wklejto.pl
Dodane przez: ~Anonim (2012-07-08 16:39) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
241.
242.
243.
244.
245.
246.
247.
248.
249.
250.
251.
252.
253.
254.
255.
256.
257.
258.
259.
260.
261.
262.
263.
264.
265.
266.
267.
268.
269.
270.
271.
272.
273.
274.
275.
276.
277.
278.
279.
280.
281.
282.
283.
284.
285.
286.
287.
288.
289.
290.
291.
292.
293.
294.
295.
296.
297.
298.
299.
300.
301.
302.
303.
304.
305.
306.
307.
308.
309.
310.
311.
312.
313.
314.
315.
316.
317.
318.
319.
320.
321.
322.
323.
324.
325.
326.
327.
328.
329.
330.
331.
332.
333.
334.
335.
336.
337.
338.
339.
340.
341.
342.
343.
344.
345.
346.
347.
348.
349.
350.
351.
352.
353.
354.
355.
356.
357.
358.
359.
360.
361.
362.
363.
364.
365.
366.
367.
368.
369.
370.
371.
372.
373.
374.
375.
376.
377.
378.
379.
380.
381.
382.
383.
384.
385.
386.
387.
388.
389.
390.
391.
392.
393.
394.
395.
396.
397.
398.
399.
400.
401.
402.
403.
404.
405.
406.
407.
408.
409.
410.
411.
412.
413.
414.
415.
416.
417.
418.
419.
420.
421.
422.
423.
424.
425.
426.
427.
428.
429.
430.
431.
432.
433.
434.
435.
436.
437.
438.
439.
440.
441.
442.
443.
444.
445.
446.
447.
448.
449.
450.
451.
452.
453.
454.
455.
456.
457.
458.
459.
460.
461.
462.
463.
464.
465.
466.
467.
468.
469.
470.
471.
472.
473.
474.
475.
476.
477.
478.
479.
480.
481.
482.
483.
484.
485.
486.
487.
488.
489.
ÿþOTL logfile created on: 2012-07-08 16:11:19 - Run 1
 
OTL by OldTimer - Version 3.2.53.1     Folder = C:\Users\Tomek\Desktop
 
 Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
 
Internet Explorer (Version = 8.0.7600.16385)
 
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
 
 
1,75 Gb Total Physical Memory | 1,04 Gb Available Physical Memory | 59,72% Memory free
 
3,50 Gb Paging File | 2,71 Gb Available in Paging File | 77,34% Paging File free
 
Paging file location(s): ?:\pagefile.sys [binary data]
 
 
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
 
Drive C: | 465,64 Gb Total Space | 386,03 Gb Free Space | 82,90% Space Free | Partition Type: NTFS
 
 
 
Computer Name: TOMEK-KOMPUTER | User Name: Tomek | Logged in as Administrator.
 
Boot Mode: Normal | Scan Mode: Current user
 
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
 
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
 
 
PRC - [2012-07-06 22:29:55 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Tomek\Desktop\OTL.exe
 
PRC - [2012-04-04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
 
PRC - [2012-04-04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
 
PRC - [2011-09-24 11:41:33 | 003,495,256 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\Setup\avast.setup
 
PRC - [2011-04-07 19:39:34 | 002,155,008 | ---- | M] (www.gmailnotifier.com) -- C:\Program Files\Gmail Notifier\Gmail Notifier.exe
 
PRC - [2011-02-23 17:04:20 | 003,451,496 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
 
PRC - [2011-02-23 17:04:19 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
 
PRC - [2011-01-07 22:06:12 | 000,803,432 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
 
PRC - [2011-01-07 20:48:56 | 000,378,984 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
 
PRC - [2010-01-15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
 
PRC - [2009-10-16 21:43:28 | 001,021,424 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\HotkeyService\HotkeyService.exe
 
PRC - [2009-09-11 11:41:02 | 000,100,328 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe
 
PRC - [2009-08-18 17:35:56 | 000,219,136 | ---- | M] () -- C:\Windows\System32\AsusService.exe
 
PRC - [2009-07-14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
 
PRC - [2009-07-14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
 
PRC - [2009-07-14 03:14:12 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
 
 
 
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
 
 
MOD - [2010-03-15 12:28:22 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
 
 
 
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
 
 
SRV - [2012-06-20 14:43:59 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
 
SRV - [2012-04-04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
 
SRV - [2012-01-31 16:09:34 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
 
SRV - [2011-02-23 17:04:19 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
 
SRV - [2011-01-07 20:48:56 | 000,378,984 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
 
SRV - [2010-01-15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
 
SRV - [2009-08-18 17:35:56 | 000,219,136 | ---- | M] () [Auto | Running] -- C:\Windows\System32\AsusService.exe -- (AsusService)
 
SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
 
SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
 
 
 
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
 
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_jubusenum.sys -- (huawei_enumerator)
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbnet.sys -- (ewusbnet)
 
