wklejto.pl

Dodane przez: ~Anonim (2012-07-16 19:41) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
241.
242.
243.
244.
245.
246.
247.
248.
249.
250.
251.
252.
253.
254.
255.
256.
257.
258.
259.
260.
261.
262.
263.
264.
265.
266.
267.
268.
269.
270.
271.
272.
273.
274.
275.
276.
277.
278.
279.
280.
281.
282.
283.
284.
285.
286.
287.
288.
289.
290.
291.
292.
293.
294.
295.
296.
297.
298.
299.
300.
301.
302.
303.
304.
305.
306.
307.
308.
309.
310.
311.
312.
313.
314.
315.
316.
317.
318.
319.
320.
321.
322.
323.
324.
325.
326.
327.
328.
329.
330.
331.
332.
333.
334.
335.
336.
337.
338.
339.
340.
341.
342.
343.
344.
345.
346.
347.
348.
349.
350.
351.
352.
353.
354.
355.
356.
357.
358.
359.
360.
361.
362.
363.
364.
365.
366.
367.
368.
369.
370.
371.
372.
373.
374.
375.
376.
377.
378.
379.
380.
381.
382.
383.
384.
385.
386.
387.
388.
389.
390.
391.
392.
393.
394.
395.
396.
397.
398.
399.
400.
401.
402.
403.
404.
405.
406.
407.
408.
409.
410.
411.
412.
413.
414.
415.
416.
417.
418.
419.
420.
421.
422.
423.
424.
425.
426.
427.
428.
429.
430.
431.
432.
433.
434.
435.
436.
437.
438.
439.
440.
441.
442.
443.
444.
445.
446.
447.
448.
449.
450.
451.
452.
453.
454.
455.
456.
457.
458.
459.
460.
461.
462.
463.
464.
465.
466.
467.
468.
469.
470.
471.
472.
473.
474.
475.
476.
477.
478.
479.
480.
481.
482.
483.
484.
485.
486.
487.
488.
489.
490.
491.
492.
493.
494.
495.
496.
497.
498.
499.
500.
501.
502.
503.
504.
505.
506.
507.
508.
509.
510.
511.
512.
513.
514.
515.
516.
517.
518.
519.
520.
521.
522.
523.
524.
525.
526.
527.
528.
529.
530.
531.
532.
533.
534.
535.
536.
537.
538.
539.
540.
541.
542.
543.
544.
545.
546.
547.
548.
549.
550.
551.
552.
553.
554.
555.
556.
557.
558.
559.
560.
561.
562.
563.
564.
565.
566.
567.
568.
569.
570.
571.
572.
573.
574.
575.
576.
577.
578.
579.
580.
581.
582.
583.
584.
585.
586.
587.
588.
589.
590.
591.
592.
593.
594.
595.
596.
597.
598.
599.
600.
601.
602.
603.
604.
605.
606.
607.
608.
609.
610.
611.
612.
613.
614.
615.
616.
617.
618.
619.
620.
621.
622.
623.
624.
625.
626.
627.
628.
629.
630.
631.
632.
633.
634.
635.
636.
637.
638.
639.
640.
641.
642.
643.
644.
645.
646.
647.
648.
649.
650.
651.
652.
653.
654.
655.
656.
657.
658.
659.
660.
661.
662.
663.
664.
665.
666.
667.
668.
669.
670.
671.
672.
673.
674.
675.
676.
677.
678.
679.
680.
681.
682.
683.
684.
685.
686.
687.
688.
689.
690.
691.
692.
693.
694.
695.
696.
697.
698.
699.
700.
701.
702.
703.
704.
705.
706.
707.
708.
709.
710.
711.
712.
713.
714.
715.
716.
717.
718.
719.
720.
721.
722.
723.
724.
725.
726.
727.
728.
729.
730.
731.
732.
733.
734.
735.
736.
737.
738.
739.
740.
741.
742.
743.
744.
745.
746.
747.
748.
749.
750.
751.
752.
753.
754.
755.
OTL logfile created on: 2012-07-16 19:19:12 - Run 4
 
