K.I.L.L\Binaries\Win32\sf2.exe
FirewallRules: [{6EC15343-E88D-45DF-8A5E-9DFA061E6FC5}] => (Allow) C:\Program Files\GameforgeLive\Games\POL_pol\S.K.I.L.L\Binaries\Win32\sf2.exe
FirewallRules: [TCP Query User{509851D3-B530-46A2-8C24-245B8F417AD3}D:\program files\perfect world entertainment\neverwinter_en\neverwinter\live\gameclient.exe] => (Allow) D:\program files\perfect world entertainment\neverwinter_en\neverwinter\live\gameclient.exe
FirewallRules: [uDP Query User{2E0567E9-AA5C-48B7-B1AB-59E3CED87F3A}D:\program files\perfect world entertainment\neverwinter_en\neverwinter\live\gameclient.exe] => (Allow) D:\program files\perfect world entertainment\neverwinter_en\neverwinter\live\gameclient.exe
FirewallRules: [{3D4D2FE2-62C2-454F-8BB0-6EAD70477F94}] => (Allow) D:\Program Files\Steam\Steam.exe
FirewallRules: [{692B1099-438E-4DAC-ABC5-7F436CAEF46D}] => (Allow) D:\Program Files\Steam\Steam.exe
FirewallRules: [{1E1DC626-F269-4C5A-8CD0-5E22E1218327}] => (Allow) D:\Program Files\Heroes & Generals\live\hng.exe
FirewallRules: [{E10FCF40-C9EE-4A1A-8951-62702AA66623}] => (Allow) D:\Program Files\Heroes & Generals\live\hng.exe
FirewallRules: [{FE99A71A-A455-44FF-9682-B028F8DBDCBB}] => (Allow) C:\Program Files\Raptr\raptr.exe
FirewallRules: [{6A60AAB6-47AC-4B3C-8DB8-A84D2A40E3E3}] => (Allow) C:\Program Files\Raptr\raptr.exe
FirewallRules: [{7C7064D7-1263-4491-A716-8F80E695B1B8}] => (Allow) C:\Program Files\Raptr\raptr_im.exe
FirewallRules: [{AB8F42E4-574F-43A1-8FAA-B352E066E96C}] => (Allow) C:\Program Files\Raptr\raptr_im.exe
FirewallRules: [{BBA6ECB0-46CA-42DC-A63F-60CCF84B3FD3}] => (Allow) C:\ProgramData\Turbine\The Lord of the Rings Online\lotroclient.exe
FirewallRules: [{99F84690-F9BC-4F1D-968F-E748A496746A}] => (Allow) C:\ProgramData\Turbine\The Lord of the Rings Online\lotroclient.exe
FirewallRules: [{F8FD598F-41E6-451B-994F-3E0337B65866}] => (Allow) C:\ProgramData\Turbine\The Lord of the Rings Online\TurbineLauncher.exe
FirewallRules: [{A4AF46D1-9091-46C4-8C31-739ECEDACD03}] => (Allow) C:\ProgramData\Turbine\The Lord of the Rings Online\TurbineLauncher.exe
FirewallRules: [TCP Query User{5EA83F69-F9BC-4460-8609-2F6A0AEA8AD8}D:\program files\gameforgelive\games\gbr_eng\runes of magic\client.exe] => (Allow) D:\program files\gameforgelive\games\gbr_eng\runes of magic\client.exe
FirewallRules: [uDP Query User{5B8CECF2-59E3-405A-BDBF-33F5098A2A47}D:\program files\gameforgelive\games\gbr_eng\runes of magic\client.exe] => (Allow) D:\program files\gameforgelive\games\gbr_eng\runes of magic\client.exe
FirewallRules: [{FA8D08E6-40C2-4C4C-B753-74755E365B2E}] => (Block) D:\program files\gameforgelive\games\gbr_eng\runes of magic\client.exe
FirewallRules: [{4002E2CC-15FA-4E64-9BDE-39301CA59430}] => (Block) D:\program files\gameforgelive\games\gbr_eng\runes of magic\client.exe
FirewallRules: [TCP Query User{31662CB3-7747-4717-A3D6-22A2BF24B7BA}D:\program files\gameforgelive\games\gbr_eng\tera\tera-launcher.exe] => (Allow) D:\program files\gameforgelive\games\gbr_eng\tera\tera-launcher.exe
FirewallRules: [uDP Query User{03B7F6D1-AE1A-490A-A9D5-8FF4150B34C2}D:\program files\gameforgelive\games\gbr_eng\tera\tera-launcher.exe] => (Allow) D:\program files\gameforgelive\games\gbr_eng\tera\tera-launcher.exe
FirewallRules: [{86BA8712-88D9-44B6-861B-EB62C36B3D5A}] => (Block) D:\program files\gameforgelive\games\gbr_eng\tera\tera-launcher.exe
FirewallRules: [{8401D2EF-39AD-4C7F-A71A-B8E787C055A8}] => (Block) D:\program files\gameforgelive\games\gbr_eng\tera\tera-launcher.exe
FirewallRules: [{835C3844-01A0-4661-A7A1-6C1E7E4310B3}] => (Allow) C:\Program Files\RelevantKnowledge\rlvknlg.exe
