Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 483

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 112

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 27

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 28

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 29

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 30

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 31

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 32

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 33

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 35

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 36

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 37

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 38

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 39

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 40

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 41

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 42

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 43

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 44

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 45

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 47

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 48

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 49

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 50

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 51

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 52

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 53

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 54

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 55

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 56

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 80

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 81

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 82

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 83

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 84

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 85

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 86

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 87

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 88

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 89

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 90

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 91

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 92

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 93

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 94

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 27

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 28

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 29

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 30

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 31

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 32

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 33

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 35

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 36

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 37

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 38

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 39

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 40

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 41

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 42

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 43

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 44

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 45

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 47

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 48

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 49

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 50

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 51

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 52

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 53

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 54

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 55

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 56

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 80

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 81

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 82

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 83

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 84

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 85

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 86

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 87

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 88

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 89

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 90

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 91

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 92

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 93

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 94

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/mati/domains/forum.programosy.pl/public_html/includes/bbcode.php on line 112

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 27

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 28

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 29

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 30

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 31

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 32

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 33

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 35

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 36

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 37

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 38

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 39

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 40

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 41

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 42

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 43

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 44

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 45

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 47

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 48

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 49

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 50

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 51

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 52

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 53

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 54

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 55

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 56

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 80

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 81

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 82

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 83

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 84

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 85

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 86

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 87

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 88

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 89

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 90

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 91

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 92

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 93

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 94

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 27

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 28

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 29

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 30

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 31

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 32

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 33

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 35

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 36

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 37

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 38

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 39

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 40

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 41

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 42

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 43

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 44

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 45

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 47

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 48

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 49

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 50

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 51

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 52

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 53

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 54

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 55

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 56

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 80

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 81

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 82

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 83

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 84

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 85

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 86

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 87

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 88

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 89

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 90

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 91

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 92

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 93

Deprecated: Function eregi() is deprecated in /home/mati/domains/forum.programosy.pl/public_html/includes/functions_gfxua.php on line 94

Strict Standards: Non-static method utf_normalizer::nfkc() should not be called statically in /home/mati/domains/forum.programosy.pl/public_html/includes/utf/utf_tools.php on line 1663
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3900: Cannot modify header information - headers already sent by (output started at /includes/bbcode.php:483)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3902: Cannot modify header information - headers already sent by (output started at /includes/bbcode.php:483)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3903: Cannot modify header information - headers already sent by (output started at /includes/bbcode.php:483)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 3904: Cannot modify header information - headers already sent by (output started at /includes/bbcode.php:483)
Uciążliwe wyszukiwarki - qvo6 i govome • programosy.pl
Aktualizacje na programosy.pl: ChromiumKaspersky Rescue DiskVimSwitch Sound File ConverterFL Studio (Fruity Loops)UCheckFarbar Recovery Scan ToolMonkey′s AudioXnViewMP  

  • Ogłoszenie:

Uciążliwe wyszukiwarki - qvo6 i govome

Bezpieczeństwo systemów, usuwanie wirusów, dobieranie programów antywirusowych. Obowiązkowe logi w tym dziale: trzy z FRST + Gmer.
Wyślij odpowiedź

Uciążliwe wyszukiwarki - qvo6 i govome

Postprzez Box 24 Lip 2013, 00:54

reklama
Witam,
Ostatnio pobierałem coś z internetu i wymagało to pobrania downloadera, który następnie pobiera interesującą mnie aplikację. Nie godzę się na takie rzeczy nigdy przenigdy, bo wiem, jaki to za sobą wiąże syf, no ale gdy się spostrzegłem (uruchomiłem ów downloader), było już za późno. Nawet po kliknięciu "back" oraz "close" na kompie zainstalował mi się syf.

Korzystam z Chrome i po wpisaniu w pasku frazy do wyszukiwania, widzę przez chwilę adres search.qvo6.com, a następnie wyniki wyświetlają się jako Govome.

Poniżej wrzucam logi.
Też mała adnotacja do nich, nie wiem czym spowodowane (usunąłem emulatory i to wszystko, jak było zalecane), ale podczas skanowania gmerem i OTLem wyskakiwało okno "Brak dysku w napędzie~". Po kliknięciu "kontynuuj" skan szedł dalej bez przeszkód.

Oto logi
OTL.txt
Kod: Zaznacz wszystko
OTL logfile created on: 7/24/2013 12:16:37 AM - Run 4
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Downloads\Software
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000409 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3.97 Gb Total Physical Memory | 1.96 Gb Available Physical Memory | 49.48% Memory free
7.93 Gb Paging File | 5.45 Gb Available in Paging File | 68.73% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116.44 Gb Total Space | 9.28 Gb Free Space | 7.97% Space Free | Partition Type: NTFS
Drive D: | 334.67 Gb Total Space | 162.11 Gb Free Space | 48.44% Space Free | Partition Type: NTFS

