wklejto.pl

Dodane przez: ~mkafar (2012-06-21 00:18) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
241.
242.
243.
244.
245.
246.
247.
248.
249.
250.
251.
252.
253.
254.
255.
256.
257.
258.
259.
260.
261.
262.
263.
264.
265.
266.
267.
268.
269.
270.
271.
272.
273.
274.
275.
276.
277.
278.
279.
280.
281.
282.
283.
284.
285.
286.
287.
288.
289.
290.
291.
292.
293.
294.
295.
296.
297.
298.
299.
300.
301.
302.
303.
304.
305.
306.
307.
308.
309.
310.
311.
312.
313.
314.
315.
316.
317.
318.
319.
320.
321.
322.
323.
324.
325.
326.
327.
328.
329.
330.
331.
332.
333.
334.
335.
336.
337.
338.
339.
340.
341.
342.
343.
344.
345.
346.
347.
348.
349.
350.
351.
352.
353.
354.
355.
356.
357.
358.
359.
360.
361.
362.
363.
364.
365.
366.
367.
368.
369.
370.
371.
372.
373.
374.
375.
376.
377.
378.
379.
380.
381.
382.
383.
384.
385.
386.
387.
388.
389.
390.
391.
392.
393.
394.
395.
396.
397.
398.
399.
400.
401.
402.
403.
404.
405.
406.
407.
408.
409.
410.
411.
412.
413.
414.
415.
416.
417.
418.
419.
420.
421.
422.
423.
424.
425.
426.
427.
428.
429.
430.
431.
432.
433.
434.
435.
436.
437.
438.
439.
440.
441.
442.
443.
444.
445.
446.
447.
448.
449.
450.
451.
452.
453.
454.
455.
456.
457.
458.
459.
460.
461.
462.
463.
464.
465.
466.
467.
468.
469.
470.
471.
472.
473.
474.
475.
476.
477.
478.
479.
480.
481.
482.
483.
484.
485.
486.
487.
488.
489.
490.
491.
492.
493.
494.
495.
496.
497.
498.
499.
500.
501.
502.
503.
504.
505.
506.
507.
508.
509.
510.
511.
512.
513.
514.
515.
516.
517.
518.
519.
520.
521.
522.
523.
524.
525.
526.
527.
528.
529.
530.
531.
532.
533.
534.
535.
536.
537.
538.
539.
540.
541.
542.
543.
544.
545.
546.
547.
548.
549.
550.
551.
552.
553.
554.
555.
556.
557.
558.
559.
560.
561.
562.
563.
564.
565.
566.
567.
568.
569.
570.
571.
572.
573.
574.
575.
576.
577.
578.
579.
580.
581.
582.
583.
584.
585.
586.
587.
588.
589.
590.
591.
592.
593.
594.
595.
596.
597.
598.
599.
600.
601.
602.
603.
604.
605.
606.
607.
608.
609.
610.
611.
612.
613.
614.
615.
616.
617.
618.
619.
620.
621.
622.
623.
624.
625.
626.
627.
628.
629.
630.
631.
632.
633.
634.
635.
636.
637.
638.
639.
640.
641.
642.
643.
644.
645.
646.
647.
648.
649.
650.
651.
652.
653.
654.
655.
656.
657.
658.
659.
660.
661.
662.
663.
664.
665.
666.
667.
668.
669.
670.
671.
672.
673.
674.
675.
676.
677.
678.
679.
680.
681.
682.
683.
684.
685.
686.
687.
688.
689.
690.
691.
692.
693.
694.
695.
696.
697.
698.
699.
700.
701.
702.
703.
704.
705.
706.
707.
708.
709.
710.
711.
712.
713.
714.
715.
716.
717.
718.
719.
720.
721.
722.
723.
724.
725.
726.
727.
728.
729.
730.
731.
732.
733.
734.
735.
736.
737.
738.
739.
740.
741.
742.
743.
744.
745.
746.
747.
748.
749.
OTL logfile created on: 2012-06-21 00:12:05 - Run 2
 
OTL by OldTimer - Version 3.2.50.0     Folder = C:\Documents and Settings\Piotrek\Moje dokumenty
 
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
 
Internet Explorer (Version = 8.0.6001.18702)
 
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
 
 
1,99 Gb Total Physical Memory | 1,48 Gb Available Physical Memory | 74,36% Memory free
 
3,83 Gb Paging File | 3,48 Gb Available in Paging File | 90,85% Paging File free
 
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
 
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
 
Drive C: | 21,09 Gb Total Space | 1,62 Gb Free Space | 7,70% Space Free | Partition Type: NTFS
 
Drive D: | 55,24 Gb Total Space | 49,63 Gb Free Space | 89,85% Space Free | Partition Type: NTFS
 
 
 
Computer Name: KAFAR | User Name: Piotrek | Logged in as Administrator.
 