FirewallRules: [{EFC202E6-562C-41D9-BE81-299966E3757A}] => (Allow) C:\Program Files\RelevantKnowledge\rlvknlg.exe
FirewallRules: [{99D9375A-42CA-4957-9BE0-17C4917FF9B7}] => (Allow) C:\Program Files\RelevantKnowledge\rlvknlg.exe
FirewallRules: [{8792079C-5159-465F-9DE7-0DC5ACE8A222}] => (Allow) C:\Program Files\RelevantKnowledge\rlvknlg.exe
FirewallRules: [TCP Query User{252952EF-1A10-436F-8B44-6EE26F218B39}C:\program files\supraball\binaries\win32\udk.exe] => (Allow) C:\program files\supraball\binaries\win32\udk.exe
FirewallRules: [uDP Query User{938E7A92-5C79-4AF9-B72A-F29FB414DBB1}C:\program files\supraball\binaries\win32\udk.exe] => (Allow) C:\program files\supraball\binaries\win32\udk.exe
FirewallRules: [{A354875A-2BF2-42A3-BD32-10E412FA012C}] => (Block) C:\program files\supraball\binaries\win32\udk.exe
FirewallRules: [{56CDE714-95E6-471C-BEE1-9E3978A0262A}] => (Block) C:\program files\supraball\binaries\win32\udk.exe
FirewallRules: [{17053023-6341-4828-B6E7-4DA41FC33FA5}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{C179BFEC-0F29-450C-BDA7-C597BAD40A9F}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{704966EB-14E4-46D3-9509-836E668DCD60}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{9362B034-F1AD-4A44-8923-04BFB1B7C206}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{62E176D1-2D1E-4F76-8C6D-FD7D3F4C1F43}] => (Allow) LPort=57297
FirewallRules: [{F201F41E-3711-49EF-A75F-3A964E7D1548}] => (Allow) LPort=57297
FirewallRules: [{82E6062F-4B6E-420C-903E-B12ED1265DBC}] => (Allow) LPort=57297
FirewallRules: [{FF022ECA-5A86-4EAE-89D7-32EECA7CE47A}] => (Allow) LPort=57297
FirewallRules: [{44654AFB-4675-44FD-AD42-23BA5B670552}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{15D98237-B692-457F-B6BE-E39FF41EFC66}] => (Allow) D:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{15CA348A-C682-4D76-AC17-BB10D4AB1C45}] => (Allow) D:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{961F2B67-BD8D-4044-BDE6-A73A11B1B7BC}D:\dead island\deadislandgame.exe] => (Allow) D:\dead island\deadislandgame.exe
FirewallRules: [uDP Query User{5C63B53C-1272-4083-9291-1FD80BBF3448}D:\dead island\deadislandgame.exe] => (Allow) D:\dead island\deadislandgame.exe
FirewallRules: [TCP Query User{2F0AE675-FD02-499E-8E34-C05938A72772}D:\program files\2k games\borderlands 2\binaries\win32\borderlands2.exe] => (Allow) D:\program files\2k games\borderlands 2\binaries\win32\borderlands2.exe
FirewallRules: [uDP Query User{E54A3D1F-352B-4F02-8F98-066DDD7F3071}D:\program files\2k games\borderlands 2\binaries\win32\borderlands2.exe] => (Allow) D:\program files\2k games\borderlands 2\binaries\win32\borderlands2.exe
FirewallRules: [{6B01B53C-D34E-4960-8506-1E1C1B95889B}] => (Block) D:\program files\2k games\borderlands 2\binaries\win32\borderlands2.exe
FirewallRules: [{505A998C-4E6B-4EE5-968F-77543F3ABD9B}] => (Block) D:\program files\2k games\borderlands 2\binaries\win32\borderlands2.exe
FirewallRules: [TCP Query User{D252CDEA-E5FE-4C1E-8B47-A473BFB2D85B}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [uDP Query User{83654C52-A984-491F-B8EB-52DC92B103BD}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [TCP Query User{DFDA1F87-8525-49BC-96D8-244E3DE10625}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Block) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [uDP Query User{6DAEB4E4-1D18-44A8-98C5-C71029611D5A}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Block) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [{27AAECBF-65E0-4C6E-BEE4-2BD380C9BA48}] => (Block) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [{9617A440-14DA-4E29-B0F7-B656CA313B20}] => (Block) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [{E47316CF-3A2C-43C1-8FE1-095D96006E2D}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe
FirewallRules: [{93811554-DB72-4141-B37C-C4C9E46F11A7}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe
FirewallRules: [{75CFB34F-7CCE-4923-B69C-EE6001F9CF66}] => (Allow) D:\Program Files\Combat Arms EU\NMService.exe
FirewallRules: [{E99E981A-EC00-4141-AA32-8859AFBEC04F}] => (Allow) D:\Program Files\Combat Arms EU\NMService.exe
FirewallRules: [{6C7FE790-6E07-4DB5-96BD-4C62A8490C6D}] => (Allow) C:\Users\ppp\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{55DBB6C5-4E0C-4AA6-A304-AD3E69497F27}] => (Allow) C:\Users\ppp\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{3C745AD1-E828-42BF-9FD7-DBE7F9DF00E7}] => (Allow) D:\Program Files\Downloaded\Public\Warframe.exe
FirewallRules: [{784CCA65-F316-42A9-966F-E0079DF5D58A}] => (Allow) D:\Program Files\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{966C37CA-5997-4C99-BE77-FEB2A4AE621E}] => (Allow) D:\Program Files\Downloaded\Public\Warframe.exe
FirewallRules: [{68D1E98C-D47B-4987-B513-9E01E7471D03}] => (Allow) D:\Program Files\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{FCFE420E-BA09-490B-BF8C-E045AE463D64}] => (Allow) D:\Program Files\Downloaded\Public\Warframe.exe
FirewallRules: [{F6A4C82A-114F-48F4-8914-D855E054945C}] => (Allow) D:\Program Files\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{16C584AA-BFCC-4B03-B40F-4D7FDAEDA830}] => (Allow) C:\Users\ppp\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe
FirewallRules: [{256C9295-BC6A-46FC-9CCA-E557C5142FA2}] => (Allow) D:\Program Files\Downloaded\Public\Tools\RemoteCrashSender.exe
FirewallRules: [{D7E37936-D653-4809-BBC3-E9F090499CC1}] => (Allow) D:\Program Files\Steam\SteamApps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{2CB9A34A-FB5C-4860-96B1-9B527AFDA905}] => (Allow) D:\Program Files\Steam\SteamApps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{9C3FD289-EF8D-4790-827B-C604452A9C8A}] => (Allow) D:\Program Files\Steam\SteamApps\common\Dizzel\Dizzel.exe
FirewallRules: [{31255794-C55E-4E32-B5DD-E69FC9C8CCD7}] => (Allow) D:\Program Files\Steam\SteamApps\common\Dizzel\Dizzel.exe
FirewallRules: [TCP Query User{83E78F0D-6A94-45E1-93A4-D3B14066EE81}D:\program files\strogino cs portal\garrys mod\hl2.exe] => (Block) D:\program files\strogino cs portal\garrys mod\hl2.exe
FirewallRules: [uDP Query User{CBCB8A1C-810A-4D69-97DB-64FF556F9F8F}D:\program files\strogino cs portal\garrys mod\hl2.exe] => (Block) D:\program files\strogino cs portal\garrys mod\hl2.exe
FirewallRules: [TCP Query User{F23E27B3-1EC0-40C8-9428-172419524A64}D:\program files\ea sports\fifa 11\game\fifa.exe] => (Block) D:\program files\ea sports\fifa 11\game\fifa.exe
FirewallRules: [uDP Query User{207DD7CE-0ACB-46C7-AFC6-90C9B2D16501}D:\program files\ea sports\fifa 11\game\fifa.exe] => (Block) D:\program files\ea sports\fifa 11\game\fifa.exe
FirewallRules: [{54F13B13-46B8-4CE2-AA1D-0FBDFACDB80B}] => (Allow) C:\Program Files\OGPlanet\Dizzel\Dizzel.exe
FirewallRules: [{468E9507-8886-4FE2-9214-7AEF9238C7AB}] => (Allow) C:\Program Files\OGPlanet\Dizzel\Dizzel.exe
FirewallRules: [{8CAD695D-134C-464A-8414-520B33339A35}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{E965AA45-A491-4ADC-9915-33FB3730197D}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{7F8785DE-6933-4847-8777-50E7A08C406B}] => (Allow) C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{9C6E9FF9-45C3-4507-871A-F6EA71DDAB33}] => (Allow) C:\Windows\System32\PnkBstrB.exe
FirewallRules: [TCP Query User{C3E44A5F-5705-40A6-93F9-2C2C9F20A28B}D:\program files\bfp4f.exe] => (Allow) D:\program files\bfp4f.exe