Computer Name: BOX-KOMPUTER | User Name: Box | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2013/07/24 00:15:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Downloads\Software\OTL.exe
PRC - [2013/07/12 05:43:25 | 000,217,992 | ---- | M] (Google Inc.) -- C:\Users\Box\AppData\Local\Google\Update\1.3.21.153\GoogleCrashHandler.exe
PRC - [2013/01/30 16:45:22 | 006,864,896 | ---- | M] (FreeDownloadManager.ORG) -- C:\Program Files (x86)\Free Download Manager\fdm.exe
PRC - [2013/01/14 17:34:26 | 001,751,552 | ---- | M] (Last.fm) -- C:\Program Files (x86)\Last.fm\Last.fm Scrobbler.exe
PRC - [2012/06/28 17:41:58 | 002,206,888 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winamp.exe
PRC - [2012/06/13 11:09:50 | 003,268,216 | ---- | M] (mIRC Co. Ltd.) -- C:\Program Files (x86)\mIRC\mirc.exe
PRC - [2012/03/26 17:35:16 | 000,449,168 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
PRC - [2009/11/03 05:13:44 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2009/07/24 20:32:50 | 001,593,344 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009/07/24 03:13:38 | 000,306,232 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe
PRC - [2009/07/23 03:58:46 | 000,017,976 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
PRC - [2009/07/16 20:07:54 | 000,178,744 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
PRC - [2009/06/19 20:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
PRC - [2009/06/19 20:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/16 03:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
PRC - [2009/05/19 01:58:38 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2008/12/23 03:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
PRC - [2008/08/14 07:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
PRC - [2008/08/14 06:59:56 | 000,301,624 | ---- | M] () -- C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
PRC - [2008/07/19 05:52:16 | 000,104,936 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2007/08/08 10:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe
PRC - [2002/12/17 18:26:22 | 007,520,337 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2013/07/23 14:23:54 | 000,324,608 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\winamp.lng
MOD - [2013/07/23 14:23:54 | 000,161,792 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\vis_milk2.lng
MOD - [2013/07/23 14:23:54 | 000,087,552 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\vis_avs.lng
MOD - [2013/07/23 14:23:54 | 000,066,560 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\burnlib.lng
MOD - [2013/07/23 14:23:54 | 000,054,272 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\ml_local.lng
MOD - [2013/07/23 14:23:54 | 000,047,616 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\ml_disc.lng
MOD - [2013/07/23 14:23:54 | 000,046,592 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\ml_pmp.lng
MOD - [2013/07/23 14:23:54 | 000,045,056 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\pmp_wifi.lng
MOD - [2013/07/23 14:23:54 | 000,040,960 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\gen_jumpex.lng
MOD - [2013/07/23 14:23:54 | 000,036,864 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\ombrowser.lng
MOD - [2013/07/23 14:23:54 | 000,022,528 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\in_mp3.lng
MOD - [2013/07/23 14:23:54 | 000,022,016 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\gen_ff.lng
MOD - [2013/07/23 14:23:54 | 000,021,504 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\gen_ml.lng
MOD - [2013/07/23 14:23:54 | 000,020,992 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\in_midi.lng
MOD - [2013/07/23 14:23:54 | 000,018,432 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\in_mod.lng
MOD - [2013/07/23 14:23:54 | 000,016,896 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\out_ds.lng
MOD - [2013/07/23 14:23:54 | 000,014,336 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\ml_wire.lng
MOD - [2013/07/23 14:23:54 | 000,014,336 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\ml_online.lng
MOD - [2013/07/23 14:23:54 | 000,013,312 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\ml_playlists.lng
MOD - [2013/07/23 14:23:54 | 000,013,312 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\in_cdda.lng
MOD - [2013/07/23 14:23:54 | 000,012,800 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\ml_plg.lng
MOD - [2013/07/23 14:23:54 | 000,012,800 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\dsp_sps.lng
MOD - [2013/07/23 14:23:54 | 000,011,264 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\in_vorbis.lng
MOD - [2013/07/23 14:23:54 | 000,011,264 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\in_nsv.lng
MOD - [2013/07/23 14:23:54 | 000,011,264 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\gen_hotkeys.lng
MOD - [2013/07/23 14:23:54 | 000,011,264 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\auth.lng
MOD - [2013/07/23 14:23:54 | 000,010,752 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\pmp_usb.lng
MOD - [2013/07/23 14:23:54 | 000,010,752 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\pmp_android.lng
MOD - [2013/07/23 14:23:54 | 000,009,216 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\ml_downloads.lng
MOD - [2013/07/23 14:23:54 | 000,008,704 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\ml_history.lng
MOD - [2013/07/23 14:23:54 | 000,008,192 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\ml_transcode.lng
MOD - [2013/07/23 14:23:54 | 000,008,192 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\ml_devices.lng
MOD - [2013/07/23 14:23:54 | 000,007,680 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\vis_nsfs.lng
MOD - [2013/07/23 14:23:54 | 000,007,680 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\gen_tray.lng
MOD - [2013/07/23 14:23:54 | 000,007,168 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\out_wave.lng
MOD - [2013/07/23 14:23:54 | 000,007,168 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\ml_autotag.lng
MOD - [2013/07/23 14:23:54 | 000,007,168 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\in_dshow.lng
MOD - [2013/07/23 14:23:54 | 000,007,168 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\gen_orgler.lng
MOD - [2013/07/23 14:23:54 | 000,007,168 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\gen_crasher.lng
MOD - [2013/07/23 14:23:54 | 000,006,656 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\pmp_ipod.lng
MOD - [2013/07/23 14:23:54 | 000,006,656 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\enc_fhgaac.lng
MOD - [2013/07/23 14:23:54 | 000,006,144 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\tagz.lng
MOD - [2013/07/23 14:23:54 | 000,006,144 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\out_disk.lng
MOD - [2013/07/23 14:23:54 | 000,006,144 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\in_flac.lng
MOD - [2013/07/23 14:23:54 | 000,006,144 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\enc_wma.lng
MOD - [2013/07/23 14:23:54 | 000,005,632 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\ml_rg.lng
MOD - [2013/07/23 14:23:54 | 000,005,632 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\in_wave.lng
MOD - [2013/07/23 14:23:54 | 000,005,632 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\enc_lame.lng
MOD - [2013/07/23 14:23:54 | 000,005,120 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\ml_impex.lng
MOD - [2013/07/23 14:23:54 | 000,005,120 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\ml_bookmarks.lng
MOD - [2013/07/23 14:23:54 | 000,005,120 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\in_avi.lng
MOD - [2013/07/23 14:23:54 | 000,004,608 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\pmp_activesync.lng
MOD - [2013/07/23 14:23:54 | 000,004,608 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\in_mp4.lng
MOD - [2013/07/23 14:23:54 | 000,004,608 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\in_mkv.lng
MOD - [2013/07/23 14:23:54 | 000,004,096 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\pmp_p4s.lng
MOD - [2013/07/23 14:23:54 | 000,004,096 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\ml_orb.lng
MOD - [2013/07/23 14:23:54 | 000,004,096 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\enc_wav.lng
MOD - [2013/07/23 14:23:54 | 000,004,096 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\enc_flac.lng
MOD - [2013/07/23 14:23:54 | 000,003,584 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\winampa.lng
MOD - [2013/07/23 14:23:54 | 000,003,584 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\pmp_njb.lng
MOD - [2013/07/23 14:23:54 | 000,003,584 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\ml_nowplaying.lng
MOD - [2013/07/23 14:23:54 | 000,003,584 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\ml_addons.lng
MOD - [2013/07/23 14:23:54 | 000,003,584 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\in_swf.lng
MOD - [2013/07/23 14:23:54 | 000,003,584 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\in_linein.lng
MOD - [2013/07/23 14:23:54 | 000,003,584 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\in_flv.lng
MOD - [2013/07/23 14:23:54 | 000,003,072 | ---- | M] () -- C:\Users\Box\AppData\Local\Temp\WLZE6D1.tmp\playlist.lng
MOD - [2013/07/12 20:49:44 | 000,396,240 | ---- | M] () -- C:\Users\Box\AppData\Local\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll
MOD - [2013/07/12 20:49:43 | 013,599,184 | ---- | M] () -- C:\Users\Box\AppData\Local\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll
MOD - [2013/07/12 20:49:42 | 004,052,944 | ---- | M] () -- C:\Users\Box\AppData\Local\Google\Chrome\Application\28.0.1500.72\pdf.dll
MOD - [2013/07/12 20:48:52 | 000,601,552 | ---- | M] () -- C:\Users\Box\AppData\Local\Google\Chrome\Application\28.0.1500.72\libglesv2.dll
MOD - [2013/07/12 20:48:51 | 000,123,344 | ---- | M] () -- C:\Users\Box\AppData\Local\Google\Chrome\Application\28.0.1500.72\libegl.dll
MOD - [2013/07/12 20:48:49 | 001,597,392 | ---- | M] () -- C:\Users\Box\AppData\Local\Google\Chrome\Application\28.0.1500.72\ffmpegsumo.dll
MOD - [2013/07/11 09:30:52 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a2920ed81e097f8551231a9350697bbd\PresentationFramework.Aero.ni.dll
MOD - [2013/07/11 09:30:11 | 014,340,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\fc4a8709f71eba20cc71c7905bba3dee\PresentationFramework.ni.dll
MOD - [2013/07/11 09:29:39 | 012,238,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\ef17be93e209cc95b9768c7822530432\PresentationCore.ni.dll
MOD - [2013/07/11 09:29:27 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\c25666b99761bc42322bae2e59968df8\WindowsBase.ni.dll
MOD - [2013/07/11 09:29:14 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\187c13e8967097d2ed1e5f123e7d890a\System.ni.dll
MOD - [2013/07/11 09:29:07 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/01/20 02:07:48 | 000,623,616 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\jnetlib.w5s
MOD - [2013/01/20 02:07:48 | 000,174,080 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\auth.w5s
MOD - [2013/01/20 02:07:48 | 000,154,624 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\jpeg.w5s
MOD - [2013/01/20 02:07:48 | 000,091,136 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\xml.w5s
MOD - [2013/01/20 02:07:48 | 000,087,552 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\png.w5s
MOD - [2013/01/20 02:07:48 | 000,084,480 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\playlist.w5s
MOD - [2013/01/20 02:07:48 | 000,083,968 | ---- | M] () -- C:\Program Files (x86)\Winamp\tataki.dll
MOD - [2013/01/20 02:07:48 | 000,064,512 | ---- | M] () -- C:\Program Files (x86)\Winamp\zlib.dll
MOD - [2013/01/20 02:07:48 | 000,044,544 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\devices.w5s
MOD - [2013/01/20 02:07:48 | 000,035,328 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\timer.w5s
MOD - [2013/01/20 02:07:48 | 000,023,552 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\albumart.w5s
MOD - [2013/01/20 02:07:48 | 000,021,504 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\tagz.w5s
MOD - [2013/01/20 02:07:48 | 000,019,456 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\gif.w5s
MOD - [2013/01/20 02:07:48 | 000,019,456 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\bmp.w5s
MOD - [2013/01/20 02:07:48 | 000,016,896 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\dlmgr.w5s
MOD - [2013/01/20 02:07:48 | 000,016,384 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\gracenote.w5s
MOD - [2013/01/20 02:07:48 | 000,014,336 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\filereader.w5s
MOD - [2013/01/20 02:07:48 | 000,013,824 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\primo.w5s
MOD - [2013/01/20 02:07:47 | 000,294,912 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_local.dll
MOD - [2013/01/20 02:07:47 | 000,249,856 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_devices.dll
MOD - [2013/01/20 02:07:47 | 000,240,640 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_pmp.dll
MOD - [2013/01/20 02:07:47 | 000,201,728 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_disc.dll
MOD - [2013/01/20 02:07:47 | 000,170,496 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_ipod.dll
MOD - [2013/01/20 02:07:47 | 000,124,928 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_online.dll
MOD - [2013/01/20 02:07:47 | 000,118,272 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_p4s.dll
MOD - [2013/01/20 02:07:47 | 000,113,664 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_wifi.dll
MOD - [2013/01/20 02:07:47 | 000,084,480 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_playlists.dll
MOD - [2013/01/20 02:07:47 | 000,083,456 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_plg.dll
MOD - [2013/01/20 02:07:47 | 000,060,928 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_android.dll
MOD - [2013/01/20 02:07:47 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_impex.dll
MOD - [2013/01/20 02:07:47 | 000,053,760 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_usb.dll
MOD - [2013/01/20 02:07:47 | 000,052,224 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\out_ds.dll
MOD - [2013/01/20 02:07:47 | 000,052,224 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_history.dll
MOD - [2013/01/20 02:07:47 | 000,033,792 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_rg.dll
MOD - [2013/01/20 02:07:47 | 000,032,256 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_transcode.dll
MOD - [2013/01/20 02:07:47 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_bookmarks.dll
MOD - [2013/01/20 02:07:47 | 000,022,528 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\out_disk.dll
MOD - [2013/01/20 02:07:47 | 000,020,480 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_njb.dll
MOD - [2013/01/20 02:07:47 | 000,018,432 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\out_wave.dll
MOD - [2013/01/20 02:07:46 | 001,737,728 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_ff.dll
MOD - [2013/01/20 02:07:46 | 000,340,992 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\freeform\wacs\freetype\freetype.wac
MOD - [2013/01/20 02:07:46 | 000,318,976 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_ml.dll
MOD - [2013/01/20 02:07:46 | 000,313,344 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_wm.dll
MOD - [2013/01/20 02:07:46 | 000,290,816 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mp3.dll
MOD - [2013/01/20 02:07:46 | 000,253,440 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_vorbis.dll
MOD - [2013/01/20 02:07:46 | 000,185,344 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_jumpex.dll
MOD - [2013/01/20 02:07:46 | 000,164,864 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mod.dll
MOD - [2013/01/20 02:07:46 | 000,109,568 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_midi.dll
MOD - [2013/01/20 02:07:46 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_cdda.dll
MOD - [2013/01/20 02:07:46 | 000,075,264 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_nsv.dll
MOD - [2013/01/20 02:07:46 | 000,072,192 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_dshow.dll
MOD - [2013/01/20 02:07:46 | 000,068,608 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_avi.dll
MOD - [2013/01/20 02:07:46 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_flac.dll
MOD - [2013/01/20 02:07:46 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_orgler.dll
MOD - [2013/01/20 02:07:46 | 000,052,736 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mp4.dll
MOD - [2013/01/20 02:07:46 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mkv.dll
MOD - [2013/01/20 02:07:46 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_flv.dll
MOD - [2013/01/20 02:07:46 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_autotag.dll
MOD - [2013/01/20 02:07:46 | 000,028,160 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_hotkeys.dll
MOD - [2013/01/20 02:07:46 | 000,025,600 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_tray.dll
MOD - [2013/01/20 02:07:46 | 000,023,552 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_swf.dll
MOD - [2013/01/20 02:07:46 | 000,016,896 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_wave.dll
MOD - [2013/01/20 02:07:46 | 000,007,168 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_linein.dll
MOD - [2013/01/20 02:07:45 | 000,417,280 | ---- | M] () -- C:\Program Files (x86)\Winamp\nsutil.dll
MOD - [2013/01/20 02:07:45 | 000,253,440 | ---- | M] () -- C:\Program Files (x86)\Winamp\libsndfile.dll
MOD - [2013/01/20 02:07:45 | 000,078,848 | ---- | M] () -- C:\Program Files (x86)\Winamp\nde.dll
MOD - [2013/01/14 17:33:58 | 000,104,960 | ---- | M] () -- C:\Program Files (x86)\Last.fm\listener.dll
MOD - [2013/01/14 17:33:56 | 000,592,896 | ---- | M] () -- C:\Program Files (x86)\Last.fm\unicorn.dll
MOD - [2013/01/14 17:33:42 | 000,015,872 | ---- | M] () -- C:\Program Files (x86)\Last.fm\logger.dll
MOD - [2013/01/14 17:30:06 | 000,083,968 | ---- | M] () -- C:\Program Files (x86)\Last.fm\lastfm_fingerprint.dll
MOD - [2013/01/14 17:30:02 | 000,351,744 | ---- | M] () -- C:\Program Files (x86)\Last.fm\lastfm.dll
MOD - [2013/01/11 04:22:32 | 003,547,136 | ---- | M] () -- C:\Program Files (x86)\Free Download Manager\fdmbtsupp.dll
MOD - [2013/01/06 22:15:58 | 015,212,032 | ---- | M] () -- C:\Program Files (x86)\Last.fm\avcodec-54.dll
MOD - [2013/01/06 22:15:58 | 000,221,696 | ---- | M] () -- C:\Program Files (x86)\Last.fm\avutil-52.dll
MOD - [2013/01/06 22:15:58 | 000,112,128 | ---- | M] () -- C:\Program Files (x86)\Last.fm\swresample-0.dll
MOD - [2013/01/06 22:15:56 | 003,054,592 | ---- | M] () -- C:\Program Files (x86)\Last.fm\avformat-54.dll
MOD - [2012/10/25 13:09:32 | 000,181,248 | ---- | M] () -- C:\Program Files (x86)\Last.fm\plugins\phonon_backend\phonon_vlc.dll
MOD - [2012/10/15 21:28:38 | 002,286,592 | ---- | M] () -- C:\Program Files (x86)\Last.fm\libvlccore.dll
MOD - [2012/10/15 21:28:30 | 000,049,664 | ---- | M] () -- C:\Program Files (x86)\Last.fm\plugins\audio_output\libaout_directx_plugin.dll
MOD - [2012/10/15 21:27:56 | 000,111,616 | ---- | M] () -- C:\Program Files (x86)\Last.fm\libvlc.dll
MOD - [2012/10/11 12:09:40 | 000,300,544 | ---- | M] () -- C:\Program Files (x86)\Last.fm\phonon.dll
MOD - [2012/08/17 20:00:00 | 003,476,480 | ---- | M] () -- C:\Program Files (x86)\K-Lite Codec Pack\Filters\ffdshow\ffdshow.ax
MOD - [2012/08/16 16:10:28 | 007,865,439 | ---- | M] () -- C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\avcodec-lav-54.dll
MOD - [2012/08/16 16:10:28 | 001,133,352 | ---- | M] () -- C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\avformat-lav-54.dll
MOD - [2012/08/16 16:10:28 | 000,235,961 | ---- | M] () -- C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\avutil-lav-51.dll
MOD - [2012/08/16 16:10:28 | 000,149,569 | ---- | M] () -- C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\avresample-lav-0.dll
MOD - [2012/08/16 15:34:12 | 001,478,144 | ---- | M] () -- C:\Program Files (x86)\Last.fm\libsamplerate-0.dll
MOD - [2012/04/28 11:15:28 | 002,320,776 | ---- | M] () -- C:\Program Files (x86)\Last.fm\libfftw3f-3.dll
MOD - [2011/03/17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/11/13 04:37:37 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009/09/28 00:02:24 | 000,797,184 | ---- | M] () -- C:\Windows\SysWOW64\ac3filter.ax
MOD - [2009/07/24 20:32:50 | 001,593,344 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2009/07/23 03:58:46 | 000,017,976 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
MOD - [2008/08/28 02:32:36 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2008/06/09 19:55:08 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2013/05/27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2011/04/07 17:37:16 | 005,352,960 | ---- | M] (Native Instruments GmbH) [Disabled | Stopped] -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService)
SRV:[b]64bit:[/b] - [2009/09/15 23:21:58 | 000,359,552 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:[b]64bit:[/b] - [2007/08/08 10:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2013/07/02 17:40:43 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/11/03 13:58:28 | 000,529,744 | ---- | M] (Valve Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/03/23 14:25:24 | 000,087,040 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2012/02/28 18:38:54 | 002,343,816 | ---- | M] (LogMeIn Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2010/09/08 21:46:00 | 003,852,792 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/10/14 16:44:38 | 000,090,112 | ---- | M] (France Telecom SA) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC)
SRV - [2009/09/15 03:03:42 | 000,044,312 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\ASUS\Game Park\GameConsole\OberonGameConsoleService.exe -- (OberonGameConsoleService)
SRV - [2009/09/11 04:09:28 | 000,109,184 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\ASUS\AI Recovery\ServiceSimple2.exe -- (ASUSRDVDService)
SRV - [2009/07/24 03:13:38 | 000,306,232 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe -- (FastBootAgent)
SRV - [2009/06/16 03:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2002/12/17 18:26:22 | 007,520,337 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -- (MSSQL$SONY_MEDIAMGR)
SRV - [2002/12/17 18:23:30 | 000,311,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE -- (SQLAgent$SONY_MEDIAMGR)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\gPotato.eu\Rappelz\GameGuard\dump_wmimmc.sys -- (dump_wmimmc)
DRV:[b]64bit:[/b] - [2012/04/12 18:12:56 | 000,147,248 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:[b]64bit:[/b] - [2012/03/07 10:10:00 | 000,183,544 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mkd3kfnt.sys -- (Mkd3kfNt)
DRV:[b]64bit:[/b] - [2012/03/07 10:10:00 | 000,107,768 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Mkd2Nadr.sys -- (Mkd2Nadr)
DRV:[b]64bit:[/b] - [2012/03/07 10:10:00 | 000,098,040 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Mkd2BthF.sys -- (Mkd2Bthf)
DRV:[b]64bit:[/b] - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011/06/15 10:30:46 | 000,093,240 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:[b]64bit:[/b] - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/11/20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010/11/20 12:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:[b]64bit:[/b] - [2010/08/25 20:36:04 | 010,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2010/07/23 09:45:28 | 000,119,680 | ---- | M] (TCT International Mobile Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jrdusbser.sys -- (jrdusbser)
DRV:[b]64bit:[/b] - [2010/06/25 16:08:10 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot)
DRV:[b]64bit:[/b] - [2009/11/02 18:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:[b]64bit:[/b] - [2009/10/05 17:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2009/08/04 13:04:28 | 000,116,864 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:[b]64bit:[/b] - [2009/08/04 13:04:28 | 000,116,224 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbfake.sys -- (hwusbfake)
DRV:[b]64bit:[/b] - [2009/07/20 11:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:[b]64bit:[/b] - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (1394hub)
DRV:[b]64bit:[/b] - [2009/07/14 02:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:[b]64bit:[/b] - [2009/07/14 02:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:[b]64bit:[/b] - [2009/07/14 02:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:[b]64bit:[/b] - [2009/07/14 02:09:10 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\loop.sys -- (msloop)
DRV:[b]64bit:[/b] - [2009/07/14 02:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc)
DRV:[b]64bit:[/b] - [2009/07/09 10:11:31 | 001,222,144 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:[b]64bit:[/b] - [2009/06/18 22:18:10 | 000,015,928 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\lullaby.sys -- (lullaby)
DRV:[b]64bit:[/b] - [2009/06/12 05:41:55 | 000,112,128 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:[b]64bit:[/b] - [2009/06/10 22:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:[b]64bit:[/b] - [2009/06/10 22:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:[b]64bit:[/b] - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009/06/09 06:38:23 | 000,055,296 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E)
DRV:[b]64bit:[/b] - [2009/06/05 12:15:55 | 001,806,400 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC)
DRV:[b]64bit:[/b] - [2009/06/04 12:54:35 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2009/05/26 15:32:37 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:[b]64bit:[/b] - [2009/05/13 03:07:19 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:[b]64bit:[/b] - [2009/03/18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:[b]64bit:[/b] - [2008/12/08 18:35:52 | 000,061,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:[b]64bit:[/b] - [2008/05/24 03:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:[b]64bit:[/b] - [2007/07/24 21:11:32 | 000,014,904 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008/10/17 11:00:00 | 000,106,040 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\Mkd2Nadr.sys -- (Mkd2Nadr)
DRV - [2005/01/03 17:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid=ST9500325AS_S2W2DW9EXXXXS2W2DW9E&ts=1374499797
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid=ST9500325AS_S2W2DW9EXXXXS2W2DW9E&ts=1374499797
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.qvo6.com/web/?utm_source=b&utm_medium=ild&from=ild&uid=ST9500325AS_S2W2DW9EXXXXS2W2DW9E&ts=1374499797
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid=ST9500325AS_S2W2DW9EXXXXS2W2DW9E&ts=1374499797
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid=ST9500325AS_S2W2DW9EXXXXS2W2DW9E&ts=1374499797
IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.qvo6.com/web/?utm_source=b&utm_medium=ild&from=ild&uid=ST9500325AS_S2W2DW9EXXXXS2W2DW9E&ts=1374499797


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2465420228-375340488-1497802240-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid=ST9500325AS_S2W2DW9EXXXXS2W2DW9E&ts=1374499797
IE - HKU\S-1-5-21-2465420228-375340488-1497802240-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid=ST9500325AS_S2W2DW9EXXXXS2W2DW9E&ts=1374499797
IE - HKU\S-1-5-21-2465420228-375340488-1497802240-1000\..\URLSearchHook: {1c68c940-1b2f-46eb-bd8c-2e1612ff6a58} - No CLSID value found
IE - HKU\S-1-5-21-2465420228-375340488-1497802240-1000\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKU\S-1-5-21-2465420228-375340488-1497802240-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-2465420228-375340488-1497802240-1000\..\SearchScopes\{25477387-2310-45df-933D-E9416D3D0303}: "URL" = http://eis.esnips.com/page/search_provider/?client_uuid=bda82ac0-85c3-4b48-b0d2-41fde8d1391d&q={searchTerms}
IE - HKU\S-1-5-21-2465420228-375340488-1497802240-1000\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.qvo6.com/web/?utm_source=b&utm_medium=ild&from=ild&uid=ST9500325AS_S2W2DW9EXXXXS2W2DW9E&ts=1374499797
IE - HKU\S-1-5-21-2465420228-375340488-1497802240-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..extensions.enabledItems: fdm_ffext@freedownloadmanager.org:1.5.7.4
FF - prefs.js..extensions.enabledItems: IplextoALL@ALLPlayer.org:0.1.0
FF - prefs.js..extensions.enabledItems: {1c68c940-1b2f-46eb-bd8c-2e1612ff6a58}:10.10.27.6
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..browser.startup.homepage: "http://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid=ST9500325AS_S2W2DW9EXXXXS2W2DW9E&ts=1374499797"
FF - prefs.js..browser.search.defaultenginename: "qvo6"
FF - prefs.js..browser.search.order.1: "qvo6"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.search.selectedEngine: "qvo6"
FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@ahnlab.com/asp/npaosmgr.1: C:\Program Files (x86)\AhnLab\ASP\Components\aosmgr\conflict_469\npaosmgr.dll (AhnLab, Inc.)
FF - HKLM\Software\MozillaPlugins\@ahnlab.com/asp/npmkd25aos: C:\Program Files (x86)\AhnLab\ASP\MyKeyDefense 2.5\npmkd25aos.dll (AhnLab, Inc.)
FF - HKLM\Software\MozillaPlugins\@ahnlab.com/asp/npmkd25sp: C:\Program Files (x86)\AhnLab\ASP\MyKeyDefense 2.5\npmkd25sp.dll (AhnLab, Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.com/NxGame: C:\ProgramData\Nexon\NGM\npNxGame.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@ahnlab.com/asp/npmkd25aos: C:\Program Files (x86)\AhnLab\ASP\MyKeyDefense 2.5\npmkd25aos.dll (AhnLab, Inc.)
FF - HKCU\Software\MozillaPlugins\@ahnlab.com/asp/npmkd25sp: C:\Program Files (x86)\AhnLab\ASP\MyKeyDefense 2.5\npmkd25sp.dll (AhnLab, Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Box\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Box\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Box\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/07/22 15:29:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/07/22 15:29:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