DRV - [2012-04-04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
 
DRV - [2011-02-23 16:56:55 | 000,371,544 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
 
DRV - [2011-02-23 16:56:45 | 000,301,528 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
 
DRV - [2011-02-23 16:55:49 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
 
DRV - [2011-02-23 16:55:10 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
 
DRV - [2011-02-23 16:55:03 | 000,053,592 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
 
DRV - [2011-02-23 16:54:55 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
 
DRV - [2011-01-08 05:27:00 | 010,467,656 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
 
DRV - [2010-11-12 01:10:50 | 000,122,984 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
 
DRV - [2010-04-12 10:44:34 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
 
DRV - [2009-07-14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
 
DRV - [2009-07-14 00:02:47 | 000,050,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20)
 
DRV - [2009-07-14 00:02:46 | 001,096,704 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
 
DRV - [2009-06-29 09:36:36 | 000,017,920 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
 
 
 
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
 
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
 
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://vshare.toolbarhome.com/?hp=df
 
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
 
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
[color=#E56717]========== FireFox ==========[/color]
 
 
 
FF - prefs.js..browser.search.defaultenginename: "Web Search..."
 
FF - prefs.js..browser.search.useDBForOrder: true
 
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
 
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.9
 
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
 
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}:6.0.30
 
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.9.0.9216
 
FF - prefs.js..network.proxy.backup.ftp: "w3cache.sgh.waw.pl"
 
FF - prefs.js..network.proxy.backup.ftp_port: 8080
 
FF - prefs.js..network.proxy.backup.gopher: "w3cache.sgh.waw.pl"
 
FF - prefs.js..network.proxy.backup.gopher_port: 8080
 
FF - prefs.js..network.proxy.backup.socks: "w3cache.sgh.waw.pl"
 
FF - prefs.js..network.proxy.backup.socks_port: 8080
 
FF - prefs.js..network.proxy.backup.ssl: "w3cache.sgh.waw.pl"
 
FF - prefs.js..network.proxy.backup.ssl_port: 8080
 
FF - prefs.js..network.proxy.ftp: "w3cache.sgh.waw.pl"
 
FF - prefs.js..network.proxy.ftp_port: 8080
 
FF - prefs.js..network.proxy.gopher: "w3cache.sgh.waw.pl"
 
FF - prefs.js..network.proxy.gopher_port: 8080
 
FF - prefs.js..network.proxy.http: "w3cache.sgh.waw.pl"
 
FF - prefs.js..network.proxy.http_port: 8080
 
FF - prefs.js..network.proxy.share_proxy_settings: true
 
FF - prefs.js..network.proxy.socks: "w3cache.sgh.waw.pl"
 
FF - prefs.js..network.proxy.socks_port: 8080
 
FF - prefs.js..network.proxy.ssl: "w3cache.sgh.waw.pl"
 
FF - prefs.js..network.proxy.ssl_port: 8080
 
FF - prefs.js..network.proxy.type: 0
 
FF - user.js - File not found
 
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
 
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
 
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
 
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
 
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
 
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
 
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
 
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
 
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
 
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
 
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
 
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Tomek\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
 
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-06-20 14:44:03 | 000,000,000 | ---D | M]
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-05-23 10:02:08 | 000,000,000 | ---D | M]
 
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-06-20 14:44:03 | 000,000,000 | ---D | M]
 
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-05-23 10:02:08 | 000,000,000 | ---D | M]
 
 
 
[2011-03-12 11:39:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tomek\AppData\Roaming\mozilla\Extensions
 
[2012-07-04 12:22:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tomek\AppData\Roaming\mozilla\Firefox\Profiles\j9akfkur.default\extensions
 
[2012-06-21 09:52:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
 
[2012-02-19 00:15:30 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
 
[2012-06-20 14:44:02 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
 
[2011-10-03 11:14:54 | 000,083,456 | ---- | M] (vShare.tv ) -- C:\Program Files\mozilla firefox\plugins\npvsharetvplg.dll
 
[2012-06-20 14:43:53 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
 
[2012-06-20 14:43:53 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
 
[2012-06-20 14:43:53 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
 
[2012-06-20 14:43:53 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
 
[2012-06-20 14:43:53 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
 
[2012-06-20 14:43:53 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
 
 
 
O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
 
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
 
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
 
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
 
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
 
O4 - HKLM..\Run: [HotkeyMon] C:\Windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
 
O4 - HKLM..\Run: [HotkeyService] C:\Windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
 
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
 
O4 - HKLM..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated)
 
O4 - HKCU..\Run: [Gmail Notifier.exe] C:\Program Files\Gmail Notifier\Gmail Notifier.exe (www.gmailnotifier.com)
 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
 
O9 - Extra Button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files\PokerStars.EU\PokerStarsUpdate.exe (PokerStars)
 
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
 
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
 
O13 - gopher Prefix: missing
 
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
 
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
 
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
 
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
 
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
 
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{520F130F-464C-48BC-930D-76A5957C59B9}: DhcpNameServer = 62.179.1.63 62.179.1.62
 
