Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 27

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 28

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 29

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 30

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 31

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 32

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 33

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 35

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 36

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 37

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 38

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 39

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 40

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 41

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 42

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 43

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 44

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 45

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 47

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 48

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 49

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 50

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 51

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 52

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 53

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 54

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 55

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 56

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 80

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 81

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 82

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 83

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 84

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 85

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 86

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 87

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 88

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 89

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 90

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 91

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 92

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 93

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 94

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3900: Cannot modify header information - headers already sent by (output started at /includes/functions_gfxua.php:41)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3902: Cannot modify header information - headers already sent by (output started at /includes/functions_gfxua.php:41)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3903: Cannot modify header information - headers already sent by (output started at /includes/functions_gfxua.php:41)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3904: Cannot modify header information - headers already sent by (output started at /includes/functions_gfxua.php:41)
Laptop nagle zaczął bardzo wolno pracować • programosy.pl
Aktualizacje na programosy.pl: ImTranslator for ChromeJ. River Media CenterPotPlayerSyncoveryGridinSoft Anti-MalwareLoaris Trojan RemoverDriver GeniusBrave BrowserDisplay Driver Uninstaller (DDU)  

  • Ogłoszenie:

Laptop nagle zaczął bardzo wolno pracować

Dyskusje na tematy związane z problemami sprzętowymi - komputery, podzespoły, akcesoria... oraz sprzęt RTV
Wyślij odpowiedź

Laptop nagle zaczął bardzo wolno pracować

Postprzez Annuaki 26 Sie 2014, 16:21

reklama
Laptop nagle zaczął bardzo wolno pracować, a także bardzo długo się uruchamia. Stało się to nagle, jeszcze dwa dni temu pracował bardzo dobrze jak na swoje lata (laptop firmy Lenovo 3000 N100, mam go od kilku lat), a teraz coś go muli. Dodaję 3 logi, jeden z Gmer a także dwa z OTL
W dziale Bezpieczeństwo otrzymałem odpowiedź, żeby założyć temat tutaj:

"
Error - 2014-08-25 15:23:39 | Computer Name = Wojtek-Komputer | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok.

http://www.fixitpc.pl/topic/5553-blad-s ... rpretacja/
Załóż temat na hardware-vf4.html
"

GMER:
GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2014-08-25 21:07:02
Windows 6.1.7601 Service Pack 1
Running: nxde0so7.exe; Driver: C:\Users\Wojtek\AppData\Local\Temp\kwrdqpob.sys


---- Registry - GMER 2.1 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001c26ef5c71
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001c26ef5c71@001e1003c455 0x83 0xF1 0x16 0x5B ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001c26ef5c71@9c4a7babac94 0x5A 0x50 0x10 0xC6 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001c26ef5c71@0023f1fde93d 0x16 0x36 0x8D 0xB0 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001c26ef5c71 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001c26ef5c71@001e1003c455 0x83 0xF1 0x16 0x5B ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001c26ef5c71@9c4a7babac94 0x5A 0x50 0x10 0xC6 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001c26ef5c71@0023f1fde93d 0x16 0x36 0x8D 0xB0 ...
Reg HKLM\SOFTWARE\Microsoft\Windows Search\UsnNotifier\Windows\Catalogs\SystemIndex@{8A871872-ECFB-11DF-97D8-806E6F6E6963} 13956587384

---- EOF - GMER 2.1 ----


Extras:
OTL Extras logfile created on: 2014-08-25 21:11:01 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Wojtek\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 0,95 Gb Available Physical Memory | 47,56% Memory free
4,00 Gb Paging File | 2,63 Gb Available in Paging File | 65,88% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 31,78 Gb Total Space | 2,63 Gb Free Space | 8,28% Space Free | Partition Type: NTFS
Drive D: | 80,00 Gb Total Space | 25,80 Gb Free Space | 32,25% Space Free | Partition Type: NTFS

