wklejto.pl

Dodane przez: ~Anonim (2012-06-25 21:40) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
241.
242.
243.
244.
245.
246.
247.
248.
249.
250.
251.
252.
253.
254.
255.
256.
257.
258.
259.
260.
261.
262.
263.
264.
265.
266.
267.
268.
269.
270.
271.
272.
273.
274.
275.
276.
277.
278.
279.
280.
281.
282.
283.
284.
285.
286.
287.
288.
289.
290.
291.
292.
293.
294.
295.
296.
297.
298.
299.
300.
301.
302.
303.
304.
305.
306.
307.
308.
309.
310.
311.
312.
313.
314.
315.
316.
317.
318.
319.
320.
321.
322.
323.
324.
325.
326.
327.
328.
329.
330.
331.
332.
333.
334.
335.
336.
337.
338.
339.
340.
341.
342.
343.
344.
345.
346.
347.
348.
349.
350.
351.
352.
353.
354.
355.
356.
357.
358.
359.
360.
361.
362.
363.
364.
365.
366.
367.
368.
369.
370.
371.
372.
373.
374.
375.
376.
377.
378.
379.
380.
381.
382.
383.
384.
385.
386.
387.
388.
389.
390.
391.
392.
393.
394.
395.
396.
397.
398.
399.
400.
401.
402.
403.
404.
405.
406.
407.
408.
409.
410.
411.
412.
413.
414.
415.
416.
417.
418.
419.
420.
421.
422.
423.
424.
425.
426.
427.
428.
429.
430.
431.
432.
433.
434.
435.
436.
437.
438.
439.
440.
441.
442.
443.
444.
445.
446.
447.
448.
449.
450.
451.
452.
453.
454.
455.
456.
457.
458.
459.
460.
461.
462.
463.
464.
465.
466.
467.
468.
469.
470.
471.
472.
473.
474.
475.
476.
477.
478.
479.
480.
481.
482.
483.
484.
485.
486.
487.
488.
489.
490.
491.
492.
493.
494.
495.
496.
497.
498.
499.
500.
501.
502.
503.
504.
505.
506.
507.
508.
509.
510.
511.
512.
513.
514.
515.
516.
517.
518.
519.
520.
521.
522.
523.
524.
525.
526.
527.
528.
529.
530.
531.
532.
533.
534.
535.
536.
537.
538.
539.
540.
541.
542.
543.
544.
545.
546.
547.
548.
549.
550.
551.
552.
553.
554.
555.
556.
557.
558.
559.
560.
561.
562.
563.
564.
565.
566.
567.
568.
569.
570.
571.
572.
573.
574.
575.
576.
577.
578.
579.
580.
581.
582.
583.
584.
585.
586.
587.
588.
589.
590.
591.
592.
593.
594.
595.
596.
597.
598.
599.
600.
601.
602.
603.
604.
605.
606.
607.
608.
609.
610.
611.
612.
613.
614.
615.
616.
617.
618.
619.
620.
621.
622.
623.
624.
625.
626.
627.
628.
629.
630.
631.
632.
633.
634.
635.
636.
637.
638.
639.
640.
641.
642.
643.
644.
645.
646.
647.
648.
649.
650.
651.
652.
653.
654.
655.
656.
657.
658.
659.
660.
661.
662.
663.
664.
665.
666.
667.
668.
669.
670.
671.
672.
673.
674.
675.
676.
677.
678.
679.
680.
681.
682.
683.
684.
685.
686.
687.
688.
689.
690.
691.
692.
693.
694.
695.
696.
697.
698.
699.
700.
701.
702.
703.
704.
705.
706.
707.
708.
709.
710.
711.
712.
713.
714.
715.
716.
717.
718.
719.
720.
721.
722.
723.
724.
725.
726.
727.
728.
729.
730.
731.
732.
733.
734.
735.
736.
737.
738.
739.
740.
741.
742.
743.
744.
745.
746.
747.
748.
749.
750.
751.
752.
753.
754.
755.
756.
757.
758.
759.
760.
761.
762.
763.
764.
765.
766.
767.
768.
769.
770.
771.
772.
773.
774.
775.
776.
777.
778.
779.
780.
781.
782.
783.
784.
785.
786.
787.
788.
789.
790.
791.
792.
793.
794.
795.
796.
797.
798.
799.
800.
801.
802.
803.
804.
805.
806.
807.
808.
809.
810.
811.
812.
813.
814.
815.
816.
817.
818.
819.
820.
821.
OTL logfile created on: 2012-06-25 21:16:49 - Run 1
 
