wklejto.pl

Dodane przez: ~Anonim (2013-12-21 09:50) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
241.
242.
243.
244.
245.
246.
247.
248.
249.
250.
251.
252.
253.
254.
255.
256.
257.
258.
259.
260.
261.
262.
263.
264.
265.
266.
267.
268.
269.
270.
271.
272.
273.
274.
275.
276.
277.
278.
279.
280.
281.
282.
283.
284.
285.
286.
287.
288.
289.
290.
291.
292.
293.
294.
295.
296.
297.
298.
299.
300.
301.
302.
303.
304.
305.
306.
307.
308.
309.
310.
311.
312.
313.
314.
315.
316.
317.
318.
319.
320.
321.
322.
323.
324.
325.
326.
327.
328.
329.
330.
331.
332.
333.
334.
335.
336.
337.
338.
339.
340.
341.
342.
343.
344.
345.
346.
347.
348.
349.
350.
351.
352.
353.
354.
355.
356.
357.
358.
359.
360.
361.
362.
363.
364.
365.
366.
367.
368.
369.
370.
371.
372.
373.
374.
375.
376.
377.
378.
379.
380.
381.
382.
383.
384.
385.
386.
387.
388.
389.
390.
391.
392.
393.
394.
395.
396.
397.
398.
399.
400.
401.
402.
403.
404.
405.
406.
407.
408.
409.
410.
411.
412.
413.
414.
415.
416.
417.
418.
419.
420.
421.
422.
423.
424.
425.
426.
427.
428.
429.
430.
431.
432.
433.
434.
435.
436.
437.
438.
439.
440.
441.
442.
443.
444.
445.
446.
447.
448.
449.
450.
451.
452.
453.
454.
455.
456.
457.
458.
459.
460.
461.
462.
463.
464.
465.
466.
467.
468.
469.
470.
471.
472.
473.
474.
475.
476.
477.
478.
479.
480.
481.
482.
483.
484.
485.
486.
487.
488.
489.
490.
491.
492.
493.
494.
495.
496.
497.
498.
499.
500.
501.
502.
503.
504.
505.
506.
507.
508.
509.
510.
511.
512.
513.
514.
515.
516.
517.
518.
519.
520.
521.
522.
523.
524.
525.
526.
527.
528.
529.
530.
531.
532.
533.
534.
535.
536.
537.
538.
539.
540.
541.
542.
543.
544.
545.
546.
547.
548.
549.
550.
551.
552.
553.
554.
555.
556.
557.
558.
559.
560.
561.
562.
563.
564.
565.
566.
567.
568.
569.
570.
571.
572.
573.
574.
575.
OTL logfile created on: 2013-12-21 09:42:58 - Run 1
 
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\admin\Desktop
 
 Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
 
Internet Explorer (Version = 8.0.7600.16385)
 
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
 
 
3,00 Gb Total Physical Memory | 2,43 Gb Available Physical Memory | 81,27% Memory free
 
5,99 Gb Paging File | 5,39 Gb Available in Paging File | 89,95% Paging File free
 
Paging file location(s): ?:\pagefile.sys [binary data]
 
 
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
 
Drive C: | 48,73 Gb Total Space | 24,11 Gb Free Space | 49,48% Space Free | Partition Type: NTFS
 
Drive D: | 122,58 Gb Total Space | 44,66 Gb Free Space | 36,44% Space Free | Partition Type: NTFS
 
Drive E: | 126,68 Gb Total Space | 36,55 Gb Free Space | 28,85% Space Free | Partition Type: NTFS
 
Drive G: | 975,30 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
 
 
Computer Name: KOMPUTER | User Name: admin | Logged in as Administrator.
 
Boot Mode: Normal | Scan Mode: All users
 
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
 
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
 
 
PRC - [2013-12-21 09:27:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\admin\Desktop\OTL.exe
 
PRC - [2013-11-07 03:47:00 | 001,972,304 | ---- | M] () -- C:\Users\admin\AppData\Roaming\Opencl\taskmrg.exe
 
PRC - [2010-03-10 14:44:56 | 000,496,184 | ---- | M] (Conexant Systems, Inc.) -- C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe
 
PRC - [2009-07-14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
 
PRC - [2009-07-14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
 
PRC - [2009-07-14 02:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
 
PRC - [2009-07-14 02:14:12 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
 
 
 
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
 
 
MOD - [2013-11-07 03:47:00 | 001,972,304 | ---- | M] () -- C:\Users\admin\AppData\Roaming\Opencl\taskmrg.exe
 
MOD - [2013-11-07 03:47:00 | 000,599,040 | ---- | M] () -- C:\Users\admin\AppData\Roaming\Opencl\backtrace.dll
 
