Proszę o sprawdzenie LOG OTL

Post02 lut 2014, 16:35

Podczas uruchamiania komputera wyskakuje mi komunikat:
"Wystąpił problem podczas uruchamiania pliku C:\Users\Ja\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll
Nie można odnaleźć określonego modułu."

Wykonałam skanowanie MBAM i usunęłam wykryte zagrożenia.
Użyłam także AdwCleaner opcja Szukaj i Usuń.
Logi z OTL :

OTL logfile created on: 2014-02-02 15:41:26 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ewka\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16750)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,89 Gb Total Physical Memory | 2,25 Gb Available Physical Memory | 57,76% Memory free
7,89 Gb Paging File | 6,11 Gb Available in Paging File | 77,51% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 673,26 Gb Total Space | 507,41 Gb Free Space | 75,37% Space Free | Partition Type: NTFS

Computer Name: EWA | User Name: Ewka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014-02-02 15:38:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ewka\Desktop\OTL.exe
PRC - [2014-01-23 13:33:48 | 003,813,200 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2014-01-08 16:38:48 | 021,324,384 | ---- | M] (Redefine Sp z o.o.) -- C:\Program Files (x86)\ipla\ipla.exe
PRC - [2014-01-02 15:39:42 | 000,499,856 | ---- | M] (Cherished Technololgy LIMITED) -- C:\ProgramData\WPM\wprotectmanager.exe
PRC - [2013-12-20 16:45:32 | 000,807,696 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-Agent.exe
PRC - [2013-12-20 16:44:22 | 000,385,808 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
PRC - [2013-12-18 10:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013-11-28 19:36:27 | 003,568,312 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013-11-28 19:36:26 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013-10-21 20:07:30 | 003,018,800 | ---- | M] (Samsung Electronics CO., LTD.) -- C:\ProgramData\SAMSUNG\SW Update Service\SWMAgent.exe
PRC - [2013-08-31 20:19:17 | 003,233,806 | ---- | M] () -- C:\Program Files (x86)\Tor\tor.exe
PRC - [2013-07-16 13:28:18 | 000,879,456 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\opera.exe
PRC - [2013-04-04 14:50:32 | 000,887,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2013-04-04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013-04-04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013-04-04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013-01-14 18:12:50 | 000,098,304 | ---- | M] (Apple Computer, Inc.) -- C:\Windows\SysWOW64\qttask.exe
PRC - [2012-09-29 10:18:26 | 000,323,584 | R--- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2012-09-05 08:50:26 | 001,593,976 | ---- | M] (Samsung Electronics CO., LTD.) -- C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
PRC - [2012-09-05 08:50:24 | 000,085,112 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
PRC - [2012-09-05 08:50:16 | 002,623,096 | ---- | M] (Samsung Electronics CO., LTD.) -- C:\Program Files (x86)\Samsung\Settings\sSettings.exe
PRC - [2012-08-15 12:41:26 | 000,097,392 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2012-07-18 01:10:34 | 000,364,416 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012-07-18 01:10:32 | 000,276,864 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012-07-18 01:10:26 | 000,128,896 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2012-07-18 01:10:18 | 000,165,760 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2012-07-09 05:47:18 | 000,277,504 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2012-07-09 05:47:14 | 000,007,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2012-06-08 04:34:06 | 000,111,120 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
PRC - [2010-12-09 11:45:58 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe
PRC - [2005-08-12 13:33:50 | 000,962,660 | ---- | M] () -- C:\Program Files (x86)\SAGEM\SAGEM F@st 800-840\dslmon.exe
PRC - [2003-01-30 05:48:24 | 000,143,360 | ---- | M] () -- C:\Windows\autoclk.exe

========== Modules (No Company Name) ==========

MOD - [2014-01-08 16:38:52 | 000,068,104 | ---- | M] () -- C:\Program Files (x86)\ipla\ziplib.dll
MOD - [2014-01-08 16:38:50 | 000,392,200 | ---- | M] () -- C:\Program Files (x86)\ipla\jabberoo.dll
MOD - [2014-01-08 16:28:50 | 000,294,912 | ---- | M] () -- C:\Program Files (x86)\ipla\MediaFileScanner.dll
MOD - [2013-12-30 20:23:01 | 001,358,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\HD-Agent\fd68468714e1f5d2fedd72f101d0b74a\HD-Agent.ni.exe
MOD - [2013-12-30 20:21:45 | 000,155,136 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\JSON\6ac31ac15206dcae3f0e21d44a9d6950\JSON.ni.dll
MOD - [2013-12-10 19:57:44 | 016,242,056 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
MOD - [2013-11-28 19:36:42 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013-11-27 18:22:46 | 037,016,576 | ---- | M] () -- C:\Program Files (x86)\ipla\libcef.dll
MOD - [2013-11-22 14:52:02 | 002,959,872 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\8089e3484b45e44781f0c7a1a78881d5\System.IdentityModel.ni.dll
MOD - [2013-11-22 14:51:52 | 000,029,696 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\IAStorDataMcfeeca6f#\d8755f81e94bff4954c305caf7a93a05\IAStorDataMgrSvcInterfaces.ni.dll
MOD - [2013-11-22 14:49:42 | 000,978,432 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7d7b887e33aafaadae040bb07fa959bb\System.Configuration.ni.dll
MOD - [2013-10-14 16:26:06 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\53c49b1cfdb85cf6784c7dcc8cdbd56d\System.Windows.Forms.ni.dll
MOD - [2013-10-14 16:20:54 | 012,698,624 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\e6606a84f8a4cdc18c74e63ec807c689\System.Windows.Forms.ni.dll
MOD - [2013-10-14 16:18:59 | 019,537,408 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\6b40a60180e23feff705e28e351e10e1\System.ServiceModel.ni.dll
MOD - [2013-10-14 16:16:28 | 002,786,816 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\e1c6945213ca43ec9769fe95576962ce\System.Runtime.Serialization.ni.dll
MOD - [2013-10-14 16:15:16 | 000,964,096 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\c508451271803f1677317735db499f5c\System.Configuration.ni.dll
MOD - [2013-10-14 16:11:34 | 006,998,016 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\79e8b7b183668471ab364d4132fb8018\System.Core.ni.dll
MOD - [2013-09-21 11:03:28 | 011,920,896 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\538224ffef6d0b8691f397688ec6a48d\System.Web.ni.dll
MOD - [2013-08-24 20:05:13 | 000,366,592 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\IAStorUtil\15412a4711e5447bd0a45681c8e355ab\IAStorUtil.ni.dll
MOD - [2013-08-24 20:05:11 | 000,802,816 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\d438e7ec4899763070e7b5db3f166373\System.ServiceModel.Internals.ni.dll
MOD - [2013-08-24 20:05:11 | 000,121,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\3df2fdd27a3e685ce5dda8bce4956e5b\SMDiagnostics.ni.dll
MOD - [2013-08-24 20:00:17 | 007,566,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\624ad6159b6e241ad6d28bf4dca9f14b\System.Xml.ni.dll
MOD - [2013-08-24 19:59:40 | 001,631,744 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\3603744988436295da5d16e76038e484\System.Drawing.ni.dll
MOD - [2013-08-24 19:58:59 | 009,937,408 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System\375a937eec7d6faa53ac11ab2973eb76\System.ni.dll
MOD - [2013-08-23 12:57:05 | 005,464,064 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\fc5d4ada42ed8e9a30b64912f5dc9767\System.Xml.ni.dll
MOD - [2013-08-23 12:56:55 | 001,593,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\7e4447d26cd9083018bd28ddd60a0248\System.Drawing.ni.dll
MOD - [2013-08-23 12:56:21 | 007,988,736 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\1b46657236c1f942f9dbaf6aac73bb49\System.ni.dll
MOD - [2013-07-24 13:37:20 | 000,026,112 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\IAStorCommon\0a71c7804f1648e41fafdd407af38c96\IAStorCommon.ni.dll
MOD - [2013-07-16 19:57:52 | 011,500,032 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\d1ce70bf6cbab6ab838cbd8b50e902c1\mscorlib.ni.dll
MOD - [2013-07-16 19:52:57 | 016,547,328 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\5e3a9f3d64adfb3c69b49d37368bf454\mscorlib.ni.dll
MOD - [2013-07-16 13:28:37 | 000,312,832 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstoggdec.dll
MOD - [2013-07-16 13:28:37 | 000,158,208 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstffmpegcolorspace.dll
MOD - [2013-07-16 13:28:37 | 000,101,888 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwebmdec.dll
MOD - [2013-07-16 13:28:37 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwavparse.dll
MOD - [2013-07-16 13:28:37 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstautodetect.dll
MOD - [2013-07-16 13:28:37 | 000,038,912 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwaveform.dll
MOD - [2013-07-16 13:28:36 | 000,835,584 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\gstreamer.dll
MOD - [2013-07-16 13:28:36 | 000,096,256 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstcoreplugins.dll
MOD - [2013-07-16 13:28:36 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioresample.dll
MOD - [2013-07-16 13:28:36 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioconvert.dll
MOD - [2013-07-16 13:28:36 | 000,067,072 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstdirectsound.dll
MOD - [2013-07-16 13:28:36 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstdecodebin2.dll
MOD - [2012-10-17 03:52:38 | 000,204,800 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.resources\2.0.0.0_pl_b77a5c561934e089\System.resources.dll
MOD - [2012-10-17 03:52:37 | 000,311,296 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll
MOD - [2012-09-05 08:50:28 | 000,110,712 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
MOD - [2012-09-05 08:50:22 | 000,211,064 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
MOD - [2012-09-05 08:50:16 | 000,060,536 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
MOD - [2012-09-05 08:50:10 | 000,103,544 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
MOD - [2012-09-05 08:50:10 | 000,026,744 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
MOD - [2012-06-08 04:34:06 | 000,627,216 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
MOD - [2012-06-08 03:34:06 | 000,016,400 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
MOD - [2005-08-12 13:33:50 | 000,962,660 | ---- | M] () -- C:\Program Files (x86)\SAGEM\SAGEM F@st 800-840\dslmon.exe
MOD - [2005-06-08 11:05:34 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\SAGEM\SAGEM F@st 800-840\Languages\Polish.dll
MOD - [2003-01-30 05:48:24 | 000,143,360 | ---- | M] () -- C:\Windows\autoclk.exe