OTL by OldTimer - Version 3.2.53.0     Folder = C:\Users\Janne\Desktop
 
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
 
Internet Explorer (Version = 8.0.7601.17514)
 
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
 
 
4,00 Gb Total Physical Memory | 2,11 Gb Available Physical Memory | 52,76% Memory free
 
8,00 Gb Paging File | 6,10 Gb Available in Paging File | 76,29% Paging File free
 
Paging file location(s): ?:\pagefile.sys [binary data]
 
 
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
 
Drive C: | 75,04 Gb Total Space | 14,25 Gb Free Space | 18,98% Space Free | Partition Type: NTFS
 
Drive D: | 390,62 Gb Total Space | 227,64 Gb Free Space | 58,28% Space Free | Partition Type: NTFS
 
 
 
Computer Name: JANNE-BISONEN | User Name: Janne | Logged in as Administrator.
 
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
 
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
 
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
 
 
PRC - [2012-06-25 21:14:34 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Janne\Desktop\OTL.exe
 
PRC - [2012-06-25 20:34:08 | 000,442,368 | ---- | M] () -- C:\Users\Janne\AppData\Local\ooiyein.exe
 
PRC - [2012-06-23 16:53:20 | 001,535,176 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
 
PRC - [2012-06-21 16:21:04 | 005,512,544 | ---- | M] (GridinSoft LLC.) -- C:\Program Files (x86)\GridinSoft Trojan Killer\trojankiller.exe
 
PRC - [2012-06-18 22:18:53 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
 
PRC - [2012-01-31 15:40:38 | 019,856,840 | ---- | M] (Redefine Sp z o.o.) -- C:\Program Files (x86)\ipla\ipla.exe
 
PRC - [2011-11-28 20:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
 
PRC - [2011-08-01 05:32:20 | 000,020,880 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
 
PRC - [2011-08-01 05:32:10 | 003,507,088 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
 
PRC - [2011-07-04 19:45:30 | 013,374,048 | ---- | M] (GG Network S.A.) -- C:\Program Files (x86)\Gadu-Gadu 10\gg.exe
 
PRC - [2011-06-17 19:33:04 | 000,272,528 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe
 
PRC - [2011-03-04 11:39:14 | 000,584,488 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
 
PRC - [2011-02-02 15:08:16 | 000,018,656 | ---- | M] () -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
 
PRC - [2011-01-17 19:50:30 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
 
PRC - [2011-01-17 19:50:30 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
 
PRC - [2010-04-01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
 
PRC - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
 
 
 
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
 
 
MOD - [2012-06-25 20:34:08 | 000,442,368 | ---- | M] () -- C:\Users\Janne\AppData\Local\ooiyein.exe
 
MOD - [2012-06-23 16:53:20 | 009,459,912 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll
 
MOD - [2012-06-18 22:18:53 | 002,042,848 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
 
MOD - [2012-05-06 11:19:37 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
 
MOD - [2012-01-31 15:40:44 | 000,068,456 | ---- | M] () -- C:\Program Files (x86)\ipla\ziplib.dll
 
MOD - [2012-01-31 15:40:42 | 000,392,552 | ---- | M] () -- C:\Program Files (x86)\ipla\jabberoo.dll
 
MOD - [2012-01-31 15:22:48 | 000,292,864 | ---- | M] () -- C:\Program Files (x86)\ipla\MediaFileScanner.dll
 
MOD - [2012-01-31 15:20:10 | 000,156,160 | ---- | M] () -- C:\Program Files (x86)\ipla\lua.dll
 
MOD - [2012-01-22 10:35:44 | 001,159,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\6a6f4be744ed5bc5273cbcf0fcf303e3\System.Management.ni.dll
 
MOD - [2012-01-22 10:34:10 | 000,767,488 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\dc1f0dbf1d3ba856eccec90b62b55d79\System.Runtime.Remoting.ni.dll
 
MOD - [2012-01-22 10:33:45 | 001,776,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\035910922f160d304fb834aae41f45a6\System.Xaml.ni.dll
 
MOD - [2012-01-22 09:55:34 | 013,006,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\17e020ae92d7fab33bcc1c98b25019d0\System.Windows.Forms.ni.dll
 
MOD - [2012-01-22 09:55:32 | 000,450,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\3555f5f74c56fa92c0ab7a635af91bfa\PresentationFramework.Aero.ni.dll
 
