wklejto.pl

Dodane przez: ~Anonim (2013-01-12 13:07) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
241.
242.
243.
244.
245.
246.
247.
248.
249.
250.
251.
252.
253.
254.
255.
256.
257.
258.
259.
260.
261.
262.
263.
264.
265.
266.
267.
268.
269.
270.
271.
272.
273.
274.
275.
276.
277.
278.
279.
280.
281.
282.
283.
284.
285.
286.
287.
288.
289.
290.
291.
292.
293.
294.
295.
296.
297.
298.
299.
300.
301.
302.
303.
304.
305.
306.
307.
308.
309.
310.
311.
312.
313.
314.
OTL logfile created on: 2013-01-12 12:55:09 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Edek\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
1,97 Gb Total Physical Memory | 1,08 Gb Available Physical Memory | 55,12% Memory free
4,16 Gb Paging File | 3,26 Gb Available in Paging File | 78,26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 71,65 Gb Free Space | 48,07% Space Free | Partition Type: NTFS
Drive D: | 137,33 Gb Total Space | 135,55 Gb Free Space | 98,70% Space Free | Partition Type: NTFS
 
Computer Name: EDEK-PC | User Name: Edek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012-12-13 00:47:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Edek\Desktop\OTL.exe
PRC - [2011-01-20 10:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2009-04-11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009-04-11 07:27:20 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
PRC - [2009-03-18 23:54:58 | 000,154,168 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ASUS CopyProtect\ASPG.exe
PRC - [2008-12-09 23:00:58 | 000,297,528 | ---- | M] (ASUS) -- C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
PRC - [2008-11-27 03:54:00 | 000,211,512 | ---- | M] (ATK) -- C:\Program Files\P4G\BatteryLife.exe
PRC - [2007-11-30 19:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe
PRC - [2007-11-20 13:44:30 | 001,145,400 | ---- | M] (ASUS) -- C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2008-10-30 23:37:04 | 000,015,360 | ---- | M] () -- C:\Program Files\P4G\OvrClk.dll
MOD - [2008-08-20 23:49:56 | 000,016,384 | ---- | M] () -- C:\Program Files\P4G\DevMng.dll
MOD - [2007-11-30 19:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe
MOD - [2007-11-19 13:54:20 | 000,188,416 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\ipswsysmon.dll
MOD - [2007-11-19 11:11:58 | 000,208,896 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\ipswcore.dll
MOD - [2007-09-06 14:05:00 | 000,081,920 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\ipswobj.dll
MOD - [2007-08-02 09:53:06 | 000,053,248 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\ipswresmgr.dll
MOD - [2007-07-24 14:41:10 | 000,049,152 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\ResItf.dll
MOD - [2007-06-19 11:38:08 | 000,208,896 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\ipswui.dll
MOD - [2007-06-15 18:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
MOD - [2007-06-02 01:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
MOD - [2007-05-14 14:07:14 | 000,009,728 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\LogonStartup.dll
MOD - [2007-05-14 11:10:40 | 000,061,440 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\ipswgblset.dll
MOD - [2007-03-10 00:16:52 | 000,106,496 | ---- | M] () -- C:\Program Files\ATKGFNEX\AGFNEX.dll
MOD - [2006-12-09 09:34:36 | 000,139,264 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\ipsw_cfgmgr.dll
MOD - [2006-12-07 09:29:06 | 000,007,168 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\iphelper.dll
MOD - [2006-12-06 16:55:32 | 000,053,248 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\ipswhlp.dll
MOD - [2006-12-06 16:55:22 | 000,086,016 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\ipswds.dll
MOD - [2006-12-06 16:42:26 | 000,094,208 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\cxcmrt.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - [2011-05-30 16:20:59 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010-12-13 00:26:00 | 004,295,152 | ---- | M] (INCA Internet Co., Ltd.) [Disabled | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2008-08-14 04:59:52 | 000,100,920 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2008-06-20 12:08:08 | 000,065,536 | ---- | M] (France Telecom SA) [Disabled | Stopped] -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC)