FirewallRules: [uDP Query User{F2C94741-09FE-4CF5-AE4A-6622596BCED5}D:\program files\bfp4f.exe] => (Allow) D:\program files\bfp4f.exe
FirewallRules: [{47F7B8A6-0E9C-4123-B63B-FF245FE36EF4}] => (Block) D:\program files\bfp4f.exe
FirewallRules: [{C56F63E0-9646-430A-8F0E-BC71C294E964}] => (Block) D:\program files\bfp4f.exe
FirewallRules: [{882BA09E-F920-407D-B75F-416055F1F7CF}] => (Allow) C:\Users\ppp\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D459ED13-EC53-4905-97CA-91B48376E2FB}] => (Allow) C:\Users\ppp\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{504014F6-ACF0-4E6B-9490-EEF89D2A1905}D:\program files\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe] => (Allow) D:\program files\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe
FirewallRules: [uDP Query User{11E9AD89-95F8-455D-BB2A-CA21AA49F57B}D:\program files\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe] => (Allow) D:\program files\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe
FirewallRules: [{B05A9CC7-853B-46A7-A167-79965B0D97ED}] => (Block) D:\program files\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe
FirewallRules: [{967BB261-9E17-47E7-9A95-D0512B50B1F5}] => (Block) D:\program files\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe
FirewallRules: [{54A5C06F-8A20-4C35-810C-A32D57B14F4B}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{FF8AD38F-E94C-4E41-AC2B-6ADFCC358D07}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe
FirewallRules: [TCP Query User{FDAC4A62-A5EA-4AF7-A961-F0D4E41FE2D7}D:\games\counter-strike global offensive\csgo.exe] => (Block) D:\games\counter-strike global offensive\csgo.exe
FirewallRules: [uDP Query User{45AC3546-198F-47A3-866F-3B82AFA7E1D8}D:\games\counter-strike global offensive\csgo.exe] => (Block) D:\games\counter-strike global offensive\csgo.exe
FirewallRules: [{287F5503-61CA-4FAC-8B8F-2DD4EAE8E590}] => (Allow) D:\Program Files\Steam\SteamApps\common\Blockade3d\main.exe
FirewallRules: [{95552DCC-B10A-4135-883B-A9227BD1191D}] => (Allow) D:\Program Files\Steam\SteamApps\common\Blockade3d\main.exe
FirewallRules: [{242EF1A6-0CB6-45E6-BDB6-06327B6F5249}] => (Allow) D:\Program Files\Steam\SteamApps\common\Interstellar Marines\InterstellarMarines.exe
FirewallRules: [{8781FDFF-46DC-4288-AC39-BF10F75CB77C}] => (Allow) D:\Program Files\Steam\SteamApps\common\Interstellar Marines\InterstellarMarines.exe
FirewallRules: [{EAA10DD7-E966-4646-AB5B-1190A6432DBE}] => (Allow) D:\Program Files\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{1346A7BE-9B5F-4D76-B265-5C3DCD0524AB}] => (Allow) D:\Program Files\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{BEE0AD88-8D45-4A2E-ADA5-74BEC055D26B}] => (Allow) D:\Program Files\Electronic Arts\Bitwa o Śródziemie II\game.dat
FirewallRules: [{7B6B78FC-0CBF-4B33-9A80-0426A6E6D5EC}] => (Allow) D:\Program Files\Electronic Arts\Bitwa o Śródziemie II\game.dat
FirewallRules: [{FCC6587E-0BA0-4454-B492-8C033DF2EFC1}] => (Allow) D:\Program Files\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{EAC2EF70-20A7-43E3-8D2A-20D762D24358}] => (Allow) D:\Program Files\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{EE18FC39-52A0-48D2-AA0F-69ABF152338F}D:\program files\ea games\kingdoms of amalur reckoning\reckoning.exe] => (Allow) D:\program files\ea games\kingdoms of amalur reckoning\reckoning.exe
FirewallRules: [uDP Query User{6FD85732-2F7D-491C-B34A-80F63B04A16E}D:\program files\ea games\kingdoms of amalur reckoning\reckoning.exe] => (Allow) D:\program files\ea games\kingdoms of amalur reckoning\reckoning.exe
FirewallRules: [{391432DE-2E9D-475B-8C76-6B98E01C4401}] => (Block) D:\program files\ea games\kingdoms of amalur reckoning\reckoning.exe