MOD - [2012-01-22 09:55:31 | 017,629,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\7f91eecda3ff7ce478146b6458580c98\PresentationFramework.ni.dll
 
MOD - [2012-01-22 09:55:24 | 001,651,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\dd57bc19f5807c6dbe8f88d4a23277f6\System.Drawing.ni.dll
 
MOD - [2012-01-22 09:55:21 | 005,571,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\e997d0200c25f7db6bd32313d50b729d\System.Xml.ni.dll
 
MOD - [2012-01-22 09:55:19 | 011,057,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\3963e9ce8d44f50e8367e92a8e3e42e6\PresentationCore.ni.dll
 
MOD - [2012-01-22 09:55:14 | 007,025,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\713647b987b140a17e3c4ffe4c721f85\System.Core.ni.dll
 
MOD - [2012-01-22 09:55:12 | 003,779,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\d17606e813f01376bd0def23726ecc62\WindowsBase.ni.dll
 
MOD - [2012-01-22 09:55:08 | 009,000,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\964da027ebca3b263a05cadb8eaa20a3\System.ni.dll
 
MOD - [2012-01-22 09:55:04 | 014,415,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\246f1a5abb686b9dcdf22d3505b08cea\mscorlib.ni.dll
 
MOD - [2011-11-03 16:00:58 | 000,058,688 | ---- | M] () -- C:\Program Files (x86)\GridinSoft Trojan Killer\UnHookLib.dll
 
MOD - [2011-08-11 14:50:58 | 000,115,137 | ---- | M] () -- C:\Users\Janne\AppData\Local\Temp\3dcf2df1-2a83-477c-a7dd-858967792357\CliSecureRT.dll
 
MOD - [2011-08-01 05:32:20 | 000,020,880 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
 
MOD - [2011-07-04 19:46:20 | 000,217,696 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\gglog.dll
 
MOD - [2011-07-04 19:46:18 | 000,123,488 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggipcradioproxy.dll
 
MOD - [2011-07-04 19:46:16 | 000,017,504 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggipc.dll
 
MOD - [2011-07-04 19:46:12 | 000,027,744 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggcrypto.dll
 
MOD - [2011-07-04 19:46:10 | 000,356,960 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggcommon.dll
 
MOD - [2011-04-16 05:04:30 | 014,749,696 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtWebKit4.dll
 
MOD - [2011-03-04 12:02:54 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
 
MOD - [2011-03-04 12:02:52 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
 
MOD - [2011-03-04 12:02:50 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
 
MOD - [2011-02-17 11:00:28 | 001,781,760 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtScript4.dll
 
MOD - [2011-02-17 11:00:28 | 000,393,216 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtXml4.dll
 
MOD - [2011-02-17 11:00:28 | 000,327,680 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtSvg4.dll
 
MOD - [2011-02-17 11:00:26 | 001,044,480 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtNetwork4.dll
 
MOD - [2011-02-17 11:00:24 | 009,097,216 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtGui4.dll
 
MOD - [2011-02-17 11:00:24 | 002,560,000 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtCore4.dll
 
MOD - [2011-02-17 10:59:40 | 000,311,296 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qtiff4.dll
 
MOD - [2011-02-17 10:59:40 | 000,274,432 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qmng4.dll
 
MOD - [2011-02-17 10:59:40 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qjpeg4.dll
 
MOD - [2011-02-17 10:59:40 | 000,027,648 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qgif4.dll
 
MOD - [2011-02-17 10:59:40 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qsvg4.dll
 
MOD - [2011-02-17 10:59:32 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\zlib1.dll
 
MOD - [2010-01-30 02:41:12 | 004,254,560 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
 
 
 
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
 
 
SRV:[b]64bit:[/b] - [2012-01-22 10:03:28 | 001,431,888 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
 
SRV:[b]64bit:[/b] - [2011-11-28 20:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
 
SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
 
SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
 
SRV - [2012-06-23 16:53:20 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
 
SRV - [2012-06-18 22:18:53 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
 
SRV - [2011-06-17 19:33:04 | 000,237,008 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe -- (McComponentHostService)
 
SRV - [2011-03-04 11:39:14 | 000,584,488 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate) @C:\Program Files (x86)
 
SRV - [2011-02-02 15:08:16 | 000,018,656 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service)
 
SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
 
SRV - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
 
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
 
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
 
 
DRV:[b]64bit:[/b] - [2012-01-04 16:28:36 | 000,016,640 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\gtkdrv.sys -- (TrojanKillerDriver)
 