Computer Name: WOJTEK-KOMPUTER | User Name: Wojtek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1F1973EB-3401-48D2-866A-562BD3035800}" = lport=445 | protocol=6 | dir=in | app=system |
"{4C2BF4B9-57EA-4747-844C-1D8AB152DF80}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{5233A8D7-32E6-4389-B948-FE967F7F719E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{66CDE42F-C873-46BB-A1B3-1FDB5874880A}" = rport=139 | protocol=6 | dir=out | app=system |
"{6988522F-C847-4D81-84AA-DF44D8F7DAA1}" = lport=138 | protocol=17 | dir=in | app=system |
"{88A20300-B75A-4E57-9650-8D7CDAE97AFE}" = lport=137 | protocol=17 | dir=in | app=system |
"{9CB1A37A-0AC8-48B9-BAA5-E70543F9ED6D}" = rport=445 | protocol=6 | dir=out | app=system |
"{AB75A664-45FF-48FE-AD85-7C791E9BB7C3}" = rport=137 | protocol=17 | dir=out | app=system |
"{C6457392-503B-4C89-9671-73473565EB84}" = rport=138 | protocol=17 | dir=out | app=system |
"{D400FFE0-609F-4166-B99F-6B19A3425251}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E9AB2BA1-F566-4117-8808-816D6550873C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EB5343F8-CB14-4495-B888-FD67B1D09F7B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{F555FF41-AE35-419B-BC43-9032D00E9EE3}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"{F938E48C-08BA-44F3-87C8-54DBB71D1705}" = lport=139 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0EE17A76-AC37-4BED-B8B6-04970AB22BD3}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{36031118-1B81-4C7C-B3BC-192F65A14963}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{36F432F4-8C20-4ACA-B89D-A3C1F470D39E}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{378483FE-0BD2-4FFA-947F-890B53111E2F}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{3FA5E666-BBAF-49E7-8A83-7836D088A5EA}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orb.exe |
"{4561D754-5FEB-4D28-90DF-EE98A19B5D32}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{47B59C16-B6B1-4A47-B00E-5F8F19F11318}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orbtray.exe |
"{4DDFEEF0-680B-4947-A7B2-E1C92636288B}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{5B129C62-DD7E-4B9F-B9F3-ABEFA37F6DBF}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{77141F16-B323-443E-B35B-2DE0B87A7E37}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orb.exe |
"{7C39D823-AD24-4AC8-A55E-8231C8664D7C}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orbtray.exe |
"{A50C8FE1-2C81-475D-82E6-9D0EDC71CEBE}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{AC35B156-12FB-44D0-BCAD-7351153072F7}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orbstreamerclient.exe |
"{AD40F2D4-8C3B-49DE-8ECE-DE1156EB7878}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{B2F3C5BF-827F-4227-869F-4E6CA40DF65E}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{C0810CC3-758A-4406-8D69-70618B7F915D}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orbstreamerclient.exe |
"{D4739ECD-A9DB-4D07-A22A-DA9B13F9BF71}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{078D97B3-46AF-43DF-9399-418EF62C243E}F:\inne\xenoxmt2client_11.02.2012r_by_pawemol\xenoxmt2 launcher.exe" = protocol=6 | dir=in | app=f:\inne\xenoxmt2client_11.02.2012r_by_pawemol\xenoxmt2 launcher.exe |
"TCP Query User{0897D868-7EBD-44F8-B8EA-C4379FC3CADF}D:\gry\mt\bloodymt2\metin2.exe" = protocol=6 | dir=in | app=d:\gry\mt\bloodymt2\metin2.exe |
"TCP Query User{0EBEAF35-218E-4606-B4FC-E28E81EAEE6A}D:\gry\quake iii\q3\quake3.exe" = protocol=6 | dir=in | app=d:\gry\quake iii\q3\quake3.exe |
"TCP Query User{128F3495-23FF-4202-AAAE-A845FF1D3102}D:\ares\ares.exe" = protocol=6 | dir=in | app=d:\ares\ares.exe |
"TCP Query User{12A2E9CF-B159-423C-AEEB-33D335BF1EDE}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{20D119FA-4A0D-4011-B804-856240A43DC7}D:\gry\rollercoaster tycoon\rollercoaster\rct.exe" = protocol=6 | dir=in | app=d:\gry\rollercoaster tycoon\rollercoaster\rct.exe |
"TCP Query User{25970DC9-B376-4264-92A2-76BF0C71E09E}D:\gry\xen\xenoxmt2client_11.02.2012r_by_pawemol\xenoxmt2 launcher.exe" = protocol=6 | dir=in | app=d:\gry\xen\xenoxmt2client_11.02.2012r_by_pawemol\xenoxmt2 launcher.exe |
"TCP Query User{259BD61E-0782-48E6-9FF7-E2E155AF0AC4}D:\s\sarios\_sarios.exe" = protocol=6 | dir=in | app=d:\s\sarios\_sarios.exe |
"TCP Query User{29916F1B-F82F-4CEF-B24F-C6718B68A7BD}D:\metin2\metin2\metin2client.exe" = protocol=6 | dir=in | app=d:\metin2\metin2\metin2client.exe |
"TCP Query User{2C30C445-8E2F-4A24-A376-A2D751A0B042}D:\gg\ares\ares.exe" = protocol=6 | dir=in | app=d:\gg\ares\ares.exe |
"TCP Query User{30CF162B-65B0-4077-A5BC-3E8DE39CD06D}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{32AEE254-B4C8-4330-ADEF-5E3CB7D7F0C7}H:\private\xenox_mt2_klient(nowy patch 03.09.2011r)\xenoxmt2 launcher.exe" = protocol=6 | dir=in | app=h:\private\xenox_mt2_klient(nowy patch 03.09.2011r)\xenoxmt2 launcher.exe |
"TCP Query User{35BBAB55-F769-443F-B323-841889B0F324}D:\hary\monia\sdl.exe" = protocol=6 | dir=in | app=d:\hary\monia\sdl.exe |
"TCP Query User{3D50B490-3494-4153-9628-58731E32EEF2}D:\gry\mt2\game" = protocol=6 | dir=in | app=d:\gry\mt2\game |
"TCP Query User{461D571B-6816-4F37-9201-A8AB4D4E1386}D:\yitian2nowy\metin2\yt2.exe" = protocol=6 | dir=in | app=d:\yitian2nowy\metin2\yt2.exe |
"TCP Query User{4F945143-6312-455E-8B6A-C3EF08D92B14}D:\ares\ares.exe" = protocol=6 | dir=in | app=d:\ares\ares.exe |
"TCP Query User{524F19F8-1A9F-45C9-887F-7AD6C92BE61D}D:\yitian2nowy\metin2\yt2.exe" = protocol=6 | dir=in | app=d:\yitian2nowy\metin2\yt2.exe |
"TCP Query User{54FC03F6-D300-41E6-B08D-23B2AA160D9D}D:\remote\ultimate control\ucontrol.exe" = protocol=6 | dir=in | app=d:\remote\ultimate control\ucontrol.exe |
"TCP Query User{58331400-1487-44E8-9167-40729CD45CC1}D:\gry\xen\xenoxmt2client_11.02.2012r_by_pawemol\xenoxmt2 launcher.exe" = protocol=6 | dir=in | app=d:\gry\xen\xenoxmt2client_11.02.2012r_by_pawemol\xenoxmt2 launcher.exe |
"TCP Query User{5B260B99-BC45-47FD-A369-D558102F6344}D:\gry\cs\counter-strike\hl.exe" = protocol=6 | dir=in | app=d:\gry\cs\counter-strike\hl.exe |
"TCP Query User{5D5090CD-B860-464C-A711-472A2E88CB0B}D:\nowy folder\empiremt2\empiremt2.dll" = protocol=6 | dir=in | app=d:\nowy folder\empiremt2\empiremt2.dll |
"TCP Query User{5EEFE795-87C2-45DD-A7B9-9D62939C3EA2}D:\gry\mt2\raske\raske.exe" = protocol=6 | dir=in | app=d:\gry\mt2\raske\raske.exe |
"TCP Query User{62F36141-33FC-4C92-A665-14EE086EE8EC}D:\yitian2\metin2\yt2.exe" = protocol=6 | dir=in | app=d:\yitian2\metin2\yt2.exe |
"TCP Query User{645FE983-3A0F-4273-9500-C2C55737111B}D:\metin2\metin2\metin2client.bin" = protocol=6 | dir=in | app=d:\metin2\metin2\metin2client.bin |
"TCP Query User{651ABF3F-DC5B-432C-990B-1A75B57583C7}C:\program files\bittornado\btdownloadgui.exe" = protocol=6 | dir=in | app=c:\program files\bittornado\btdownloadgui.exe |
"TCP Query User{669E05AD-405F-41E9-9943-58CF63CE0530}D:\yitian2\metin2\yitian2.exe" = protocol=6 | dir=in | app=d:\yitian2\metin2\yitian2.exe |
"TCP Query User{6A42A973-AD53-454F-B4C8-B259B8786BE1}D:\gry\w\worms armageddon\wa.exe" = protocol=6 | dir=in | app=d:\gry\w\worms armageddon\wa.exe |
"TCP Query User{6BF7FBFA-D080-4993-A323-A3E7F182561D}D:\gry\quake iii\q3\quake3.exe" = protocol=6 | dir=in | app=d:\gry\quake iii\q3\quake3.exe |
"TCP Query User{6C37E1AF-55B9-4A7B-A084-F28715E63E2A}D:\gry\age of empires ii\empires2.exe" = protocol=6 | dir=in | app=d:\gry\age of empires ii\empires2.exe |
"TCP Query User{6D13A857-D979-4B5F-9082-ED438C638FE0}D:\metin2008\equinox.exe" = protocol=6 | dir=in | app=d:\metin2008\equinox.exe |
"TCP Query User{7408C723-A347-419A-B405-27F64ED81254}C:\program files\air mouse\air mouse\mobile mouse service.exe" = protocol=6 | dir=in | app=c:\program files\air mouse\air mouse\mobile mouse service.exe |