FirewallRules: [{FEC1DA6D-5CB7-4E44-A722-E0EEF4A46C06}] => (Block) D:\program files\ea games\kingdoms of amalur reckoning\reckoning.exe
FirewallRules: [{53140A5A-FFAA-4E74-9BE2-556628F795C3}] => (Allow) D:\Program Files\GameforgeLive\Games\POL_pol\S.K.I.L.L\Binaries\Win32\sf2.exe
FirewallRules: [{12B50601-318B-4E35-A85B-F1CDD81D1A84}] => (Allow) D:\Program Files\GameforgeLive\Games\POL_pol\S.K.I.L.L\Binaries\Win32\sf2.exe
FirewallRules: [TCP Query User{33B0997D-DF5B-45A7-8EA7-D64A7D67B224}C:\program files\ncwest\nclauncher\ncupdatehelper.exe] => (Allow) C:\program files\ncwest\nclauncher\ncupdatehelper.exe
FirewallRules: [uDP Query User{7539D2B2-1585-4F68-B7CA-F285C0C71DA8}C:\program files\ncwest\nclauncher\ncupdatehelper.exe] => (Allow) C:\program files\ncwest\nclauncher\ncupdatehelper.exe
FirewallRules: [{92DD63BF-7697-48E0-952E-786FBE0E216A}] => (Block) C:\program files\ncwest\nclauncher\ncupdatehelper.exe
FirewallRules: [{20036A90-54F8-4088-8315-52AE166C4E50}] => (Block) C:\program files\ncwest\nclauncher\ncupdatehelper.exe
FirewallRules: [TCP Query User{209D4A72-2A5B-4DC3-B2DD-1BE28153FD35}C:\program files\java\jre1.8.0_40\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_40\bin\javaw.exe
FirewallRules: [uDP Query User{F1AA27DC-50A1-4D5E-9382-1282D9940675}C:\program files\java\jre1.8.0_40\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_40\bin\javaw.exe
FirewallRules: [{47BFB2D8-1359-4AF9-A2DE-E5244780FA81}] => (Block) C:\program files\java\jre1.8.0_40\bin\javaw.exe
FirewallRules: [{846F9833-3548-45A9-9C39-E296BC25663C}] => (Block) C:\program files\java\jre1.8.0_40\bin\javaw.exe
FirewallRules: [TCP Query User{45F676C6-833F-4260-98C6-2D9602ABB00A}D:\program files\gameforgelive\games\pol_pol\aion\nclauncher.exe] => (Allow) D:\program files\gameforgelive\games\pol_pol\aion\nclauncher.exe
FirewallRules: [uDP Query User{2F7B25E2-EBC8-4109-B4E6-7DAF2CB4E801}D:\program files\gameforgelive\games\pol_pol\aion\nclauncher.exe] => (Allow) D:\program files\gameforgelive\games\pol_pol\aion\nclauncher.exe
FirewallRules: [{D254AA67-19C6-44C9-8636-6FF53581C473}] => (Block) D:\program files\gameforgelive\games\pol_pol\aion\nclauncher.exe
FirewallRules: [{E7DCC12A-0912-422E-AA3C-1079836431FF}] => (Block) D:\program files\gameforgelive\games\pol_pol\aion\nclauncher.exe
FirewallRules: [TCP Query User{3FE38D28-8503-42CB-8F37-80AB99A364E4}C:\program files\ubisoft\the settlers 7 - droga do królestwa\data\base\_dbg\bin\release\settlers7r.exe] => (Allow) C:\program files\ubisoft\the settlers 7 - droga do królestwa\data\base\_dbg\bin\release\settlers7r.exe
FirewallRules: [uDP Query User{BC3C455E-2DC0-48C5-AD90-12AA17CB5133}C:\program files\ubisoft\the settlers 7 - droga do królestwa\data\base\_dbg\bin\release\settlers7r.exe] => (Allow) C:\program files\ubisoft\the settlers 7 - droga do królestwa\data\base\_dbg\bin\release\settlers7r.exe
FirewallRules: [TCP Query User{ECD1FB94-B698-4B39-A490-4F8E9A9B7AA9}C:\program files\r.g. mechanics\dark sector\ds.exe] => (Allow) C:\program files\r.g. mechanics\dark sector\ds.exe
FirewallRules: [uDP Query User{825B3B91-3C2D-42A6-A3F7-8EDE14087235}C:\program files\r.g. mechanics\dark sector\ds.exe] => (Allow) C:\program files\r.g. mechanics\dark sector\ds.exe
FirewallRules: [{64D7DCA7-5807-4055-BDB9-125B28697FCD}] => (Block) C:\program files\r.g. mechanics\dark sector\ds.exe
FirewallRules: [{EDC3D7A3-DC9D-4E92-A68D-D7D78C0E70D3}] => (Block) C:\program files\r.g. mechanics\dark sector\ds.exe
FirewallRules: [{3ADDECB6-E402-4ECF-9F5B-B3A7853AF2F5}] => (Allow) C:\Program Files\Battle.net\Battle.net.exe
