wklejto.pl

Dodane przez: ~Anonim (2012-07-28 15:47) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
241.
242.
243.
244.
245.
246.
247.
248.
249.
250.
251.
252.
253.
254.
255.
256.
257.
258.
259.
260.
261.
262.
263.
264.
265.
266.
267.
268.
269.
270.
271.
272.
273.
274.
275.
276.
277.
278.
279.
280.
281.
282.
283.
284.
285.
286.
287.
288.
289.
290.
291.
292.
293.
294.
295.
296.
297.
298.
299.
300.
301.
302.
303.
304.
305.
306.
307.
308.
309.
310.
311.
312.
313.
314.
315.
316.
317.
318.
319.
320.
321.
322.
323.
324.
325.
326.
327.
328.
329.
330.
331.
332.
333.
334.
335.
336.
337.
338.
339.
340.
341.
342.
343.
344.
345.
346.
347.
348.
349.
350.
351.
352.
353.
354.
355.
356.
357.
358.
359.
360.
361.
362.
363.
364.
365.
366.
367.
368.
369.
370.
371.
372.
373.
374.
375.
376.
377.
378.
379.
380.
381.
382.
383.
384.
385.
386.
387.
388.
389.
390.
391.
392.
393.
394.
395.
396.
397.
398.
399.
400.
401.
402.
403.
404.
405.
406.
407.
408.
409.
410.
411.
412.
413.
414.
415.
416.
417.
418.
419.
420.
421.
422.
423.
424.
425.
426.
427.
428.
429.
430.
431.
432.
433.
434.
435.
436.
437.
438.
439.
440.
441.
442.
443.
444.
445.
446.
447.
448.
449.
450.
451.
452.
453.
454.
455.
456.
457.
458.
459.
460.
461.
462.
463.
464.
465.
466.
467.
468.
469.
470.
471.
472.
473.
474.
475.
476.
477.
478.
479.
480.
481.
482.
483.
484.
485.
486.
487.
488.
489.
490.
491.
492.
493.
494.
495.
496.
497.
498.
499.
500.
501.
502.
503.
504.
505.
506.
507.
508.
509.
510.
511.
512.
513.
514.
515.
516.
517.
518.
519.
520.
521.
522.
523.
524.
525.
526.
527.
528.
529.
530.
531.
532.
533.
534.
535.
536.
537.
538.
539.
540.
541.
542.
543.
544.
545.
546.
547.
548.
549.
550.
551.
552.
553.
OTL logfile created on: 2012-07-28 15:41:56 - Run 2
 
OTL by OldTimer - Version 3.2.55.0     Folder = C:\Documents and Settings\PaweB\Pulpit
 
Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
 
Internet Explorer (Version = 8.0.6001.18702)
 
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
 
 
1023,36 Mb Total Physical Memory | 700,46 Mb Available Physical Memory | 68,45% Memory free
 
2,41 Gb Paging File | 2,19 Gb Available in Paging File | 91,10% Paging File free
 
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
 
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
 
Drive C: | 43,65 Gb Total Space | 12,69 Gb Free Space | 29,06% Space Free | Partition Type: NTFS
 
Drive D: | 29,02 Gb Total Space | 28,35 Gb Free Space | 97,70% Space Free | Partition Type: NTFS
 
 
 
Computer Name: ASUS6000 | User Name: PaweB | Logged in as Administrator.
 
Boot Mode: SafeMode with Networking | Scan Mode: All users
 
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
 
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
 
 
PRC - [2012-07-28 08:32:12 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\PaweB\Pulpit\iexplorer.exe
 
PRC - [2008-04-14 19:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
 
 
 
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
 
 
MOD - [2005-11-21 11:51:00 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll
 
 
 
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
 
 
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
 
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
 
SRV - [2012-07-05 18:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Stopped] -- C:\Documents and Settings\All Users\Dane aplikacji\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
 
SRV - [2012-07-03 14:12:34 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
 
 
 
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
 
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
 
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
 
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
 
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
 
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
 
DRV - [2009-10-22 13:54:18 | 000,037,392 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\10487012.sys -- (10487012)
 
DRV - [2009-09-25 17:59:42 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\10487011.sys -- (10487011)
 
DRV - [2007-06-28 11:44:58 | 000,137,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcd.sys -- (nmwcd)
 
DRV - [2007-06-28 11:44:18 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdcm.sys -- (nmwcdcm)
 