MOD - [2013-11-07 03:47:00 | 000,369,664 | ---- | M] () -- C:\Users\admin\AppData\Roaming\Opencl\libcurl-4.dll
 
MOD - [2013-11-07 03:47:00 | 000,314,368 | ---- | M] () -- C:\Users\admin\AppData\Roaming\Opencl\libevent-2-0-5.dll
 
MOD - [2013-11-07 03:47:00 | 000,132,096 | ---- | M] () -- C:\Users\admin\AppData\Roaming\Opencl\libplibc-1.dll
 
MOD - [2013-11-07 03:47:00 | 000,109,568 | ---- | M] () -- C:\Users\admin\AppData\Roaming\Opencl\zlib1.dll
 
MOD - [2013-11-07 03:47:00 | 000,102,912 | ---- | M] () -- C:\Users\admin\AppData\Roaming\Opencl\pdcurses.dll
 
MOD - [2013-11-07 03:47:00 | 000,082,944 | ---- | M] () -- C:\Users\admin\AppData\Roaming\Opencl\libmicrohttpd-10.dll
 
MOD - [2013-11-07 03:47:00 | 000,052,736 | ---- | M] () -- C:\Users\admin\AppData\Roaming\Opencl\libjansson-4.dll
 
MOD - [2013-11-07 03:47:00 | 000,043,854 | ---- | M] () -- C:\Users\admin\AppData\Roaming\Opencl\libblkmaker-0.1-0.dll
 
MOD - [2013-11-07 03:47:00 | 000,038,190 | ---- | M] () -- C:\Users\admin\AppData\Roaming\Opencl\libblkmaker_jansson-0.1-0.dll
 
MOD - [2010-01-30 01:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
 
 
 
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
 
 
SRV - [2013-09-05 10:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
 
SRV - [2013-05-11 11:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
 
SRV - [2010-03-25 09:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
 
SRV - [2009-07-14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
 
SRV - [2009-07-14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
 
 
 
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
 
 
DRV - [2013-10-25 17:51:33 | 000,025,200 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
 
DRV - [2013-10-25 17:51:33 | 000,012,400 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
 
DRV - [2013-05-22 17:57:08 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
 
DRV - [2013-05-22 17:45:15 | 000,278,984 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
 
DRV - [2013-05-22 17:45:14 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
 
DRV - [2010-03-05 10:11:02 | 000,516,152 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDMI32.sys -- (CnxtHdmiAudService)
 
DRV - [2010-01-18 16:45:00 | 000,514,104 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
 
DRV - [2009-07-14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
 
DRV - [2009-07-13 23:09:17 | 004,194,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
 
DRV - [2009-06-22 16:04:58 | 000,024,064 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PGEffect.sys -- (PGEffect)
 
DRV - [2009-03-18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
 
 
 
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
 
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
 
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
 
 
 
 
IE - HKU\S-1-5-21-1453008563-1213926837-3640022738-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 
IE - HKU\S-1-5-21-1453008563-1213926837-3640022738-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
 
IE - HKU\S-1-5-21-1453008563-1213926837-3640022738-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
 
 
[color=#E56717]========== FireFox ==========[/color]
 
 
 
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
 
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
 
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
 
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
 
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
 
FF - HKLM\Software\MozillaPlugins\@t.garena.com/garenatalk: C:\Program Files\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
 
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
 
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\12x3q4@3244516.com: C:\Program Files\Better-Surf\ff [2013-12-01 01:03:28 | 000,000,000 | ---D | M]
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ext@WebexpEnhancedV1alpha755.net: C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha755\ff [2013-12-20 18:08:23 | 000,000,000 | ---D | M]
 
 
 
File not found (No name found) -- C:\PROGRAM FILES\BETTERSURF\BETTERSURFPLUS\FF
 
[2013-12-20 18:08:23 | 000,000,000 | ---D | M] (Webexp Enhanced) -- C:\PROGRAM FILES\WEBEXPENHANCEDV1\WEBEXPENHANCEDV1ALPHA755\FF
 
 
 
[color=#E56717]========== Chrome  ==========[/color]
 
 
 
CHR - default_search_provider: Google (Enabled)
 
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
 
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
 
CHR - homepage: http://www.google.com/
 
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll
 
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
 
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll
 
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.101\pdf.dll
 
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll
 
CHR - Extension: Dokumenty Google = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
 
CHR - Extension: Dysk Google = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
 
CHR - Extension: YouTube = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
 
CHR - Extension: Szukaj w Google = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
 
CHR - Extension: AdBlock = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.10_0\
 
CHR - Extension: AdBlock = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.11_0\
 
CHR - Extension: AdBlock = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\
 
CHR - Extension: AdBlock = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.14_0\
 
CHR - Extension: AdBlock = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0\
 