FirewallRules: [{260EF1F0-B939-42BE-AB4E-4C809BFB9545}] => (Allow) C:\Program Files\Battle.net\Battle.net.exe
FirewallRules: [{3E2372CF-D7DB-4E7E-AC25-F23B003C0341}] => (Allow) D:\Program Files\Hearthstone\Hearthstone.exe
FirewallRules: [{85E88B3D-C563-42FE-BE8E-8757E42454AF}] => (Allow) D:\Program Files\Hearthstone\Hearthstone.exe
FirewallRules: [{A930C290-0DED-4AB5-858F-E7B4FC2C21DF}] => (Allow) D:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe
FirewallRules: [{F240ACEC-6446-4239-AF00-0E846526B01E}] => (Allow) D:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe
FirewallRules: [{5B3F0925-A784-4B51-BC6A-C20A5640DCBD}] => (Allow) D:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe
FirewallRules: [{FC511420-E1E9-4AF4-97FC-1C92329BADFB}] => (Allow) D:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe
FirewallRules: [{3C96F945-6063-454B-AFAE-76A1285F36A5}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe
FirewallRules: [{992EC5FF-7B84-4FC4-AB82-8EDF069DA9B8}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe
FirewallRules: [{9C01B650-BA4D-4067-A419-ED501786C52C}] => (Allow) C:\Program Files\AVG\Av\avgnsx.exe
FirewallRules: [{D73693AB-BD06-4CE3-A441-9BD31A2EAD59}] => (Allow) C:\Program Files\AVG\Av\avgnsx.exe
FirewallRules: [{1E866A73-952C-4C0E-8AB4-61BFABC3DAED}] => (Allow) C:\Program Files\AVG\Av\avgdiagex.exe
FirewallRules: [{87C0D90E-C60F-4E83-8C1B-1F3E7B6AAE64}] => (Allow) C:\Program Files\AVG\Av\avgdiagex.exe
FirewallRules: [{8700E682-1E10-4DBC-91DF-A44FA83CDB77}] => (Allow) C:\Program Files\AVG\Av\avgemcx.exe
FirewallRules: [{7B63D378-EF15-4C40-8A61-BF33E63A8D31}] => (Allow) C:\Program Files\AVG\Av\avgemcx.exe
FirewallRules: [TCP Query User{9A2078A0-7C74-45A7-87F6-EFC26CD8652B}C:\users\ppp\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\ppp\appdata\roaming\spotify\spotify.exe
FirewallRules: [uDP Query User{16A44C29-F4B6-4E04-A8BF-731C94EDA04C}C:\users\ppp\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\ppp\appdata\roaming\spotify\spotify.exe
FirewallRules: [{8715ABB7-EC9C-415B-9EF6-BC4B48247065}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{43209C0A-9C91-47C9-94C9-011A10E79A91}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{7D42260A-121B-47F9-8966-8A72AC9300AD}D:\game\stalkeronline\stalkeronline launcher.exe] => (Allow) D:\game\stalkeronline\stalkeronline launcher.exe
FirewallRules: [uDP Query User{F5D424DD-85E6-42F1-862F-0B4730DE843B}D:\game\stalkeronline\stalkeronline launcher.exe] => (Allow) D:\game\stalkeronline\stalkeronline launcher.exe
FirewallRules: [{F75F5E37-5D58-4CEE-97E6-7B81DCB8E373}] => (Allow) C:\Program Files\AVG\Av\avgnsx.exe
FirewallRules: [{B6ED5C69-7230-4A6A-9062-467645D56D64}] => (Allow) C:\Program Files\AVG\Av\avgnsx.exe
FirewallRules: [{664F508A-8BBF-493B-8EE4-78A85D575131}] => (Allow) C:\Program Files\AVG\Av\avgdiagex.exe
FirewallRules: [{A66BECBC-82EC-41AD-B1E3-F311B35CE35A}] => (Allow) C:\Program Files\AVG\Av\avgdiagex.exe
FirewallRules: [{26129D21-B73C-45A2-8084-9086602E48E9}] => (Allow) C:\Program Files\AVG\Av\avgemcx.exe
FirewallRules: [{C65712FA-4DDB-4B8E-A105-EC1089AA8BB9}] => (Allow) C:\Program Files\AVG\Av\avgemcx.exe
FirewallRules: [{3C7D41AD-4BB3-4093-87F1-DE01E524EC52}] => (Allow) LPort=53140
FirewallRules: [{C45E6E38-6E6B-4DEF-92B3-55DB4BED3FE7}] => (Allow) LPort=5000
FirewallRules: [{0FEF8ABD-ED74-48AA-B813-B54D9F0082AE}] => (Allow) D:\Program Files\Combat Arms EU\NMService.exe
FirewallRules: [{AC8646CA-DF6B-4B41-A025-3D212215A4B6}] => (Allow) D:\Program Files\Combat Arms EU\NMService.exe
FirewallRules: [{3E63FCC2-31B2-4D5C-90A3-93667D37B610}] => (Allow) LPort=49168
FirewallRules: [{FBD54993-3DF8-4F32-8D69-EF81D3334672}] => (Allow) LPort=5000
 