Boot Mode: Normal | Scan Mode: All users
 
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
 
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
 
 
PRC - [2012-06-21 00:10:32 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Piotrek\Moje dokumenty\OTL.exe
 
PRC - [2012-03-07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
 
PRC - [2012-03-07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
 
PRC - [2011-07-22 00:07:38 | 000,718,720 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
 
PRC - [2009-04-02 19:05:22 | 000,102,400 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
 
PRC - [2009-03-31 10:39:36 | 000,233,472 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
 
PRC - [2008-04-14 22:51:18 | 001,035,264 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
 
 
 
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
 
 
MOD - [2012-06-20 16:16:36 | 001,775,104 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12062001\algo.dll
 
MOD - [2011-03-17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
 
 
 
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
 
 
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
 
SRV - [2012-05-05 21:42:13 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
 
SRV - [2012-04-01 14:58:37 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
 
SRV - [2012-03-07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
 
SRV - [2012-02-29 09:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
 
SRV - [2011-06-29 15:59:18 | 000,155,344 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion)
 
SRV - [2011-06-12 12:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
 
SRV - [2009-03-31 10:39:36 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
 
SRV - [2008-04-07 10:17:30 | 000,430,592 | ---- | M] (Nokia.) [Disabled | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
 
 
 
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
 
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
 
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
 
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
 
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleNT.sys -- (EagleNT)
 
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
 
DRV - [2012-03-07 01:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
 
DRV - [2012-03-07 01:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
 
DRV - [2012-03-07 01:02:00 | 000,035,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
 
DRV - [2012-03-07 01:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
 
DRV - [2012-03-07 01:01:39 | 000,095,704 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
 
DRV - [2012-03-07 01:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
 
DRV - [2012-03-07 00:58:29 | 000,024,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
 
DRV - [2011-11-07 08:45:41 | 000,443,448 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
 
DRV - [2009-09-23 10:41:58 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
 
DRV - [2009-03-31 10:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
 
DRV - [2009-03-20 11:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm)
 
DRV - [2009-03-20 11:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
 
DRV - [2009-03-20 11:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
 
DRV - [2008-10-31 05:38:08 | 004,942,336 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
 
DRV - [2008-08-07 13:14:56 | 000,111,360 | R--- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
 
DRV - [2007-09-17 16:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
 
DRV - [2006-04-01 17:16:44 | 000,162,176 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\V0260Vid.sys -- (V0260VID)
 
DRV - [2004-06-10 22:42:38 | 000,015,429 | R--- | M] ( ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sacm2A.sys -- (USBCM)
 
DRV - [2003-08-10 02:32:14 | 000,014,336 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NetMotCM.sys -- (ndiscm)
 
 
 
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
 
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
 
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.v9.com/idg/idg_1328647092_766477
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.v9.com/idg/idg_1328647092_766477
 
IE - HKLM\..\SearchScopes,DefaultScope = {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}
 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKLM\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://startsear.ch/?aff=2&src=sp&cf=5cae930f-4794-11e1-92cc-00186845f3fb&q={searchTerms}
 
IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20111006173247562&tb_oid=06-10-2011&tb_mrud=06-10-2011
 
 
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
 
 
IE - HKU\S-1-5-21-507921405-1482476501-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.v9.com/idg/idg_1328647092_766477
 
IE - HKU\S-1-5-21-507921405-1482476501-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
 
IE - HKU\S-1-5-21-507921405-1482476501-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://domredi.com/1/
 
IE - HKU\S-1-5-21-507921405-1482476501-725345543-1003\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
 
IE - HKU\S-1-5-21-507921405-1482476501-725345543-1003\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
 
IE - HKU\S-1-5-21-507921405-1482476501-725345543-1003\..\URLSearchHook: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - No CLSID value found
 
IE - HKU\S-1-5-21-507921405-1482476501-725345543-1003\..\SearchScopes,DefaultScope = {0CD08E92-BE46-4CA7-BCAC-6565FC30FF41}
 
IE - HKU\S-1-5-21-507921405-1482476501-725345543-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
 