========== Services (SafeList) ==========

SRV:64bit: - [2013-11-28 19:36:26 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013-08-16 06:39:26 | 002,371,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2013-07-02 01:44:21 | 000,016,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013-06-24 23:54:45 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2013-06-01 10:19:58 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013-05-04 07:58:02 | 000,470,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013-05-04 07:57:05 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013-04-09 05:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013-03-02 03:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013-03-02 03:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013-01-10 00:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013-01-10 00:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2012-11-06 05:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012-09-20 07:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012-07-26 04:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012-07-26 04:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012-07-26 04:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012-07-26 04:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012-07-26 04:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012-07-26 04:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012-07-26 04:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012-07-26 04:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012-07-26 04:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012-07-26 04:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012-07-26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012-07-26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012-07-26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012-07-26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012-07-26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012-07-26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2012-04-20 06:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2014-01-23 13:33:48 | 002,221,904 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2014-01-02 15:39:42 | 000,499,856 | ---- | M] (Cherished Technololgy LIMITED) [Auto | Running] -- C:\ProgramData\WPM\wprotectmanager.exe -- (Wpm)
SRV - [2013-12-20 16:44:22 | 000,385,808 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe -- (BstHdLogRotatorSvc)
SRV - [2013-12-20 16:43:48 | 000,402,192 | ---- | M] (BlueStack Systems, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\BlueStacks\HD-Service.exe -- (BstHdAndroidSvc)
SRV - [2013-12-18 10:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013-12-13 12:53:14 | 000,377,104 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2013-12-10 19:57:47 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-10-21 20:07:30 | 003,018,800 | ---- | M] (Samsung Electronics CO., LTD.) [Auto | Running] -- C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe -- (SWUpdateService)
SRV - [2013-08-31 20:19:17 | 003,233,806 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Tor\tor.exe -- (tor)
SRV - [2013-04-04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013-04-04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012-11-06 05:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012-10-06 03:59:02 | 000,276,288 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012-09-29 11:01:56 | 000,220,288 | ---- | M] (Qualcomm Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc)
SRV - [2012-09-29 10:18:26 | 000,323,584 | R--- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt and Wlan Coex Agent)
SRV - [2012-09-05 08:50:26 | 001,593,976 | ---- | M] (Samsung Electronics CO., LTD.) [Auto | Running] -- C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe -- (Easy Launcher)
SRV - [2012-07-26 04:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012-07-18 01:10:34 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012-07-18 01:10:32 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012-07-18 01:10:26 | 000,128,896 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R)
SRV - [2012-07-18 01:10:18 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2012-07-09 05:47:14 | 000,007,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2014-01-12 14:46:49 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013-11-28 19:37:07 | 000,205,320 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013-11-28 19:37:07 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013-11-28 19:37:06 | 001,032,416 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013-11-28 19:37:06 | 000,409,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013-11-28 19:37:06 | 000,084,328 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\Drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013-11-28 19:37:06 | 000,038,984 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\Drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013-11-28 19:37:03 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013-10-10 12:53:35 | 000,096,600 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2013-10-05 07:10:20 | 000,285,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013-10-02 03:50:07 | 000,447,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013-08-16 06:41:13 | 000,058,200 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2013-08-10 07:30:22 | 000,151,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013-07-09 09:04:07 | 000,120,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2013-07-03 17:12:32 | 000,046,136 | -H-- | M] (LogMeIn Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\Hamdrv.sys -- (Hamachi)
DRV:64bit: - [2013-07-02 02:41:47 | 000,337,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013-07-02 02:41:47 | 000,213,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013-07-02 01:44:14 | 000,036,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013-07-01 23:08:49 | 000,247,216 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013-06-29 07:15:54 | 000,195,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013-06-01 04:08:57 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013-04-04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013-03-02 11:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013-03-02 11:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013-01-10 02:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2012-11-27 04:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012-11-20 05:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012-11-06 04:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012-10-12 09:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012-10-11 08:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012-10-05 07:44:16 | 005,338,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012-09-29 10:43:26 | 000,575,128 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2012-09-29 10:43:24 | 000,135,832 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2012-09-29 10:43:22 | 000,178,840 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2012-09-29 10:43:22 | 000,076,952 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2012-09-29 10:43:20 | 000,344,216 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2012-09-29 10:43:20 | 000,114,840 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2012-09-29 10:43:20 | 000,088,728 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2012-09-29 10:43:20 | 000,033,944 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2012-09-20 08:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012-09-20 08:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012-08-24 12:57:36 | 000,450,872 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012-07-30 17:04:12 | 000,690,832 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012-07-27 13:00:03 | 000,023,408 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\RadioHIDMini.sys -- (RadioHIDMini)
DRV:64bit: - [2012-07-26 06:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012-07-26 06:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012-07-26 06:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012-07-26 06:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012-07-26 06:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012-07-26 06:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012-07-26 06:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012-07-26 06:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012-07-26 06:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012-07-26 06:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012-07-26 06:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012-07-26 06:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012-07-26 06:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012-07-26 06:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012-07-26 06:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012-07-26 06:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012-07-26 06:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012-07-26 05:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012-07-26 05:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012-07-26 04:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012-07-26 03:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012-07-26 03:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012-07-26 03:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012-07-26 03:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012-07-26 03:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012-07-26 03:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012-07-26 03:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012-07-26 03:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012-07-26 03:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012-07-26 03:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012-07-26 03:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012-07-26 03:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012-07-26 03:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012-07-26 03:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012-07-26 03:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012-07-26 03:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012-07-26 03:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012-07-26 03:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012-07-26 03:25:02 | 000,202,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2012-07-26 03:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012-07-26 03:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012-07-26 03:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012-07-24 00:44:02 | 003,618,304 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\athw8x.sys -- (athr)
DRV:64bit: - [2012-07-09 05:43:12 | 000,645,952 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012-07-02 23:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012-06-25 02:24:50 | 000,092,536 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:64bit: - [2012-06-19 00:40:50 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012-06-15 06:50:46 | 000,315,536 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\RtsUVStor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2010-07-01 14:21:50 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV - [2013-12-20 16:44:10 | 000,114,448 | ---- | M] (BlueStack Systems) [Kernel | Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys -- (BstHdDrv)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Dostępne tylko dla zarejestrowanych użytkowników
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Dostępne tylko dla zarejestrowanych użytkowników
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{352B63D1-CABB-4C5A-ADD8-85801D10ACF7}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&f=4&a=dnldyho&cd=2XzuyEtN2Y1L1QzuyDtB0ByB0CtA0BtDzy0FtD0C0CyCzyyEtN0D0Tzu0CyEtBtCtN1L2XzutBtFtBtFtCtFyDtDtAtN1L1Czu1Q1G1I1Q2U1M1F&cr=998778374&ir=
IE:64bit: - HKLM\..\SearchScopes\{7B5C77D2-E265-DE6C-5080-3EDE0FA9076B}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Dostępne tylko dla zarejestrowanych użytkowników
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Dostępne tylko dla zarejestrowanych użytkowników
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{352B63D1-CABB-4C5A-ADD8-85801D10ACF7}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&f=4&a=dnldyho&cd=2XzuyEtN2Y1L1QzuyDtB0ByB0CtA0BtDzy0FtD0C0CyCzyyEtN0D0Tzu0CyEtBtCtN1L2XzutBtFtBtFtCtFyDtDtAtN1L1Czu1Q1G1I1Q2U1M1F&cr=998778374&ir=
IE - HKLM\..\SearchScopes\{6605C58F-50FE-FAEA-3EB8-4D1B6A1551E1}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes\{03B05468-ECB4-4C03-A302-7A1B21BB3FF6}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&SearchSource=4&ctid=CT3289075&CUI=UN42790207101824417&UM=1
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\..\SearchScopes\{03B05468-ECB4-4C03-A302-7A1B21BB3FF6}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&SearchSource=4&ctid=CT3289075&CUI=UN42790207101824417&UM=1
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-320547457-2041515029-3647522490-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Dostępne tylko dla zarejestrowanych użytkowników
IE - HKU\S-1-5-21-320547457-2041515029-3647522490-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}
IE - HKU\S-1-5-21-320547457-2041515029-3647522490-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}
IE - HKU\S-1-5-21-320547457-2041515029-3647522490-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Dostępne tylko dla zarejestrowanych użytkowników [binary data]
IE - HKU\S-1-5-21-320547457-2041515029-3647522490-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Dostępne tylko dla zarejestrowanych użytkowników
IE - HKU\S-1-5-21-320547457-2041515029-3647522490-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-320547457-2041515029-3647522490-1001\..\SearchScopes\{1C6EDC9D-D02B-4CD8-B4D1-D58FF7DA75CA}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&f=4&a=dnldyho&cd=2XzuyEtN2Y1L1QzuyDtB0ByB0CtA0BtDzy0FtD0C0CyCzyyEtN0D0Tzu0CyEtBtCtN1L2XzutBtFtBtFtCtFyDtDtAtN1L1Czu1Q1G1I1Q2U1M1F&cr=998778374&ir=
IE - HKU\S-1-5-21-320547457-2041515029-3647522490-1001\..\SearchScopes\{7B5C77D2-E265-DE6C-5080-3EDE0FA9076B}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&form=AVB3DF&pc=AVBR
IE - HKU\S-1-5-21-320547457-2041515029-3647522490-1001\..\SearchScopes\{B7B664DF-3AF9-4C8E-8148-F42BB7831D27}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}
IE - HKU\S-1-5-21-320547457-2041515029-3647522490-1001\..\SearchScopes\0B0C95BD3F6C47288920C6F80F7CA079: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&babsrc=SP_ss&mntrId=C05752B7C3B09F0C&affID=121962&tsp=4982
IE - HKU\S-1-5-21-320547457-2041515029-3647522490-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2027: C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\RealMedia\Browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1040: C:\Program Files (x86)\ACE Mega CoDecS Pack\SystemS\RealMedia\Browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{dde15e35-c9b3-4c30-b055-730c5f4a45d3}: C:\Program Files (x86)\Lyrmix\133.xpi

[2013-02-20 18:33:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ewka\AppData\Roaming\mozilla\Extensions
[2013-02-20 18:34:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions

O1 HOSTS File: ([2012-07-26 06:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Lyrmix) - {804efe7d-a8d7-4351-a6df-014d1ed7c6fc} - C:\Program Files (x86)\Lyrmix\133.dll File not found
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {96F454EA-9D38-474F-B504-56193E00C1A5} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {96F454EA-9D38-474F-B504-56193E00C1A5} - No CLSID value found.
O3 - HKU\S-1-5-21-320547457-2041515029-3647522490-1001\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4:64bit: - HKLM..\Run: [BtTray] C:\Program Files (x86)\Bluetooth Suite\BtTray.exe (Qualcomm Atheros)
O4:64bit: - HKLM..\Run: [BtvStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [adiras] C:\windows\adiras.exe ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AnyProtect] C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe File not found
O4 - HKLM..\Run: [AnyProtect Tray] C:\Program Files (x86)\AnyProtectEx\AnyProtectTray.exe /scanner File not found
O4 - HKLM..\Run: [autoclk] C:\windows\autoclk.exe ()
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.)
O4 - HKLM..\Run: [CLMLServer_For_P2G8] C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink)
O4 - HKLM..\Run: [CLVirtualDrive] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.)
O4 - HKLM..\Run: [ConvertAd] C:\Users\Ewka\AppData\Local\ConvertAd\ConvertAd.exe File not found
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [Intel AppUp(SM) center] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Intel Corporation)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe File not found
O4 - HKLM..\Run: [QuickTime Task] C:\windows\SysWOW64\qttask.exe (Apple Computer, Inc.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\S-1-5-21-320547457-2041515029-3647522490-1001..\Run: [ALLUpdate] "C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe" "sleep" File not found
O4 - HKU\S-1-5-21-320547457-2041515029-3647522490-1001..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-320547457-2041515029-3647522490-1001..\Run: [Driver Pro] C:\Program Files (x86)\Driver Pro\DPLauncher.exe (PC Utilities Software Limited)
O4 - HKU\S-1-5-21-320547457-2041515029-3647522490-1001..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent File not found
O4 - HKU\S-1-5-21-320547457-2041515029-3647522490-1001..\Run: [GG] C:\Users\Ewka\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
O4 - HKU\S-1-5-21-320547457-2041515029-3647522490-1001..\Run: [IPLA!] C:\Program Files (x86)\ipla\ipla.exe (Redefine Sp z o.o.)
O4 - HKU\S-1-5-21-320547457-2041515029-3647522490-1001..\Run: [NextLive] C:\Users\Ewka\AppData\Roaming\newnext.me\nengine.dll (NewNextDotMe)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{01C5B8FC-52D5-4DE5-ABBA-12EB3D6366F8}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{05B2D7D3-ADF4-4886-8ABF-28F1B4F424B9}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - AppInit_DLLs: (c:\program files (x86)\gs_x64.enabler) - c:\program files (x86)\gs_x64.enabler ()
O20 - AppInit_DLLs: (c:\program files (x86)\gs.enabler) - c:\program files (x86)\gs.enabler ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{eb709314-ee41-11e2-bf7d-50b7c3b09f0d}\Shell - "" = AutoRun
O33 - MountPoints2\{eb709314-ee41-11e2-bf7d-50b7c3b09f0d}\Shell\AutoRun\command - "" = "G:\LaunchU3.exe" -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014-02-02 15:38:01 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Ewka\Desktop\OTL.exe
[2014-02-02 15:16:02 | 000,000,000 | R--D | C] -- C:\Users\Ewka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2014-02-02 15:01:51 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014-02-02 14:50:25 | 000,000,000 | ---D | C] -- C:\Users\Ewka\AppData\Roaming\Malwarebytes
[2014-02-02 14:50:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014-02-02 14:50:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014-02-02 14:50:01 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2014-02-02 14:50:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2014-02-01 18:45:57 | 000,000,000 | ---D | C] -- C:\b1026a945b44a9f7c6e5
[2014-01-31 17:54:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2014-01-31 17:54:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2014-01-21 13:22:28 | 000,000,000 | ---D | C] -- C:\Users\Ewka\AppData\Roaming\.minecraft_pixelmonsingle
[2014-01-15 15:50:44 | 000,000,000 | ---D | C] -- C:\Users\Ewka\AppData\Roaming\Audacity
[2014-01-13 14:33:02 | 000,000,000 | ---D | C] -- C:\Users\Ewka\minecraft
[2014-01-12 15:34:37 | 000,381,440 | ---- | C] (Duplex Secure Ltd.) -- C:\windows\SysNative\drivers\sptd.sys
[2014-01-12 14:47:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2014-01-12 14:46:48 | 000,283,064 | ---- | C] (Disc Soft Ltd) -- C:\windows\SysNative\drivers\dtsoftbus01.sys
[2014-01-12 14:45:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2014-01-12 14:32:37 | 000,000,000 | ---D | C] -- C:\Users\Ewka\.android
[2014-01-12 14:32:28 | 000,000,000 | ---D | C] -- C:\Users\Ewka\AppData\Local\cache
[2014-01-12 14:32:27 | 000,000,000 | ---D | C] -- C:\Users\Ewka\AppData\Roaming\newnext.me
[2014-01-12 14:32:24 | 000,000,000 | ---D | C] -- C:\Users\Ewka\AppData\Local\genienext
[2014-01-12 14:32:23 | 000,000,000 | ---D | C] -- C:\Users\Ewka\AppData\Local\Mobogenie
[2014-01-12 14:31:48 | 000,000,000 | ---D | C] -- C:\Users\Ewka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
[2014-01-12 14:27:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mobogenie
[2014-01-10 15:23:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2014-01-10 14:36:56 | 000,447,752 | R--- | C] (On2.com) -- C:\windows\SysWow64\vp6vfw.dll
[2014-01-10 14:36:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft WSE
[2014-01-07 15:16:46 | 000,000,000 | ---D | C] -- C:\Users\Ewka\AppData\Roaming\.minecraft_pixelmon252
[2014-01-07 15:16:22 | 000,000,000 | ---D | C] -- C:\Users\Ewka\AppData\Roaming\.melinagier
[2013-10-06 16:39:07 | 000,837,080 | ---- | C] (AnyProtect.com) -- C:\Users\Ewka\AppData\Local\AnyProtectScannerSetup.exe
[2013-03-09 17:52:02 | 000,393,008 | ---- | C] (Softonic ) -- C:\Users\Ewka\SoftonicDownloader_dla_gg-11.exe
[2013-03-01 20:24:09 | 051,619,720 | ---- | C] (GG Network S.A.) -- C:\Users\Ewka\ggsetup.exe
[2013-02-25 20:58:15 | 002,063,240 | ---- | C] (Samsung Electronics) -- C:\ProgramData\MakeMarkerFile.exe
[2013-02-20 16:18:38 | 013,168,336 | ---- | C] (Opera Software ASA) -- C:\Users\Ewka\Opera_1214_int_Setup.exe
[2013-02-12 06:51:50 | 008,677,280 | ---- | C] (Dostępne tylko dla zarejestrowanych użytkowników) -- C:\Program Files\bdcap64.dll
[2013-02-12 06:51:48 | 007,806,880 | ---- | C] (Dostępne tylko dla zarejestrowanych użytkowników) -- C:\Program Files\bdcap32.dll
[2013-02-12 06:51:48 | 000,390,560 | ---- | C] (Dostępne tylko dla zarejestrowanych użytkowników) -- C:\Program Files\bdcam64.bin
[2013-02-12 06:51:46 | 000,453,536 | ---- | C] (Bandisoft.com) -- C:\Program Files\bdfix.exe
[2013-02-12 06:51:46 | 000,416,160 | ---- | C] (Dostępne tylko dla zarejestrowanych użytkowników) -- C:\Program Files\bdcam64.dll
[2013-02-12 06:51:46 | 000,308,128 | ---- | C] (Dostępne tylko dla zarejestrowanych użytkowników) -- C:\Program Files\bdcam.dll
[2013-02-12 06:51:42 | 001,030,560 | ---- | C] (Dostępne tylko dla zarejestrowanych użytkowników) -- C:\Program Files\bdcam.exe
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014-02-02 15:38:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ewka\Desktop\OTL.exe
[2014-02-02 15:32:21 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2014-02-02 15:30:49 | 000,000,868 | ---- | M] () -- C:\windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
[2014-02-02 15:30:39 | 000,000,368 | ---- | M] () -- C:\windows\tasks\Lyrmix Update.job
[2014-02-02 15:30:18 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014-02-02 15:30:15 | 3341,217,792 | -HS- | M] () -- C:\hiberfil.sys
[2014-02-02 15:20:05 | 001,796,820 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2014-02-02 15:20:05 | 000,795,984 | ---- | M] () -- C:\windows\SysNative\perfh015.dat
[2014-02-02 15:20:05 | 000,711,282 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2014-02-02 15:20:05 | 000,160,066 | ---- | M] () -- C:\windows\SysNative\perfc015.dat
[2014-02-02 15:20:05 | 000,133,150 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2014-02-02 14:57:07 | 000,000,930 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2014-02-02 14:50:06 | 000,001,137 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014-02-01 19:29:24 | 460,220,887 | ---- | M] () -- C:\windows\MEMORY.DMP
[2014-02-01 17:17:01 | 000,000,870 | ---- | M] () -- C:\windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2014-01-17 13:36:32 | 000,002,029 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2014-01-13 14:19:13 | 000,000,130 | ---- | M] () -- C:\Users\Ewka\AppData\Roaming\WB.CFG
[2014-01-12 15:34:37 | 000,381,440 | ---- | M] (Duplex Secure Ltd.) -- C:\windows\SysNative\drivers\sptd.sys
[2014-01-12 14:46:49 | 000,283,064 | ---- | M] (Disc Soft Ltd) -- C:\windows\SysNative\drivers\dtsoftbus01.sys
[2014-01-10 15:21:51 | 000,000,060 | ---- | M] () -- C:\windows\wininit.ini
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014-02-02 14:50:06 | 000,001,137 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014-02-01 17:34:00 | 460,220,887 | ---- | C] () -- C:\windows\MEMORY.DMP
[2014-01-17 13:36:32 | 000,002,029 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2014-01-17 13:36:31 | 000,002,471 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2014-01-10 15:21:51 | 000,000,060 | ---- | C] () -- C:\windows\wininit.ini
[2014-01-02 15:33:51 | 002,759,168 | ---- | C] () -- C:\Program Files (x86)\GS_x64.Enabler
[2014-01-02 15:33:50 | 003,041,792 | ---- | C] () -- C:\Program Files (x86)\GS.Enabler
[2013-10-12 18:40:57 | 000,165,376 | ---- | C] () -- C:\windows\SysWow64\unrar.dll
[2013-09-21 12:46:32 | 000,000,130 | ---- | C] () -- C:\Users\Ewka\AppData\Roaming\WB.CFG
[2013-09-11 18:18:45 | 000,083,968 | ---- | C] () -- C:\windows\SysWow64\OEMLicense.dll
[2013-03-01 20:23:32 | 000,600,616 | ---- | C] () -- C:\Users\Ewka\gg-install.exe
[2013-02-25 20:58:15 | 000,003,004 | ---- | C] () -- C:\ProgramData\MakeMarkerFile.xml
[2013-02-24 13:31:36 | 000,338,815 | ---- | C] () -- C:\Users\Ewka\AppData\Local\speeddial.crx
[2013-02-20 17:33:34 | 000,192,910 | ---- | C] () -- C:\windows\hpoins27.dat
[2013-02-20 17:33:34 | 000,000,584 | ---- | C] () -- C:\windows\hpomdl27.dat
[2013-02-12 06:51:50 | 000,053,152 | ---- | C] () -- C:\Program Files\bdcamih.dll
[2013-02-12 06:49:42 | 000,000,025 | ---- | C] () -- C:\Program Files\bandicam.ini
[2013-02-10 16:06:18 | 000,001,972 | ---- | C] () -- C:\Program Files (x86)\Crash Time III.lnk
[2013-01-16 17:26:26 | 000,000,021 | ---- | C] () -- C:\windows\Fast800.ini
[2013-01-16 17:26:17 | 000,143,360 | ---- | C] () -- C:\windows\adiras.exe
[2013-01-16 17:26:17 | 000,000,894 | ---- | C] () -- C:\windows\adiras.ini
[2013-01-16 17:26:17 | 000,000,155 | ---- | C] () -- C:\windows\adidsl.ini
[2013-01-16 17:26:16 | 000,127,456 | ---- | C] () -- C:\windows\SysWow64\ipdetect.exe
[2013-01-16 17:26:14 | 000,106,496 | ---- | C] () -- C:\windows\SysWow64\coclassfast.dll
[2013-01-16 17:26:14 | 000,046,892 | ---- | C] () -- C:\windows\SysWow64\adadix16.dll
[2013-01-16 17:26:14 | 000,024,576 | ---- | C] () -- C:\windows\enddisk32.exe
[2013-01-16 17:26:11 | 000,143,360 | ---- | C] () -- C:\windows\autoclk.exe
[2013-01-16 17:26:11 | 000,022,395 | ---- | C] () -- C:\windows\SysWow64\drivers\fpga.bin
[2013-01-14 17:34:46 | 000,258,048 | ---- | C] () -- C:\windows\SysWow64\libFLAC.dll
[2013-01-14 17:26:22 | 000,000,761 | ---- | C] () -- C:\windows\m3jp2k.ini
[2013-01-14 17:26:22 | 000,000,714 | ---- | C] () -- C:\windows\m3jpeg.ini
[2013-01-14 17:26:22 | 000,000,702 | ---- | C] () -- C:\windows\mmtvmj.ini
[2013-01-14 17:26:20 | 000,019,968 | ---- | C] () -- C:\windows\SysWow64\cpuinf32.dll
[2013-01-13 22:22:51 | 000,000,017 | ---- | C] () -- C:\Users\Ewka\AppData\Local\resmon.resmoncfg
[2012-12-07 04:38:08 | 000,055,815 | ---- | C] () -- C:\Program Files\effects.dat
[2012-12-04 03:13:12 | 000,022,057 | ---- | C] () -- C:\Program Files\language.dat
[2012-11-19 08:33:32 | 000,065,656 | ---- | C] () -- C:\windows\SysWow64\bdmpegv.dll
[2012-11-19 08:33:30 | 000,022,640 | ---- | C] () -- C:\windows\SysWow64\bdmjpeg.dll
[2012-10-17 02:23:06 | 003,755,034 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2012-10-05 07:44:36 | 000,598,780 | ---- | C] () -- C:\windows\SysWow64\igvpkrng700.bin
[2012-10-05 07:44:36 | 000,272,928 | ---- | C] () -- C:\windows\SysWow64\igvpkrng600.bin
[2012-10-05 07:44:10 | 000,064,512 | ---- | C] () -- C:\windows\SysWow64\igdde32.dll
[2012-10-05 07:44:06 | 000,963,388 | ---- | C] () -- C:\windows\SysWow64\igcodeckrng600.bin
[2012-10-05 07:44:06 | 000,755,048 | ---- | C] () -- C:\windows\SysWow64\igcodeckrng700.bin
[2012-08-21 13:04:44 | 000,067,220 | ---- | C] () -- C:\Program Files\camera.wav
[2012-08-21 13:04:44 | 000,010,005 | ---- | C] () -- C:\Program Files\sample.png
[2012-07-26 09:13:10 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat
[2012-07-26 09:13:09 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT
[2012-07-26 08:21:26 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2012-07-26 02:17:42 | 000,043,520 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2012-07-25 21:37:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2012-07-25 21:28:31 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
[2012-06-02 15:31:19 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat
[2012-04-20 05:59:44 | 000,001,536 | ---- | C] () -- C:\windows\SysWow64\IusEventLog.dll