OTL by OldTimer - Version 3.2.54.0     Folder = C:\Users\Andrzej\Desktop
 
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
 
Internet Explorer (Version = 9.0.8112.16421)
 
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
 
 
3,91 Gb Total Physical Memory | 2,81 Gb Available Physical Memory | 72,05% Memory free
 
7,81 Gb Paging File | 6,73 Gb Available in Paging File | 86,15% Paging File free
 
Paging file location(s): ?:\pagefile.sys [binary data]
 
 
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
 
Drive C: | 219,79 Gb Total Space | 112,20 Gb Free Space | 51,05% Space Free | Partition Type: NTFS
 
Drive D: | 35,61 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
 
 
Computer Name: AUREUS | User Name: Andrzej | Logged in as Administrator.
 
Boot Mode: SafeMode | Scan Mode: All users | Include 64bit Scans
 
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
 
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
 
 
PRC - [2012-07-14 13:21:03 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Andrzej\Desktop\OTL.exe
 
PRC - [2012-05-03 18:37:54 | 001,226,096 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
 
 
 
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
 
 
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
 
 
SRV:[b]64bit:[/b] - [2010-02-26 19:57:52 | 000,841,248 | ---- | M] (Acer Incorporated) [Auto | Stopped] -- C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe -- (ePowerSvc)
 
SRV:[b]64bit:[/b] - [2010-01-29 01:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Stopped] -- C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe -- (Updater Service)
 
SRV - [2012-06-17 15:44:46 | 003,069,752 | ---- | M] (Emsisoft GmbH) [Auto | Stopped] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)
 
SRV - [2012-05-10 21:17:20 | 000,218,624 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\PLAY ONLINE\UpdateDog\ouc.exe -- (PLAY ONLINE. RunOuc)
 
SRV - [2012-05-06 14:05:50 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
 
SRV - [2012-05-03 18:37:54 | 001,226,096 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe -- (Ad-Aware Service)
 
SRV - [2011-12-19 13:20:06 | 003,289,032 | ---- | M] (GFI Software) [Auto | Start_Pending] -- C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe -- (SBAMSvc)
 
SRV - [2010-11-16 15:38:16 | 000,339,456 | ---- | M] () [Auto | Stopped] -- C:\ProgramData\DatacardService\HWDeviceService64.exe -- (HWDeviceService64.exe)
 
SRV - [2010-09-10 13:06:04 | 000,410,696 | ---- | M] (G Data Software AG) [Auto | Stopped] -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe -- (AVKService)
 
SRV - [2010-09-10 13:06:00 | 001,098,312 | ---- | M] (G Data Software AG) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe -- (AVKProxy)
 
SRV - [2010-09-10 04:14:18 | 001,718,608 | ---- | M] (G Data Software AG) [On_Demand | Stopped] -- C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe -- (GDFwSvc)
 
SRV - [2010-09-10 03:57:52 | 001,865,344 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe -- (AVKWCtl)
 
SRV - [2010-09-10 03:04:54 | 000,340,552 | ---- | M] (G Data Software AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe -- (GDScan)
 
SRV - [2010-07-28 22:41:16 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
 
SRV - [2010-05-25 02:21:50 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe -- (NTI IScheduleSvc)
 
SRV - [2010-01-08 15:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe -- (GREGService)
 
SRV - [2009-10-13 20:25:30 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
 
SRV - [2009-10-09 05:45:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0)
 
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
 
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
 
 
DRV:[b]64bit:[/b] - [2012-05-10 21:17:22 | 000,421,376 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbwwan.sys -- (ewusbmbb)
 
DRV:[b]64bit:[/b] - [2012-05-10 21:17:22 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
 
DRV:[b]64bit:[/b] - [2012-05-10 21:17:22 | 000,086,016 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)
 
DRV:[b]64bit:[/b] - [2012-05-10 21:17:22 | 000,013,952 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)
 
DRV:[b]64bit:[/b] - [2012-05-10 21:17:21 | 000,221,312 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
 