[2010/08/03 17:07:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Box\AppData\Roaming\mozilla\Extensions
[2013/07/22 15:29:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Box\AppData\Roaming\mozilla\Firefox\Profiles\o37cpy9r.default\extensions
[2012/09/12 15:22:49 | 000,000,000 | ---D | M] (Miniclip) -- C:\Users\Box\AppData\Roaming\mozilla\Firefox\Profiles\o37cpy9r.default\extensions\{1c68c940-1b2f-46eb-bd8c-2e1612ff6a58}
[2012/08/19 22:42:26 | 000,000,000 | ---D | M] (Iplex to ALLPlayer) -- C:\Users\Box\AppData\Roaming\mozilla\Firefox\Profiles\o37cpy9r.default\extensions\IplextoALL@ALLPlayer.org
[2013/06/26 19:40:28 | 000,228,503 | ---- | M] () (No name found) -- C:\Users\Box\AppData\Roaming\mozilla\firefox\profiles\o37cpy9r.default\extensions\ftd@ftd.com.xpi
[2011/11/01 22:09:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/12/13 13:22:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/21 01:07:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/02/16 21:39:17 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/08/24 18:55:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011/11/01 22:09:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2012/06/28 17:42:00 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2013/07/22 15:29:37 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2013/07/22 15:29:37 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2013/07/22 15:29:37 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2013/07/22 15:29:37 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2013/07/22 15:29:58 | 000,000,735 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\qvo6.xml
[2013/07/22 15:29:37 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2013/07/22 15:29:37 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml

[color=#E56717]========== Chrome  ==========[/color]

CHR - default_search_provider: qvo6 (Enabled)
CHR - default_search_provider: search_url = http://search.qvo6.com/web/?utm_source=b&utm_medium=ild&from=ild&uid=ST9500325AS_S2W2DW9EXXXXS2W2DW9E&ts=1374499797&type=default&q={searchTerms}
CHR - default_search_provider: suggest_url = ,
CHR - homepage: http://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid=ST9500325AS_S2W2DW9EXXXXS2W2DW9E&ts=1374499797
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Box\AppData\Local\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Box\AppData\Local\Google\Chrome\Application\28.0.1500.72\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Box\AppData\Local\Google\Chrome\Application\28.0.1500.72\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: AhnLab Online Security (Enabled) = C:\Program Files (x86)\AhnLab\ASP\Components\aosmgr\conflict_221\npaosmgr.dll
CHR - plugin: AhnLab MyKeyDefense 2.5 (Enabled) = C:\Program Files (x86)\AhnLab\ASP\MyKeyDefense 2.5\npmkd25aos.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Box\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Box\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: Angry Birds = C:\Users\Box\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Dysk Google = C:\Users\Box\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Box\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Pool = C:\Users\Box\AppData\Local\Google\Chrome\User Data\Default\Extensions\cedbddnnmhgnedpamoenmdkhnpnfbpjb\1.0.4_0\
CHR - Extension: Szukaj w Google = C:\Users\Box\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Ratchet & Clank Future 2 = C:\Users\Box\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejhfomhehcinmhgnlhdpghklkjgppdmn\3_0\
CHR - Extension: Pulse = C:\Users\Box\AppData\Local\Google\Chrome\User Data\Default\Extensions\iehllpiamddoghfbfbgmajdcifkpjopm\1.2.3_0\
CHR - Extension: Urban Rivals = C:\Users\Box\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhaipmgfdihnlnbagikdpijhkifeonbi\1.0.2_0\
CHR - Extension: Gmail = C:\Users\Box\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: RSS Feed Reader = C:\Users\Box\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp\5.2.0_0\

O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Free Download Manager) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files (x86)\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKU\S-1-5-21-2465420228-375340488-1497802240-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:[b]64bit:[/b] - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:[b]64bit:[/b] - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8:[b]64bit:[/b] - Extra context menu item: Pobierz plik wideo w FDM - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O8:[b]64bit:[/b] - Extra context menu item: Pobierz w FDM - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8:[b]64bit:[/b] - Extra context menu item: Pobierz wszystkie pliki w FDM - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8:[b]64bit:[/b] - Extra context menu item: Pobierz zaznaczone pliki w FDM - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8:[b]64bit:[/b] - Extra context menu item: 使用快车3下载 - C:\Users\Box\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8:[b]64bit:[/b] - Extra context menu item: 使用快车3下载全部链接 - C:\Users\Box\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Pobierz plik wideo w FDM - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Pobierz w FDM - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Pobierz wszystkie pliki w FDM - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Pobierz zaznaczone pliki w FDM - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: 使用快车3下载 - C:\Users\Box\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: 使用快车3下载全部链接 - C:\Users\Box\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O9 - Extra Button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files (x86)\PokerStars.EU\PokerStarsUpdate.exe (PokerStars)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:[b]64bit:[/b] - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.15.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.60 62.179.1.61
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2B466487-FFF9-467A-AB69-7A0E79CF7BD8}: DhcpNameServer = 62.179.1.60 62.179.1.61
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F2DA9F33-8344-4633-A248-0BD554A5634B}: DhcpNameServer = 62.179.1.60 62.179.1.61
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{05b09eab-d1cd-11e0-a99a-bf01b810e7c2}\Shell - "" = AutoRun
O33 - MountPoints2\{05b09eab-d1cd-11e0-a99a-bf01b810e7c2}\Shell\AutoRun\command - "" = G:\MicroLauncher.exe
O33 - MountPoints2\{08c7b8a7-b4c2-11e0-a97f-a6dad2ae30c1}\Shell - "" = AutoRun
O33 - MountPoints2\{08c7b8a7-b4c2-11e0-a97f-a6dad2ae30c1}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{08c7bbf0-b4c2-11e0-a97f-a6dad2ae30c1}\Shell - "" = AutoRun
O33 - MountPoints2\{08c7bbf0-b4c2-11e0-a97f-a6dad2ae30c1}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{14487c31-15ab-11e0-8f32-90e6ba9e3968}\Shell - "" = AutoRun
O33 - MountPoints2\{14487c31-15ab-11e0-8f32-90e6ba9e3968}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{2306ae1d-cbc9-11e1-ae9f-90e6ba9e3968}\Shell - "" = AutoRun
O33 - MountPoints2\{2306ae1d-cbc9-11e1-ae9f-90e6ba9e3968}\Shell\AutoRun\command - "" = F:\autorun.exe
O33 - MountPoints2\{2a35be8c-d9e8-11e0-a938-85268849fbc3}\Shell - "" = AutoRun
O33 - MountPoints2\{2a35be8c-d9e8-11e0-a938-85268849fbc3}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{2a35bea0-d9e8-11e0-a938-85268849fbc3}\Shell - "" = AutoRun
O33 - MountPoints2\{2a35bea0-d9e8-11e0-a938-85268849fbc3}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{2cf7cf80-845b-11df-938a-8b87912d1060}\Shell - "" = AutoRun
O33 - MountPoints2\{2cf7cf80-845b-11df-938a-8b87912d1060}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{319daaf2-e738-11df-a7cf-90e6ba9e3968}\Shell - "" = AutoRun
O33 - MountPoints2\{319daaf2-e738-11df-a7cf-90e6ba9e3968}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{3a321054-5fb9-11e2-87fc-90e6ba9e3968}\Shell - "" = AutoRun
O33 - MountPoints2\{3a321054-5fb9-11e2-87fc-90e6ba9e3968}\Shell\AutoRun\command - "" = F:\MicroLauncher.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2013/07/22 15:29:51 | 000,000,000 | ---D | C] -- C:\Users\Box\AppData\Roaming\eIntaller
[2013/07/22 15:29:31 | 000,000,000 | ---D | C] -- C:\Users\Box\AppData\Local\Cool_Mirage
[2013/07/22 15:29:03 | 000,000,000 | ---D | C] -- C:\Users\Box\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTDownloader.com
[2013/07/13 03:00:16 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2013/07/11 03:32:33 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/07/11 03:32:32 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/07/11 03:32:28 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/07/11 03:32:28 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/07/11 03:32:28 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/07/11 03:32:28 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/07/11 03:32:28 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/07/11 03:32:28 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/07/11 03:32:28 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/07/11 03:32:28 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/07/11 03:32:28 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/07/11 03:32:23 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/07/11 03:32:22 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/07/11 03:32:22 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/07/11 03:32:20 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/07/10 14:18:36 | 001,887,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2013/07/10 14:18:36 | 001,620,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2013/07/10 14:18:36 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2013/07/10 14:18:36 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2013/07/10 14:18:11 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013/07/07 14:58:32 | 000,000,000 | ---D | C] -- C:\Users\Box\Desktop\ZJAZD
[2013/07/06 18:10:24 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\AI_RecycleBin
[2013/07/06 18:10:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
[2013/07/06 18:09:27 | 000,000,000 | ---D | C] -- C:\Users\Box\AppData\Roaming\Riot Games
[2013/07/02 17:42:10 | 000,000,000 | ---D | C] -- C:\Users\Box\AppData\Local\SplitMediaLabs
[2013/07/02 17:41:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
[2013/07/02 17:41:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SplitMediaLabs
[2013/07/02 17:40:16 | 000,000,000 | ---D | C] -- C:\Users\Box\AppData\Roaming\SplitMediaLabs
[2013/07/02 09:48:14 | 000,000,000 | ---D | C] -- C:\Users\Box\Desktop\root
[2011/01/05 18:53:24 | 007,623,968 | ---- | C] (SuperTux Development Team                                   ) -- C:\Users\Box\supertux-0.1.3-setup.exe
[2008/08/12 07:45:20 | 000,155,648 | ---- | C] (ASUS) -- C:\Program Files (x86)\Common Files\MSIactionall.dll
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Users\Box\Documents\*.tmp files -> C:\Users\Box\Documents\*.tmp -> ]
[1 C:\Users\Box\AppData\Local\*.tmp files -> C:\Users\Box\AppData\Local\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2013/07/24 00:21:26 | 002,009,842 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/07/24 00:21:26 | 000,862,282 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2013/07/24 00:21:26 | 000,767,422 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/07/24 00:21:26 | 000,205,412 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2013/07/24 00:21:26 | 000,170,218 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/07/23 23:50:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/07/23 23:48:00 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2465420228-375340488-1497802240-1000UA.job
[2013/07/23 23:45:00 | 000,001,042 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/07/23 20:23:39 | 000,000,211 | ---- | M] () -- C:\Users\Public\Desktop\MapleStory.url
[2013/07/23 12:55:30 | 000,001,038 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/07/23 05:48:00 | 000,000,998 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2465420228-375340488-1497802240-1000Core.job
[2013/07/23 03:56:21 | 000,010,560 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/07/23 03:56:21 | 000,010,560 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/07/23 03:47:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/07/23 03:47:27 | 3193,765,888 | -HS- | M] () -- C:\hiberfil.sys
[2013/07/23 02:00:59 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2013/07/23 01:58:38 | 000,000,000 | ---- | M] () -- C:\Users\Box\defogger_reenable
[2013/07/21 22:55:39 | 000,029,566 | ---- | M] () -- C:\Users\Box\.recently-used.xbel
[2013/07/19 14:15:19 | 000,922,255 | ---- | M] () -- C:\Users\Box\Desktop\puszka.jpg
[2013/07/12 23:30:06 | 000,071,651 | ---- | M] () -- C:\Users\Box\Desktop\nwsp.png
[2013/07/12 15:38:30 | 000,771,905 | ---- | M] () -- C:\Users\Box\Desktop\potwor.jpg
[2013/07/11 22:51:26 | 000,016,800 | ---- | M] () -- C:\Users\Box\Desktop\kuponyAdminZ0R_B0X.php
[2013/07/11 14:29:24 | 000,003,279 | ---- | M] () -- C:\Users\Box\Desktop\kokoko.png
[2013/07/11 13:58:49 | 000,015,350 | ---- | M] () -- C:\Users\Box\Desktop\wyswietlkupony.php
[2013/07/11 09:19:56 | 000,500,824 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/07/10 18:34:54 | 000,002,823 | ---- | M] () -- C:\Users\Box\Desktop\kupony.htm
[2013/07/10 16:25:07 | 000,017,648 | ---- | M] () -- C:\Users\Box\Desktop\stylesheet.css
[2013/07/10 16:21:50 | 000,000,807 | ---- | M] () -- C:\Users\Box\Desktop\kupony.html
[2013/07/10 16:14:14 | 000,345,129 | ---- | M] () -- C:\Users\Box\Desktop\1013550_10153003128520612_1827578271_n.jpg
[2013/07/09 12:37:28 | 000,315,224 | ---- | M] () -- C:\Users\Box\Desktop\cv_Bartosz_Maciej_Talma.pdf
[2013/07/07 15:40:27 | 000,270,864 | ---- | M] () -- C:\Users\Box\Desktop\winstrwak.png
[2013/07/06 18:10:22 | 000,001,503 | ---- | M] () -- C:\Users\Public\Desktop\Play League of Legends.lnk
[2013/07/06 17:16:56 | 000,053,526 | ---- | M] () -- C:\Users\Box\Desktop\3Xnie.PNG
[2013/07/04 22:43:16 | 000,003,772 | ---- | M] () -- C:\Users\Box\Desktop\points.php
[2013/07/04 17:35:09 | 000,003,948 | ---- | M] () -- C:\Users\Box\Desktop\kupony.php
[2013/07/04 01:10:22 | 000,180,072 | ---- | M] () -- C:\Users\Box\Documents\oswiadczenie.pdf
[2013/07/02 18:01:12 | 000,533,483 | ---- | M] ( ) -- C:\Users\Box\Desktop\Program Losujacy.exe
[2013/07/02 17:40:42 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/07/02 17:40:42 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/07/02 11:12:25 | 000,144,241 | ---- | M] () -- C:\Users\Box\Desktop\MapleStory_Resistance_DemonAvenger_zps7135de41.png
[2013/06/30 16:55:54 | 000,806,535 | ---- | M] () -- C:\Users\Box\Desktop\IMAG0553.jpg
[2013/06/30 16:29:26 | 000,830,707 | ---- | M] () -- C:\Users\Box\Desktop\IMAG0552.jpg
[2013/06/30 16:19:48 | 000,892,534 | ---- | M] () -- C:\Users\Box\Desktop\IMAG0551.jpg
[2013/06/30 14:27:17 | 000,000,469 | ---- | M] () -- C:\Users\Box\Desktop\usluga.html
[2013/06/28 22:36:46 | 000,821,621 | ---- | M] () -- C:\Users\Box\Desktop\jaD.jpg
[2013/06/28 22:23:40 | 000,735,061 | ---- | M] () -- C:\Users\Box\Desktop\IMAG0543.jpg
[2013/06/28 11:10:05 | 000,014,349 | ---- | M] () -- C:\Users\Box\Desktop\untitled.jpg
[2013/06/27 03:08:39 | 001,985,980 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Users\Box\Documents\*.tmp files -> C:\Users\Box\Documents\*.tmp -> ]
[1 C:\Users\Box\AppData\Local\*.tmp files -> C:\Users\Box\AppData\Local\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2013/07/23 20:23:39 | 000,000,211 | ---- | C] () -- C:\Users\Public\Desktop\MapleStory.url
[2013/07/23 01:58:38 | 000,000,000 | ---- | C] () -- C:\Users\Box\defogger_reenable
[2013/07/21 22:55:39 | 000,029,566 | ---- | C] () -- C:\Users\Box\.recently-used.xbel
[2013/07/19 14:15:24 | 000,922,255 | ---- | C] () -- C:\Users\Box\Desktop\puszka.jpg
[2013/07/12 23:30:05 | 000,071,651 | ---- | C] () -- C:\Users\Box\Desktop\nwsp.png
[2013/07/12 15:38:29 | 000,771,905 | ---- | C] () -- C:\Users\Box\Desktop\potwor.jpg
[2013/07/11 14:29:24 | 000,003,279 | ---- | C] () -- C:\Users\Box\Desktop\kokoko.png
[2013/07/11 14:09:32 | 000,016,800 | ---- | C] () -- C:\Users\Box\Desktop\kuponyAdminZ0R_B0X.php
[2013/07/10 16:25:06 | 000,017,648 | ---- | C] () -- C:\Users\Box\Desktop\stylesheet.css
[2013/07/09 12:37:27 | 000,315,224 | ---- | C] () -- C:\Users\Box\Desktop\cv_Bartosz_Maciej_Talma.pdf
[2013/07/09 11:19:21 | 000,345,129 | ---- | C] () -- C:\Users\Box\Desktop\1013550_10153003128520612_1827578271_n.jpg
[2013/07/07 15:40:27 | 000,270,864 | ---- | C] () -- C:\Users\Box\Desktop\winstrwak.png
[2013/07/06 18:10:22 | 000,001,503 | ---- | C] () -- C:\Users\Public\Desktop\Play League of Legends.lnk
[2013/07/06 17:16:56 | 000,053,526 | ---- | C] () -- C:\Users\Box\Desktop\3Xnie.PNG
[2013/07/04 22:43:16 | 000,003,772 | ---- | C] () -- C:\Users\Box\Desktop\points.php
[2013/07/04 22:42:28 | 000,000,807 | ---- | C] () -- C:\Users\Box\Desktop\kupony.html
[2013/07/04 18:53:47 | 000,015,350 | ---- | C] () -- C:\Users\Box\Desktop\wyswietlkupony.php
[2013/07/04 18:51:05 | 000,002,823 | ---- | C] () -- C:\Users\Box\Desktop\kupony.htm
[2013/07/04 15:40:07 | 000,003,948 | ---- | C] () -- C:\Users\Box\Desktop\kupony.php
[2013/07/04 01:10:20 | 000,180,072 | ---- | C] () -- C:\Users\Box\Documents\oswiadczenie.pdf
[2013/07/02 18:01:12 | 000,533,483 | ---- | C] ( ) -- C:\Users\Box\Desktop\Program Losujacy.exe
[2013/07/02 11:12:25 | 000,144,241 | ---- | C] () -- C:\Users\Box\Desktop\MapleStory_Resistance_DemonAvenger_zps7135de41.png
[2013/06/30 16:58:00 | 000,806,535 | ---- | C] () -- C:\Users\Box\Desktop\IMAG0553.jpg
[2013/06/30 16:30:26 | 000,830,707 | ---- | C] () -- C:\Users\Box\Desktop\IMAG0552.jpg
[2013/06/30 16:23:14 | 000,892,534 | ---- | C] () -- C:\Users\Box\Desktop\IMAG0551.jpg
[2013/06/30 14:25:23 | 000,000,469 | ---- | C] () -- C:\Users\Box\Desktop\usluga.html
[2013/06/28 22:46:23 | 000,735,061 | ---- | C] () -- C:\Users\Box\Desktop\IMAG0543.jpg
[2013/06/28 22:41:19 | 000,821,621 | ---- | C] () -- C:\Users\Box\Desktop\jaD.jpg
[2013/06/28 11:10:05 | 000,014,349 | ---- | C] () -- C:\Users\Box\Desktop\untitled.jpg
[2013/04/12 16:03:27 | 000,389,646 | ---- | C] () -- C:\Users\Box\walkiklas.xcf
[2012/08/19 22:42:27 | 000,644,608 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012/08/19 22:42:27 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll
[2012/05/03 04:54:46 | 000,042,392 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2011/08/08 22:45:34 | 000,000,092 | ---- | C] () -- C:\Windows\mp3wavcon.ini
[2011/08/08 22:43:51 | 000,000,005 | ---- | C] () -- C:\Windows\SysWow64\SySmp3con.dat
[2011/08/08 22:43:41 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2011/02/16 16:14:47 | 000,007,646 | ---- | C] () -- C:\Users\Box\AppData\Local\Resmon.ResmonCfg
[2011/01/06 00:36:37 | 207,101,828 | ---- | C] () -- C:\Users\Box\flstudio_9.1_online.exe
[2010/10/14 12:57:49 | 003,627,901 | ---- | C] () -- C:\Users\Box\KOCHAMM.JPG
[2010/10/10 23:16:14 | 000,134,584 | ---- | C] () -- C:\Users\Box\2sacriu.jpg
[2010/10/10 11:03:51 | 000,039,045 | ---- | C] () -- C:\Users\Box\tosty.gif
[2010/10/01 23:40:43 | 000,008,704 | ---- | C] () -- C:\Users\Box\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/03 23:19:28 | 000,000,036 | ---- | C] () -- C:\Users\Box\BUZZER.m3u
[2010/07/29 01:20:21 | 000,000,091 | ---- | C] () -- C:\Users\Box\AppData\Local\fusioncache.dat
[2009/11/03 04:52:26 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2009/09/09 00:01:33 | 000,000,000 | ---- | C] () -- C:\Users\Box\AppData\Local\{74C6757F-8498-4866-8504-C25DDD8BA815}
[2009/04/08 20:31:56 | 000,106,496 | ---- | C] () -- C:\Program Files (x86)\Common Files\CPInstallAction.dll
[2008/05/22 18:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files (x86)\Common Files\banner.jpg