DRV:[b]64bit:[/b] - [2011-11-28 19:54:06 | 000,591,192 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
 
DRV:[b]64bit:[/b] - [2011-11-28 19:53:58 | 000,304,472 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
 
DRV:[b]64bit:[/b] - [2011-11-28 19:52:22 | 000,042,328 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
 
DRV:[b]64bit:[/b] - [2011-11-28 19:52:20 | 000,058,712 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
 
DRV:[b]64bit:[/b] - [2011-11-28 19:52:11 | 000,066,904 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
 
DRV:[b]64bit:[/b] - [2011-11-28 19:51:53 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
 
DRV:[b]64bit:[/b] - [2011-08-08 20:08:55 | 000,503,352 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
 
DRV:[b]64bit:[/b] - [2011-07-20 09:46:06 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm) SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.)
 
DRV:[b]64bit:[/b] - [2011-07-20 09:46:06 | 000,095,416 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)
 
DRV:[b]64bit:[/b] - [2010-12-21 07:55:02 | 000,172,032 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssm_mdm.sys -- (ssm_mdm)
 
DRV:[b]64bit:[/b] - [2010-12-21 07:55:02 | 000,136,192 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssm_bus.sys -- (ssm_bus) SAMSUNG Mobile USB Device II 1.0 driver (WDM)
 
DRV:[b]64bit:[/b] - [2010-12-21 07:55:02 | 000,019,968 | ---- | M] (Danish Wireless Design A/S) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\FlashUSB_x64.sys -- (FlashUSB)
 
DRV:[b]64bit:[/b] - [2010-12-21 07:55:02 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssm_mdfl.sys -- (ssm_mdfl)
 
DRV:[b]64bit:[/b] - [2010-11-21 05:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
 
DRV:[b]64bit:[/b] - [2010-11-21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
 
DRV:[b]64bit:[/b] - [2010-11-21 05:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
 
DRV:[b]64bit:[/b] - [2010-11-21 05:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
 
DRV:[b]64bit:[/b] - [2010-11-21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
 
DRV:[b]64bit:[/b] - [2010-11-21 05:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
 
DRV:[b]64bit:[/b] - [2010-11-21 05:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
 
DRV:[b]64bit:[/b] - [2010-11-21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
 
DRV:[b]64bit:[/b] - [2010-11-21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
 
DRV:[b]64bit:[/b] - [2010-11-21 05:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
 
DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
 
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
 
DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
 
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
 
DRV:[b]64bit:[/b] - [2009-07-13 23:59:33 | 005,020,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
 
DRV:[b]64bit:[/b] - [2009-06-10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
 
DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
 
DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
 
DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
 
DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
 
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
 
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
 
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
 
 
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 
IE - HKLM\..\SearchScopes\{D6D4A932-78C6-41B9-B967-718FCC0A7668}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl/0,0.html?p=125
 
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://startsear.ch/?aff=1&q={searchTerms}
 
IE - HKCU\..\SearchScopes\{518CF83E-1382-45A1-8FDB-C504EB2EA13B}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=SPC2&o=15000&src=crm&q={searchTerms}&locale=&apn_ptnrs=PV&apn_dtid=YYYYYYYYPL&apn_uid=490C9042-A9BA-4790-A12A-4BDA2C25BC0B&apn_sauid=ABCDE539-45B9-4549-8BD8-AF00EEA540E3
 
IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search/web?q={searchTerms}
 
IE - HKCU\..\SearchScopes\{D6D4A932-78C6-41B9-B967-718FCC0A7668}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
 
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
[color=#E56717]========== FireFox ==========[/color]
 
 
 
FF - prefs.js..browser.search.defaultengine: "Web Search"
 
FF - prefs.js..browser.search.defaultenginename: "Web Search"
 
FF - prefs.js..browser.search.order.1: "Ask.com"
 
FF - prefs.js..browser.search.selectedEngine: "Google"
 
FF - prefs.js..browser.search.useDBForOrder: true
 
FF - prefs.js..browser.startup.homepage: "www.google.pl"
 
FF - prefs.js..keyword.URL: "http://startsear.ch/?aff=1&q="
 
FF - prefs.js..network.proxy.type: 0
 
FF - user.js - File not found
 
 
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll File not found
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
 
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
 
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
 
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
 
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
 
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
 
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
 
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
 
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
 
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-01-22 09:09:32 | 000,000,000 | ---D | M]
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-06-18 22:18:54 | 000,000,000 | ---D | M]
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-05-07 15:51:14 | 000,000,000 | ---D | M]
 