========== ZeroAccess Check ==========

[2013-02-10 16:07:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013-08-02 07:28:20 | 019,758,080 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013-08-02 06:08:10 | 017,561,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012-07-26 04:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012-07-26 04:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012-07-26 04:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014-01-07 15:16:22 | 000,000,000 | ---D | M] -- C:\Users\Ewka\AppData\Roaming\.melinagier
[2014-01-25 21:01:14 | 000,000,000 | ---D | M] -- C:\Users\Ewka\AppData\Roaming\.minecraft
[2013-02-23 15:36:22 | 000,000,000 | ---D | M] -- C:\Users\Ewka\AppData\Roaming\.minecraftzyczu
[2014-01-07 15:15:18 | 000,000,000 | ---D | M] -- C:\Users\Ewka\AppData\Roaming\.minecraft_pixelmon.pl
[2014-01-31 20:47:48 | 000,000,000 | ---D | M] -- C:\Users\Ewka\AppData\Roaming\.minecraft_pixelmon252
[2014-01-21 13:22:28 | 000,000,000 | ---D | M] -- C:\Users\Ewka\AppData\Roaming\.minecraft_pixelmonsingle
[2013-10-05 09:07:33 | 000,000,000 | ---D | M] -- C:\Users\Ewka\AppData\Roaming\.pokecraft
[2013-04-12 13:02:41 | 000,000,000 | ---D | M] -- C:\Users\Ewka\AppData\Roaming\.spoutcraft
[2013-10-10 12:32:27 | 000,000,000 | ---D | M] -- C:\Users\Ewka\AppData\Roaming\.technic
[2013-10-06 16:40:25 | 000,000,000 | ---D | M] -- C:\Users\Ewka\AppData\Roaming\0C1I1L1R1J0M1P0I1G
[2014-01-15 15:51:08 | 000,000,000 | ---D | M] -- C:\Users\Ewka\AppData\Roaming\Audacity
[2013-01-14 17:23:58 | 000,000,000 | ---D | M] -- C:\Users\Ewka\AppData\Roaming\Avant Downloader
[2013-11-29 16:17:11 | 000,000,000 | ---D | M] -- C:\Users\Ewka\AppData\Roaming\AVAST Software
[2013-02-25 15:06:23 | 000,000,000 | ---D | M] -- C:\Users\Ewka\AppData\Roaming\BANDISOFT
[2013-11-22 15:54:27 | 000,000,000 | ---D | M] -- C:\Users\Ewka\AppData\Roaming\BitTorrent Sync
[2013-12-25 19:08:10 | 000,000,000 | ---D | M] -- C:\Users\Ewka\AppData\Roaming\Craften Terminal
[2014-01-12 14:58:28 | 000,000,000 | ---D | M] -- C:\Users\Ewka\AppData\Roaming\DAEMON Tools Lite
[2013-03-27 18:15:54 | 000,000,000 | ---D | M] -- C:\Users\Ewka\AppData\Roaming\DeepBurner
[2014-01-02 15:59:42 | 000,000,000 | ---D | M] -- C:\Users\Ewka\AppData\Roaming\Driver Pro
[2013-04-25 12:14:54 | 000,000,000 | ---D | M] -- C:\Users\Ewka\AppData\Roaming\FileZilla
[2014-02-02 15:33:42 | 000,000,000 | ---D | M] -- C:\Users\Ewka\AppData\Roaming\GG
[2014-02-02 15:32:59 | 000,000,000 | ---D | M] -- C:\Users\Ewka\AppData\Roaming\ipla
[2013-12-31 13:48:49 | 000,000,000 | ---D | M] -- C:\Users\Ewka\AppData\Roaming\Minecraft Version Changer
[2014-02-02 15:33:17 | 000,000,000 | ---D | M] -- C:\Users\Ewka\AppData\Roaming\newnext.me
[2013-02-20 16:20:41 | 000,000,000 | ---D | M] -- C:\Users\Ewka\AppData\Roaming\Opera
[2013-02-25 17:14:44 | 000,000,000 | ---D | M] -- C:\Users\Ewka\AppData\Roaming\Podatnik.info
[2013-08-02 08:59:46 | 000,000,000 | ---D | M] -- C:\Users\Ewka\AppData\Roaming\Screaming Bee
[2013-01-13 18:09:52 | 000,000,000 | ---D | M] -- C:\Users\Ewka\AppData\Roaming\Synaptics
[2013-11-22 16:49:35 | 000,000,000 | ---D | M] -- C:\Users\Ewka\AppData\Roaming\uTorrent
[2013-09-02 10:34:30 | 000,000,000 | ---D | M] -- C:\Users\Ewka\AppData\Roaming\weterani

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:373E1720

< End of report >

Extras .txt:

OTL Extras logfile created on: 2014-02-02 15:41:26 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ewka\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16750)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,89 Gb Total Physical Memory | 2,25 Gb Available Physical Memory | 57,76% Memory free
7,89 Gb Paging File | 6,11 Gb Available in Paging File | 77,51% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 673,26 Gb Total Space | 507,41 Gb Free Space | 75,37% Space Free | Partition Type: NTFS