SRV - [2008-03-31 10:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [Disabled | Stopped] -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
SRV - [2008-01-21 03:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007-08-08 08:08:40 | 000,094,208 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2007-08-03 12:24:54 | 000,125,496 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\ipswuio.sys -- (ipswuio)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | On_Demand | Stopped] -- E:\I386\AsProcOb.sys -- (ASUSProcObsrv)
DRV - [2011-12-22 20:38:16 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2009-10-28 05:05:22 | 000,030,264 | ---- | M] (ASUSTek Computer Inc) [File_System | Boot | Running] -- C:\Windows\System32\drivers\AsDsm.sys -- (AsDsm)
DRV - [2009-09-05 14:25:36 | 001,183,744 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009-08-05 06:18:22 | 000,048,640 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\L1E60x86.sys -- (L1E)
DRV - [2009-04-11 05:45:24 | 000,113,664 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rmcast.sys -- (RMCAST)
DRV - [2009-03-20 07:21:38 | 000,984,064 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2009-01-14 20:51:50 | 000,230,952 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SRS_PremiumSound_i386.sys -- (SRS_PremiumSound_Service)
DRV - [2008-12-24 09:39:44 | 000,014,392 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2008-11-03 08:03:28 | 000,013,880 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2008-08-11 03:14:12 | 001,752,704 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC)
DRV - [2008-05-29 17:21:04 | 000,015,416 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [File_System | Boot | Running] -- C:\Windows\System32\drivers\lullaby.sys -- (lullaby)
DRV - [2008-05-24 01:25:42 | 000,131,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2008-04-07 07:00:46 | 000,006,656 | ---- | M] (Generic) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CRFILTER.sys -- (CRFILTER)
DRV - [2007-08-03 05:26:22 | 000,020,936 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio)
DRV - [2007-07-24 19:09:04 | 000,013,880 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP.sys -- (ASMMAP)
DRV - [2006-11-28 21:46:22 | 000,028,224 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PCAMp50.sys -- (PCAMp50)
DRV - [2006-11-28 21:46:20 | 000,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PCASp50.sys -- (PCASp50)
DRV - [2006-11-02 08:41:49 | 001,010,560 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKLM\..\SearchScopes,DefaultScope = {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Livebox\SearchURLHook\SearchPageURL.dll ()
IE - HKCU\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKCU\..\SearchScopes,DefaultScope = {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Edek\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Edek\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
 
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Edek\AppData\Local\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Edek\AppData\Local\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Edek\AppData\Local\Google\Chrome\Application\23.0.1271.97\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Edek\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.170.4 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll
CHR - plugin: Java(TM) Platform SE 6 U19 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Edek\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - Extension: YouTube = C:\Users\Edek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Adblock Plus = C:\Users\Edek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.3.4_0\
CHR - Extension: Szukaj w Google = C:\Users\Edek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: AT_HatsuneMiku = C:\Users\Edek\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcacbggjcnkdgchjnekppjkkkhlijkdd\2_1\
CHR - Extension: Gmail = C:\Users\Edek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2006-09-18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D494D58C-471B-454C-B3BF-50D4FF8E6144}: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (C:\Users\Edek\AppData\Roaming\skype.dat) - C:\Users\Edek\AppData\Roaming\skype.dat ()