DRV:[b]64bit:[/b] - [2011-12-19 12:44:24 | 000,256,632 | ---- | M] (GFI Software) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\SbFw.sys -- (SbFw)
 
DRV:[b]64bit:[/b] - [2011-12-19 12:44:24 | 000,084,600 | ---- | M] (GFI Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sbwtis.sys -- (sbwtis)
 
DRV:[b]64bit:[/b] - [2011-12-19 12:44:24 | 000,060,536 | ---- | M] (GFI Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sbhips.sys -- (sbhips)
 
DRV:[b]64bit:[/b] - [2011-11-29 06:59:46 | 000,074,872 | ---- | M] (GFI Software) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\sbapifs.sys -- (sbapifs)
 
DRV:[b]64bit:[/b] - [2011-10-26 14:23:36 | 000,057,976 | ---- | M] (GFI Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\sbredrv.sys -- (SBRE)
 
DRV:[b]64bit:[/b] - [2011-09-29 12:16:18 | 000,119,416 | ---- | M] (GFI Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SbFwIm.sys -- (SBFWIMCLMP)
 
DRV:[b]64bit:[/b] - [2011-09-29 12:16:18 | 000,119,416 | ---- | M] (GFI Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SbFwIm.sys -- (SBFWIMCL)
 
DRV:[b]64bit:[/b] - [2011-03-04 21:44:12 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
 
DRV:[b]64bit:[/b] - [2011-01-22 14:51:50 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
 
DRV:[b]64bit:[/b] - [2011-01-18 16:28:53 | 000,106,224 | ---- | M] (G Data Software) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\GRD.sys -- (GRD)
 
DRV:[b]64bit:[/b] - [2011-01-18 16:07:32 | 000,040,392 | ---- | M] (G Data Software AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\GDBehave.sys -- (GDBehave)
 
DRV:[b]64bit:[/b] - [2011-01-18 16:07:19 | 000,057,288 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PktIcpt.sys -- (GDPkIcpt)
 
DRV:[b]64bit:[/b] - [2011-01-18 16:06:51 | 000,085,960 | ---- | M] (G Data Software AG) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\MiniIcpt.sys -- (GDMnIcpt)
 
DRV:[b]64bit:[/b] - [2011-01-18 16:06:51 | 000,049,096 | ---- | M] (G Data Software AG) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\HookCentre.sys -- (HookCentre)
 
DRV:[b]64bit:[/b] - [2011-01-18 16:06:51 | 000,048,584 | ---- | M] (G DATA Software AG) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\gdwfpcd64.sys -- (gdwfpcd)
 
DRV:[b]64bit:[/b] - [2010-11-20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
 
DRV:[b]64bit:[/b] - [2010-11-20 15:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
 
DRV:[b]64bit:[/b] - [2010-11-20 15:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
 
DRV:[b]64bit:[/b] - [2010-11-20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
 
DRV:[b]64bit:[/b] - [2009-12-14 09:22:36 | 001,806,592 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
 
DRV:[b]64bit:[/b] - [2009-11-24 18:58:54 | 000,021,864 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\STHall.sys -- (STHall)
 
DRV:[b]64bit:[/b] - [2009-10-13 20:16:40 | 000,409,624 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
 
DRV:[b]64bit:[/b] - [2009-09-17 14:12:06 | 000,292,912 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
 
DRV:[b]64bit:[/b] - [2009-09-15 06:40:00 | 006,952,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) Sterownik karty Intel(R)
 
DRV:[b]64bit:[/b] - [2009-09-04 07:39:08 | 000,062,464 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller (NDIS 6.20)
 
DRV:[b]64bit:[/b] - [2009-09-02 05:54:20 | 007,369,728 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
 
DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
 
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
 
DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
 
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
 
DRV:[b]64bit:[/b] - [2009-07-10 00:45:12 | 000,139,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)
 
DRV:[b]64bit:[/b] - [2009-06-10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R)
 
DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
 
DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
 
DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
 
DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
 
DRV:[b]64bit:[/b] - [2009-05-26 15:32:38 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
 
DRV:[b]64bit:[/b] - [2009-05-06 01:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
 