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== LOP Check ==========[/color]

[2013/07/23 01:51:29 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\.minecraft
[2013/03/20 17:21:04 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\Arduino
[2010/10/21 23:09:51 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\Astroburn Lite
[2010/01/18 20:36:28 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\Asus WebStorage
[2011/09/18 18:08:00 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\Automatyczny Terminarz
[2011/06/08 21:21:37 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\BITS
[2010/07/05 18:58:37 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\blueconnect
[2013/06/11 13:28:28 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\Canon
[2010/09/12 16:03:18 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\Clickteam
[2012/10/07 16:48:28 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\CorsixTH
[2010/10/20 20:12:30 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\DAEMON Tools Lite
[2010/09/29 12:54:52 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\Dev-Cpp
[2012/05/22 22:55:35 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\DroidExplorer
[2012/02/09 19:04:41 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\e-academy Inc
[2010/06/02 18:42:38 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\EeeStorageUploader
[2013/07/22 15:29:51 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\eIntaller
[2011/01/20 03:06:22 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\ESET
[2011/04/25 11:54:47 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\EurekaLog
[2011/06/08 21:16:16 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\FlashGet
[2011/06/08 21:16:13 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\FlashGetBHO
[2013/07/24 00:18:15 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\Free Download Manager
[2011/08/27 13:20:12 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\fretsonfire
[2011/01/04 21:57:24 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\gamigo
[2010/12/22 23:43:20 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\GetRightToGo
[2011/03/28 22:09:14 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\GHISLER
[2013/07/21 22:55:39 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\gtk-2.0
[2012/05/22 22:01:49 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\HTC
[2012/05/22 22:02:46 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2010/11/17 02:13:44 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\Inkscape
[2011/02/10 16:34:25 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\ipla
[2013/02/13 13:53:33 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\JCreator
[2011/01/04 21:36:52 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\launcher
[2010/10/29 12:35:14 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\Logia
[2011/08/15 04:03:07 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\LolClient
[2011/01/04 21:36:52 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\Martial Empires Luancher OBT
[2010/06/17 23:33:39 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\maxup
[2011/09/16 17:32:09 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\Notepad++
[2010/10/25 23:46:01 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\OpenOffice.org
[2010/01/19 00:32:28 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\Opera
[2011/09/17 15:22:03 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\Orbit
[2011/06/08 21:33:39 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\ProgSense
[2010/07/29 01:32:22 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\Publish Providers
[2013/07/06 18:10:30 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\Riot Games
[2011/11/08 16:20:35 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\Scribus
[2010/07/29 01:32:23 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\Sony
[2013/07/02 17:40:16 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\SplitMediaLabs
[2011/12/07 15:41:08 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\Stardock
[2010/08/17 02:04:56 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\Synthesia
[2011/05/06 19:51:44 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\SynthMaker
[2010/06/02 18:42:30 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\temp
[2011/07/22 00:52:30 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\Thunderbird
[2012/01/08 04:00:40 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\Tibia
[2010/10/13 00:02:17 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\treasurechest
[2012/06/28 12:06:48 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\TS3Client
[2012/06/28 12:18:00 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\ts3overlay
[2011/11/13 13:42:13 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\Unity
[2013/07/23 01:58:28 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\uTorrent
[2010/11/05 21:14:56 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\Wypas

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:05EE1EEF

< End of report >


Extras.txt
Kod: Zaznacz wszystko
OTL Extras logfile created on: 7/24/2013 12:16:37 AM - Run 4
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Downloads\Software
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000409 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3.97 Gb Total Physical Memory | 1.96 Gb Available Physical Memory | 49.48% Memory free
7.93 Gb Paging File | 5.45 Gb Available in Paging File | 68.73% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116.44 Gb Total Space | 9.28 Gb Free Space | 7.97% Space Free | Partition Type: NTFS
Drive D: | 334.67 Gb Total Space | 162.11 Gb Free Space | 48.44% Space Free | Partition Type: NTFS

Computer Name: BOX-KOMPUTER | User Name: Box | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3
"C:\Program Files (x86)\OrangeBS\BEWInternet-PL-IEW\Connectivity\ConnectivityManager.exe" = C:\Program Files (x86)\OrangeBS\BEWInternet-PL-IEW\Connectivity\ConnectivityManager.exe:*:enabled:CSS -- (France Telecom SA)
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3
"C:\Program Files (x86)\OrangeBS\BEWInternet-PL-IEW\Connectivity\ConnectivityManager.exe" = C:\Program Files (x86)\OrangeBS\BEWInternet-PL-IEW\Connectivity\ConnectivityManager.exe:*:enabled:CSS -- (France Telecom SA)


