
Jak w temacie przypałętało się jakieś ...
OTL
- Kod: Zaznacz wszystko
- OTL logfile created on: 2014-03-06 22:19:20 - Run 1
 OTL by OldTimer - Version 3.2.69.0 Folder = G:\Instalki\Kaspersky Internet Security
 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
 Internet Explorer (Version = 9.11.9600.16518)
 Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
 7,99 Gb Total Physical Memory | 5,34 Gb Available Physical Memory | 66,86% Memory free
 15,98 Gb Paging File | 12,91 Gb Available in Paging File | 80,81% Paging File free
 Paging file location(s): ?:\pagefile.sys [binary data]
 
 %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
 Drive C: | 119,14 Gb Total Space | 28,00 Gb Free Space | 23,50% Space Free | Partition Type: NTFS
 Drive D: | 150,26 Gb Total Space | 111,40 Gb Free Space | 74,14% Space Free | Partition Type: NTFS
 Drive E: | 232,88 Gb Total Space | 70,27 Gb Free Space | 30,18% Space Free | Partition Type: NTFS
 Drive F: | 232,88 Gb Total Space | 117,67 Gb Free Space | 50,53% Space Free | Partition Type: NTFS
 Drive G: | 390,62 Gb Total Space | 92,13 Gb Free Space | 23,58% Space Free | Partition Type: NTFS
 Drive H: | 195,31 Gb Total Space | 23,08 Gb Free Space | 11,82% Space Free | Partition Type: NTFS
 Drive I: | 195,31 Gb Total Space | 113,05 Gb Free Space | 57,88% Space Free | Partition Type: NTFS
 
 Computer Name: BLODYTRAVELER | User Name: Traveler | Logged in as Administrator.
 Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
 Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
 [color=#E56717]========== Processes (SafeList) ==========[/color]
 
 PRC - [2014-03-04 17:18:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- G:\Instalki\Kaspersky Internet Security\OTL.exe
 PRC - [2014-02-18 21:03:01 | 000,996,544 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
 PRC - [2014-02-18 20:28:49 | 000,802,136 | ---- | M] (BitTorrent Inc.) -- C:\Users\Traveler\AppData\Roaming\uTorrent\uTorrent.exe
 PRC - [2014-02-18 06:14:46 | 000,046,144 | ---- | M] (Raptr, Inc) -- C:\PROGRA~2\Raptr\raptr_im.exe
 PRC - [2014-02-18 06:14:44 | 000,067,136 | ---- | M] (Raptr, Inc) -- C:\PROGRA~2\Raptr\raptr.exe
 PRC - [2014-02-15 08:34:29 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
 PRC - [2014-01-30 19:53:33 | 001,171,968 | ---- | M] (Spotify Ltd) -- C:\Users\Traveler\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
 PRC - [2013-11-17 20:06:00 | 000,442,712 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
 PRC - [2013-11-15 09:56:36 | 004,881,624 | ---- | M] (Xfire Inc.) -- C:\Program Files (x86)\Xfire2\Xfire.exe
 PRC - [2013-10-11 13:25:30 | 000,214,512 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
 PRC - [2013-09-30 07:02:29 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
 PRC - [2013-09-15 13:12:54 | 000,535,752 | ---- | M] (Murray Hurps Corp Pty Ltd) -- C:\Program Files (x86)\Ad Muncher\AdMunch.exe
 PRC - [2013-02-01 14:50:22 | 001,641,368 | ---- | M] (Autodesk, Inc.) -- C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
 PRC - [2013-01-23 07:12:40 | 000,425,016 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
 PRC - [2012-12-18 20:08:44 | 003,478,752 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
 PRC - [2011-09-15 05:19:54 | 000,086,016 | ---- | M] () -- D:\Autodesk 3DS Max\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
 PRC - [2011-07-28 17:35:44 | 000,262,144 | ---- | M] (Arcai.com) -- C:\Program Files (x86)\netcut\services\AIPS.exe
 PRC - [2011-05-20 10:10:26 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
 
 
 [color=#E56717]========== Modules (No Company Name) ==========[/color]
 
 MOD - [2014-03-02 10:27:42 | 000,525,944 | ---- | M] () -- C:\Program Files\Common Files\SpeedBit\SBUpdate\sbfi32.dll
 MOD - [2014-02-15 08:34:29 | 003,578,992 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
 MOD - [2014-02-12 20:16:16 | 000,260,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsForm0b574481#\1ab52f8951c2ab97592ec25830dd5165\WindowsFormsIntegration.ni.dll
 MOD - [2014-02-12 20:15:27 | 019,693,056 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\24bf0c88c0465485f4b842df043b3f45\System.ServiceModel.ni.dll
 MOD - [2014-02-12 20:15:12 | 000,399,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\b6c7a1ca929c1b10f36b683c9f1a0517\System.Xml.Linq.ni.dll
 MOD - [2014-02-12 20:14:52 | 000,190,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\75b6a68103e1b76063d9f69b8275ae61\UIAutomationTypes.ni.dll
 MOD - [2014-02-12 20:14:50 | 000,018,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\47e7fc401facd4a5d3f2237f16948f36\PresentationFramework-SystemXml.ni.dll
 MOD - [2014-02-12 20:14:50 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio4b37ff64#\0d3cb1df8b6af32cebdc6e2cc4948c69\PresentationFramework-SystemXmlLinq.ni.dll
 MOD - [2014-02-12 19:23:34 | 018,813,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\a4b45c44490c75bc2fb22780e7ef087d\PresentationFramework.ni.dll
 MOD - [2014-02-12 19:23:22 | 012,894,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f4f6ee0df2aa4189bf36e6335cb92761\System.Windows.Forms.ni.dll
 MOD - [2014-02-12 19:23:22 | 011,025,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a74542efbeb46445949a39026c501132\PresentationCore.ni.dll
 MOD - [2014-02-12 19:23:17 | 001,889,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\3fe705796c6a41d4889d9001d1c56af8\System.Xaml.ni.dll
 MOD - [2014-02-12 19:23:16 | 006,990,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dce99d8de14d8a015313db98c72552ee\System.Core.ni.dll
 MOD - [2014-02-12 19:23:16 | 001,180,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\0893e0e7137e3b2da905da6216b75344\System.Management.ni.dll
 MOD - [2014-02-12 19:23:15 | 007,662,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bada32953bb6b16a53d653eae23d78dc\System.Xml.ni.dll
 MOD - [2014-02-12 19:23:14 | 002,825,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll
 MOD - [2014-02-12 19:23:13 | 003,950,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\acf97bfe2a931d4a47253b26b7218991\WindowsBase.ni.dll
 MOD - [2014-02-12 19:23:13 | 001,644,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\5cd2aee5e7c07227c694d89219688ab3\System.Drawing.ni.dll
 MOD - [2014-02-12 19:23:12 | 000,806,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\34b53ecafa1d7ccc7ca961d722b5d983\System.ServiceModel.Internals.ni.dll
 MOD - [2014-02-12 19:23:11 | 000,122,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\78652b7fa68ee058bff6a118c657f565\SMDiagnostics.ni.dll
 MOD - [2014-02-12 19:23:10 | 000,976,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\bbc48ec4245e502ae19b0601d3799c9e\System.Configuration.ni.dll
 MOD - [2014-02-12 19:23:10 | 000,470,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\75f8bc4cf08030c4a53b6d5e0ae20046\PresentationFramework.Aero.ni.dll
 MOD - [2014-02-12 19:23:09 | 010,060,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ff26cc03e6d57d8abd13b990332e67c6\System.ni.dll
 MOD - [2014-02-12 19:23:04 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
 MOD - [2013-11-21 01:05:26 | 000,256,000 | ---- | M] () -- C:\PROGRA~2\Raptr\amd_ags.dll
 MOD - [2013-06-17 12:35:10 | 000,478,400 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
 MOD - [2013-05-10 00:52:58 | 001,183,699 | ---- | M] () -- C:\PROGRA~2\Raptr\liboscar.dll
 MOD - [2013-05-10 00:52:58 | 000,483,306 | ---- | M] () -- C:\PROGRA~2\Raptr\plugins\libicq.dll
 MOD - [2013-05-10 00:52:56 | 000,495,680 | ---- | M] () -- C:\PROGRA~2\Raptr\plugins\libaim.dll
 MOD - [2013-05-03 19:57:16 | 001,640,221 | ---- | M] () -- C:\PROGRA~2\Raptr\libjabber.dll
 MOD - [2013-05-03 19:57:14 | 001,053,730 | ---- | M] () -- C:\PROGRA~2\Raptr\libymsg.dll
 MOD - [2013-05-03 19:57:06 | 000,655,356 | ---- | M] () -- C:\PROGRA~2\Raptr\plugins\libirc.dll
 MOD - [2013-05-03 19:57:04 | 000,603,326 | ---- | M] () -- C:\PROGRA~2\Raptr\plugins\ssl-nss.dll
 MOD - [2013-05-03 19:57:02 | 000,474,199 | ---- | M] () -- C:\PROGRA~2\Raptr\plugins\ssl.dll
 MOD - [2013-05-03 19:57:00 | 000,497,782 | ---- | M] () -- C:\PROGRA~2\Raptr\plugins\libyahoojp.dll
 MOD - [2013-05-03 19:56:50 | 001,306,387 | ---- | M] () -- C:\PROGRA~2\Raptr\plugins\libmsn.dll
 MOD - [2013-05-03 19:56:46 | 000,565,461 | ---- | M] () -- C:\PROGRA~2\Raptr\plugins\libxmpp.dll
 MOD - [2013-05-03 19:56:44 | 000,506,276 | ---- | M] () -- C:\PROGRA~2\Raptr\plugins\libyahoo.dll
 MOD - [2013-01-23 07:12:40 | 000,425,016 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
 MOD - [2013-01-16 17:01:08 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
 MOD - [2013-01-16 17:01:06 | 000,348,160 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
 MOD - [2013-01-16 17:01:00 | 000,229,376 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTCore.dll
 MOD - [2013-01-16 17:00:58 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTUI.dll
 MOD - [2013-01-16 17:00:56 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTFC.dll
 MOD - [2012-10-27 08:53:18 | 002,717,595 | ---- | M] () -- C:\PROGRA~2\Raptr\heliotrope._purple.pyd
 MOD - [2012-09-23 20:44:24 | 000,010,240 | ---- | M] () -- C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\pl_pl\acrotray.pol
 MOD - [2012-06-22 22:59:52 | 000,313,856 | ---- | M] () -- C:\PROGRA~2\Raptr\PyQt4.QtWebKit.pyd
 MOD - [2012-06-22 22:55:58 | 000,494,592 | ---- | M] () -- C:\PROGRA~2\Raptr\PyQt4.QtNetwork.pyd
 MOD - [2012-06-22 22:53:22 | 005,812,736 | ---- | M] () -- C:\PROGRA~2\Raptr\PyQt4.QtGui.pyd
 MOD - [2012-06-22 22:39:06 | 001,662,464 | ---- | M] () -- C:\PROGRA~2\Raptr\PyQt4.QtCore.pyd
 MOD - [2012-06-22 22:24:28 | 000,067,584 | ---- | M] () -- C:\PROGRA~2\Raptr\sip.pyd
 MOD - [2012-02-06 21:28:48 | 000,011,264 | ---- | M] () -- C:\PROGRA~2\Raptr\Crypto.Util._counter.pyd
 MOD - [2012-02-06 21:28:42 | 000,031,744 | ---- | M] () -- C:\PROGRA~2\Raptr\Crypto.Cipher.AES.pyd
 MOD - [2012-02-06 21:28:34 | 000,010,752 | ---- | M] () -- C:\PROGRA~2\Raptr\Crypto.Random.OSRNG.winrandom.pyd
 MOD - [2011-05-10 20:01:42 | 000,030,208 | ---- | M] () -- C:\PROGRA~2\Raptr\simplejson._speedups.pyd
 MOD - [2011-04-30 20:04:54 | 000,013,312 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTTSH.dll
 MOD - [2011-02-15 19:17:28 | 001,213,633 | ---- | M] () -- C:\PROGRA~2\Raptr\libxml2-2.dll
 MOD - [2011-02-15 19:17:28 | 000,417,501 | ---- | M] () -- C:\PROGRA~2\Raptr\sqlite3.dll
 MOD - [2010-11-23 00:06:22 | 000,055,808 | ---- | M] () -- C:\PROGRA~2\Raptr\zlib1.dll
 MOD - [2010-11-22 23:57:34 | 000,167,936 | ---- | M] () -- C:\PROGRA~2\Raptr\win32gui.pyd
 MOD - [2010-11-22 23:57:34 | 000,111,104 | ---- | M] () -- C:\PROGRA~2\Raptr\win32file.pyd
 MOD - [2010-11-22 23:57:34 | 000,096,256 | ---- | M] () -- C:\PROGRA~2\Raptr\win32api.pyd
 MOD - [2010-11-22 23:57:34 | 000,036,352 | ---- | M] () -- C:\PROGRA~2\Raptr\win32process.pyd
 MOD - [2010-11-22 23:57:34 | 000,016,384 | ---- | M] () -- C:\PROGRA~2\Raptr\win32trace.pyd
 MOD - [2010-11-22 23:57:18 | 000,141,312 | ---- | M] () -- C:\PROGRA~2\Raptr\gobject._gobject.pyd
 MOD - [2010-11-22 23:57:06 | 000,263,168 | ---- | M] () -- C:\PROGRA~2\Raptr\win32com.shell.shell.pyd
 MOD - [2010-11-22 23:56:56 | 000,354,304 | ---- | M] () -- C:\PROGRA~2\Raptr\pythoncom26.dll
 MOD - [2010-11-22 23:56:56 | 000,110,592 | ---- | M] () -- C:\PROGRA~2\Raptr\pywintypes26.dll
 MOD - [2010-11-22 23:56:26 | 000,324,608 | ---- | M] () -- C:\PROGRA~2\Raptr\PIL._imaging.pyd
 MOD - [2010-11-22 23:56:02 | 000,805,376 | ---- | M] () -- C:\PROGRA~2\Raptr\_ssl.pyd
 MOD - [2010-11-22 23:56:02 | 000,583,680 | ---- | M] () -- C:\PROGRA~2\Raptr\unicodedata.pyd
 MOD - [2010-11-22 23:56:02 | 000,356,864 | ---- | M] () -- C:\PROGRA~2\Raptr\_hashlib.pyd
 MOD - [2010-11-22 23:56:02 | 000,127,488 | ---- | M] () -- C:\PROGRA~2\Raptr\pyexpat.pyd
 MOD - [2010-11-22 23:56:02 | 000,124,928 | ---- | M] () -- C:\PROGRA~2\Raptr\_elementtree.pyd
 MOD - [2010-11-22 23:56:02 | 000,087,040 | ---- | M] () -- C:\PROGRA~2\Raptr\_ctypes.pyd
 MOD - [2010-11-22 23:56:02 | 000,044,544 | ---- | M] () -- C:\PROGRA~2\Raptr\_sqlite3.pyd
 MOD - [2010-11-22 23:56:02 | 000,043,008 | ---- | M] () -- C:\PROGRA~2\Raptr\_socket.pyd
 MOD - [2010-11-22 23:56:02 | 000,010,240 | ---- | M] () -- C:\PROGRA~2\Raptr\select.pyd
 MOD - [2010-11-22 23:56:02 | 000,009,216 | ---- | M] () -- C:\PROGRA~2\Raptr\winsound.pyd
 
 
 [color=#E56717]========== Services (SafeList) ==========[/color]
 
 SRV:[b]64bit:[/b] - [2014-03-02 10:27:50 | 002,541,688 | ---- | M] (Speedbit Ltd.) [Auto | Running] -- C:\Program Files\Common Files\SpeedBit\SBUpdate\sbu.exe -- (SBUpd)
 SRV:[b]64bit:[/b] - [2014-02-06 11:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
 SRV:[b]64bit:[/b] - [2014-01-03 08:36:38 | 001,471,352 | ---- | M] (Flexera Software LLC) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FlexNet Licensing Service 64)
 SRV:[b]64bit:[/b] - [2013-12-06 21:52:10 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
 SRV:[b]64bit:[/b] - [2013-05-27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
 SRV:[b]64bit:[/b] - [2010-08-30 14:10:08 | 001,743,872 | ---- | M] (Locktime Software) [Auto | Running] -- C:\Program Files\NetLimiter 3\nlsvc.exe -- (nlsvc)
 SRV:[b]64bit:[/b] - [2010-04-06 15:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
 SRV:[b]64bit:[/b] - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
 SRV - [2014-02-21 17:59:01 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
 SRV - [2014-02-21 14:54:16 | 000,857,912 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
 SRV - [2014-02-21 14:54:14 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
 SRV - [2014-02-15 08:34:29 | 000,118,896 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
 SRV - [2013-12-19 23:50:00 | 000,569,768 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
 SRV - [2013-10-11 13:25:30 | 000,214,512 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe -- (AVP)
 SRV - [2013-10-04 13:10:12 | 000,520,416 | ---- | M] (Futuremark) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
 SRV - [2013-09-30 07:02:29 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
 SRV - [2013-09-11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
 SRV - [2013-02-28 18:25:34 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
 SRV - [2012-12-18 20:08:30 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
 SRV - [2012-09-04 10:14:23 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\srvany.exe -- (KMService)
 SRV - [2011-09-15 05:19:54 | 000,086,016 | ---- | M] () [Auto | Running] -- D:\Autodesk 3DS Max\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe -- (mi-raysat_3dsmax2014_64)
 SRV - [2011-07-28 17:35:44 | 000,262,144 | ---- | M] (Arcai.com) [Auto | Running] -- C:\Program Files (x86)\netcut\services\AIPS.exe -- (AIPS)
 SRV - [2011-05-20 10:10:26 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
 SRV - [2010-06-25 18:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd)
 SRV - [2010-02-19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
 SRV - [2009-07-16 10:20:06 | 000,036,352 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe -- (OpenVPNService)
 SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
 [color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
 DRV:[b]64bit:[/b] - [2014-03-02 10:27:50 | 000,041,368 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\SpeedBit\SBUpdate\sbw.sys -- (SBUpdd)
 DRV:[b]64bit:[/b] - [2014-02-21 14:55:40 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
 DRV:[b]64bit:[/b] - [2014-02-18 21:04:30 | 000,624,224 | ---- | M] (Kaspersky Lab ZAO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
 DRV:[b]64bit:[/b] - [2014-02-18 21:04:30 | 000,029,280 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klkbdflt.sys -- (klkbdflt)
 DRV:[b]64bit:[/b] - [2014-02-18 21:04:29 | 000,115,296 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\klflt.sys -- (klflt)
 DRV:[b]64bit:[/b] - [2013-12-19 08:43:49 | 000,178,272 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kneps.sys -- (kneps)
 DRV:[b]64bit:[/b] - [2013-12-18 17:16:44 | 000,140,560 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
 DRV:[b]64bit:[/b] - [2013-12-06 22:52:14 | 013,207,552 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
 DRV:[b]64bit:[/b] - [2013-12-06 21:21:44 | 000,626,176 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
 DRV:[b]64bit:[/b] - [2013-12-01 15:02:16 | 000,458,336 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1)
 DRV:[b]64bit:[/b] - [2013-11-15 07:37:16 | 000,039,080 | ---- | M] (Razer Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzendpt.sys -- (rzendpt)
 DRV:[b]64bit:[/b] - [2013-11-15 07:37:14 | 000,149,160 | ---- | M] (Razer Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzudd.sys -- (rzudd)
 DRV:[b]64bit:[/b] - [2013-10-11 13:25:26 | 000,029,792 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
 DRV:[b]64bit:[/b] - [2013-10-11 13:25:26 | 000,029,280 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
 DRV:[b]64bit:[/b] - [2013-10-02 03:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
 DRV:[b]64bit:[/b] - [2013-09-24 15:53:50 | 000,094,208 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
 DRV:[b]64bit:[/b] - [2013-09-14 19:48:41 | 000,828,912 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
 DRV:[b]64bit:[/b] - [2013-05-14 17:34:44 | 000,055,904 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kltdi.sys -- (kltdi)
 DRV:[b]64bit:[/b] - [2013-04-30 10:55:32 | 000,052,640 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SaiBus.sys -- (SaiNtBus)
 DRV:[b]64bit:[/b] - [2013-04-30 10:55:32 | 000,025,120 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SaiMini.sys -- (SaiMini)
 DRV:[b]64bit:[/b] - [2013-04-12 15:34:48 | 000,015,456 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klpd.sys -- (klpd)
 DRV:[b]64bit:[/b] - [2013-01-17 20:15:12 | 000,066,800 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys -- (LGSHidFilt)
 DRV:[b]64bit:[/b] - [2012-09-20 13:45:56 | 000,180,544 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SaiK0CCB.sys -- (SaiK0CCB)
 DRV:[b]64bit:[/b] - [2012-09-20 13:45:56 | 000,047,168 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SaiU0CCB.sys -- (SaiU0CCB)
 DRV:[b]64bit:[/b] - [2012-09-20 13:45:28 | 000,180,544 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SaiK0CD7.sys -- (SaiK0CD7)
 DRV:[b]64bit:[/b] - [2012-09-20 13:45:22 | 000,180,544 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SaiK1708.sys -- (SaiK1708)
 DRV:[b]64bit:[/b] - [2012-09-20 05:35:36 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
 DRV:[b]64bit:[/b] - [2012-09-20 05:35:36 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
 DRV:[b]64bit:[/b] - [2012-08-24 18:53:29 | 000,066,728 | ---- | M] (Eugene V. Muzychenko) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vrtaucbl.sys -- (EuMusDesignVirtualAudioCableWdm)
 DRV:[b]64bit:[/b] - [2012-08-23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
 DRV:[b]64bit:[/b] - [2012-03-08 08:53:14 | 000,022,128 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
 DRV:[b]64bit:[/b] - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
 DRV:[b]64bit:[/b] - [2011-12-02 11:38:08 | 000,239,208 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
 DRV:[b]64bit:[/b] - [2011-10-08 02:14:20 | 000,027,608 | ---- | M] (XBCD Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xbcd.sys -- (XBCD)
 DRV:[b]64bit:[/b] - [2011-09-29 10:30:34 | 000,646,248 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
 DRV:[b]64bit:[/b] - [2011-09-16 08:12:58 | 000,032,360 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (VLAN)
 DRV:[b]64bit:[/b] - [2011-09-16 08:12:58 | 000,032,360 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan620.sys -- (RTVLANPT)
 DRV:[b]64bit:[/b] - [2011-06-15 14:11:20 | 000,057,960 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (TEAM)
 DRV:[b]64bit:[/b] - [2011-06-15 14:11:20 | 000,057,960 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (RTTEAMPT)
 DRV:[b]64bit:[/b] - [2011-06-15 14:11:20 | 000,027,136 | ---- | M] (Realtek ) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\RtNdPt60.sys -- (RtNdPt60)
 DRV:[b]64bit:[/b] - [2011-05-20 09:53:44 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
 DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
 DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
 DRV:[b]64bit:[/b] - [2011-02-09 17:45:12 | 000,025,088 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bulkrazer_x64.sys -- (bulkadi)
 DRV:[b]64bit:[/b] - [2010-11-20 14:34:04 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
 DRV:[b]64bit:[/b] - [2010-11-20 14:34:04 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
 DRV:[b]64bit:[/b] - [2010-11-20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
 DRV:[b]64bit:[/b] - [2010-11-20 12:35:34 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
 DRV:[b]64bit:[/b] - [2010-11-20 12:35:22 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
 DRV:[b]64bit:[/b] - [2010-08-30 14:38:38 | 000,033,416 | ---- | M] (Locktime Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nlndis.sys -- (NLNdisPT)
 DRV:[b]64bit:[/b] - [2010-08-30 14:38:38 | 000,033,416 | ---- | M] (Locktime Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nlndis.sys -- (NLNdisMP)
 DRV:[b]64bit:[/b] - [2010-08-30 14:38:36 | 000,088,200 | ---- | M] (Locktime Software) [Kernel | System | Running] -- C:\Program Files\NetLimiter 3\nltdi.sys -- (nltdi)
 DRV:[b]64bit:[/b] - [2010-06-25 18:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
 DRV:[b]64bit:[/b] - [2009-12-30 10:21:04 | 000,030,776 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
 DRV:[b]64bit:[/b] - [2009-11-24 01:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
 DRV:[b]64bit:[/b] - [2009-11-24 01:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
 DRV:[b]64bit:[/b] - [2009-07-16 10:20:26 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
 DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
 DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
 DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
 DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
 DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
 DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
 DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
 DRV - [2013-07-24 19:02:14 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
 DRV - [2013-05-31 16:12:51 | 000,031,136 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS -- (HWiNFO32)
 DRV - [2013-03-14 13:36:18 | 000,017,160 | ---- | M] (XFire) [File_System | On_Demand | Running] -- C:\Program Files (x86)\Xfire2\XFDriver64.sys -- (XFDriver64)
 DRV - [2013-02-05 09:54:40 | 000,037,344 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\FsUsbExDisk.Sys -- (FsUsbExDisk)
 DRV - [2013-01-23 07:12:38 | 000,013,368 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\MSI Afterburner\RTCore64.sys -- (RTCore64)
 DRV - [2012-08-01 14:44:04 | 000,014,544 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys -- (WinRing0_1_2_0)
 DRV - [2011-06-02 09:08:34 | 000,017,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys -- (cpudrv64)
 DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 DRV - [1999-09-10 12:06:00 | 000,025,244 | ---- | M] (Adaptec) [Kernel | Auto | Stopped] -- C:\Windows\SysWow64\drivers\aspi32.sys -- (Aspi32)
 
 
 [color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
 [color=#E56717]========== Internet Explorer ==========[/color]
 
 IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
 IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}: "URL" = http://go.speedbit.com/search.aspx?site=shdefault&pid=s&shr=d&q={searchTerms}
 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
 IE - HKLM\..\SearchScopes,DefaultScope =
 IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
 
 IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
 
 IE - HKU\S-1-5-21-2294864315-1545841318-3897952-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
 IE - HKU\S-1-5-21-2294864315-1545841318-3897952-1000\..\SearchScopes,DefaultScope = {7F4EFF06-7032-458e-AE16-1C1D8255C28A}
 IE - HKU\S-1-5-21-2294864315-1545841318-3897952-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.v9.com/web/?q={searchTerms}
 IE - HKU\S-1-5-21-2294864315-1545841318-3897952-1000\..\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}: "URL" = http://go.speedbit.com/search.aspx?site=shdefault&pid=s&shr=d&q={searchTerms}
 IE - HKU\S-1-5-21-2294864315-1545841318-3897952-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 IE - HKU\S-1-5-21-2294864315-1545841318-3897952-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
 [color=#E56717]========== FireFox ==========[/color]
 
 FF - prefs.js..browser.startup.homepage: "google.pl"
 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1
 FF - prefs.js..keyword.URL: "http://go.speedbit.com/search.aspx?s=E21b&q="
 FF - user.js - File not found
 
 FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll File not found
 FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
 FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
 FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
 FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
 FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
 FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
 FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
 FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
 FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.132.0: C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll File not found
 FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.140.0: C:\Program Files (x86)\Battlelog Web Plugins\1.140.0\npesnlaunch.dll File not found
 FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.4: C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll File not found
 FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.3.2: C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
 FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
 FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
 FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
 FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
 FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
 FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
 FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
 FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
 FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
 FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
 FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
 FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
 FF - HKCU\Software\MozillaPlugins\@onlive.com/OnLiveGameClientDetector,version=1.0.0: C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll File not found
 FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Traveler\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
 
 FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-08-24 16:49:31 | 000,000,000 | ---D | M]
 FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2013-06-17 13:35:51 | 000,000,000 | ---D | M]
 FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3ED591BC-7CC7-495B-A526-B2431356EDC1}: C:\Program Files (x86)\Ad Muncher\FirefoxExtension_2.0 [2013-09-15 13:11:04 | 000,000,000 | ---D | M]
 FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-02-18 21:04:32 | 000,000,000 | ---D | M]
 FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-02-18 21:04:32 | 000,000,000 | ---D | M]
 FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-02-18 21:04:32 | 000,000,000 | ---D | M]
 FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\anti_banner@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-02-18 21:04:32 | 000,000,000 | ---D | M]
 FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-02-18 21:04:32 | 000,000,000 | ---D | M]
 FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
 FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.3.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2014-02-05 18:22:41 | 000,000,000 | ---D | M]
 FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.3.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2014-02-05 18:22:41 | 000,000,000 | ---D | M]
 FF - HKEY_LOCAL_MACHINE\software\mozilla\SeaMonkey\Extensions\\{3ED591BC-7CC7-495B-A526-B2431356EDC1}: C:\Program Files (x86)\Ad Muncher\FirefoxExtension_2.0 [2013-09-15 13:11:04 | 000,000,000 | ---D | M]
 
 [2013-04-17 06:43:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Traveler\AppData\Roaming\mozilla\Extensions
 [2013-04-17 06:43:32 | 000,000,000 | ---D | M] (Smiley Bar for Facebook) -- C:\Users\Traveler\AppData\Roaming\mozilla\Extensions\statuswinks@StatusWinks
 [2014-02-15 08:34:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
 [2014-02-15 08:34:29 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
 [color=#E56717]========== Chrome ==========[/color]
 