Computer Name: EWA | User Name: Ewka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Users\Ewka\AppData\Roaming\File Scout\filescout.exe" /open "%1"
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Users\Ewka\AppData\Roaming\File Scout\filescout.exe" /open "%1"
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{064A7221-D43C-4481-B091-19F57CCFF09F}" = lport=138 | protocol=17 | dir=in | app=system |
"{09B1B4C7-E71C-4281-B634-FDAAAA477688}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{0DE0BF1E-732B-4DAB-88B3-B5C53638DFEE}" = lport=445 | protocol=6 | dir=in | app=system |
"{10B0FC0A-FE76-4860-BDEA-9ECA26D5513F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{277F3EF1-8826-4BCF-B83A-8C0F8BDC8ED0}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{2BC7CCA2-E666-42DB-8501-BA13913C1411}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2C21EA22-121B-4A23-BF63-76D3A309D825}" = rport=139 | protocol=6 | dir=out | app=system |
"{30925B89-21C8-4849-ADBE-956185DA5E5D}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{31164AC0-4DEE-4135-A8FA-ADD951B8384C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{3B83DBDE-0FEA-442D-B0E2-798A3139D701}" = lport=139 | protocol=6 | dir=in | app=system |
"{3F768384-8A55-46EE-B9A1-15D09BE52846}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{472FFA71-0DBC-46AD-825E-0AC4030F1710}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{4DFABB16-BCBB-4978-9533-C3D81A3C36D0}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{5829BF2B-40CE-4C47-9F64-279D04487FA5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5CDEBEDE-241B-4194-8243-3A4820387FA7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{73E1C10D-D340-4D30-9911-2AFBEF0B1E61}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{7C98AE9E-331B-44E1-8826-4CA1888604F7}" = rport=2869 | protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{AB13F324-469E-4C16-9094-E48CC8FB1EEA}" = rport=445 | protocol=6 | dir=out | app=system |
"{B7E73583-E012-4454-9B71-447871DA7367}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\dashost.exe |
"{C2C67AFA-E00D-4747-9EF1-F1B590CA0CEA}" = lport=137 | protocol=17 | dir=in | app=system |
"{C3660AB3-B61A-4D85-85B8-0F764D81139C}" = rport=137 | protocol=17 | dir=out | app=system |
"{C88B3C35-1CB5-43B9-B5FF-B98DCCD53AAD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CAC54C45-CF8B-45F8-81B7-3F3CE0B59333}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E5E81BF3-B7C8-437E-8F1A-BE1667620627}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E9F96F4B-C10A-456D-8A2E-6581C97EA29F}" = rport=138 | protocol=17 | dir=out | app=system |
"{ECBCD56D-EFC2-452F-B552-8B644A865BE3}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{F3854E8B-3E57-4447-B21C-E4A341B1679E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0018D764-CA40-4CB6-8328-5219F83F7650}" = dir=out | name=evernote |
"{0431C15E-B9C8-4FDF-B640-AC223692C133}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{067536B3-431A-4874-83FA-BDC54A5AE279}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{09BDC89F-8D10-4F4D-98EB-54EF2F3FCD94}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{0E601DB4-C458-45BE-8A26-1E3ECA69DC1B}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
"{0E927CE4-296B-4996-856D-915DAB2F94BB}" = dir=in | name=evernote |
"{152ACD2D-6E4B-4911-9805-A5ACA74DFAAC}" = protocol=17 | dir=in | app=c:\users\ewka\appdata\roaming\utorrent\utorrent.exe |
"{1595C0B8-F6B5-4D4B-8DDD-ADF003B86088}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{20EAC18A-EAD1-4B1A-8F1E-F0AAA9AA73A8}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{24ECCC7B-48F3-4BA4-A8F2-CC795934F3CC}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{2DC6848B-7E4B-4574-B4D2-AF05D874741C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{308D2189-F331-454B-86B5-355A6E527740}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{3B79041A-8EA7-4F1F-BB5A-DEBC9E54F06D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{43CFE0B5-9EA5-4C73-B778-EC6F4A74514A}" = dir=in | app=c:\program files (x86)\cdp.pl\farming simulator 2013\farmingsimulator2013.exe |
"{4790A679-EEF7-459A-B392-C9EDAE40BB2E}" = dir=in | name=@{microsoft.skypeapp_1.5.0.109_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{49441AED-41CD-43E9-8884-271E576B3ACB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war in the north\witn.exe |
"{4AC71CE9-3D23-4FD0-BA77-EAEACE51D78E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{4F3D18CB-391E-445F-A6E9-E2A55EB6C87B}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{505CCADC-09D2-47D7-A520-CD76B749272E}" = dir=out | name=fresh paint |
"{517CF18B-146A-4C64-A7D5-A124E680F048}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{54270446-D0C9-4B92-8AFD-38663E2241AF}" = dir=in | name=kindle |
"{549205C5-A912-4A07-A6F5-B1A78B7A1804}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{555DE60C-8D40-429C-A083-72CAA6210A4F}" = protocol=17 | dir=in | app=c:\users\ewka\desktop\nfs\terraria v1.2.1.2\terraria v1.2.1.2\terrariaserver.exe |
"{56E7651F-71C3-48DE-94DE-C4369F469F2A}" = dir=out | name=match'a'shape |
"{57117902-A023-4E6B-A06B-BC722B5CC86C}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{5736DEF3-633D-4D54-9A55-11C8B392E77E}" = dir=out | name=windows_ie_ac_001 |
"{5911DB35-6484-48A0-B78F-C34368361C53}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war in the north\witn.exe |
"{5DC9B717-3FFD-48C2-BE35-C9A81D02F490}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{61AAB8D5-B38B-4EE9-9CCD-315E890C54B5}" = dir=out | name=tuba.fm |
"{67EEF875-4803-4628-AE7B-9C7E2B6F64EA}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{6B3581A4-C2F0-4031-BC82-2BD38F7CCE88}" = dir=out | name=s camera |
"{76BB104B-7225-4AA6-B22C-8CE7D66A850D}" = dir=out | name=norton studio |
"{77D1F492-AA26-41B7-97F2-34A5E200F7D5}" = dir=out | name=jamie's recipes |
"{7F260819-BE06-4B0D-AF37-B099943792C0}" = protocol=6 | dir=in | app=c:\users\ewka\desktop\nfs\terraria v1.2.1.2\terraria v1.2.1.2\terrariaserver.exe |
"{7F9465A7-0ACA-45A9-9851-A1DC8095985F}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{85CD703E-2585-42D4-AB38-3339335A3216}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{8AB3811A-6DA8-41C8-B8A0-21176F113F25}" = dir=out | name=tvn player |
"{94BCCE31-FCB4-4BC6-A01A-831688FBE1CA}" = dir=out | name=kindle |
"{9B19477F-12AA-4987-9101-5BCAA42DBA6E}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{9C106DF4-29E2-4706-913E-15247F653FF4}" = dir=out | name=photoeditor |
"{9D316BD4-A87F-45AB-883F-DC9B569D19AA}" = dir=out | name=s gallery |
"{9F40CF67-0D5D-4947-9D88-BE70CE2DCB35}" = dir=in | app=c:\program files (x86)\cdp.pl\farming simulator 2013\farmingsimulator2013game.exe |
"{9FD11427-2F37-4516-B9EA-FF40AFBDBB3A}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{A096E3FD-267A-4C0C-93E3-ECE2F9A6C469}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{A4D8D405-FF2B-4BEC-BFE8-E47E37769D78}" = protocol=6 | dir=in | app=c:\users\ewka\appdata\roaming\utorrent\utorrent.exe |
"{A93F69D2-DBD3-4B30-A362-340B717D7C6C}" = dir=out | name=@{microsoft.skypeapp_1.5.0.109_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{ACBBEE00-28BF-494C-BA74-8E96AC6AA10A}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B1F5FCA7-074D-4DC8-8432-87B280FBF410}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{B6A9D0E7-9EE5-4A72-987C-04D41D45672F}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{B9D2A8A3-A170-497A-A53E-E348ADCAC3D8}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{BBD70DEE-7483-4CDD-9D0B-3F7DAC2C935D}" = dir=out | name=music hub |
"{BDA9B442-5F3C-4383-B1F7-CF40A4ED2EFD}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{BFF52843-E5E8-4A01-A0F2-3EF01E9DED7C}" = protocol=17 | dir=in | app=c:\program files (x86)\gameforgelive\games\pol_pol\s.k.i.l.l\binaries\win32\sf2.exe |
"{C0017AA3-0C09-46CD-A018-7DD957EDA4E0}" = protocol=6 | dir=in | app=c:\program files (x86)\gameforgelive\games\pol_pol\s.k.i.l.l\binaries\win32\sf2.exe |
"{C221DBD7-F5C1-41AA-850B-FBC717254E4A}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{CACE862C-8EF7-4A90-81F8-3720C875DFAB}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{CF8E5BF8-9E52-4247-854B-7A60BD0CC943}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{D034BCCF-D906-4084-BBE3-28B5176C2A7E}" = dir=out | name=s player |
"{D1D0F5E8-40F6-48D4-887B-A20E71EC94A4}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{D4EE11F0-99E7-48DE-AAB1-3CCA8F2011AA}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{D4F52C46-8217-45C6-9EF7-6828703F094D}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{D93A96C9-4092-4E7E-BAC3-1DB0654B9A71}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{DA6DB207-5BE7-43D8-825A-8A5971CA0B59}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{DC92D984-A9A4-4877-B86D-2DBCF0DEB7B2}" = dir=out | name=music maker jam |
"{DD7FE6BC-BB5A-45D8-BE40-7DA85A08749F}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{E0FBB0B7-5EF5-4297-9021-0676D24A97F4}" = dir=out | name=onet news |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{E8CC9E45-2756-4037-ADEE-F30CD9A2B490}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{EB96205B-083E-46DF-AEEA-193DEDF5031C}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{EC70378F-5D98-42B8-8529-28FD2645CA3F}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{ECB088C0-FAF6-4E0E-BBB9-CB1AF74EFD91}" = dir=out | name=chaton |
"{ED1B787A-0C25-4F06-8D93-41BA63BD8F3A}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{ED1C7E21-AB34-4B3A-ACED-A42382437748}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F035A82F-E583-4738-A949-50C2DA6D7390}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{F04B3E16-9C82-4555-9B37-64E7DD55AFD5}" = dir=out | name=merriam-webster dictionary |
"{F8463DDD-0C2F-495D-8B26-4259E24B742F}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{FE4D10EC-4028-497E-9407-913007F603E7}" = dir=in | name=tvn player |
"TCP Query User{0AEE2AA0-3A03-4C46-9715-B7A5E50EDF3E}C:\xampp\filezillaftp\filezillaserver.exe" = protocol=6 | dir=in | app=c:\xampp\filezillaftp\filezillaserver.exe |
"TCP Query User{122508A9-5FFD-41BF-98BE-0DACD75A6843}C:\program files\java\jre7\launch4j-tmp\minecraftzyczu.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\launch4j-tmp\minecraftzyczu.exe |
"TCP Query User{24156536-8667-4F2B-9098-D2CC3C29B5F1}C:\windows\syswow64\javaw.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe |
"TCP Query User{2B1E1193-1841-405D-BA83-13D6FFFD5451}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"TCP Query User{2CC7F186-9741-4674-90D2-5065BA87C2AE}E:\eruris.pl client\eruris.exe" = protocol=6 | dir=in | app=e:\eruris.pl client\eruris.exe |
"TCP Query User{450FF360-D2B6-4DE1-BF7E-2EF82FA05E12}C:\program files (x86)\counter-strike\cstrike.exe" = protocol=6 | dir=in | app=c:\program files (x86)\counter-strike\cstrike.exe |
"TCP Query User{47CFFBDA-3708-4E9E-ADF1-7E1C36F25CB7}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{490C8A57-5E7C-4B73-A6D5-611283E85BD3}C:\windows\syswow64\javaw.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe |
"TCP Query User{4AF6CF34-69BC-47F6-872D-1563209D5459}C:\program files\wapster\wapster aqq\aqq.exe" = protocol=6 | dir=in | app=c:\program files\wapster\wapster aqq\aqq.exe |
"TCP Query User{4DA55AEC-E34A-4CD3-8FE3-8D8159A9E4CD}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"TCP Query User{501EA313-6865-4319-9445-2668CB3A7AAB}C:\program files (x86)\mta san andreas 1.3\server\mta server.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mta san andreas 1.3\server\mta server.exe |
"TCP Query User{56D5E602-40E3-45DC-9D47-D66B4A4D053B}C:\users\ewka\desktop\nfs\world\metinologia.pl\play.exe" = protocol=6 | dir=in | app=c:\users\ewka\desktop\nfs\world\metinologia.pl\play.exe |
"TCP Query User{57B957A4-07E9-4DCF-B5B9-70E9F3E2CB68}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{5972EC68-CE71-4F66-A9AC-66A55CE29425}C:\users\ewka\desktop\nfs\terraria v1.2.1.2\terraria v1.2.1.2\terrariaserver.exe" = protocol=6 | dir=in | app=c:\users\ewka\desktop\nfs\terraria v1.2.1.2\terraria v1.2.1.2\terrariaserver.exe |
"TCP Query User{63B3DC21-93A0-4328-9CE1-2F477D06963F}C:\users\ewka\desktop\nfs\metin\metinologia.pl\play.exe" = protocol=6 | dir=in | app=c:\users\ewka\desktop\nfs\metin\metinologia.pl\play.exe |
"TCP Query User{6E4B9579-29A2-4348-A203-D510E2BD4A87}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{70B70664-D282-4128-B644-63268E73633E}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{7EFB727F-F56D-4074-8868-AAB6E7BE95BB}C:\users\ewka\desktop\nfs\metin\senthia\metin2client.bin" = protocol=6 | dir=in | app=c:\users\ewka\desktop\nfs\metin\senthia\metin2client.bin |
"TCP Query User{95BF219B-65E4-45C8-9A03-A318DDA275BD}C:\xampp\apache\bin\httpd.exe" = protocol=6 | dir=in | app=c:\xampp\apache\bin\httpd.exe |
"TCP Query User{9FFC473E-CF9C-442F-BC39-32647BBE2B17}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{A88C19D0-3282-4AF3-8490-DBA5AB525CBA}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{A9728681-E996-4CF8-98A3-7435B4A0DAE8}C:\xampp\mercurymail\mercury.exe" = protocol=6 | dir=in | app=c:\xampp\mercurymail\mercury.exe |
"TCP Query User{B603FA39-42DD-4237-84D3-B336CBCCD812}C:\users\ewka\desktop\nfs\metin\senthia\senthia.exe" = protocol=6 | dir=in | app=c:\users\ewka\desktop\nfs\metin\senthia\senthia.exe |
"TCP Query User{B6F084C9-94C5-48F0-B60A-F10618A81A0C}C:\program files (x86)\counter-strike\hlds.exe" = protocol=6 | dir=in | app=c:\program files (x86)\counter-strike\hlds.exe |