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-06-18 22:18:54 | 000,000,000 | ---D | M]
 
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-05-07 15:51:14 | 000,000,000 | ---D | M]
 
 
 
[2011-07-15 16:34:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Janne\AppData\Roaming\mozilla\Extensions
 
[2012-05-28 16:54:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Janne\AppData\Roaming\mozilla\Firefox\Profiles\i9k4ztca.default\extensions
 
[2012-04-24 17:09:21 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Janne\AppData\Roaming\mozilla\Firefox\Profiles\i9k4ztca.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
 
[2012-02-24 21:35:32 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Users\Janne\AppData\Roaming\mozilla\Firefox\Profiles\i9k4ztca.default\extensions\DTToolbar@toolbarnet.com
 
[2012-01-15 09:22:43 | 000,000,000 | ---D | M] (Iplex to ALLPlayer) -- C:\Users\Janne\AppData\Roaming\mozilla\Firefox\Profiles\i9k4ztca.default\extensions\IplextoALL@ALLPlayer.org
 
[2011-11-09 16:18:45 | 000,000,000 | ---D | M] (Vividas player plugin) -- C:\Users\Janne\AppData\Roaming\mozilla\Firefox\Profiles\i9k4ztca.default\extensions\player@vividas.com
 
[2011-07-20 14:22:55 | 000,002,568 | ---- | M] () -- C:\Users\Janne\AppData\Roaming\Mozilla\Firefox\Profiles\i9k4ztca.default\searchplugins\askcom.xml
 
[2011-07-16 09:57:06 | 000,002,059 | ---- | M] () -- C:\Users\Janne\AppData\Roaming\Mozilla\Firefox\Profiles\i9k4ztca.default\searchplugins\daemon-search.xml
 
[2011-07-11 20:04:02 | 000,000,633 | ---- | M] () -- C:\Users\Janne\AppData\Roaming\Mozilla\Firefox\Profiles\i9k4ztca.default\searchplugins\startsear.xml
 
[2012-05-16 18:20:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
 
[2012-05-28 16:54:32 | 000,104,669 | ---- | M] () (No name found) -- C:\USERS\JANNE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9K4ZTCA.DEFAULT\EXTENSIONS\{7E77F5DF-8022-40E3-9122-F03DEBEFC43B}.XPI
 
[2011-08-14 20:38:17 | 000,010,043 | ---- | M] () (No name found) -- C:\USERS\JANNE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9K4ZTCA.DEFAULT\EXTENSIONS\IPLEXTOALL@ALLPLAYER.ORG.XPI
 
[2012-06-18 22:18:54 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
 
[2011-09-16 12:57:06 | 000,189,088 | ---- | M] ( ) -- C:\Program Files (x86)\mozilla firefox\plugins\npVividasPlayer.dll
 
[2011-06-09 13:41:48 | 000,081,920 | ---- | M] (vShare.tv ) -- C:\Program Files (x86)\mozilla firefox\plugins\npvsharetvplg.dll
 
[2012-06-18 22:18:51 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
 
[2012-06-18 22:18:51 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
 
[2012-06-18 22:18:51 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
 
[2012-06-18 22:18:51 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
 
[2012-06-18 22:18:51 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
 
[2012-06-18 22:18:51 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml
 
 
 
O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
 
O2:[b]64bit:[/b] - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
 
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
 
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
 
O2 - BHO: (IE5BarLauncherBHO Class) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (VShare Inc.)
 
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
 
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
 
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~2\ALLPLA~1\Iplex\IPLEXT~1.DLL (ALLCinema Ltd.)
 
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
 
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
 
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
 
O3 - HKLM\..\Toolbar: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (VShare Inc.)
 
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
 
O3:[b]64bit:[/b] - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
 
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
 
O3 - HKCU\..\Toolbar\WebBrowser: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (VShare Inc.)
 
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
 
O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
 
O4 - HKCU..\Run: [ALLUpdate] C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe ()
 
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
 
O4 - HKCU..\Run: [Gadu-Gadu 10] C:\Program Files (x86)\Gadu-Gadu 10\gg.exe (GG Network S.A.)
 
O4 - HKCU..\Run: [IPLA!] C:\Program Files (x86)\ipla\ipla.exe (Redefine Sp z o.o.)
 