DRV:[b]64bit:[/b] - [2009-05-06 01:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
 
DRV:[b]64bit:[/b] - [2008-02-22 18:54:00 | 000,019,496 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GearAspiWDM)
 
DRV:[b]64bit:[/b] - [2007-02-07 17:51:18 | 000,169,496 | ---- | M] (Analog Devices Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\adiusbawx64.sys -- (adiusbaw)
 
DRV:[b]64bit:[/b] - [2007-02-07 17:50:58 | 000,058,264 | ---- | M] (Analog Deivces) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\adildrx64.sys -- (ELOADER) General Purpose USB Driver (adildrx64.sys)
 
DRV - [2012-04-30 18:45:28 | 000,066,320 | ---- | M] (Emsisoft GmbH) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2accx64.sys -- (a2acc)
 
DRV - [2011-10-26 14:23:40 | 000,101,112 | ---- | M] (GFI Software) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\SBREDrv.sys -- (SBRE)
 
DRV - [2011-08-21 20:07:29 | 000,106,224 | ---- | M] (G Data Software) [Kernel | System | Stopped] -- C:\Windows\SysWOW64\drivers\GRD.sys -- (GRD)
 
DRV - [2011-05-19 14:10:34 | 000,023,208 | ---- | M] (Emsi Software GmbH) [Kernel | System | Stopped] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys -- (A2DDA)
 
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
DRV - [2009-03-26 05:16:08 | 000,025,608 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\DKbFltr.sys -- (DKbFltr) Dritek Keyboard Filter Driver (64-bit)
 
DRV - [2007-02-07 17:51:18 | 000,169,496 | ---- | M] (Analog Devices Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\adiusbawx64.sys -- (adiusbaw)
 
DRV - [2007-02-07 17:50:58 | 000,058,264 | ---- | M] (Analog Deivces) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\adildrx64.sys -- (ELOADER) General Purpose USB Driver (adildrx64.sys)
 
 
 
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
 
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
 
 
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0415&m=enbft&r=273612103106l0453z105f47k2c420
 
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0415&m=enbft&r=273612103106l0453z105f47k2c420
 
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
 
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0415&m=enbft&r=273612103106l0453z105f47k2c420
 
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW
 
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
 
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
 
 
 
 
IE - HKU\S-1-5-21-372009918-2883962124-3754424169-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.gametop.com/?utm_source=OceanQuest&utm_medium=start
 
IE - HKU\S-1-5-21-372009918-2883962124-3754424169-1000\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
 
IE - HKU\S-1-5-21-372009918-2883962124-3754424169-1000\..\SearchScopes,DefaultScope = {62E7812A-0B40-4FE9-AD7A-EF13AC3D4F6D}
 
IE - HKU\S-1-5-21-372009918-2883962124-3754424169-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
 
IE - HKU\S-1-5-21-372009918-2883962124-3754424169-1000\..\SearchScopes\{62E7812A-0B40-4FE9-AD7A-EF13AC3D4F6D}: "URL" = http://search.zonealarm.com/search?Source=Browser&oemCode=ZLN113839197596441-1001&toolbarId=base&affiliateId=1001&Lan=en&utid=300db5bc000000000000001e101fabdd&q={searchTerms}&r=664
 
IE - HKU\S-1-5-21-372009918-2883962124-3754424169-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW_pl
 
IE - HKU\S-1-5-21-372009918-2883962124-3754424169-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKU\S-1-5-21-372009918-2883962124-3754424169-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
[color=#E56717]========== FireFox ==========[/color]
 
 
 
FF - prefs.js..browser.search.selectedEngine: "Search By ZoneAlarm"
 
FF - prefs.js..browser.startup.homepage: "www.google.pl"
 
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
 
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170633FE}:20.1.0.4
 
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
 
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8
 
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.2
 
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.5
 
FF - prefs.js..extensions.enabledItems: elemhidehelper@adblockplus.org:1.1.1
 
FF - prefs.js..keyword.URL: "http://search.zonealarm.com/search?Source=Browser&oemCode=ZLN113839197596441-1001&toolbarId=base&affiliateId=1001&Lan=en&utid=300db5bc000000000000001e101fabdd&q={searchTerms}"
 