DRV - [2007-06-28 11:44:18 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdcj.sys -- (nmwcdcj)
 
DRV - [2007-06-28 11:44:16 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdc.sys -- (nmwcdc)
 
DRV - [2007-03-01 09:17:46 | 000,088,960 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
 
DRV - [2006-11-10 19:23:50 | 000,097,184 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE2Emdm.sys -- (SE2Emdm)
 
DRV - [2006-11-10 19:23:48 | 000,009,360 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE2Emdfl.sys -- (SE2Emdfl)
 
DRV - [2006-11-10 19:23:42 | 000,061,600 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE2Ebus.sys -- (SE2Ebus)
 
DRV - [2006-04-14 14:04:08 | 000,013,568 | ---- | M] (Intel Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
 
DRV - [2006-04-04 04:17:24 | 001,429,632 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51)
 
DRV - [2006-02-08 18:33:34 | 000,062,848 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfhid.sys -- (Tosrfhid)
 
DRV - [2006-02-03 00:16:08 | 000,108,928 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbd.sys -- (Tosrfbd)
 
DRV - [2006-01-31 19:35:28 | 000,039,808 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb)
 
DRV - [2005-12-14 18:07:24 | 000,037,632 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (Tosrfbnp)
 
DRV - [2005-11-24 14:37:36 | 000,047,104 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosporte.sys -- (tosporte)
 
DRV - [2005-11-16 04:08:16 | 000,078,976 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTL8023xp)
 
DRV - [2005-10-03 11:26:36 | 000,720,470 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SynMini.sys -- (SynMini)
 
DRV - [2005-10-03 11:26:14 | 000,008,278 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SynScan.sys -- (SynScan)
 
DRV - [2005-09-08 03:20:52 | 003,959,808 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
 
DRV - [2005-08-01 17:45:08 | 000,064,896 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom)
 
DRV - [2005-07-14 13:14:34 | 000,027,904 | ---- | M] (REDC) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\risdptsk.sys -- (risdptsk)
 
DRV - [2005-07-12 20:00:30 | 000,051,328 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
 
DRV - [2005-05-26 20:19:00 | 000,839,724 | R--- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\smserial.sys -- (smserial)
 
DRV - [2005-02-17 11:07:48 | 000,005,632 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ATKACPI.sys -- (MTsensor)
 
DRV - [2005-01-06 14:42:42 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds)
 
 
 
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
 
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
 
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://bar.playboost.com/
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = 
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
 
 
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com
 
 
 
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com
 
 
 
IE - HKU\S-1-5-21-679588516-3964997941-2716064467-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 
 
IE - HKU\S-1-5-21-679588516-3964997941-2716064467-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
 
IE - HKU\S-1-5-21-679588516-3964997941-2716064467-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/
 
IE - HKU\S-1-5-21-679588516-3964997941-2716064467-1005\..\SearchScopes,DefaultScope = {1E782061-1D4E-4F44-B10C-A12AA90A6791}
 
IE - HKU\S-1-5-21-679588516-3964997941-2716064467-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
 
IE - HKU\S-1-5-21-679588516-3964997941-2716064467-1005\..\SearchScopes\{1E782061-1D4E-4F44-B10C-A12AA90A6791}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADBF
 
IE - HKU\S-1-5-21-679588516-3964997941-2716064467-1005\..\SearchScopes\{5FFC6904-B8D9-43C8-91C8-9C3B50AE6D09}: "URL" = http://bar.playboost.com/toolbar/search?q={searchTerms}&location=2
 
IE - HKU\S-1-5-21-679588516-3964997941-2716064467-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
[color=#E56717]========== FireFox ==========[/color]
 
 
 
FF - prefs.js..browser.startup.homepage: "http://pl.start.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:pl:official"
 
FF - user.js - File not found
 
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
 
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
 
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
 
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
 
FF - HKCU\Software\MozillaPlugins\@powerchallenge.com/PowerLoader: C:\DOCUME~1\PaweB\DANEAP~1\POWERC~1\nppowerloader.dll (Power Challenge Sweden AB)
 
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\PaweB\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
 
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
 
 
 
[2008-09-05 20:29:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\PaweB\Dane aplikacji\Mozilla\Extensions
 
[2008-09-05 19:59:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\PaweB\Dane aplikacji\Mozilla\Firefox\Profiles\1zf3a0tr.default\extensions
 
[2009-09-02 14:56:37 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
 
 
 
O1 HOSTS File: ([2004-08-04 14:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
 
O1 - Hosts: 127.0.0.1       localhost
 
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
 
O2 - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll File not found
 
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
 
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\PaweB\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.)
 