CHR - Extension: AdBlock = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.2_0\
 
CHR - Extension: AdBlock = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.6_0\
 
CHR - Extension: AdBlock = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.7_0\
 
CHR - Extension: AdBlock = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.8_0\
 
CHR - Extension: Webexp Enhanced = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\inbpmopedlccplcggabonkeneobpphhm\1.1_0\
 
CHR - Extension: Google Wallet = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\
 
CHR - Extension: Google Wallet = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_1\
 
CHR - Extension: Google Wallet = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
 
CHR - Extension: Google Wallet = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
 
CHR - Extension: Google Wallet = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
 
CHR - Extension: Marc Ecko = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\opjonmehjfmkejjifhhknofdnacklmjk\2_0\
 
CHR - Extension: Gmail = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
 
 
O1 HOSTS File: ([2009-06-10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
 
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
 
O2 - BHO: (Better-Surf) - {8271B5D6-76D3-4ABF-AEB3-1721161C76BC} - C:\Program Files\Better-Surf\ie\BetterSrf.dll ()
 
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
 
O2 - BHO: (Webexp Enhanced) - {de1de5b5-fdc2-4950-a66f-34679ab419a2} - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha755\ie\WebexpEnhancedV1alpha755.dll ()
 
O4 - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe (Conexant Systems, Inc.)
 
O4 - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
 
O4 - HKLM..\Run: [TWebCamera] C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
 
O4 - HKU\S-1-5-21-1453008563-1213926837-3640022738-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
 
O4 - HKU\S-1-5-21-1453008563-1213926837-3640022738-1000..\Run: [Opencl] C:\Users\admin\AppData\Roaming\Opencl\nircmd.exe (NirSoft)
 
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
 
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
 
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
 
O8 - Extra context menu item: Wy[lij &do programu OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
 
O13 - gopher Prefix: missing
 
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
 
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
 
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F906A0F1-712A-4AC6-8BC6-ED4FC9F60EFE}: DhcpNameServer = 192.168.0.1
 
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
 
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
 
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
 
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
 
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
 
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
 
O32 - HKLM CDRom: AutoRun - 1
 
O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
 
O32 - AutoRun File - [2011-01-25 18:01:20 | 000,000,058 | R--- | M] () - G:\autorun.inf -- [ CDFS ]
 
O33 - MountPoints2\{b358febe-c2f2-11e2-b634-f5fbab2d77c8}\Shell - "" = AutoRun
 
O33 - MountPoints2\{b358febe-c2f2-11e2-b634-f5fbab2d77c8}\Shell\AutoRun\command - "" = G:\Setup.exe -- [2011-01-25 18:01:20 | 000,651,283 | R--- | M] (Paradox Interactive                                         )
 
O33 - MountPoints2\F\Shell - "" = AutoRun
 
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\setup.exe
 
O33 - MountPoints2\G\Shell - "" = AutoRun
 
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\Setup.exe -- [2011-01-25 18:01:20 | 000,651,283 | R--- | M] (Paradox Interactive                                         )
 
O34 - HKLM BootExecute: (autocheck autochk *)
 
O35 - HKLM\..comfile [open] -- "%1" %*
 
O35 - HKLM\..exefile [open] -- "%1" %*
 
O37 - HKLM\...com [@ = comfile] -- "%1" %*
 
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
 
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
 
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
 
 
[2013-12-21 09:27:07 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\admin\Desktop\OTL.exe
 
[2013-12-20 18:08:23 | 000,000,000 | ---D | C] -- C:\Program Files\WebexpEnhancedV1
 
[2013-12-19 18:45:29 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft XNA
 
[2013-12-19 18:42:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paradox Interactive
 
[2013-12-15 13:41:07 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Factorio
 
[2013-12-14 20:38:41 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bioware
 
[2013-12-14 17:47:28 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\Steam
 
[2013-12-14 17:44:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disciples Reincarnation
 
[2013-12-09 23:06:06 | 000,000,000 | ---D | C] -- C:\Users\admin\Documents\YoungJustice
 
[2013-12-09 22:47:23 | 000,000,000 | ---D | C] -- C:\Program Files\BetterSurf
 
[2013-12-08 18:57:13 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\uTorrent
 
[2013-12-01 01:03:28 | 000,000,000 | ---D | C] -- C:\Program Files\Better-Surf
 
[2013-11-28 16:36:07 | 000,000,000 | ---D | C] -- C:\Users\admin\Desktop\Puyta
 
[2013-11-28 16:05:46 | 000,000,000 | ---D | C] -- C:\Windows\Sun
 
 
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
 
 
[2013-12-21 09:27:55 | 000,743,280 | ---- | M] () -- C:\Windows\System32\perfh015.dat
 