"TCP Query User{770C9635-7902-40C7-9EBA-EE18D632FA02}F:\cs\counter-strike\hltv.exe" = protocol=6 | dir=in | app=f:\cs\counter-strike\hltv.exe |
"TCP Query User{83743345-0AAC-4CDE-929E-961C0EA90DBE}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{8CAC0D9E-F53E-4B0B-A97E-D6B2024E9A63}H:\xenox_mt2_klient(nowy patch 03.09.2011r)\xenoxmt2 launcher.exe" = protocol=6 | dir=in | app=h:\xenox_mt2_klient(nowy patch 03.09.2011r)\xenoxmt2 launcher.exe |
"TCP Query User{94056CC5-FECA-4B14-B24C-BCDF28DD64D6}F:\cs\counter-strike\hl.exe" = protocol=6 | dir=in | app=f:\cs\counter-strike\hl.exe |
"TCP Query User{9B42A71A-C91A-4ADC-B349-BF44712FAE71}D:\l\longju2.pl\longju2.exe" = protocol=6 | dir=in | app=d:\l\longju2.pl\longju2.exe |
"TCP Query User{9C47D019-0270-4A00-BFA0-07AD4FA08FD2}D:\metin2 z wofx\metin2\equinox.exe" = protocol=6 | dir=in | app=d:\metin2 z wofx\metin2\equinox.exe |
"TCP Query User{A73BC239-9617-4691-98B7-EFDF51850238}D:\gg\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=d:\gg\gadu-gadu 10\gg.exe |
"TCP Query User{A9913D5B-A259-4367-B86E-0714476B42A5}D:\xenox_mt2_klient(nowy patch 03.09.2011r)\xenoxmt2 launcher.exe" = protocol=6 | dir=in | app=d:\xenox_mt2_klient(nowy patch 03.09.2011r)\xenoxmt2 launcher.exe |
"TCP Query User{AC241A25-BC8D-4A51-8F3F-DCAEE1881965}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{B0ED8283-A0DD-4250-8D54-52E96A060CC5}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{B1E9D5B6-563E-454B-B9F4-0717324111D3}D:\b\metin2client.bin" = protocol=6 | dir=in | app=d:\b\metin2client.bin |
"TCP Query User{B6F5106E-7DE9-40C2-87AF-8DE94B346004}C:\program files\air mouse\air mouse\air mouse.exe" = protocol=6 | dir=in | app=c:\program files\air mouse\air mouse\air mouse.exe |
"TCP Query User{C2A46981-81F6-4531-9D8D-DC1219EA5CB3}D:\n\nemoria\_nemoria.exe" = protocol=6 | dir=in | app=d:\n\nemoria\_nemoria.exe |
"TCP Query User{C5233CB0-A8D5-4232-8929-1C8A5BF5BDCB}D:\gg\ares\ares.exe" = protocol=6 | dir=in | app=d:\gg\ares\ares.exe |
"TCP Query User{CC8ECD79-0F54-495E-A1B1-E9DF77B84AEA}D:\yitian2nowy\metin2\equinox.exe" = protocol=6 | dir=in | app=d:\yitian2nowy\metin2\equinox.exe |
"TCP Query User{CCECAB68-4C16-4AFC-90B0-F2DF460209EB}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{CEDA005A-CC6C-41AB-AA5C-B6AD45D00ED9}D:\a\alios2\alios2.exe" = protocol=6 | dir=in | app=d:\a\alios2\alios2.exe |
"TCP Query User{D1101122-232D-412C-B40C-17C640368BA0}D:\gry\cs\counter-strike\hl.exe" = protocol=6 | dir=in | app=d:\gry\cs\counter-strike\hl.exe |
"TCP Query User{D599206B-E092-4471-87BB-21C5B9BE5882}D:\xenoxmt2client_11.02.2012r_by_pawemol\xenoxmt2 launcher.exe" = protocol=6 | dir=in | app=d:\xenoxmt2client_11.02.2012r_by_pawemol\xenoxmt2 launcher.exe |
"TCP Query User{D5CE1D81-7DB6-448C-9115-433526BB9331}F:\yitian2nowy\metin2\yt2.exe" = protocol=6 | dir=in | app=f:\yitian2nowy\metin2\yt2.exe |
"TCP Query User{D9A4D85A-B43A-4215-AAFE-057ED2EA80D7}D:\metin2\metin2\metin2.bin" = protocol=6 | dir=in | app=d:\metin2\metin2\metin2.bin |
"TCP Query User{E3EE47DC-50D9-44D5-99AB-50685473C3A9}D:\mouse server\mouseserver\mouseserver.exe" = protocol=6 | dir=in | app=d:\mouse server\mouseserver\mouseserver.exe |
"TCP Query User{E83168FA-9848-4C9C-881D-BD0DCD7A2EB8}D:\gry\mt2\game.exe" = protocol=6 | dir=in | app=d:\gry\mt2\game.exe |
"TCP Query User{F692CBF3-C36F-4B1A-8AF8-BBC0CD327BF0}D:\gry\age of empires iii\empire earth.exe" = protocol=6 | dir=in | app=d:\gry\age of empires iii\empire earth.exe |
"TCP Query User{F8870A80-97F9-4A67-A339-F9ABBEF62E51}D:\gry\mt\empiremt2\empiremt2.dll" = protocol=6 | dir=in | app=d:\gry\mt\empiremt2\empiremt2.dll |
"TCP Query User{F8E9546B-FB85-4D74-9E06-D451C36A825A}D:\gry\mt2\game.exe" = protocol=6 | dir=in | app=d:\gry\mt2\game.exe |
"TCP Query User{FB7E731C-EA71-4241-9623-85AFF6CC583F}D:\gry\mt2\game" = protocol=6 | dir=in | app=d:\gry\mt2\game |
"TCP Query User{FE0E1726-2D0E-4B73-A5DF-37455B6E01D6}D:\gg\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=d:\gg\gadu-gadu 10\gg.exe |
"UDP Query User{004DB68A-9026-4244-99E5-2BF0B63DC85B}D:\gry\cs\counter-strike\hl.exe" = protocol=17 | dir=in | app=d:\gry\cs\counter-strike\hl.exe |
"UDP Query User{00B383FF-ADA2-47DA-8B22-7E0364931AD6}D:\metin2008\equinox.exe" = protocol=17 | dir=in | app=d:\metin2008\equinox.exe |
"UDP Query User{04572E81-1E46-40BA-91A2-8C860C870027}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{11E0CDD7-6B89-49F8-BE21-9002AE5F352B}D:\b\metin2client.bin" = protocol=17 | dir=in | app=d:\b\metin2client.bin |
"UDP Query User{1862EF9D-4E31-4647-ABEA-A8EFA237EDC5}D:\mouse server\mouseserver\mouseserver.exe" = protocol=17 | dir=in | app=d:\mouse server\mouseserver\mouseserver.exe |
"UDP Query User{18A826A2-8AF2-4B95-AF2C-1351532A3F23}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{1AE314A5-6F2C-4FA9-A7F5-5FA66B7433FB}H:\xenox_mt2_klient(nowy patch 03.09.2011r)\xenoxmt2 launcher.exe" = protocol=17 | dir=in | app=h:\xenox_mt2_klient(nowy patch 03.09.2011r)\xenoxmt2 launcher.exe |
"UDP Query User{1EC59AF1-7EFB-4064-B547-8A5BD17321D8}D:\n\nemoria\_nemoria.exe" = protocol=17 | dir=in | app=d:\n\nemoria\_nemoria.exe |
"UDP Query User{1F6B6A1A-ED24-4D49-8FBA-49AF33556854}D:\gry\mt\bloodymt2\metin2.exe" = protocol=17 | dir=in | app=d:\gry\mt\bloodymt2\metin2.exe |
"UDP Query User{26D85696-AE73-4085-AB5A-BA55DCC21C4A}D:\gry\cs\counter-strike\hl.exe" = protocol=17 | dir=in | app=d:\gry\cs\counter-strike\hl.exe |
"UDP Query User{2785E2C2-2C0E-414A-8232-001FFE24F87B}D:\s\sarios\_sarios.exe" = protocol=17 | dir=in | app=d:\s\sarios\_sarios.exe |
"UDP Query User{30D58D71-98DF-49A7-AAC5-C513E00B2C2E}D:\gry\age of empires iii\empire earth.exe" = protocol=17 | dir=in | app=d:\gry\age of empires iii\empire earth.exe |
"UDP Query User{311CD8DD-18CB-4568-8D6E-B1DDB2ED3336}D:\yitian2\metin2\yitian2.exe" = protocol=17 | dir=in | app=d:\yitian2\metin2\yitian2.exe |
"UDP Query User{34B9843E-9735-4A1E-B799-C41EACCD91BC}D:\gry\quake iii\q3\quake3.exe" = protocol=17 | dir=in | app=d:\gry\quake iii\q3\quake3.exe |
"UDP Query User{354EE5C2-E723-4D45-85B4-6C0057A3CBE2}D:\gry\mt2\game" = protocol=17 | dir=in | app=d:\gry\mt2\game |
"UDP Query User{3AB9870C-8179-4523-A935-CE90B1B7FF17}D:\gry\mt2\raske\raske.exe" = protocol=17 | dir=in | app=d:\gry\mt2\raske\raske.exe |
"UDP Query User{3CB98A72-5117-492B-98D4-79817ECF81E9}D:\xenoxmt2client_11.02.2012r_by_pawemol\xenoxmt2 launcher.exe" = protocol=17 | dir=in | app=d:\xenoxmt2client_11.02.2012r_by_pawemol\xenoxmt2 launcher.exe |
"UDP Query User{3F081D67-604B-4BAF-9342-4C390018D446}D:\gg\ares\ares.exe" = protocol=17 | dir=in | app=d:\gg\ares\ares.exe |
"UDP Query User{449DE537-0445-4CE7-A4B1-114E91E20E59}D:\hary\monia\sdl.exe" = protocol=17 | dir=in | app=d:\hary\monia\sdl.exe |
"UDP Query User{45E3266B-AEEA-4A9C-AA24-BCD3D6B61944}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{4BDA2683-B5CB-42B7-A9D4-66E998D7705A}D:\gry\rollercoaster tycoon\rollercoaster\rct.exe" = protocol=17 | dir=in | app=d:\gry\rollercoaster tycoon\rollercoaster\rct.exe |
"UDP Query User{4C13BC55-B621-4786-9416-58190734A8D9}D:\gry\mt2\game.exe" = protocol=17 | dir=in | app=d:\gry\mt2\game.exe |
"UDP Query User{4E21C098-A1E0-48F7-9441-DD9A8C0E19A5}D:\gry\xen\xenoxmt2client_11.02.2012r_by_pawemol\xenoxmt2 launcher.exe" = protocol=17 | dir=in | app=d:\gry\xen\xenoxmt2client_11.02.2012r_by_pawemol\xenoxmt2 launcher.exe |
"UDP Query User{51E1E4B9-CC02-4CAA-872B-E4FA080932C4}D:\metin2\metin2\metin2.bin" = protocol=17 | dir=in | app=d:\metin2\metin2\metin2.bin |
"UDP Query User{54D50946-50A5-43A9-A268-545E354BA6D4}D:\yitian2nowy\metin2\yt2.exe" = protocol=17 | dir=in | app=d:\yitian2nowy\metin2\yt2.exe |
"UDP Query User{5BAF5B86-1FF8-4FAD-B7DC-528A85E2B2A5}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{61A6FF53-AB88-48A7-9B91-2942B91F302D}D:\a\alios2\alios2.exe" = protocol=17 | dir=in | app=d:\a\alios2\alios2.exe |