"TCP Query User{B78F895D-B789-4D75-99F7-37F9A5C3D343}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{BDE7D0DE-DDE2-485F-9339-1A8CE2CECE6F}C:\users\ewka\appdata\local\temp\rar$exa0.628\gta san andreas\gta_sa.exe" = protocol=6 | dir=in | app=c:\users\ewka\appdata\local\temp\rar$exa0.628\gta san andreas\gta_sa.exe |
"TCP Query User{D2D4A556-1DFD-4712-8844-84E12E64C3E3}C:\users\ewka\desktop\nfs\gta san andreas\gta_sa.exe" = protocol=6 | dir=in | app=c:\users\ewka\desktop\nfs\gta san andreas\gta_sa.exe |
"TCP Query User{D65E7500-077C-46B2-89B8-7ED3BEA6B877}C:\xampp\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe |
"TCP Query User{DC614F34-37D3-43D2-AF4F-A4DC340831CC}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"TCP Query User{DF8D74E5-60EB-414A-B0EE-81D196B346C7}C:\users\ewka\desktop\nfs\metin\senthia\senthia.exe" = protocol=6 | dir=in | app=c:\users\ewka\desktop\nfs\metin\senthia\senthia.exe |
"TCP Query User{E4FAAF4B-861A-4FD7-BA6B-21667FB52D15}C:\users\ewka\desktop\nfs\metinologia.pl\play.exe" = protocol=6 | dir=in | app=c:\users\ewka\desktop\nfs\metinologia.pl\play.exe |
"TCP Query User{E97B1349-18EF-4147-994B-E1C47124BACD}C:\program files (x86)\counter-strike\cstrike.exe" = protocol=6 | dir=in | app=c:\program files (x86)\counter-strike\cstrike.exe |
"TCP Query User{F707AC1B-4FA6-4DD1-BBEB-CDC15BEA6FBF}C:\program files (x86)\counter-strike\valve_sp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\counter-strike\valve_sp.exe |
"TCP Query User{FFEF3808-E0D7-48C7-92B7-5C8F1C9A61D0}C:\users\ewka\desktop\gta san andreas\gta_sa.exe" = protocol=6 | dir=in | app=c:\users\ewka\desktop\gta san andreas\gta_sa.exe |
"UDP Query User{13EFACA4-66B4-495D-80FE-0F4DBE5EC255}C:\program files (x86)\counter-strike\cstrike.exe" = protocol=17 | dir=in | app=c:\program files (x86)\counter-strike\cstrike.exe |
"UDP Query User{14168011-628B-49F2-83B9-D21AEA40986B}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{168C23B3-20B3-40A6-A531-FD57AA94CF0C}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{1F7EECCF-A865-4DED-83E5-C20A45CC45D3}C:\xampp\mercurymail\mercury.exe" = protocol=17 | dir=in | app=c:\xampp\mercurymail\mercury.exe |
"UDP Query User{27F6A34C-D66F-4DC6-9122-A62E37EB82F6}C:\program files (x86)\counter-strike\cstrike.exe" = protocol=17 | dir=in | app=c:\program files (x86)\counter-strike\cstrike.exe |
"UDP Query User{3923295C-7265-479B-B220-877176B50FDD}C:\users\ewka\desktop\nfs\gta san andreas\gta_sa.exe" = protocol=17 | dir=in | app=c:\users\ewka\desktop\nfs\gta san andreas\gta_sa.exe |
"UDP Query User{462AC369-BD73-434F-90CF-B7C83DC48085}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{4BD61CD4-D8AD-4AAF-9B99-A63E0544A9FF}C:\windows\syswow64\javaw.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe |
"UDP Query User{4CFABF3B-FE22-43E9-9E6B-6D83E9A9E03D}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"UDP Query User{5051BD14-B16D-43C6-8B0F-D2DC5D179572}C:\program files (x86)\counter-strike\valve_sp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\counter-strike\valve_sp.exe |
"UDP Query User{5C085628-A23E-43D7-B649-27DA57EF7D32}C:\program files (x86)\counter-strike\hlds.exe" = protocol=17 | dir=in | app=c:\program files (x86)\counter-strike\hlds.exe |
"UDP Query User{5EBB527B-9092-471B-90BC-31A59E067449}C:\xampp\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe |
"UDP Query User{607283F5-9F7B-49D6-87F4-838992EBDB30}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"UDP Query User{75711E06-CEA9-4764-BEEC-137C1328C1AF}C:\users\ewka\desktop\gta san andreas\gta_sa.exe" = protocol=17 | dir=in | app=c:\users\ewka\desktop\gta san andreas\gta_sa.exe |
"UDP Query User{8AD59DB3-D6AE-4533-95E1-F67B06AD7724}C:\users\ewka\desktop\nfs\metin\metinologia.pl\play.exe" = protocol=17 | dir=in | app=c:\users\ewka\desktop\nfs\metin\metinologia.pl\play.exe |
"UDP Query User{8F719A72-8BFA-448E-ABAE-46D147BA2B6A}C:\users\ewka\desktop\nfs\metinologia.pl\play.exe" = protocol=17 | dir=in | app=c:\users\ewka\desktop\nfs\metinologia.pl\play.exe |
"UDP Query User{93B60397-F2FF-4AF6-95B4-A1AD1296F6A2}E:\eruris.pl client\eruris.exe" = protocol=17 | dir=in | app=e:\eruris.pl client\eruris.exe |
"UDP Query User{9BF9C918-A3A3-40DC-9F51-99BAFB76F64E}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{A2CAC3DD-6BEB-4E8B-8ED0-7AF79C236B88}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"UDP Query User{A5C75D4B-1FAB-4145-9A67-CBE4373515DA}C:\program files\wapster\wapster aqq\aqq.exe" = protocol=17 | dir=in | app=c:\program files\wapster\wapster aqq\aqq.exe |
"UDP Query User{A659763F-B328-4BA7-B30D-39A57590F5C4}C:\users\ewka\desktop\nfs\metin\senthia\senthia.exe" = protocol=17 | dir=in | app=c:\users\ewka\desktop\nfs\metin\senthia\senthia.exe |
"UDP Query User{BABB9CB6-72A8-4AD3-94EC-EF6C372B979A}C:\users\ewka\desktop\nfs\metin\senthia\senthia.exe" = protocol=17 | dir=in | app=c:\users\ewka\desktop\nfs\metin\senthia\senthia.exe |
"UDP Query User{BCBFF20B-B059-43E4-9FAB-65D717A3A2BE}C:\users\ewka\desktop\nfs\terraria v1.2.1.2\terraria v1.2.1.2\terrariaserver.exe" = protocol=17 | dir=in | app=c:\users\ewka\desktop\nfs\terraria v1.2.1.2\terraria v1.2.1.2\terrariaserver.exe |
"UDP Query User{C3A853A9-D790-4A7E-8103-98F38072C236}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{C9AA6DAA-3CCF-448E-81E3-AD41F980F360}C:\program files\java\jre7\launch4j-tmp\minecraftzyczu.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\launch4j-tmp\minecraftzyczu.exe |
"UDP Query User{CF61A71E-FB19-4032-806C-1530C17AF7D6}C:\users\ewka\appdata\local\temp\rar$exa0.628\gta san andreas\gta_sa.exe" = protocol=17 | dir=in | app=c:\users\ewka\appdata\local\temp\rar$exa0.628\gta san andreas\gta_sa.exe |
"UDP Query User{D0E76724-D72C-4246-AEAA-EB9FF5BAFB99}C:\windows\syswow64\javaw.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe |
"UDP Query User{D206E104-C0F7-4427-A8B6-0E834EA2EC92}C:\program files (x86)\mta san andreas 1.3\server\mta server.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mta san andreas 1.3\server\mta server.exe |
"UDP Query User{D2C9F631-15A3-4F7B-849B-A85D741F91F0}C:\xampp\apache\bin\httpd.exe" = protocol=17 | dir=in | app=c:\xampp\apache\bin\httpd.exe |
"UDP Query User{E839FC63-0CD4-4226-B26B-259C33ED1ED8}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{ECE27533-A85D-44EE-BA90-9E897E4564E3}C:\users\ewka\desktop\nfs\world\metinologia.pl\play.exe" = protocol=17 | dir=in | app=c:\users\ewka\desktop\nfs\world\metinologia.pl\play.exe |
"UDP Query User{ED982F1B-F9FC-4AB5-8A1E-593F517A5E4B}C:\xampp\filezillaftp\filezillaserver.exe" = protocol=17 | dir=in | app=c:\xampp\filezillaftp\filezillaserver.exe |
"UDP Query User{F02A3902-13AB-42FF-A23E-B7470E477FB0}C:\users\ewka\desktop\nfs\metin\senthia\metin2client.bin" = protocol=17 | dir=in | app=c:\users\ewka\desktop\nfs\metin\senthia\metin2client.bin |
"UDP Query User{F1BE1AB3-68EE-4B26-B8BB-DBBBCADB5C42}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86417045FF}" = Java 7 Update 45 (64-bit)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64)
"{AC0273F1-68A3-42CF-B487-C594B0A92F8D}" = Support Center
"{CFEA455B-E368-45B2-A01E-1C3A6C0F06B6}" = S Agent
"{D93F0B49-12AA-4AE6-8349-0ECB13B9532F}" = Help Desk
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"{F842F8B0-6942-4930-821F-543E976B2C66}" = MSVCRT110_amd64
"9F04C462DAB591BDCCE784F77E4D4F1736010B92" = Windows Driver Package - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass (07/27/2012 20.57.1.735)
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00AA59D7-B92D-4A06-8D06-0596081C0E68}" = Photo Gallery
"{1057511B-F8FE-4230-9ED3-AB949A57EE4A}" = Windows Live PIMT Platform
"{111ae63b-ff99-406c-92c8-cb1160233642}" = Lyrmix
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Recovery
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Qualcomm Atheros Client Installation Program
"{2888FDD1-5EEC-4D56-84B7-4D20DAC0E090}" = User Guide
"{29315CEC-E6CE-4394-84DC-6F862E8D9A52}" = Windows Live UX Platform
"{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"{2ADE2157-7A5E-122C-B51D-EB8A01B15943}" = DeepBurner v1.9.0.228
"{2AE414B5-7FE6-49A3-93C8-D864162CDEBC}" = Windows Live UX Platform Language Pack
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2D416A80-0BB1-4D8B-B770-7BE8F53D5937}" = Windows Live UX Platform Language Pack
"{32272C99-9A54-4195-95A2-1BECA55C252B}" = Max Payne 2
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{40F55150-F43D-4C9F-9A00-1A0A6F1EB7F0}" = Movie Maker
"{44181DF6-2751-48C7-B918-72F14508F127}" = BlueStacks Notification Center
"{46316411-80D8-4F68-8118-696E05FCE199}" = Windows Live Essentials
"{4689F012-C8E3-4F6E-BDEF-13671D53A6DC}" = Windows Live UX Platform Language Pack
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}" = SAGEM F@st 800-840
"{4F9A382F-4478-4036-905C-F77DF2EA0370}" = Windows Live SOXE
"{4FA8F084-C42F-45E1-B7E5-E0C8A1083DC5}" = Windows Live SOXE Definitions
"{5032AF49-87B6-44DC-96E7-B9C4C604868E}_is1" = Minecraft Pingwin Pack 2 wersja 2.6
"{52E5DE60-C96B-42CC-9A37-FE04725940AE}" = Settings
"{58C91689-85E3-4B25-ADEC-2697986DF817}" = Qtrax Player
"{5A25051F-19BD-4634-9B15-4E99A5C0CC37}" = LogMeIn Hamachi
"{5CC4C963-F772-4766-BFF2-DE551E205EE9}" = Photo Common
"{5F189DF5-2D05-472B-9091-84D9848AE48B}{1a34a8e0}" = GS.Supporter 1.80
"{60A1253C-2D51-4166-95C2-52E9CF4F8D64}" = Photo Gallery
"{64DF7404-9D46-44AF-AFA1-A2F8D5648C2D}" = Windows Live Photo Common
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{698ED639-3A26-49EF-B1EF-CD89CB97C778}" = Windows Live Essentials
"{6C955C6B-83AB-402B-8E38-86CFBFB738B1}" = Support Center FAQ
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76EE8FE7-1957-4C51-9074-4930A8CFB1AF}" = Windows Live Installer
"{78F35489-621D-4FFD-BCE7-2C7C3897E47C}" = Windows Live
"{7914488D-F56B-464F-B735-F8E972E5E208}" = Photo Common
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8EEED220-D348-4F49-8C82-B11F6C5450C7}" = Movie Maker
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2010
"{90140000-0015-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2010
"{90140000-0016-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2010
"{90140000-0018-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2010
"{90140000-0019-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2010
"{90140000-001A-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2010
"{90140000-001B-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2010
"{90140000-001F-0415-0000-0000000FF1CE}_Office14.PROPLUS_{1D751709-BA6C-49E2-844B-4F4F20F410C9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0415-1000-0000000FF1CE}_Office14.PROPLUS_{0844B6E1-0A6F-4D81-8BCF-48F883F521FE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2010
"{90140000-002C-0415-0000-0000000FF1CE}_Office14.PROPLUS_{6606F321-8216-466E-981E-B75A14C46894}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2010
"{90140000-0044-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2010
"{90140000-006E-0415-0000-0000000FF1CE}_Office14.PROPLUS_{6AF8887A-72F7-4FA0-ABE4-396172B64550}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2010
"{90140000-00A1-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2010
"{90140000-00BA-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90B936B2-33E6-4FE8-9A64-08EEB42AF2B1}" = Podstawowe programy Windows Live
"{96AA21F4-C8CE-4380-995A-992536463263}" = Galeria fotografii
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9846E46F-07E0-4BDF-985A-E3FBA8C15877}" = Movie Maker
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B2E55F8-5BA8-4A45-9682-ACB6F2CC0DA5}" = Photo Gallery
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A05BE20E-6510-44BC-95ED-6E6D730407D3}" = Vplayer
"{A6C48A9F-694A-4234-B3AA-62590B668927}" = Intel(R) Manageability Engine Firmware Recovery Agent
"{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}" = Easy File Share
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.9) MUI
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BA73469B-D8C7-4FE3-B33C-1340D09F0709}" = Windows Live Communications Platform
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CCDB7ADB-1643-4C30-B39D-1562CFE51420}" = Movie Maker
"{D48BCCD6-D2E2-42F4-B8E8-D7BC10C568EC}" = Windows Live UX Platform Language Pack
"{D531FC91-6F4E-49A7-B912-15289D05B6F8}" = Photo Common
"{D71BC54E-A4E6-4E06-866C-FD6EE16EA187}" = Movie Maker
"{D77A6FED-256C-4E2F-9873-59C92C854A4E}" = Photo Common
"{DA06101F-FD76-4BF0-88BD-B26A197005E3}" = SW Update
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E270A0FD-2DC0-4BFA-8EEE-2AB8B963F0F5}" = Max Payne
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}" = E-POP
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package
"{FE8DFDD0-A543-4A83-B7A9-C411138194D5}" = Galerie de photos
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFFF6D5C-E2F1-4B40-BC89-8923312E89EB}}_is1" = ACE Mega CoDecS Pack
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AvantBrowser" = Avant Browser (remove only)
"avast" = avast! Free Antivirus
"AVIcodec" = AVIcodec (remove only)
"Bandicam" = Bandicam
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"ConvertAd" = ConvertAd
"DAEMON Tools Lite" = DAEMON Tools Lite
"Driver Pro_is1" = Driver Pro v3.1
"InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"Intel AppUp(SM) center 33070" = Intel AppUp(SM) center
"ipla" = ipla 2.7
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.2.0 (Basic)
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.75.0.1300
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Opera 12.16.1860" = Opera 12.16
"Winamp" = Winamp
"WinGimp-2.0_is1" = GIMP 2.6.10
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.20 (32-bit)
"WPM" = WPM17.8.0.3159