FF - prefs.js..network.proxy.type: 0
 
 
 
 
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files (x86)\Virtual Earth 3D\ [2010-07-13 04:23:54 | 000,000,000 | ---D | M]
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
 
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll File not found
 
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
 
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
 
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
 
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files (x86)\Virtual Earth 3D\ [2010-07-13 04:23:54 | 000,000,000 | ---D | M]
 
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
 
 
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-10-06 18:58:28 | 000,000,000 | ---D | M]
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-05-06 14:05:50 | 000,000,000 | ---D | M]
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-04-08 16:16:10 | 000,000,000 | ---D | M]
 
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-10-06 18:58:28 | 000,000,000 | ---D | M]
 
 
 
[2011-01-05 16:22:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Andrzej\AppData\Roaming\mozilla\Extensions
 
[2012-07-14 01:06:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Andrzej\AppData\Roaming\mozilla\Firefox\Profiles\0g055hpx.default\extensions
 
[2012-07-13 23:36:41 | 000,001,552 | ---- | M] () -- C:\Users\Andrzej\AppData\Roaming\Mozilla\Firefox\Profiles\0g055hpx.default\searchplugins\zonealarm.xml
 
[2012-05-06 15:42:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
 
[2011-01-18 16:06:56 | 000,000,000 | ---D | M] (G Data WebFilter) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE}
 
[2011-10-29 20:47:38 | 000,434,392 | ---- | M] () (No name found) -- C:\USERS\ANDRZEJ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0G055HPX.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI
 
[2012-02-12 12:51:24 | 000,709,293 | ---- | M] () (No name found) -- C:\USERS\ANDRZEJ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0G055HPX.DEFAULT\EXTENSIONS\{DDC359D1-844A-42A7-9AA1-88A850A938A8}.XPI
 
[2012-05-06 14:05:49 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
 
[2012-04-06 22:59:21 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
 
[2011-03-22 20:38:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
 
[2012-02-25 15:51:38 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
 
[2012-02-25 15:51:38 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
 
[2012-02-25 15:51:38 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
 
[2012-02-25 15:51:38 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
 
[2012-02-25 15:51:38 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
 
[2012-02-25 15:51:38 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml
 
 
 
O1 HOSTS File: ([2012-07-14 11:04:21 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
 
O1 - Hosts: 127.0.0.1       localhost
 
O2:[b]64bit:[/b] - BHO: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\Webfilter\AvkWebIEx64.dll (G Data Software AG)
 
O2 - BHO: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\Webfilter\AvkWebIE.dll (G Data Software AG)
 
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
 
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\Webfilter\AvkWebIEx64.dll (G Data Software AG)
 
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
 
O3 - HKLM\..\Toolbar: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\Webfilter\AvkWebIE.dll (G Data Software AG)
 
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
 
O4:[b]64bit:[/b] - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
 
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
 
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
 
O4:[b]64bit:[/b] - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
 
O4:[b]64bit:[/b] - HKLM..\Run: [PLFSetL] C:\Windows\PLFSetL.exe (sonix)
 
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
 
O4:[b]64bit:[/b] - HKLM..\Run: [ScreenRotation] C:\Program Files (x86)\STMicroelectronics\STScreenDetection\SDTabletPC.exe ()
 
O4 - HKLM..\Run: [Ad-Aware Antivirus] C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher.exe (Lavasoft Limited)
 
O4 - HKLM..\Run: [Emsisoft Anti-Malware] c:\program files (x86)\emsisoft anti-malware\a2guard.exe (Emsisoft GmbH)
 
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.EXE (Dritek System Inc.)
 
O4 - HKLM..\Run: [OMEA] C:\Program Files (x86)\PackardBellXSync\Deployment\Functions\{AA58F999-6D97-42c2-A69F-8CC04D18D944}\OMEA.exe (Ours Technology Inc.)
 