"UDP Query User{61B79820-37EB-4ABB-BABF-FA65FE149246}D:\gry\mt2\game" = protocol=17 | dir=in | app=d:\gry\mt2\game |
"UDP Query User{626A1370-82DD-4B22-B6C6-CF3984EC79B8}D:\yitian2\metin2\yt2.exe" = protocol=17 | dir=in | app=d:\yitian2\metin2\yt2.exe |
"UDP Query User{6577C623-1CB1-4C26-87FC-9CF5587C81C2}D:\gg\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=d:\gg\gadu-gadu 10\gg.exe |
"UDP Query User{6A131B3D-770C-44F3-A090-4ED5B1EDD9D4}D:\yitian2nowy\metin2\equinox.exe" = protocol=17 | dir=in | app=d:\yitian2nowy\metin2\equinox.exe |
"UDP Query User{73FBC385-974F-4239-B1E5-8EBAF5B54C5F}D:\yitian2nowy\metin2\yt2.exe" = protocol=17 | dir=in | app=d:\yitian2nowy\metin2\yt2.exe |
"UDP Query User{7FECA81C-E854-404E-BD14-375CDD803655}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{809CC42E-6F2B-4654-8ECF-0E6ECD490880}D:\metin2\metin2\metin2client.bin" = protocol=17 | dir=in | app=d:\metin2\metin2\metin2client.bin |
"UDP Query User{90E4BF6C-0FF1-4FC6-9358-50057CB0C4FE}D:\l\longju2.pl\longju2.exe" = protocol=17 | dir=in | app=d:\l\longju2.pl\longju2.exe |
"UDP Query User{A8F4D2DF-E96F-4884-91BB-4FFED3EE7471}D:\gry\quake iii\q3\quake3.exe" = protocol=17 | dir=in | app=d:\gry\quake iii\q3\quake3.exe |
"UDP Query User{AF315E42-2FB9-4326-AD52-D525551FC895}F:\yitian2nowy\metin2\yt2.exe" = protocol=17 | dir=in | app=f:\yitian2nowy\metin2\yt2.exe |
"UDP Query User{B183A838-AD5A-4169-9FF2-0C8DCCA3996A}H:\private\xenox_mt2_klient(nowy patch 03.09.2011r)\xenoxmt2 launcher.exe" = protocol=17 | dir=in | app=h:\private\xenox_mt2_klient(nowy patch 03.09.2011r)\xenoxmt2 launcher.exe |
"UDP Query User{B457B14F-2211-4DE5-A18A-3706A7C26975}D:\remote\ultimate control\ucontrol.exe" = protocol=17 | dir=in | app=d:\remote\ultimate control\ucontrol.exe |
"UDP Query User{B4C7D3C4-9679-4A0E-9DD9-45B9D6A0ACE7}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{C14CA25E-A451-474B-840F-34B877DFA9C0}D:\xenox_mt2_klient(nowy patch 03.09.2011r)\xenoxmt2 launcher.exe" = protocol=17 | dir=in | app=d:\xenox_mt2_klient(nowy patch 03.09.2011r)\xenoxmt2 launcher.exe |
"UDP Query User{C3095026-67D2-496C-ADD7-14936E776CE2}D:\gg\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=d:\gg\gadu-gadu 10\gg.exe |
"UDP Query User{C87B1F44-7A45-4C5D-AA04-4617C62AEC29}D:\ares\ares.exe" = protocol=17 | dir=in | app=d:\ares\ares.exe |
"UDP Query User{CADD090C-F350-4816-99D4-285472E1D62D}C:\program files\air mouse\air mouse\mobile mouse service.exe" = protocol=17 | dir=in | app=c:\program files\air mouse\air mouse\mobile mouse service.exe |
"UDP Query User{CB1E4D1A-AB80-4358-9F95-AF726831C7BF}F:\cs\counter-strike\hl.exe" = protocol=17 | dir=in | app=f:\cs\counter-strike\hl.exe |
"UDP Query User{CC388A72-4314-49B8-9BFE-3DE908ED4C8D}C:\program files\air mouse\air mouse\air mouse.exe" = protocol=17 | dir=in | app=c:\program files\air mouse\air mouse\air mouse.exe |
"UDP Query User{CF8620FB-E6D6-46AA-9D96-2C610068B8FC}D:\metin2 z wofx\metin2\equinox.exe" = protocol=17 | dir=in | app=d:\metin2 z wofx\metin2\equinox.exe |
"UDP Query User{D8179415-6A35-453B-8966-9C24DCE525BF}D:\gry\mt\empiremt2\empiremt2.dll" = protocol=17 | dir=in | app=d:\gry\mt\empiremt2\empiremt2.dll |
"UDP Query User{DCEA965A-32D2-4B2A-8BE4-3C33E0639197}D:\gry\age of empires ii\empires2.exe" = protocol=17 | dir=in | app=d:\gry\age of empires ii\empires2.exe |
"UDP Query User{E0484BE1-7439-4F5D-9781-45C39F864341}D:\gry\mt2\game.exe" = protocol=17 | dir=in | app=d:\gry\mt2\game.exe |
"UDP Query User{E7E73D5E-E31C-47E3-9468-364A2E41F227}D:\metin2\metin2\metin2client.exe" = protocol=17 | dir=in | app=d:\metin2\metin2\metin2client.exe |
"UDP Query User{EDC773D4-BA36-4D5A-A1C0-75D62ED0432B}C:\program files\bittornado\btdownloadgui.exe" = protocol=17 | dir=in | app=c:\program files\bittornado\btdownloadgui.exe |
"UDP Query User{EF353CCE-186E-4CE1-A5B2-4BACEF71A81A}D:\nowy folder\empiremt2\empiremt2.dll" = protocol=17 | dir=in | app=d:\nowy folder\empiremt2\empiremt2.dll |
"UDP Query User{F010F888-CF22-4D36-8389-294C54EA3012}D:\gg\ares\ares.exe" = protocol=17 | dir=in | app=d:\gg\ares\ares.exe |
"UDP Query User{F26862F3-8ABC-4A12-877A-6B44582BC3DE}D:\ares\ares.exe" = protocol=17 | dir=in | app=d:\ares\ares.exe |
"UDP Query User{F5ECF4D1-4163-4551-A4AC-87F787CDF828}D:\gry\w\worms armageddon\wa.exe" = protocol=17 | dir=in | app=d:\gry\w\worms armageddon\wa.exe |
"UDP Query User{FD761D8B-E406-49D4-80B1-EB896B8AE3A4}F:\cs\counter-strike\hltv.exe" = protocol=17 | dir=in | app=f:\cs\counter-strike\hltv.exe |
"UDP Query User{FD7863A8-B2A6-41B3-8841-49DAE64D46EA}D:\gry\xen\xenoxmt2client_11.02.2012r_by_pawemol\xenoxmt2 launcher.exe" = protocol=17 | dir=in | app=d:\gry\xen\xenoxmt2client_11.02.2012r_by_pawemol\xenoxmt2 launcher.exe |
"UDP Query User{FEEF24C9-9391-49DD-A38A-D9578D36323D}F:\inne\xenoxmt2client_11.02.2012r_by_pawemol\xenoxmt2 launcher.exe" = protocol=17 | dir=in | app=f:\inne\xenoxmt2client_11.02.2012r_by_pawemol\xenoxmt2 launcher.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0A2A5039-B37F-489D-B1DC-A5258DF9E697}" = FIFA 08
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{3732AF18-9C3C-428D-B944-F7E3FADEE3F3}" = Adobe Setup
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DFF1415-4C29-44A8-BFD4-2BCE249C4991}" = SpPhones
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{560F47F7-EB23-44B1-AAFC-667F1CD8FE5C}" = Sp5
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5A7B12EE-49F5-4019-8EA1-4BA4C41132E5}" = ESET NOD32 Antivirus
"{5C19E2DC-4CCF-3114-B40A-6E565987025F}" = Microsoft .NET Framework 4 Extended PLK Language Pack
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6C3959C6-943E-44B3-BAAD-570B04B134E5}" = SpCommon
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{9CC96D78-9E1D-46E0-AF4D-3EB440CD4619}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B92C2C6C-F70E-497B-88A7-1FEF9888272B}" = Adobe AIR
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C6640705-7479-4EE5-BC86-879F05F65E74}" = Google Drive
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{DFA4CA5A-D073-4964-B8F5-778612851045}" = Nero 8
"{E415C943-37E5-473F-8BAE-043C56734124}" = Sp5TTInt
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E6C44758-FF49-47D1-8182-65E3818ACE23}" = AuthenTec TrueSuite
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F4DA32EA-B9F2-4B22-87E2-E8937DA4F6A8}" = Adobe Creative Suite 4 Web Premium
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FD4B33E1-24AE-4535-AA7B-162B30FB57CD}" = Sp5Intl
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"Adobe_6f2ce928cc3187358f216191905bbea" = Adobe Creative Suite 4 Web Premium
"ang_pig_3_ks_is1" = Angielski w pigułce 3.0
"AP Tuner 3.08" = AP Tuner 3.08
"ASUS WebCam, 1.3M, USB2.0, FF" = ASUS WebCam, 1.3M, USB2.0, FF
"Audacity_is1" = Audacity 2.0.5
"CCleaner" = CCleaner
"Counter-Strike" = Counter-Strike 1.0
"Dev-C++" = Dev-C++
"ENTERPRISE" = Microsoft Office Enterprise 2007
"foobar2000" = foobar2000 v1.0.1
"Foxit Reader" = Foxit Reader
"Gadu-Gadu 10" = Gadu-Gadu 10
"Google Chrome" = Google Chrome
"HaaliMkx" = Haali Media Splitter
"hiszp_pig_2_is1" = Hiszpański w pigułce 2.0
"ipla" = ipla 2.7
"IrfanView" = IrfanView (remove only)
"JDownloader" = JDownloader
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.7.0 (Full)
"LAME_is1" = LAME v3.99.3 (for Windows)
"Mad Tracks_is1" = Mad Tracks PL 1.2
"niem_pig_3_ks_is1" = Niemiecki w pigułce 3.0
"NVIDIA Drivers" = NVIDIA Drivers
"Odkurzacz 13.2_is1" = Odkurzacz
"OFICJALNE TESTY EGZAMINACYJNE PWPW" = OFICJALNE TESTY EGZAMINACYJNE PWPW
"RealAlt_is1" = Real Alternative 2.0.2
"RollerCoaster Tycoon Setup" = Roll
"SubEdit - Vista WMP Patch_is1" = SubEdit - Vista WMP Patch
"SubEdit-Player_is1" = SubEdit-Player
"Swords and Sandals 2" = Swords and Sandals 2 2.0
"Testy 2013 e-kierowca" = Testy 2013 e-kierowca
"uTorrent" = µTorrent
"WinRAR archiver" = Archiwizator WinRAR