 CHR - default_search_provider: ()
 CHR - default_search_provider: search_url =
 CHR - default_search_provider: suggest_url =
 CHR - homepage:
 CHR - Extension: No name found = C:\Users\Traveler\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\14.0.0.4651_0\
 CHR - Extension: No name found = C:\Users\Traveler\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\14.0.0.4651_0\
 CHR - Extension: No name found = C:\Users\Traveler\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\14.0.0.4651_0\
 CHR - Extension: No name found = C:\Users\Traveler\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\14.0.0.4816_0\
 CHR - Extension: No name found = C:\Users\Traveler\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\
 CHR - Extension: No name found = C:\Users\Traveler\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
 CHR - Extension: No name found = C:\Users\Traveler\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\14.0.0.4651_0\
 
 O1 HOSTS File: ([2014-03-04 17:33:29 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
 O1 - Hosts: 127.0.0.1 localhost
 O2:[b]64bit:[/b] - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
 O2:[b]64bit:[/b] - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
 O2:[b]64bit:[/b] - BHO: (IVONA Reader) - {8664889D-ED18-4713-918F-E2BB69D8452B} - C:\Program Files (x86)\IVONA\IVONA Reader\integr\IR_iexplorer2_x64.dll (IVO Software Sp. z o.o.)
 O2:[b]64bit:[/b] - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
 O2:[b]64bit:[/b] - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
 O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
 O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
 O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
 O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
 O2 - BHO: (IVONA Reader) - {8664889D-ED18-4713-918F-E2BB69D8452B} - C:\Program Files (x86)\IVONA\IVONA Reader\integr\IR_iexplorer2.dll (IVO Software Sp. z o.o.)
 O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
 O2 - BHO: (Adobe Acrobat Create PDF Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
 O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL (Microsoft Corporation)
 O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL (Microsoft Corporation)
 O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
 O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
 O2 - BHO: (Adobe Acrobat Create PDF from Selection) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
 O3:[b]64bit:[/b] - HKLM\..\Toolbar: (IVONA Reader) - {8664889D-ED18-4713-918F-E2BB69D8452B} - C:\Program Files (x86)\IVONA\IVONA Reader\integr\IR_iexplorer2_x64.dll (IVO Software Sp. z o.o.)
 O3 - HKLM\..\Toolbar: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
 O3 - HKLM\..\Toolbar: (IVONA Reader) - {8664889D-ED18-4713-918F-E2BB69D8452B} - C:\Program Files (x86)\IVONA\IVONA Reader\integr\IR_iexplorer2.dll (IVO Software Sp. z o.o.)
 O4:[b]64bit:[/b] - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
 O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
 O4:[b]64bit:[/b] - HKLM..\Run: [SaiMfd] C:\Program Files\SmartTechnology\Software\SaiMfd.exe (Saitek)
 O4 - HKLM..\Run: [] File not found
 O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
 O4 - HKLM..\Run: [Ad Muncher] C:\Program Files (x86)\Ad Muncher\AdMunch.exe (Murray Hurps Corp Pty Ltd)
 O4 - HKLM..\Run: [ADSK DLMSession] C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe (Autodesk, Inc.)
 O4 - HKLM..\Run: [Razer Synapse] C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer Inc.)
 O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
 O4 - HKU\S-1-5-21-2294864315-1545841318-3897952-1000..\Run: [NetLimiter] C:\Program Files\NetLimiter 3\NLClientApp.exe (Locktime Software)
 O4 - HKU\S-1-5-21-2294864315-1545841318-3897952-1000..\Run: [Raptr] C:\PROGRA~2\Raptr\raptrstub.exe --startup File not found
 O4 - HKU\S-1-5-21-2294864315-1545841318-3897952-1000..\Run: [Spotify Web Helper] C:\Users\Traveler\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
 O4 - HKU\S-1-5-21-2294864315-1545841318-3897952-1000..\Run: [uTorrent] C:\Users\Traveler\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
 O4 - Startup: C:\Users\Traveler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = C:\Program Files (x86)\Xfire2\Xfire.exe (Xfire Inc.)
 O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
 O7 - HKU\S-1-5-21-2294864315-1545841318-3897952-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
 O7 - HKU\S-1-5-21-2294864315-1545841318-3897952-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
 O7 - HKU\S-1-5-21-2294864315-1545841318-3897952-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
 O8:[b]64bit:[/b] - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ie_banner_deny.htm ()
 O8:[b]64bit:[/b] - Extra context menu item: Block frame with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=MO2540G0&id=menu_ie_frame File not found
 O8:[b]64bit:[/b] - Extra context menu item: Block image with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=MO2540G0&id=menu_ie_image File not found
 O8:[b]64bit:[/b] - Extra context menu item: Block link with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=MO2540G0&id=menu_ie_link File not found
 O8:[b]64bit:[/b] - Extra context menu item: Don't filter page with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=MO2540G0&id=menu_ie_exclude File not found
 O8:[b]64bit:[/b] - Extra context menu item: Report page to the Ad Muncher developers - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=MO2540G0&id=menu_ie_report File not found
 O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ie_banner_deny.htm ()
 O8 - Extra context menu item: Block frame with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=MO2540G0&id=menu_ie_frame File not found
 O8 - Extra context menu item: Block image with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=MO2540G0&id=menu_ie_image File not found
 O8 - Extra context menu item: Block link with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=MO2540G0&id=menu_ie_link File not found
 O8 - Extra context menu item: Don't filter page with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=MO2540G0&id=menu_ie_exclude File not found
 O8 - Extra context menu item: Report page to the Ad Muncher developers - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=MO2540G0&id=menu_ie_report File not found
 O9:[b]64bit:[/b] - Extra Button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
 O9:[b]64bit:[/b] - Extra Button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
 O9 - Extra Button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
 O9 - Extra Button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
 O13 - gopher Prefix: missing
 O16 - DPF: {66D845A0-C3BB-45AD-807C-9BFEAF20EF2C} https://dokumax.max-boegl.de/content/static/ecm/activex/Enable_Edit_In_Place.cab (InPEditor Class)
 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 8.8.4.4
 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2F7064A7-26C8-4F79-8950-B1A240BCFA44}: DhcpNameServer = 8.8.8.8 8.8.4.4
 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D395B88C-BE42-4389-B68D-0FB8DAD83354}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
 O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
 O18 - Protocol\Handler\ms-help - No CLSID value found
 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
 O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
 O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
 O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
 O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
 O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
 O32 - HKLM CDRom: AutoRun - 1
 O32 - AutoRun File - [2014-01-14 18:59:32 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
 O32 - AutoRun File - [2014-03-06 21:21:24 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
 O32 - AutoRun File - [2014-03-06 22:09:52 | 000,097,788 | ---- | M] () - C:\autoupdate.log -- [ NTFS ]
 O32 - AutoRun File - [2014-01-03 08:44:12 | 000,000,000 | ---D | M] - D:\Autodesk 3DS Max -- [ NTFS ]
 O32 - AutoRun File - [2014-01-03 15:59:05 | 000,000,000 | ---D | M] - D:\Autodesk Dokumenty -- [ NTFS ]
 O32 - AutoRun File - [2014-01-03 08:45:08 | 000,000,000 | ---D | M] - D:\Autodesk Mudbox -- [ NTFS ]
 O34 - HKLM BootExecute: (autocheck autochk *)
 O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
 O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
 O35 - HKLM\..comfile [open] -- "%1" %*
 O35 - HKLM\..exefile [open] -- "%1" %*
 O37:[b]64bit:[/b] - HKLM\...com [@ = ComFile] -- "%1" %*
 O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
 O37 - HKLM\...com [@ = ComFile] -- "%1" %*
 O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
 O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
 [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
 [2014-03-06 22:08:02 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
 [2014-03-06 22:08:00 | 000,000,000 | ---D | C] -- C:\Windows\temp
 [2014-03-06 22:03:38 | 005,187,080 | R--- | C] (Swearware) -- C:\ComboFix.exe
 [2014-03-06 21:54:46 | 000,119,512 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
 [2014-03-06 21:54:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
 [2014-03-06 21:54:10 | 000,092,376 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
 [2014-03-06 21:54:10 | 000,063,192 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
 [2014-03-06 21:54:10 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
 [2014-03-06 21:54:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
 [2014-03-06 21:54:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
 [2014-03-06 21:29:32 | 000,000,000 | ---D | C] -- C:\AdwCleaner
 [2014-03-06 21:21:04 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
 [2014-03-05 17:16:40 | 000,000,000 | ---D | C] -- C:\Users\Traveler\AppData\Local\Adobe
 [2014-03-04 20:29:28 | 006,574,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
 [2014-03-04 20:29:28 | 005,694,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
 [2014-03-04 17:47:30 | 000,000,000 | ---D | C] -- C:\Users\Traveler\AppData\Local\GHISLER
 [2014-03-04 17:27:33 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
 [2014-03-04 17:27:33 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
 [2014-03-04 17:27:33 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
 [2014-03-04 17:27:30 | 000,000,000 | ---D | C] -- C:\Qoobox
 [2014-03-04 17:27:25 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
 [2014-03-01 07:59:27 | 000,000,000 | ---D | C] -- C:\Users\Traveler\Documents\Thief
 [2014-02-23 17:17:35 | 000,000,000 | ---D | C] -- C:\Users\Traveler\AppData\Roaming\com.efile.epity2013
 [2014-02-23 17:17:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\e-pity
 [2014-02-23 17:17:30 | 000,000,000 | ---D | C] -- C:\Users\Traveler\AppData\Roaming\fillUp
 [2014-02-23 17:17:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\e-file
 [2014-02-18 20:00:29 | 000,000,000 | ---D | C] -- C:\Users\Traveler\Documents\Respawn
 [2014-02-15 13:39:04 | 000,000,000 | ---D | C] -- C:\Users\Traveler\Documents\Niestandardowe szablony pakietu Office
 [2014-02-15 08:34:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
 [2014-02-14 20:38:09 | 000,000,000 | ---D | C] -- C:\Users\Traveler\AppData\Local\Apple Computer
 [2014-02-12 19:20:04 | 000,548,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
 [2014-02-12 19:19:42 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
 [2014-02-12 19:19:42 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
 [2014-02-12 19:19:41 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
 [2014-02-12 19:19:41 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
 [2014-02-12 19:19:41 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
 [2014-02-12 19:19:41 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
 [2014-02-12 19:19:41 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
 [2014-02-12 19:19:40 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
 [2014-02-12 19:19:40 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
 [2014-02-12 19:19:40 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
 [2014-02-12 19:19:40 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
 [2014-02-12 19:19:40 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
 [2014-02-12 19:19:40 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
 [2014-02-12 19:19:40 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
 [2014-02-12 19:19:40 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
 [2014-02-12 19:19:40 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
 [2014-02-12 19:19:39 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
 [2014-02-12 19:19:39 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
 [2014-02-12 19:19:39 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
 [2014-02-12 19:19:39 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
 [2014-02-12 19:19:38 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
 [2014-02-12 19:19:38 | 001,964,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
 [2014-02-12 19:19:36 | 005,768,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
 [2014-02-12 19:18:25 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
 [2014-02-12 19:18:25 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
 [2014-02-12 19:18:25 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
 [2014-02-12 19:18:25 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
 [2014-02-12 19:18:25 | 000,553,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
 [2014-02-12 19:18:25 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
 [2014-02-12 19:18:25 | 000,528,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
 [2014-02-12 19:18:25 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
 [2014-02-12 19:18:25 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
 [2014-02-12 19:18:25 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
 [2014-02-12 19:18:25 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
 [2014-02-12 19:18:25 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
 [2014-02-12 19:18:25 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
 [2014-02-12 19:18:25 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
 [2014-02-12 19:18:25 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
 [2014-02-12 19:18:25 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
 [2014-02-12 19:18:25 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
 [2014-02-12 19:18:20 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
 [2014-02-12 19:18:20 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
 [2014-02-12 19:18:19 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
 [2014-02-12 19:18:19 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
 [2014-02-11 21:06:25 | 000,000,000 | ---D | C] -- C:\Users\Traveler\AppData\Local\LooksBuilder
 [2014-02-11 21:04:04 | 000,000,000 | ---D | C] -- C:\Users\Traveler\AppData\Roaming\Red Giant Link
 [2014-02-11 21:03:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Giant
 [2014-02-11 21:03:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magic Bullet Looks
 [2014-02-11 21:03:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LooksBuilder
 [2014-02-11 21:03:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Red Giant Link
 [2014-02-11 21:02:22 | 000,000,000 | ---D | C] -- C:\ProgramData\RedGiant
 [2014-02-10 21:14:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
 [2014-02-10 21:14:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
 [2014-02-10 21:14:06 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
 [2014-02-10 21:14:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server
 [2014-02-10 21:14:04 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1991-06.com.microsoft
 [2014-02-10 21:13:59 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
 [2014-02-10 21:13:59 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
 [2014-02-10 21:13:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
 [2014-02-10 21:13:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
 [2014-02-10 21:13:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
 [2014-02-10 21:13:23 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
 [2014-02-10 21:12:11 | 000,000,000 | R--D | C] -- C:\MSOCache
 [2014-02-05 18:22:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
 [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 [1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
 
 [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
 [2014-03-06 22:16:37 | 000,013,808 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
 [2014-03-06 22:16:37 | 000,013,808 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
 [2014-03-06 22:15:46 | 001,670,518 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
 [2014-03-06 22:15:46 | 000,741,988 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
 [2014-03-06 22:15:46 | 000,654,812 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
 [2014-03-06 22:15:46 | 000,156,632 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
 [2014-03-06 22:15:46 | 000,122,684 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
 [2014-03-06 22:09:50 | 000,119,512 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
 [2014-03-06 22:09:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
 [2014-03-06 22:09:23 | 2140,790,783 | -HS- | M] () -- C:\hiberfil.sys
 [2014-03-06 21:58:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
 [2014-03-06 21:54:11 | 000,001,098 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
 [2014-03-06 21:21:24 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
 [2014-03-04 17:33:29 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
 [2014-03-04 17:23:23 | 005,187,080 | R--- | M] (Swearware) -- C:\ComboFix.exe
 [2014-02-26 21:59:31 | 000,007,601 | ---- | M] () -- C:\Users\Traveler\AppData\Local\Resmon.ResmonCfg
 [2014-02-25 18:29:14 | 000,006,164 | ---- | M] () -- C:\Users\Traveler\AppData\Local\recently-used.xbel
 [2014-02-21 17:59:00 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
 [2014-02-21 17:59:00 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
 [2014-02-21 14:55:56 | 000,063,192 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
 [2014-02-21 14:55:44 | 000,092,376 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
 [2014-02-21 14:55:40 | 000,025,816 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
 [2014-02-18 21:04:30 | 000,624,224 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klif.sys
 [2014-02-18 21:04:30 | 000,029,280 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klkbdflt.sys
 [2014-02-18 21:04:29 | 000,115,296 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klflt.sys
 [2014-02-18 20:28:49 | 000,000,883 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
 [2014-02-17 17:57:28 | 015,464,789 | ---- | M] () -- C:\Users\Traveler\Desktop\Diablo III Caramelldansen.mp4
 [2014-02-16 17:54:59 | 000,290,184 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
 [2014-02-16 17:54:59 | 000,290,184 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
 [2014-02-16 17:47:06 | 000,290,184 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
 [2014-02-13 21:40:49 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
 [2014-02-13 21:40:49 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
 [2014-02-12 19:21:13 | 001,645,586 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
 [2014-02-11 20:34:38 | 000,022,528 | ---- | M] () -- C:\Users\Traveler\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 [2014-02-11 15:33:12 | 005,018,448 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
 [2014-02-09 10:29:19 | 000,124,074 | ---- | M] () -- C:\Users\Traveler\Documents\cc_20140209_102907.reg
 [2014-02-06 12:30:12 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
 [2014-02-06 12:07:39 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
 [2014-02-06 12:06:47 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
 [2014-02-06 11:56:03 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
 [2014-02-06 11:52:11 | 000,574,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
 [2014-02-06 11:49:03 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
 [2014-02-06 11:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
 [2014-02-06 11:48:11 | 000,708,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
 [2014-02-06 11:32:49 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
 [2014-02-06 11:17:15 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
 [2014-02-06 11:11:37 | 005,768,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
 [2014-02-06 11:01:36 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
 [2014-02-06 11:00:46 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
 [2014-02-06 10:57:13 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
 [2014-02-06 10:52:21 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
 [2014-02-06 10:50:32 | 002,041,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
 [2014-02-06 10:49:22 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
 [2014-02-06 10:47:22 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
 [2014-02-06 10:46:27 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
 [2014-02-06 10:25:43 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
 [2014-02-06 10:09:30 | 001,964,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
 [2014-02-06 09:40:06 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
 [2014-02-06 09:34:31 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
 [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 [1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
 
 [color=#E56717]========== Files Created - No Company Name ==========[/color]
 
 [2014-03-06 21:54:11 | 000,001,098 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
 [2014-03-06 21:21:24 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
 [2014-03-04 17:27:33 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
 [2014-03-04 17:27:33 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
 [2014-03-04 17:27:33 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
 [2014-03-04 17:27:33 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
 [2014-03-04 17:27:33 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
 [2014-02-25 18:29:14 | 000,006,164 | ---- | C] () -- C:\Users\Traveler\AppData\Local\recently-used.xbel
 [2014-02-23 17:17:33 | 000,001,177 | ---- | C] () -- C:\Users\Traveler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\e-pity 2013 - program, pity roczne, e-deklaracje.lnk
 [2014-02-18 20:28:49 | 000,000,883 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
 [2014-02-17 17:56:44 | 015,464,789 | ---- | C] () -- C:\Users\Traveler\Desktop\Diablo III Caramelldansen.mp4
 [2014-02-09 10:29:16 | 000,124,074 | ---- | C] () -- C:\Users\Traveler\Documents\cc_20140209_102907.reg
 [2014-01-18 09:46:26 | 000,000,037 | ---- | C] () -- C:\Users\Traveler\.gtk-bookmarks
 [2014-01-03 11:21:54 | 000,000,132 | ---- | C] () -- C:\Users\Traveler\AppData\Roaming\Adobe Targa Format CS6 Prefs
 [2013-12-06 16:44:26 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
 [2013-11-08 23:38:38 | 000,200,704 | ---- | C] () -- C:\Windows\SysWow64\clinfo.exe
 [2013-10-10 17:52:32 | 000,000,022 | ---- | C] () -- C:\Windows\GPU-Z.INI
 [2013-10-08 13:56:12 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
 [2013-10-08 13:56:12 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
 [2013-09-01 11:02:17 | 000,000,145 | ---- | C] () -- C:\Users\Traveler\.gxiso
 [2013-08-07 18:11:28 | 000,290,184 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
 [2013-08-07 18:11:09 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
 [2013-07-24 16:47:23 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
 [2013-07-08 08:18:34 | 000,091,264 | ---- | C] () -- C:\Windows\SysWow64\EasyHook32.dll
 [2013-04-27 08:39:06 | 000,001,855 | ---- | C] () -- C:\Users\Traveler\.swfinfo
 [2013-04-03 06:46:02 | 000,011,761 | ---- | C] () -- C:\Users\Traveler\AppData\Local\unins000.msg
 [2013-04-03 06:46:02 | 000,002,445 | ---- | C] () -- C:\Users\Traveler\AppData\Local\unins000.dat
 [2013-03-29 03:13:14 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
 [2013-03-29 03:13:12 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
 [2013-03-02 11:15:29 | 000,000,000 | ---- | C] () -- C:\Users\Traveler\necflash
 [2013-02-19 18:59:58 | 000,110,592 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDevice.Dll
 [2013-02-19 18:59:58 | 000,037,344 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDisk.Sys
 [2013-02-16 12:45:54 | 001,065,984 | ---- | C] () -- C:\Users\Traveler\AppData\Local\file__0.localstorage
 [2013-02-06 20:11:49 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
 [2013-02-06 20:11:49 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
 [2013-02-06 20:11:49 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
 [2013-02-06 20:11:48 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
 [2013-02-01 19:54:59 | 000,000,132 | ---- | C] () -- C:\Users\Traveler\AppData\Roaming\Adobe PNG Format CS6 Prefs
 [2012-12-28 22:04:22 | 000,036,352 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
 [2012-12-18 10:06:10 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
 [2012-12-18 10:06:06 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
 [2012-12-18 10:06:06 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
 [2012-12-18 10:06:06 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
 [2012-12-18 10:06:06 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
 [2012-11-21 14:10:20 | 003,123,272 | R--- | C] () -- C:\Windows\SysWow64\pbsvc.exe
 [2012-11-14 10:03:01 | 000,000,414 | RHS- | C] () -- C:\ProgramData\ntuser.pol
 [2012-11-11 15:41:08 | 000,007,601 | ---- | C] () -- C:\Users\Traveler\AppData\Local\Resmon.ResmonCfg
 [2012-11-05 15:02:08 | 000,260,580 | ---- | C] () -- C:\Windows\SysWow64\temp.bin
 [2012-11-04 18:43:29 | 000,000,000 | ---- | C] () -- C:\Windows\Bench32_2.47(dobreprogramy.pl).INI
 [2012-09-30 18:59:26 | 000,715,038 | ---- | C] () -- C:\Windows\unins001.exe
 [2012-09-30 18:59:26 | 000,001,902 | ---- | C] () -- C:\Windows\unins001.dat
 [2012-09-30 15:04:54 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI
 [2012-09-30 12:44:04 | 001,174,979 | ---- | C] () -- C:\Windows\unins000.exe
 [2012-09-30 12:44:04 | 000,001,257 | ---- | C] () -- C:\Windows\unins000.dat
 [2012-09-28 20:45:06 | 000,247,296 | ---- | C] () -- C:\Windows\SysWow64\rtvcvfw32.dll
 [2012-09-13 14:18:48 | 000,022,528 | ---- | C] () -- C:\Users\Traveler\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 [2012-09-04 10:15:14 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe
 [2012-09-03 14:40:07 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
 [2012-08-24 16:02:54 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
 [2012-08-24 15:34:16 | 001,645,586 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
 [2012-08-23 21:36:42 | 000,017,408 | ---- | C] () -- C:\Users\Traveler\AppData\Local\WebpageIcons.db
 [2012-08-23 21:33:11 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
 
 [color=#E56717]========== ZeroAccess Check ==========[/color]
 
 [2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
 [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
 [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
 [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 "" = C:\Windows\SysNative\shell32.dll -- [2013-07-26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
 "ThreadingModel" = Apartment
 
 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 "" = %SystemRoot%\system32\shell32.dll -- [2013-07-26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
 "ThreadingModel" = Apartment
 
 [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012-08-21 14:11:31 | 000,857,088 | ---- | M] (Microsoft Corporation)
 "ThreadingModel" = Free
 
 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
 "" = %systemroot%\system32\wbem\fastprox.dll -- [2012-08-21 14:37:44 | 000,636,928 | ---- | M] (Microsoft Corporation)
 "ThreadingModel" = Free
 
 [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012-08-21 14:08:38 | 000,453,120 | ---- | M] (Microsoft Corporation)
 "ThreadingModel" = Both
 
 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
 [color=#E56717]========== LOP Check ==========[/color]
 
 [2014-01-03 08:50:19 | 000,000,000 | ---D | M] -- C:\Users\Traveler\AppData\Roaming\Autodesk
 [2013-05-14 13:52:06 | 000,000,000 | ---D | M] -- C:\Users\Traveler\AppData\Roaming\AVI ReComp
 [2013-10-27 07:35:56 | 000,000,000 | ---D | M] -- C:\Users\Traveler\AppData\Roaming\Battle.net
 [2014-01-02 17:55:46 | 000,000,000 | ---D | M] -- C:\Users\Traveler\AppData\Roaming\Blender Foundation
 [2013-02-04 19:50:34 | 000,000,000 | ---D | M] -- C:\Users\Traveler\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
 [2012-12-20 17:57:52 | 000,000,000 | ---D | M] -- C:\Users\Traveler\AppData\Roaming\com.adobe.formscentral.FormsCentralForAcrobat
 [2014-02-23 17:17:35 | 000,000,000 | ---D | M] -- C:\Users\Traveler\AppData\Roaming\com.efile.epity2013
 [2013-09-14 19:52:10 | 000,000,000 | ---D | M] -- C:\Users\Traveler\AppData\Roaming\DesktopIconGoodgame
 [2013-06-26 18:09:23 | 000,000,000 | ---D | M] -- C:\Users\Traveler\AppData\Roaming\Downloaded Installations
 [2012-09-26 06:17:55 | 000,000,000 | ---D | M] -- C:\Users\Traveler\AppData\Roaming\e-academy Inc
 [2013-04-03 06:50:08 | 000,000,000 | ---D | M] -- C:\Users\Traveler\AppData\Roaming\efile.epity2012
 [2014-02-23 17:17:30 | 000,000,000 | ---D | M] -- C:\Users\Traveler\AppData\Roaming\fillUp
 [2014-02-18 20:34:23 | 000,000,000 | ---D | M] -- C:\Users\Traveler\AppData\Roaming\GG
 [2013-11-01 07:49:48 | 000,000,000 | ---D | M] -- C:\Users\Traveler\AppData\Roaming\GHISLER
 [2013-11-17 18:24:55 | 000,000,000 | ---D | M] -- C:\Users\Traveler\AppData\Roaming\Guild Wars 2
 [2013-05-19 15:22:25 | 000,000,000 | ---D | M] -- C:\Users\Traveler\AppData\Roaming\IVONA 2 Voice
 [2013-07-30 18:36:29 | 000,000,000 | ---D | M] -- C:\Users\Traveler\AppData\Roaming\IVONA Reader
 [2013-08-04 14:50:52 | 000,000,000 | ---D | M] -- C:\Users\Traveler\AppData\Roaming\Leadertech
 [2013-10-13 12:06:34 | 000,000,000 | ---D | M] -- C:\Users\Traveler\AppData\Roaming\library_dir
 [2013-12-10 18:50:34 | 000,000,000 | ---D | M] -- C:\Users\Traveler\AppData\Roaming\Litecoin
 [2013-10-20 15:50:25 | 000,000,000 | ---D | M] -- C:\Users\Traveler\AppData\Roaming\livestreamer
 [2012-11-07 09:28:54 | 000,000,000 | ---D | M] -- C:\Users\Traveler\AppData\Roaming\LolClient
 [2012-09-10 17:45:49 | 000,000,000 | ---D | M] -- C:\Users\Traveler\AppData\Roaming\NapiProjekt
 [2012-10-01 12:01:09 | 000,000,000 | ---D | M] -- C:\Users\Traveler\AppData\Roaming\Notepad++
 [2013-09-01 09:11:45 | 000,000,000 | ---D | M] -- C:\Users\Traveler\AppData\Roaming\OBS
 [2013-08-15 13:02:22 | 000,000,000 | ---D | M] -- C:\Users\Traveler\AppData\Roaming\OnLive App
 [2013-10-29 20:22:51 | 000,000,000 | ---D | M] -- C:\Users\Traveler\AppData\Roaming\Origin
 [2012-09-30 15:04:54 | 000,000,000 | ---D | M] -- C:\Users\Traveler\AppData\Roaming\PACE Anti-Piracy
 [2013-06-26 18:09:34 | 000,000,000 | ---D | M] -- C:\Users\Traveler\AppData\Roaming\PingPlotter
 [2013-05-15 18:51:46 | 000,000,000 | ---D | M] -- C:\Users\Traveler\AppData\Roaming\Process Hacker 2
 [2013-02-06 17:35:13 | 000,000,000 | ---D | M] -- C:\Users\Traveler\AppData\Roaming\Publish Providers
 [2013-06-16 06:37:16 | 000,000,000 | ---D | M] -- C:\Users\Traveler\AppData\Roaming\Rainmeter
 [2014-03-06 22:09:56 | 000,000,000 | ---D | M] -- C:\Users\Traveler\AppData\Roaming\Raptr
 [2014-02-11 21:04:27 | 000,000,000 | ---D | M] -- C:\Users\Traveler\AppData\Roaming\Red Giant Link
 [2013-02-19 18:37:26 | 000,000,000 | ---D | M] -- C:\Users\Traveler\AppData\Roaming\Samsung
 [2012-12-20 18:13:45 | 000,000,000 | ---D | M] -- C:\Users\Traveler\AppData\Roaming\SolidDocuments
 [2013-02-08 22:16:10 | 000,000,000 | ---D | M] -- C:\Users\Traveler\AppData\Roaming\Sony
 [2013-02-06 17:51:39 | 000,000,000 | ---D | M] -- C:\Users\Traveler\AppData\Roaming\Sony Creative Software Inc
 [2012-09-30 18:41:10 | 000,000,000 | ---D | M] -- C:\Users\Traveler\AppData\Roaming\SplitMediaLabs
 [2014-03-01 19:44:56 | 000,000,000 | ---D | M] -- C:\Users\Traveler\AppData\Roaming\Spotify
 [2012-08-24 15:26:51 | 000,000,000 | ---D | M] -- C:\Users\Traveler\AppData\Roaming\Thunderbird
 [2013-08-22 16:18:32 | 000,000,000 | ---D | M] -- C:\Users\Traveler\AppData\Roaming\Trine2
 [2014-03-05 20:02:06 | 000,000,000 | ---D | M] -- C:\Users\Traveler\AppData\Roaming\TS3Client
 [2012-10-06 19:06:49 | 000,000,000 | ---D | M] -- C:\Users\Traveler\AppData\Roaming\ts3overlay
 [2013-07-11 12:09:33 | 000,000,000 | ---D | M] -- C:\Users\Traveler\AppData\Roaming\Unity
 [2014-03-06 22:22:47 | 000,000,000 | ---D | M] -- C:\Users\Traveler\AppData\Roaming\uTorrent
 [2014-02-02 22:25:44 | 000,000,000 | ---D | M] -- C:\Users\Traveler\AppData\Roaming\Vulcan
 [2013-02-01 08:55:14 | 000,000,000 | -HSD | M] -- C:\Users\Traveler\AppData\Roaming\wyUpdate AU
 [2014-02-03 16:11:05 | 000,000,000 | ---D | M] -- C:\Users\Traveler\AppData\Roaming\XBMC
 