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-320547457-2041515029-3647522490-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"3762946741.portal.qtrax.com" = Qtrax Player
"GG" = GG
"uTorrent" = µTorrent
"VuuPC Packages" = VuuPC Packages
"Winamp Detect" = Detektor Winampa

========== Last 20 Event Log Errors ==========

[ Antivirus Events ]
Error - 2013-03-02 13:28:58 | Computer Name = Ewa | Source = avast! | ID = 33554522
Description =

[ Application Events ]
Error - 2014-02-02 11:00:02 | Computer Name = Ewa | Source = Software Protection Platform Service | ID = 16385
Description = Nie można zaplanować restartu usługi ochrony oprogramowania o 2114-01-09T15:00:02Z.
Kod błędu: 0x80041316.

Error - 2014-02-02 11:00:32 | Computer Name = Ewa | Source = Software Protection Platform Service | ID = 16385
Description = Nie można zaplanować restartu usługi ochrony oprogramowania o 2114-01-09T15:00:32Z.
Kod błędu: 0x80041316.

Error - 2014-02-02 11:01:02 | Computer Name = Ewa | Source = Software Protection Platform Service | ID = 16385
Description = Nie można zaplanować restartu usługi ochrony oprogramowania o 2114-01-09T15:01:02Z.
Kod błędu: 0x80041316.