O3 - HKU\S-1-5-21-679588516-3964997941-2716064467-1005\..\Toolbar\WebBrowser: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No CLSID value found.
 
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
 
O4 - HKLM..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe ()
 
O4 - HKLM..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe (Intel Corporation)
 
O4 - HKLM..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe ()
 
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
 
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
 
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
 
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
 
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
 
O4 - HKLM..\Run: [P3000x_S2P] C:\Program Files\DELL\Dell Laser MFP 1600n\PSU\ScanToPc.exe ()
 
O4 - HKLM..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe (ASUSTeK Computer Inc.)
 
O4 - HKLM..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe ()
 
O4 - HKU\S-1-5-21-679588516-3964997941-2716064467-1005..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.)
 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
 
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
 
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
 
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
 
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
 
O7 - HKU\S-1-5-21-679588516-3964997941-2716064467-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
 
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
 
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} http://kitchenplanner.ikea.com/PL/Core/Player/2020PlayerAX_IKEA_Win32.cab (20-20 3D Viewer for IKEA)
 
O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} http://kitchenplanner.ikea.com/PL/Core/Player/2020PlayerAX_Win32.cab (20-20 3D Viewer)
 
O16 - DPF: {1E53EA77-34F2-474E-9046-B2B0C86F1821} http://www.eska.pl/streamplayers/OggX.ocx (OggX Control)
 
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
 
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
 
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
 
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
 
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
 
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
 
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
 
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{48041822-8E7E-4360-A03E-60658B3BEB04}: DhcpNameServer = 192.168.1.1
 
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
 
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
 
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
 
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
 
O24 - Desktop Components:0 (Moja bie|ca strona gBwna) - About:Home
 
O24 - Desktop WallPaper: C:\Documents and Settings\PaweB\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
 
O24 - Desktop BackupWallPaper: C:\Documents and Settings\PaweB\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
 
O32 - HKLM CDRom: AutoRun - 1
 
O33 - MountPoints2\{2af827a8-e979-11df-b36c-0018de78dad4}\Shell\AutoRun\command - "" = F:\9keibj.exe
 
O33 - MountPoints2\{2af827a8-e979-11df-b36c-0018de78dad4}\Shell\open\Command - "" = F:\9keibj.exe
 
O33 - MountPoints2\{3f9a5c94-9521-11dc-a79e-0018de78dad4}\Shell - "" = AutoRun
 
O33 - MountPoints2\{3f9a5c94-9521-11dc-a79e-0018de78dad4}\Shell\AutoRun\command - "" = F:\AutoRun.exe
 
O33 - MountPoints2\{3f9a5c96-9521-11dc-a79e-0018de78dad4}\Shell - "" = AutoRun
 
O33 - MountPoints2\{3f9a5c96-9521-11dc-a79e-0018de78dad4}\Shell\AutoRun\command - "" = F:\AutoRun.exe
 
O33 - MountPoints2\{48e11f78-5802-11dd-a8a6-0018de78dad4}\Shell - "" = AutoRun
 
O33 - MountPoints2\{48e11f78-5802-11dd-a8a6-0018de78dad4}\Shell\AutoRun\command - "" = F:\AutoRun.exe
 
O33 - MountPoints2\{48e11f79-5802-11dd-a8a6-0018de78dad4}\Shell - "" = AutoRun
 
O33 - MountPoints2\{48e11f79-5802-11dd-a8a6-0018de78dad4}\Shell\AutoRun\command - "" = F:\AutoRun.exe
 
O33 - MountPoints2\{b8e7f58e-1506-11dc-a6cf-0018f3725748}\Shell - "" = AutoRun
 
O33 - MountPoints2\{b8e7f58e-1506-11dc-a6cf-0018f3725748}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
 
O33 - MountPoints2\{f8326d08-2245-11dd-a875-0018de78dad4}\Shell - "" = AutoRun
 
O33 - MountPoints2\{f8326d08-2245-11dd-a875-0018de78dad4}\Shell\AutoRun\command - "" = F:\AutoRun.exe
 
