wklejto.pl

Dodane przez: ~Anonim (2013-01-12 10:15) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
241.
242.
243.
244.
245.
246.
247.
248.
249.
250.
251.
252.
253.
254.
255.
256.
257.
258.
259.
260.
261.
262.
263.
264.
265.
266.
267.
268.
269.
270.
271.
272.
273.
274.
275.
276.
277.
278.
279.
280.
281.
282.
283.
284.
285.
286.
287.
288.
289.
290.
291.
292.
293.
294.
295.
296.
297.
298.
299.
300.
301.
302.
303.
304.
305.
306.
307.
308.
309.
310.
311.
312.
313.
314.
315.
316.
317.
318.
319.
320.
321.
322.
323.
324.
325.
326.
327.
328.
329.
330.
331.
332.
333.
334.
335.
336.
337.
338.
339.
340.
341.
342.
343.
344.
345.
346.
347.
348.
349.
350.
351.
352.
353.
354.
355.
356.
357.
358.
359.
360.
361.
362.
363.
364.
365.
366.
367.
368.
369.
370.
371.
372.
373.
374.
375.
376.
377.
378.
379.
380.
381.
382.
383.
384.
385.
386.
387.
388.
389.
390.
391.
392.
393.
394.
395.
396.
397.
398.
399.
400.
401.
402.
403.
404.
405.
406.
407.
408.
409.
410.
411.
412.
413.
414.
415.
416.
417.
418.
419.
420.
421.
422.
423.
424.
425.
426.
427.
428.
429.
430.
431.
432.
433.
434.
435.
436.
437.
438.
439.
440.
441.
442.
443.
444.
445.
446.
447.
448.
449.
450.
451.
452.
453.
454.
455.
456.
457.
458.
459.
460.
461.
462.
463.
464.
465.
466.
467.
468.
469.
470.
471.
472.
473.
474.
475.
476.
477.
478.
479.
480.
481.
482.
483.
484.
485.
486.
487.
488.
489.
490.
491.
492.
493.
494.
495.
496.
497.
498.
499.
500.
501.
502.
503.
504.
505.
506.
507.
508.
509.
510.
511.
512.
513.
514.
515.
516.
517.
518.
519.
520.
521.
522.
523.
524.
525.
526.
527.
528.
529.
530.
531.
532.
533.
534.
535.
OTL logfile created on: 2013-01-12 09:56:23 - Run 1
 
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Fabian\Desktop
 
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
 
Internet Explorer (Version = 7.0.6001.18000)
 
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
 
 
2,75 Gb Total Physical Memory | 2,33 Gb Available Physical Memory | 84,60% Memory free
 
5,70 Gb Paging File | 5,45 Gb Available in Paging File | 95,56% Paging File free
 
Paging file location(s): ?:\pagefile.sys [binary data]
 
 
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
 
Drive C: | 77,77 Gb Total Space | 36,36 Gb Free Space | 46,75% Space Free | Partition Type: NTFS
 
Drive D: | 106,68 Gb Total Space | 15,67 Gb Free Space | 14,69% Space Free | Partition Type: NTFS
 
Drive F: | 38,66 Gb Total Space | 38,57 Gb Free Space | 99,77% Space Free | Partition Type: NTFS
 
Drive G: | 1,86 Gb Total Space | 1,53 Gb Free Space | 82,41% Space Free | Partition Type: FAT
 
 
 
Computer Name: FABIAN-PC | User Name: Fabian | Logged in as Administrator.
 
Boot Mode: SafeMode with Networking | Scan Mode: Current user
 
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
 
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
 
 
PRC - [2013-01-12 09:46:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Fabian\Desktop\OTL.exe
 
PRC - [2008-10-29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
 
 
 
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
 
 
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
 
 
SRV - [2012-10-29 15:31:50 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
 
SRV - [2012-01-31 15:09:34 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
 
SRV - [2012-01-04 12:32:36 | 000,718,888 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
 
SRV - [2008-01-21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
 
SRV - [2007-10-03 05:53:00 | 000,094,208 | ---- | M] () [Auto | Stopped] -- C:\Program Files\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
 
SRV - [2007-08-08 08:08:40 | 000,094,208 | ---- | M] () [Auto | Stopped] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
 
SRV - [2007-08-03 20:24:54 | 000,125,496 | ---- | M] () [Auto | Stopped] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)
 
 
 
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
 
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
 
DRV - [2008-08-26 08:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
 
DRV - [2008-07-25 09:30:59 | 007,547,552 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
 
DRV - [2008-07-22 03:21:07 | 000,015,872 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
 
DRV - [2008-07-08 11:32:51 | 001,050,656 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
 
DRV - [2008-06-25 06:05:05 | 000,044,064 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
 
DRV - [2008-06-03 07:41:51 | 000,015,928 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
 
DRV - [2008-04-07 07:00:45 | 000,006,656 | ---- | M] (Generic) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CRFILTER.sys -- (CRFILTER)
 