[2013-12-21 09:27:55 | 000,656,628 | ---- | M] () -- C:\Windows\System32\perfh009.dat
 
[2013-12-21 09:27:55 | 000,156,730 | ---- | M] () -- C:\Windows\System32\perfc015.dat
 
[2013-12-21 09:27:55 | 000,122,440 | ---- | M] () -- C:\Windows\System32\perfc009.dat
 
[2013-12-21 09:27:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\admin\Desktop\OTL.exe
 
[2013-12-21 09:23:47 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\AmiUpdXp.job
 
[2013-12-21 09:23:46 | 000,001,030 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
 
[2013-12-21 09:23:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
 
[2013-12-21 09:23:30 | 2411,905,024 | -HS- | M] () -- C:\hiberfil.sys
 
[2013-12-20 18:56:18 | 000,009,584 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
 
[2013-12-20 18:56:18 | 000,009,584 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
 
[2013-12-20 18:56:00 | 000,000,290 | ---- | M] () -- C:\Windows\tasks\Dealply.job
 
[2013-12-20 18:20:00 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
 
[2013-12-20 18:09:07 | 000,000,149 | ---- | M] () -- C:\extensions.ini
 
[2013-12-19 08:56:01 | 000,000,030 | ---- | M] () -- C:\Users\admin\AppData\Roaming\WB.CFG
 
[2013-12-14 20:38:50 | 000,000,709 | ---- | M] () -- C:\Users\admin\Desktop\Baldur's Gate.lnk
 
[2013-12-08 18:58:56 | 000,000,813 | ---- | M] () -- C:\Users\admin\Desktop\Torrent.lnk
 
[2013-12-01 01:04:13 | 000,000,000 | ---- | M] () -- C:\extensions.sqlite
 
 
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
 
 
[2013-12-19 08:56:01 | 000,000,030 | ---- | C] () -- C:\Users\admin\AppData\Roaming\WB.CFG
 
[2013-12-14 20:38:50 | 000,000,709 | ---- | C] () -- C:\Users\admin\Desktop\Baldur's Gate.lnk
 
[2013-12-09 22:48:10 | 000,000,149 | ---- | C] () -- C:\extensions.ini
 
[2013-12-08 18:58:56 | 000,000,813 | ---- | C] () -- C:\Users\admin\Desktop\Torrent.lnk
 
[2013-12-01 01:04:13 | 000,000,000 | ---- | C] () -- C:\extensions.sqlite
 
[2013-10-14 17:11:30 | 000,407,096 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
 
[2013-10-05 13:09:43 | 000,029,555 | ---- | C] () -- C:\Windows\DIIUnin.dat
 
[2013-09-27 14:58:39 | 000,045,270 | ---- | C] () -- C:\Users\admin\AppData\Roaming\room_v3.dat
 
[2013-05-22 17:45:15 | 000,278,984 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
 
[2013-05-22 17:45:14 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
 
[2013-05-22 14:14:43 | 000,216,064 | ---- | C] ( ) -- C:\Windows\System32\lagarith.dll
 
[2013-05-22 14:14:42 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
 
[2013-05-22 14:14:42 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
 
[2013-05-22 14:14:42 | 000,178,688 | ---- | C] () -- C:\Windows\System32\unrar.dll
 
[2013-05-22 14:14:40 | 000,112,640 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
 
[2013-05-22 11:10:07 | 000,006,656 | ---- | C] () -- C:\Windows\System32\bcmwlrc.dll
 
[2013-05-22 10:54:07 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
 
[2013-05-22 10:54:07 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
 
 
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
 
 
[2009-07-14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
 
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
 
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
 
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
"" = %SystemRoot%\system32\shell32.dll -- [2009-07-14 02:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
 
"ThreadingModel" = Apartment
 
 
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
 
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009-07-14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
 
"ThreadingModel" = Free
 
 
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
 
"ThreadingModel" = Both
 
 
 
[color=#E56717]========== LOP Check ==========[/color]
 
 
 
[2013-12-01 18:05:25 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\AIMP3
 
[2013-12-08 18:54:56 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\BitComet
 
[2013-10-23 13:44:03 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\DAEMON Tools Lite
 
[2013-11-15 19:56:22 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Dealply
 
[2013-12-15 13:43:40 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Factorio
 
[2013-10-13 10:13:35 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\GarenaPlus
 
[2013-07-06 23:52:24 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Kalypso Media
 
[2013-11-13 12:58:22 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\New Technology Studio
 
[2013-11-13 13:43:49 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Opencl
 
[2013-09-18 10:24:26 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Tibia
 
[2013-12-20 18:56:10 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\uTorrent
 
[2013-05-22 11:07:15 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\WinBatch
 
 
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
 
 
 
 
< End of report >
 
 
Wygenerowano w 0.176s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!