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
 
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
 
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel present
 
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\control panel present
 
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\control panel present
 
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\control panel present
 
O7 - HKU\S-1-5-21-372009918-2883962124-3754424169-1000\Software\Policies\Microsoft\Internet Explorer\control panel present
 
O7 - HKU\S-1-5-21-372009918-2883962124-3754424169-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
 
O7 - HKU\S-1-5-21-372009918-2883962124-3754424169-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
 
O8:[b]64bit:[/b] - Extra context menu item: Funkcja Google Sidewiki - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
 
O8 - Extra context menu item: Funkcja Google Sidewiki - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
 
O13[b]64bit:[/b] - gopher Prefix: missing
 
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
 
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
 
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
 
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0181E6C8-272D-467C-ADF7-0048DCD4D3A0}: NameServer = 89.108.195.21 89.108.202.21
 
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3AE02DFE-0457-4681-8F1C-DAF34019882E}: NameServer = 89.108.202.20 89.108.195.20
 
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EE1BAE11-9C8F-499D-8D6C-61D960E9645D}: NameServer = 89.108.202.20 89.108.195.20
 
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
 
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
 
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
 
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
 
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
 
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
 
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
 
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
 
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
 
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
 
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
 
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
 
O32 - HKLM CDRom: AutoRun - 1
 
O32 - AutoRun File - [2011-04-21 00:22:49 | 000,000,000 | ---D | M] - C:\Autorun.inf -- [ NTFS ]
 
O32 - AutoRun File - [2010-11-16 23:37:37 | 000,142,336 | R--- | M] () - D:\AutoRun.exe -- [ CDFS ]
 
O32 - AutoRun File - [2008-10-07 11:12:34 | 000,000,045 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ]
 
O33 - MountPoints2\{97a7cd92-9c10-11e1-8902-001e64441f06}\Shell - "" = AutoRun
 
O33 - MountPoints2\{97a7cd92-9c10-11e1-8902-001e64441f06}\Shell\AutoRun\command - "" = D:\AutoRun.exe -- [2010-11-16 23:37:37 | 000,142,336 | R--- | M] ()
 
O34 - HKLM BootExecute: (autocheck autochk *)
 
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
 
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
 
O35 - HKLM\..comfile [open] -- "%1" %*
 
O35 - HKLM\..exefile [open] -- "%1" %*
 
O37:[b]64bit:[/b] - HKLM\...com [@ = ComFile] -- "%1" %*
 
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
 
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
 
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
 
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
 
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
 
 
[2012-07-16 19:05:25 | 000,000,000 | ---D | C] -- C:\_OTL
 
[2012-07-14 13:21:00 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Andrzej\Desktop\OTL.exe
 
[2012-07-14 11:29:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
 
[2012-07-14 11:28:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Emsisoft Anti-Malware
 
[2012-07-14 11:28:58 | 000,000,000 | ---D | C] -- C:\Users\Andrzej\Documents\Anti-Malware
 
[2012-07-14 11:04:33 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
 
[2012-07-14 11:02:05 | 000,000,000 | ---D | C] -- C:\Windows\temp
 
[2012-07-14 10:53:38 | 000,000,000 | ---D | C] -- C:\ComboFix
 
[2012-07-14 01:06:26 | 000,000,000 | ---D | C] -- C:\Users\Andrzej\AppData\Roaming\Ad-Aware Antivirus
 
[2012-07-14 00:57:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
 
[2012-07-14 00:56:50 | 000,060,536 | ---- | C] (GFI Software) -- C:\Windows\SysNative\drivers\sbhips.sys
 
[2012-07-14 00:56:17 | 000,256,632 | ---- | C] (GFI Software) -- C:\Windows\SysNative\drivers\SbFw.sys
 
[2012-07-14 00:56:17 | 000,119,416 | ---- | C] (GFI Software) -- C:\Windows\SysNative\drivers\SbFwIm.sys
 
[2012-07-14 00:56:11 | 000,057,976 | ---- | C] (GFI Software) -- C:\Windows\SysNative\drivers\sbredrv.sys
 
[2012-07-14 00:56:11 | 000,045,936 | ---- | C] (GFI Software) -- C:\Windows\SysNative\sbbd.exe
 