Error - 2014-02-02 11:01:32 | Computer Name = Ewa | Source = Software Protection Platform Service | ID = 16385
Description = Nie można zaplanować restartu usługi ochrony oprogramowania o 2114-01-09T15:01:32Z.
Kod błędu: 0x80041316.

Error - 2014-02-02 11:02:02 | Computer Name = Ewa | Source = Software Protection Platform Service | ID = 16385
Description = Nie można zaplanować restartu usługi ochrony oprogramowania o 2114-01-09T15:01:02Z.
Kod błędu: 0x80041316.

Error - 2014-02-02 11:02:32 | Computer Name = Ewa | Source = Software Protection Platform Service | ID = 16385
Description = Nie można zaplanować restartu usługi ochrony oprogramowania o 2114-01-09T15:02:32Z.
Kod błędu: 0x80041316.

Error - 2014-02-02 11:03:02 | Computer Name = Ewa | Source = Software Protection Platform Service | ID = 16385
Description = Nie można zaplanować restartu usługi ochrony oprogramowania o 2114-01-09T15:03:02Z.
Kod błędu: 0x80041316.

Error - 2014-02-02 11:03:32 | Computer Name = Ewa | Source = Software Protection Platform Service | ID = 16385
Description = Nie można zaplanować restartu usługi ochrony oprogramowania o 2114-01-09T15:03:32Z.
Kod błędu: 0x80041316.

Error - 2014-02-02 11:04:02 | Computer Name = Ewa | Source = Software Protection Platform Service | ID = 16385
Description = Nie można zaplanować restartu usługi ochrony oprogramowania o 2114-01-09T15:04:02Z.
Kod błędu: 0x80041316.

Error - 2014-02-02 11:04:32 | Computer Name = Ewa | Source = Software Protection Platform Service | ID = 16385
Description = Nie można zaplanować restartu usługi ochrony oprogramowania o 2114-01-09T15:04:32Z.
Kod błędu: 0x80041316.

[ System Events ]
Error - 2013-12-09 09:22:16 | Computer Name = Ewa | Source = Microsoft-Windows-Kernel-Power | ID = 137
Description =

Error - 2013-12-09 11:39:13 | Computer Name = Ewa | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 15:47:14 na ?2013-?12-?09 było
nieoczekiwane.

Error - 2013-12-09 11:39:01 | Computer Name = Ewa | Source = Microsoft-Windows-Kernel-General | ID = 6
Description =

Error - 2013-12-09 11:40:01 | Computer Name = Ewa | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Windows Internet Name Service z powodu
następującego błędu: %%2

Error - 2013-12-09 11:40:37 | Computer Name = Ewa | Source = Service Control Manager | ID = 7009
Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się
z usługą LogMeIn Hamachi Tunneling Engine.

Error - 2013-12-09 11:40:37 | Computer Name = Ewa | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi LogMeIn Hamachi Tunneling Engine z powodu
następującego błędu: %%1053

Error - 2013-12-09 12:09:46 | Computer Name = Ewa | Source = Microsoft-Windows-Kernel-Power | ID = 137
Description =

Error - 2013-12-09 12:26:06 | Computer Name = Ewa | Source = Microsoft-Windows-Kernel-Power | ID = 137
Description =

Error - 2013-12-09 12:48:09 | Computer Name = Ewa | Source = Microsoft-Windows-Kernel-General | ID = 6
Description =

Error - 2013-12-09 12:49:04 | Computer Name = Ewa | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Windows Internet Name Service z powodu
następującego błędu: %%2

< End of report >

Post02 lut 2014, 16:38

Przeniesiono do Bezpieczeństwa.
ewaa_89, popraw logi według regulaminu działu.

Post02 lut 2014, 17:09

A jak już zrobisz to, co zalecił Moderator, to:

1) Odinstaluj:
"3762946741.portal.qtrax.com" = Qtrax Player
"VuuPC Packages" = VuuPC Packages
"WPM" = WPM17.8.0.3159
"{111ae63b-ff99-406c-92c8-cb1160233642}" = Lyrmix

2) Użyj >Dostępne tylko dla zarejestrowanych użytkowników (aby pobrać kliknij na dużą zieloną strzałkę po prawej).
najpierw kliknij na SZUKAJ, a dopiero po zakończeniu skanowania, gdy uaktywni się przycisk USUŃ, to kliknij na niego.
Pokaż raport z niego C:\AdwCleaner\AdwCleaner[S].txt

3) Uruchom OTL i w oknie Własne opcje skanowania/Skrypt wklej to:

:OTL
[2013-10-06 16:40:25 | 000,000,000 | ---D | M] -- C:\Users\Ewka\AppData\Roaming\0C1I1L1R1J0M1P0I1G
[2014-02-02 15:33:17 | 000,000,000 | ---D | M] -- C:\Users\Ewka\AppData\Roaming\newnext.me
[2013-02-24 13:31:36 | 000,338,815 | ---- | C] () -- C:\Users\Ewka\AppData\Local\speeddial.crx
[2014-01-02 15:33:51 | 002,759,168 | ---- | C] () -- C:\Program Files (x86)\GS_x64.Enabler
[2014-01-02 15:33:50 | 003,041,792 | ---- | C] () -- C:\Program Files (x86)\GS.Enabler
[2014-02-02 15:30:39 | 000,000,368 | ---- | M] () -- C:\windows\tasks\Lyrmix Update.job
[2014-01-12 14:32:37 | 000,000,000 | ---D | C] -- C:\Users\Ewka\.android
[2014-01-12 14:32:28 | 000,000,000 | ---D | C] -- C:\Users\Ewka\AppData\Local\cache
[2014-01-12 14:32:27 | 000,000,000 | ---D | C] -- C:\Users\Ewka\AppData\Roaming\newnext.me
[2014-01-12 14:32:24 | 000,000,000 | ---D | C] -- C:\Users\Ewka\AppData\Local\genienext
[2014-01-12 14:32:23 | 000,000,000 | ---D | C] -- C:\Users\Ewka\AppData\Local\Mobogenie
[2014-01-12 14:31:48 | 000,000,000 | ---D | C] -- C:\Users\Ewka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
[2014-01-12 14:27:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mobogenie
O20:64bit: - AppInit_DLLs: (c:\program files (x86)\gs_x64.enabler) - c:\program files (x86)\gs_x64.enabler ()
O20 - AppInit_DLLs: (c:\program files (x86)\gs.enabler) - c:\program files (x86)\gs.enabler ()
O4 - HKU\S-1-5-21-320547457-2041515029-3647522490-1001..\Run: [NextLive] C:\Users\Ewka\AppData\Roaming\newnext.me\nengine.dll (NewNextDotMe)
O4 - HKU\S-1-5-21-320547457-2041515029-3647522490-1001..\Run: [ALLUpdate] "C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe" "sleep" File not found
O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe File not found
O4 - HKLM..\Run: [ConvertAd] C:\Users\Ewka\AppData\Local\ConvertAd\ConvertAd.exe File not found
O4 - HKLM..\Run: [AnyProtect] C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe File not found
O4 - HKLM..\Run: [AnyProtect Tray] C:\Program Files (x86)\AnyProtectEx\AnyProtectTray.exe /scanner File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {96F454EA-9D38-474F-B504-56193E00C1A5} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {96F454EA-9D38-474F-B504-56193E00C1A5} - No CLSID value found.
O3 - HKU\S-1-5-21-320547457-2041515029-3647522490-1001\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O2 - BHO: (Lyrmix) - {804efe7d-a8d7-4351-a6df-014d1ed7c6fc} - C:\Program Files (x86)\Lyrmix\133.dll File not found
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{dde15e35-c9b3-4c30-b055-730c5f4a45d3}: C:\Program Files (x86)\Lyrmix\133.xpi
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
IE - HKU\S-1-5-21-320547457-2041515029-3647522490-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Dostępne tylko dla zarejestrowanych użytkowników ... J9ECB05168
IE - HKU\S-1-5-21-320547457-2041515029-3647522490-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Dostępne tylko dla zarejestrowanych użytkowników ... CB05168&q={searchTerms}
IE - HKU\S-1-5-21-320547457-2041515029-3647522490-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Dostępne tylko dla zarejestrowanych użytkowników ... CB05168&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Dostępne tylko dla zarejestrowanych użytkowników ... CB05168&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Dostępne tylko dla zarejestrowanych użytkowników ... J9ECB05168
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Dostępne tylko dla zarejestrowanych użytkowników ... CB05168&q={searchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Dostępne tylko dla zarejestrowanych użytkowników ... J9ECB05168
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Dostępne tylko dla zarejestrowanych użytkowników ... CB05168&q={searchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Dostępne tylko dla zarejestrowanych użytkowników ... CB05168&q={searchTerms}
SRV - [2014-01-02 15:39:42 | 000,499,856 | ---- | M] (Cherished Technololgy LIMITED) [Auto | Running] -- C:\ProgramData\WPM\wprotectmanager.exe -- (Wpm)

:Files
C:\ProgramData\WPM

:Reg
[-HKEY_USERS\S-1-5-21-320547457-2041515029-3647522490-1001\Software\Microsoft\Internet Explorer\SearchScopes\0B0C95BD3F6C47288920C6F80F7CA079]
[-HKEY_USERS\S-1-5-21-320547457-2041515029-3647522490-1001\Software\Microsoft\Internet Explorer\SearchScopes\{B7B664DF-3AF9-4C8E-8148-F42BB7831D27}]
[-HKEY_USERS\S-1-5-21-320547457-2041515029-3647522490-1001\Software\Microsoft\Internet Explorer\SearchScopes\{1C6EDC9D-D02B-4CD8-B4D1-D58FF7DA75CA}]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"=-
[HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"=-
[HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"=-
[HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"=-
[HKEY_USERS\S-1-5-21-320547457-2041515029-3647522490-1001\Software\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"=-
[HKEY_USERS\S-1-5-21-320547457-2041515029-3647522490-1001\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
[-HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\{03B05468-ECB4-4C03-A302-7A1B21BB3FF6}]
[-HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\{03B05468-ECB4-4C03-A302-7A1B21BB3FF6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{352B63D1-CABB-4C5A-ADD8-85801D10ACF7}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"

:Commands
[emptytemp]

Kliknij w Wykonaj Skrypt. Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie.
Następnie uruchom OTL ponownie, tym razem kliknij Skanuj.
Pokaż nowy log OTL.txt oraz raport z usuwania Skryptem.

F.