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3802862663-1884990201-4034059971-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 2014-08-24 15:56:11 | Computer Name = Wojtek-Komputer | Source = Microsoft-Windows-User Profiles Service | ID = 1508
Description = System Windows nie może załadować rejestru. Częstą przyczyną tego
problemu jest za mała ilość pamięci lub brak wystarczających praw zabezpieczeń.
SZCZEGÓŁY - Operacja We/Wy zainicjowana przez rejestr nie powiodła się w sposób
nieodwracalny. Rejestr nie może wczytać, wypisać lub opróżnić jednego z plików
zawierających obraz rejestru systemu. for C:\Users\Wojtek\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error - 2014-08-24 15:56:11 | Computer Name = Wojtek-Komputer | Source = Microsoft-Windows-User Profiles Service | ID = 1542
Description = System Windows nie może załadować pliku rejestru klas. SZCZEGÓŁY —
Operacja We/Wy zainicjowana przez rejestr nie powiodła się w sposób nieodwracalny.
Rejestr nie może wczytać, wypisać lub opróżnić jednego z plików zawierających obraz
rejestru systemu.

Error - 2014-08-24 17:28:09 | Computer Name = Wojtek-Komputer | Source = Microsoft-Windows-User Profiles Service | ID = 1508
Description = System Windows nie może załadować rejestru. Częstą przyczyną tego
problemu jest za mała ilość pamięci lub brak wystarczających praw zabezpieczeń.
SZCZEGÓŁY - Operacja We/Wy zainicjowana przez rejestr nie powiodła się w sposób
nieodwracalny. Rejestr nie może wczytać, wypisać lub opróżnić jednego z plików
zawierających obraz rejestru systemu. for C:\Users\Wojtek\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error - 2014-08-24 17:28:11 | Computer Name = Wojtek-Komputer | Source = Microsoft-Windows-User Profiles Service | ID = 1542
Description = System Windows nie może załadować pliku rejestru klas. SZCZEGÓŁY —
Operacja We/Wy zainicjowana przez rejestr nie powiodła się w sposób nieodwracalny.
Rejestr nie może wczytać, wypisać lub opróżnić jednego z plików zawierających obraz
rejestru systemu.