 [color=#E56717]========== Purity Check ==========[/color]
 
 
 
 [color=#E56717]========== Alternate Data Streams ==========[/color]
 
 @Alternate Data Stream - 1324 bytes -> C:\Program Files\Common Files\System:Ird6t7yar5Br8KeIkiwcFKbDn
 @Alternate Data Stream - 1301 bytes -> C:\ProgramData\Microsoft:EHT8eZRMBOHfcPGFDsHqN4JWyRdLe
 @Alternate Data Stream - 1212 bytes -> C:\ProgramData\Microsoft:2P5XMzuDsKGYgzlw7
 @Alternate Data Stream - 1188 bytes -> C:\ProgramData\Microsoft:rHWIFO7Sz2TVLTQCHn
 < End of report >
OTL Extras
- Kod: Zaznacz wszystko
- OTL Extras logfile created on: 2014-03-06 22:19:20 - Run 1
 OTL by OldTimer - Version 3.2.69.0 Folder = G:\Instalki\Kaspersky Internet Security
 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
 Internet Explorer (Version = 9.11.9600.16518)
 Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
 7,99 Gb Total Physical Memory | 5,34 Gb Available Physical Memory | 66,86% Memory free
 15,98 Gb Paging File | 12,91 Gb Available in Paging File | 80,81% Paging File free
 Paging file location(s): ?:\pagefile.sys [binary data]
 
 %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
 Drive C: | 119,14 Gb Total Space | 28,00 Gb Free Space | 23,50% Space Free | Partition Type: NTFS
 Drive D: | 150,26 Gb Total Space | 111,40 Gb Free Space | 74,14% Space Free | Partition Type: NTFS
 Drive E: | 232,88 Gb Total Space | 70,27 Gb Free Space | 30,18% Space Free | Partition Type: NTFS
 Drive F: | 232,88 Gb Total Space | 117,67 Gb Free Space | 50,53% Space Free | Partition Type: NTFS
 Drive G: | 390,62 Gb Total Space | 92,13 Gb Free Space | 23,58% Space Free | Partition Type: NTFS
 Drive H: | 195,31 Gb Total Space | 23,08 Gb Free Space | 11,82% Space Free | Partition Type: NTFS
 Drive I: | 195,31 Gb Total Space | 113,05 Gb Free Space | 57,88% Space Free | Partition Type: NTFS
 
 Computer Name: BLODYTRAVELER | User Name: Traveler | Logged in as Administrator.
 Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
 Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
 [color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
 [color=#E56717]========== File Associations ==========[/color]
 
 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
 .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
 .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
 [HKEY_USERS\S-1-5-21-2294864315-1545841318-3897952-1000\SOFTWARE\Classes\<extension>]
 .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
 [color=#E56717]========== Shell Spawning ==========[/color]
 
 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
 batfile [open] -- "%1" %*
 cmdfile [open] -- "%1" %*
 comfile [open] -- "%1" %*
 exefile [open] -- "%1" %*
 helpfile [open] -- Reg Error: Key error.
 htafile [open] -- "%1" %*
 htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
 htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
 htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
 http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
 https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
 inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
 InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
 InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
 piffile [open] -- "%1" %*
 regfile [merge] -- Reg Error: Key error.
 scrfile [config] -- "%1"
 scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
 scrfile [open] -- "%1" /S
 txtfile [edit] -- Reg Error: Key error.
 Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
 Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" ()
 Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
 Directory [ZXBTools] -- "I:\Dokumenty\Lukasz\XBOX\XBOX\Programy PC\ZXBTools_1.6a\ZXBTools_1.6a\ZXBTools.exe" -c "%1" ()
 Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 Folder [explore] -- Reg Error: Value error.
 Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
 CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
 batfile [open] -- "%1" %*
 cmdfile [open] -- "%1" %*
 comfile [open] -- "%1" %*
 cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
 exefile [open] -- "%1" %*
 helpfile [open] -- Reg Error: Key error.
 htafile [open] -- "%1" %*
 htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
 htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
 http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
 https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
 inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
 piffile [open] -- "%1" %*
 regfile [merge] -- Reg Error: Key error.
 scrfile [config] -- "%1"
 scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
 scrfile [open] -- "%1" /S
 txtfile [edit] -- Reg Error: Key error.
 Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
 Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" ()
 Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
 Directory [ZXBTools] -- "I:\Dokumenty\Lukasz\XBOX\XBOX\Programy PC\ZXBTools_1.6a\ZXBTools_1.6a\ZXBTools.exe" -c "%1" ()
 Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 Folder [explore] -- Reg Error: Value error.
 Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
 CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
 [color=#E56717]========== Security Center Settings ==========[/color]
 
 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 "cval" = 1
 "FirewallDisableNotify" = 0
 "AntiVirusDisableNotify" = 0
 "UpdatesDisableNotify" = 0
 
 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
 "AntiVirusOverride" = 0
 "AntiSpywareOverride" = 0
 "FirewallOverride" = 0
 
 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 "DisableMonitoring" = 1
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
 [color=#E56717]========== System Restore Settings ==========[/color]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
 "DisableSR" = 0
 
 [color=#E56717]========== Firewall Settings ==========[/color]
 
 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 "DisableNotifications" = 0
 "EnableFirewall" = 1
 
 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
 "DisableNotifications" = 0
 "EnableFirewall" = 1
 
 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
 "DisableNotifications" = 0
 "EnableFirewall" = 1
 
 [color=#E56717]========== Authorized Applications List ==========[/color]
 
 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
 [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
 
 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
 "{01452DAE-8962-4658-BBE4-99E8D237FA52}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
 "{12A6BF51-1E4F-4CEA-9748-7DC08B6D4AE0}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
 "{1A85F331-2A6E-4176-A72C-F813AE0A2EB9}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
 "{1CB437CF-E479-4504-819A-4E23A9A9B324}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
 "{2225DC95-737E-4488-9E90-50E60318A904}" = rport=445 | protocol=6 | dir=out | app=system |
 "{2998F21D-768B-4993-A982-D631F1F7FC71}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
 "{2B7E2206-5909-4D01-B7DC-F3E524F0FBE8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
 "{40C3B988-F4C4-4DE0-9D35-BD2DEB565E03}" = rport=138 | protocol=17 | dir=out | app=system |
 "{4D080D06-C5EC-4406-B51B-E86C24C52CAF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
 "{6D717568-A45B-4CCE-8590-13E7733EBA57}" = lport=139 | protocol=6 | dir=in | app=system |
 "{74A67508-09F1-4A78-B793-C95B00DA57C1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
 "{81210ECD-31B8-4A65-8CA2-B2CAA1020CC7}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
 "{86215E86-B5EF-47D7-9FDF-94C6CE304783}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
 "{8C89ABBF-03E0-4198-8687-0C38FD8C3DCF}" = lport=445 | protocol=6 | dir=in | app=system |
 "{A71FD2DA-870C-412F-A9C3-D1AD4959C2BB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
 "{AD779245-AA4D-4F0C-AC5E-D3E702FBAD70}" = lport=2869 | protocol=6 | dir=in | app=system |
 "{B2EEED42-722C-4174-89DF-084C43445899}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
 "{B81A0BCA-766F-4894-99CF-1F96755066F4}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
 "{BA9F3163-4C70-4F48-8502-1A4B5A886021}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
 "{C29BBF9C-2BED-42EE-8364-4C57844B93EF}" = rport=10243 | protocol=6 | dir=out | app=system |
 "{C797A11A-7165-4073-9257-EBE1EC721AD6}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
 "{C8FC3958-7EE5-44EF-86E0-5C31FEB19B72}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
 "{CF0CEDE3-DE33-45AC-A1D5-C93FCBD1071A}" = lport=137 | protocol=17 | dir=in | app=system |
 "{D2E4F679-0B28-4195-849D-485E7FAD700D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
 "{D8667390-8B74-44A1-9454-2A63D62983CE}" = rport=139 | protocol=6 | dir=out | app=system |
 "{DA0AB206-0A58-4A92-BE60-C8A5655F2620}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
 "{E66494A4-7740-4A77-801B-60EBDC58CC54}" = lport=10243 | protocol=6 | dir=in | app=system |
 "{F3610ABE-A81F-41D5-8BDB-C089E3078426}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
 "{F3D669C9-776A-4513-B65C-97FBA09091AF}" = lport=138 | protocol=17 | dir=in | app=system |
 "{F6122469-F483-49BD-B5E0-3D5C02A2D462}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
 "{FE966347-890B-42A9-AB22-EECD7E1F13E5}" = rport=137 | protocol=17 | dir=out | app=system |
 
 [color=#E56717]========== Vista Active Application Exception List ==========[/color]
 
 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
 "{00F8568F-A616-49B6-8382-A5F2502E1674}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\eye\eye.exe |
 "{045FB9BF-1058-470C-9D6E-66DD791249A2}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
 "{0478195B-47C4-4A20-BF52-199738C134B9}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\counter-strike global offensive\csgo.exe |
 "{04C9CC23-29D9-48F8-BF76-3D311EBB10F4}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\123kickit\123kickit.exe |
 "{0520B5E2-B38C-4D81-AE90-B744319DA91D}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
 "{06D0104B-C96B-4E91-9DF3-0C0159EC5334}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\cargo commander\cargocommander.exe |
 "{072C8CBD-D74A-4B62-987D-62E2EEFA4F86}" = protocol=17 | dir=in | app=f:\gry\hearthstone\hearthstone.exe |
 "{0983B39C-881F-4B52-B6E8-3C83D4E0AB9B}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\counter-strike global offensive\csgo.exe |
 "{09B54D6D-FAFA-4ABF-AF92-D97EEA93FBF8}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\might & magic - duel of champions\game.exe |
 "{0A381E3F-5DD7-4A85-B38C-9A2ED03AA9CC}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
 "{0AE56429-129C-4DA2-AAC9-382C72B60018}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\server.exe |
 "{0B84CE12-1092-4376-89E8-D8F0D89139A8}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
 "{0BDB6BA2-5429-4632-80C9-C957E1746BC4}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
 "{0BE003FB-8FC0-455F-81A9-E9AC3C59EA5C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
 "{0D81405D-3A51-499F-B062-C8D26BDBE92E}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
 "{0DD847CE-5862-4B0D-AF04-AF3608E6D1AF}" = protocol=17 | dir=in | app=c:\users\traveler\appdata\roaming\spotify\spotify.exe |
 "{0E2669D2-238C-4416-B2DD-5031FC3534D9}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\metro 2033\metro2033.exe |
 "{0F0861EB-5133-40F8-A881-6573E51680F2}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\the binding of isaac\isaac.exe |
 "{0FC70D4C-BE6F-4539-AC21-B1C5F3E9A00F}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
 "{0FE150B2-0DDE-40ED-B98F-D947320B8C5C}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
 "{12004D6A-0F10-463B-9C0F-515B944D7816}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
 "{14EC54A3-CA3C-401A-878F-A1BE8BE46A8F}" = protocol=6 | dir=in | app=d:\autodesk 3ds max\3ds max 2014\nvidia\satellite\raysat_3dsmax2014_64server.exe |
 "{1627D75E-C4C3-4139-A7FD-478C07833BC9}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
 "{164A89E4-0DEA-44A8-9542-6D7DA78CFC6F}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\portal 2\portal2.exe |
 "{16FEC46D-856C-4EF6-9015-39A363549A2B}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\counter-strike global offensive\csgo.exe |
 "{17015459-B1F0-41AC-A2AB-7B348F266544}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
 "{17B45E0D-30E6-47F4-85C9-856D3D2E8B70}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\eye\eye.exe |
 "{18D1C334-7AD2-413A-AB54-D6968B41C08F}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
 "{1A6DB263-355B-4066-B3E6-7FC9811FEBCF}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
 "{1AD9C7D8-43A7-4FBD-B84B-CF714084E0C1}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\manager.exe |
 "{1B8223D3-9EEA-40A7-A591-CF9C7D1EB261}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2638\agent.exe |
 "{1C3B106A-885A-4D1F-B4E9-EDD7E294CA08}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\dota 2 beta\dota.exe |
 "{1C52BC9F-3CCF-45BB-99B4-036C5C253007}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
 "{1C983F4A-61B5-401D-9417-928AF57011B0}" = protocol=17 | dir=in | app=e:\gry\assassin creed 3\ac3mp.exe |
 "{1E187CA6-9EBE-4B3A-A348-E50453FCCCB9}" = protocol=6 | dir=out | app=system |
 "{1E32632E-4EA7-44B5-84E9-209326706088}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
 "{1E7F77EA-5B37-41BF-812E-110E51648C4C}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\counter-strike global offensive\csgo.exe |
 "{1EF92241-8CB2-45B5-B637-64F02DAA8999}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\metro 2033\metro2033.exe |
 "{1FC9B45A-4A62-4994-92AB-836FC2E5CFBA}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
 "{1FFC1986-EC53-4E0F-A5E6-4F37249C0645}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\team fortress 2\hl2.exe |
 "{24951873-5C4A-483A-A94D-DA98461BA985}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\dota 2 beta\dota.exe |
 "{24CA3CA7-E786-4414-822A-1ADDA831D111}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\titan attacks\titanattacks.exe |
 "{25615032-C4E2-4FA4-A085-4C7E3457B705}" = protocol=17 | dir=in | app=c:\program files (x86)\openvpn\bin\openvpn.exe |
 "{25FF407B-D66A-40AD-8EA1-FFD26714B35A}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
 "{27F1AAFF-B374-4C01-8CF9-9B71E54C2C14}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2581\agent.exe |
 "{281917D8-7CAA-4B88-9305-F9ED244F2872}" = protocol=6 | dir=in | app=c:\users\traveler\appdata\roaming\utorrent\utorrent.exe |
 "{29129E85-68DF-4F01-BE05-306DFB46060E}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\terraria\terraria.exe |
 "{291E1EA6-4FAD-4152-AFDF-056A49053B4B}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\alan wake\alanwake.exe |
 "{2B18C1A6-0FA4-4335-A934-F349AFFA445F}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\path of exile\pathofexilesteam.exe |
 "{2B4EA4F5-C29A-4E91-B388-3F71A590A3C1}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\dota 2 beta\dota.exe |
 "{2BB2A914-E750-478C-BA9E-877AAA92C6F9}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
 "{3166D7BE-2D5A-4283-A299-FC1972676D89}" = protocol=17 | dir=in | app=d:\autodesk 3ds max\3ds max 2014\nvidia\satellite\raysat_3dsmax2014_64.exe |
 "{316A36CA-FF0E-44CB-ADCE-5C006322F518}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\dota 2 beta\dota.exe |
 "{333C5851-B7A1-401E-99AC-35EC532C4739}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
 "{335787E7-02E5-40D4-B7D6-7872DD8E9524}" = protocol=6 | dir=in | app=e:\gry\assassin creed 3\ac3sp.exe |
 "{33625709-66B7-4D00-8187-3B95FBF9D62E}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\limbo\limbo.exe |
 "{343C6AB8-2029-4E8A-ACC0-EA60EA9D0B27}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
 "{345F832F-E86E-47C6-8940-A495CF46719F}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\path of exile\pathofexilesteam.exe |
 "{3470914B-2D40-48E2-9F46-B40D7B495254}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\team fortress 2\hl2.exe |
 "{3470A51F-5F7A-489B-97C1-88E3D5807645}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\bit.trip runner\runner.exe |
 "{349B9D17-1823-4AE3-80C7-3F206733EF0E}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2581\agent.exe |
 "{34A498EE-E87F-4E36-9C22-B80497F0CB65}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\team fortress 2\hl2.exe |
 "{363E1CEF-80D0-489F-B1C2-7D5EA2EBDF85}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
 "{37E141E2-DFF1-434B-A562-2281910F46D1}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\dota 2 beta\dota.exe |
 "{38A1BD74-CC38-4EE0-BF09-B1E8B2D71083}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
 "{3A939DA8-70C8-4E9D-8FA3-DF319ADEF2CF}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\dota 2 beta\dota.exe |
 "{3C12B912-5CBA-4E30-9C3C-254CAC33F81C}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\jamestown\jamestown.exe |
 "{3C17D66B-43E3-499D-9DA4-8AB825E3E6B0}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
 "{3DC14A7F-4648-4543-BAC8-6B726A361798}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe |
 "{3E4AA096-31B7-4A47-ACBE-20C51A3718CA}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
 "{3F804350-334B-4B86-A877-3EC36E8F4101}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2638\agent.exe |
 "{403ADE2E-1EFA-481B-B49A-A73BA2AFDD88}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\team fortress 2\hl2.exe |
 "{408C01A0-2B7C-478E-9085-3C14357C43F0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
 "{40A17301-7B4A-44DE-8ACB-C6C6E926A719}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\team fortress 2\hl2.exe |
 "{40B06251-E301-44C3-8C92-872D07C4BF50}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
 "{418D25E5-B806-4A86-8805-0DA1B290D5BA}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
 "{420920AA-4676-41D1-A250-CB65ED1D9783}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\dota 2 beta\dota.exe |
 "{429FD814-8481-4473-8BF2-11EDCC61FDAB}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\monitor.exe |
 "{460D91A0-5327-4F00-AA13-7E0327C2C3EC}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
 "{47EADC57-923C-4D57-9523-7CC7DA9DAEFF}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\dota 2 beta\dota.exe |
 "{4818307A-3D88-4C03-8D65-FB2A789E0B3B}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\123kickit\123kickit.exe |
 "{493A8540-2767-46F3-94F1-49907F3DBE0A}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\magicka\magicka.exe |
 "{49C373CF-8EBD-4555-ABAB-ADDA5B63E9F2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
 "{4C49AA41-0C0B-456C-BEC1-A9C12D779EAB}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
 "{4C7924D0-2873-43CC-A078-27302FCB2EDD}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\spelunky\spelunky.exe |
 "{4C852A63-A19C-4039-96E6-D69578776F57}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\team fortress 2\hl2.exe |
 "{4C856771-1285-4D3B-8CC9-D0D5830DF2B6}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe |
 "{4D5275D1-D825-40F8-A6E9-8E7E6A2672AA}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\dota 2 beta\dota.exe |
 "{4E3D9BF7-B1EF-4618-A16E-B87AF4B512C0}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\titan attacks\titanattacks.exe |
 "{4E5F16DB-3866-4E1A-B9CF-CEE755F77DB4}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
 "{4EF7079F-9C47-4681-B4A8-E1BB5BF0982C}" = protocol=6 | dir=in | app=f:\gry\steamapps\common\sanctum2\binaries\win32\sanctumgame-win32-shipping.exe |
 "{50378406-AD5B-4E15-99F7-B14584F3803B}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\dota 2 beta\dota.exe |
 "{51665BE9-2361-4750-9A29-0BB3CBD5F8E5}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\dota 2 beta\dota.exe |
 "{51CD47F2-7E72-48DF-B631-F1023C686A58}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\blodytraveler\counter-strike\hl.exe |
 "{52488645-827D-4757-BFB4-70333498ED47}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\thief\binaries\win64\shipping-thiefgame.exe |
 "{52C45FFF-E18F-419D-A824-F83F7FED67EC}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
 "{538C9023-4D8D-438B-93B4-4E3BF86482F7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
 "{55921E84-4CBD-4F8B-A029-732BFF684711}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
 "{55D3D37B-A2F1-46D3-8562-B76215F611C0}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\dota 2 beta\dota.exe |
 "{57C120C2-A368-4A1B-9398-4EE741C31080}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\dota 2 beta\dota.exe |
 "{58164C25-F1C6-48A0-BE82-A648C31624CE}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\magicka\magicka.exe |
 "{59FBB9DC-F85A-400D-A328-ECD1DFB385C8}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\counter-strike source\hl2.exe |
 "{5A03E239-DC18-463F-A1A9-BE3D2F8FACE7}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
 "{5A565B4E-6CAF-4FC6-9303-14FE924A96ED}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
 "{5ADD91D6-5044-459F-A95A-BBA2303183F4}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\path of exile\pathofexilesteam.exe |
 "{5C08CD0C-AE7B-4C8F-BE8F-F90777584F78}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
 "{5C0E7B11-4893-45EF-896A-2432BE41567D}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
 "{5C3F93DC-2B28-40B8-B1FD-21EC052132A6}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\dota 2 beta\dota.exe |
 "{5C5FEE17-0CC8-436F-BCE3-09D8A514E3B4}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\blodytraveler\counter-strike\hl.exe |
 "{5C82EF6B-F524-4A97-9094-BC8CA43BDC15}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
 "{5CC5E22D-B3CE-4521-91EB-E4DF029106E2}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
 "{5D1D3115-9918-4F38-8B11-C7CE6A34DECE}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\titan attacks\titanattacks.exe |
 "{5D80DC6A-53D0-4F57-B35C-40D6DC91C685}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
 "{5DBB7A2F-7354-4578-995D-CEC107A3DD01}" = protocol=6 | dir=in | app=h:\gry\steam\steam.exe |
 "{5DFD7E4F-A269-42E7-8EA5-124D442675A2}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
 "{5E02FC03-2A0D-4B1C-8C89-31CED97F9514}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\counter-strike global offensive\csgo.exe |
 "{5E9C6121-0575-4E8E-BF52-ABDB51C8194C}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\bit.trip runner\runner.exe |
 "{5F36059C-234D-44AB-9B56-4A925DE261CE}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\torchlight\torchlight.exe |
 "{5FA75DC6-B4E4-41DD-9796-C7D0702EDD60}" = protocol=17 | dir=in | app=e:\gry\assassin creed 3\assassinscreed3.exe |
 "{603A1ED5-D89D-4395-BC5C-56CE7CE91E92}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\counter-strike global offensive\csgo.exe |
 "{608C50D4-4754-467F-8D72-6A5BF1A4229E}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
 "{60AC003B-A914-4CDD-94C7-2CC974DD598F}" = dir=in | name=blokadayt |
 "{616A4C91-C05E-439E-83AF-29D64408D469}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\path of exile\pathofexilesteam.exe |
 "{61DD8973-6BF1-49DA-9A1C-9907B5A837C3}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\counter-strike global offensive\csgo.exe |
 "{63309E4B-25AB-4DDF-82E7-3CD016B8FC16}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
 "{63B7B0F9-8B20-4CE4-AD50-8905122C97D2}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\dota 2 beta\dota.exe |
 "{642FA015-4E04-425B-8FAF-FA7938F858EC}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
 "{6650C1CD-A11C-44B5-BBAF-55AAC2109025}" = protocol=6 | dir=in | app=c:\program files (x86)\openvpn\bin\openvpn.exe |
 "{66A21912-3D92-428F-AD9D-DA511F0C942E}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\manager.exe |
 "{696D805B-9F04-48A6-A42D-499063225007}" = protocol=17 | dir=in | app=c:\users\traveler\appdata\roaming\spotify\spotify.exe |
 "{6A0A090B-71EE-4D7F-9922-9A7867B912E3}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\trine 2\trine2_launcher.exe |
 "{6A823895-C700-40D0-9CC3-6BCA7C112CCC}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\dota 2 beta\dota.exe |
 "{6DDC3813-25C4-4276-859F-FE3A2C079085}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\portal 2\portal2.exe |
 "{6FB0015A-91E9-4ACA-A415-E897418F1D2B}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\dota 2 beta\dota.exe |
 "{7009B4BC-2ECE-4398-90A9-FBA0C6FF8045}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\counter-strike global offensive\csgo.exe |
 "{7086293E-32BB-431F-B942-6D4D9F0A8AB4}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
 "{70F06249-20BC-4009-8361-92268F4EB403}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
 "{7263F145-042A-4782-9585-82FD9CF48AB1}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
 "{7297DE36-D5AA-42EC-993A-407C75158862}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\mark_of_the_ninja\bin\game.exe |
 "{746B7ECC-E4E4-4332-AE53-DD0E6B0B2EC1}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
 "{75A58CF6-1543-47DD-AA93-A5C932FB0A92}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\might & magic - duel of champions\game.exe |
 "{75BB251D-4E21-4AC8-94A8-67A11A33306A}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
 "{765C9C4E-D652-4DA3-A632-CFEA4C003DDA}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\path of exile\pathofexilesteam.exe |
 "{76BC80B0-36AF-4FB1-8DCE-6E2D181701A9}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\thief\binaries\win64\shipping-thiefgame.exe |
 "{76D28052-B920-45F5-AF9C-97EA6D8D7422}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\monitor.exe |
 "{779AAC6C-5FD3-438A-A6A9-4EC24A482D9B}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
 "{78CF1004-1D55-4021-8B59-D4FFF014816C}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\dota 2 beta\dota.exe |
 "{78F018C5-A702-4776-A9AD-70D2C224DA20}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
 "{792EFF80-DEBA-4C96-BD5D-135ADB808ADF}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\terraria\terraria.exe |
 "{79AB0FEF-5DAA-4D56-90A1-B4C0A74D00B5}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\path of exile\pathofexilesteam.exe |
 "{7ACA905A-CAE1-46BB-A9E1-48C88B06DFCA}" = protocol=6 | dir=in | app=f:\gry\starcraft ii\starcraft ii.exe |
 "{7AD4CF79-B6AF-451D-8742-9590B7C089D0}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\path of exile\pathofexilesteam.exe |
 "{7B7CAE52-EA71-4686-BF61-1970AB246809}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
 "{7C03B003-06A1-4BD0-9720-C9260A6F30EF}" = protocol=17 | dir=in | app=e:\gry\assassin creed 3\ac3sp.exe |
 "{7CA4B678-66D8-4383-AF6F-0EB0C03E4A04}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
 "{7CD45094-40EC-443A-BCF7-2B61DBE08D00}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
 "{7DDF7B02-5B54-491F-BEA4-7E7E2DB428E7}" = protocol=17 | dir=in | app=f:\gry\starcraft ii\starcraft ii public test.exe |
 "{7DE7CAF9-6E98-41BF-B8FE-9AE202BA33E0}" = protocol=17 | dir=in | app=h:\gry\steam\steam.exe |
 "{80781D1C-76AB-4FC2-A0EE-16E1FB1035F9}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\super meat boy\supermeatboy.exe |
 "{80AAC189-7E6C-45EA-BB74-13A76FE0879E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
 "{81DB63B1-BCEE-4A18-A857-0A4618924E79}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
 "{824E7C71-F682-49DF-8063-87C521D71B3D}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\mark_of_the_ninja\bin\game.exe |
 "{82C03DE8-BE98-4FC9-9503-E15E8A00C412}" = protocol=6 | dir=in | app=d:\autodesk 3ds max\3ds max 2014\nvidia\satellite\raysat_3dsmax2014_64.exe |
 "{852CA690-E18B-42B1-9C15-B8499AE4997A}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
 "{882DA0E0-5620-4A11-903C-7CC5CF1800C0}" = protocol=6 | dir=in | app=e:\gry\assassin creed 3\assassinscreed3.exe |
 "{89E91983-8E2E-491E-9E0B-63A14582B354}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\dota 2 beta\dota.exe |
 "{89FCD3C9-1CFE-4A4E-8690-6C0240295443}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2680\agent.exe |
 "{8A00EA8F-1BAC-4C1A-B9A4-1F0D8E177CF2}" = protocol=17 | dir=in | app=e:\gry\league of legends\league of legends\lol.launcher.exe |
 "{8ABF2798-186F-450F-8189-8FCE15C8C172}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
 "{8C044C90-96E6-438C-9072-F84D69A76009}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
 "{8D562A75-2BB2-426E-8645-FAA8A10EDA44}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\counter-strike global offensive\csgo.exe |
 "{8D981C38-C423-4B05-93E8-60FD07AD6AAC}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
 "{8DC773C9-16D4-41A8-98E2-25216700A3CE}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
 "{8E536D5A-B6A1-4562-A2A3-30B864F2F1D7}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\blodytraveler\half-life\hl.exe |
 "{8F95555D-421F-4D17-9485-60D830CF5040}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\team fortress 2\hl2.exe |
 "{8FA5C8B0-4FCE-480A-9FD6-5B694399A93A}" = protocol=17 | dir=in | app=d:\autodesk 3ds max\3ds max 2014\nvidia\satellite\raysat_3dsmax2014_64server.exe |
 "{9079FCB4-977D-465B-97F0-A05AB295DA3E}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\half-life 2\hl2.exe |
 "{915E6996-9CB1-4AF0-A7B9-E18C3736B255}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\dota 2 beta\dota.exe |
 "{923E88C7-36AF-4685-975E-E935667A35F9}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
 "{94254F85-656D-4764-B926-DE02870340A2}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\123kickit\123kickit.exe |
 "{94E47F56-51A3-443F-A73C-93D956D21040}" = protocol=6 | dir=in | app=f:\gry\starcraft ii\starcraft ii public test.exe |
 "{9531E10A-480A-4934-ACC4-28350D2D4AA7}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
 "{968FF8EF-2466-429D-B776-8C4BA978EE91}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
 "{98148271-DA36-453B-A4A2-69650E6D2983}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\spelunky\spelunky.exe |
 "{996BE42F-AE59-4E57-AC2F-2F61691008DB}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\titan attacks\titanattacks.exe |
 "{9B61AF0A-C3C9-414E-AAF4-524464A6FD5D}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\dota 2 beta\dota.exe |
 "{9C082BDE-B111-4C0A-A967-8D13272B5A0A}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\path of exile\pathofexilesteam.exe |
 "{9DB80DD3-090B-409D-99CE-CF305CF0ED9E}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\dota 2 beta\dota.exe |
 "{9DC51B62-EC4B-4F9E-BAE4-7BEEF4C08E39}" = protocol=6 | dir=in | app=f:\gry\hearthstone\hearthstone.exe |
 "{9E4681E0-4A40-463E-8AB8-88637A9E4DA6}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\dota 2 beta\dota.exe |
 "{9EAFFED8-78A1-4984-BAA2-2C0FA452C667}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\cargo commander\cargocommander.exe |
 "{9F1833F4-EB63-43E8-A5C7-955B3155E4B2}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\path of exile\pathofexilesteam.exe |
 "{A08D3BDF-0829-40B1-A589-96E971F472C2}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\dota 2 beta\dota.exe |
 "{A0A0F23D-3152-4286-9C07-55E70478CF24}" = protocol=6 | dir=in | app=c:\users\traveler\appdata\roaming\spotify\spotify.exe |
 "{A0F17C59-8E44-49F6-9CE1-34013E397DCE}" = protocol=17 | dir=in | app=f:\gry\steamapps\common\sanctum2\binaries\win32\sanctumgame-win32-shipping.exe |
 "{A150406F-64E1-48FA-850C-9F2B825CA09B}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
 "{A2912320-9484-45F8-B876-F3DE9A8FDEDA}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\server.exe |
 "{A3845591-D577-44F2-AD6C-10BE605486A5}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\limbo\limbo.exe |
 "{A56C7054-541B-4E4C-B773-AC0EB516C786}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
 "{A5F590BD-B945-4F72-8169-4E9A38939473}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
 "{A952D89E-B2B0-496A-822F-E68A565C4FF8}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\titan attacks\titanattacks.exe |
 "{AB238C25-B25E-4634-8906-87BE3D247302}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\trine 2\trine2_launcher.exe |
 "{ABC9C99F-8D02-49E3-9434-41AEEB79332B}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
 "{AD8F130F-F7CE-4DFB-A978-47E77A059348}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\path of exile\pathofexilesteam.exe |
 "{AF8F7BF7-BBD5-4ECF-B163-FC6E840C3BFA}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
 "{B06BDB06-ACF0-4BCE-B347-1A2C787F30F1}" = protocol=6 | dir=in | app=e:\gry\battlefield 3\battlefield 3\bf3.exe |
 "{B0E0CAB7-9F0D-4854-B33B-02774778FB47}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
 "{B16CBE96-AA09-4A25-920B-1A4F760E47C2}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\blodytraveler\half-life\hl.exe |
 "{B2B3610C-9510-41BB-B0EA-75277BFF29CF}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\dota 2 beta\dota.exe |
 "{B32DF6E3-5CB5-4DE8-9DCE-DF7723E7E49B}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
 "{B3A11509-AD05-42BC-92B2-E5CD9B03AADA}" = protocol=17 | dir=in | app=c:\users\traveler\appdata\roaming\utorrent\utorrent.exe |
 "{B49D0784-6F29-4914-87FA-A8C92D2D99BE}" = protocol=6 | dir=in | app=e:\gry\assassin creed 3\ac3mp.exe |
 "{B5F1F3F9-28FC-43AD-ABB6-8AFC09883B5C}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\jamestown\jamestown.exe |
 "{B73E4862-9B65-4F25-97F0-4221854AD019}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
 "{B7C38F55-6C80-46FB-8548-CCA5EC43D979}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
 "{B7FCF97B-574A-41E5-AD9C-2B033D8DED62}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\portal 2\portal2.exe |
 "{B9E43DDE-A963-49F9-BD6A-128BC4FCB19C}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2689\agent.exe |
 "{BA1C04A5-7D7C-4DA1-99DD-C5F2EC45001B}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
 "{BDA4F192-1BB7-4BA3-9CC6-D2D1F8CAF816}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\electronicsuperjoy\electronicsuperjoy.exe |
 "{C1C6F41A-48BC-49BC-82A2-B83D8E4F9BD0}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\dota 2 beta\dota.exe |
 "{C33A03B7-AD26-4994-8F17-4913DE577C9E}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\counter-strike global offensive\csgo.exe |
 "{C47C87F2-8C3F-461B-BB8E-2126D1D80DBB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
 "{C57F5B5F-7998-4D63-BD8B-C324511D9DA3}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\half-life 2\hl2.exe |
 "{C5FA302F-343D-4A7F-AD78-F2B865982653}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\123kickit\123kickit.exe |
 "{C620B959-68A0-484F-B449-F1DDE7DB0A37}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
 "{C67CE6E1-28C4-4188-9BB0-79DCB7D91527}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2680\agent.exe |
 "{C67EA651-CC71-4A75-8864-D4913B354C8C}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\portal 2\portal2.exe |
 "{C8F2213A-040C-43C4-A3AE-EA300F73490E}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\counter-strike global offensive\csgo.exe |
 "{C974D703-3A14-48F6-B752-66345F1B1764}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\titan attacks\titanattacks.exe |
 "{C9E6DC6E-9CBF-420B-B9CE-0C9A57AFFA68}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\trine 2\trine2_launcher.exe |
 "{CA242323-C45C-409D-8C6D-C856ABCF1663}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
 "{CACE3C89-9824-482C-B58C-421CB46527DC}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\might & magic - duel of champions\game.exe |
 "{CDDD6A1B-DED2-44A0-A425-03AF93561BF2}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
 "{CDF5D132-6796-4BA0-80B6-8027E95BAE8A}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\team fortress 2\hl2.exe |
 "{CE128873-0F23-4CF2-9600-9CF7AA725A80}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\dota 2 beta\dota.exe |
 "{CEC8F09C-F7B8-47AA-9B1B-A8BE71F3A675}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\trine 2\trine2_launcher.exe |
 "{CF167AC0-33D5-4B99-BC3C-FB2854656A5F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
 "{D02AD5A0-232E-44F5-9EEC-E8333CD57A33}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
 "{D069083D-073D-4FA5-9CA5-2E620F97CB99}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
 "{D4D7A61F-EED3-4FD3-B317-FDACC37C1EF9}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
 "{D6F0E647-3262-4E1A-81F7-879E568441FC}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2689\agent.exe |
 "{D79BEAED-862D-4CDC-8768-D3F855A51DE3}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
 "{DA83907E-BE6C-42D9-ABB1-C695295B9D02}" = protocol=17 | dir=in | app=f:\gry\starcraft ii\starcraft ii.exe |
 "{DDC4BB55-8745-4AD7-9C2C-6E4011A77CD8}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2717\agent.exe |
 "{DE1C63A7-CEF0-41A4-85CD-AD89BDC108E3}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\electronicsuperjoy\electronicsuperjoy.exe |
 "{E070B88B-FB32-44FD-B5D3-7280756A3E04}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\dota 2 beta\dota.exe |
 "{E154B07A-9D3D-4BA1-A504-6A2C8FCC03E9}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\torchlight ii\torchlight2.exe |
 "{E263989D-4C74-40FE-A46E-EC93A8B61C66}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
 "{E3990B84-4FCF-46C1-A568-0B9B6E4F3949}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\alan wake\alanwake.exe |
 "{E42871B7-8FF9-4744-A6F1-532988474600}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\counter-strike global offensive\csgo.exe |
 "{E5592A6C-ED09-4EE2-8727-1026F12311C5}" = protocol=6 | dir=in | app=c:\users\traveler\appdata\roaming\spotify\spotify.exe |
 "{E578E8C8-2D40-487D-A96D-7C2836D99ADA}" = protocol=17 | dir=in | app=e:\gry\battlefield 3\battlefield 3\bf3.exe |
 "{E5D3E943-54C3-4225-B41B-340DB67B8491}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
 "{E6D7C1F3-594C-46DE-8A2E-55E5F896B3D3}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2717\agent.exe |
 "{E6F8A5F2-6E62-4AD4-8721-BAD167DD9A1E}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\torchlight\torchlight.exe |
 "{E81605F0-AF0C-4EBD-B693-AB0D0CA2F9D3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
 "{E9A07AE9-1010-41C1-BC4B-9CE83E3EA1E6}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\torchlight ii\modlauncher.exe |
 "{EABA3E1F-E98F-4A3D-AB11-38DC541BD17A}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\torchlight ii\torchlight2.exe |
 "{EB333181-2E86-4F56-9999-E9B56AED4C4A}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
 "{EBD74185-0148-44BD-8A65-31A568128066}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
 "{EC21E22E-1018-41C0-8545-55DB968B53A4}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\team fortress 2\hl2.exe |
 "{F2021DD0-46DD-45AF-A6D9-D559F74C8AD0}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
 "{F33159C8-72DB-467E-951D-26EE452EEBD4}" = protocol=6 | dir=in | app=h:\gry\steam\steamapps\common\counter-strike source\hl2.exe |
 "{F6798E72-84FD-4FE1-98BC-AB2DCD337405}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\super meat boy\supermeatboy.exe |
 "{F823A681-6B40-4B77-B308-E59FA69CED55}" = protocol=6 | dir=in | app=e:\gry\league of legends\league of legends\lol.launcher.exe |
 "{F9144852-06BF-4FF6-883C-57F0C06D8CCA}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
 "{FA71D507-A5E0-4DAA-B987-C0C1D91C04EB}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\might & magic - duel of champions\game.exe |
 "{FBB691E6-3E57-4EE3-A4CE-69121AE0F847}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
 "{FC5B2101-4F52-4F85-8236-BE2DEFD858F3}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\team fortress 2\hl2.exe |
 "{FC7AA6F7-FC33-4891-9B5F-8E0C0014F885}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\the binding of isaac\isaac.exe |
 "{FCCB46B5-4BEB-45D4-A524-EF69CCC9E25D}" = protocol=17 | dir=in | app=h:\gry\steam\steamapps\common\torchlight ii\modlauncher.exe |
 "TCP Query User{07D0F8DD-F922-44B4-A99B-F8D0C869F8C0}C:\program files (x86)\openvpn\bin\openvpn.exe" = protocol=6 | dir=in | app=c:\program files (x86)\openvpn\bin\openvpn.exe |
 "TCP Query User{1E2AAFCE-EF1D-4EF9-B062-10175E8EE5A9}C:\program files (x86)\xfire2\xfire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\xfire2\xfire.exe |
 "TCP Query User{1E31D260-66BE-4738-BDB1-A895F4BD98AD}E:\gry\duel of champions\mmdoc-pdclive\gamedata\game.exe" = protocol=6 | dir=in | app=e:\gry\duel of champions\mmdoc-pdclive\gamedata\game.exe |
 "TCP Query User{4A9B6374-6C7B-4EED-8CC3-8647385E97D9}C:\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=c:\guild wars 2\gw2.exe |
 "TCP Query User{764CCB57-4EBD-4CD5-A929-9E37436C95E9}C:\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=c:\guild wars 2\gw2.exe |
 "TCP Query User{7AF90C53-B114-4E24-BF72-7C23DFEE6932}C:\program files (x86)\bitcoin\bitcoin-qt.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bitcoin\bitcoin-qt.exe |
 "TCP Query User{B717A842-7FA0-4189-ACDA-A2685F39AF11}C:\program files\jdownloader 2\jdownloader 2.exe" = protocol=6 | dir=in | app=c:\program files\jdownloader 2\jdownloader 2.exe |
 "TCP Query User{D3454512-D57F-4E62-AD71-0F6E568E6F89}C:\program files\common files\i4j_jres\1.6.0_30\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\common files\i4j_jres\1.6.0_30\bin\javaw.exe |
 "TCP Query User{EA348729-3C08-4EBB-B104-B1EAB2CDEC26}E:\gry\duel of champions\mmdoc-pdclive\launcher.exe" = protocol=6 | dir=in | app=e:\gry\duel of champions\mmdoc-pdclive\launcher.exe |
 "TCP Query User{F0D54B0F-2BF0-4427-BFED-DEAD2BB5CE63}C:\program files (x86)\bitcoin\daemon\bitcoind.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bitcoin\daemon\bitcoind.exe |
 "UDP Query User{4D846A6F-A1AF-427A-9682-252B573D344A}C:\program files\jdownloader 2\jdownloader 2.exe" = protocol=17 | dir=in | app=c:\program files\jdownloader 2\jdownloader 2.exe |
 "UDP Query User{780BCEA4-70F2-4C30-ADC5-0E531C9EC631}E:\gry\duel of champions\mmdoc-pdclive\launcher.exe" = protocol=17 | dir=in | app=e:\gry\duel of champions\mmdoc-pdclive\launcher.exe |
 "UDP Query User{7B7E2652-A2DD-4119-A8D5-70508384DDA6}C:\program files\common files\i4j_jres\1.6.0_30\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\common files\i4j_jres\1.6.0_30\bin\javaw.exe |
 "UDP Query User{81955BC1-4AE4-4765-8BCB-815FB7488B02}C:\program files (x86)\bitcoin\daemon\bitcoind.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bitcoin\daemon\bitcoind.exe |
 "UDP Query User{C00109D3-3385-47DE-BD72-1A4BEBD8228D}E:\gry\duel of champions\mmdoc-pdclive\gamedata\game.exe" = protocol=17 | dir=in | app=e:\gry\duel of champions\mmdoc-pdclive\gamedata\game.exe |
 "UDP Query User{D3869507-86DD-4001-8CCB-2B59DD62102F}C:\program files (x86)\bitcoin\bitcoin-qt.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bitcoin\bitcoin-qt.exe |
 "UDP Query User{DAD3E790-965D-407D-AF9C-8CB45D0840FE}C:\program files (x86)\openvpn\bin\openvpn.exe" = protocol=17 | dir=in | app=c:\program files (x86)\openvpn\bin\openvpn.exe |
 "UDP Query User{F8B7E6DD-79A9-4FF2-8B11-FB866A8E3ECF}C:\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=c:\guild wars 2\gw2.exe |
 "UDP Query User{FF16EA8C-CC70-4CFE-BDDB-F6762434C190}C:\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=c:\guild wars 2\gw2.exe |
 "UDP Query User{FF4CC8A5-7DE5-45E7-96B3-ABFFBAE258C1}C:\program files (x86)\xfire2\xfire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\xfire2\xfire.exe |
 