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{087FADDF-152B-4F15-91E1-38A6954AC21C}" = rport=137 | protocol=17 | dir=out | app=system |
"{09F03BA6-487C-4AFF-90FB-8B3DBE2B7F2F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{12FCE80A-EB0B-4B09-9A06-79E79A7718A6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1B5450AC-942C-4E28-A504-C979B3E76667}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{25609E9E-C39F-4795-B255-2457D4BE9595}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2F6C84DA-3793-41D1-AE32-B38956940B9D}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{42888788-3C17-4189-BD9C-03B10C04D302}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4772891F-3AA0-4D6C-B17B-9F8A9FA4CD15}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4E16F43F-04F4-43F7-A9C7-383800CB12BE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5650B9F1-FD08-45DF-B268-C9B372AA74D8}" = lport=138 | protocol=17 | dir=in | app=system |
"{616FB82F-6C81-4215-A7B9-A07D029F476C}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{6183D845-FD39-49A8-8FF5-849C9D54FA9E}" = rport=139 | protocol=6 | dir=out | app=system |
"{66B88FDB-A2F1-4B84-AA70-30E6494D878A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{795BA23D-6FC0-4C49-82FE-9772C87A45EF}" = rport=138 | protocol=17 | dir=out | app=system |
"{839B66F6-3EA6-477A-A76D-E309689B5D5D}" = rport=445 | protocol=6 | dir=out | app=system |
"{8D75A4F3-BF6C-47AE-941C-A2B062C4579B}" = lport=445 | protocol=6 | dir=in | app=system |
"{970AA011-F1C3-42D3-A0A3-5CCCC5D7B1FC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A2601739-1E44-495F-95AA-948E00411781}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{A35103F7-943D-4ECA-A00C-1E2B10509993}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{B03D1A0D-B7FE-4613-9A60-0F61748455CE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B143DC5A-3A6F-4D17-8BEC-383A9EFD045C}" = rport=10243 | protocol=6 | dir=out | app=system |
"{B22BC348-65A0-49CC-B1DF-C38EFFB586CF}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B7491854-79CC-4579-8DFC-C4F73E890F2B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C2FCF247-82E1-4D16-9F4B-CF2EE42527B3}" = lport=137 | protocol=17 | dir=in | app=system |
"{C492DF84-5171-4221-94E0-6AA121B46FB7}" = lport=139 | protocol=6 | dir=in | app=system |
"{E8CFC392-4BE6-4A27-A3ED-3AA1C788286D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FD966859-2A1B-4467-8720-9FD75D89E45E}" = lport=10243 | protocol=6 | dir=in | app=system |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0027DF22-F1A5-487F-906C-AE2131FA30E3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{00B01361-A629-4317-9344-04A63127AF2D}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{00CD22EE-59AA-468F-8455-7C6E52C4CDD7}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe |
"{038C962E-90F9-43B2-807F-3EEF23EAEC69}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{0B95C3B4-9F51-4E5E-BEF6-8DC7F0F6F49E}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{0CB04DCC-9EBF-47C7-9D10-E95E5385551C}" = protocol=17 | dir=in | app=d:\cherrydegames\dragon nest\dragonnest.exe |
"{1036B78D-3B9A-4ABA-B12F-CD4AB00E4585}" = protocol=17 | dir=in | app=c:\users\box\desktop\terraria\terraria 1.03\terraria 1.03\terrariaserver.exe |
"{14FCD611-3DE3-46CC-87FC-6331430E1A56}" = protocol=17 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{1A3D4DDA-3E42-4559-81C4-C0761C93DA18}" = protocol=6 | dir=in | app=c:\users\box\appdata\roaming\dropbox\bin\dropbox.exe |
"{24C8C277-EB9E-4606-90E2-C7B7DBEB274E}" = protocol=17 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{24DCAF08-37B2-4F7E-A1FC-6E05B124467F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{27758E9F-476E-4CF1-80AB-FD4F88BE83F6}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{2E0C73C5-BC4B-4F81-9FD1-C71F37DC9773}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2ECB6511-85F0-4E81-A56B-E8581D66F54E}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{2FF987DE-B043-4C46-AA70-EA98DE298B43}" = protocol=17 | dir=in | app=d:\world of warcraft\launcher.patch.exe |
"{3727A394-5AD9-4ABD-B8B5-7A99AB3CB830}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{38172892-9B78-4501-A3D3-9AD50219AAFD}" = protocol=17 | dir=in | app=c:\users\box\downloads\terraria 1.0.6\terraria 1.0.6\terrariaserver.exe |
"{3B73BC95-1DEB-48CA-ACBA-F3807196F740}" = protocol=17 | dir=in | app=c:\users\box\genki\utorrent.exe |
"{3D08B32F-B697-47E3-99B7-8DA172BEC18B}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{3D2B9E71-3790-46F0-8458-3DEA289E2FAA}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{3D4AC84D-1128-4FAF-8D3E-E78ECE0FB9D8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{419BA4EF-DC06-4418-8DF6-327FC63C1162}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"{42BE9111-D1B9-4F1D-AD0F-3FD08AC29856}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{4488798F-89CB-40CA-8947-B1648FF61CCE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4B9CA472-9ECE-4C01-958D-9820A5448183}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{4ED6D557-4D8C-4A46-B965-62C1184DA6FD}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{51AABEAB-4E8C-41B7-AE74-163546E9838C}" = protocol=6 | dir=in | app=c:\cherrydegames\dragon nest\dragonnest.exe |
"{533837A4-1222-4582-B826-0126585AF200}" = protocol=6 | dir=in | app=d:\sacred\system\sacred2.exe |
"{534224A0-C23F-46F8-8C50-1ABA49BAB5C8}" = protocol=17 | dir=in | app=c:\cherrydegames\dragon nest\dragonnest.exe |
"{5AD5E69A-F14A-45D3-87DE-296D7700D52C}" = protocol=6 | dir=in | app=d:\sacred\system\s2gs.exe |
"{5AE73705-202B-43FA-B8D1-89CC4E68C066}" = protocol=6 | dir=in | app=c:\users\box\desktop\terraria\terraria 1.03\terraria 1.03\terrariaserver.exe |
"{5B46C894-4120-4D75-A053-DDD2793DEB98}" = protocol=6 | dir=in | app=c:\users\box\genki\utorrent.exe |
"{609EB720-66E9-4CAF-B8D3-1C5372313A5A}" = protocol=17 | dir=in | app=c:\program files (x86)\webserv\apache2\bin\webserv(apache).exe |
"{60BBA502-4161-405E-A600-FBAE841BD14F}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{625A5694-5A18-4198-A185-A094F59CE9CE}" = protocol=6 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{63630489-9FFC-41A7-A660-D9C79B97729D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{65283C93-5CFE-4530-9EC7-77E2A22B8EDD}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{674BC99E-8F9F-4158-9E33-62DD24F56477}" = protocol=6 | dir=in | app=c:\program files (x86)\webserv\apache2\bin\webserv(apache).exe |
"{68C90C96-521E-4421-BBCF-50132C8CBDF7}" = protocol=17 | dir=in | app=c:\programdata\nexon\ngm\ngm.exe |
"{698159C6-4A41-4B3B-9167-7FE420458D04}" = protocol=17 | dir=in | app=c:\users\box\desktop\muzyka\download\eo_2_0_0\server\server.exe |
"{6C2FBA85-7543-4812-B8B7-992EE2D3A623}" = protocol=17 | dir=in | app=c:\users\box\desktop\aurasea.exe |
"{6E46237B-68BF-4809-A3B4-0A68F8485304}" = protocol=17 | dir=in | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe |
"{71C9BEF9-C8F9-4D29-AFF7-8AEB562D864F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{73BCF5A8-A68E-42D2-A769-3C16B454D464}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{74DA5C04-A756-4A9E-9CFB-83579E3FE4E9}" = protocol=6 | dir=in | app=c:\program files (x86)\flashget network\flashget 3\flashget3.exe |
"{766486FC-0929-4173-86A1-22915584C38E}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{776E645A-5970-4FC5-9F4F-263B4BC9C57F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{7F2B4FEB-548D-4AFB-BFF6-EC16D883DB9F}" = protocol=6 | dir=in | app=d:\cherrydegames\dragon nest\dragonnest.exe |
"{86013274-BA2E-455C-961B-46474D6A4834}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{86D3E58C-777E-4BC6-BE4F-DC0DD519DBB4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{87C5099F-5648-4BD0-B541-B5F0521E6F7A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{89DCF208-24FF-4DEC-80E3-87DBCE3840A5}" = protocol=17 | dir=in | app=c:\users\box\desktop\terraria\terraria.exe |
"{8D595218-76C2-49EE-8D22-5FA07EE3D61B}" = protocol=6 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{8DD1157D-342D-42F1-9201-91AF156A2687}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{8EC8387D-D082-44D7-9BCF-75914D0564C2}" = protocol=17 | dir=in | app=d:\sacred\system\s2gs.exe |
"{905AD954-7FE9-4B49-88AA-D05B56673683}" = protocol=6 | dir=in | app=c:\users\box\desktop\terraria\terraria.exe |
"{9176F414-C463-41B7-906D-BF777D4666E4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{91EB5E58-E321-47FF-94B7-AAF74630925B}" = protocol=6 | dir=in | app=c:\programdata\nexon\ngm\ngm.exe |
"{97F467C1-C503-4C5F-B8EA-1D9231B3F2A6}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe |
"{98E60929-F7EB-4232-9A49-809FC89EDC23}" = protocol=6 | dir=in | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe |
"{9B5C55F2-AB92-4B30-B806-8F184B063D1B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{9C418811-5ABF-4004-A240-4F15291EA7AD}" = protocol=17 | dir=in | app=c:\programdata\nexon\common\nmservice.exe |
"{9E5DBB5B-2B8D-4376-98C4-C0F828CFA5F3}" = protocol=17 | dir=in | app=c:\program files (x86)\flashget network\flashget 3\flashget3.exe |
"{A1EF67BA-F73F-46E4-B85C-B35024DB1FE1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A6AB0059-73A1-4372-9546-AB746D3116E6}" = protocol=6 | dir=in | app=d:\world of warcraft\launcher.patch.exe |
"{A7DCD5D9-C982-4187-9F85-215868803CBC}" = protocol=6 | dir=in | app=c:\users\box\desktop\aurasea.exe |
"{A83080BA-01B2-4CEC-A5E4-9AE62E5FDE4F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{AA2B6449-8AAE-408A-94F0-1D6ED294C8ED}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{AD8AAFB9-5EEF-405F-90F8-46641F240C5C}" = protocol=6 | dir=in | app=c:\program files (x86)\terraria\terraria.exe |
"{ADEA8327-5663-43BD-B186-B6F6FE494023}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{B0C6B0C1-D313-49D3-BD57-E04C3E38C4B5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B69B8AC8-FF9A-496E-B09C-E1EDB1348891}" = protocol=6 | dir=in | app=c:\program files (x86)\webserv\mysql\bin\webserv(mysqld).exe |
"{B7C0EFEE-0C61-4A6C-81C3-657754B8E968}" = protocol=17 | dir=in | app=d:\sacred\system\sacred2.exe |
"{C1027255-E51D-49B8-8615-46D85CBDF5AA}" = protocol=6 | dir=in | app=c:\programdata\nexon\common\nmservice.exe |
"{C56698B4-DFB1-4887-8A47-CCA4B5CEC914}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe |
"{C6387EB8-2AF5-43AA-A650-5B7B8F0D43A6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe |
"{CE117EE1-A5F9-4A22-9565-5506CF01980C}" = protocol=6 | dir=in | app=c:\users\box\downloads\terraria 1.0.6\terraria 1.0.6\terrariaserver.exe |
"{D4C0A106-1763-4C24-B56F-B3CEB72238FA}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D5BC0F1E-E011-46F3-85C2-F0CB56D735CF}" = protocol=6 | dir=in | app=c:\program files (x86)\wapster\wapster aqq\aqq.exe |
"{D69D908A-353A-4D7F-90CA-FDA48ECE82F5}" = protocol=17 | dir=in | app=c:\program files (x86)\webserv\mysql\bin\webserv(mysqld).exe |
"{D7E1719D-6FFD-401B-B2BC-DD0E1921CF80}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"{DDD7C1FC-D238-44B3-B3C8-C9A88837FBF4}" = protocol=17 | dir=in | app=c:\users\box\appdata\roaming\dropbox\bin\dropbox.exe |
"{EAC211E9-2249-407A-88E3-C8F1F9864058}" = protocol=17 | dir=in | app=d:\world of warcraft\launcher.exe |
"{EB2E97C1-724F-4820-89FC-23E9E7BE6187}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe |
"{F07A2DB0-40CD-4EAF-A3E3-773DDBEBA19C}" = protocol=17 | dir=in | app=c:\program files (x86)\terraria\terraria.exe |
"{F0FF15D1-519E-487D-A404-481ADDDF8D67}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F1D84382-45A7-4D6D-8CD1-F8620B487339}" = protocol=17 | dir=in | app=c:\program files (x86)\wapster\wapster aqq\aqq.exe |
"{F58240A9-06BD-46A4-A8F3-BC02BDDC5851}" = protocol=6 | dir=in | app=d:\world of warcraft\launcher.exe |
"{F829D152-92A1-4C6E-A383-FE673876A0C3}" = protocol=6 | dir=in | app=c:\users\box\desktop\muzyka\download\eo_2_0_0\server\server.exe |
"{F9D5E3CE-9D07-4366-B378-75A20BF486B5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe |
"{FB57AD8E-22DD-4E90-8691-3A473DA21737}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{FBF6D900-07DE-4261-9744-496F290C03B2}" = protocol=6 | dir=out | app=system |
"TCP Query User{0A6D78AC-6C27-42B6-A449-9F66CE77FBFD}C:\users\box\genki\utorrent.exe" = protocol=6 | dir=in | app=c:\users\box\genki\utorrent.exe |
"TCP Query User{0B56B689-AB57-4D52-A48B-C41F34A34285}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"TCP Query User{0D2F915E-25BF-4A3C-999C-95A259742E56}C:\program files (x86)\wapster\wapster aqq\aqq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\wapster\wapster aqq\aqq.exe |
"TCP Query User{15585905-DF5D-43B4-B1CA-6D65742A2289}C:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe |
"TCP Query User{17D03E2F-A918-43AD-9BD8-47E1EBBC754E}C:\program files (x86)\terraria\terraria.exe" = protocol=6 | dir=in | app=c:\program files (x86)\terraria\terraria.exe |
"TCP Query User{20C73B52-6B19-45B8-8111-B85C7A57E7DA}C:\program files (x86)\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"TCP Query User{210CA08D-9BC1-45C8-849D-F5BC4644E0C3}C:\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\totalcmd\totalcmd.exe |
"TCP Query User{2855B1DD-6833-463B-AE23-489646AED7B5}C:\users\box\desktop\harry-1.2.0\harry-1.2.0\harry.exe" = protocol=6 | dir=in | app=c:\users\box\desktop\harry-1.2.0\harry-1.2.0\harry.exe |
"TCP Query User{316C67A3-8962-4043-B9A2-BC2133C2ACEB}C:\users\box\desktop\wapster\wapster aqq\aqq.exe" = protocol=6 | dir=in | app=c:\users\box\desktop\wapster\wapster aqq\aqq.exe |
"TCP Query User{34116465-29BF-4FA8-99AF-CFBC328011E7}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{3B30D32E-4419-4D52-8F84-4E4B5D7C1F22}C:\program files (x86)\mad tracks\madtracks.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mad tracks\madtracks.exe |
"TCP Query User{425EF31B-1DB2-442E-81C0-E105273B5D1B}C:\users\box\desktop\terraria\terraria.exe" = protocol=6 | dir=in | app=c:\users\box\desktop\terraria\terraria.exe |
"TCP Query User{4A0A1336-6AA8-427F-81F8-EC4FE7CAC9C0}C:\users\box\desktop\sony_vegas_6.0-darkwarez.pl-zibix89.rar\sony\vegas 6.0\vegsrv60.exe" = protocol=6 | dir=in | app=c:\users\box\desktop\sony_vegas_6.0-darkwarez.pl-zibix89.rar\sony\vegas 6.0\vegsrv60.exe |
"TCP Query User{79D97B07-5C19-41B6-BE11-EAFBC6FCD941}C:\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\totalcmd\totalcmd.exe |
"TCP Query User{7C5625CD-6799-41AF-A1BF-DA0880C14B06}C:\program files (x86)\flashget network\flashget 3\flashget3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\flashget network\flashget 3\flashget3.exe |
"TCP Query User{7D7532DF-20F0-4E16-8136-0F15233CDEFA}C:\program files (x86)\webserv\apache2\bin\webserv(apache).exe" = protocol=6 | dir=in | app=c:\program files (x86)\webserv\apache2\bin\webserv(apache).exe |
"TCP Query User{7DC3EAE2-F203-4F78-A03C-B660ACD35472}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{7DC8679A-23B2-4B45-8B03-1BA2BA7CF8FD}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe |
"TCP Query User{7F97AA87-F8BE-4F7B-939F-EE07D95122DD}C:\users\box\appdata\local\temp\cdd.tmp\kmservice.exe" = protocol=6 | dir=in | app=c:\users\box\appdata\local\temp\cdd.tmp\kmservice.exe |
"TCP Query User{82896738-0A68-4213-A450-F0AEAC559456}C:\program files (x86)\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"TCP Query User{92A28FC1-DDEE-4F80-AB71-BC6B7F30D132}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{98DBFF1F-C1DA-4C94-8159-19234199C23F}C:\users\box\downloads\terraria 1.0.6\terraria 1.0.6\terrariaserver.exe" = protocol=6 | dir=in | app=c:\users\box\downloads\terraria 1.0.6\terraria 1.0.6\terrariaserver.exe |
"TCP Query User{A6674857-C558-4574-BC79-8704202EA27D}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe |
"TCP Query User{B2F2A92D-782C-4165-B0E8-8105C0FC986C}C:\program files (x86)\microsoft games\flight simulator 9\fs9.exe" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\flight simulator 9\fs9.exe |
"TCP Query User{B4E9CB3A-903E-408C-BA74-A9D6F3E01ABF}C:\users\box\desktop\muzyka\download\eo_2_0_0\server\server.exe" = protocol=6 | dir=in | app=c:\users\box\desktop\muzyka\download\eo_2_0_0\server\server.exe |
"TCP Query User{C18061E7-2A18-465D-A9FB-CEFA68E8CCC9}C:\users\box\desktop\wapster\wapster aqq\aqq.exe" = protocol=6 | dir=in | app=c:\users\box\desktop\wapster\wapster aqq\aqq.exe |
"TCP Query User{CFC395B9-B5AD-44BB-B457-E2AA9D1AA91E}C:\users\box\desktop\terraria\terraria 1.03\terraria 1.03\terrariaserver.exe" = protocol=6 | dir=in | app=c:\users\box\desktop\terraria\terraria 1.03\terraria 1.03\terrariaserver.exe |
"TCP Query User{E58B939D-BECF-4DA6-9745-4B3A8215C39D}C:\program files (x86)\webserv\mysql\bin\webserv(mysqld).exe" = protocol=6 | dir=in | app=c:\program files (x86)\webserv\mysql\bin\webserv(mysqld).exe |
"TCP Query User{E79CD45F-C505-4B63-BB8D-7E964FE8995B}C:\users\box\desktop\muzyka\download\xw1.0.3\server\server.exe" = protocol=6 | dir=in | app=c:\users\box\desktop\muzyka\download\xw1.0.3\server\server.exe |
"TCP Query User{E8095B76-B412-48DF-8BBD-EEDD38804A93}D:\sacred\system\s2gs.exe" = protocol=6 | dir=in | app=d:\sacred\system\s2gs.exe |
"TCP Query User{EFD0DBB6-0BAB-433A-B236-4035ECC02DEC}C:\users\box\desktop\aurasea.exe" = protocol=6 | dir=in | app=c:\users\box\desktop\aurasea.exe |
"TCP Query User{F5A9D4FC-3AB4-4468-A710-1A8DD7F8FC3B}C:\program files (x86)\empire interactive\flatout2\flatout2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\empire interactive\flatout2\flatout2.exe |
"TCP Query User{FF1F4B6B-AA2B-4B8C-A8DC-5199833F793E}D:\world of warcraft\blizzard downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\blizzard downloader.exe |
"UDP Query User{0E9EC56C-8975-43A5-B2E2-FCD44D2D2596}C:\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\totalcmd\totalcmd.exe |
"UDP Query User{14496428-C0E7-40A3-8618-AD79F295BD88}C:\users\box\desktop\muzyka\download\eo_2_0_0\server\server.exe" = protocol=17 | dir=in | app=c:\users\box\desktop\muzyka\download\eo_2_0_0\server\server.exe |
"UDP Query User{14A115C1-6F3D-4921-865C-095232F80C40}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe |
"UDP Query User{1B4A9197-56CA-4641-9306-C74DC6DE82D1}C:\program files (x86)\empire interactive\flatout2\flatout2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\empire interactive\flatout2\flatout2.exe |
"UDP Query User{20BC7A32-C617-40F6-B7FF-4D57C1414142}C:\users\box\desktop\wapster\wapster aqq\aqq.exe" = protocol=17 | dir=in | app=c:\users\box\desktop\wapster\wapster aqq\aqq.exe |
"UDP Query User{43A502C4-0A5C-4B0E-99B0-A19A46CB8A78}C:\program files (x86)\mad tracks\madtracks.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mad tracks\madtracks.exe |
"UDP Query User{4E9A0925-5797-40B5-B6CC-EE7906F24E14}C:\users\box\desktop\wapster\wapster aqq\aqq.exe" = protocol=17 | dir=in | app=c:\users\box\desktop\wapster\wapster aqq\aqq.exe |
"UDP Query User{5C1ED571-065A-4721-8652-9417C3087C3E}C:\program files (x86)\wapster\wapster aqq\aqq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\wapster\wapster aqq\aqq.exe |
"UDP Query User{60556925-A9C4-40D4-BC61-7689D7C6879D}C:\users\box\appdata\local\temp\cdd.tmp\kmservice.exe" = protocol=17 | dir=in | app=c:\users\box\appdata\local\temp\cdd.tmp\kmservice.exe |
"UDP Query User{6A1FFA1E-84C1-4BB9-BA37-3E1533A15F40}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"UDP Query User{6CCD3EE8-44C1-452D-8C80-645C92B9B7EE}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{77C61D83-01B2-43FB-9693-4972BF6A7642}C:\users\box\desktop\aurasea.exe" = protocol=17 | dir=in | app=c:\users\box\desktop\aurasea.exe |
"UDP Query User{89DF19FE-324A-4C7F-A206-D581B7A552AA}C:\users\box\desktop\terraria\terraria 1.03\terraria 1.03\terrariaserver.exe" = protocol=17 | dir=in | app=c:\users\box\desktop\terraria\terraria 1.03\terraria 1.03\terrariaserver.exe |
"UDP Query User{901C679B-80E6-4574-9959-F0EA410E78D9}C:\program files (x86)\terraria\terraria.exe" = protocol=17 | dir=in | app=c:\program files (x86)\terraria\terraria.exe |
"UDP Query User{943B0800-D3EC-4764-B5E8-3CD866594006}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe |
"UDP Query User{97D24AB1-0457-4A66-B399-B4CD6DBDA2DC}C:\program files (x86)\webserv\apache2\bin\webserv(apache).exe" = protocol=17 | dir=in | app=c:\program files (x86)\webserv\apache2\bin\webserv(apache).exe |
"UDP Query User{9F57EC6C-B241-4543-9CAE-BD1B9488B7C1}C:\program files (x86)\flashget network\flashget 3\flashget3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\flashget network\flashget 3\flashget3.exe |
"UDP Query User{A94AFB9A-A74A-4EEB-9076-D6D95041179F}C:\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\totalcmd\totalcmd.exe |
"UDP Query User{B475E5EE-EF2A-43AB-B40F-30CBC1397E25}C:\program files (x86)\webserv\mysql\bin\webserv(mysqld).exe" = protocol=17 | dir=in | app=c:\program files (x86)\webserv\mysql\bin\webserv(mysqld).exe |
"UDP Query User{C08452CF-519C-44AA-89BA-B471AFA7B56E}C:\program files (x86)\microsoft games\flight simulator 9\fs9.exe" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\flight simulator 9\fs9.exe |
"UDP Query User{C7AE5F4F-A2AD-40D8-8E36-435D2D743D27}C:\users\box\genki\utorrent.exe" = protocol=17 | dir=in | app=c:\users\box\genki\utorrent.exe |
"UDP Query User{CD74C1D5-9717-44B8-9647-0E388AC60DA2}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{CE2FC071-1EC2-430B-8BB7-E2F72E07FDFD}C:\users\box\desktop\muzyka\download\xw1.0.3\server\server.exe" = protocol=17 | dir=in | app=c:\users\box\desktop\muzyka\download\xw1.0.3\server\server.exe |
"UDP Query User{D3EDCA6F-4DE5-479E-B4AB-B017892DD79C}C:\program files (x86)\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"UDP Query User{D5D2DCA8-CA31-4148-B4ED-3A33B3FDFD71}C:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe |
"UDP Query User{E1EE4F5A-C53D-4300-A1AC-85C1663733F7}C:\users\box\downloads\terraria 1.0.6\terraria 1.0.6\terrariaserver.exe" = protocol=17 | dir=in | app=c:\users\box\downloads\terraria 1.0.6\terraria 1.0.6\terrariaserver.exe |
"UDP Query User{E7C96B4F-3886-4D97-B3F6-06D5D7AA96E0}C:\users\box\desktop\terraria\terraria.exe" = protocol=17 | dir=in | app=c:\users\box\desktop\terraria\terraria.exe |
"UDP Query User{E844D625-1602-48E1-AE56-1E2521DE1EA4}C:\users\box\desktop\sony_vegas_6.0-darkwarez.pl-zibix89.rar\sony\vegas 6.0\vegsrv60.exe" = protocol=17 | dir=in | app=c:\users\box\desktop\sony_vegas_6.0-darkwarez.pl-zibix89.rar\sony\vegas 6.0\vegsrv60.exe |
"UDP Query User{E85CC23B-4194-47AB-B9FE-8AD559705CBC}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{ED223B4B-CD42-416C-B67B-1FCF35C7BBAD}C:\users\box\desktop\harry-1.2.0\harry-1.2.0\harry.exe" = protocol=17 | dir=in | app=c:\users\box\desktop\harry-1.2.0\harry-1.2.0\harry.exe |
"UDP Query User{EE044DD9-ED63-4242-9A68-37A4E41FDACA}C:\program files (x86)\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"UDP Query User{EE2B5169-3F9D-469F-AFFE-99D17DDC084A}D:\world of warcraft\blizzard downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\blizzard downloader.exe |
"UDP Query User{F53BFFA6-0D8A-41CF-B6C6-70455E9C1E25}D:\sacred\system\s2gs.exe" = protocol=17 | dir=in | app=d:\sacred\system\s2gs.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01D57CF6-B5BC-4D03-AFF5-7960CFBD05A9}" = Native Instruments Guitar Rig 5
"{034106B5-54B7-467F-B477-5B7DBB492624}" = Microsoft Sync Framework Services v1.0 SP1 (x64)
"{0826F9E4-787E-481D-83E0-BC6A57B056D5}" = Microsoft SQL Server VSS Writer
"{0886900B-B2F3-452C-B580-60F1253F7F80}" = Native Instruments Controller Editor
"{0AB1CEAD-FF24-33F8-8A25-292A8E835822}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3200_series" = Canon MG3200 series MP Drivers
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{1686C4D1-B1FD-42E8-B7A8-FB4C4DBA5BA8}" = ASUS Power4Gear Hybrid
"{1AB7EDC5-D891-34C5-9FF1-BE6A85ACC44B}" = Microsoft Team Foundation Server 2010 Object Model - ENU
"{1CB6C387-65A7-327F-B4A5-7DDC75A291AF}" = Microsoft Visual Studio 2010 Office Developer Tools (x64)
"{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x64)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86416025FF}" = Java(TM) 6 Update 25 (64-bit)
"{2930FB47-6452-4476-BF16-D77F748646DB}" = Native Instruments Guitar Rig Mobile I/O
"{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}" = Sql Server Customer Experience Improvement Program
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{390239C9-8AB0-4E81-9E74-2020988D5582}" = MySQL Server 5.1
"{4A8CE6D7-4D52-43B9-970B-03FC75FAD667}" = Microsoft SQL Server System CLR Types (x64)
"{5340A3B5-3853-4745-BED2-DD9FF5371331}" = Microsoft SQL Server 2008 Common Files
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64A3A4F4-B792-11D6-A78A-00B0D0160250}" = Java(TM) SE Development Kit 6 Update 25 (64-bit)
"{662014D2-0450-37ED-ABAE-157C88127BEB}" = Visual Studio 2010 Prerequisites - English
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7930FB47-6452-4476-BF16-D77F748646DB}" = Native Instruments Guitar Rig Session I/O
"{7ACE202B-1B01-4B43-B6AE-03D66D621CDE}" = Microsoft SQL Server 2008 RsFx Driver
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8438EC02-B8A9-462D-AC72-1B521349C001}" = Microsoft Sync Framework Runtime v1.0 SP1 (x64)
"{893F27E6-D6BE-4B9F-80E6-0ADA694A31A8}" = Microsoft SQL Server 2008 Common Files
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0415-1000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2010
"{90140000-0015-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0415-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2010
"{90140000-0016-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0415-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2010
"{90140000-0018-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0415-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2010
"{90140000-0019-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0415-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2010
"{90140000-001A-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0415-1000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2010
"{90140000-001B-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUS_{70A3169E-288F-454F-A08D-20DF66639B50}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0415-1000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2010
"{90140000-001F-0415-1000-0000000FF1CE}_Office14.PROPLUS_{329A3D98-9583-4B84-B18B-498E7AB65C43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0415-1000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2010
"{90140000-002C-0415-1000-0000000FF1CE}_Office14.PROPLUS_{BFEB53FA-3044-47FD-BB50-9DCBBEED79EF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0415-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Polish) 2010
"{90140000-0043-0415-1000-0000000FF1CE}_Office14.PROPLUS_{FF5F6090-64DF-4BF6-BADD-71A64FDA70D2}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0415-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2010
"{90140000-0044-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0415-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2010
"{90140000-006E-0415-1000-0000000FF1CE}_Office14.PROPLUS_{3A96ABFF-5202-47B1-B5A2-DDE76563AF61}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0415-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2010
"{90140000-00A1-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0415-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2010
"{90140000-00BA-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90150000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Korrekturhilfen 2013 - Deutsch
"{90150000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English
"{90150000-001F-0415-1000-0000000FF1CE}" = Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski
"{90150000-002C-0415-1000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2013
"{90150000-0054-0415-1000-0000000FF1CE}" = Microsoft Visio MUI (Polish) 2013
"{90150000-006E-0415-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2013
"{90150000-00C1-0000-1000-0000000FF1CE}" = Microsoft Office 32-bit Components 2013
"{90150000-00C1-0415-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Polish) 2013
"{90150000-00E1-0415-1000-0000000FF1CE}" = Microsoft Office OSM MUI (Polish) 2013
"{91150000-0051-0000-1000-0000000FF1CE}" = Microsoft Visio Professional 2013
"{94D70749-4281-39AC-AD90-B56A0E0A402E}" = Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95F7B3C3-3D4C-471B-982A-76DB26E0EA2B}" = Bezpieczeństwo rodzinne usługi Windows Live
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B143BE44-8723-315E-9413-011C55873C0E}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{B40EE88B-400A-4266-A17B-E3DE64E94431}" = Microsoft SQL Server 2008 Setup Support Files
"{B962AD08-335F-46f7-A182-257D37672E5C}" = Native Instruments Rig Kontrol 3
"{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}" = Microsoft SQL Server 2008 Native Client
"{CC8BA866-16A7-4667-BA0C-C494A1E7B2BF}" = Microsoft SQL Server 2008 Database Engine Shared
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{DA67488A-2689-4F10-B90F-D2F6977509D6}" = Microsoft SQL Server 2008 R2 Management Objects (x64)
"{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb" = Microsoft Windows Application Compatibility Database
"{DF167CE3-60E7-44EA-99EC-2507C51F37AE}" = Microsoft SQL Server 2008 Database Engine Shared
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5079164-1DB9-3BDA-853B-F78AF67CE071}" = Microsoft Visual C++ 2010  x64 Designtime - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FA7394B8-CE65-4F9E-AC99-F372AD365424}" = Microsoft SQL Server 2008 Database Engine Services
"{FBD367D1-642F-47CF-B79B-9BE48FB34007}" = Microsoft SQL Server 2008 Database Engine Services
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"Asus WebStorage" = Asus WebStorage
"CCleaner" = CCleaner
"Elantech" = ETDWare PS/2-x64 7.0.5.5_WHQL
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 (64-bit)
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008 (64-bit)
"Microsoft Team Foundation Server 2010 Object Model - ENU" = Microsoft Team Foundation Server 2010 Object Model - ENU
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK" = Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"nbi-nb-base-7.1.1.0.0" = NetBeans IDE 7.1.1
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Office15.VISPROR" = Microsoft Visio Professional 2013
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam
"WinRAR archiver" = Archiwizator WinRAR