Error - 2014-08-24 17:29:54 | Computer Name = Wojtek-Komputer | Source = Microsoft-Windows-User Profiles Service | ID = 1508
Description = System Windows nie może załadować rejestru. Częstą przyczyną tego
problemu jest za mała ilość pamięci lub brak wystarczających praw zabezpieczeń.
SZCZEGÓŁY - Operacja We/Wy zainicjowana przez rejestr nie powiodła się w sposób
nieodwracalny. Rejestr nie może wczytać, wypisać lub opróżnić jednego z plików
zawierających obraz rejestru systemu. for C:\Users\Wojtek\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error - 2014-08-24 17:29:54 | Computer Name = Wojtek-Komputer | Source = Microsoft-Windows-User Profiles Service | ID = 1542
Description = System Windows nie może załadować pliku rejestru klas. SZCZEGÓŁY —
Operacja We/Wy zainicjowana przez rejestr nie powiodła się w sposób nieodwracalny.
Rejestr nie może wczytać, wypisać lub opróżnić jednego z plików zawierających obraz
rejestru systemu.

Error - 2014-08-25 13:51:59 | Computer Name = Wojtek-Komputer | Source = Microsoft-Windows-User Profiles Service | ID = 1508
Description = System Windows nie może załadować rejestru. Częstą przyczyną tego
problemu jest za mała ilość pamięci lub brak wystarczających praw zabezpieczeń.
SZCZEGÓŁY - Operacja We/Wy zainicjowana przez rejestr nie powiodła się w sposób
nieodwracalny. Rejestr nie może wczytać, wypisać lub opróżnić jednego z plików
zawierających obraz rejestru systemu. for C:\Users\Wojtek\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error - 2014-08-25 13:51:59 | Computer Name = Wojtek-Komputer | Source = Microsoft-Windows-User Profiles Service | ID = 1542
Description = System Windows nie może załadować pliku rejestru klas. SZCZEGÓŁY —
Operacja We/Wy zainicjowana przez rejestr nie powiodła się w sposób nieodwracalny.
Rejestr nie może wczytać, wypisać lub opróżnić jednego z plików zawierających obraz
rejestru systemu.

Error - 2014-08-25 13:53:36 | Computer Name = Wojtek-Komputer | Source = Microsoft-Windows-User Profiles Service | ID = 1508
Description = System Windows nie może załadować rejestru. Częstą przyczyną tego
problemu jest za mała ilość pamięci lub brak wystarczających praw zabezpieczeń.
SZCZEGÓŁY - Operacja We/Wy zainicjowana przez rejestr nie powiodła się w sposób
nieodwracalny. Rejestr nie może wczytać, wypisać lub opróżnić jednego z plików
zawierających obraz rejestru systemu. for C:\Users\Wojtek\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error - 2014-08-25 13:53:36 | Computer Name = Wojtek-Komputer | Source = Microsoft-Windows-User Profiles Service | ID = 1542
Description = System Windows nie może załadować pliku rejestru klas. SZCZEGÓŁY —
Operacja We/Wy zainicjowana przez rejestr nie powiodła się w sposób nieodwracalny.
Rejestr nie może wczytać, wypisać lub opróżnić jednego z plików zawierających obraz
rejestru systemu.

[ OSession Events ]
Error - 2013-03-06 14:27:21 | Computer Name = Wojtek-Komputer | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 218
seconds with 120 seconds of active time. This session ended with a crash.

Error - 2013-03-06 14:28:35 | Computer Name = Wojtek-Komputer | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 57
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 2014-08-25 15:23:36 | Computer Name = Wojtek-Komputer | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok.

Error - 2014-08-25 15:23:39 | Computer Name = Wojtek-Komputer | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok.

Error - 2014-08-25 15:23:42 | Computer Name = Wojtek-Komputer | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok.

Error - 2014-08-25 15:23:46 | Computer Name = Wojtek-Komputer | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok.

Error - 2014-08-25 15:23:49 | Computer Name = Wojtek-Komputer | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok.

Error - 2014-08-25 15:23:52 | Computer Name = Wojtek-Komputer | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok.

Error - 2014-08-25 15:23:55 | Computer Name = Wojtek-Komputer | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok.

Error - 2014-08-25 15:23:58 | Computer Name = Wojtek-Komputer | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok.

Error - 2014-08-25 15:24:01 | Computer Name = Wojtek-Komputer | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok.

Error - 2014-08-25 15:24:04 | Computer Name = Wojtek-Komputer | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok.