 [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
 "{009751C6-22D7-4548-A313-AD48FA57076F}" = Autodesk Inventor Server Engine for 3ds Max 2014 64-bit
 "{04054166-0801-48A9-89E0-BC4B53FE7A81}_is1" = XBCD Uninstaller
 "{0BB716E0-1400-0610-0000-097DC2F354DF}" = Autodesk Revit Interoperability for 3ds Max 2014
 "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
 "{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
 "{308051DA-0048-7A07-FE8B-9B6EC119A9E8}" = AMD Catalyst Install Manager
 "{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
 "{45F1F774-38B4-3CC3-BAAF-051E6D19E48E}" = Microsoft .NET Framework 4.5.1 (PLK)
 "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
 "{4D2F05BB-228E-4081-B94C-50AD015EE462}" = Magic Bullet Suite 64-bit
 "{52B37EC7-D836-0409-0064-3C24BCED2010}" = Autodesk 3ds Max 2014
 "{5AAB972C-FF31-4B01-8445-50C42860EC02}" = Autodesk Composite 2014
 "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
 "{690285C2-2481-44FB-8402-162EA970A6DD}" = Logitech Gaming Software
 "{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
 "{7491836B-659E-47DD-ABBF-F875AD48FD10}" = Autodesk 3ds Max 2014 64-bit Populate Data
 "{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
 "{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
 "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
 "{87CEB7C0-1D35-11E2-8F19-F04DA23A5C58}" = Vegas Pro 12.0 (64-bit)
 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
 "{8AAA8780-1D35-11E2-A3A6-F04DA23A5C58}" = MSVCRT Redists
 "{8FC7C2B2-0F64-4B35-AA3D-2B051D009243}" = Autodesk DirectConnect 2014 64-bit
 "{90150000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2013
 "{90150000-0015-0415-1000-0000000FF1CE}" = Microsoft Access MUI (Polish) 2013
 "{90150000-0016-0415-1000-0000000FF1CE}" = Microsoft Excel MUI (Polish) 2013
 "{90150000-0018-0415-1000-0000000FF1CE}" = Microsoft PowerPoint MUI (Polish) 2013
 "{90150000-0019-0415-1000-0000000FF1CE}" = Microsoft Publisher MUI (Polish) 2013
 "{90150000-001A-0415-1000-0000000FF1CE}" = Microsoft Outlook MUI (Polish) 2013
 "{90150000-001B-0415-1000-0000000FF1CE}" = Microsoft Word MUI (Polish) 2013
 "{90150000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Korrekturhilfen 2013 - Deutsch
 "{90150000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English
 "{90150000-001F-0415-1000-0000000FF1CE}" = Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski
 "{90150000-002C-0415-1000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2013
 "{90150000-0044-0415-1000-0000000FF1CE}" = Microsoft InfoPath MUI (Polish) 2013
 "{90150000-006E-0415-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2013
 "{90150000-0090-0415-1000-0000000FF1CE}" = Microsoft DCF MUI (Polish) 2013
 "{90150000-00A1-0415-1000-0000000FF1CE}" = Microsoft OneNote MUI (Polish) 2013
 "{90150000-00BA-0415-1000-0000000FF1CE}" = Microsoft Groove MUI (Polish) 2013
 "{90150000-00C1-0000-1000-0000000FF1CE}" = Microsoft Office 32-bit Components 2013
 "{90150000-00C1-0415-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Polish) 2013
 "{90150000-00E1-0415-1000-0000000FF1CE}" = Microsoft Office OSM MUI (Polish) 2013
 "{90150000-00E2-0415-1000-0000000FF1CE}" = Microsoft Office OSM UX MUI (Polish) 2013
 "{90150000-012B-0415-1000-0000000FF1CE}" = Microsoft Lync MUI (Polish) 2013
 "{913923AB-3AAB-4870-8910-627C4CD82789}" = NetLimiter 3
 "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
 "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045" = Microsoft .NET Framework 4.5.1 (Polski)
 "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
 "{AEF57B06-B494-8180-AFC7-05EFB1DB2B64}" = ccc-utility64
 "{B192EDAC-25C7-408D-99A0-A23455F50E27}" = AMD APP SDK 2.9
 "{B69A7CBA-9139-7ACB-7564-4CD5D8C36E26}" = AMD Drag and Drop Transcoding
 "{BD1BCEF8-5CD6-D8ED-7D36-31C2172076EA}" = AMD Media Foundation Decoders
 "{BD90BC1C-115D-47E1-B85C-07AE182C3AB8}" = Smart Technology Programming Software 7.0.27.13
 "{CC36410B-5EAB-C255-FF28-E066F479DA89}" = AMD Wireless Display v3.0
 "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
 "{D9C50188-12D5-4D3E-8F00-682346C2AA5F}" = Microsoft Xbox 360 Accessories 1.2
 "{DC65DFD8-E175-4A85-948A-42965853B2E8}" = Oracle VM VirtualBox 4.3.6
 "{E8814D63-BB76-4C89-A25E-264ECF11D00D}" = Autodesk Essential Skills Movies for 3ds Max 2014 64-bit
 "{ED273D26-E354-1A5B-A0D0-CB5258D43BD2}" = AMD Wireless Display v3.0
 "{F9BE7B54-D322-43D6-83DD-CD132E4B8EEE}" = Autodesk Mudbox 2014
 "{FB562550-BBE6-4298-861A-5C0A6562C272}_is1" = Revo Uninstaller Pro 2.1.1
 "{FCC4426F-0296-D30D-729C-E76C8E7252C7}" = AMD Accelerated Video Transcoding
 "0630-0716-3135-7887" = JDownloader 2
 "Autodesk 3ds Max 2014" = Autodesk 3ds Max 2014
 "Autodesk Composite 2014" = Autodesk Composite 2014
 "Autodesk DirectConnect 2014 64-bit" = Autodesk DirectConnect 2014 64-bit
 "Autodesk Mudbox 2014" = Autodesk Mudbox 2014
 "Autodesk Revit Interoperability for 3ds Max 2014" = Autodesk Revit Interoperability for 3ds Max 2014
 "Blender" = Blender
 "C6DCA6D8EFAB374E8F91A705567555FF4DAF025D" = Pakiet sterowników systemu Windows - XBCD Project HID (16/05/2008 1.1.0)
 "CCleaner" = CCleaner
 "GIMP-2_is1" = GIMP 2.8.4
 "KLiteCodecPack64_is1" = K-Lite Codec Pack 9.7.0 (64-bit)
 "Logitech Gaming Software" = Logitech Gaming Software 8.46
 "Office15.PROPLUS" = Microsoft Office Professional Plus 2013
 "TeamSpeak 3 Client" = TeamSpeak 3 Client
 "Totalcmd64" = Total Commander 64-bit (Remove or Repair)
 "Virtual Audio Cable 4.10" = Virtual Audio Cable 4.10
 "WinRAR archiver" = Archiwizator WinRAR
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
 "{046B79EE-7ED3-37A4-621A-FE297EF484C2}" = CCC Help Greek
 "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
 "{065DBB54-6E55-A609-2E1E-F0617E827D53}" = Media Go Video Playback Engine 1.96.117.08260
 "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
 "{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}" = Razer Synapse 2.0
 "{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
 "{10CB5DDD-38E1-2EB2-F62C-C1948A99943E}" = AMD Catalyst Control Center
 "{1194740D-0DB8-A508-31BA-E722597B4516}" = Catalyst Control Center Graphics Previews Common
 "{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
 "{1D5A19F2-DC0D-43C3-BD43-E501AEF3424D}" = Futuremark SystemInfo
 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
 "{1FB16E3B-3AFB-46CB-6E83-2F5A0CF4ED16}" = Catalyst Control Center Localization All
 "{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10
 "{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
 "{24570B2F-3937-47F0-A16A-E82B480A7699}" = XSplit
 "{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 51
 "{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
 "{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
 "{2E3A81FB-7952-F8CB-9AD5-50544E2F4838}" = CCC Help Czech
 "{2F48C80C-3A76-495A-A4B5-C0CC946FEEBD}" = Autodesk Download Manager
 "{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
 "{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2014
 "{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
 "{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B12.0308.1
 "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
 "{4172E797-CE12-AC47-05B7-0E48BDB33E75}" = CCC Help Russian
 "{43ADAE00-A4ED-4379-A76D-A1FF5D9D334A}_is1" = Xfire 2.0
 "{4428AEE6-FA5E-2913-8D12-B410E85E11AA}" = CCC Help Spanish
 "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
 "{4DFF1415-4C29-44A8-BFD4-2BCE249C4991}" = SpPhones
 "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
 "{4FF1533E-FF2C-A04A-25DD-A8AEC6FA106B}" = CCC Help Chinese Standard
 "{51BF3210-B825-4092-8E0D-66D689916E02}" = Autodesk Material Library Base Resolution Image Library 2014
 "{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
 "{560F47F7-EB23-44B1-AAFC-667F1CD8FE5C}" = Sp5
 "{5AFD98DE-0AF5-497F-BE7E-F93DEDF74573}_is1" = PackBit Codec version 1.0.0.1Beta
 "{6071CB80-DABC-B10D-F244-7F410FB3B150}" = CCC Help Polish
 "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
 "{6343B6BA-F97F-B336-9ED8-FFD43776E84D}" = CCC Help Finnish
 "{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
 "{644F9B19-A462-499C-BF4D-300ABC2A28B1}" = Autodesk Material Library 2014
 "{6530FDAA-5B1F-4830-95BB-650E9804D239}" = UE3Redist
 "{6C3959C6-943E-44B3-BAAD-570B04B134E5}" = SpCommon
 "{6CDC43A5-83FD-42F2-A6C1-92BEC6A0698E}" = Razer BlackWidow Ultimate Firmware Updater
 "{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
 "{6F6873E3-5C92-4049-B511-231A138DD090}" = Kaspersky Internet Security
 "{70CB6C40-8DF1-11E1-BDCF-F04DA23A5C58}" = MSVCRT Redists
 "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
 "{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
 "{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
 "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
 "{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
 "{7A6C3344-5CF9-4B83-959C-6576C5B27D09}" = Media Go
 "{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX
 "{80D8170E-5590-4318-A9ED-E24E4C99A18C}_is1" = e-pity 5.0 za rok 2013
 "{81BF6353-3C5B-4E6E-A566-7E162A00BF72}_is1" = Wtyczka e-Deklaracje
 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
 "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
 "{8D3A11D0-D925-FA0F-43F3-242E49975CD2}" = CCC Help Danish
 "{8EF39A9F-6A57-9706-86A5-9312D9ED8016}" = CCC Help Portuguese
 "{92352C97-C657-DB89-5F3A-E8C3789D9C89}" = CCC Help Chinese Traditional
 "{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
 "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
 "{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
 "{95545E55-3309-1929-FF41-2908A9706742}" = CCC Help Turkish
 "{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
 "{9CA5F712-9CAA-B3CB-02D3-7134DFC8801E}" = CCC Help French
 "{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}" = Assassin's Creed (R) III
 "{A0633D4E-5AF2-4E3E-A70A-FE9C2BD8A958}" = Autodesk Material Library Medium Resolution Image Library 2014
 "{A128A816-FD3F-990E-DD80-E1735BD718AE}" = CCC Help Italian
 "{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
 "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
 "{A82EF4BC-81CB-4AC6-A3BE-3201BB8F53CF}" = Playfire
 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
 "{AC76BA86-1033-FFFF-7760-000000000006}" = Adobe Acrobat XI Pro
 "{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
 "{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
 "{AFC9ECA9-6A4E-1370-98F3-002B63B5AF8E}" = CCC Help Thai
 "{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS
 "{B5BE22C7-420A-5F14-A1B9-4AB3F3DE0A3E}" = Catalyst Control Center InstallProxy
 "{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
 "{B88F2045-CF9A-996C-1670-6F7D65F1D18A}" = CCC Help Norwegian
 "{BED96D0C-7743-3CE3-F7DF-A0A4475FBF2F}" = CCC Help Hungarian
 "{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
 "{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
 "{c6072f71-b8f8-4b4a-a616-5e8cd64cd41e}" = Playfire
 "{C67A3F9D-E55D-4288-B4EC-1B9863EFB288}" = Razer Megalodon Firmware Updater
 "{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}" = System Requirements Lab for Intel
 "{CB79256B-C0E0-40C6-8EB7-BDD796203581}" = Catalyst Control Center - Branding
 "{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
 "{D8A50F0B-791E-43E6-8F22-AEC2D3FBEB84}" = PingPlotter Standard 3.40.2s
 "{DADC7AB0-E554-4705-9F6A-83EA82ED708E}" = Realtek Ethernet Diagnostic Utility
 "{E297492A-E114-CAE0-502E-5F36C386DD30}" = CCC Help Dutch
 "{E415C943-37E5-473F-8BAE-043C56734124}" = Sp5TTInt
 "{E6533A85-ED92-F897-2B68-58AC3BD87F94}" = CCC Help English
 "{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
 "{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}" = Adobe Creative Suite 6 Master Collection
 "{EBAC163A-588E-1E5A-3CE8-826E9A449244}" = CCC Help Korean
 "{ED65BD75-CEF3-C0C2-9E9C-FA567484FF60}" = CCC Help Japanese
 "{EEB34D84-92A1-7BE3-6DB7-ABD1C4912D6B}" = Catalyst Control Center InstallProxy
 "{F017778C-11C7-4E57-8124-F10C5AD74B1E}_is1" = Open Broadcaster Software version 0.461a
 "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
 "{F1289D68-1C48-930F-51CF-577BDB371252}" = CCC Help Swedish
 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
 "{F3F340A5-64EC-AEEC-4BDF-DC537D390BF5}" = CCC Help German
 "{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Obsługa programów Apple
 "{F59AC46C-10C3-4023-882C-4212A92283B3}_is1" = Lagarith Lossless Codec (1.3.27)
 "{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
 "{F6E04BE8-2FA4-44C4-9BD3-142CE3EB15B4}_is1" = GPU Caps Viewer 1.19.0
 "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
 "{FD4B33E1-24AE-4535-AA7B-162B30FB57CD}" = Sp5Intl
 "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
 "Ad Muncher" = Ad Muncher v4.91 Build 32562
 "Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
 "Afterburner" = MSI Afterburner 2.3.1
 "Battle.net" = Battle.net
 "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
 "CWK" = CWK (Czasowy Wyłącznik Komputera)
 "Diablo III" = Diablo III
 "DivX Setup" = DivX Setup
 "DMC Devi May Cry (c) Capcom_is1" = DMC Devi May Cry (c) Capcom version 1
 "Driver Cleaner" = Driver Cleaner 3
 "DVDFab 8 Qt_is1" = DVDFab 8.2.0.8 (29/08/2012) Qt
 "Dxtory2.0_is1" = Dxtory version 2.0.114
 "ESN Sonar-0.70.4" = ESN Sonar
 "EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.30
 "FLV to AVI MPEG WMV 3GP MP4 iPod Converter5.2.0603" = FLV to AVI MPEG WMV 3GP MP4 iPod Converter
 "Fraps" = Fraps (remove only)
 "Google Chrome" = Google Chrome
 "Guild Wars 2" = Guild Wars 2
 "HD Tune_is1" = HD Tune 2.55
 "Hearthstone" = Hearthstone
 "HWiNFO32_is1" = HWiNFO32 Version 4.18
 "InstallShield_{4D2F05BB-228E-4081-B94C-50AD015EE462}" = Magic Bullet Suite 64-bit
 "InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
 "InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}" = Kaspersky Internet Security
 "IVONA 2" = IVONA 2
 "IVONA Reader" = IVONA Reader
 "KLiteCodecPack_is1" = K-Lite Mega Codec Pack 9.7.0
 "Livestreamer" = Livestreamer 1.6.1
 "Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.00.0.0504
 "MMDoC-PDCLive" = Duel of Champions
 "MozBackup" = MozBackup 1.4.10
 "Mozilla Firefox 27.0.1 (x86 pl)" = Mozilla Firefox 27.0.1 (x86 pl)
 "Mozilla Thunderbird 24.3.0 (x86 pl)" = Mozilla Thunderbird 24.3.0 (x86 pl)
 "MozillaMaintenanceService" = Mozilla Maintenance Service
 "NapiProjekt_is1" = NapiProjekt (2.0.0.2151)
 "NetCut_is1" = NetCut 2.1.4
 "Notepad++" = Notepad++
 "Open Broadcaster Software" = Open Broadcaster Software
 "OpenAL" = OpenAL
 "OpenVPN" = OpenVPN 2.1_rc19
 "Origin" = Origin
 "PowerMenu" = PowerMenu 1.51
 "Rainmeter" = Rainmeter
 "Raptr" = Raptr
 "Razer Game Booster_is1" = Razer Game Booster
 "StarCraft II" = StarCraft II
 "Steam App 108710" = Alan Wake
 "Steam App 15540" = 1... 2... 3... KICK IT! (Drop That Beat Like an Ugly Baby)
 "Steam App 202352" = Steam Trading Card Beta Access
 "Steam App 210770" = Sanctum 2
 "Steam App 211400" = Deadlight
 "Steam App 220" = Half-Life 2
 "Steam App 220460" = Cargo Commander
 "Steam App 238960" = Path of Exile
 "Steam App 239350" = Spelunky
 "Steam App 244870" = Electronic Super Joy
 "Steam App 256410" = Might & Magic: Duel of Champions
 "Steam App 35720" = Trine 2
 "Steam App 440" = Team Fortress 2
 "Steam App 49520" = Borderlands 2
 "Steam App 63710" = BIT.TRIP RUNNER
 "Steam App 730" = Counter-Strike: Global Offensive
 "TechPowerUp GPU-Z" = TechPowerUp GPU-Z
 "TWV0cm9MYXN0TGlnaHQ=_is1" = Metro: Last Light (c) Deep Silver version 1
 "Unigine Heaven DX11 Benchmark 2.5_is1" = Unigine Heaven DX11 Benchmark 2.5 version 2.5
 "Unigine Valley Benchmark_is1" = Unigine Valley Benchmark version 1.0
 "Uplay" = Uplay
 "uTorrent" = µTorrent
 "VLC media player" = VLC media player 2.0.6
 "Winamp" = Winamp
 "WinPcapInst" = WinPcap 4.1.2
 "x264vfw64" = x264vfw - H.264/MPEG-4 AVC codec for x64 (remove only)
 "XfireCodec" = Xfire Codec (remove only)
 
 [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
 
 [HKEY_USERS\S-1-5-21-2294864315-1545841318-3897952-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
 "Bitcoin" = Bitcoin
 "GG" = GG
 "InstallShield_{6530FDAA-5B1F-4830-95BB-650E9804D239}" = UE3Redist
 "Spotify" = Spotify
 "UnityWebPlayer" = Unity Web Player
 "uTorrent" = µTorrent
 "XBMC" = XBMC
 
 [color=#E56717]========== Last 20 Event Log Errors ==========[/color]
 
 [ Application Events ]
 Error - 2014-03-05 12:10:05 | Computer Name = BlodyTraveler | Source = IVONA 2 Voice | ID = 4616
 Description = IVONA 2 Voice Jacek22: nieprawidłowy argument: Invalid argument.
 