IE - HKU\S-1-5-21-507921405-1482476501-725345543-1003\..\SearchScopes\{0CD08E92-BE46-4CA7-BCAC-6565FC30FF41}: "URL" = http://search.softonic.com/MON00084/tb_v1?q={searchTerms}&SearchSource=4&cc=
 
IE - HKU\S-1-5-21-507921405-1482476501-725345543-1003\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=SPC2&o=15000&src=crm&q={searchTerms}&locale=&apn_ptnrs=PV&apn_dtid=YYYYYYYYPL&apn_uid=de3c63d5-047a-4c7d-8221-1635f0070172&apn_sauid=74541994-832B-4FDB-B29E-30BE727701CA
 
IE - HKU\S-1-5-21-507921405-1482476501-725345543-1003\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.google.pl/cse?q={searchTerms}&cx=partner-pub-2489206448026482%3A4041638047&tbm=&ie=UTF-8#gsc.tab=0&gsc.q={searchTerms}
 
IE - HKU\S-1-5-21-507921405-1482476501-725345543-1003\..\SearchScopes\{342168F8-AE4A-41E8-A6B5-8FB9FECBEF37}: "URL" = http://browser.myquickfinder.com/browserSearch.do?keyword={searchTerms}
 
IE - HKU\S-1-5-21-507921405-1482476501-725345543-1003\..\SearchScopes\{51E8C293-995B-4769-9E52-DF270230E268}: "URL" = http://start.funmoods.com/results.php?f=4&a=vsl&q={searchTerms}
 
IE - HKU\S-1-5-21-507921405-1482476501-725345543-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7IRFC_pl
 
IE - HKU\S-1-5-21-507921405-1482476501-725345543-1003\..\SearchScopes\{7C309955-1775-4E51-A435-ADEC8EF413B1}: "URL" = http://mystart.incredimail.com/mb68/?search={searchTerms}&loc=search_box&u=92823113513435350
 
IE - HKU\S-1-5-21-507921405-1482476501-725345543-1003\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search/web?q={searchTerms}
 
IE - HKU\S-1-5-21-507921405-1482476501-725345543-1003\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3072253
 
IE - HKU\S-1-5-21-507921405-1482476501-725345543-1003\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://startsear.ch/?aff=2&src=sp&cf=5cae930f-4794-11e1-92cc-00186845f3fb&q={searchTerms}
 
IE - HKU\S-1-5-21-507921405-1482476501-725345543-1003\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
 
IE - HKU\S-1-5-21-507921405-1482476501-725345543-1003\..\SearchScopes\{F0ADAAB7-AC01-4294-AC86-AB446CF83075}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=827316&p={searchTerms}
 
IE - HKU\S-1-5-21-507921405-1482476501-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
 
 
[color=#E56717]========== FireFox ==========[/color]
 
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
 
FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: C:\Program Files\Ganymede\Plugins\npganymedenet.dll File not found
 
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
 
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
 
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
 
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
 
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
 
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
 
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Program Files\TVUPlayer\npTVUAx.dll File not found
 
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Piotrek\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
 
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-06-20 23:46:09 | 000,000,000 | ---D | M]
 
 
 
[2012-06-20 23:04:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
 
[2012-03-09 22:30:17 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
 
[2011-12-20 12:33:56 | 000,120,984 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npganymedenet.dll
 
[2011-10-27 15:45:50 | 000,083,456 | ---- | M] (LiveVDO ) -- C:\Program Files\mozilla firefox\plugins\npvsharetvplg.dll
 
[2011-07-11 23:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
 
[2012-02-07 22:38:12 | 000,002,415 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\v9.xml
 
 
 
[color=#E56717]========== Chrome  ==========[/color]
 
 
 
CHR - default_search_provider: Google (Enabled)
 
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
 
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
 
CHR - Extension: YouTube = C:\Documents and Settings\Piotrek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
 
CHR - Extension: Szukaj w Google = C:\Documents and Settings\Piotrek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
 
CHR - Extension: Funmoods = C:\Documents and Settings\Piotrek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\fdloijijlkoblmigdofommgnheckmaki\1.4.5_0\
 
CHR - Extension: avast! WebRep = C:\Documents and Settings\Piotrek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
 
CHR - Extension: Skype Click to Call = C:\Documents and Settings\Piotrek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.10.0.9560_0\
 
CHR - Extension: No name found = C:\Documents and Settings\Piotrek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.7.1_0\
 
CHR - Extension: Gmail = C:\Documents and Settings\Piotrek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
 
 
 
O1 HOSTS File: ([2001-10-26 17:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
 
O1 - Hosts: 127.0.0.1       localhost
 
O2 - BHO: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
 
O2 - BHO: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
 
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
 
O2 - BHO: (Funmoods Helper Object) - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\Program Files\Funmoods\funmoods\1.5.11.16\bh\funmoods.dll (Funmoods BHO)
 
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
 
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
 
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
 
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
 
O2 - BHO: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found.
 