[2012-07-14 00:56:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
 
[2012-07-14 00:56:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ad-Aware Antivirus
 
[2012-07-14 00:21:37 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
 
[2012-07-13 23:37:40 | 000,000,000 | ---D | C] -- C:\Users\Andrzej\AppData\Roaming\CheckPoint
 
[2012-07-13 23:30:10 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint
 
[2012-07-13 23:26:36 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
 
[2012-07-13 22:50:23 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
 
[2012-07-13 22:50:23 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
 
[2012-07-13 22:50:23 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
 
[2012-07-13 22:50:00 | 000,000,000 | ---D | C] -- C:\Qoobox
 
[2012-07-13 22:49:42 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
 
[2012-07-13 22:49:30 | 004,577,833 | R--- | C] (Swearware) -- C:\Users\Andrzej\Desktop\ComboFix.exe
 
[2012-07-11 18:19:09 | 000,000,000 | ---D | C] -- C:\Users\Andrzej\AppData\Roaming\hellomoto
 
 
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
 
 
[2012-07-16 19:23:29 | 001,523,412 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
 
[2012-07-16 19:23:29 | 000,687,590 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
 
[2012-07-16 19:23:29 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
 
[2012-07-16 19:23:29 | 000,131,176 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
 
[2012-07-16 19:23:29 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
 
[2012-07-16 19:17:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
 
[2012-07-16 19:17:05 | 3144,867,840 | -HS- | M] () -- C:\hiberfil.sys
 
[2012-07-16 19:16:32 | 000,196,608 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
 
[2012-07-16 19:14:54 | 000,001,840 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
 
[2012-07-16 18:10:26 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
 
[2012-07-16 18:10:26 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
 
[2012-07-14 13:21:03 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Andrzej\Desktop\OTL.exe
 
[2012-07-14 11:29:31 | 000,001,063 | ---- | M] () -- C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
 
[2012-07-14 11:04:21 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
 
[2012-07-14 10:27:45 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Antivirus Scheduled Scan.job
 
[2012-07-14 00:21:38 | 000,001,947 | ---- | M] () -- C:\Users\Public\Desktop\HitmanPro.lnk
 
[2012-07-13 22:45:12 | 004,577,833 | R--- | M] (Swearware) -- C:\Users\Andrzej\Desktop\ComboFix.exe
 
[2012-07-08 14:26:40 | 000,009,589 | ---- | M] () -- C:\Users\Andrzej\Desktop\samochody.odt
 
[2012-07-01 18:05:55 | 000,458,106 | ---- | M] () -- C:\Users\Andrzej\Desktop\Upalosciowe_i_naprawcze.pdf
 
 
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
 
 
[2012-07-14 11:29:31 | 000,001,063 | ---- | C] () -- C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
 
[2012-07-14 01:26:15 | 000,000,948 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Antivirus Scheduled Scan.job
 
[2012-07-14 00:57:27 | 000,001,840 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
 
[2012-07-14 00:21:38 | 000,001,947 | ---- | C] () -- C:\Users\Public\Desktop\HitmanPro.lnk
 
[2012-07-13 22:50:23 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
 
[2012-07-13 22:50:23 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
 
[2012-07-13 22:50:23 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
 
[2012-07-13 22:50:23 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
 
[2012-07-13 22:50:23 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
 
[2012-07-01 18:05:48 | 000,458,106 | ---- | C] () -- C:\Users\Andrzej\Desktop\Upalosciowe_i_naprawcze.pdf
 
[2012-06-23 16:58:53 | 000,009,589 | ---- | C] () -- C:\Users\Andrzej\Desktop\samochody.odt
 
[2012-05-14 21:46:29 | 000,102,620 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
 
[2011-12-10 15:05:59 | 000,000,066 | ---- | C] () -- C:\Windows\wininit.ini
 
[2011-10-06 18:52:50 | 000,174,232 | ---- | C] () -- C:\Windows\hpoins44.dat
 
[2011-10-06 18:52:50 | 000,000,512 | ---- | C] () -- C:\Windows\hpomdl44.dat
 
[2011-08-21 20:26:53 | 000,000,397 | ---- | C] () -- C:\Windows\SIERRA.INI
 
[2011-06-20 20:21:38 | 000,007,609 | ---- | C] () -- C:\Users\Andrzej\AppData\Local\Resmon.ResmonCfg
 