 Error - 2014-03-05 12:10:05 | Computer Name = BlodyTraveler | Source = IVONA 2 Voice | ID = 4616
 Description = IVONA 2 Voice Jacek22: nieprawidłowy argument: Invalid argument.
 
 Error - 2014-03-05 12:10:05 | Computer Name = BlodyTraveler | Source = IVONA 2 Voice | ID = 4616
 Description = IVONA 2 Voice Jacek22: nieprawidłowy argument: Invalid argument.
 
 Error - 2014-03-05 12:10:05 | Computer Name = BlodyTraveler | Source = IVONA 2 Voice | ID = 4616
 Description = IVONA 2 Voice Jacek22: nieprawidłowy argument: Invalid argument.
 
 Error - 2014-03-06 15:40:44 | Computer Name = BlodyTraveler | Source = VSS | ID = 8194
 Description =
 
 Error - 2014-03-06 16:47:34 | Computer Name = BlodyTraveler | Source = VSS | ID = 8194
 Description =
 
 Error - 2014-03-06 16:48:46 | Computer Name = BlodyTraveler | Source = VSS | ID = 8194
 Description =
 
 Error - 2014-03-06 17:03:59 | Computer Name = BlodyTraveler | Source = VSS | ID = 18
 Description =
 
 Error - 2014-03-06 17:03:59 | Computer Name = BlodyTraveler | Source = VSS | ID = 8193
 Description =
 
 Error - 2014-03-06 17:03:59 | Computer Name = BlodyTraveler | Source = System Restore | ID = 8193
 Description =
 
 [ NetLimiter 3 Events ]
 Error - 2012-12-02 14:22:07 | Computer Name = BlodyTraveler | Source = NetLimiter 3 Service | ID = 1000
 Description = Registration or trial period expired
 
 Error - 2012-12-02 14:22:07 | Computer Name = BlodyTraveler | Source = NetLimiter 3 Service | ID = 1000
 Description = <nl-error-list> <nl-error> <err-code>0</err-code> <hresult code='80070002'>Nie
 można odnaleźć określonego pliku.</hresult> <module>NetLimiter.Main.123</module>
 <param
 name='last-error' value='2'/> <param name='fun-name' value='OpenDevice'/> </nl-error>
 </nl-error-list>
 
 Error - 2012-12-02 14:22:07 | Computer Name = BlodyTraveler | Source = NetLimiter 3 Service | ID = 1000
 Description = <nl-error-list> <nl-error> <err-code>2010</err-code> <module>NetLimiter.Main.77</module>
 <desc>Failed
 to initialize NetLimiter service.</desc> </nl-error> <nl-error> <err-code>0</err-code>
 <hresult
 code='80070002'>Nie można odnaleźć określonego pliku.</hresult> <module>NetLimiter.Main.123</module>
 <param
 name='last-error' value='2'/> <param name='fun-name' value='OpenDevice'/> </nl-error>
 </nl-error-list>
 
 Error - 2012-12-02 14:22:07 | Computer Name = BlodyTraveler | Source = NetLimiter 3 Service | ID = 1000
 Description = The service failed to start
 
 Error - 2012-12-02 14:23:17 | Computer Name = BlodyTraveler | Source = NetLimiter 3 Service | ID = 1000
 Description = Registration or trial period expired
 
 [ System Events ]
 Error - 2014-03-06 17:08:08 | Computer Name = BlodyTraveler | Source = Service Control Manager | ID = 7001
 Description = Usługa Usługa listy sieci zależy od usługi Rozpoznawanie lokalizacji
 w sieci, której nie można uruchomić z powodu następującego błędu: %%1068
 
 Error - 2014-03-06 17:08:08 | Computer Name = BlodyTraveler | Source = Service Control Manager | ID = 7001
 Description = Usługa Usługa listy sieci zależy od usługi Rozpoznawanie lokalizacji
 w sieci, której nie można uruchomić z powodu następującego błędu: %%1068
 
 Error - 2014-03-06 17:08:09 | Computer Name = BlodyTraveler | Source = Service Control Manager | ID = 7001
 Description = Usługa Usługa listy sieci zależy od usługi Rozpoznawanie lokalizacji
 w sieci, której nie można uruchomić z powodu następującego błędu: %%1068
 
 Error - 2014-03-06 17:08:09 | Computer Name = BlodyTraveler | Source = Service Control Manager | ID = 7001
 Description = Usługa Usługa listy sieci zależy od usługi Rozpoznawanie lokalizacji
 w sieci, której nie można uruchomić z powodu następującego błędu: %%1068
 
 Error - 2014-03-06 17:08:09 | Computer Name = BlodyTraveler | Source = Service Control Manager | ID = 7001
 Description = Usługa Usługa listy sieci zależy od usługi Rozpoznawanie lokalizacji
 w sieci, której nie można uruchomić z powodu następującego błędu: %%1068
 
 Error - 2014-03-06 17:08:09 | Computer Name = BlodyTraveler | Source = Service Control Manager | ID = 7001
 Description = Usługa Usługa listy sieci zależy od usługi Rozpoznawanie lokalizacji
 w sieci, której nie można uruchomić z powodu następującego błędu: %%1068
 
 Error - 2014-03-06 17:08:09 | Computer Name = BlodyTraveler | Source = Service Control Manager | ID = 7001
 Description = Usługa Usługa listy sieci zależy od usługi Rozpoznawanie lokalizacji
 w sieci, której nie można uruchomić z powodu następującego błędu: %%1068
 
 Error - 2014-03-06 17:08:09 | Computer Name = BlodyTraveler | Source = Service Control Manager | ID = 7001
 Description = Usługa Usługa listy sieci zależy od usługi Rozpoznawanie lokalizacji
 w sieci, której nie można uruchomić z powodu następującego błędu: %%1068
 
 Error - 2014-03-06 17:09:26 | Computer Name = BlodyTraveler | Source = Application Popup | ID = 1060
 Description = Ładowanie sterownika \SystemRoot\SysWow64\Drivers\Aspi32.SYS zostało
 zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania
 w celu uzyskania zgodnej wersji sterownika.
 
 Error - 2014-03-06 17:09:26 | Computer Name = BlodyTraveler | Source = Service Control Manager | ID = 7000
 Description = Nie można uruchomić usługi Aspi32 z powodu następującego błędu: %%1275
 