DRV - [2008-04-06 02:56:08 | 000,908,800 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
 
DRV - [2008-04-01 08:13:57 | 001,807,744 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC)
 
DRV - [2007-08-28 04:53:47 | 001,019,136 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
 
DRV - [2007-08-03 05:26:21 | 000,020,936 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio)
 
DRV - [2007-07-24 19:09:04 | 000,013,880 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Program Files\ATKGFNEX\ASMMAP.sys -- (ASMMAP)
 
DRV - [2006-12-14 08:11:57 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
 
 
 
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
 
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
 
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
 
IE - HKCU\..\SearchScopes,DefaultScope = {CF739809-1C6C-47C0-85B9-569DBB141420}
 
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
IE - HKCU\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = http://toolbar.ask.com/toolbarv/askRedirect?gct=&gc=1&q={searchTerms}&crm=1&toolbar=PD
 
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
[color=#E56717]========== FireFox ==========[/color]
 
 
 
FF - prefs.js..extensions.enabledAddons: 2020Player_IKEA@2020Technologies.com:5.0.94.0
 
FF - prefs.js..extensions.enabledAddons: o2cplayer@eleco.com:2.0.0.65
 
FF - prefs.js..network.proxy.type: 0
 
 
 
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
 
FF - HKLM\Software\MozillaPlugins\@eleco.com/o2cplayer: C:\Program Files\Eleco\o2c Player\npO2CPlayer.DLL (ELECO Software GmbH)
 
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
 
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
 
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
 
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
 
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
 
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
 
 
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-10-29 15:31:51 | 000,000,000 | ---D | M]
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-10-29 15:31:44 | 000,000,000 | ---D | M]
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\te_9.0@nokia.com: C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0 [2012-04-23 14:28:55 | 000,000,000 | ---D | M]
 
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-10-29 15:31:51 | 000,000,000 | ---D | M]
 
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-10-29 15:31:44 | 000,000,000 | ---D | M]
 
 
 
[2011-11-13 21:16:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fabian\AppData\Roaming\mozilla\Extensions
 
[2012-10-23 11:28:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fabian\AppData\Roaming\mozilla\Firefox\Profiles\hcgzbaw2.default\extensions
 
[2012-06-13 19:48:43 | 000,000,000 | ---D | M] (20-20 3D Viewer - IKEA) -- C:\Users\Fabian\AppData\Roaming\mozilla\Firefox\Profiles\hcgzbaw2.default\extensions\2020Player_IKEA@2020Technologies.com
 
[2013-01-12 09:04:56 | 000,000,000 | ---D | M] (O2CPlayer Plugin) -- C:\Users\Fabian\AppData\Roaming\mozilla\Firefox\Profiles\hcgzbaw2.default\extensions\o2cplayer@eleco.com
 
[2012-10-29 15:31:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
 
[2012-10-29 15:31:51 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
 
[2012-03-16 23:08:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
 
[2011-10-26 19:49:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
 
[2012-02-20 07:27:06 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
 
[2012-02-20 07:27:06 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
 
[2012-02-20 07:27:06 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
 
[2012-02-20 07:27:06 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
 
[2012-02-20 07:27:06 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
 
[2012-02-20 07:27:06 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
 
 
 
[color=#E56717]========== Chrome  ==========[/color]
 
 
 
CHR - homepage: http://www.google.com
 
CHR - default_search_provider: Google (Enabled)
 
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
 
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
 
CHR - homepage: http://www.google.com
 
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
 
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
 
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.94\pdf.dll
 
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.94\gcswf32.dll
 
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
 
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
 
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
 
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll
 
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
 
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
 
CHR - plugin: Unity Player (Enabled) = C:\Users\Fabian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
 
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
 
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
 
CHR - plugin: Default Plug-in (Enabled) = default_plugin
 
 
 
O1 HOSTS File: ([2006-09-18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
 
O1 - Hosts: 127.0.0.1       localhost
 
O1 - Hosts: ::1             localhost
 
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
 
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
 
O4 - HKLM..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe ()
 
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS)
 
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ATKOSD2\ATKOSD2.exe ()
 
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
 
O4 - HKLM..\Run: [HControlUser] C:\Program Files\ATK Hotkey\HcontrolUser.exe ()
 
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
 
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
 
O4 - HKLM..\Run: [P2Go_Menu] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
 
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
 
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
 
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
 
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
 
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
 
O4 - HKLM..\Run: [WPCUMI] C:\Windows\System32\wpcumi.exe (Microsoft Corporation)
 
O4 - HKCU..\Run: []  File not found
 
O4 - HKCU..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.)
 