O2 - BHO: (no name) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - No CLSID value found.
 
O2 - BHO: (Softonic Helper Object) - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files\Softonic\softonic\1.5.11.5\bh\softonic.dll (Softonic.com)
 
O3 - HKLM\..\Toolbar: (Softonic Toolbar) - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files\Softonic\softonic\1.5.11.5\softonicTlbr.dll (Softonic.com)
 
O3 - HKLM\..\Toolbar: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
 
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
 
O3 - HKLM\..\Toolbar: (Funmoods Toolbar) - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\Program Files\Funmoods\funmoods\1.5.11.16\funmoodsTlbr.dll (Funmoods)
 
O3 - HKLM\..\Toolbar: (no name) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - No CLSID value found.
 
O3 - HKU\S-1-5-21-507921405-1482476501-725345543-1003\..\Toolbar\WebBrowser: (uTorrentControl2 Toolbar) - {687578B9-7132-4A7A-80E4-30EE31099E03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
 
O4 - HKLM..\Run: [ASocksrv] SocksA.exe File not found
 
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
 
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
 
O4 - HKLM..\Run: [NPSStartup]  File not found
 
O4 - HKU\S-1-5-21-507921405-1482476501-725345543-1003..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
 
O4 - HKU\S-1-5-21-507921405-1482476501-725345543-1003..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)
 
O4 - HKU\S-1-5-21-507921405-1482476501-725345543-1003..\Run: [OfficeSyncProcess] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation)
 
O4 - HKU\S-1-5-21-507921405-1482476501-725345543-1003..\Run: [Windows Live Messenger Protocol Handler Module] C:\Documents and Settings\Piotrek\Ustawienia lokalne\Temp\System\msgrap.exe File not found
 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
 
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
 
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
 
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
 
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
 
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
 
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
 
O7 - HKU\S-1-5-21-507921405-1482476501-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
 
O7 - HKU\S-1-5-21-507921405-1482476501-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
 
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
 
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
 
O8 - Extra context menu item: Wy[lij &do programu OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
 
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_21.dll (Sun Microsystems, Inc.)
 
O9 - Extra Button: Wy[lij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
 
O9 - Extra 'Tools' menuitem : Wy[lij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
 
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe File not found
 
O9 - Extra Button: &Notatki poBczone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
 
O9 - Extra 'Tools' menuitem : &Notatki poBczone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
 
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
 
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
 
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
 
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.113.224.135 217.113.224.36
 
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A95010D9-E1E2-4855-9763-5EB8601F2886}: DhcpNameServer = 217.113.224.135 217.113.224.36
 
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
 
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
 
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
 
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
 
O24 - Desktop Components:0 (Moja bie|ca strona gBwna) - About:Home
 
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
 
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
 
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
 
O32 - HKLM CDRom: AutoRun - 1
 
O32 - AutoRun File - [2009-08-18 16:54:40 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
 
O33 - MountPoints2\{0d56fd2c-8cae-11de-a78f-00186845f3fb}\Shell\Auto\command - "" = F:\tel.xls.exe
 
O33 - MountPoints2\{0d56fd2c-8cae-11de-a78f-00186845f3fb}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL tel.xls.exe
 
O33 - MountPoints2\{3b32b3c0-0914-11e1-915a-806d6172696f}\Shell - "" = AutoRun
 
O33 - MountPoints2\{3b32b3c0-0914-11e1-915a-806d6172696f}\Shell\AutoRun\command - "" = F:\SETUP.EXE
 
O33 - MountPoints2\{3b32b3c0-0914-11e1-915a-806d6172696f}\Shell\configure\command - "" = F:\SETUP.EXE
 
O33 - MountPoints2\{3b32b3c0-0914-11e1-915a-806d6172696f}\Shell\install\command - "" = F:\SETUP.EXE
 
O33 - MountPoints2\{71621dc0-2ace-11e0-8d56-806d6172696f}\Shell - "" = AutoRun
 
O33 - MountPoints2\{71621dc0-2ace-11e0-8d56-806d6172696f}\Shell\AutoRun\command - "" = F:\Autorun.exe
 