 
 < End of report >
DDS
- Kod: Zaznacz wszystko
- DDS (Ver_2012-11-20.01) - NTFS_AMD64
 Internet Explorer: 11.0.9600.16518 BrowserJavaVersion: 10.51.2
 Run by Traveler at 22:28:35 on 2014-03-06
 Microsoft Windows 7 Professional 6.1.7601.1.1250.48.1045.18.8183.5656 [GMT 1:00]
 .
 AV: Kaspersky Internet Security *Disabled/Updated* {179979E8-273D-D14E-0543-2861940E4886}
 SP: Kaspersky Internet Security *Disabled/Updated* {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
 SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 FW: Kaspersky Internet Security *Disabled* {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
 .
 ============== Running Processes ===============
 .
 C:\Windows\system32\lsm.exe
 C:\Windows\system32\svchost.exe -k DcomLaunch
 C:\Windows\system32\svchost.exe -k RPCSS
 C:\Windows\system32\atiesrxx.exe
 C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
 C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
 C:\Windows\system32\svchost.exe -k LocalService
 C:\Windows\system32\svchost.exe -k netsvcs
 C:\Windows\system32\svchost.exe -k GPSvcGroup
 C:\Program Files (x86)\netcut\services\AIPS.exe
 C:\Windows\system32\svchost.exe -k NetworkService
 C:\Windows\System32\spoolsv.exe
 C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
 C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
 D:\Autodesk 3DS Max\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
 C:\Program Files\NetLimiter 3\nlsvc.exe
 C:\Windows\SysWOW64\PnkBstrA.exe
 C:\Program Files\Common Files\SpeedBit\SBUpdate\sbu.exe
 C:\Windows\system32\atieclxx.exe
 C:\Windows\system32\svchost.exe -k imgsvc
 C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
 C:\Windows\System32\svchost.exe -k secsvcs
 C:\Windows\system32\Dwm.exe
 C:\Windows\Explorer.EXE
 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
 C:\Program Files\SmartTechnology\Software\SaiMfd.exe
 C:\Program Files\Logitech Gaming Software\LCore.exe
 C:\Program Files\NetLimiter 3\NLClientApp.exe
 C:\Users\Traveler\AppData\Roaming\uTorrent\uTorrent.exe
 C:\Users\Traveler\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
 C:\Program Files (x86)\Xfire2\Xfire.exe
 C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
 C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
 C:\Program Files (x86)\Ad Muncher\AdMunch.exe
 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
 C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
 C:\Program Files (x86)\Ad Muncher\AdMunch64.exe
 C:\PROGRA~2\Raptr\raptr.exe
 C:\Windows\system32\taskhost.exe
 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
 C:\Windows\system32\wbem\wmiprvse.exe
 C:\PROGRA~2\Raptr\raptr_im.exe
 C:\Windows\system32\taskeng.exe
 C:\Program Files\CoreTemp64\Core Temp.exe
 C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
 C:\Windows\system32\SearchIndexer.exe
 C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
 C:\Program Files\Windows Media Player\wmpnetwk.exe
 C:\Windows\System32\svchost.exe -k LocalServicePeerNet
 C:\Program Files (x86)\Raptr\raptr_ep64.exe
 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
 G:\Instalki\Kaspersky Internet Security\OTL.exe
 C:\Windows\notepad.exe
 C:\Windows\notepad.exe
 C:\Windows\System32\svchost.exe -k WerSvcGroup
 C:\Windows\system32\SearchProtocolHost.exe
 C:\Windows\system32\SearchFilterHost.exe
 C:\Windows\System32\cscript.exe
 .
 ============== Pseudo HJT Report ===============
 .
 mStart Page = about:blank
 mSearch Page = hxxp://www.google.com
 mDefault_Page_URL = about:blank
 mDefault_Search_URL = hxxp://www.google.com
 uProxyOverride = <local>
 BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
 BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
 BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
 BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
 BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
 BHO: IVONA Reader: {8664889D-ED18-4713-918F-E2BB69D8452B} - C:\Program Files (x86)\IVONA\IVONA Reader\integr\IR_iexplorer2.dll
 BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll
 BHO: Adobe Acrobat Create PDF Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
 BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL
 BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
 BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
 BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll
 BHO: Adobe Acrobat Create PDF from Selection: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
 TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
 TB: IVONA Reader: {8664889D-ED18-4713-918F-E2BB69D8452B} - C:\Program Files (x86)\IVONA\IVONA Reader\integr\IR_iexplorer2.dll
 uRun: [NetLimiter] C:\Program Files\NetLimiter 3\NLClientApp.exe /tray
 uRun: [uTorrent] "C:\Users\Traveler\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
 uRun: [Spotify Web Helper] "C:\Users\Traveler\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
 uRun: [Raptr] C:\PROGRA~2\Raptr\raptrstub.exe --startup
 mRun: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
 mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
 mRun: [Ad Muncher] "C:\Program Files (x86)\Ad Muncher\AdMunch.exe" /bt
 mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
 mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
 mRun: [ADSK DLMSession] C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
 StartupFolder: C:\Users\Traveler\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Xfire.lnk - C:\Program Files (x86)\Xfire2\Xfire.exe
 uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
 uPolicies-Explorer: NoDrives = dword:0
 mPolicies-Explorer: NoDriveTypeAutoRun = dword:28
 mPolicies-Explorer: NoDrives = dword:0
 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
 mPolicies-System: ConsentPromptBehaviorUser = dword:3
 mPolicies-System: EnableLUA = dword:0
 mPolicies-System: EnableUIADesktopToggle = dword:0
 mPolicies-System: PromptOnSecureDesktop = dword:0
 IE: Block frame with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=MO2540G0&id=menu_ie_frame
 IE: Block image with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=MO2540G0&id=menu_ie_image
 IE: Block link with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=MO2540G0&id=menu_ie_link
 IE: Don't filter page with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=MO2540G0&id=menu_ie_exclude
 IE: E&ksportuj do programu Microsoft Excel - C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
 IE: Report page to the Ad Muncher developers - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=MO2540G0&id=menu_ie_report
 IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
 IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll
 DPF: {66D845A0-C3BB-45AD-807C-9BFEAF20EF2C} - hxxps://dokumax.max-boegl.de/content/static/ecm/activex/Enable_Edit_In_Place.cab
 TCP: NameServer = 8.8.8.8 8.8.4.4
 TCP: Interfaces\{2F7064A7-26C8-4F79-8950-B1A240BCFA44} : DHCPNameServer = 8.8.8.8 8.8.4.4
 TCP: Interfaces\{D395B88C-BE42-4389-B68D-0FB8DAD83354} : NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
 Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
 Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
 SSODL: WebCheck - <orphaned>
 mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
 x64-mStart Page = about:blank
 x64-BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
 x64-BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
 x64-BHO: IVONA Reader: {8664889D-ED18-4713-918F-E2BB69D8452B} - C:\Program Files (x86)\IVONA\IVONA Reader\integr\IR_iexplorer2_x64.dll
 x64-BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll
 x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL
 x64-BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll
 x64-TB: IVONA Reader: {8664889D-ED18-4713-918F-E2BB69D8452B} - C:\Program Files (x86)\IVONA\IVONA Reader\integr\IR_iexplorer2_x64.dll
 x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
 x64-Run: [SaiMfd] C:\Program Files\SmartTechnology\Software\SaiMfd.exe
 x64-Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
 x64-IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
 x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll
 x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
 x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
 x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
 x64-SSODL: WebCheck - <orphaned>
 .
 ================= FIREFOX ===================
 .
 FF - ProfilePath - C:\Users\Traveler\AppData\Roaming\Mozilla\Firefox\Profiles\y2azreaz.default-1394138328678\
 FF - prefs.js: browser.startup.homepage - google.pl
 FF - prefs.js: keyword.URL - hxxp://go.speedbit.com/search.aspx?s=E21b&q=
 FF - plugin: C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL
 FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll
 FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll
 FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
 FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
 FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
 FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
 FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
 FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll
 FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
 FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
 FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll
 FF - plugin: C:\Program Files (x86)\Sony\Media Go\npmediago.dll
 FF - plugin: C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll
 FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
 FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypchub.dll
 FF - plugin: C:\Users\Traveler\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
 FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll
 .
 ============= SERVICES / DRIVERS ===============
 .
 R1 AppleCharger;AppleCharger;C:\Windows\System32\drivers\AppleCharger.sys [2012-9-12 22128]
 R1 HWiNFO32;HWiNFO32/64 Kernel Driver;C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2013-5-31 31136]
 R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2013-10-11 29792]
 R1 klpd;klpd;C:\Windows\System32\drivers\klpd.sys [2013-4-12 15456]
 R1 kltdi;kltdi;C:\Windows\System32\drivers\kltdi.sys [2013-5-14 55904]
 R1 kneps;kneps;C:\Windows\System32\drivers\kneps.sys [2013-6-6 178272]
 R1 nltdi;nltdi;C:\Program Files\NetLimiter 3\nltdi.sys [2010-8-30 88200]
 R2 AIPS;Arp Intelligent Protection Service;C:\Program Files (x86)\netcut\services\aips.exe [2013-12-19 262144]
 R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-12-6 239616]
 R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-11-4 13592]
 R2 mi-raysat_3dsmax2014_64;mental ray Satellite for Autodesk 3ds Max 2014 64-bit;D:\Autodesk 3DS Max\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe [2011-9-15 86016]
 R2 RtNdPt60;Realtek NDIS Protocol Driver;C:\Windows\System32\drivers\RtNdPt60.sys [2012-8-24 27136]
 R2 SBUpd;SpeedBit Update;C:\Program Files\Common Files\SpeedBit\SBUpdate\sbu.exe [2014-3-2 2541688]
 R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-9-24 94208]
 R3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);C:\Windows\System32\drivers\vrtaucbl.sys [2012-8-24 66728]
 R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\Windows\System32\drivers\klkbdflt.sys [2013-10-11 29280]
 R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2013-10-11 29280]
 R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2009-11-24 22408]
 R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;C:\Windows\System32\drivers\LGSHidFilt.Sys [2013-1-17 66800]
 R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2009-11-24 16008]
 R3 NLNdisMP;NLNdisMP;C:\Windows\System32\drivers\nlndis.sys [2010-8-30 33416]
 R3 RTCore64;RTCore64;C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2013-1-23 13368]
 R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-5-29 646248]
 R3 rzendpt;rzendpt;C:\Windows\System32\drivers\rzendpt.sys [2013-11-15 39080]
 R3 rzudd;Razer Mouse Driver;C:\Windows\System32\drivers\rzudd.sys [2013-11-15 149160]
 R3 SBUpdd;SpeedBit UpdateD;C:\Program Files\Common Files\SpeedBit\SBUpdate\sbw.sys [2014-3-2 41368]
 R3 XFDriver64;XFDriver64;C:\Program Files (x86)\Xfire2\XFDriver64.sys [2013-9-28 17160]
 S2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [2013-10-11 214512]
 S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
 S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
 S2 KMService;KMService;C:\Windows\System32\srvany.exe --> C:\Windows\System32\srvany.exe [?]
 S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-3-6 1809720]
 S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-3-6 857912]
 S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384]
 S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
 S3 bulkadi;Razer Megalodon DFU;C:\Windows\System32\drivers\bulkrazer_x64.sys [2011-2-9 25088]
 S3 cpudrv64;cpudrv64;C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2011-6-2 17864]
 S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2013-2-9 102368]
 S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2014-1-3 1471352]
 S3 FsUsbExDisk;FsUsbExDisk;C:\Windows\SysWOW64\FsUsbExDisk.Sys [2013-2-19 37344]
 S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [2013-10-4 520416]
 S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-2-12 111616]
 S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-3-6 25816]
 S3 NLNdisPT;NetLimiter Ndis Protocol Service;C:\Windows\System32\drivers\nlndis.sys [2010-8-30 33416]
 S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-11-12 178776]
 S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-31 19456]
 S3 Revoflt;Revoflt;C:\Windows\System32\drivers\revoflt.sys [2012-8-24 30776]
 S3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.0);C:\Windows\System32\drivers\RtTeam60.sys [2012-8-24 57960]
 S3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);C:\Windows\System32\drivers\RtVlan620.sys [2012-8-24 32360]
 S3 SaiK0CCB;SaiK0CCB;C:\Windows\System32\drivers\SaiK0CCB.sys [2012-9-20 180544]
 S3 SaiK0CD7;SaiK0CD7;C:\Windows\System32\drivers\SaiK0CD7.sys [2012-9-20 180544]
 S3 SaiK1708;SaiK1708;C:\Windows\System32\drivers\SaiK1708.sys [2012-9-20 180544]
 S3 SaiU0CCB;SaiU0CCB;C:\Windows\System32\drivers\SaiU0CCB.sys [2012-9-20 47168]
 S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2013-2-9 203104]
 S3 StorSvc;Usługa magazynu;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
 S3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.0);C:\Windows\System32\drivers\RtTeam60.sys [2012-8-24 57960]
 S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-11-13 56832]
 S3 VBoxUSB;VirtualBox USB;C:\Windows\System32\drivers\VBoxUSB.sys [2013-12-18 113936]
 S3 VLAN;Realtek Virtual Miniport Driver for VLAN (NDIS 6.0);C:\Windows\System32\drivers\RtVlan60.sys [2013-5-29 32360]
 S3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-8-24 1255736]
 S3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [2013-6-27 14544]
 S4 klflt;klflt;C:\Windows\System32\drivers\klflt.sys [2013-12-1 115296]
 S4 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
 .
 =============== File Associations ===============
 .
 FileExt: .txt: txtfile="C:\Program Files (x86)\IVONA\IVONA Reader\IVONA Reader.exe" -l -o "%1" -x [default=ConvInIVONAReader - 'Open' doesn't exist]
 ShellExec: SC2Editor.exe: open="F:/Gry/StarCraft II/Support/SC2Editor.exe" "%1"
 ShellExec: SC2Switcher.exe: open="F:/Gry/StarCraft II/Support/SC2Switcher.exe" "%1"
 .
 =============== Created Last 30 ================
 .
 2014-03-06 21:08:02 -------- d-sh--w- C:\$RECYCLE.BIN
 2014-03-06 21:03:38 5187080 ------r- C:\ComboFix.exe
 2014-03-06 20:54:46 119512 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
 2014-03-06 20:54:10 92376 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
 2014-03-06 20:54:10 63192 ----a-w- C:\Windows\System32\drivers\mwac.sys
 2014-03-06 20:54:10 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
 2014-03-06 20:54:09 -------- d-----w- C:\ProgramData\Malwarebytes
 2014-03-06 20:54:09 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
 2014-03-06 20:29:32 -------- d-----w- C:\AdwCleaner
 2014-03-06 20:21:04 -------- d-----w- C:\Program Files\Enigma Software Group
 2014-03-06 20:20:38 -------- d-----w- C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
 2014-03-05 16:16:40 -------- d-----w- C:\Users\Traveler\AppData\Local\Adobe
 2014-03-04 19:29:37 10536864 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3AF68723-5ED0-47B9-8D5F-B3962F6542EE}\mpengine.dll
 2014-03-04 19:29:28 6574592 ----a-w- C:\Windows\System32\mstscax.dll
 2014-03-04 19:29:28 5694464 ----a-w- C:\Windows\SysWow64\mstscax.dll
 2014-03-04 16:47:30 -------- d-----w- C:\Users\Traveler\AppData\Local\GHISLER
 2014-03-04 16:27:33 98816 ----a-w- C:\Windows\sed.exe
 2014-03-04 16:27:33 256000 ----a-w- C:\Windows\PEV.exe
 2014-03-04 16:27:33 208896 ----a-w- C:\Windows\MBR.exe
 2014-03-04 16:18:36 388096 ----a-r- C:\Users\Traveler\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
 2014-02-23 16:17:35 -------- d-----w- C:\Users\Traveler\AppData\Roaming\com.efile.epity2013
 2014-02-23 16:17:30 -------- d-----w- C:\Users\Traveler\AppData\Roaming\fillUp
 2014-02-23 16:17:30 -------- d-----w- C:\Program Files (x86)\e-file
 2014-02-14 19:38:09 -------- d-----w- C:\Users\Traveler\AppData\Local\Apple Computer
 2014-02-12 18:20:04 548864 ----a-w- C:\Windows\System32\vbscript.dll
 2014-02-12 18:20:04 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll
 2014-02-12 18:18:25 87040 ----a-w- C:\Windows\SysWow64\secproc_ssp_isv.dll
 2014-02-11 20:06:25 -------- d-----w- C:\Users\Traveler\AppData\Local\LooksBuilder
 2014-02-11 20:04:04 -------- d-----w- C:\Users\Traveler\AppData\Roaming\Red Giant Link
 2014-02-11 20:03:49 -------- d-----w- C:\Program Files (x86)\LooksBuilder
 2014-02-11 20:03:48 -------- d-----w- C:\Program Files (x86)\Red Giant Link
 2014-02-11 20:02:22 -------- d-----w- C:\ProgramData\RedGiant
 2014-02-10 20:14:06 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server
 2014-02-10 20:14:04 -------- d-----w- C:\ProgramData\regid.1991-06.com.microsoft
 2014-02-10 20:13:59 -------- d-----w- C:\Windows\PCHEALTH
 2014-02-10 20:13:59 -------- d-----w- C:\Program Files\Microsoft SQL Server
 2014-02-10 20:13:30 -------- d-----w- C:\Program Files\Microsoft Analysis Services
 2014-02-10 20:13:30 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
 .
 ==================== Find3M ====================
 .
 2014-02-21 16:59:00 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
 2014-02-21 16:59:00 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
 2014-02-18 20:04:30 29280 ----a-w- C:\Windows\System32\drivers\klkbdflt.sys
 2014-02-18 20:04:29 115296 ----a-w- C:\Windows\System32\drivers\klflt.sys
 2014-02-16 16:54:59 290184 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
 2014-02-16 16:54:59 290184 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
 2014-02-16 16:47:06 290184 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
 2014-02-06 11:30:46 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
 2014-02-06 11:30:12 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
 2014-02-06 11:07:39 66048 ----a-w- C:\Windows\System32\iesetup.dll
 2014-02-06 11:06:47 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
 2014-02-06 10:49:03 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
 2014-02-06 10:48:45 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
 2014-02-06 10:48:11 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
 2014-02-06 10:20:26 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
 2014-02-06 10:11:37 5768704 ----a-w- C:\Windows\System32\jscript9.dll
 2014-02-06 10:01:36 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
 2014-02-06 10:00:46 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
 2014-02-06 09:50:32 2041856 ----a-w- C:\Windows\System32\inetcpl.cpl
 2014-02-06 09:47:22 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
 2014-02-06 09:46:27 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
 2014-02-06 09:25:36 4244480 ----a-w- C:\Windows\SysWow64\jscript9.dll
 2014-02-06 09:24:52 2334208 ----a-w- C:\Windows\System32\wininet.dll
 2014-02-06 09:09:30 1964032 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
 2014-02-06 08:41:35 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
 2014-01-27 08:58:44 270496 ------w- C:\Windows\System32\MpSigStub.exe
 2014-01-14 01:53:50 88576 ----a-w- C:\Windows\SysWow64\rzdevinfo.dll
 2014-01-14 01:53:44 296448 ----a-w- C:\Windows\SysWow64\rzaudiodll.dll
 2013-12-24 23:09:41 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
 2013-12-24 22:48:32 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
 2013-12-19 07:43:49 178272 ----a-w- C:\Windows\System32\drivers\kneps.sys
 2013-12-18 20:09:39 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
 2013-12-18 16:19:54 252688 ----a-w- C:\Windows\System32\drivers\VBoxDrv.sys
 2013-12-18 16:16:44 154896 ----a-w- C:\Windows\System32\drivers\VBoxNetFlt.sys
 2013-12-18 16:16:44 140560 ----a-w- C:\Windows\System32\drivers\VBoxNetAdp.sys
 2013-12-18 16:16:44 126736 ----a-w- C:\Windows\System32\drivers\VBoxUSBMon.sys
 2013-12-18 16:16:44 113936 ----a-w- C:\Windows\System32\drivers\VBoxUSB.sys
 2013-12-18 16:13:30 204048 ----a-w- C:\Windows\System32\VBoxNetFltNobj.dll
 2013-12-06 22:07:36 78432 ----a-w- C:\Windows\System32\atimpc64.dll
 2013-12-06 22:07:36 78432 ----a-w- C:\Windows\System32\amdpcom64.dll
 2013-12-06 22:07:14 71704 ----a-w- C:\Windows\SysWow64\atimpc32.dll
 2013-12-06 22:07:14 71704 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
 2013-12-06 22:04:10 143304 ----a-w- C:\Windows\System32\atiuxp64.dll
 2013-12-06 22:03:46 126336 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
 2013-12-06 22:03:00 115512 ----a-w- C:\Windows\System32\atiu9p64.dll
 2013-12-06 22:02:38 98496 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
 2013-12-06 22:01:52 1318552 ----a-w- C:\Windows\System32\aticfx64.dll
 2013-12-06 22:01:04 1100216 ----a-w- C:\Windows\SysWow64\aticfx32.dll
 2013-12-06 22:00:16 9753752 ----a-w- C:\Windows\System32\atidxx64.dll
 2013-12-06 21:59:50 8406024 ----a-w- C:\Windows\SysWow64\atidxx32.dll
 2013-12-06 21:59:00 8287008 ----a-w- C:\Windows\SysWow64\atiumdva.dll
 2013-12-06 21:58:10 6630232 ----a-w- C:\Windows\SysWow64\atiumdag.dll
 2013-12-06 21:57:20 8927704 ----a-w- C:\Windows\System32\atiumd6a.dll
 2013-12-06 21:56:54 7751920 ----a-w- C:\Windows\System32\atiumd64.dll
 2013-12-06 21:52:14 13207552 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
 2013-12-06 21:38:52 230912 ----a-w- C:\Windows\System32\clinfo.exe
 2013-12-06 21:38:34 99840 ----a-w- C:\Windows\System32\OpenVideo64.dll
 2013-12-06 21:38:28 83968 ----a-w- C:\Windows\SysWow64\OpenVideo.dll
 2013-12-06 21:38:22 86528 ----a-w- C:\Windows\System32\OVDecode64.dll
 2013-12-06 21:38:18 73728 ----a-w- C:\Windows\SysWow64\OVDecode.dll
 2013-12-06 21:37:58 29382144 ----a-w- C:\Windows\System32\amdocl64.dll
 2013-12-06 21:35:36 24860160 ----a-w- C:\Windows\SysWow64\amdocl.dll
 2013-12-06 21:33:28 63488 ----a-w- C:\Windows\System32\OpenCL.dll
 2013-12-06 21:33:24 57344 ----a-w- C:\Windows\SysWow64\OpenCL.dll
 2013-06-25 05:09:36 44 ---h--w- C:\Program Files (x86)\f6435f27.tmp
 .
 ============= FINISH: 22:28:42,22 ===============
Attach
- Kod: Zaznacz wszystko
- .
 UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
 IF REQUESTED, ZIP IT UP & ATTACH IT
 .
 DDS (Ver_2012-11-20.01)
 .
 Microsoft Windows 7 Professional
 Boot Device: \Device\HarddiskVolume1
 Install Date: 2012-08-23 22:28:35
 System Uptime: 2014-03-06 22:09:13 (0 hours ago)
 .
 Motherboard: Gigabyte Technology Co., Ltd. | | P55-UD3
 Processor: Intel(R) Core(TM) i7 CPU 860 @ 2.80GHz | Socket 1156 | 3486/166mhz
 .
 ==== Disk Partitions =========================
 .
 C: is FIXED (NTFS) - 119 GiB total, 27,991 GiB free.
 D: is FIXED (NTFS) - 150 GiB total, 111,401 GiB free.
 E: is FIXED (NTFS) - 233 GiB total, 70,273 GiB free.
 F: is FIXED (NTFS) - 233 GiB total, 117,669 GiB free.
 G: is FIXED (NTFS) - 391 GiB total, 92,127 GiB free.
 H: is FIXED (NTFS) - 195 GiB total, 23,079 GiB free.
 I: is FIXED (NTFS) - 195 GiB total, 113,052 GiB free.
 J: is CDROM ()
 .
 ==== Disabled Device Manager Items =============
 .
 ==== System Restore Points ===================
 .
 RP592: 2014-03-04 20:29:29 - Windows Update
 RP594: 2014-03-06 20:40:44 - Revo Uninstaller Pro's restore point - Akamai NetSession Interface
 RP595: 2014-03-06 21:20:51 - Installed SpyHunter
 RP597: 2014-03-06 21:47:34 - Revo Uninstaller Pro's restore point - SpyHunter
 RP598: 2014-03-06 21:47:51 - Removed SpyHunter
 RP600: 2014-03-06 21:48:46 - Revo Uninstaller Pro's restore point - PowerISO
 .
 ==== Installed Programs ======================
 .
 @BIOS
 1... 2... 3... KICK IT! (Drop That Beat Like an Ugly Baby)
 Ad Muncher v4.91 Build 32562
 Adobe Acrobat XI Pro
 Adobe Creative Suite 6 Master Collection
 Adobe Flash Player 12 Plugin
 Adobe Help Manager
 Alan Wake
 AMD Accelerated Video Transcoding
 AMD APP SDK 2.9
 AMD Catalyst Control Center
 AMD Catalyst Install Manager
 AMD Drag and Drop Transcoding
 AMD Media Foundation Decoders
 AMD Wireless Display v3.0
 Apple Software Update
 Archiwizator WinRAR
 Assassin's Creed (R) III
 µTorrent
 Autodesk 3ds Max 2014
 Autodesk 3ds Max 2014 64-bit Populate Data
 Autodesk Backburner 2014
 Autodesk Composite 2014
 Autodesk DirectConnect 2014 64-bit
 Autodesk Download Manager
 Autodesk Essential Skills Movies for 3ds Max 2014 64-bit
 Autodesk Inventor Server Engine for 3ds Max 2014 64-bit
 Autodesk Material Library 2014
 Autodesk Material Library Base Resolution Image Library 2014
 Autodesk Material Library Medium Resolution Image Library 2014
 Autodesk Mudbox 2014
 Autodesk Revit Interoperability for 3ds Max 2014
 Battle.net
 Battlefield 3™
 BIT.TRIP RUNNER
 Bitcoin
 Blender
 Borderlands 2
 Cargo Commander
 Catalyst Control Center - Branding
 Catalyst Control Center Graphics Previews Common
 Catalyst Control Center InstallProxy
 Catalyst Control Center Localization All
 ccc-utility64
 CCC Help Chinese Standard
 CCC Help Chinese Traditional
 CCC Help Czech
 CCC Help Danish
 CCC Help Dutch
 CCC Help English
 CCC Help Finnish
 CCC Help French
 CCC Help German
 CCC Help Greek
 CCC Help Hungarian
 CCC Help Italian
 CCC Help Japanese
 CCC Help Korean
 CCC Help Norwegian
 CCC Help Polish
 CCC Help Portuguese
 CCC Help Russian
 CCC Help Spanish
 CCC Help Swedish
 CCC Help Thai
 CCC Help Turkish
 CCleaner
 Counter-Strike: Global Offensive
 CWK (Czasowy Wyłącznik Komputera)
 Deadlight
 Diablo III
 DivX Setup
 DMC Devi May Cry (c) Capcom version 1
 Driver Cleaner 3
 Duel of Champions
 DVDFab 8.2.0.8 (29/08/2012) Qt
 Dxtory version 2.0.114
 e-pity 5.0 za rok 2013
 Electronic Super Joy
 ESN Sonar
 EVEREST Ultimate Edition v5.30
 FLV to AVI MPEG WMV 3GP MP4 iPod Converter
 Fraps (remove only)
 Futuremark SystemInfo
 GG
 GIMP 2.8.4
 Google Chrome
 Google Update Helper
 GPU Caps Viewer 1.19.0
 Guild Wars 2
 Half-Life 2
 HD Tune 2.55
 Hearthstone
 High-Definition Video Playback 10
 HiJackThis
 HWiNFO32 Version 4.18
 Intel(R) Control Center
 Intel(R) Rapid Storage Technology
 IVONA 2
 IVONA Reader
 Java 7 Update 51
 Java Auto Updater
 JDownloader 2
 K-Lite Codec Pack 9.7.0 (64-bit)
 K-Lite Mega Codec Pack 9.7.0
 Kaspersky Internet Security
 Lagarith Lossless Codec (1.3.27)
 League of Legends
 Livestreamer 1.6.1
 Logitech Gaming Software
 Logitech Gaming Software 8.46
 Magic Bullet Suite 64-bit
 Malwarebytes Anti-Malware version 2.00.0.0504
 Media Go
 Media Go Video Playback Engine 1.96.117.08260
 Metro: Last Light (c) Deep Silver version 1
 Microsoft .NET Framework 4.5.1
 Microsoft .NET Framework 4.5.1 (PLK)
 Microsoft .NET Framework 4.5.1 (Polski)
 Microsoft Access MUI (Polish) 2013
 Microsoft DCF MUI (Polish) 2013
 Microsoft Excel MUI (Polish) 2013
 Microsoft Groove MUI (Polish) 2013
 Microsoft InfoPath MUI (Polish) 2013
 Microsoft Lync MUI (Polish) 2013
 Microsoft Office 32-bit Components 2013
 Microsoft Office Korrekturhilfen 2013 - Deutsch
 Microsoft Office OSM MUI (Polish) 2013
 Microsoft Office OSM UX MUI (Polish) 2013
 Microsoft Office Professional Plus 2013
 Microsoft Office Proofing (Polish) 2013
 Microsoft Office Proofing Tools 2013 - English
 Microsoft Office Shared 32-bit MUI (Polish) 2013
 Microsoft Office Shared MUI (Polish) 2013
 Microsoft OneNote MUI (Polish) 2013
 Microsoft Outlook MUI (Polish) 2013
 Microsoft PowerPoint MUI (Polish) 2013
 Microsoft Primary Interoperability Assemblies 2005
 Microsoft Publisher MUI (Polish) 2013
 Microsoft Silverlight
 Microsoft Visual C++ 2005 Redistributable
 Microsoft Visual C++ 2005 Redistributable (x64)
 Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
 Microsoft Word MUI (Polish) 2013
 Microsoft Xbox 360 Accessories 1.2
 Microsoft XNA Framework Redistributable 3.1
 Microsoft XNA Framework Redistributable 4.0
 Microsoft_VC80_CRT_x86
 Microsoft_VC90_CRT_x86
 Might & Magic: Duel of Champions
 MozBackup 1.4.10
 Mozilla Firefox 27.0.1 (x86 pl)
 Mozilla Maintenance Service
 Mozilla Thunderbird 24.3.0 (x86 pl)
 MSI Afterburner 2.3.1
 MSVCRT Redists
 NapiProjekt (2.0.0.2151)
 Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski
 Nero 10 Menu TemplatePack Basic
 Nero 10 Movie ThemePack Basic
 Nero Burning ROM 10
 Nero Control Center 10
 Nero Core Components 10
 Nero DiscSpeed 10
 Nero Dolby Files 10
 Nero Multimedia Suite 10
 NetCut 2.1.4
 NetLimiter 3
 Notepad++
 NVIDIA PhysX
 Obsługa programów Apple
 ON_OFF Charge B12.0308.1
 Open Broadcaster Software
 Open Broadcaster Software version 0.461a
 OpenAL
 OpenVPN 2.1_rc19
 Oracle VM VirtualBox 4.3.6
 Origin
 PackBit Codec version 1.0.0.1Beta
 Pakiet sterowników systemu Windows - XBCD Project HID (16/05/2008 1.1.0)
 Path of Exile
 PDF Settings CS6
 PingPlotter Standard 3.40.2s
 Playfire
 PlayStation(R)Network Downloader
 PlayStation(R)Store
 PowerMenu 1.51
 QuickTime
 Rainmeter
 Raptr
 Razer BlackWidow Ultimate Firmware Updater
 Razer Game Booster
 Razer Megalodon Firmware Updater
 Razer Synapse 2.0
 Realtek Ethernet Controller Driver
 Realtek Ethernet Diagnostic Utility
 Realtek HDMI Audio Driver for ATI
 Realtek High Definition Audio Driver
 Revo Uninstaller Pro 2.1.1
 Samsung Kies
 SAMSUNG USB Driver for Mobile Phones
 Sanctum 2
 Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
 Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
 Skype™ 6.3
 Smart Technology Programming Software 7.0.27.13
 Sp5
 Sp5Intl
 Sp5TTInt
 SpCommon
 Spelunky
 Spotify
 SpPhones
 StarCraft II
 Steam
 Steam Trading Card Beta Access
 swMSM
 System Requirements Lab for Intel
 Team Fortress 2
 TeamSpeak 3 Client
 TechPowerUp GPU-Z
 Total Commander 64-bit (Remove or Repair)
 Trine 2
 UE3Redist
 Unigine Heaven DX11 Benchmark 2.5 version 2.5
 Unigine Valley Benchmark version 1.0
 Unity Web Player
 Uplay
 VC80CRTRedist - 8.0.50727.6195
 Vegas Pro 12.0 (64-bit)
 Virtual Audio Cable 4.10
 VLC media player 2.0.6
 Winamp
 WinPcap 4.1.2
 Wtyczka e-Deklaracje
 x264vfw - H.264/MPEG-4 AVC codec for x64 (remove only)
 XBCD Uninstaller
 XBMC
 Xfire 2.0
 Xfire Codec (remove only)
 XSplit
 .
 ==== End Of File ===========================
GMER
- Kod: Zaznacz wszystko
- GMER 2.1.19357 - http://www.gmer.net
 Rootkit scan 2014-03-06 22:42:37
 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2 OCZ-VERTEX4 rev.1.5 119,24GB
 Running: x1fb96yu.exe; Driver: C:\Users\Traveler\AppData\Local\Temp\agdyaaoc.sys
 ---- Kernel code sections - GMER 2.1 ----
 .text C:\Windows\system32\drivers\USBPORT.SYS!DllUnload fffff88004a28d8c 12 bytes {MOV RAX, 0xfffffa8007e1d2a0; JMP RAX}
 ---- User code sections - GMER 2.1 ----
 .text C:\Program Files (x86)\netcut\services\AIPS.exe[1228] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076bf1465 2 bytes [BF, 76]
 .text C:\Program Files (x86)\netcut\services\AIPS.exe[1228] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076bf14bb 2 bytes [BF, 76]
 .text ... * 2
 .text C:\Windows\SysWOW64\PnkBstrA.exe[556] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322 0000000073041a22 2 bytes [04, 73]
 .text C:\Windows\SysWOW64\PnkBstrA.exe[556] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496 0000000073041ad0 2 bytes [04, 73]
 .text C:\Windows\SysWOW64\PnkBstrA.exe[556] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552 0000000073041b08 2 bytes [04, 73]
 .text C:\Windows\SysWOW64\PnkBstrA.exe[556] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730 0000000073041bba 2 bytes [04, 73]
 .text C:\Windows\SysWOW64\PnkBstrA.exe[556] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762 0000000073041bda 2 bytes [04, 73]
 .text C:\Windows\SysWOW64\PnkBstrA.exe[556] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076bf1465 2 bytes [BF, 76]
 .text C:\Windows\SysWOW64\PnkBstrA.exe[556] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076bf14bb 2 bytes [BF, 76]
 .text ... * 2