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}" = ASUS AI Recovery
"{0908334B-6065-48A1-BD91-EC7A03DF77CE}_is1" = Lame Front-End 1.7
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0B63BF75-9F0A-4E93-A69D-BDCC6A26C4B1}" = Podstawowe programy Windows Live
"{0DDCEC37-369C-484B-B16D-B4413FD42FB9}" = Microsoft SQL Server 2008 R2 Data-Tier Application Framework
"{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}" = Microsoft Sync Framework SDK v1.0 SP1
"{1023383E-D9F6-478C-A965-23A4657B3C9A}" = Sacred 2 - Fallen Angel
"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1AD6A797-E83F-4E1E-AF49-15CBA9AFE4E0}" = Sacred - Z쿽ta Edycja
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{2012098D-EEE9-4769-8DD3-B038050854D4}" = Microsoft Silverlight 3 SDK
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Narzędzie do przekazywania usługi Windows Live
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 29
"{26A24AE4-039D-4CA4-87B4-2F83217015FF}" = Java 7 Update 15
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types
"{2A5FBE73-76DA-4A31-BD86-1B0E01DC33F8}" = Windows Live Messenger
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2D9FEBEE-F1B7-344F-BFDF-760E18332D96}" = Microsoft Visual Studio 2010 SharePoint Developer Tools
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{394BE3D9-7F57-4638-A8D1-1D88671913B7}" = Microsoft AppLocale
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{40416836-56CC-4C0E-A6AF-5C34BADCE483}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{40CC0CC6-C1BA-476D-98CF-5430DA439B4F}" = Galeria fotografii usługi Windows Live
"{415ADF7E-6DB8-4481-86C0-1CEC0163CC7B}" = Nexon Game Manager
"{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}" = Dotfuscator Software Services - Community Edition
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A423411-E28A-4A13-BDB0-8E8BC42FFA29}" = HTC Sync
"{4A5667B2-5D13-46C2-85B5-9D46A6096F61}" = Secure Download Manager
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects
"{4EB106F5-110F-4E96-BCBA-1687AE57A04E}" = FlatOut2
"{4F68B605-2F2B-42A8-8689-0CA7E67797B0}" = Sony Vegas 6.0d
"{5A22D889-FBDD-4AE8-86EC-089D45FC133E}" = Alcor Micro USB Card Reader
"{5B65EF64-1DFA-414A-8C94-7BB726158E21}" = ControlDeck
"{5DE67937-45D5-45E4-923C-0B7F7EC929A7}" = League of Legends
"{60D6618B-153F-4353-8185-908E676E5888}" = ASUS FancyStart
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A86554B-8928-30E4-A53C-D7337689134D}" = Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319
"{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect
"{6C3496DF-CC4C-4CDE-87A1-8657619EE2D6}_is1" = Game Park Console
"{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{729A3000-BC8A-3B74-BA5D-5068FE12D70C}" = Microsoft Visual F# 2.0 Runtime
"{74CC5B4D-CBB5-46F1-82B0-3169977B1D36}" = Asystent rejestracji usługi Windows Live
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78C3657E-742C-40B1-9F53-E5A921D40F17}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8BD89760-6B5D-4A3C-8B0D-CDB93BEFC0F6}" = XSplit
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{A4CBCF09-0C7E-40AA-0080-34B8A5CFE7FA}" = Harry Potter(TM) i więzień Azkabanu
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB56EEE6-D64A-43BB-B68F-D150FD26FFED}_is1" = Chicken Invaders 4 The Ultimate Omelette version 1.00
"{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}" = Crystal Reports for Visual Studio
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.4.6 MUI
"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4
"{B13F5727-F12F-4253-B6AD-26AFA880B709}" = Sony Media Manager 2.0
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BEWINTERNET-PL-IEW}.UninstallSuite" = Orange Free
"{C3335EFB-008F-44DB-A87A-9EC8EE53D045}" = Windows Live Sync
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D6B15AE6-B052-363E-B6BB-C4714CBA6509}" = Microsoft Visual Studio 2010 Professional - ENU
"{DB4690C5-9015-401D-A96C-A49909B7C372}" = Poczta usługi Windows Live
"{DD49053A-0140-44EF-AE75-C4BC1FDB8286}" = Windows Live Writer
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)
"{E2494AD8-314D-44F8-B39C-4358A60DC184}" = LogMeIn Hamachi
"{E5AE9031-79A5-4627-9641-BEFA82819B08}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}" = Nexon Game Manager
"{EA561FC0-A965-11E2-94D3-B8AC6F98CCE3}" = Google Earth Plug-in
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F2996FC2-47B9-409E-9442-C89390D49D8E}" = Windows Vista Battery Sidebar Gadget
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F9EE7C75-F083-35DA-B203-42A72D3CB6B8}" = Microsoft Visual Studio 2010 Professional - PLK Language Pack
"{FE77909E-B782-4554-A92A-4D887CEF0ACC}_is1" = ALLMediaServer
"7-Zip" = 7-Zip 9.20
"Abakan 5.0_is1" = Abakan 5.0
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"AhnLab Online Security" = AhnLab Online Security
"ALLPlayer_is1" = ALLPlayer V5.X
"AP Tuner 3.08" = AP Tuner 3.08
"AQQ" = WapSter AQQ
"ASIO4ALL" = ASIO4ALL
"Astroburn Lite" = Astroburn Lite
"ASUS AP Bank_is1" = ASUS AP Bank
"Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver
"Audacity_is1" = Audacity 1.2.6
"AVIcodec" = AVIcodec (remove only)
"Canon MG3200 series On-screen Manual" = Canon MG3200 series On-screen Manual
"Canon My Image Garden" = Canon My Image Garden
"Canon My Image Garden Design Files" = Canon My Image Garden Design Files
"Canon_IJ_Network_Scanner_Selector_EX" = Canon IJ Network Scanner Selector EX
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"Canon_IJ_Scan_Utility" = Canon IJ Scan Utility
"CanonMyPrinter" = Canon My Printer
"CanonQuickMenu" = Canon Quick Menu
"CardDetectorHUAWEI1752_1552" = Card Detector for Huawei E1752 and E1552
"Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2)
"Drumaxx" = Drumaxx
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"Europe MapleStory_is1" = Europe MapleStory
"FL Studio 9" = FL Studio 9
"Flight Simulator 9.0" = Microsoft Flight Simulator 2004 A Century of Flight
"Fraps" = Fraps (remove only)
"Free Download Manager_is1" = Free Download Manager 3.9.2
"Free WMA to MP3 Converter_is1" = Free WMA to MP3 Converter 1.16
"Guitar Pro 5_is1" = Guitar Pro 5.0
"Hardcore" = Hardcore
"HyperCam 2" = HyperCam 2
"Inkscape" = Inkscape 0.46
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{5A22D889-FBDD-4AE8-86EC-089D45FC133E}" = Alcor Micro USB Card Reader
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"KiCad" = KiCad 2013.03.19
"KLiteCodecPack_is1" = K-Lite Codec Pack 9.2.0 (Full)
"LastFM_is1" = Last.fm Scrobbler 2.1.30
"League of Legends 3.0.1" = League of Legends
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware wersja 1.51.2.1300
"MapleStory" = MapleStory
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft Visual Studio 2010 Professional - ENU" = Microsoft Visual Studio 2010 Professional - ENU
"Microsoft Visual Studio 2010 Professional - PLK Language Pack" = Microsoft Visual Studio 2010 wersja Professional - PLK
"Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools
"mIRC" = mIRC
"Mozilla Firefox (3.6.28)" = Mozilla Firefox (3.6.28)
"Multimedia Fusion 2" = Multimedia Fusion 2
"Native Instruments Controller Editor" = Native Instruments Controller Editor
"Native Instruments Guitar Rig 5" = Native Instruments Guitar Rig 5
"Native Instruments Guitar Rig Mobile I/O" = Native Instruments Guitar Rig Mobile I/O
"Native Instruments Guitar Rig Session I/O" = Native Instruments Guitar Rig Session I/O
"Native Instruments GuitarRig 2.01 RTAS VSTi DXi" = Native Instruments GuitarRig 2.01 RTAS VSTi DXi
"Native Instruments Rig Kontrol 3" = Native Instruments Rig Kontrol 3
"Native Instruments Service Center" = Native Instruments Service Center
"Notepad++" = Notepad++
"OCCT_is1" = OCCT Perestroika 3.1.0
"OpenAL" = OpenAL
"Opera 12.16.1860" = Opera 12.16
"PoiZone" = PoiZone
"PokerStars.eu" = PokerStars.eu
"PowerISO" = PowerISO
"Rejestracja użytkownika drukarki Canon MG3200 series" = Rejestracja użytkownika drukarki Canon MG3200 series
"Sakura" = Sakura
"Sawer" = Sawer
"Scribus 1.3.9" = Scribus 1.3.9
"Steam App 105600" = Terraria
"SuperTux_is1" = SuperTux 0.1.3
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"Totalcmd" = Total Commander (Remove or Repair)
"Toxic Biohazard" = Toxic Biohazard
"UnLock Root" = UnLock Root 2.31
"uTorrent" = µTorrent
"WAV MP3 Converter_is1" = WAV MP3 Converter 1.30
"WebServ_is1" = WebServ 2.0
"Winamp" = Winamp
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinGTK-2_is1" = GTK+ 2.10.13 runtime environment
"WinLiveSuite_Wave3" = Podstawowe programy Windows Live
"World of Warcraft" = World of Warcraft
"Xfire" = Xfire (remove only)