==================== Punkty Przywracania systemu =========================
 
22-01-2016 22:13:00 Installed Blade & Soul
22-01-2016 22:24:12 Removed Blade & Soul
23-01-2016 10:36:20 Advanced System~Protector
 
==================== Wadliwe urządzenia w Menedżerze urządzeń =============
 
Name: pfnfd_1_10_0_9
Description: pfnfd_1_10_0_9
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: pfnfd_1_10_0_9
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: wpnfd_1_10_0_5
Description: wpnfd_1_10_0_5
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: wpnfd_1_10_0_5
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: Teredo Tunneling Pseudo-Interface
Description: Karta tunelowania Teredo firmy Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
==================== Błędy w Dzienniku zdarzeń: =========================
 
Dziennik Aplikacja:
==================
Error: (01/23/2016 10:36:14 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas badania interfejsu IVssWriterCallback. hr = 0x80070005, Odmowa dostępu.
.
To jest często spowodowane przez niepoprawne ustawienia zabezpieczeń w procesie zapisującym lub żądającym.
 
 
Operacja:
   Zbieranie danych modułu zapisującego
 
Kontekst:
   Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220}
   Nazwa modułu zapisującego: System Writer
   Identyfikator wystąpienia modułu zapisującego: {b69031d7-75b1-4c4d-a075-9084c44e5fd8}
 
Error: (01/23/2016 09:27:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: rlservice.exe, wersja: 1.1.23.128, sygnatura czasowa: 0x53c41612
Nazwa modułu powodującego błąd: rlservice.exe, wersja: 1.1.23.128, sygnatura czasowa: 0x53c41612
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x0000d427
Identyfikator procesu powodującego błąd: 0xbec
Godzina uruchomienia aplikacji powodującej błąd: 0xrlservice.exe0
Ścieżka aplikacji powodującej błąd: rlservice.exe1
Ścieżka modułu powodującego błąd: rlservice.exe2
Identyfikator raportu: rlservice.exe3
 
Error: (01/22/2016 09:28:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: rlservice.exe, wersja: 1.1.23.128, sygnatura czasowa: 0x53c41612
Nazwa modułu powodującego błąd: rlservice.exe, wersja: 1.1.23.128, sygnatura czasowa: 0x53c41612
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x0000d427
Identyfikator procesu powodującego błąd: 0x86c
Godzina uruchomienia aplikacji powodującej błąd: 0xrlservice.exe0
Ścieżka aplikacji powodującej błąd: rlservice.exe1
Ścieżka modułu powodującego błąd: rlservice.exe2
Identyfikator raportu: rlservice.exe3
 
Error: (01/22/2016 02:41:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: rlservice.exe, wersja: 1.1.23.128, sygnatura czasowa: 0x53c41612
Nazwa modułu powodującego błąd: rlservice.exe, wersja: 1.1.23.128, sygnatura czasowa: 0x53c41612
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x0000d427
Identyfikator procesu powodującego błąd: 0xbd8
Godzina uruchomienia aplikacji powodującej błąd: 0xrlservice.exe0
Ścieżka aplikacji powodującej błąd: rlservice.exe1
Ścieżka modułu powodującego błąd: rlservice.exe2
Identyfikator raportu: rlservice.exe3
 
Error: (01/21/2016 06:36:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: rlservice.exe, wersja: 1.1.23.128, sygnatura czasowa: 0x53c41612
Nazwa modułu powodującego błąd: rlservice.exe, wersja: 1.1.23.128, sygnatura czasowa: 0x53c41612
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x0000d427
Identyfikator procesu powodującego błąd: 0xea0
Godzina uruchomienia aplikacji powodującej błąd: 0xrlservice.exe0
Ścieżka aplikacji powodującej błąd: rlservice.exe1
Ścieżka modułu powodującego błąd: rlservice.exe2
Identyfikator raportu: rlservice.exe3
 