 .text C:\Windows\system32\Dwm.exe[2536] C:\Windows\system32\ws2_32.dll!connect + 1 000007fefdce45c1 5 bytes {JMP QWORD [RIP-0x7fef458e]}
 .text C:\Windows\system32\Dwm.exe[2536] C:\Windows\system32\ws2_32.dll!getsockname 000007fefdce9480 6 bytes {JMP QWORD [RIP-0x7fed941e]}
 .text C:\Windows\system32\Dwm.exe[2536] C:\Windows\system32\ws2_32.dll!WSAConnect 000007fefdd0e0f0 6 bytes {JMP QWORD [RIP-0x7fefe0be]}
 .text C:\Windows\system32\Dwm.exe[2536] C:\Windows\system32\ws2_32.dll!getpeername 000007fefdd0e450 6 bytes {JMP QWORD [RIP-0x7fefe3be]}
 .text C:\Windows\Explorer.EXE[2608] C:\Windows\system32\WS2_32.dll!connect + 1 000007fefdce45c1 5 bytes {JMP QWORD [RIP-0x7fef458e]}
 .text C:\Windows\Explorer.EXE[2608] C:\Windows\system32\WS2_32.dll!getsockname 000007fefdce9480 6 bytes {JMP QWORD [RIP-0x7fed941e]}
 .text C:\Windows\Explorer.EXE[2608] C:\Windows\system32\WS2_32.dll!WSAConnect 000007fefdd0e0f0 6 bytes {JMP QWORD [RIP-0x7fefe0be]}
 .text C:\Windows\Explorer.EXE[2608] C:\Windows\system32\WS2_32.dll!getpeername 000007fefdd0e450 6 bytes {JMP QWORD [RIP-0x7fefe3be]}
 .text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2900] C:\Windows\system32\ws2_32.dll!connect + 1 000007fefdce45c1 5 bytes {JMP QWORD [RIP-0x7fef458e]}
 .text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2900] C:\Windows\system32\ws2_32.dll!getsockname 000007fefdce9480 6 bytes {JMP QWORD [RIP-0x7fed941e]}
 .text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2900] C:\Windows\system32\ws2_32.dll!WSAConnect 000007fefdd0e0f0 6 bytes {JMP QWORD [RIP-0x7fefe0be]}
 .text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2900] C:\Windows\system32\ws2_32.dll!getpeername 000007fefdd0e450 6 bytes {JMP QWORD [RIP-0x7fefe3be]}
 .text C:\Program Files\SmartTechnology\Software\SaiMfd.exe[2912] C:\Windows\system32\ws2_32.dll!connect + 1 000007fefdce45c1 5 bytes {JMP QWORD [RIP-0x7fef458e]}
 .text C:\Program Files\SmartTechnology\Software\SaiMfd.exe[2912] C:\Windows\system32\ws2_32.dll!getsockname 000007fefdce9480 6 bytes {JMP QWORD [RIP-0x7fed941e]}
 .text C:\Program Files\SmartTechnology\Software\SaiMfd.exe[2912] C:\Windows\system32\ws2_32.dll!WSAConnect 000007fefdd0e0f0 6 bytes {JMP QWORD [RIP-0x7fefe0be]}
 .text C:\Program Files\SmartTechnology\Software\SaiMfd.exe[2912] C:\Windows\system32\ws2_32.dll!getpeername 000007fefdd0e450 6 bytes {JMP QWORD [RIP-0x7fefe3be]}
 .text C:\Program Files\Logitech Gaming Software\LCore.exe[2920] C:\Windows\system32\WS2_32.dll!connect + 1 000007fefdce45c1 5 bytes {JMP QWORD [RIP-0x7fef458e]}
 .text C:\Program Files\Logitech Gaming Software\LCore.exe[2920] C:\Windows\system32\WS2_32.dll!getsockname 000007fefdce9480 6 bytes {JMP QWORD [RIP-0x7fed941e]}
 .text C:\Program Files\Logitech Gaming Software\LCore.exe[2920] C:\Windows\system32\WS2_32.dll!WSAConnect 000007fefdd0e0f0 6 bytes {JMP QWORD [RIP-0x7fefe0be]}
 .text C:\Program Files\Logitech Gaming Software\LCore.exe[2920] C:\Windows\system32\WS2_32.dll!getpeername 000007fefdd0e450 6 bytes {JMP QWORD [RIP-0x7fefe3be]}
 .text C:\Program Files\NetLimiter 3\NLClientApp.exe[2932] C:\Windows\system32\WS2_32.dll!connect + 1 000007fefdce45c1 5 bytes {JMP QWORD [RIP-0x7fef458e]}
 .text C:\Program Files\NetLimiter 3\NLClientApp.exe[2932] C:\Windows\system32\WS2_32.dll!getsockname 000007fefdce9480 6 bytes {JMP QWORD [RIP-0x7fed941e]}
 .text C:\Program Files\NetLimiter 3\NLClientApp.exe[2932] C:\Windows\system32\WS2_32.dll!WSAConnect 000007fefdd0e0f0 6 bytes {JMP QWORD [RIP-0x7fefe0be]}
 .text C:\Program Files\NetLimiter 3\NLClientApp.exe[2932] C:\Windows\system32\WS2_32.dll!getpeername 000007fefdd0e450 6 bytes {JMP QWORD [RIP-0x7fefe3be]}
 .text C:\Users\Traveler\AppData\Roaming\uTorrent\uTorrent.exe[2944] C:\Windows\syswow64\WS2_32.dll!getsockname 00000000769930af 5 bytes JMP 000000010257008d
 .text C:\Users\Traveler\AppData\Roaming\uTorrent\uTorrent.exe[2944] C:\Windows\syswow64\WS2_32.dll!connect 0000000076996bdd 5 bytes JMP 000000010257002d
 .text C:\Users\Traveler\AppData\Roaming\uTorrent\uTorrent.exe[2944] C:\Windows\syswow64\WS2_32.dll!getpeername 0000000076997147 5 bytes JMP 00000001025700bd
 .text C:\Users\Traveler\AppData\Roaming\uTorrent\uTorrent.exe[2944] C:\Windows\syswow64\WS2_32.dll!WSAConnect 000000007699cc3f 5 bytes JMP 000000010257005d
 .text C:\Users\Traveler\AppData\Roaming\uTorrent\uTorrent.exe[2944] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076bf1465 2 bytes [BF, 76]
 .text C:\Users\Traveler\AppData\Roaming\uTorrent\uTorrent.exe[2944] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076bf14bb 2 bytes [BF, 76]
 .text ... * 2
 .text C:\Users\Traveler\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe[2960] C:\Windows\syswow64\WS2_32.dll!getsockname 00000000769930af 5 bytes JMP 000000010058008d
 .text C:\Users\Traveler\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe[2960] C:\Windows\syswow64\WS2_32.dll!connect 0000000076996bdd 5 bytes JMP 000000010058002d
 .text C:\Users\Traveler\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe[2960] C:\Windows\syswow64\WS2_32.dll!getpeername 0000000076997147 5 bytes JMP 00000001005800bd
 .text C:\Users\Traveler\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe[2960] C:\Windows\syswow64\WS2_32.dll!WSAConnect 000000007699cc3f 5 bytes JMP 000000010058005d
 .text C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe[3124] C:\Windows\syswow64\ws2_32.dll!getsockname 00000000769930af 5 bytes JMP 0000000100be008d
 .text C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe[3124] C:\Windows\syswow64\ws2_32.dll!connect 0000000076996bdd 5 bytes JMP 0000000100be002d
 .text C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe[3124] C:\Windows\syswow64\ws2_32.dll!getpeername 0000000076997147 5 bytes JMP 0000000100be00bd
 .text C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe[3124] C:\Windows\syswow64\ws2_32.dll!WSAConnect 000000007699cc3f 5 bytes JMP 0000000100be005d
 .text C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe[3124] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000076bf1465 2 bytes [BF, 76]
 .text C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe[3124] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 0000000076bf14bb 2 bytes [BF, 76]
 .text ... * 2
 .text C:\PROGRA~2\Raptr\raptr.exe[3140] C:\Windows\syswow64\USER32.dll!DispatchMessageW 0000000076ea787b 5 bytes JMP 00000001643202f0
 .text C:\PROGRA~2\Raptr\raptr.exe[3140] C:\Windows\syswow64\USER32.dll!DispatchMessageA 0000000076ea7bbb 5 bytes JMP 00000001643202c0
 .text C:\PROGRA~2\Raptr\raptr.exe[3140] C:\Windows\syswow64\USER32.dll!CreateWindowExW 0000000076ea8a29 5 bytes JMP 0000000164320c70
 .text C:\PROGRA~2\Raptr\raptr.exe[3140] C:\Windows\syswow64\USER32.dll!SetWindowPos 0000000076ea8e4e 5 bytes JMP 0000000164320450
 .text C:\PROGRA~2\Raptr\raptr.exe[3140] C:\Windows\syswow64\USER32.dll!DestroyWindow 0000000076ea9a55 5 bytes JMP 0000000164320420
 .text C:\PROGRA~2\Raptr\raptr.exe[3140] C:\Windows\syswow64\USER32.dll!CreateWindowExA 0000000076ead22e 5 bytes JMP 0000000164320b40
 .text C:\PROGRA~2\Raptr\raptr.exe[3140] C:\Windows\syswow64\USER32.dll!PeekMessageW 0000000076eb05ba 5 bytes JMP 0000000164320610
 .text C:\PROGRA~2\Raptr\raptr.exe[3140] C:\Windows\syswow64\USER32.dll!ShowWindow 0000000076eb0dfb 5 bytes JMP 0000000164320320
 .text C:\PROGRA~2\Raptr\raptr.exe[3140] C:\Windows\syswow64\USER32.dll!EndPaint 0000000076eb1341 5 bytes JMP 00000001643206f0
 .text C:\PROGRA~2\Raptr\raptr.exe[3140] C:\Windows\syswow64\USER32.dll!BeginPaint 0000000076eb1361 5 bytes JMP 0000000164320690
 .text C:\PROGRA~2\Raptr\raptr.exe[3140] C:\Windows\syswow64\USER32.dll!UpdateLayeredWindowIndirect 0000000076eb28da 5 bytes JMP 0000000164320ac0
 .text C:\PROGRA~2\Raptr\raptr.exe[3140] C:\Windows\syswow64\USER32.dll!SetCursor 0000000076eb41f6 5 bytes JMP 000000016431fe00
 .text C:\PROGRA~2\Raptr\raptr.exe[3140] C:\Windows\syswow64\USER32.dll!PeekMessageA 0000000076eb5f74 5 bytes JMP 00000001643205b0
 .text C:\PROGRA~2\Raptr\raptr.exe[3140] C:\Windows\syswow64\USER32.dll!BringWindowToTop 0000000076eb7b3b 5 bytes JMP 0000000164320670
 .text C:\PROGRA~2\Raptr\raptr.exe[3140] C:\Windows\syswow64\USER32.dll!AnimateWindow 0000000076ebb531 5 bytes JMP 00000001643204c0
 .text C:\PROGRA~2\Raptr\raptr.exe[3140] C:\Windows\syswow64\USER32.dll!UpdateLayeredWindow 0000000076ebba4a 5 bytes JMP 00000001643209f0
 .text C:\PROGRA~2\Raptr\raptr.exe[3140] C:\Windows\syswow64\USER32.dll!WindowFromPoint 0000000076eced12 5 bytes JMP 000000016431fe20
 .text C:\PROGRA~2\Raptr\raptr.exe[3140] C:\Windows\syswow64\USER32.dll!SetCapture 0000000076eced56 5 bytes JMP 0000000164320590
 .text C:\PROGRA~2\Raptr\raptr.exe[3140] C:\Windows\syswow64\USER32.dll!SetForegroundWindow 0000000076ecf170 5 bytes JMP 0000000164320550
 .text C:\PROGRA~2\Raptr\raptr.exe[3140] C:\Windows\syswow64\GDI32.dll!BitBlt 00000000760e5ea6 5 bytes JMP 000000016431fe50
 .text C:\PROGRA~2\Raptr\raptr.exe[3140] C:\Windows\syswow64\WS2_32.dll!getsockname 00000000769930af 5 bytes JMP 000000010350008d
 .text C:\PROGRA~2\Raptr\raptr.exe[3140] C:\Windows\syswow64\WS2_32.dll!connect 0000000076996bdd 5 bytes JMP 000000010350002d
 .text C:\PROGRA~2\Raptr\raptr.exe[3140] C:\Windows\syswow64\WS2_32.dll!getpeername 0000000076997147 5 bytes JMP 00000001035000bd
 .text C:\PROGRA~2\Raptr\raptr.exe[3140] C:\Windows\syswow64\WS2_32.dll!WSAConnect 000000007699cc3f 5 bytes JMP 000000010350005d
 .text C:\PROGRA~2\Raptr\raptr.exe[3140] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 69 0000000076bf1465 2 bytes [BF, 76]
 .text C:\PROGRA~2\Raptr\raptr.exe[3140] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 155 0000000076bf14bb 2 bytes [BF, 76]
 .text ... * 2
 .text C:\Windows\system32\taskhost.exe[3644] C:\Windows\system32\ws2_32.dll!connect + 1 000007fefdce45c1 5 bytes {JMP QWORD [RIP-0x7fef458e]}
 .text C:\Windows\system32\taskhost.exe[3644] C:\Windows\system32\ws2_32.dll!getsockname 000007fefdce9480 6 bytes {JMP QWORD [RIP-0x7fed941e]}
 .text C:\Windows\system32\taskhost.exe[3644] C:\Windows\system32\ws2_32.dll!WSAConnect 000007fefdd0e0f0 6 bytes {JMP QWORD [RIP-0x7fefe0be]}
 .text C:\Windows\system32\taskhost.exe[3644] C:\Windows\system32\ws2_32.dll!getpeername 000007fefdd0e450 6 bytes {JMP QWORD [RIP-0x7fefe3be]}
 .text C:\PROGRA~2\Raptr\raptr_im.exe[4488] C:\Windows\syswow64\WS2_32.dll!getsockname 00000000769930af 5 bytes JMP 00000001004b008d
 .text C:\PROGRA~2\Raptr\raptr_im.exe[4488] C:\Windows\syswow64\WS2_32.dll!connect 0000000076996bdd 5 bytes JMP 00000001004b002d
 .text C:\PROGRA~2\Raptr\raptr_im.exe[4488] C:\Windows\syswow64\WS2_32.dll!getpeername 0000000076997147 5 bytes JMP 00000001004b00bd
 .text C:\PROGRA~2\Raptr\raptr_im.exe[4488] C:\Windows\syswow64\WS2_32.dll!WSAConnect 000000007699cc3f 5 bytes JMP 00000001004b005d
 .text C:\PROGRA~2\Raptr\raptr_im.exe[4488] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076bf1465 2 bytes [BF, 76]
 .text C:\PROGRA~2\Raptr\raptr_im.exe[4488] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076bf14bb 2 bytes [BF, 76]
 .text ... * 2
 .text C:\Windows\system32\taskeng.exe[4484] C:\Windows\system32\ws2_32.dll!connect + 1 000007fefdce45c1 5 bytes {JMP QWORD [RIP-0x7fef458e]}
 .text C:\Windows\system32\taskeng.exe[4484] C:\Windows\system32\ws2_32.dll!getsockname 000007fefdce9480 6 bytes {JMP QWORD [RIP-0x7fed941e]}
 .text C:\Windows\system32\taskeng.exe[4484] C:\Windows\system32\ws2_32.dll!WSAConnect 000007fefdd0e0f0 6 bytes {JMP QWORD [RIP-0x7fefe0be]}
 .text C:\Windows\system32\taskeng.exe[4484] C:\Windows\system32\ws2_32.dll!getpeername 000007fefdd0e450 6 bytes {JMP QWORD [RIP-0x7fefe3be]}
 .text C:\Program Files (x86)\Mozilla Firefox\firefox.exe[7048] C:\Windows\SYSTEM32\ntdll.dll!RtlWalkHeap + 5 00000000772211f5 8 bytes {JMP 0xd}
 .text C:\Program Files (x86)\Mozilla Firefox\firefox.exe[7048] C:\Windows\SYSTEM32\ntdll.dll!RtlWalkHeap + 416 0000000077221390 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Mozilla Firefox\firefox.exe[7048] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 159 000000007722143f 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Mozilla Firefox\firefox.exe[7048] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 492 000000007722158c 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Mozilla Firefox\firefox.exe[7048] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 126 000000007722191e 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Mozilla Firefox\firefox.exe[7048] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 636 0000000077221b1c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Mozilla Firefox\firefox.exe[7048] C:\Windows\SYSTEM32\ntdll.dll!_vsnwprintf_s + 204 0000000077221bf0 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Mozilla Firefox\firefox.exe[7048] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 373 0000000077221d75 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Mozilla Firefox\firefox.exe[7048] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 691 0000000077221eb3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Mozilla Firefox\firefox.exe[7048] C:\Windows\SYSTEM32\ntdll.dll!isalpha + 31 0000000077221edf 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Mozilla Firefox\firefox.exe[7048] C:\Windows\SYSTEM32\ntdll.dll!_ui64toa + 84 0000000077221f64 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Mozilla Firefox\firefox.exe[7048] C:\Windows\SYSTEM32\ntdll.dll!_strnicmp + 81 0000000077221fbd 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Mozilla Firefox\firefox.exe[7048] C:\Windows\SYSTEM32\ntdll.dll!RtlImpersonateSelf + 7 0000000077221fd7 8 bytes {JMP 0xb}
 .text C:\Program Files (x86)\Mozilla Firefox\firefox.exe[7048] C:\Windows\SYSTEM32\ntdll.dll!RtlImpersonateSelfEx + 658 0000000077222272 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Mozilla Firefox\firefox.exe[7048] C:\Windows\SYSTEM32\ntdll.dll!RtlImpersonateSelfEx + 801 0000000077222301 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Mozilla Firefox\firefox.exe[7048] C:\Windows\SYSTEM32\ntdll.dll!RtlInstallFunctionTableCallback + 578 0000000077222792 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Mozilla Firefox\firefox.exe[7048] C:\Windows\SYSTEM32\ntdll.dll!RtlIsGenericTableEmptyAvl + 16 00000000772227b0 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Mozilla Firefox\firefox.exe[7048] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableAvl + 18 00000000772227d2 8 bytes {JMP 0x10}
 .text C:\Program Files (x86)\Mozilla Firefox\firefox.exe[7048] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 79 000000007722282f 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Mozilla Firefox\firefox.exe[7048] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 176 0000000077222890 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text ... * 2
 .text C:\Program Files (x86)\Mozilla Firefox\firefox.exe[7048] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 299 0000000077222d1b 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Mozilla Firefox\firefox.exe[7048] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 367 0000000077222d5f 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text ... * 3
 .text C:\Program Files (x86)\Mozilla Firefox\firefox.exe[7048] C:\Windows\SYSTEM32\ntdll.dll!RtlCutoverTimeToSystemTime + 483 0000000077223023 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Mozilla Firefox\firefox.exe[7048] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 523 000000007722323b 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Mozilla Firefox\firefox.exe[7048] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 912 00000000772233c0 16 bytes {JMP 0x4e}
 .text C:\Program Files (x86)\Mozilla Firefox\firefox.exe[7048] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 318 0000000077223a5e 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Mozilla Firefox\firefox.exe[7048] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 403 0000000077223ab3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Mozilla Firefox\firefox.exe[7048] C:\Windows\SYSTEM32\ntdll.dll!RtlpCheckDynamicTimeZoneInformation + 197 0000000077223b85 8 bytes [10, 6A, F8, FF, 00, 00, 00, ...]
 .text C:\Program Files (x86)\Mozilla Firefox\firefox.exe[7048] C:\Windows\SYSTEM32\ntdll.dll!RtlpCheckDynamicTimeZoneInformation + 611 0000000077223d23 8 bytes [00, 6A, F8, FF, 00, 00, 00, ...]
 .text C:\Program Files (x86)\Mozilla Firefox\firefox.exe[7048] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetLCIDFromLangInfoNode + 80 0000000077224190 8 bytes [A0, 69, F8, FF, 00, 00, 00, ...]
 .text C:\Program Files (x86)\Mozilla Firefox\firefox.exe[7048] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread 0000000077271380 8 bytes JMP 3f3f3f3f
 .text C:\Program Files (x86)\Mozilla Firefox\firefox.exe[7048] C:\Windows\SYSTEM32\ntdll.dll!NtQueryInformationThread 0000000077271500 8 bytes JMP 3f3f3f3f
 .text C:\Program Files (x86)\Mozilla Firefox\firefox.exe[7048] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 0000000077271530 8 bytes JMP 3f3f3f3f
 .text C:\Program Files (x86)\Mozilla Firefox\firefox.exe[7048] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 0000000077271650 8 bytes JMP a23f3f3f
 .text C:\Program Files (x86)\Mozilla Firefox\firefox.exe[7048] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThread 0000000077271700 8 bytes JMP 3f3f3f3f
 .text C:\Program Files (x86)\Mozilla Firefox\firefox.exe[7048] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 0000000077271d30 8 bytes JMP 3f3f3f3f
 .text C:\Program Files (x86)\Mozilla Firefox\firefox.exe[7048] C:\Windows\SYSTEM32\ntdll.dll!NtGetContextThread 0000000077271f80 8 bytes JMP 3f3f3f3f
 .text C:\Program Files (x86)\Mozilla Firefox\firefox.exe[7048] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread 00000000772727e0 8 bytes JMP 3f3f3f3f
 .text C:\Program Files (x86)\Mozilla Firefox\firefox.exe[7048] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 312 0000000074d513cc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Mozilla Firefox\firefox.exe[7048] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 471 0000000074d5146b 8 bytes {JMP 0xffffffffffffffb0}
 .text C:\Program Files (x86)\Mozilla Firefox\firefox.exe[7048] C:\Windows\SYSTEM32\wow64cpu.dll!CpuProcessInit + 611 0000000074d516d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Mozilla Firefox\firefox.exe[7048] C:\Windows\SYSTEM32\wow64cpu.dll!CpuProcessTerm + 3 0000000074d516e3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Mozilla Firefox\firefox.exe[7048] C:\Windows\SYSTEM32\wow64cpu.dll!CpuGetStackPointer + 23 0000000074d519db 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Mozilla Firefox\firefox.exe[7048] C:\Windows\SYSTEM32\wow64cpu.dll!CpuSetStackPointer + 23 0000000074d519fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Mozilla Firefox\firefox.exe[7048] C:\Windows\SYSTEM32\wow64cpu.dll!CpuSetInstructionPointer + 23 0000000074d51a1b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Mozilla Firefox\firefox.exe[7048] C:\Windows\SYSTEM32\wow64cpu.dll!CpuNotifyAffinityChange + 3 0000000074d51a27 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Mozilla Firefox\firefox.exe[7048] C:\Windows\SYSTEM32\wow64cpu.dll!CpuFlushInstructionCache + 23 0000000074d51a63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Mozilla Firefox\firefox.exe[7048] C:\Windows\SYSTEM32\wow64cpu.dll!CpuProcessDebugEvent + 3 0000000074d51a6f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3792] C:\Windows\SYSTEM32\ntdll.dll!RtlWalkHeap + 5 00000000772211f5 8 bytes {JMP 0xd}
 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3792] C:\Windows\SYSTEM32\ntdll.dll!RtlWalkHeap + 416 0000000077221390 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3792] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 159 000000007722143f 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3792] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 492 000000007722158c 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3792] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 126 000000007722191e 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3792] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 636 0000000077221b1c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3792] C:\Windows\SYSTEM32\ntdll.dll!_vsnwprintf_s + 204 0000000077221bf0 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3792] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 373 0000000077221d75 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3792] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 691 0000000077221eb3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3792] C:\Windows\SYSTEM32\ntdll.dll!isalpha + 31 0000000077221edf 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3792] C:\Windows\SYSTEM32\ntdll.dll!_ui64toa + 84 0000000077221f64 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3792] C:\Windows\SYSTEM32\ntdll.dll!_strnicmp + 81 0000000077221fbd 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3792] C:\Windows\SYSTEM32\ntdll.dll!RtlImpersonateSelf + 7 0000000077221fd7 8 bytes {JMP 0xb}
 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3792] C:\Windows\SYSTEM32\ntdll.dll!RtlImpersonateSelfEx + 658 0000000077222272 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3792] C:\Windows\SYSTEM32\ntdll.dll!RtlImpersonateSelfEx + 801 0000000077222301 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3792] C:\Windows\SYSTEM32\ntdll.dll!RtlInstallFunctionTableCallback + 578 0000000077222792 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3792] C:\Windows\SYSTEM32\ntdll.dll!RtlIsGenericTableEmptyAvl + 16 00000000772227b0 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3792] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableAvl + 18 00000000772227d2 8 bytes {JMP 0x10}
 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3792] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 79 000000007722282f 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3792] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 176 0000000077222890 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text ... * 2
 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3792] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 299 0000000077222d1b 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3792] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 367 0000000077222d5f 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text ... * 3
 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3792] C:\Windows\SYSTEM32\ntdll.dll!RtlCutoverTimeToSystemTime + 483 0000000077223023 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3792] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 523 000000007722323b 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3792] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 912 00000000772233c0 16 bytes {JMP 0x4e}
 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3792] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 318 0000000077223a5e 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3792] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 403 0000000077223ab3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3792] C:\Windows\SYSTEM32\ntdll.dll!RtlpCheckDynamicTimeZoneInformation + 197 0000000077223b85 8 bytes [10, 6A, F8, 7E, 00, 00, 00, ...]
 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3792] C:\Windows\SYSTEM32\ntdll.dll!RtlpCheckDynamicTimeZoneInformation + 611 0000000077223d23 8 bytes [00, 6A, F8, 7E, 00, 00, 00, ...]
 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3792] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetLCIDFromLangInfoNode + 80 0000000077224190 8 bytes [A0, 69, F8, 7E, 00, 00, 00, ...]
 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3792] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread 0000000077271380 8 bytes {JMP QWORD [RIP-0x4d4cf]}
 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3792] C:\Windows\SYSTEM32\ntdll.dll!NtQueryInformationThread 0000000077271500 8 bytes {JMP QWORD [RIP-0x4d498]}
 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3792] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 0000000077271530 8 bytes {JMP QWORD [RIP-0x4d9b1]}
 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3792] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 0000000077271650 8 bytes {JMP QWORD [RIP-0x4d7a7]}
 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3792] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThread 0000000077271700 8 bytes {JMP QWORD [RIP-0x4d9e3]}
 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3792] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 0000000077271d30 8 bytes {JMP QWORD [RIP-0x4dba6]}
 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3792] C:\Windows\SYSTEM32\ntdll.dll!NtGetContextThread 0000000077271f80 8 bytes {JMP QWORD [RIP-0x4de55]}
 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3792] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread 00000000772727e0 8 bytes {JMP QWORD [RIP-0x4e770]}
 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3792] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 312 0000000074d513cc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3792] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 471 0000000074d5146b 8 bytes {JMP 0xffffffffffffffb0}
 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3792] C:\Windows\SYSTEM32\wow64cpu.dll!CpuProcessInit + 611 0000000074d516d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3792] C:\Windows\SYSTEM32\wow64cpu.dll!CpuProcessTerm + 3 0000000074d516e3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3792] C:\Windows\SYSTEM32\wow64cpu.dll!CpuGetStackPointer + 23 0000000074d519db 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3792] C:\Windows\SYSTEM32\wow64cpu.dll!CpuSetStackPointer + 23 0000000074d519fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3792] C:\Windows\SYSTEM32\wow64cpu.dll!CpuSetInstructionPointer + 23 0000000074d51a1b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3792] C:\Windows\SYSTEM32\wow64cpu.dll!CpuNotifyAffinityChange + 3 0000000074d51a27 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3792] C:\Windows\SYSTEM32\wow64cpu.dll!CpuFlushInstructionCache + 23 0000000074d51a63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3792] C:\Windows\SYSTEM32\wow64cpu.dll!CpuProcessDebugEvent + 3 0000000074d51a6f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text G:\Instalki\Kaspersky Internet Security\x1fb96yu.exe[5016] C:\Windows\SYSTEM32\ntdll.dll!RtlWalkHeap + 5 00000000772211f5 8 bytes {JMP 0xd}
 .text G:\Instalki\Kaspersky Internet Security\x1fb96yu.exe[5016] C:\Windows\SYSTEM32\ntdll.dll!RtlWalkHeap + 416 0000000077221390 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text G:\Instalki\Kaspersky Internet Security\x1fb96yu.exe[5016] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 159 000000007722143f 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text G:\Instalki\Kaspersky Internet Security\x1fb96yu.exe[5016] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 492 000000007722158c 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text G:\Instalki\Kaspersky Internet Security\x1fb96yu.exe[5016] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 126 000000007722191e 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text G:\Instalki\Kaspersky Internet Security\x1fb96yu.exe[5016] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 636 0000000077221b1c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text G:\Instalki\Kaspersky Internet Security\x1fb96yu.exe[5016] C:\Windows\SYSTEM32\ntdll.dll!_vsnwprintf_s + 204 0000000077221bf0 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text G:\Instalki\Kaspersky Internet Security\x1fb96yu.exe[5016] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 373 0000000077221d75 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text G:\Instalki\Kaspersky Internet Security\x1fb96yu.exe[5016] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 691 0000000077221eb3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text G:\Instalki\Kaspersky Internet Security\x1fb96yu.exe[5016] C:\Windows\SYSTEM32\ntdll.dll!isalpha + 31 0000000077221edf 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text G:\Instalki\Kaspersky Internet Security\x1fb96yu.exe[5016] C:\Windows\SYSTEM32\ntdll.dll!_ui64toa + 84 0000000077221f64 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text G:\Instalki\Kaspersky Internet Security\x1fb96yu.exe[5016] C:\Windows\SYSTEM32\ntdll.dll!_strnicmp + 81 0000000077221fbd 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text G:\Instalki\Kaspersky Internet Security\x1fb96yu.exe[5016] C:\Windows\SYSTEM32\ntdll.dll!RtlImpersonateSelf + 7 0000000077221fd7 8 bytes {JMP 0xb}
 .text G:\Instalki\Kaspersky Internet Security\x1fb96yu.exe[5016] C:\Windows\SYSTEM32\ntdll.dll!RtlImpersonateSelfEx + 658 0000000077222272 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text G:\Instalki\Kaspersky Internet Security\x1fb96yu.exe[5016] C:\Windows\SYSTEM32\ntdll.dll!RtlImpersonateSelfEx + 801 0000000077222301 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text G:\Instalki\Kaspersky Internet Security\x1fb96yu.exe[5016] C:\Windows\SYSTEM32\ntdll.dll!RtlInstallFunctionTableCallback + 578 0000000077222792 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text G:\Instalki\Kaspersky Internet Security\x1fb96yu.exe[5016] C:\Windows\SYSTEM32\ntdll.dll!RtlIsGenericTableEmptyAvl + 16 00000000772227b0 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text G:\Instalki\Kaspersky Internet Security\x1fb96yu.exe[5016] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableAvl + 18 00000000772227d2 8 bytes {JMP 0x10}
 .text G:\Instalki\Kaspersky Internet Security\x1fb96yu.exe[5016] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 79 000000007722282f 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text G:\Instalki\Kaspersky Internet Security\x1fb96yu.exe[5016] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 176 0000000077222890 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text ... * 2
 .text G:\Instalki\Kaspersky Internet Security\x1fb96yu.exe[5016] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 299 0000000077222d1b 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text G:\Instalki\Kaspersky Internet Security\x1fb96yu.exe[5016] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 367 0000000077222d5f 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text ... * 3
 .text G:\Instalki\Kaspersky Internet Security\x1fb96yu.exe[5016] C:\Windows\SYSTEM32\ntdll.dll!RtlCutoverTimeToSystemTime + 483 0000000077223023 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text G:\Instalki\Kaspersky Internet Security\x1fb96yu.exe[5016] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 523 000000007722323b 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text G:\Instalki\Kaspersky Internet Security\x1fb96yu.exe[5016] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 912 00000000772233c0 16 bytes {JMP 0x4e}
 .text G:\Instalki\Kaspersky Internet Security\x1fb96yu.exe[5016] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 318 0000000077223a5e 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text G:\Instalki\Kaspersky Internet Security\x1fb96yu.exe[5016] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 403 0000000077223ab3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text G:\Instalki\Kaspersky Internet Security\x1fb96yu.exe[5016] C:\Windows\SYSTEM32\ntdll.dll!RtlpCheckDynamicTimeZoneInformation + 197 0000000077223b85 8 bytes [10, 6A, F8, 7E, 00, 00, 00, ...]
 .text G:\Instalki\Kaspersky Internet Security\x1fb96yu.exe[5016] C:\Windows\SYSTEM32\ntdll.dll!RtlpCheckDynamicTimeZoneInformation + 611 0000000077223d23 8 bytes [00, 6A, F8, 7E, 00, 00, 00, ...]
 .text G:\Instalki\Kaspersky Internet Security\x1fb96yu.exe[5016] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetLCIDFromLangInfoNode + 80 0000000077224190 8 bytes [A0, 69, F8, 7E, 00, 00, 00, ...]
 .text G:\Instalki\Kaspersky Internet Security\x1fb96yu.exe[5016] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread 0000000077271380 8 bytes {JMP QWORD [RIP-0x4d4cf]}
 .text G:\Instalki\Kaspersky Internet Security\x1fb96yu.exe[5016] C:\Windows\SYSTEM32\ntdll.dll!NtQueryInformationThread 0000000077271500 8 bytes {JMP QWORD [RIP-0x4d498]}
 .text G:\Instalki\Kaspersky Internet Security\x1fb96yu.exe[5016] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 0000000077271530 8 bytes {JMP QWORD [RIP-0x4d9b1]}
 .text G:\Instalki\Kaspersky Internet Security\x1fb96yu.exe[5016] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 0000000077271650 8 bytes {JMP QWORD [RIP-0x4d7a7]}
 .text G:\Instalki\Kaspersky Internet Security\x1fb96yu.exe[5016] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThread 0000000077271700 8 bytes {JMP QWORD [RIP-0x4d9e3]}