< End of report >

OTL:
OTL logfile created on: 2014-08-25 21:11:01 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Wojtek\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 0,95 Gb Available Physical Memory | 47,56% Memory free
4,00 Gb Paging File | 2,63 Gb Available in Paging File | 65,88% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 31,78 Gb Total Space | 2,63 Gb Free Space | 8,28% Space Free | Partition Type: NTFS
Drive D: | 80,00 Gb Total Space | 25,80 Gb Free Space | 32,25% Space Free | Partition Type: NTFS

Computer Name: WOJTEK-KOMPUTER | User Name: Wojtek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014-08-24 19:19:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Wojtek\Desktop\OTL.exe
PRC - [2014-08-07 05:20:57 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2012-11-23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012-06-11 21:36:21 | 000,058,288 | ---- | M] (Absolute Software Corp.) -- C:\Windows\System32\rpcnet.exe
PRC - [2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009-09-11 08:24:32 | 000,735,960 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2009-09-11 08:23:46 | 002,054,360 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2006-01-06 15:57:06 | 000,344,064 | ---- | M] (Sonix) -- C:\Windows\vsnp2std.exe


========== Modules (No Company Name) ==========

MOD - [2014-08-07 05:20:55 | 000,353,096 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\36.0.1985.143\ppgooglenaclpluginchrome.dll
MOD - [2014-08-07 05:20:53 | 008,537,928 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\36.0.1985.143\pdf.dll
MOD - [2014-08-07 05:20:46 | 001,732,936 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll


========== Services (SafeList) ==========

SRV - [2012-07-13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-06-11 21:36:21 | 000,058,288 | ---- | M] (Absolute Software Corp.) [Auto | Running] -- C:\Windows\System32\rpcnet.exe -- (rpcnet)
SRV - [2011-01-31 22:48:51 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010-11-12 01:36:43 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009-09-11 08:33:18 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009-09-11 08:24:32 | 000,735,960 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2009-07-14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Wojtek\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2014-08-25 20:09:13 | 000,104,960 | ---- | M] (GMER) [Kernel | On_Demand | Running] -- C:\kwrdqpob.sys -- (kwrdqpob)
DRV - [2010-11-20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010-11-20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010-11-20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010-11-20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010-11-20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010-11-20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010-11-20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010-07-29 00:25:02 | 000,025,112 | ---- | M] (Initio Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ivusb.sys -- (ivusb)
DRV - [2009-12-03 16:48:44 | 000,625,224 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATSwpWDF.sys -- (ATSwpWDF)
DRV - [2009-09-11 08:26:28 | 000,095,896 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV - [2009-09-11 08:23:50 | 000,108,792 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009-09-11 08:17:16 | 000,116,008 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamon.sys -- (eamon)
DRV - [2009-09-07 09:00:28 | 000,048,128 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2009-07-14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009-07-14 00:13:48 | 001,035,776 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009-07-14 00:02:52 | 000,043,008 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2009-06-25 07:25:58 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2009-06-25 07:10:48 | 000,044,544 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2008-01-11 19:43:00 | 008,240,896 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2006-01-17 20:50:08 | 010,221,952 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2sxp.sys -- (SNP2STD)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{2F9ABC16-ADA9-4684-8113-2BB66CB17BB6}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6BD63EF5-F376-4104-B390-F6E1E3BEDAAC}: "URL" = http://startsear.ch/?q={searchTerms}


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-3802862663-1884990201-4034059971-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-3802862663-1884990201-4034059971-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3802862663-1884990201-4034059971-1000\..\SearchScopes\{04056464-19C0-44F4-ADF0-5F9E96FA8107}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2670199
IE - HKU\S-1-5-21-3802862663-1884990201-4034059971-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3802862663-1884990201-4034059971-1000\..\SearchScopes\{2F9ABC16-ADA9-4684-8113-2BB66CB17BB6}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3802862663-1884990201-4034059971-1000\..\SearchScopes\{6BD63EF5-F376-4104-B390-F6E1E3BEDAAC}: "URL" = http://startsear.ch/?q={searchTerms}
IE - HKU\S-1-5-21-3802862663-1884990201-4034059971-1000\..\SearchScopes\{EB0F3B09-A444-4058-B43B-2557EB009B88}: "URL" = http://startsear.ch/?aff=1&q={searchTerms}
IE - HKU\S-1-5-21-3802862663-1884990201-4034059971-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3802862663-1884990201-4034059971-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-3802862663-1884990201-4034059971-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 212.200.23.18:8080


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.666: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.666: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.666: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.666: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.666: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Wojtek\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-09-10 20:10:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010-11-10 21:35:24 | 000,000,000 | ---D | M]

[2013-10-20 22:42:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wojtek\AppData\Roaming\mozilla\Extensions
[2013-10-20 22:42:19 | 000,000,000 | ---D | M] (Speed Analysis 3) -- C:\Users\Wojtek\AppData\Roaming\mozilla\Extensions\speedanalysis03@SpeedAnalysis.com
[2013-10-20 22:42:38 | 000,000,000 | ---D | M] (Zula Games) -- C:\Users\Wojtek\AppData\Roaming\mozilla\Extensions\zulagames@ZulaGames.com

========== Chrome ==========

CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.google.pl/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\36.0.1985.143\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\36.0.1985.143\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: vShare.tv plug-in (Enabled) = C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\chvsharetvplg.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U22 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - Extension: Dysk Google = C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.3_0\
CHR - Extension: Szukaj w Google = C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Google Wallet = C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Wojtek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2014-08-24 13:51:03 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (IVONA Reader) - {8664889D-ED18-4713-918F-E2BB69D8452B} - C:\Program Files\IVONA\IVONA Reader\integr\IR_iexplorer2.dll File not found
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (IVONA Reader) - {8664889D-ED18-4713-918F-E2BB69D8452B} - C:\Program Files\IVONA\IVONA Reader\integr\IR_iexplorer2.dll File not found
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [snp2std] C:\Windows\vsnp2std.exe (Sonix)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3802862663-1884990201-4034059971-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3802862663-1884990201-4034059971-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3802862663-1884990201-4034059971-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html File not found
O8 - Extra context menu item: Funkcja Google Sidewiki - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll/cmsidewiki.html File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 10.17.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F47E687B-551F-4043-89B3-F6E3F5DAD01E} http://91.189.220.17/VDControl.CAB (VideoDeviceControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2533E8FE-4699-48FE-834D-C98911B5679A}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B913F3A7-34D0-4770-93A7-0C65A853F772}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DACDCD5A-ADBF-42FC-A941-8F529934BF76}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014-08-25 20:09:13 | 000,104,960 | ---- | C] (GMER) -- C:\kwrdqpob.sys
[2014-08-25 20:03:53 | 000,522,360 | ---- | C] (Duplex Secure Ltd.) -- C:\Users\Wojtek\Desktop\SPTDinst-v186-x86.exe
[2014-08-24 19:15:40 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Wojtek\Desktop\OTL.exe
[2014-08-24 18:47:19 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\System32\sqlite3.dll
[2014-08-24 18:39:47 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014-08-24 15:51:29 | 002,425,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2014-08-24 15:51:29 | 000,045,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2014-08-24 15:50:30 | 000,179,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2014-08-24 15:50:30 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2014-08-24 14:04:11 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014-08-24 13:50:55 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2014-08-24 12:50:30 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2014-08-24 12:50:30 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2014-08-24 12:50:30 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2014-08-24 12:48:59 | 000,000,000 | ---D | C] -- C:\ComboFix
[2014-08-24 12:48:15 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014-08-24 12:46:09 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2014-08-24 12:42:08 | 005,572,212 | R--- | C] (Swearware) -- C:\Users\Wojtek\Desktop\ComboFix.exe
[2014-08-19 02:04:48 | 000,000,000 | ---D | C] -- C:\Users\Wojtek\AppData\Local\AirMouse
[2014-08-19 01:52:29 | 000,000,000 | ---D | C] -- C:\Users\Wojtek\AppData\Local\NEGU_Soft