O4 - HKCU..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe (Samsung)
 
O4 - HKCU..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
 
O4 - HKCU..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
 
O4 - Startup: C:\Users\Janne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
 
O8:[b]64bit:[/b] - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found
 
O8:[b]64bit:[/b] - Extra context menu item: Free YouTube Download - C:\Users\Janne\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
 
O8:[b]64bit:[/b] - Extra context menu item: Wy[lij &do programu OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found
 
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found
 
O8 - Extra context menu item: Free YouTube Download - C:\Users\Janne\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
 
O8 - Extra context menu item: Wy[lij &do programu OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found
 
O13[b]64bit:[/b] - gopher Prefix: missing
 
O13 - gopher Prefix: missing
 
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
 
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
 
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
 
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
 
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
 
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40
 
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0B7AAD6E-2465-4146-BC11-23440F7996DA}: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40
 
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
 
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
 
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
 
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
 
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
 
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
 
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
 
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
 
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
 
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
 
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
 
O32 - HKLM CDRom: AutoRun - 1
 
O32 - AutoRun File - [2012-01-22 09:40:44 | 000,000,000 | ---D | M] - D:\AutoCAD_2012_ERZPH_Win_64bit -- [ NTFS ]
 
O32 - AutoRun File - [2012-01-21 23:50:16 | 2612,762,217 | ---- | M] () - D:\AutoCAD_2012_ERZPH_Win_64bit.exe -- [ NTFS ]
 
O33 - MountPoints2\{4f7dddfd-4a3b-11e1-9cc2-406186c4fcbd}\Shell - "" = AutoRun
 
O33 - MountPoints2\{4f7dddfd-4a3b-11e1-9cc2-406186c4fcbd}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
 
O33 - MountPoints2\{4fedd723-af81-11e0-bfdf-406186c4fcbd}\Shell - "" = AutoRun
 
O33 - MountPoints2\{4fedd723-af81-11e0-bfdf-406186c4fcbd}\Shell\AutoRun\command - "" = F:\autorun.exe
 
O33 - MountPoints2\{4fedd745-af81-11e0-bfdf-406186c4fcbd}\Shell - "" = AutoRun
 
O33 - MountPoints2\{4fedd745-af81-11e0-bfdf-406186c4fcbd}\Shell\AutoRun\command - "" = G:\autorun.exe
 
O34 - HKLM BootExecute: (autocheck autochk *)
 
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
 
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
 
O35 - HKLM\..comfile [open] -- "%1" %*
 
O35 - HKLM\..exefile [open] -- "%1" %*
 
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
 
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
 
O37 - HKLM\...com [@ = comfile] -- "%1" %*
 
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
 
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
 
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
 
 
[2012-06-25 21:14:27 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Users\Janne\Desktop\OTL.exe
 
[2012-06-25 20:52:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft Trojan Killer
 
[2012-06-25 20:52:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GridinSoft Trojan Killer
 
[2012-06-24 19:41:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kolekcja Klasyki
 
[2012-06-24 19:40:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kolekcja Klasyki
 
[2012-06-24 19:40:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
 
[2012-06-23 18:59:24 | 000,000,000 | ---D | C] -- C:\Users\Janne\Desktop\Wrzuta.pl_Download[1]
 
[2012-06-23 18:50:48 | 000,000,000 | ---D | C] -- C:\Users\Janne\AppData\Local\Macromedia
 
[2012-06-22 20:55:21 | 000,000,000 | ---D | C] -- C:\Users\Janne\Desktop\documentstogouiq4001
 
[2012-06-20 19:56:30 | 000,000,000 | ---D | C] -- C:\Users\Janne\Desktop\Nowy folder
 
[2012-06-18 19:22:13 | 000,000,000 | ---D | C] -- C:\Users\Janne\Desktop\WykBady_Luksa_Projektowanie
 
[2012-06-17 20:28:09 | 000,000,000 | ---D | C] -- C:\wykres
 
[2012-06-17 20:16:31 | 000,000,000 | ---D | C] -- C:\Users\Janne\AppData\Local\DOSBox
 
[2012-06-17 20:16:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74
 
[2012-06-17 20:16:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DOSBox-0.74
 
[2012-06-17 20:05:25 | 000,000,000 | ---D | C] -- C:\Users\Janne\Desktop\SCHEFLER
 
[2012-06-13 21:47:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
 
[2012-06-07 21:47:57 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
 
[2012-06-07 21:47:56 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
 
[2012-06-07 21:47:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee Security Scan
 