 .text G:\Instalki\Kaspersky Internet Security\x1fb96yu.exe[5016] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 0000000077271d30 8 bytes {JMP QWORD [RIP-0x4dba6]}
 .text G:\Instalki\Kaspersky Internet Security\x1fb96yu.exe[5016] C:\Windows\SYSTEM32\ntdll.dll!NtGetContextThread 0000000077271f80 8 bytes {JMP QWORD [RIP-0x4de55]}
 .text G:\Instalki\Kaspersky Internet Security\x1fb96yu.exe[5016] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread 00000000772727e0 8 bytes {JMP QWORD [RIP-0x4e770]}
 .text G:\Instalki\Kaspersky Internet Security\x1fb96yu.exe[5016] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 312 0000000074d513cc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text G:\Instalki\Kaspersky Internet Security\x1fb96yu.exe[5016] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 471 0000000074d5146b 8 bytes {JMP 0xffffffffffffffb0}
 .text G:\Instalki\Kaspersky Internet Security\x1fb96yu.exe[5016] C:\Windows\SYSTEM32\wow64cpu.dll!CpuProcessInit + 611 0000000074d516d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text G:\Instalki\Kaspersky Internet Security\x1fb96yu.exe[5016] C:\Windows\SYSTEM32\wow64cpu.dll!CpuProcessTerm + 3 0000000074d516e3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text G:\Instalki\Kaspersky Internet Security\x1fb96yu.exe[5016] C:\Windows\SYSTEM32\wow64cpu.dll!CpuGetStackPointer + 23 0000000074d519db 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text G:\Instalki\Kaspersky Internet Security\x1fb96yu.exe[5016] C:\Windows\SYSTEM32\wow64cpu.dll!CpuSetStackPointer + 23 0000000074d519fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text G:\Instalki\Kaspersky Internet Security\x1fb96yu.exe[5016] C:\Windows\SYSTEM32\wow64cpu.dll!CpuSetInstructionPointer + 23 0000000074d51a1b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text G:\Instalki\Kaspersky Internet Security\x1fb96yu.exe[5016] C:\Windows\SYSTEM32\wow64cpu.dll!CpuNotifyAffinityChange + 3 0000000074d51a27 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text G:\Instalki\Kaspersky Internet Security\x1fb96yu.exe[5016] C:\Windows\SYSTEM32\wow64cpu.dll!CpuFlushInstructionCache + 23 0000000074d51a63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 .text G:\Instalki\Kaspersky Internet Security\x1fb96yu.exe[5016] C:\Windows\SYSTEM32\wow64cpu.dll!CpuProcessDebugEvent + 3 0000000074d51a6f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
 ---- Kernel IAT/EAT - GMER 2.1 ----
 IAT C:\Windows\system32\drivers\pci.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack] [fffff88001101c58] \SystemRoot\System32\Drivers\spos.sys [unknown section]
 IAT C:\Windows\system32\drivers\pci.sys[ntoskrnl.exe!IoDetachDevice] [fffff88001101be4] \SystemRoot\System32\Drivers\spos.sys [unknown section]
 IAT C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort] [fffff880010cad50] \SystemRoot\System32\Drivers\spos.sys [unknown section]
 IAT C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUchar] [fffff880010caadc] \SystemRoot\System32\Drivers\spos.sys [unknown section]
 IAT C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUchar] [fffff880010cb4e0] \SystemRoot\System32\Drivers\spos.sys [unknown section]
 IAT C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUlong] [fffff880010ca28c] \SystemRoot\System32\Drivers\spos.sys [unknown section]
 IAT C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort] [fffff880010cb734] \SystemRoot\System32\Drivers\spos.sys [unknown section]
 IAT C:\Windows\system32\drivers\ataport.SYS[ntoskrnl.exe!KeInsertQueueDpc] [fffffa80066f27e0] [unknown section]
 IAT C:\Windows\system32\drivers\USBPORT.SYS[ntoskrnl.exe!KeInsertQueueDpc] [fffffa8007e1d7e0] [unknown section]
 IAT C:\Windows\System32\win32k.sys[ntoskrnl.exe!KeUserModeCallback] [fffff8800490bfec] \SystemRoot\system32\DRIVERS\klif.sys [PAGE]
 ---- Devices - GMER 2.1 ----
 Device \Driver\atapi \Device\Ide\IdeDeviceP2T1L0-4 fffffa80074822c0
 Device \Driver\atapi \Device\Ide\IdePort4 fffffa80074822c0
 Device \Driver\atapi \Device\Ide\IdePort0 fffffa80074822c0
 Device \Driver\atapi \Device\Ide\IdePort5 fffffa80074822c0
 Device \Driver\atapi \Device\Ide\IdePort1 fffffa80074822c0
 Device \Driver\atapi \Device\Ide\IdeDeviceP3T0L0-3 fffffa80074822c0
 Device \Driver\atapi \Device\Ide\IdePort2 fffffa80074822c0
 Device \Driver\atapi \Device\Ide\IdeDeviceP3T1L0-6 fffffa80074822c0
 Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-2 fffffa80074822c0
 Device \Driver\atapi \Device\Ide\IdePort3 fffffa80074822c0
 Device \FileSystem\Ntfs \Ntfs fffffa80074882c0
 Device \Driver\usbuhci \Device\USBFDO-7 fffffa8007e1f2c0
 Device \Driver\usbuhci \Device\USBPDO-5 fffffa8007e1f2c0
 Device \Driver\usbehci \Device\USBFDO-3 fffffa8007eab2c0
 Device \Driver\usbuhci \Device\USBPDO-1 fffffa8007e1f2c0
 Device \Driver\cdrom \Device\CdRom0 fffffa8007ac22c0
 Device \Driver\NetBT \Device\NetBT_Tcpip_{812BC77A-99EA-4CC7-9214-33660597BEC6} fffffa8007bc02c0
 Device \Driver\NetBT \Device\NetBT_Tcpip_{2F7064A7-26C8-4F79-8950-B1A240BCFA44} fffffa8007bc02c0
 Device \Driver\usbehci \Device\USBFDO-8 fffffa8007eab2c0
 Device \Driver\usbuhci \Device\USBPDO-6 fffffa8007e1f2c0
 Device \Driver\usbuhci \Device\USBFDO-4 fffffa8007e1f2c0
 Device \Driver\usbuhci \Device\USBPDO-2 fffffa8007e1f2c0
 Device \Driver\usbuhci \Device\USBFDO-0 fffffa8007e1f2c0
 Device \Driver\usbuhci \Device\USBPDO-7 fffffa8007e1f2c0
 Device \Driver\usbuhci \Device\USBFDO-5 fffffa8007e1f2c0
 Device \Driver\usbehci \Device\USBPDO-3 fffffa8007eab2c0
 Device \Driver\usbuhci \Device\USBFDO-1 fffffa8007e1f2c0
 Device \Driver\volmgr \Device\HarddiskVolume1 fffffa80066f62c0
 Device \Driver\volmgr \Device\FtControl fffffa80066f62c0
 Device \Driver\volmgr \Device\VolMgrControl fffffa80066f62c0
 Device \Driver\volmgr \Device\HarddiskVolume2 fffffa80066f62c0
 Device \Driver\volmgr \Device\HarddiskVolume3 fffffa80066f62c0
 Device \Driver\volmgr \Device\HarddiskVolume4 fffffa80066f62c0
 Device \Driver\volmgr \Device\HarddiskVolume5 fffffa80066f62c0
 Device \Driver\NetBT \Device\NetBT_Tcpip_{D395B88C-BE42-4389-B68D-0FB8DAD83354} fffffa8007bc02c0
 Device \Driver\volmgr \Device\HarddiskVolume6 fffffa80066f62c0
 Device \Driver\volmgr \Device\HarddiskVolume7 fffffa80066f62c0
 Device \Driver\NetBT \Device\NetBt_Wins_Export fffffa8007bc02c0
 Device \Driver\volmgr \Device\HarddiskVolume8 fffffa80066f62c0
 Device \Driver\usbehci \Device\USBPDO-8 fffffa8007eab2c0
 Device \Driver\usbuhci \Device\USBFDO-6 fffffa8007e1f2c0
 Device \Driver\usbuhci \Device\USBPDO-4 fffffa8007e1f2c0
 Device \Driver\atapi \Device\ScsiPort0 fffffa80074822c0
 Device \Driver\usbuhci \Device\USBFDO-2 fffffa8007e1f2c0
 Device \Driver\usbuhci \Device\USBPDO-0 fffffa8007e1f2c0
 Device \Driver\atapi \Device\ScsiPort1 fffffa80074822c0
 Device \Driver\atapi \Device\ScsiPort2 fffffa80074822c0
 Device \Driver\atapi \Device\ScsiPort3 fffffa80074822c0
 Device \Driver\atapi \Device\ScsiPort4 fffffa80074822c0
 Device \Driver\atapi \Device\ScsiPort5 fffffa80074822c0
 ---- Trace I/O - GMER 2.1 ----
 Trace ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa80074822c0]<< spos.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys fffffa80074822c0
 Trace 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007880790] fffffa8007880790
 Trace 3 CLASSPNP.SYS[fffff88001e0143f] -> nt!IofCallDriver -> [0xfffffa8007632580] fffffa8007632580
 Trace 5 ACPI.sys[fffff8800100b7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-2[0xfffffa800765b060] fffffa800765b060
 Trace \Driver\atapi[0xfffffa80075aa2e0] -> IRP_MJ_CREATE -> 0xfffffa80074822c0 fffffa80074822c0
 ---- Threads - GMER 2.1 ----
 Thread C:\Windows\System32\svchost.exe [2096:6352] 000007feefcb9688
 Thread C:\Windows\SysWOW64\ntdll.dll [2076:2092] 0000000000b10440
 Thread C:\Windows\SysWOW64\ntdll.dll [2076:4428] 0000000072f362ee
 Thread C:\Windows\SysWOW64\ntdll.dll [2076:5624] 0000000000986a20
 Thread C:\Windows\SysWOW64\ntdll.dll [2076:5632] 0000000000986bb0
 Thread C:\Windows\SysWOW64\ntdll.dll [2076:6136] 00000000708ea3e0
 Thread C:\Program Files\CoreTemp64\Core Temp.exe [4536:4260] 000007fefa9f2a7c
 Thread C:\Program Files\CoreTemp64\Core Temp.exe [4536:5740] 000000005c158e00
 Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [5384:6284] 000007fefa9f2a7c
 Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [5384:6324] 000007fee1e84830
 Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [5384:6484] 000007fef9945124
 ---- Processes - GMER 2.1 ----
 Library C:\Users\Traveler\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (*** suspicious ***) @ C:\Windows\Explorer.EXE [2608] (GG drive menu/GG Network S.A.)(2012-08-24 14:16:37) 000000005ff80000
 Process C:\Users\Traveler\AppData\Roaming\uTorrent\uTorrent.exe (*** suspicious ***) @ C:\Users\Traveler\AppData\Roaming\uTorrent\uTorrent.exe [2944] (µTorrent/BitTorrent Inc.)(2014-01-26 07:06:15) 0000000000400000
 ---- Registry - GMER 2.1 ----
 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1 771343423
 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2 285507792
 ---- EOF - GMER 2.1 ----
ComboFix
- Kod: Zaznacz wszystko
- ComboFix 14-03-04.01 - Traveler 2014-03-06 22:04:25.2.8 - x64 MINIMAL
 Microsoft Windows 7 Professional 6.1.7601.1.1250.48.1045.18.8183.7317 [GMT 1:00]
 Uruchomiony z: C:\ComboFix.exe
 AV: Kaspersky Internet Security *Enabled/Updated* {179979E8-273D-D14E-0543-2861940E4886}
 FW: Kaspersky Internet Security *Enabled* {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
 SP: Kaspersky Internet Security *Enabled/Updated* {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
 SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Utworzono nowy punkt przywracania
 .
 .
 ((((((((((((((((((((((((( Pliki utworzone od 2014-02-06 do 2014-03-06 )))))))))))))))))))))))))))))))
 .
 .
 2014-03-06 21:06 . 2014-03-06 21:06 -------- d-----w- c:\users\Default\AppData\Local\temp
 2014-03-06 20:54 . 2014-03-06 21:01 119512 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
 2014-03-06 20:54 . 2014-02-21 13:55 63192 ----a-w- c:\windows\system32\drivers\mwac.sys
 2014-03-06 20:54 . 2014-02-21 13:55 92376 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
 2014-03-06 20:54 . 2014-02-21 13:55 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
 2014-03-06 20:54 . 2014-03-06 20:54 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
 2014-03-06 20:54 . 2014-03-06 20:54 -------- d-----w- c:\programdata\Malwarebytes
 2014-03-06 20:29 . 2014-03-06 20:37 -------- d-----w- C:\AdwCleaner
 2014-03-06 20:21 . 2014-03-06 20:48 -------- d-----w- c:\program files\Enigma Software Group
 2014-03-06 20:20 . 2014-03-06 20:47 -------- d-----w- c:\windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
 2014-03-05 16:16 . 2014-03-06 16:21 -------- d-----w- c:\users\Traveler\AppData\Local\Adobe
 2014-03-04 19:29 . 2014-02-06 09:01 10536864 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3AF68723-5ED0-47B9-8D5F-B3962F6542EE}\mpengine.dll
 2014-03-04 19:29 . 2014-01-09 02:22 5694464 ----a-w- c:\windows\SysWow64\mstscax.dll
 2014-03-04 19:29 . 2014-01-03 22:44 6574592 ----a-w- c:\windows\system32\mstscax.dll
 2014-03-04 16:47 . 2014-03-04 16:47 -------- d-----w- c:\users\Traveler\AppData\Local\GHISLER
 2014-03-04 16:18 . 2014-03-04 16:18 388096 ----a-r- c:\users\Traveler\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
 2014-02-23 16:17 . 2014-02-23 16:17 -------- d-----w- c:\users\Traveler\AppData\Roaming\com.efile.epity2013
 2014-02-23 16:17 . 2014-02-23 16:17 -------- d-----w- c:\users\Traveler\AppData\Roaming\fillUp
 2014-02-23 16:17 . 2014-02-23 16:17 -------- d-----w- c:\program files (x86)\e-file
 2014-02-14 19:38 . 2014-02-14 19:38 -------- d-----w- c:\users\Traveler\AppData\Local\Apple Computer
 2014-02-12 18:20 . 2013-12-21 09:53 548864 ----a-w- c:\windows\system32\vbscript.dll
 2014-02-12 18:20 . 2013-12-21 08:56 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
 2014-02-12 18:18 . 2013-12-04 02:27 485888 ----a-w- c:\windows\system32\secproc_isv.dll
 2014-02-11 20:06 . 2014-02-11 20:18 -------- d-----w- c:\users\Traveler\AppData\Local\LooksBuilder
 2014-02-11 20:04 . 2014-02-11 20:04 -------- d-----w- c:\users\Traveler\AppData\Roaming\Red Giant Link
 2014-02-11 20:03 . 2014-02-11 20:03 -------- d-----w- c:\program files (x86)\LooksBuilder
 2014-02-11 20:03 . 2014-02-11 20:03 -------- d-----w- c:\program files (x86)\Red Giant Link
 2014-02-11 20:02 . 2014-02-11 20:02 -------- d-----w- c:\programdata\RedGiant
 2014-02-10 20:14 . 2014-02-10 20:14 -------- d-----w- c:\program files\Common Files\DESIGNER
 2014-02-10 20:14 . 2014-02-10 20:14 -------- d-----w- c:\program files\Microsoft.NET
 2014-02-10 20:14 . 2014-02-10 20:14 -------- d-----w- c:\program files (x86)\Microsoft SQL Server
 2014-02-10 20:14 . 2014-02-10 20:14 -------- d-----w- c:\programdata\regid.1991-06.com.microsoft
 2014-02-10 20:13 . 2014-02-10 20:14 -------- d-----w- c:\program files\Microsoft SQL Server
 2014-02-10 20:13 . 2014-02-10 20:13 -------- d-----w- c:\windows\PCHEALTH
 2014-02-10 20:13 . 2014-02-10 20:13 -------- d-----w- c:\program files\Microsoft Analysis Services
 2014-02-10 20:13 . 2014-02-10 20:13 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
 2014-02-10 20:13 . 2014-02-10 20:13 -------- d-----w- c:\program files\Microsoft Office
 2014-02-10 20:12 . 2014-02-10 20:12 -------- d-----r- C:\MSOCache
 2014-02-05 17:22 . 2014-02-05 19:56 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
 .
 .
 .
 (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
 .
 2014-02-21 16:59 . 2013-07-23 17:16 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
 2014-02-21 16:59 . 2013-07-23 17:16 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
 2014-02-18 20:04 . 2013-12-01 09:39 624224 ----a-w- c:\windows\system32\drivers\klif.sys
 2014-02-18 20:04 . 2013-10-11 12:25 29280 ----a-w- c:\windows\system32\drivers\klkbdflt.sys
 2014-02-18 20:04 . 2013-12-01 09:39 115296 ----a-w- c:\windows\system32\drivers\klflt.sys
 2014-02-16 16:54 . 2013-08-07 17:11 290184 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
 2014-02-16 16:54 . 2012-08-24 15:54 290184 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
 2014-02-16 16:47 . 2013-08-07 17:11 290184 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
 2014-02-12 18:24 . 2012-08-24 17:29 88567024 ----a-w- c:\windows\system32\MRT.exe
 2014-01-27 08:58 . 2012-08-24 13:38 270496 ------w- c:\windows\system32\MpSigStub.exe
 2014-01-14 01:53 . 2014-01-14 01:53 88576 ----a-w- c:\windows\SysWow64\rzdevinfo.dll
 2014-01-14 01:53 . 2014-01-14 01:53 296448 ----a-w- c:\windows\SysWow64\rzaudiodll.dll
 2013-12-19 07:43 . 2013-06-06 16:38 178272 ----a-w- c:\windows\system32\drivers\kneps.sys
 2013-12-18 20:09 . 2013-10-17 17:56 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
 2013-12-18 16:19 . 2014-01-06 16:47 252688 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
 2013-12-18 16:16 . 2014-01-06 16:47 126736 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
 2013-12-18 16:16 . 2013-12-18 16:16 140560 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
 2013-12-18 16:16 . 2013-12-18 16:16 113936 ----a-w- c:\windows\system32\drivers\VBoxUSB.sys
 2013-12-18 16:16 . 2013-07-04 13:57 154896 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
 2013-12-18 16:13 . 2013-12-18 16:13 204048 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll
 2013-12-06 22:07 . 2013-12-06 22:07 78432 ----a-w- c:\windows\system32\atimpc64.dll
 2013-12-06 22:07 . 2013-12-06 22:07 78432 ----a-w- c:\windows\system32\amdpcom64.dll
 2013-12-06 22:07 . 2013-12-06 22:07 71704 ----a-w- c:\windows\SysWow64\atimpc32.dll
 2013-12-06 22:07 . 2013-12-06 22:07 71704 ----a-w- c:\windows\SysWow64\amdpcom32.dll
 2013-12-06 22:04 . 2013-10-08 14:01 143304 ----a-w- c:\windows\system32\atiuxp64.dll
 2013-12-06 22:03 . 2013-12-06 22:03 126336 ----a-w- c:\windows\SysWow64\atiuxpag.dll
 2013-12-06 22:03 . 2013-12-06 22:03 115512 ----a-w- c:\windows\system32\atiu9p64.dll
 2013-12-06 22:02 . 2013-10-08 14:01 98496 ----a-w- c:\windows\SysWow64\atiu9pag.dll
 2013-12-06 22:01 . 2013-10-08 14:01 1318552 ----a-w- c:\windows\system32\aticfx64.dll
 2013-12-06 22:01 . 2013-10-08 14:01 1100216 ----a-w- c:\windows\SysWow64\aticfx32.dll
 2013-12-06 22:00 . 2013-10-08 14:00 9753752 ----a-w- c:\windows\system32\atidxx64.dll
 2013-12-06 21:59 . 2013-12-06 21:59 8406024 ----a-w- c:\windows\SysWow64\atidxx32.dll
 2013-12-06 21:59 . 2013-10-08 14:00 8287008 ----a-w- c:\windows\SysWow64\atiumdva.dll
 2013-12-06 21:58 . 2013-10-08 14:00 6630232 ----a-w- c:\windows\SysWow64\atiumdag.dll
 2013-12-06 21:57 . 2013-12-06 21:57 8927704 ----a-w- c:\windows\system32\atiumd6a.dll
 2013-12-06 21:56 . 2013-12-06 21:56 7751920 ----a-w- c:\windows\system32\atiumd64.dll
 2013-12-06 21:52 . 2013-12-06 21:52 13207552 ----a-w- c:\windows\system32\drivers\atikmdag.sys
 2013-12-06 21:38 . 2013-12-06 21:38 230912 ----a-w- c:\windows\system32\clinfo.exe
 2013-12-06 21:38 . 2013-12-06 21:38 99840 ----a-w- c:\windows\system32\OpenVideo64.dll
 2013-12-06 21:38 . 2013-12-06 21:38 83968 ----a-w- c:\windows\SysWow64\OpenVideo.dll
 2013-12-06 21:38 . 2013-12-06 21:38 86528 ----a-w- c:\windows\system32\OVDecode64.dll
 2013-12-06 21:38 . 2013-12-06 21:38 73728 ----a-w- c:\windows\SysWow64\OVDecode.dll
 2013-12-06 21:37 . 2013-12-06 21:37 29382144 ----a-w- c:\windows\system32\amdocl64.dll
 2013-12-06 21:35 . 2013-12-06 21:35 24860160 ----a-w- c:\windows\SysWow64\amdocl.dll
 2013-12-06 21:33 . 2013-12-06 21:33 63488 ----a-w- c:\windows\system32\OpenCL.dll
 2013-12-06 21:33 . 2013-12-06 21:33 57344 ----a-w- c:\windows\SysWow64\OpenCL.dll
 2013-12-06 21:26 . 2013-12-06 21:26 129536 ----a-w- c:\windows\system32\coinst_13.251.dll
 2013-12-06 21:16 . 2013-10-08 13:17 26352128 ----a-w- c:\windows\system32\atio6axx.dll
 2013-12-06 21:13 . 2013-12-06 21:13 368640 ----a-w- c:\windows\system32\atiapfxx.exe
 2013-12-06 21:12 . 2013-12-06 21:12 62464 ----a-w- c:\windows\system32\aticalrt64.dll
 2013-12-06 21:12 . 2013-12-06 21:12 52224 ----a-w- c:\windows\SysWow64\aticalrt.dll
 2013-12-06 21:12 . 2013-12-06 21:12 55808 ----a-w- c:\windows\system32\aticalcl64.dll
 2013-12-06 21:12 . 2013-12-06 21:12 49152 ----a-w- c:\windows\SysWow64\aticalcl.dll
 2013-12-06 21:12 . 2013-12-06 21:12 15716352 ----a-w- c:\windows\system32\aticaldd64.dll
 2013-12-06 21:09 . 2013-12-06 21:09 14302208 ----a-w- c:\windows\SysWow64\aticaldd.dll
 2013-06-25 05:09 . 2013-06-26 17:09 44 ---h--w- c:\program files (x86)\f6435f27.tmp
 .
 .
 ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
 .
 .
 *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
 REGEDIT4
 .
 [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
 @="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
 [HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
 2012-10-01 19:38 1720976 ----a-w- c:\progra~2\MICROS~2\Office15\GROOVEEX.DLL
 .
 [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
 @="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
 [HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
 2012-10-01 19:38 1720976 ----a-w- c:\progra~2\MICROS~2\Office15\GROOVEEX.DLL
 .
 [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
 @="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
 [HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
 2012-10-01 19:38 1720976 ----a-w- c:\progra~2\MICROS~2\Office15\GROOVEEX.DLL
 .
 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
 "NetLimiter"="c:\program files\NetLimiter 3\NLClientApp.exe" [2010-08-30 2790400]
 "uTorrent"="c:\users\Traveler\AppData\Roaming\uTorrent\uTorrent.exe" [2014-02-18 802136]
 "Spotify Web Helper"="c:\users\Traveler\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-01-30 1171968]
 "Raptr"="c:\progra~2\Raptr\raptrstub.exe" [2014-02-18 55360]
 .
 [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
 "Razer Synapse"="c:\program files (x86)\Razer\Synapse\RzSynapse.exe" [2013-11-17 442712]
 "Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe" [2012-12-18 3478752]
 "Ad Muncher"="c:\program files (x86)\Ad Muncher\AdMunch.exe" [2013-09-15 535752]
 "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
 "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2013-12-06 766208]
 "ADSK DLMSession"="c:\program files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe" [2013-02-01 1641368]
 .
 c:\users\Traveler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
 Xfire.lnk - c:\program files (x86)\Xfire2\Xfire.exe [2013-9-28 4881624]
 .
 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
 "ConsentPromptBehaviorAdmin"= 0 (0x0)
 "ConsentPromptBehaviorUser"= 3 (0x3)
 "EnableLUA"= 0 (0x0)
 "EnableUIADesktopToggle"= 0 (0x0)
 "PromptOnSecureDesktop"= 0 (0x0)
 .
 [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
 "LoadAppInit_DLLs"=1 (0x1)
 .
 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
 "DisableMonitoring"=dword:00000001
 .
 R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
 R1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
 R1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
 R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
 R1 klpd;klpd;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x]
 R1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
 R1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
 R1 nltdi;nltdi;c:\program files\NetLimiter 3\nltdi.sys;c:\program files\NetLimiter 3\nltdi.sys [x]
 R1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
 R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
 R2 AIPS;Arp Intelligent Protection Service;c:\program files (x86)\netcut\services\AIPS.exe;c:\program files (x86)\netcut\services\AIPS.exe [x]
 R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
 R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
 R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
 R2 KMService;KMService;c:\windows\system32\srvany.exe;c:\windows\SYSNATIVE\srvany.exe [x]
 R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x]
 R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
 R2 mi-raysat_3dsmax2014_64;mental ray Satellite for Autodesk 3ds Max 2014 64-bit;d:\autodesk 3ds max\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe;d:\autodesk 3ds max\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe [x]
 R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]
 R2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys;c:\windows\SYSNATIVE\DRIVERS\RtNdPt60.sys [x]
 R2 SBUpd;SpeedBit Update;c:\program files\Common Files\SpeedBit\SBUpdate\sbu.exe;c:\program files\Common Files\SpeedBit\SBUpdate\sbu.exe [x]
 R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
 R3 ALSysIO;ALSysIO;c:\users\Traveler\AppData\Local\Temp\ALSysIO64.sys;c:\users\Traveler\AppData\Local\Temp\ALSysIO64.sys [x]
 R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
 R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
 R3 bulkadi;Razer Megalodon DFU;c:\windows\system32\DRIVERS\bulkrazer_x64.sys;c:\windows\SYSNATIVE\DRIVERS\bulkrazer_x64.sys [x]
 R3 cpudrv64;cpudrv64;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys [x]
 R3 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x64.sys;c:\windows\TEMP\cpuz136\cpuz136_x64.sys [x]
 R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
 R3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);c:\windows\system32\DRIVERS\vrtaucbl.sys;c:\windows\SYSNATIVE\DRIVERS\vrtaucbl.sys [x]
 R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
 R3 FsUsbExDisk;FsUsbExDisk;c:\windows\SysWOW64\FsUsbExDisk.SYS;c:\windows\SysWOW64\FsUsbExDisk.SYS [x]
 R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\SystemInfo\FMSISvc.exe [x]
 R3 GPUZ;GPUZ;c:\windows\TEMP\GPUZ.sys;c:\windows\TEMP\GPUZ.sys [x]
 R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
 R3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
 R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
 R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
 R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
 R3 NLNdisMP;NLNdisMP;c:\windows\system32\DRIVERS\nlndis.sys;c:\windows\SYSNATIVE\DRIVERS\nlndis.sys [x]
 R3 NLNdisPT;NetLimiter Ndis Protocol Service;c:\windows\system32\DRIVERS\nlndis.sys;c:\windows\SYSNATIVE\DRIVERS\nlndis.sys [x]
 R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
 R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
 R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x]
 R3 RTCore64;RTCore64;c:\program files (x86)\MSI Afterburner\RTCore64.sys;c:\program files (x86)\MSI Afterburner\RTCore64.sys [x]
 R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
 R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.0);c:\windows\system32\DRIVERS\RtTeam60.sys;c:\windows\SYSNATIVE\DRIVERS\RtTeam60.sys [x]
 R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan620.sys;c:\windows\SYSNATIVE\DRIVERS\RtVlan620.sys [x]
 R3 SaiK0CCB;SaiK0CCB;c:\windows\system32\DRIVERS\SaiK0CCB.sys;c:\windows\SYSNATIVE\DRIVERS\SaiK0CCB.sys [x]
 R3 SaiK0CD7;SaiK0CD7;c:\windows\system32\DRIVERS\SaiK0CD7.sys;c:\windows\SYSNATIVE\DRIVERS\SaiK0CD7.sys [x]
 R3 SaiK1708;SaiK1708;c:\windows\system32\DRIVERS\SaiK1708.sys;c:\windows\SYSNATIVE\DRIVERS\SaiK1708.sys [x]
 R3 SaiU0CCB;SaiU0CCB;c:\windows\system32\DRIVERS\SaiU0CCB.sys;c:\windows\SYSNATIVE\DRIVERS\SaiU0CCB.sys [x]
 R3 SBUpdd;SpeedBit UpdateD;c:\program files\Common Files\SpeedBit\SBUpdate\sbw.sys;c:\program files\Common Files\SpeedBit\SBUpdate\sbw.sys [x]
 R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
 R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.0);c:\windows\system32\DRIVERS\RtTeam60.sys;c:\windows\SYSNATIVE\DRIVERS\RtTeam60.sys [x]
 R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
 R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
 R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
 R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys;c:\windows\SYSNATIVE\Drivers\VBoxUSB.sys [x]
 R3 VLAN;Realtek Virtual Miniport Driver for VLAN (NDIS 6.0);c:\windows\system32\DRIVERS\RtVLAN60.sys;c:\windows\SYSNATIVE\DRIVERS\RtVLAN60.sys [x]
 R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
 R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]
 R3 XFDriver64;XFDriver64;c:\program files (x86)\Xfire2\XFDriver64.sys;c:\program files (x86)\Xfire2\XFDriver64.sys [x]
 R4 klflt;klflt;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x]
 R4 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
 S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
 S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSHidFilt.Sys [x]
 S3 rzendpt;rzendpt;c:\windows\system32\DRIVERS\rzendpt.sys;c:\windows\SYSNATIVE\DRIVERS\rzendpt.sys [x]
 S3 rzudd;Razer Mouse Driver;c:\windows\system32\DRIVERS\rzudd.sys;c:\windows\SYSNATIVE\DRIVERS\rzudd.sys [x]
 .
 .
 [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
 2014-03-04 14:40 1150280 ----a-w- c:\program files (x86)\Google\Chrome\Application\33.0.1750.146\Installer\chrmstp.exe
 .
 Zawartość folderu 'Zaplanowane zadania'
 .
 2014-03-06 c:\windows\Tasks\Adobe Flash Player Updater.job
 - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-23 16:59]
 .
 2014-02-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
 - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-20 17:12]
 .
 2014-02-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
 - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-20 17:12]
 .
 .
 --------- X64 Entries -----------
 .
 .
 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay1]
 @="{E68D0A50-3C40-4712-B90D-DCFA93FF2534}"
 [HKEY_CLASSES_ROOT\CLSID\{E68D0A50-3C40-4712-B90D-DCFA93FF2534}]
 2012-06-05 09:42 2023936 ----a-w- c:\programdata\GG\ggdrive\ggdrive-overlay.dll
 .
 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay2]
 @="{E68D0A51-3C40-4712-B90D-DCFA93FF2534}"
 [HKEY_CLASSES_ROOT\CLSID\{E68D0A51-3C40-4712-B90D-DCFA93FF2534}]
 2012-06-05 09:42 2023936 ----a-w- c:\programdata\GG\ggdrive\ggdrive-overlay.dll
 .
 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay3]
 @="{E68D0A52-3C40-4712-B90D-DCFA93FF2534}"
 [HKEY_CLASSES_ROOT\CLSID\{E68D0A52-3C40-4712-B90D-DCFA93FF2534}]
 2012-06-05 09:42 2023936 ----a-w- c:\programdata\GG\ggdrive\ggdrive-overlay.dll
 .
 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay4]
 @="{E68D0A53-3C40-4712-B90D-DCFA93FF2534}"
 [HKEY_CLASSES_ROOT\CLSID\{E68D0A53-3C40-4712-B90D-DCFA93FF2534}]
 2012-06-05 09:42 2023936 ----a-w- c:\programdata\GG\ggdrive\ggdrive-overlay.dll
 .
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
 "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-05-18 12489360]
 "SaiMfd"="c:\program files\SmartTechnology\Software\SaiMfd.exe" [2013-04-16 158208]
 "Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2013-04-24 7477016]
 .
 ------- Skan uzupełniający -------
 .
 uLocal Page = c:\windows\system32\blank.htm
 mDefault_Search_URL = hxxp://www.google.com
 mDefault_Page_URL = about:blank
 mStart Page = about:blank
 mLocal Page = c:\windows\SysWOW64\blank.htm
 mSearch Page = hxxp://www.google.com
 uInternet Settings,ProxyOverride = <local>
 IE: Add to Anti-Banner - c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ie_banner_deny.htm
 IE: Block frame with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=MO2540G0&id=menu_ie_frame
 IE: Block image with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=MO2540G0&id=menu_ie_image
 IE: Block link with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=MO2540G0&id=menu_ie_link
 IE: Don't filter page with Ad Muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=MO2540G0&id=menu_ie_exclude
 IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office15\EXCEL.EXE/3000
 IE: Report page to the Ad Muncher developers - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=MO2540G0&id=menu_ie_report
 TCP: DhcpNameServer = 8.8.8.8 8.8.4.4
 TCP: Interfaces\{D395B88C-BE42-4389-B68D-0FB8DAD83354}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
 Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
 DPF: {66D845A0-C3BB-45AD-807C-9BFEAF20EF2C} - hxxps://dokumax.max-boegl.de/content/static/ecm/activex/Enable_Edit_In_Place.cab
 FF - ProfilePath - c:\users\Traveler\AppData\Roaming\Mozilla\Firefox\Profiles\y2azreaz.default-1394138328678\
 FF - prefs.js: browser.startup.homepage - google.pl
 FF - prefs.js: keyword.URL - hxxp://go.speedbit.com/search.aspx?s=E21b&q=
 .
 - - - - USUNIĘTO PUSTE WPISY - - - -
 .
 Wow6432Node-HKLM-Run-<NO NAME> - (no file)
 AddRemove-{81BF6353-3C5B-4E6E-A566-7E162A00BF72}_is1 - c:\users\Traveler\AppData\Local\unins000.exe
 .
 .
 .
 --------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
 .
 [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
 @Denied: (2) (LocalSystem)
 "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
 d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,a5,c1,7c,19,19,f4,6c,4a,a1,28,5b,\
 "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
 d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,a5,c1,7c,19,19,f4,6c,4a,a1,28,5b,\
 .
 [HKEY_USERS\S-1-5-21-2294864315-1545841318-3897952-1000\Software\SecuROM\License information*]
 "datasecu"=hex:5a,4c,5d,1f,c3,95,f8,e8,82,8d,a5,35,92,75,d2,b1,a9,b5,5e,6a,a1,
 7f,b8,16,f3,3b,ed,79,45,47,3e,28,73,37,3c,7e,73,3e,1a,61,34,66,27,c0,82,2d,\
 "rkeysecu"=hex:e6,0b,cf,9d,d3,83,e9,01,cc,63,28,ed,52,3a,aa,95
 .
 [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]
 "Version"=hex:0c,81,fe,36,67,14,f9,2f,64,4a,c2,c0,24,d6,63,fc,d1,1a,74,01,7f,
 62,0b,83,a6,0d,ce,04,aa,6e,1a,db,2c,13,5f,a1,0e,ab,16,a5,1b,9b,b7,8a,3a,ee,\
 .
 [HKEY_LOCAL_MACHINE\SOFTWARE\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version]
 "Version"=hex:0c,81,fe,36,67,14,f9,2f,64,4a,c2,c0,24,d6,63,fc,d1,1a,74,01,7f,
 62,0b,83,a6,0d,ce,04,aa,6e,1a,db,2c,13,5f,a1,0e,ab,16,a5,1b,9b,b7,8a,3a,ee,\
 .
 [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
 @Denied: (A) (Everyone)
 "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
 .
 [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
 @Denied: (A) (Everyone)
 .
 [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
 "Key"="ActionsPane3"
 "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
 .
 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
 @Denied: (A) (Users)
 @Denied: (A) (Everyone)
 @Allowed: (B 1 2 3 4 5) (S-1-5-20)
 "BlindDial"=dword:00000000
 .
 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
 @Denied: (A) (Users)
 @Denied: (A) (Everyone)
 @Allowed: (B 1 2 3 4 5) (S-1-5-20)
 "BlindDial"=dword:00000000
 .
 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
 @Denied: (A) (Users)
 @Denied: (A) (Everyone)
 @Allowed: (B 1 2 3 4 5) (S-1-5-20)
 "BlindDial"=dword:00000000
 .
 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
 @Denied: (Full) (Everyone)
 .
 Czas ukończenia: 2014-03-06 22:07:59
 ComboFix-quarantined-files.txt 2014-03-06 21:07
 ComboFix2.txt 2014-03-04 16:35
 .
 Przed: 30 197 686 272 bajtów wolnych
 Po: 29 909 491 712 bajtów wolnych
 .
 - - End Of File - - 35ED1CB27A75E840F908EE2387434405
 A36C5E4F47E84449FF07ED3517B43A31


 
	