========== Files - Modified Within 30 Days ==========

[2014-08-25 20:09:13 | 000,104,960 | ---- | M] (GMER) -- C:\kwrdqpob.sys
[2014-08-25 20:07:35 | 000,522,360 | ---- | M] (Duplex Secure Ltd.) -- C:\Users\Wojtek\Desktop\SPTDinst-v186-x86.exe
[2014-08-25 20:01:27 | 000,013,472 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014-08-25 20:01:27 | 000,013,472 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014-08-25 19:52:14 | 000,080,206 | ---- | M] () -- C:\Users\Wojtek\AppData\Roaming\nvModes.001
[2014-08-25 19:52:04 | 000,017,408 | ---- | M] () -- C:\Windows\System32\rpcnetp.exe
[2014-08-25 19:52:02 | 000,058,288 | ---- | M] (Absolute Software Corp.) -- C:\Windows\System32\rpcnet.dll
[2014-08-25 19:50:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014-08-25 19:50:21 | 1609,424,896 | -HS- | M] () -- C:\hiberfil.sys
[2014-08-24 19:23:54 | 000,380,416 | ---- | M] () -- C:\Users\Wojtek\Desktop\nxde0so7.exe
[2014-08-24 19:19:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Wojtek\Desktop\OTL.exe
[2014-08-24 18:43:12 | 001,364,531 | ---- | M] () -- C:\Users\Wojtek\Desktop\adwcleaner_3.308.exe
[2014-08-24 13:51:03 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2014-08-24 12:45:53 | 005,572,212 | R--- | M] (Swearware) -- C:\Users\Wojtek\Desktop\ComboFix.exe
[2014-08-24 12:44:38 | 000,738,208 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2014-08-24 12:44:38 | 000,154,864 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2014-08-24 12:44:35 | 000,652,376 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014-08-24 12:44:35 | 000,121,308 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014-08-20 17:20:00 | 000,080,206 | ---- | M] () -- C:\Users\Wojtek\AppData\Roaming\nvModes.dat

========== Files Created - No Company Name ==========

[2014-08-24 19:20:31 | 000,380,416 | ---- | C] () -- C:\Users\Wojtek\Desktop\nxde0so7.exe
[2014-08-24 18:39:04 | 001,364,531 | ---- | C] () -- C:\Users\Wojtek\Desktop\adwcleaner_3.308.exe
[2014-08-24 12:50:30 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2014-08-24 12:50:30 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2014-08-24 12:50:30 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2014-08-24 12:50:30 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2014-08-24 12:50:30 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010-11-10 22:14:43 | 000,080,206 | ---- | C] () -- C:\Users\Wojtek\AppData\Roaming\nvModes.001
[2010-11-10 22:14:01 | 000,080,206 | ---- | C] () -- C:\Users\Wojtek\AppData\Roaming\nvModes.dat

========== ZeroAccess Check ==========

[2009-07-14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2010-11-20 13:05:05 | 000,000,000 | ---D | M] -- C:\Users\Wojtek\AppData\Roaming\.BitTornado
[2014-04-07 14:30:57 | 000,000,000 | ---D | M] -- C:\Users\Wojtek\AppData\Roaming\Audacity
[2011-07-07 15:24:41 | 000,000,000 | ---D | M] -- C:\Users\Wojtek\AppData\Roaming\DAEMON Tools Lite
[2013-10-29 23:48:06 | 000,000,000 | ---D | M] -- C:\Users\Wojtek\AppData\Roaming\Dev-Cpp
[2013-11-21 19:32:10 | 000,000,000 | ---D | M] -- C:\Users\Wojtek\AppData\Roaming\DMCache
[2013-07-18 12:54:59 | 000,000,000 | ---D | M] -- C:\Users\Wojtek\AppData\Roaming\fizzy
[2014-08-24 16:43:49 | 000,000,000 | ---D | M] -- C:\Users\Wojtek\AppData\Roaming\foobar2000
[2010-11-12 15:31:21 | 000,000,000 | ---D | M] -- C:\Users\Wojtek\AppData\Roaming\Foxit Software
[2012-10-08 17:27:09 | 000,000,000 | ---D | M] -- C:\Users\Wojtek\AppData\Roaming\Gadu-Gadu 10
[2013-10-15 19:41:54 | 000,000,000 | ---D | M] -- C:\Users\Wojtek\AppData\Roaming\IDM
[2014-03-28 23:34:56 | 000,000,000 | ---D | M] -- C:\Users\Wojtek\AppData\Roaming\ipla
[2011-08-12 22:11:47 | 000,000,000 | ---D | M] -- C:\Users\Wojtek\AppData\Roaming\IrfanView
[2013-05-20 18:34:33 | 000,000,000 | ---D | M] -- C:\Users\Wojtek\AppData\Roaming\IVONA ControlCenter
[2013-05-20 18:44:28 | 000,000,000 | ---D | M] -- C:\Users\Wojtek\AppData\Roaming\IVONA Reader
[2012-03-28 18:19:42 | 000,000,000 | ---D | M] -- C:\Users\Wojtek\AppData\Roaming\Leadertech
[2011-01-17 17:46:21 | 000,000,000 | ---D | M] -- C:\Users\Wojtek\AppData\Roaming\Mount&Blade
[2011-03-19 17:39:41 | 000,000,000 | ---D | M] -- C:\Users\Wojtek\AppData\Roaming\MyHeritage
[2010-11-11 16:53:00 | 000,000,000 | ---D | M] -- C:\Users\Wojtek\AppData\Roaming\OpenFM
[2010-11-12 23:56:54 | 000,000,000 | ---D | M] -- C:\Users\Wojtek\AppData\Roaming\Opera
[2012-06-03 17:50:35 | 000,000,000 | ---D | M] -- C:\Users\Wojtek\AppData\Roaming\PhoneRemoteControl
[2010-11-10 22:33:38 | 000,000,000 | ---D | M] -- C:\Users\Wojtek\AppData\Roaming\RDRM
[2014-02-14 02:42:09 | 000,000,000 | ---D | M] -- C:\Users\Wojtek\AppData\Roaming\testy.2013.DVD
[2014-02-14 02:33:57 | 000,000,000 | ---D | M] -- C:\Users\Wojtek\AppData\Roaming\Testy.2014.PWPW
[2011-03-19 17:35:10 | 000,000,000 | ---D | M] -- C:\Users\Wojtek\AppData\Roaming\The Complete Genealogy Reporter - FTB
[2010-11-12 13:56:15 | 000,000,000 | ---D | M] -- C:\Users\Wojtek\AppData\Roaming\Thinstall
[2013-03-30 22:36:05 | 000,000,000 | ---D | M] -- C:\Users\Wojtek\AppData\Roaming\Unity
[2014-04-19 16:06:50 | 000,000,000 | ---D | M] -- C:\Users\Wojtek\AppData\Roaming\uTorrent
[2010-11-23 18:24:47 | 000,000,000 | ---D | M] -- C:\Users\Wojtek\AppData\Roaming\VitySoft

========== Purity Check ==========



< End of report >
Annuaki
~user
 
Posty: 2
Dołączenie: 24 Sie 2014, 19:11


Góra
Wyślij odpowiedź

Powróć do Hardware

Kto jest na forum

Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 24 gości

Powered by phpBB © Group
Forum Programosy.pl