Error: (01/21/2016 02:18:23 AM) (Source: OverwolfUpdater) (EventID: 0) (User: )
Description: Nie można uruchomić usługi. Jedno wystąpienie usługi już działa
 
Error: (01/21/2016 02:18:23 AM) (Source: OverwolfUpdater) (EventID: 0) (User: )
Description: Nie można uruchomić usługi. Nieprawidłowe dojście
 
Error: (01/21/2016 02:11:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: rlservice.exe, wersja: 1.1.23.128, sygnatura czasowa: 0x53c41612
Nazwa modułu powodującego błąd: rlservice.exe, wersja: 1.1.23.128, sygnatura czasowa: 0x53c41612
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x0000d427
Identyfikator procesu powodującego błąd: 0xc9c
Godzina uruchomienia aplikacji powodującej błąd: 0xrlservice.exe0
Ścieżka aplikacji powodującej błąd: rlservice.exe1
Ścieżka modułu powodującego błąd: rlservice.exe2
Identyfikator raportu: rlservice.exe3
 
Error: (01/20/2016 11:09:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: rlservice.exe, wersja: 1.1.23.128, sygnatura czasowa: 0x53c41612
Nazwa modułu powodującego błąd: rlservice.exe, wersja: 1.1.23.128, sygnatura czasowa: 0x53c41612
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x0000d427
Identyfikator procesu powodującego błąd: 0xbf8
Godzina uruchomienia aplikacji powodującej błąd: 0xrlservice.exe0
Ścieżka aplikacji powodującej błąd: rlservice.exe1
Ścieżka modułu powodującego błąd: rlservice.exe2
Identyfikator raportu: rlservice.exe3
 
Error: (01/20/2016 02:23:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: rlservice.exe, wersja: 1.1.23.128, sygnatura czasowa: 0x53c41612
Nazwa modułu powodującego błąd: rlservice.exe, wersja: 1.1.23.128, sygnatura czasowa: 0x53c41612
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x0000d427
Identyfikator procesu powodującego błąd: 0xb44
Godzina uruchomienia aplikacji powodującej błąd: 0xrlservice.exe0
Ścieżka aplikacji powodującej błąd: rlservice.exe1
Ścieżka modułu powodującego błąd: rlservice.exe2
Identyfikator raportu: rlservice.exe3
 
 
Dziennik System:
=============
Error: (01/24/2016 05:11:32 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: 
pfnfd_1_10_0_9
sfdrv01
sfsync02
wpnfd_1_10_0_5
 
Error: (01/24/2016 05:09:15 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: Sterownik sfdrv01.sys został zablokowany dla ładowania.
 
Error: (01/24/2016 05:10:06 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Poprzednie zamknięcie systemu przy 17:07:55 na ‎2016-‎01-‎24 było nieoczekiwane.
 
Error: (01/24/2016 05:09:13 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: Sterownik sfsync02.sys został zablokowany dla ładowania.
 
Error: (01/24/2016 12:24:41 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: 
pfnfd_1_10_0_9
sfdrv01
sfsync02
wpnfd_1_10_0_5
 
Error: (01/24/2016 12:22:51 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: Sterownik sfdrv01.sys został zablokowany dla ładowania.
 
Error: (01/24/2016 12:22:49 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: Sterownik sfsync02.sys został zablokowany dla ładowania.
 
Error: (01/24/2016 12:23:37 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Poprzednie zamknięcie systemu przy 12:21:26 na ‎2016-‎01-‎24 było nieoczekiwane.
 
Error: (01/24/2016 12:09:01 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: 
pfnfd_1_10_0_9
sfdrv01
sfsync02
wpnfd_1_10_0_5
 
Error: (01/24/2016 12:06:59 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: Sterownik sfdrv01.sys został zablokowany dla ładowania.
 
 
==================== Statystyki pamięci =========================== 
 
Procesor: AMD Sempron Processor 3200+
Procent pamięci w użyciu: 77%
Całkowita pamięć fizyczna: 2046.55 MB
Dostępna pamięć fizyczna: 456.89 MB
Całkowita pamięć wirtualna: 4093.11 MB
Dostępna pamięć wirtualna: 2072.07 MB
 
==================== Dyski ================================
 
Drive c: () (Fixed) (Total:97.56 GB) (Free:31.78 GB) NTFS
Drive d: () (Fixed) (Total:135.23 GB) (Free:82.5 GB) NTFS
 
==================== MBR & Tablica partycji ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: D141B8B2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=135.2 GB) - (Type=07 NTFS)

Zarchiwizowany

Ten temat przebywa obecnie w archiwum. Dodawanie nowych odpowiedzi zostało zablokowane.

Pytania
×
×
  • Dodaj nową pozycję...