O24 - Desktop WallPaper: C:\Users\Edek\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\Edek\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{55bdf292-2a1e-11e0-b754-0026187e9595}\Shell\AutoRun\command - "" = WScript.exe .\`.vbs
O33 - MountPoints2\{55bdf292-2a1e-11e0-b754-0026187e9595}\Shell\open\Command - "" = WScript.exe .\`.vbs
O33 - MountPoints2\{9d90c123-2b9d-11e0-a3a3-0026187e9595}\Shell - "" = AutoRun
O33 - MountPoints2\{9d90c123-2b9d-11e0-a3a3-0026187e9595}\Shell\AutoRun\command - "" = F:\autorun.exe
O33 - MountPoints2\{ad5f7dc7-c375-11de-937b-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{ad5f7dc7-c375-11de-937b-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\{b962b4da-2cd4-11e1-b695-0026187e9595}\Shell - "" = AutoRun
O33 - MountPoints2\{b962b4da-2cd4-11e1-b695-0026187e9595}\Shell\AutoRun\command - "" = H:\_AUTORUN\AUTORUN.EXE
O33 - MountPoints2\{baf796f1-1cc2-11e0-88f0-d4bb78b584ce}\Shell\AutoRun\command - "" = WScript.exe .\`.vbs
O33 - MountPoints2\{baf796f1-1cc2-11e0-88f0-d4bb78b584ce}\Shell\open\Command - "" = WScript.exe .\`.vbs
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2013-01-12 12:40:49 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Edek\Desktop\OTL.exe
[2013-01-11 23:55:27 | 002,048,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013-01-11 23:54:50 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2012-12-24 06:40:50 | 000,000,000 | ---D | C] -- C:\Users\Edek\Desktop\filmy
[2012-12-22 01:41:52 | 000,293,376 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012-12-22 01:41:52 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012-12-21 18:38:44 | 000,000,000 | ---D | C] -- C:\Users\Edek\AppData\Roaming\LolClient
[2012-12-13 14:49:27 | 000,000,000 | ---D | C] -- C:\Users\Edek\AppData\Roaming\Malwarebytes
[2012-12-13 14:49:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012-12-13 14:49:15 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012-12-13 14:49:15 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011-01-06 14:54:05 | 000,537,944 | ---- | C] (ESTsoft) -- C:\Program Files\update.exe
[2011-01-06 14:54:05 | 000,369,664 | ---- | C] (Firelight Technologies) -- C:\Program Files\fmodexL.dll
[2011-01-06 14:54:05 | 000,299,304 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Program Files\GameGuard.des
[2011-01-06 14:54:05 | 000,094,208 | ---- | C] (ESTsoft Corp.) -- C:\Program Files\KarasX2.dll
[2011-01-06 14:54:04 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Program Files\d3dx9_30.dll
[2011-01-06 14:54:04 | 000,325,632 | ---- | C] (Firelight Technologies) -- C:\Program Files\fmodex.dll
[2011-01-06 14:54:03 | 000,261,976 | ---- | C] (ESTsoft) -- C:\Program Files\cabal.exe
[2011-01-06 14:54:03 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Program Files\atl71.dll
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2013-01-12 12:50:23 | 000,000,004 | ---- | M] () -- C:\Users\Edek\AppData\Roaming\skype.ini
[2013-01-12 12:48:46 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013-01-12 12:48:46 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013-01-12 12:48:44 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2013-01-12 12:48:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-01-12 12:48:36 | 2110,873,600 | -HS- | M] () -- C:\hiberfil.sys
[2013-01-12 12:40:12 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1054008494-2098274162-2727437638-1000UA.job
[2013-01-12 12:31:02 | 000,055,808 | ---- | M] () -- C:\Users\Edek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013-01-12 12:09:18 | 000,001,356 | ---- | M] () -- C:\Users\Edek\AppData\Local\d3d9caps.dat
[2013-01-12 02:08:12 | 000,238,672 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013-01-12 02:04:11 | 000,712,224 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2013-01-12 02:04:11 | 000,632,152 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013-01-12 02:04:11 | 000,150,178 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2013-01-12 02:04:11 | 000,118,778 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012-12-26 20:17:58 | 000,000,556 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Edek.job
[2012-12-26 16:45:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1054008494-2098274162-2727437638-1000Core.job
[2012-12-24 06:52:58 | 000,000,757 | ---- | M] () -- C:\Users\Edek\.recently-used.xbel