O33 - MountPoints2\{755f567c-fa40-11df-aecf-00186845f3fb}\Shell\Auto\command - "" = F:\tel.xls.exe
 
O33 - MountPoints2\{755f567c-fa40-11df-aecf-00186845f3fb}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL tel.xls.exe
 
O33 - MountPoints2\{9eadc5c9-0065-11e0-9c8a-00186845f3fb}\Shell - "" = AutoRun
 
O33 - MountPoints2\{9eadc5c9-0065-11e0-9c8a-00186845f3fb}\Shell\AutoRun\command - "" = F:\MafiaLauncher.EXE
 
O33 - MountPoints2\{d2946940-2583-11e0-b4b1-806d6172696f}\Shell - "" = AutoRun
 
O33 - MountPoints2\{d2946940-2583-11e0-b4b1-806d6172696f}\Shell\AutoRun\command - "" = F:\Autorun.exe
 
O34 - HKLM BootExecute: (autocheck autochk *)
 
O34 - HKLM BootExecute: (aswBoot.exe /M:bb5aac6241a)
 
O35 - HKLM\..comfile [open] -- "%1" %*
 
O35 - HKLM\..exefile [open] -- "%1" %*
 
O37 - HKLM\...com [@ = comfile] -- "%1" %*
 
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
 
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
 
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
 
 
[2012-06-21 00:10:20 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Piotrek\Moje dokumenty\OTL.exe
 
[2012-06-20 23:46:27 | 000,612,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
 
[2012-06-20 23:46:27 | 000,337,880 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
 
[2012-06-20 23:46:27 | 000,095,704 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
 
[2012-06-20 23:46:27 | 000,089,048 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
 
[2012-06-20 23:46:27 | 000,053,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
 
[2012-06-20 23:46:27 | 000,035,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
 
[2012-06-20 23:46:27 | 000,024,920 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
 
[2012-06-20 23:46:27 | 000,020,696 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
 
[2012-06-20 23:46:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\avast! Free Antivirus
 
[2012-06-20 23:46:00 | 000,201,352 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
 
[2012-06-20 23:46:00 | 000,041,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
 
[2012-06-20 19:35:22 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
 
[2012-06-20 19:35:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software
 
[2012-06-18 22:43:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piotrek\Pulpit\Nowy folder
 
[2012-06-14 10:06:39 | 000,521,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
 
[2012-06-13 11:18:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piotrek\Dane aplikacji\1334
 
[2012-06-13 11:14:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Asprate
 
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
 
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
 
 
[2012-06-21 00:16:00 | 000,001,038 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
 
[2012-06-21 00:10:32 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Piotrek\Moje dokumenty\OTL.exe
 
[2012-06-21 00:04:17 | 000,001,034 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
 
[2012-06-21 00:04:16 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-507921405-1482476501-725345543-1003.job
 
[2012-06-21 00:04:09 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
 
[2012-06-20 23:46:27 | 000,002,644 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
 
[2012-06-20 23:46:27 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk
 
[2012-06-20 23:42:00 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
 
[2012-06-19 22:46:45 | 000,145,412 | ---- | M] () -- C:\Documents and Settings\Piotrek\Ustawienia lokalne\Dane aplikacji\joscmm.exe
 
[2012-06-15 19:20:00 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-507921405-1482476501-725345543-1003.job
 
[2012-06-14 19:31:32 | 000,287,704 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
 
[2012-06-14 18:34:17 | 000,512,594 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
 
[2012-06-14 18:34:17 | 000,454,196 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
 
[2012-06-14 18:34:17 | 000,093,174 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
 
[2012-06-14 18:34:17 | 000,076,414 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
 
[2012-06-14 18:32:14 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
 
[2012-06-13 11:19:29 | 000,001,838 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Tibia MULTI-IP Changer.lnk
 
[2012-06-10 10:44:41 | 000,000,773 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\ALLConverter PRO.lnk
 
[2012-06-10 10:42:17 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
 
[2012-06-07 23:59:36 | 000,037,826 | ---- | M] () -- C:\Documents and Settings\Piotrek\Moje dokumenty\grze.jpg
 
[2012-05-31 15:22:04 | 000,602,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
 
[2012-05-28 20:48:09 | 000,029,696 | ---- | M] () -- C:\Documents and Settings\Piotrek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
 
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
 
 
[2012-06-20 23:46:27 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk
 
[2012-06-19 22:46:45 | 000,145,412 | ---- | C] () -- C:\Documents and Settings\Piotrek\Ustawienia lokalne\Dane aplikacji\joscmm.exe
 