[2012-06-07 21:47:53 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
 
[2012-06-07 21:47:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
 
[1 C:\Windows\Fonts\*.tmp files -> C:\Windows\Fonts\*.tmp -> ]
 
 
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
 
 
[2012-06-25 21:14:34 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Janne\Desktop\OTL.exe
 
[2012-06-25 20:54:00 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
 
[2012-06-25 20:53:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
 
[2012-06-25 20:52:40 | 000,026,352 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
 
[2012-06-25 20:52:40 | 000,026,352 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
 
[2012-06-25 20:52:16 | 000,001,139 | ---- | M] () -- C:\Users\Public\Desktop\Trojan Killer.lnk
 
[2012-06-25 20:50:58 | 001,661,232 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
 
[2012-06-25 20:50:58 | 000,737,242 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
 
[2012-06-25 20:50:58 | 000,651,450 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
 
[2012-06-25 20:50:58 | 000,153,930 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
 
[2012-06-25 20:50:58 | 000,120,382 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
 
[2012-06-25 20:45:13 | 000,001,042 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
 
[2012-06-25 20:45:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
 
[2012-06-25 20:45:02 | 3220,627,456 | -HS- | M] () -- C:\hiberfil.sys
 
[2012-06-25 20:34:08 | 000,442,368 | ---- | M] () -- C:\Users\Janne\AppData\Local\ooiyein.exe
 
[2012-06-24 19:41:34 | 000,002,533 | ---- | M] () -- C:\Users\Janne\Desktop\Graj w Commandos, Behind Enemy Lines.lnk
 
[2012-06-23 18:58:29 | 000,640,147 | ---- | M] () -- C:\Users\Janne\Desktop\Wrzuta.pl_Download[1].zip
 
[2012-06-23 18:56:09 | 000,640,147 | ---- | M] () -- C:\Users\Janne\Desktop\Wrzuta.pl_Download.zip
 
[2012-06-23 16:53:20 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
 
[2012-06-23 16:53:20 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
 
[2012-06-22 22:27:41 | 004,883,872 | ---- | M] () -- C:\Users\Janne\Desktop\luxa.pdf
 
[2012-06-22 22:25:03 | 004,884,825 | ---- | M] () -- C:\Users\Janne\Documents\luxa.pdf
 
[2012-06-22 21:40:30 | 000,000,057 | ---- | M] () -- C:\Users\Janne\Desktop\spawalnictwo2011@gmail.com.URL
 
[2012-06-22 20:55:00 | 003,970,601 | ---- | M] () -- C:\Users\Janne\Desktop\documentstogouiq4001.zip
 
[2012-06-21 18:51:11 | 006,418,628 | ---- | M] () -- C:\Users\Janne\Desktop\odpowiedzi na pytania.pdf
 
[2012-06-20 19:55:53 | 007,818,155 | ---- | M] () -- C:\Users\Janne\Desktop\Nowy folder.rar
 
[2012-06-17 20:16:20 | 000,001,918 | ---- | M] () -- C:\Users\Public\Desktop\DOSBox 0.74.lnk
 
[2012-06-17 15:49:47 | 137,575,829 | ---- | M] () -- C:\Users\Janne\Desktop\WykBady_Luksa_Projektowanie.zip
 
[2012-06-13 21:47:20 | 000,002,094 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
 
[2012-06-13 21:47:20 | 000,002,094 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
 
[2012-06-01 15:11:01 | 000,162,108 | ---- | M] () -- C:\Users\Janne\Documents\list motywacyjny1.pdf
 
 
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
 
 
[2012-06-25 20:52:16 | 000,001,139 | ---- | C] () -- C:\Users\Public\Desktop\Trojan Killer.lnk
 
[2012-06-25 20:34:08 | 000,442,368 | ---- | C] () -- C:\Users\Janne\AppData\Local\ooiyein.exe
 
[2012-06-24 19:41:34 | 000,002,533 | ---- | C] () -- C:\Users\Janne\Desktop\Graj w Commandos, Behind Enemy Lines.lnk
 
[2012-06-23 18:58:28 | 000,640,147 | ---- | C] () -- C:\Users\Janne\Desktop\Wrzuta.pl_Download[1].zip
 
[2012-06-23 18:56:08 | 000,640,147 | ---- | C] () -- C:\Users\Janne\Desktop\Wrzuta.pl_Download.zip
 
[2012-06-22 22:27:36 | 004,883,872 | ---- | C] () -- C:\Users\Janne\Desktop\luxa.pdf
 