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7E73C999-8206-4A41-9394-445597AB762E}: DhcpNameServer = 192.168.2.1
 
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
 
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
 
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
 
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
 
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
 
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
 
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
 
O32 - HKLM CDRom: AutoRun - 1
 
O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
 
O33 - MountPoints2\{8bed6a72-3857-11e1-a324-bcaec54f0194}\Shell - "" = AutoRun
 
O33 - MountPoints2\{8bed6a72-3857-11e1-a324-bcaec54f0194}\Shell\AutoRun\command - "" = D:\AutoRun.exe
 
O33 - MountPoints2\{8bed6a7f-3857-11e1-a324-bcaec54f0194}\Shell - "" = AutoRun
 
O33 - MountPoints2\{8bed6a7f-3857-11e1-a324-bcaec54f0194}\Shell\AutoRun\command - "" = D:\AutoRun.exe
 
O33 - MountPoints2\{a8ab0d05-7f8f-11e0-8a62-bcaec54f0194}\Shell - "" = AutoRun
 
O33 - MountPoints2\{a8ab0d05-7f8f-11e0-8a62-bcaec54f0194}\Shell\AutoRun\command - "" = D:\LaunchU3.exe -a
 
O33 - MountPoints2\D\Shell - "" = AutoRun
 
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\AutoRun.exe
 
O34 - HKLM BootExecute: (autocheck autochk *)
 
O35 - HKLM\..comfile [open] -- "%1" %*
 
O35 - HKLM\..exefile [open] -- "%1" %*
 
O37 - HKLM\...com [@ = comfile] -- "%1" %*
 
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
 
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
 
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
 
 
[2012-07-08 16:06:15 | 000,000,000 | ---D | C] -- C:\_OTL
 
[2012-07-06 23:30:56 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\Malwarebytes
 
[2012-07-06 23:30:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
 
[2012-07-06 23:30:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
 
[2012-07-06 23:30:47 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
 
[2012-07-06 23:30:47 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
 
[2012-07-06 22:29:49 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Tomek\Desktop\OTL.exe
 
[2012-07-03 19:07:56 | 067,472,212 | ---- | C] (Research In Motion Ltd.                                   ) -- C:\Users\Tomek\Desktop\8520wifiM_PBr5.0.0_rel1385_PL5.2.0.76_A5.0.0.822_AT_amp_T.exe
 
[2012-06-28 16:40:05 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\Real
 
 
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
 
 
[2012-07-08 16:08:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
 
[2012-07-08 16:08:09 | 1408,638,976 | -HS- | M] () -- C:\hiberfil.sys
 
[2012-07-06 23:30:49 | 000,001,027 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
 
[2012-07-06 22:29:55 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Tomek\Desktop\OTL.exe
 
[2012-07-06 20:08:01 | 000,013,776 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
 
[2012-07-06 20:08:01 | 000,013,776 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
 
[2012-07-03 19:16:14 | 067,472,212 | ---- | M] (Research In Motion Ltd.                                   ) -- C:\Users\Tomek\Desktop\8520wifiM_PBr5.0.0_rel1385_PL5.2.0.76_A5.0.0.822_AT_amp_T.exe
 
[2012-06-29 21:21:22 | 000,687,828 | ---- | M] () -- C:\Windows\System32\perfh015.dat
 
[2012-06-29 21:21:22 | 000,607,190 | ---- | M] () -- C:\Windows\System32\perfh009.dat
 
[2012-06-29 21:21:22 | 000,131,382 | ---- | M] () -- C:\Windows\System32\perfc015.dat
 
[2012-06-29 21:21:22 | 000,103,568 | ---- | M] () -- C:\Windows\System32\perfc009.dat
 
 
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
 
 
[2012-07-06 23:30:49 | 000,001,027 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
 
[2011-07-16 22:53:33 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
 
[2011-07-16 22:53:33 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
 
[2011-07-16 22:53:19 | 000,644,608 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
 
[2011-07-16 22:53:19 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
 
[2011-07-16 22:53:18 | 000,073,216 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
 
[2011-04-02 10:30:30 | 002,169,856 | -HS- | C] () -- C:\Windows\System32\hale.exe
 
[2011-04-02 09:55:04 | 000,021,864 | ---- | C] () -- C:\Windows\AsAcpiSvrLang.ini
 
[2011-04-02 09:55:03 | 000,219,136 | ---- | C] () -- C:\Windows\System32\AsusService.exe
 
[2011-03-20 15:56:17 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
 
[2011-03-19 17:01:03 | 000,005,120 | ---- | C] () -- C:\Users\Tomek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
[2011-03-17 16:12:55 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
 
 
 
< End of report >
 
 
Wygenerowano w 0.273s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!

Copyright © 2007 - 2010 wklejto.pl Wszelkie prawa zastrzezone