O33 - MountPoints2\{f8326d09-2245-11dd-a875-0018de78dad4}\Shell - "" = AutoRun
 
O33 - MountPoints2\{f8326d09-2245-11dd-a875-0018de78dad4}\Shell\AutoRun\command - "" = F:\AutoRun.exe
 
O34 - HKLM BootExecute: (autocheck autochk *)
 
O35 - HKLM\..comfile [open] -- "%1" %*
 
O35 - HKLM\..exefile [open] -- "%1" %*
 
O37 - HKLM\...com [@ = comfile] -- "%1" %*
 
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
 
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
 
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
 
 
[2012-07-28 15:28:20 | 000,000,000 | ---D | C] -- C:\_OTL
 
[2012-07-28 08:32:11 | 000,597,504 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\PaweB\Pulpit\iexplorer.exe
 
[2012-07-28 00:31:33 | 000,315,408 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\1048701.sys
 
[2012-07-28 00:31:33 | 000,128,016 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\10487011.sys
 
[2012-07-28 00:31:33 | 000,037,392 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\10487012.sys
 
[2012-07-22 00:14:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PaweB\Pulpit\Wgry 2012
 
 
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
 
 
[2012-07-28 15:34:09 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
 
[2012-07-28 15:33:46 | 000,002,048 | ---- | M] () -- C:\WINDOWS\bootstat.dat
 
[2012-07-28 15:30:12 | 000,000,462 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{AF781FCA-2032-4A69-9D4B-CE583483280D}.job
 
[2012-07-28 15:05:38 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
 
[2012-07-28 15:05:36 | 000,198,144 | ---- | M] () -- C:\Documents and Settings\PaweB\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
[2012-07-28 13:27:32 | 000,041,156 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
 
[2012-07-28 08:32:12 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\PaweB\Pulpit\iexplorer.exe
 
[2012-07-21 19:54:14 | 000,000,664 | ---- | M] () -- C:\Documents and Settings\PaweB\Ustawienia lokalne\Dane aplikacji\d3d9caps.dat
 
[2012-07-20 19:22:56 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
 
[2012-07-19 23:41:41 | 004,261,231 | ---- | M] () -- C:\Documents and Settings\PaweB\Pulpit\aa 198.jpg
 
[2012-07-19 23:41:38 | 005,042,727 | ---- | M] () -- C:\Documents and Settings\PaweB\Pulpit\aa 194.jpg
 
[2012-07-19 23:40:59 | 004,159,779 | ---- | M] () -- C:\Documents and Settings\PaweB\Pulpit\aa 149.jpg
 
[2012-07-10 08:27:20 | 000,212,537 | ---- | M] () -- C:\Documents and Settings\PaweB\Pulpit\528943330612_faktura.pdf
 
[2012-07-03 09:46:10 | 000,217,636 | ---- | M] () -- C:\Documents and Settings\PaweB\Pulpit\201207021722.jpg
 
[2012-07-03 09:45:53 | 000,191,145 | ---- | M] () -- C:\Documents and Settings\PaweB\Pulpit\201207021721.jpg
 
[2012-07-03 09:45:44 | 000,210,710 | ---- | M] () -- C:\Documents and Settings\PaweB\Pulpit\201207021720.jpg
 
[2012-07-03 09:45:10 | 000,189,213 | ---- | M] () -- C:\Documents and Settings\PaweB\Pulpit\201207021719.jpg
 
 
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
 
 
[2012-07-26 23:02:01 | 000,019,968 | ---- | C] () -- C:\WINDOWS\Installer\{02243dc7-6f49-b3f5-d868-f12b6bcb10ee}\U\800000cb.@
 
[2012-07-26 23:02:01 | 000,013,312 | ---- | C] () -- C:\WINDOWS\Installer\{02243dc7-6f49-b3f5-d868-f12b6bcb10ee}\U\80000000.@
 
[2012-07-26 23:02:01 | 000,001,712 | ---- | C] () -- C:\WINDOWS\Installer\{02243dc7-6f49-b3f5-d868-f12b6bcb10ee}\U\00000001.@
 
[2012-07-22 00:24:13 | 004,159,779 | ---- | C] () -- C:\Documents and Settings\PaweB\Pulpit\aa 149.jpg
 
[2012-07-22 00:23:49 | 004,261,231 | ---- | C] () -- C:\Documents and Settings\PaweB\Pulpit\aa 198.jpg
 