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-2465420228-375340488-1497802240-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Ultra MMF2" = Ultra MMF2
"UnityWebPlayer" = Unity Web Player
"Winamp Detect" = Detektor Winampa

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 7/22/2013 11:13:40 PM | Computer Name = Box-Komputer | Source = VSS | ID = 12292
Description =

Error - 7/22/2013 11:13:40 PM | Computer Name = Box-Komputer | Source = VSS | ID = 13
Description =

Error - 7/22/2013 11:13:40 PM | Computer Name = Box-Komputer | Source = VSS | ID = 12292
Description =

Error - 7/22/2013 11:13:40 PM | Computer Name = Box-Komputer | Source = VSS | ID = 13
Description =

Error - 7/22/2013 11:13:40 PM | Computer Name = Box-Komputer | Source = VSS | ID = 12292
Description =

Error - 7/22/2013 11:13:40 PM | Computer Name = Box-Komputer | Source = VSS | ID = 8193
Description =

Error - 7/22/2013 11:13:40 PM | Computer Name = Box-Komputer | Source = System Restore | ID = 8193
Description =

Error - 7/22/2013 11:13:40 PM | Computer Name = Box-Komputer | Source = System Restore | ID = 8211
Description =

Error - 7/22/2013 11:13:41 PM | Computer Name = Box-Komputer | Source = VSS | ID = 13
Description =

Error - 7/22/2013 11:13:41 PM | Computer Name = Box-Komputer | Source = VSS | ID = 12292
Description =

[ Media Center Events ]
Error - 2/12/2010 4:49:11 PM | Computer Name = Box-Komputer | Source = MCUpdate | ID = 0
Description = 21:49:11 - Błąd podczas nawiązywania połączenia z Internetem.  21:49:11
-     Nie można skontaktować się z serwerem.. 

Error - 2/12/2010 4:49:18 PM | Computer Name = Box-Komputer | Source = MCUpdate | ID = 0
Description = 21:49:17 - Błąd podczas nawiązywania połączenia z Internetem.  21:49:17
-     Nie można skontaktować się z serwerem.. 

Error - 2/12/2010 5:49:25 PM | Computer Name = Box-Komputer | Source = MCUpdate | ID = 0
Description = 22:49:25 - Błąd podczas nawiązywania połączenia z Internetem.  22:49:25
-     Nie można skontaktować się z serwerem.. 

Error - 2/12/2010 5:49:31 PM | Computer Name = Box-Komputer | Source = MCUpdate | ID = 0
Description = 22:49:31 - Błąd podczas nawiązywania połączenia z Internetem.  22:49:31
-     Nie można skontaktować się z serwerem.. 

Error - 2/12/2010 6:49:38 PM | Computer Name = Box-Komputer | Source = MCUpdate | ID = 0
Description = 23:49:38 - Błąd podczas nawiązywania połączenia z Internetem.  23:49:38
-     Nie można skontaktować się z serwerem.. 

Error - 2/12/2010 6:49:45 PM | Computer Name = Box-Komputer | Source = MCUpdate | ID = 0
Description = 23:49:44 - Błąd podczas nawiązywania połączenia z Internetem.  23:49:44
-     Nie można skontaktować się z serwerem.. 

Error - 2/15/2010 2:53:40 PM | Computer Name = Box-Komputer | Source = MCUpdate | ID = 0
Description = 19:53:39 - Błąd podczas nawiązywania połączenia z Internetem.  19:53:39
-     Nie można skontaktować się z serwerem.. 

Error - 2/15/2010 2:53:48 PM | Computer Name = Box-Komputer | Source = MCUpdate | ID = 0
Description = 19:53:45 - Błąd podczas nawiązywania połączenia z Internetem.  19:53:45
-     Nie można skontaktować się z serwerem.. 

Error - 2/17/2010 10:16:14 AM | Computer Name = Box-Komputer | Source = MCUpdate | ID = 0
Description = 15:16:14 - Nie można pobrać pakietu Broadband (Błąd: Połączenie podstawowe
zostało zakończone: Nie można ustanowić relacji zaufania dla bezpiecznego kanału
SSL/TLS.) 

Error - 11/19/2010 6:38:54 PM | Computer Name = Box-Komputer | Source = MCUpdate | ID = 0
Description = 23:38:13 - Nie można pobrać pakietu Directory (Błąd: Połączenie podstawowe
zostało zakończone: Nie można ustanowić relacji zaufania dla bezpiecznego kanału
SSL/TLS.) 

[ System Events ]
Error - 7/22/2013 11:27:07 AM | Computer Name = Box-Komputer | Source = Disk | ID = 262155
Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR8.

Error - 7/22/2013 11:27:07 AM | Computer Name = Box-Komputer | Source = Disk | ID = 262155
Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR8.

Error - 7/22/2013 11:27:07 AM | Computer Name = Box-Komputer | Source = Disk | ID = 262155
Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR8.

Error - 7/22/2013 11:27:07 AM | Computer Name = Box-Komputer | Source = Disk | ID = 262155
Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR8.

Error - 7/22/2013 11:27:07 AM | Computer Name = Box-Komputer | Source = Disk | ID = 262155
Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR8.

Error - 7/22/2013 11:27:07 AM | Computer Name = Box-Komputer | Source = Disk | ID = 262155
Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR8.

Error - 7/22/2013 11:27:07 AM | Computer Name = Box-Komputer | Source = Disk | ID = 262155
Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR8.

Error - 7/22/2013 12:02:59 PM | Computer Name = Box-Komputer | Source = Disk | ID = 262155
Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR9.

Error - 7/22/2013 8:01:28 PM | Computer Name = Box-Komputer | Source = DCOM | ID = 10016
Description =

Error - 7/22/2013 9:49:01 PM | Computer Name = Box-Komputer | Source = DCOM | ID = 10016
Description =


< End of report >


gmer
Kod: Zaznacz wszystko
GMER 2.1.19163 - http://www.gmer.net
Rootkit scan 2013-07-23 03:38:22
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST950032 rev.0001 465,76GB
Running: tk3000nk.exe; Driver: C:\Users\Box\AppData\Local\Temp\uxrirpow.sys


---- Kernel code sections - GMER 2.1 ----

INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 560                                                                   fffff800037b6000 45 bytes [00, 00, 06, 02, 49, 63, 70, ...]
INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 607                                                                   fffff800037b602f 17 bytes [00, 30, 60, 63, 0B, 80, FA, ...]
.text     C:\Windows\System32\win32k.sys!W32pServiceTable                                                                                      fffff960001a3e00 7 bytes [00, A3, F3, FF, 01, AF, F0]
.text     C:\Windows\System32\win32k.sys!W32pServiceTable + 8                                                                                  fffff960001a3e08 3 bytes [C0, 06, 02]