[2011-04-20 17:09:19 | 000,000,043 | ---- | C] () -- C:\Users\Andrzej\AppData\Roaming\1.gif
 
[2011-01-22 23:02:00 | 000,003,584 | ---- | C] () -- C:\Users\Andrzej\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
[2011-01-20 22:39:28 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
 
[2011-01-20 21:46:06 | 000,000,169 | ---- | C] () -- C:\Windows\adidsl.ini
 
[2011-01-20 21:46:06 | 000,000,021 | ---- | C] () -- C:\Windows\Fast800.ini
 
[2011-01-20 21:45:46 | 000,253,008 | ---- | C] () -- C:\Windows\adirasx64.exe
 
[2011-01-20 21:45:46 | 000,194,128 | ---- | C] () -- C:\Windows\adiras.exe
 
[2011-01-20 21:45:46 | 000,000,990 | ---- | C] () -- C:\Windows\adiras.ini
 
[2011-01-20 21:45:40 | 000,024,576 | ---- | C] () -- C:\Windows\enddisk32.exe
 
[2011-01-05 16:22:20 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
 
[2010-07-28 22:32:50 | 000,206,208 | ---- | C] () -- C:\Windows\PLFSetI.exe
 
[2010-07-28 22:32:50 | 000,000,302 | ---- | C] () -- C:\Windows\PidList_C.ini
 
 
 
[color=#E56717]========== LOP Check ==========[/color]
 
 
 
[2012-07-14 01:06:26 | 000,000,000 | ---D | M] -- C:\Users\Andrzej\AppData\Roaming\Ad-Aware Antivirus
 
[2011-01-20 02:11:00 | 000,000,000 | ---D | M] -- C:\Users\Andrzej\AppData\Roaming\BESTplayer
 
[2012-07-13 23:37:40 | 000,000,000 | ---D | M] -- C:\Users\Andrzej\AppData\Roaming\CheckPoint
 
[2012-05-06 19:41:28 | 000,000,000 | ---D | M] -- C:\Users\Andrzej\AppData\Roaming\DAEMON Tools Lite
 
[2012-07-13 22:23:24 | 000,000,000 | ---D | M] -- C:\Users\Andrzej\AppData\Roaming\hellomoto
 
[2012-05-03 13:53:51 | 000,000,000 | ---D | M] -- C:\Users\Andrzej\AppData\Roaming\IVONA ControlCenter
 
[2011-01-24 13:31:15 | 000,000,000 | ---D | M] -- C:\Users\Andrzej\AppData\Roaming\OpenOffice.org
 
[2011-01-18 18:54:51 | 000,000,000 | ---D | M] -- C:\Users\Andrzej\AppData\Roaming\Packard Bell
 
[2011-10-17 15:21:59 | 000,000,000 | ---D | M] -- C:\Users\Andrzej\AppData\Roaming\Roads Of Rome
 
[2010-12-23 19:50:00 | 000,000,000 | ---D | M] -- C:\Users\Andrzej\AppData\Roaming\TouchPortal
 
[2012-05-08 22:38:53 | 000,000,000 | ---D | M] -- C:\Users\Andrzej\AppData\Roaming\uTorrent
 
[2011-10-01 22:33:08 | 000,000,000 | ---D | M] -- C:\Users\Andrzej\AppData\Roaming\x-formation
 
[2012-07-14 12:53:15 | 000,000,000 | ---D | M] -- C:\Users\Go[\AppData\Roaming\Ad-Aware Antivirus
 
[2012-07-14 10:27:45 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Antivirus Scheduled Scan.job
 
[2012-06-09 15:32:01 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
 
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
 
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
 
 
@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:45C3B7CC
 
 
 
< End of report >
 
 
Wygenerowano w 0.475s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!