O4 - HKCU..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
 
O4 - HKCU..\Run: [Udfelyp] C:\Users\Fabian\AppData\Roaming\Filam\edyb.exe ()
 
O4 - HKCU..\Run: [WLanConn] C:\Users\Fabian\AppData\Local\Microsoft\Windows\1522\WLanConn.exe (Microsoft Corporation)
 
O4 - Startup: C:\Users\Fabian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk = C:\ProgramData\lsass.exe (Microsoft Corporation)
 
O4 - Startup: C:\Users\Fabian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hello-Net.lnk =  File not found
 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0
 
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
 
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
 
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
 
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
 
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
 
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
 
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
 
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
 
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
 
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
 
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
 
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
 
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
 
O13 - gopher Prefix: missing
 
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
 
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
 
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
 
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
 
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{40C513D4-2557-43AD-BF92-4655B6C51336}: DhcpNameServer = 172.19.1.254 8.8.8.8
 
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
 
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
 
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
 
O24 - Desktop WallPaper: C:\Users\Fabian\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg
 
O24 - Desktop BackupWallPaper: C:\Users\Fabian\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg
 
O32 - HKLM CDRom: AutoRun - 1
 
O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
 
O33 - MountPoints2\{7953fbb0-8d4b-11e1-b636-0023543e339d}\Shell - "" = AutoRun
 
O33 - MountPoints2\{7953fbb0-8d4b-11e1-b636-0023543e339d}\Shell\AutoRun\command - "" = H:\NokiaPCIA_Autorun.exe
 
O34 - HKLM BootExecute: (autocheck autochk *)
 
O35 - HKLM\..comfile [open] -- "%1" %*
 
O35 - HKLM\..exefile [open] -- "%1" %*
 
O37 - HKLM\...com [@ = comfile] -- "%1" %*
 
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
 
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
 
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
 
 
[2013-01-12 09:53:13 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Fabian\Desktop\OTL.exe
 
[2013-01-11 13:41:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Power Data Recovery 6.6
 
[2013-01-11 13:40:59 | 000,000,000 | ---D | C] -- C:\Program Files\PowerDataRecovery
 
[2012-10-26 06:35:52 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\ProgramData\lsass.exe
 
 
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
 
 
[2013-01-12 09:56:20 | 000,671,154 | ---- | M] () -- C:\Windows\System32\perfh015.dat
 
[2013-01-12 09:56:20 | 000,595,386 | ---- | M] () -- C:\Windows\System32\perfh009.dat
 
[2013-01-12 09:56:20 | 000,129,932 | ---- | M] () -- C:\Windows\System32\perfc015.dat
 
[2013-01-12 09:56:20 | 000,103,460 | ---- | M] () -- C:\Windows\System32\perfc009.dat
 
[2013-01-12 09:52:13 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
 
[2013-01-12 09:52:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
 
[2013-01-12 09:46:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Fabian\Desktop\OTL.exe
 
[2013-01-12 09:06:54 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe
 
[2013-01-12 09:06:45 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
 
[2013-01-12 09:06:40 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
 
[2013-01-12 09:06:39 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
 
[2013-01-12 09:06:35 | 000,042,334 | ---- | M] () -- C:\ProgramData\nvModes.001
 
 
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
 
 
[2012-10-26 06:35:56 | 083,023,306 | ---- | C] () -- C:\ProgramData\0tbpw.pad
 
[2012-03-16 23:16:16 | 000,000,640 | RHS- | C] () -- C:\Users\Fabian\ntuser.pol
 
[2012-01-08 21:24:00 | 000,000,000 | ---- | C] () -- C:\Users\Fabian\AppData\Local\{A2297330-8BF3-43D5-9FD9-C18DDF330B1D}
 
[2011-12-03 16:57:03 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
 
[2011-12-03 16:57:02 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
 
[2011-12-03 16:56:57 | 000,755,027 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
 
[2011-12-03 16:56:57 | 000,159,839 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
 
[2011-12-03 16:56:56 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
 
[2011-12-03 16:56:53 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
 
[2011-12-03 16:21:51 | 000,001,356 | ---- | C] () -- C:\Users\Fabian\AppData\Local\d3d9caps.dat
 
[2011-11-19 09:38:29 | 000,018,944 | ---- | C] () -- C:\Users\Fabian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
[2011-11-16 13:56:53 | 000,042,334 | ---- | C] () -- C:\ProgramData\nvModes.001
 
[2011-11-16 13:29:39 | 000,042,334 | ---- | C] () -- C:\ProgramData\nvModes.dat
 
[2011-11-13 07:46:00 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
 
 
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
 
 
[2006-11-02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
 
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
 
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
 
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
"" = %SystemRoot%\system32\shell32.dll -- [2011-01-21 16:46:32 | 011,582,464 | ---- | M] (Microsoft Corporation)
 
"ThreadingModel" = Apartment
 
 
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
 
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009-03-03 05:36:24 | 000,615,424 | ---- | M] (Microsoft Corporation)
 
"ThreadingModel" = Free
 
 
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008-01-21 03:24:03 | 000,347,648 | ---- | M] (Microsoft Corporation)
 
"ThreadingModel" = Both
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
 
 
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:63238B95
 
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:D1B5B4F1
 
 
 
< End of report >
 
 
Wygenerowano w 0.265s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!