[2012-06-22 22:24:59 | 004,884,825 | ---- | C] () -- C:\Users\Janne\Documents\luxa.pdf
 
[2012-06-22 21:40:30 | 000,000,057 | ---- | C] () -- C:\Users\Janne\Desktop\spawalnictwo2011@gmail.com.URL
 
[2012-06-22 20:54:50 | 003,970,601 | ---- | C] () -- C:\Users\Janne\Desktop\documentstogouiq4001.zip
 
[2012-06-21 18:51:00 | 006,418,628 | ---- | C] () -- C:\Users\Janne\Desktop\odpowiedzi na pytania.pdf
 
[2012-06-20 19:55:44 | 007,818,155 | ---- | C] () -- C:\Users\Janne\Desktop\Nowy folder.rar
 
[2012-06-17 20:16:20 | 000,001,918 | ---- | C] () -- C:\Users\Public\Desktop\DOSBox 0.74.lnk
 
[2012-06-17 11:37:49 | 137,575,829 | ---- | C] () -- C:\Users\Janne\Desktop\WykBady_Luksa_Projektowanie.zip
 
[2012-06-07 21:47:56 | 000,002,094 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
 
[2012-06-07 21:47:56 | 000,002,094 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
 
[2012-06-07 21:47:54 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
 
[2012-06-01 15:10:59 | 000,162,108 | ---- | C] () -- C:\Users\Janne\Documents\list motywacyjny1.pdf
 
[2012-04-02 19:08:04 | 000,002,101 | ---- | C] () -- C:\Users\Janne\.recently-used.xbel
 
[2012-03-03 21:26:53 | 000,129,024 | ---- | C] () -- C:\Windows\SysWow64\AVERM.dll
 
[2012-01-22 09:56:34 | 001,636,610 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
 
[2011-08-14 10:12:20 | 000,644,608 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
 
[2011-08-14 10:12:20 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll
 
[2011-07-15 16:24:18 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
 
[2011-03-08 14:41:06 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
 
[2011-03-08 14:41:04 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
 
[2011-03-08 14:41:04 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
 
[2011-03-08 14:41:04 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
 
[2011-03-08 14:41:04 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
 
 
 
[color=#E56717]========== LOP Check ==========[/color]
 
 
 
[2012-01-22 10:12:44 | 000,000,000 | ---D | M] -- C:\Users\Janne\AppData\Roaming\Autodesk
 
[2011-07-16 10:13:14 | 000,000,000 | ---D | M] -- C:\Users\Janne\AppData\Roaming\DAEMON Tools Lite
 
[2012-04-24 17:09:31 | 000,000,000 | ---D | M] -- C:\Users\Janne\AppData\Roaming\DVDVideoSoft
 
[2012-04-24 17:09:21 | 000,000,000 | ---D | M] -- C:\Users\Janne\AppData\Roaming\DVDVideoSoftIEHelpers
 
[2012-04-25 16:01:39 | 000,000,000 | ---D | M] -- C:\Users\Janne\AppData\Roaming\Gadu-Gadu 10
 
[2012-04-16 20:25:04 | 000,000,000 | ---D | M] -- C:\Users\Janne\AppData\Roaming\GHISLER
 
[2012-04-02 19:08:04 | 000,000,000 | ---D | M] -- C:\Users\Janne\AppData\Roaming\gtk-2.0
 
[2012-06-25 20:45:47 | 000,000,000 | ---D | M] -- C:\Users\Janne\AppData\Roaming\ipla
 
[2012-04-08 09:55:04 | 000,000,000 | ---D | M] -- C:\Users\Janne\AppData\Roaming\My Games
 
[2012-02-25 15:19:47 | 000,000,000 | ---D | M] -- C:\Users\Janne\AppData\Roaming\NapiProjekt
 
[2012-05-06 11:21:12 | 000,000,000 | ---D | M] -- C:\Users\Janne\AppData\Roaming\OpenOffice.org
 
[2011-08-11 14:45:28 | 000,000,000 | ---D | M] -- C:\Users\Janne\AppData\Roaming\Samsung
 
[2012-05-07 19:46:49 | 000,000,000 | ---D | M] -- C:\Users\Janne\AppData\Roaming\Softland
 
[2011-11-01 10:53:02 | 000,000,000 | ---D | M] -- C:\Users\Janne\AppData\Roaming\SuperMemo World
 
[2012-06-18 18:20:50 | 000,032,604 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
 
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
 
 
 
 
< End of report >
 
 
Wygenerowano w 0.533s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!