[2012-06-13 11:14:34 | 000,001,838 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Tibia MULTI-IP Changer.lnk
 
[2012-06-07 23:59:35 | 000,037,826 | ---- | C] () -- C:\Documents and Settings\Piotrek\Moje dokumenty\grze.jpg
 
[2012-02-23 15:25:44 | 000,016,384 | ---- | C] () -- C:\Program Files\uik.dat
 
[2012-02-23 15:24:53 | 000,000,004 | ---- | C] () -- C:\Program Files\is.dat
 
[2012-02-15 18:06:21 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
 
[2011-10-06 19:49:46 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
 
[2011-10-06 19:49:46 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
 
[2011-10-06 19:49:46 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
 
[2011-10-06 19:49:46 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
 
[2011-10-06 19:49:46 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
 
[2011-08-13 12:52:10 | 000,000,007 | ---- | C] () -- C:\WINDOWS\2pic.ini
 
[2011-01-22 16:38:17 | 000,000,203 | ---- | C] () -- C:\WINDOWS\pdf2word.INI
 
[2010-12-23 17:04:18 | 000,009,048 | ---- | C] () -- C:\WINDOWS\hpdj3500.ini
 
[2010-11-12 13:35:13 | 000,138,608 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
 
[2010-11-12 13:35:05 | 000,234,576 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
 
[2010-11-12 13:34:59 | 000,075,064 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
 
[2010-09-24 15:10:05 | 000,000,041 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\.zreglib
 
[2010-08-17 15:50:00 | 000,017,700 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
 
 
 
[color=#E56717]========== LOP Check ==========[/color]
 
 
 
[2012-06-20 23:45:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software
 
[2011-11-07 09:49:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
 
[2011-11-06 14:28:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\FileServe Limited
 
[2010-03-25 19:40:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
 
[2011-10-07 19:05:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\IM
 
[2011-10-07 19:04:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\IncrediMail
 
[2011-09-16 19:21:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\InsERT
 
[2010-09-13 11:46:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla
 
[2009-10-25 16:27:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\LightScribe
 
[2010-10-14 13:14:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
 
[2009-12-22 16:01:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
 
[2010-01-21 08:52:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
 
[2011-11-06 14:26:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Web Installer
 
[2011-10-07 20:30:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\WinZip
 
[2009-09-22 19:01:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Zylom
 
[2010-03-29 17:57:16 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Piotrek\Dane aplikacji\.#
 
[2011-08-31 14:31:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Dane aplikacji\.minecraft
 
[2012-06-13 11:18:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Dane aplikacji\1334
 
[2009-12-28 00:27:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Dane aplikacji\CheckPoint
 
[2011-08-13 12:57:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Dane aplikacji\com.adobe.downloadassistant.AdobeDownloadAssistant
 
[2010-11-27 18:59:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Dane aplikacji\DAEMON Tools Lite
 
[2012-03-14 10:18:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Dane aplikacji\Funmoods
 
[2012-02-26 11:17:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Dane aplikacji\Gadu-Gadu 10
 
[2012-02-23 19:27:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Dane aplikacji\GanymedeNet
 
[2011-10-07 18:51:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Dane aplikacji\GrabIt
 
[2010-10-28 19:01:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Dane aplikacji\ipla
 
[2010-02-01 18:58:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Dane aplikacji\Nowe Gadu-Gadu
 
[2011-10-04 19:43:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Dane aplikacji\OpenCandy
 
[2009-08-25 22:36:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Dane aplikacji\OpenFM
 
[2009-12-22 16:01:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Dane aplikacji\PC Suite
 
[2011-12-01 20:39:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Dane aplikacji\PDF Writer
 
[2011-04-25 07:50:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Dane aplikacji\PriceGong
 
[2009-12-22 16:00:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Dane aplikacji\Samsung
 
[2012-03-17 22:03:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Dane aplikacji\Softonic
 
[2011-09-07 17:19:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Dane aplikacji\Sony
 
[2012-03-18 00:14:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Dane aplikacji\TS3Client
 
[2011-12-18 16:22:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Dane aplikacji\Unity
 
[2012-05-24 18:56:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Dane aplikacji\uTorrent
 
[2012-01-30 18:38:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Dane aplikacji\YCanPDF
 
 
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
 
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
 
 
@Alternate Data Stream - 24 bytes -> C:\WINDOWS:EC08844152D82630
 
@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:671329E4
 
 
 
< End of report >
 
 
Wygenerowano w 0.476s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!