---- User code sections - GMER 2.1 ----

.text     C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe[1540] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                        0000000076b91465 2 bytes [B9, 76]
.text     C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe[1540] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                       0000000076b914bb 2 bytes [B9, 76]
.text     ...                                                                                                                                  * 2
.text     C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe[1808] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69   0000000076b91465 2 bytes [B9, 76]
.text     C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe[1808] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155  0000000076b914bb 2 bytes [B9, 76]
.text     ...                                                                                                                                  * 2
.text     C:\Windows\AsScrPro.exe[2684] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                0000000076b91465 2 bytes [B9, 76]
.text     C:\Windows\AsScrPro.exe[2684] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                               0000000076b914bb 2 bytes [B9, 76]
.text     ...                                                                                                                                  * 2
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3492] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69        0000000076b91465 2 bytes [B9, 76]
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3492] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155       0000000076b914bb 2 bytes [B9, 76]
.text     ...                                                                                                                                  * 2
?         C:\Windows\system32\mssprxy.dll [3492] entry point in ".rdata" section                                                               00000000741171e6
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3680] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationThread + 5       000000007715f991 7 bytes {MOV EDX, 0xa6ce28; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3680] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadToken + 5            000000007715fbd5 7 bytes {MOV EDX, 0xa6ce68; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3680] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcess + 5                000000007715fc05 7 bytes {MOV EDX, 0xa6cda8; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3680] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationFile + 5         000000007715fc1d 7 bytes {MOV EDX, 0xa6cd28; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3680] C:\Windows\SysWOW64\ntdll.dll!NtMapViewOfSection + 5           000000007715fc35 7 bytes {MOV EDX, 0xa6cf28; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3680] C:\Windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection + 5         000000007715fc65 7 bytes {MOV EDX, 0xa6cf68; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3680] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess               000000007715fc90 5 bytes JMP 00000001009181e1
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3680] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadTokenEx + 5          000000007715fce5 7 bytes {MOV EDX, 0xa6cee8; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3680] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessTokenEx + 5         000000007715fcfd 7 bytes {MOV EDX, 0xa6cea8; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3680] C:\Windows\SysWOW64\ntdll.dll!NtOpenFile + 5                   000000007715fd49 7 bytes {MOV EDX, 0xa6cc68; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3680] C:\Windows\SysWOW64\ntdll.dll!NtQueryAttributesFile + 5        000000007715fe41 7 bytes {MOV EDX, 0xa6cca8; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3680] C:\Windows\SysWOW64\ntdll.dll!NtCreateFile + 5                 0000000077160099 7 bytes {MOV EDX, 0xa6cc28; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3680] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessToken + 5           00000000771610a5 7 bytes {MOV EDX, 0xa6cde8; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3680] C:\Windows\SysWOW64\ntdll.dll!NtOpenThread + 5                 000000007716111d 7 bytes {MOV EDX, 0xa6cd68; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3680] C:\Windows\SysWOW64\ntdll.dll!NtQueryFullAttributesFile + 5    0000000077161321 7 bytes {MOV EDX, 0xa6cce8; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3680] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69        0000000076b91465 2 bytes [B9, 76]
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3680] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155       0000000076b914bb 2 bytes [B9, 76]
.text     ...                                                                                                                                  * 2
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3616] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationThread + 5       000000007715f991 7 bytes {MOV EDX, 0x2c4a28; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3616] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadToken + 5            000000007715fbd5 7 bytes {MOV EDX, 0x2c4a68; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3616] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcess + 5                000000007715fc05 7 bytes {MOV EDX, 0x2c49a8; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3616] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationFile + 5         000000007715fc1d 7 bytes {MOV EDX, 0x2c4928; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3616] C:\Windows\SysWOW64\ntdll.dll!NtMapViewOfSection + 5           000000007715fc35 7 bytes {MOV EDX, 0x2c4b28; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3616] C:\Windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection + 5         000000007715fc65 7 bytes {MOV EDX, 0x2c4b68; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3616] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess               000000007715fc90 5 bytes JMP 00000001009181e1
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3616] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadTokenEx + 5          000000007715fce5 7 bytes {MOV EDX, 0x2c4ae8; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3616] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessTokenEx + 5         000000007715fcfd 7 bytes {MOV EDX, 0x2c4aa8; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3616] C:\Windows\SysWOW64\ntdll.dll!NtOpenFile + 5                   000000007715fd49 7 bytes {MOV EDX, 0x2c4868; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3616] C:\Windows\SysWOW64\ntdll.dll!NtQueryAttributesFile + 5        000000007715fe41 7 bytes {MOV EDX, 0x2c48a8; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3616] C:\Windows\SysWOW64\ntdll.dll!NtCreateFile + 5                 0000000077160099 7 bytes {MOV EDX, 0x2c4828; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3616] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessToken + 5           00000000771610a5 7 bytes {MOV EDX, 0x2c49e8; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3616] C:\Windows\SysWOW64\ntdll.dll!NtOpenThread + 5                 000000007716111d 7 bytes {MOV EDX, 0x2c4968; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3616] C:\Windows\SysWOW64\ntdll.dll!NtQueryFullAttributesFile + 5    0000000077161321 7 bytes {MOV EDX, 0x2c48e8; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3616] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69        0000000076b91465 2 bytes [B9, 76]
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3616] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155       0000000076b914bb 2 bytes [B9, 76]
.text     ...                                                                                                                                  * 2
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3856] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationThread + 5       000000007715f991 7 bytes {MOV EDX, 0x6cae28; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3856] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadToken + 5            000000007715fbd5 7 bytes {MOV EDX, 0x6cae68; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3856] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcess + 5                000000007715fc05 7 bytes {MOV EDX, 0x6cada8; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3856] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationFile + 5         000000007715fc1d 7 bytes {MOV EDX, 0x6cad28; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3856] C:\Windows\SysWOW64\ntdll.dll!NtMapViewOfSection + 5           000000007715fc35 7 bytes {MOV EDX, 0x6caf28; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3856] C:\Windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection + 5         000000007715fc65 7 bytes {MOV EDX, 0x6caf68; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3856] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess               000000007715fc90 5 bytes JMP 00000001009181e1
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3856] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadTokenEx + 5          000000007715fce5 7 bytes {MOV EDX, 0x6caee8; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3856] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessTokenEx + 5         000000007715fcfd 7 bytes {MOV EDX, 0x6caea8; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3856] C:\Windows\SysWOW64\ntdll.dll!NtOpenFile + 5                   000000007715fd49 7 bytes {MOV EDX, 0x6cac68; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3856] C:\Windows\SysWOW64\ntdll.dll!NtQueryAttributesFile + 5        000000007715fe41 7 bytes {MOV EDX, 0x6caca8; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3856] C:\Windows\SysWOW64\ntdll.dll!NtCreateFile + 5                 0000000077160099 7 bytes {MOV EDX, 0x6cac28; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3856] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessToken + 5           00000000771610a5 7 bytes {MOV EDX, 0x6cade8; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3856] C:\Windows\SysWOW64\ntdll.dll!NtOpenThread + 5                 000000007716111d 7 bytes {MOV EDX, 0x6cad68; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3856] C:\Windows\SysWOW64\ntdll.dll!NtQueryFullAttributesFile + 5    0000000077161321 7 bytes {MOV EDX, 0x6cace8; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3856] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69        0000000076b91465 2 bytes [B9, 76]
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3856] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155       0000000076b914bb 2 bytes [B9, 76]
.text     ...                                                                                                                                  * 2
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3540] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationThread + 5       000000007715f991 7 bytes {MOV EDX, 0xe04a28; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3540] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadToken + 5            000000007715fbd5 7 bytes {MOV EDX, 0xe04a68; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3540] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcess + 5                000000007715fc05 7 bytes {MOV EDX, 0xe049a8; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3540] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationFile + 5         000000007715fc1d 7 bytes {MOV EDX, 0xe04928; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3540] C:\Windows\SysWOW64\ntdll.dll!NtMapViewOfSection + 5           000000007715fc35 7 bytes {MOV EDX, 0xe04b28; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3540] C:\Windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection + 5         000000007715fc65 7 bytes {MOV EDX, 0xe04b68; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3540] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess               000000007715fc90 5 bytes JMP 00000001009181e1
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3540] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadTokenEx + 5          000000007715fce5 7 bytes {MOV EDX, 0xe04ae8; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3540] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessTokenEx + 5         000000007715fcfd 7 bytes {MOV EDX, 0xe04aa8; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3540] C:\Windows\SysWOW64\ntdll.dll!NtOpenFile + 5                   000000007715fd49 7 bytes {MOV EDX, 0xe04868; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3540] C:\Windows\SysWOW64\ntdll.dll!NtQueryAttributesFile + 5        000000007715fe41 7 bytes {MOV EDX, 0xe048a8; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3540] C:\Windows\SysWOW64\ntdll.dll!NtCreateFile + 5                 0000000077160099 7 bytes {MOV EDX, 0xe04828; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3540] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessToken + 5           00000000771610a5 7 bytes {MOV EDX, 0xe049e8; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3540] C:\Windows\SysWOW64\ntdll.dll!NtOpenThread + 5                 000000007716111d 7 bytes {MOV EDX, 0xe04968; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3540] C:\Windows\SysWOW64\ntdll.dll!NtQueryFullAttributesFile + 5    0000000077161321 7 bytes {MOV EDX, 0xe048e8; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3540] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69        0000000076b91465 2 bytes [B9, 76]
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3540] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155       0000000076b914bb 2 bytes [B9, 76]
.text     ...                                                                                                                                  * 2
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[228] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationThread + 5        000000007715f991 7 bytes {MOV EDX, 0x878628; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[228] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadToken + 5             000000007715fbd5 7 bytes {MOV EDX, 0x878668; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[228] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcess + 5                 000000007715fc05 7 bytes {MOV EDX, 0x8785a8; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[228] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationFile + 5          000000007715fc1d 7 bytes {MOV EDX, 0x878528; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[228] C:\Windows\SysWOW64\ntdll.dll!NtMapViewOfSection + 5            000000007715fc35 7 bytes {MOV EDX, 0x878728; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[228] C:\Windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection + 5          000000007715fc65 7 bytes {MOV EDX, 0x878768; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[228] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess                000000007715fc90 5 bytes JMP 00000001009181e1
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[228] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadTokenEx + 5           000000007715fce5 7 bytes {MOV EDX, 0x8786e8; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[228] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessTokenEx + 5          000000007715fcfd 7 bytes {MOV EDX, 0x8786a8; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[228] C:\Windows\SysWOW64\ntdll.dll!NtOpenFile + 5                    000000007715fd49 7 bytes {MOV EDX, 0x878468; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[228] C:\Windows\SysWOW64\ntdll.dll!NtQueryAttributesFile + 5         000000007715fe41 7 bytes {MOV EDX, 0x8784a8; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[228] C:\Windows\SysWOW64\ntdll.dll!NtCreateFile + 5                  0000000077160099 7 bytes {MOV EDX, 0x878428; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[228] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessToken + 5            00000000771610a5 7 bytes {MOV EDX, 0x8785e8; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[228] C:\Windows\SysWOW64\ntdll.dll!NtOpenThread + 5                  000000007716111d 7 bytes {MOV EDX, 0x878568; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[228] C:\Windows\SysWOW64\ntdll.dll!NtQueryFullAttributesFile + 5     0000000077161321 7 bytes {MOV EDX, 0x8784e8; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[228] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69         0000000076b91465 2 bytes [B9, 76]
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[228] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155        0000000076b914bb 2 bytes [B9, 76]
.text     ...                                                                                                                                  * 2
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3016] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationThread + 5       000000007715f991 7 bytes {MOV EDX, 0x9e0228; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3016] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadToken + 5            000000007715fbd5 7 bytes {MOV EDX, 0x9e0268; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3016] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcess + 5                000000007715fc05 7 bytes {MOV EDX, 0x9e01a8; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3016] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationFile + 5         000000007715fc1d 7 bytes {MOV EDX, 0x9e0128; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3016] C:\Windows\SysWOW64\ntdll.dll!NtMapViewOfSection + 5           000000007715fc35 7 bytes {MOV EDX, 0x9e0328; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3016] C:\Windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection + 5         000000007715fc65 7 bytes {MOV EDX, 0x9e0368; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3016] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess               000000007715fc90 5 bytes JMP 00000001009181e1
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3016] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadTokenEx + 5          000000007715fce5 7 bytes {MOV EDX, 0x9e02e8; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3016] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessTokenEx + 5         000000007715fcfd 7 bytes {MOV EDX, 0x9e02a8; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3016] C:\Windows\SysWOW64\ntdll.dll!NtOpenFile + 5                   000000007715fd49 7 bytes {MOV EDX, 0x9e0068; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3016] C:\Windows\SysWOW64\ntdll.dll!NtQueryAttributesFile + 5        000000007715fe41 7 bytes {MOV EDX, 0x9e00a8; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3016] C:\Windows\SysWOW64\ntdll.dll!NtCreateFile + 5                 0000000077160099 7 bytes {MOV EDX, 0x9e0028; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3016] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessToken + 5           00000000771610a5 7 bytes {MOV EDX, 0x9e01e8; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3016] C:\Windows\SysWOW64\ntdll.dll!NtOpenThread + 5                 000000007716111d 7 bytes {MOV EDX, 0x9e0168; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3016] C:\Windows\SysWOW64\ntdll.dll!NtQueryFullAttributesFile + 5    0000000077161321 7 bytes {MOV EDX, 0x9e00e8; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3016] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69        0000000076b91465 2 bytes [B9, 76]
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[3016] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155       0000000076b914bb 2 bytes [B9, 76]
.text     ...                                                                                                                                  * 2
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[4464] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationThread + 5       000000007715f991 7 bytes {MOV EDX, 0x31da28; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[4464] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadToken + 5            000000007715fbd5 7 bytes {MOV EDX, 0x31da68; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[4464] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcess + 5                000000007715fc05 7 bytes {MOV EDX, 0x31d9a8; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[4464] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationFile + 5         000000007715fc1d 7 bytes {MOV EDX, 0x31d928; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[4464] C:\Windows\SysWOW64\ntdll.dll!NtMapViewOfSection + 5           000000007715fc35 7 bytes {MOV EDX, 0x31db28; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[4464] C:\Windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection + 5         000000007715fc65 7 bytes {MOV EDX, 0x31db68; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[4464] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess               000000007715fc90 5 bytes JMP 00000001009181e1
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[4464] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadTokenEx + 5          000000007715fce5 7 bytes {MOV EDX, 0x31dae8; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[4464] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessTokenEx + 5         000000007715fcfd 7 bytes {MOV EDX, 0x31daa8; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[4464] C:\Windows\SysWOW64\ntdll.dll!NtOpenFile + 5                   000000007715fd49 7 bytes {MOV EDX, 0x31d868; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[4464] C:\Windows\SysWOW64\ntdll.dll!NtQueryAttributesFile + 5        000000007715fe41 7 bytes {MOV EDX, 0x31d8a8; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[4464] C:\Windows\SysWOW64\ntdll.dll!NtCreateFile + 5                 0000000077160099 7 bytes {MOV EDX, 0x31d828; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[4464] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessToken + 5           00000000771610a5 7 bytes {MOV EDX, 0x31d9e8; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[4464] C:\Windows\SysWOW64\ntdll.dll!NtOpenThread + 5                 000000007716111d 7 bytes {MOV EDX, 0x31d968; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[4464] C:\Windows\SysWOW64\ntdll.dll!NtQueryFullAttributesFile + 5    0000000077161321 7 bytes {MOV EDX, 0x31d8e8; JMP RDX}
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[4464] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69        0000000076b91465 2 bytes [B9, 76]
.text     C:\Users\Box\AppData\Local\Google\Chrome\Application\chrome.exe[4464] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155       0000000076b914bb 2 bytes [B9, 76]
.text     ...                                                                                                                                  * 2

---- Threads - GMER 2.1 ----

Thread    C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [1576:1604]                          0000000077193e45
Thread    C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [1576:1672]                          0000000076b0f5e1
Thread    C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [1576:1676]                          0000000076b0f5e1
Thread    C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [1576:1688]                          0000000076b0f5e1
Thread    C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [1576:1692]                          0000000076b0f5e1
Thread    C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [1576:1696]                          0000000076b0f5e1
Thread    C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [1576:1700]                          0000000076b0f5e1
Thread    C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [1576:1704]                          0000000076b0f5e1
Thread    C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [1576:1708]                          0000000076b0f5e1
Thread    C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [1576:1712]                          0000000076b0f5e1
Thread    C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [1576:1716]                          0000000076b0f5e1
Thread    C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [1576:1748]                          0000000076b0f5e1
Thread    C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [1576:1752]                          0000000076b0f5e1
Thread    C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [1576:1756]                          0000000077192e25
Thread    C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [1576:1764]                          0000000042cf2820
Thread    C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [1576:1768]                          0000000076b0f5e1
Thread    C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [1576:1772]                          0000000076b0f5e1
Thread    C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [1576:1852]                          0000000076b0f5e1
Thread    C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [1576:1856]                          0000000076b0f5e1
Thread    C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [1576:1860]                          0000000076b0f5e1
Thread    C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [1576:1864]                          0000000076b0f5e1
Thread    C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [1576:1868]                          0000000076b0f5e1
Thread    C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [1576:2748]                          0000000077197111

---- Registry - GMER 2.1 ----

Reg       HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04                                                     
Reg       HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0                                                  1
Reg       HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew                                               0xC3 0x95 0xBC 0xCB ...
Reg       HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC                                                     
Reg       HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                                  0x00 0x00 0x00 0x00 ...
Reg       HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                                  0
Reg       HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                               0xAB 0xCC 0xD8 0x51 ...
Reg       HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)                                 
Reg       HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0                                                      1
Reg       HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew                                                   0xC3 0x95 0xBC 0xCB ...
Reg       HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)                                 
Reg       HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                                      0x00 0x00 0x00 0x00 ...
Reg       HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                                      0
Reg       HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                                   0xAB 0xCC 0xD8 0x51 ...

---- EOF - GMER 2.1 ----


Proszę o pomoc. Zdaję sobie sprawę, że wielkich szkód to to nie wyrządza, ale jest jedna katastrofalna wada, jaka uniemożliwia mi efektywną pracę - mianowicie po włączeniu Chrome wszystkie otwarte karty znikają, a pojawia się ów qvo6...

@edit
Na pierwszy rzut oka zmiana ustawień w Chromie pomogła (nie wyłączałem jeszcze przeglądarki, ale wyszukiwanie omniboksem odbywa się w Google). Ale wiadomo, chcę się wyzbyć tego syfu z kompa, więc proszę Was o pomoc ;)
:O ffs.
Box
~user
 
Posty: 54
Dołączenie: 03 Cze 2008, 18:35


Góra

Uciążliwe wyszukiwarki - qvo6 i govome

Postprzez Box 21 Sie 2013, 13:58

Ktoś coś? Mógłby?
:O ffs.
Box
~user
 
Posty: 54
Dołączenie: 03 Cze 2008, 18:35


Góra

Uciążliwe wyszukiwarki - qvo6 i govome

Postprzez ordynat 21 Sie 2013, 14:51

Do 26 lipca nie miałem dostępu do internetu, więc wtedy nie mogłem pomóc. Teoretycznie wtedy tematem powinien zająć się @Wojtas, ale widocznie przegapił. Ja zaś potem uznałem, że po takim czasie temat już nieaktualny.

1) Użyj >Adw-cleaner (aby pobrać kliknij na dużą zieloną strzałkę po prawej).
Kliknij w nim Usuń
Pokaż raport z niego C:\AdwCleaner[S1].txt

2) Uruchom OTL i w oknie Własne opcje skanowania/Skrypt wklej to:
:OTL
[2013/07/22 15:29:51 | 000,000,000 | ---D | M] -- C:\Users\Box\AppData\Roaming\eIntaller
[2013/07/22 15:29:03 | 000,000,000 | ---D | C] -- C:\Users\Box\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTDownloader.com
[2013/07/22 15:29:31 | 000,000,000 | ---D | C] -- C:\Users\Box\AppData\Local\Cool_Mirage
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.15.2)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O3 - HKU\S-1-5-21-2465420228-375340488-1497802240-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
[2013/07/22 15:29:58 | 000,000,735 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\qvo6.xml
FF - prefs.js..browser.search.selectedEngine: "qvo6"
FF - prefs.js..browser.startup.homepage: "http://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid=ST9500325AS_S2W2DW9EXXXXS2W2DW9E&ts=1374499797"
FF - prefs.js..browser.search.defaultenginename: "qvo6"
FF - prefs.js..browser.search.order.1: "qvo6"
IE - HKU\S-1-5-21-2465420228-375340488-1497802240-1000\..\URLSearchHook: {1c68c940-1b2f-46eb-bd8c-2e1612ff6a58} - No CLSID value found
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\gPotato.eu\Rappelz\GameGuard\dump_wmimmc.sys -- (dump_wmimmc)

:Reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2]
[-HKEY_USERS\S-1-5-21-2465420228-375340488-1497802240-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}]
[HKEY_USERS\S-1-5-21-2465420228-375340488-1497802240-1000\Software\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"=-
[HKEY_USERS\S-1-5-21-2465420228-375340488-1497802240-1000\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
[HKEY_USERS\S-1-5-21-2465420228-375340488-1497802240-1000\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

:Commands
[emptytemp]

Kliknij w Wykonaj Skrypt. Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie.
Następnie uruchom OTL ponownie, tym razem kliknij Skanuj.
Pokaż nowy log OTL.txt oraz raport z usuwania Skryptem.

Napisz, jak oceniasz sytuację.
Ostatnio edytowany przez ordynat, 21 Sie 2013, 15:11, edytowano w sumie 1 raz
ordynat
~user
 
Posty: 4765
Dołączenie: 02 Kwi 2010, 11:18
Pochwały: 866


Góra

Uciążliwe wyszukiwarki - qvo6 i govome

Postprzez apg2312 21 Sie 2013, 14:57

Adwcleaner można pobrać bez problemu u nas:
http://www.programosy.pl/program,adwcleaner.html
Adam

I have no right to ask this of any of you... but will you follow me...one last time ?

QuadCore Intel Core i7-6700K/Asus Z170 Pro Gaming/4x4GB Kingston HyperX Fury Black 2400/Gigabyte RTX 3060 VISION OC 12 GB/SSD Patriot VIPER VPN100 256GB M.2 PCIe x4 NVMe + SSD Plextor M6S 128GB SATA3 + Toshiba P300 1TBB/HL-DT-ST DVDRAM GH24NSB0/Philips 240V5QDSB/OCZ ZS 550W
Awatar użytkownika
apg2312
~user
 
Posty: 1308
Dołączenie: 29 Lip 2008, 20:09
Miejscowość: هورشاو
Pochwały: 85


Góra
Wyślij odpowiedź

Powróć do Bezpieczeństwo

Kto jest na forum

Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 10 gości

Powered by phpBB © Group
Forum Programosy.pl