[2012-07-22 00:17:31 | 005,042,727 | ---- | C] () -- C:\Documents and Settings\PaweB\Pulpit\aa 194.jpg
 
[2012-07-10 08:27:19 | 000,212,537 | ---- | C] () -- C:\Documents and Settings\PaweB\Pulpit\528943330612_faktura.pdf
 
[2012-07-03 09:46:00 | 000,217,636 | ---- | C] () -- C:\Documents and Settings\PaweB\Pulpit\201207021722.jpg
 
[2012-07-03 09:45:40 | 000,191,145 | ---- | C] () -- C:\Documents and Settings\PaweB\Pulpit\201207021721.jpg
 
[2012-07-03 09:45:35 | 000,210,710 | ---- | C] () -- C:\Documents and Settings\PaweB\Pulpit\201207021720.jpg
 
[2012-07-03 09:44:56 | 000,189,213 | ---- | C] () -- C:\Documents and Settings\PaweB\Pulpit\201207021719.jpg
 
[2011-04-08 09:51:29 | 000,000,664 | ---- | C] () -- C:\Documents and Settings\PaweB\Ustawienia lokalne\Dane aplikacji\d3d9caps.dat
 
[2011-03-18 21:45:24 | 000,270,296 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
 
[2010-11-05 11:34:30 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\PaweB\Dane aplikacji\completescan
 
[2010-11-05 11:31:04 | 000,000,010 | ---- | C] () -- C:\Documents and Settings\PaweB\Dane aplikacji\install
 
[2006-11-27 15:05:48 | 000,198,144 | ---- | C] () -- C:\Documents and Settings\PaweB\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
[2004-11-24 08:37:38 | 000,002,048 | -HS- | C] () -- C:\WINDOWS\Installer\{02243dc7-6f49-b3f5-d868-f12b6bcb10ee}\@
 
[2004-11-24 08:37:38 | 000,002,048 | -HS- | C] () -- C:\Documents and Settings\PaweB\Ustawienia lokalne\Dane aplikacji\{02243dc7-6f49-b3f5-d868-f12b6bcb10ee}\@
 
 
 
[color=#E56717]========== Custom Scans ==========[/color]
 
 
 
[color=#A23BEC]< HKEY_CURRENT_USER\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} /s >[/color]
 
[HKEY_CURRENT_USER\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32]
 
"ThreadingModel" = Both
 
"" = C:\Documents and Settings\PaweB\Ustawienia lokalne\Dane aplikacji\{02243dc7-6f49-b3f5-d868-f12b6bcb10ee}\n.
 
 
 
[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1} /s >[/color]
 
"" = Microsoft WBEM New Event Subsystem
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InprocServer32]
 
"" = \\.\globalroot\systemroot\Installer\{02243dc7-6f49-b3f5-d868-f12b6bcb10ee}\n.
 
"ThreadingModel" = Both
 
 
 
[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} /s >[/color]
 
"" = MruPidlList
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
"" = %SystemRoot%\system32\shdocvw.dll -- [2008-04-14 19:20:47 | 001,499,136 | ---- | M] (Microsoft Corporation)
 
"ThreadingModel" = Apartment
 
 
 
[color=#A23BEC]<  >[/color]
 
 
 
[color=#A23BEC]< MD5 for: SERVICES.EXE  >[/color]
 
[2009-02-09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=02A467E27AF55F7064C5B251E587315F -- C:\WINDOWS\system32\dllcache\services.exe
 
[2009-02-09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=02A467E27AF55F7064C5B251E587315F -- C:\WINDOWS\system32\services.exe
 
[2004-08-04 14:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=3DA8D964D2CC12EF8E8C342471A37917 -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
 
[2008-04-14 19:21:39 | 000,109,056 | ---- | M] (Microsoft Corporation) MD5=3E3AE424E27C4CEFE4CAB368C7B570EA -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
 
[2008-04-14 19:21:39 | 000,109,056 | ---- | M] (Microsoft Corporation) MD5=3E3AE424E27C4CEFE4CAB368C7B570EA -- C:\WINDOWS\ServicePackFiles\i386\services.exe
 
[2009-02-09 13:19:03 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=8816E60BF654353E8E0D35ED98875445 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
 
 
 
< End of report >
 
 
Wygenerowano w 0.306s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!