[2012-12-20 22:09:49 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012-12-20 22:09:49 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012-12-16 14:12:54 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012-12-16 11:50:29 | 000,293,376 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013-01-12 12:40:29 | 000,856,731 | ---- | C] () -- C:\Users\Edek\Desktop\SecurityCheck.exe
[2013-01-12 12:36:25 | 2110,873,600 | -HS- | C] () -- C:\hiberfil.sys
[2013-01-12 01:38:31 | 000,000,004 | ---- | C] () -- C:\Users\Edek\AppData\Roaming\skype.ini
[2012-12-24 06:52:58 | 000,000,757 | ---- | C] () -- C:\Users\Edek\.recently-used.xbel
[2012-12-12 23:45:32 | 095,023,320 | ---- | C] () -- C:\ProgramData\dsgsdgdsgdsgw.pad
[2012-10-07 17:45:39 | 000,248,262 | ---- | C] () -- C:\Users\Edek\Angel_Beats!_Amp.wsz
[2012-10-07 17:44:28 | 000,165,308 | ---- | C] () -- C:\Users\Edek\Futerayn_Evo.wsz
[2012-10-07 17:43:22 | 000,186,913 | ---- | C] () -- C:\Users\Edek\Quinto.wal
[2012-10-07 17:42:39 | 001,062,513 | ---- | C] () -- C:\Users\Edek\lexicon2.wal
[2012-08-25 23:07:33 | 001,145,382 | ---- | C] () -- C:\Users\Edek\AppData\Local\Tempmusic.ogg
[2012-01-11 15:19:17 | 000,087,552 | ---- | C] () -- C:\Users\Edek\AppData\Roaming\skype.dat
[2011-06-20 16:31:06 | 000,000,127 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2011-01-06 15:55:27 | 000,024,206 | ---- | C] () -- C:\Users\Edek\AppData\Roaming\UserTile.png
[2011-01-06 14:54:05 | 001,377,107 | ---- | C] () -- C:\Program Files\unins001.exe
[2011-01-06 14:54:05 | 000,413,219 | ---- | C] () -- C:\Program Files\unins001.dat
[2011-01-06 14:54:05 | 000,230,816 | ---- | C] () -- C:\Program Files\Uninstall.exe
[2011-01-06 14:54:05 | 000,004,161 | ---- | C] () -- C:\Program Files\xdata.enc
[2011-01-06 14:54:05 | 000,000,221 | ---- | C] () -- C:\Program Files\mainex.dat
[2011-01-06 14:54:05 | 000,000,171 | ---- | C] () -- C:\Program Files\main.dat
[2011-01-06 14:54:04 | 000,000,380 | ---- | C] () -- C:\Program Files\CabalOnlineUK.ini
[2011-01-06 14:54:04 | 000,000,336 | ---- | C] () -- C:\Program Files\cabalmain.RPT
[2011-01-06 14:54:03 | 001,945,176 | ---- | C] () -- C:\Program Files\cabalmain.exe
[2011-01-06 14:54:03 | 001,614,555 | ---- | C] () -- C:\Program Files\unins000.dat
[2011-01-06 14:54:03 | 001,377,109 | ---- | C] () -- C:\Program Files\unins000.exe
[2010-03-30 18:20:18 | 000,002,432 | ---- | C] () -- C:\Users\Edek\AppData\Local\Tempqq1880.html
[2010-03-30 18:20:18 | 000,002,089 | ---- | C] () -- C:\Users\Edek\AppData\Local\TempZE1880.html
[2010-03-30 18:14:40 | 000,000,000 | ---- | C] () -- C:\Users\Edek\AppData\Local\TempwF1552.html
[2010-03-30 18:14:40 | 000,000,000 | ---- | C] () -- C:\Users\Edek\AppData\Local\TempWD1552.html
[2010-03-30 17:38:10 | 000,002,432 | ---- | C] () -- C:\Users\Edek\AppData\Local\TempFk1576.html
[2010-03-30 17:38:10 | 000,002,089 | ---- | C] () -- C:\Users\Edek\AppData\Local\TempKp1576.html
[2010-03-30 17:34:15 | 000,002,432 | ---- | C] () -- C:\Users\Edek\AppData\Local\TempoB2464.html
[2010-03-30 17:34:15 | 000,002,089 | ---- | C] () -- C:\Users\Edek\AppData\Local\TempRr2464.html
[2010-03-22 16:51:45 | 000,000,000 | ---- | C] () -- C:\Users\Edek\AppData\Local\TempvE5364.html
[2010-03-22 16:51:45 | 000,000,000 | ---- | C] () -- C:\Users\Edek\AppData\Local\Temppg5364.html
[2009-12-12 11:33:30 | 000,001,743 | ---- | C] () -- C:\Users\Edek\Counter-Strike.lnk
[2009-11-07 16:16:16 | 000,000,000 | ---- | C] () -- C:\Users\Edek\AppData\Roaming\AVSMediaPlayer.m3u
[2009-11-07 15:57:20 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009-10-27 16:21:01 | 000,055,808 | ---- | C] () -- C:\Users\Edek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-10-27 15:25:19 | 000,000,552 | ---- | C] () -- C:\Users\Edek\AppData\Local\d3d8caps.dat
[2009-10-27 15:13:50 | 000,001,356 | ---- | C] () -- C:\Users\Edek\AppData\Local\d3d9caps.dat
[2008-12-23 21:36:14 | 000,106,496 | ---- | C] () -- C:\Program Files\Common Files\CPInstallAction.dll
[2008-05-22 16:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files\Common Files\banner.jpg
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2006-11-02 13:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009-04-11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-04-11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
< End of report >
 
Wygenerowano w 0.166s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!