wklejto.pl

Dodane przez: ~Ryuuk (2013-11-30 15:51) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
241.
242.
243.
244.
245.
246.
247.
248.
249.
250.
251.
252.
253.
254.
255.
256.
257.
258.
259.
260.
261.
262.
263.
264.
265.
266.
267.
268.
269.
270.
271.
272.
273.
274.
275.
276.
277.
278.
279.
280.
281.
282.
283.
284.
285.
286.
287.
288.
289.
290.
291.
292.
293.
294.
295.
296.
297.
298.
299.
300.
301.
302.
303.
304.
305.
306.
307.
308.
309.
310.
311.
312.
313.
314.
315.
316.
317.
318.
319.
320.
321.
322.
323.
324.
325.
326.
327.
328.
329.
330.
331.
332.
OTL logfile created on: 2013-11-30 14:33:16 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Ryuk\Moje dokumenty\Pobieranie
Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
767,52 Mb Total Physical Memory | 240,27 Mb Available Physical Memory | 31,30% Memory free
4,62 Gb Paging File | 3,70 Gb Available in Paging File | 80,25% Paging File free
Paging file location(s): C:\pagefile.sys 4000 4000 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 40,00 Gb Total Space | 22,63 Gb Free Space | 56,58% Space Free | Partition Type: NTFS
Drive D: | 37,26 Gb Total Space | 3,48 Gb Free Space | 9,34% Space Free | Partition Type: NTFS
Drive E: | 165,00 Gb Total Space | 142,17 Gb Free Space | 86,17% Space Free | Partition Type: NTFS
Drive F: | 167,60 Gb Total Space | 102,04 Gb Free Space | 60,88% Space Free | Partition Type: NTFS
Drive G: | 37,26 Gb Total Space | 0,16 Gb Free Space | 0,43% Space Free | Partition Type: NTFS
 
Computer Name: BODZIO-TURBO | User Name: Ryuk | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2013-11-30 14:26:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ryuk\Moje dokumenty\Pobieranie\OTL.exe
PRC - [2013-11-25 13:02:04 | 004,747,280 | ---- | M] (ClickMeIn Limited) -- C:\Program Files\VuuPC\Connectivity.exe
PRC - [2013-11-17 17:18:17 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013-11-12 15:15:46 | 003,995,632 | ---- | M] () -- C:\Program Files\fst_pl_6\fst_pl_6.exe
PRC - [2013-11-12 15:15:46 | 003,154,416 | ---- | M] () -- C:\Documents and Settings\Bodzio\Ustawienia lokalne\Dane aplikacji\fst_pl_6\upfst_pl_6.exe
PRC - [2013-11-06 20:07:08 | 000,166,352 | ---- | M] (APN LLC.) -- C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
PRC - [2013-11-06 20:07:00 | 001,707,472 | ---- | M] (APN) -- C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
PRC - [2013-10-04 15:38:07 | 000,065,312 | ---- | M] (BrowseFox) -- C:\Program Files\BrowseFox\bin\utilBrowseFox.exe
PRC - [2013-10-04 15:37:53 | 000,065,312 | ---- | M] (BrowseFox) -- C:\Program Files\BrowseFox\updateBrowseFox.exe
PRC - [2013-07-17 17:20:18 | 000,345,904 | ---- | M] () -- C:\WINDOWS\system32\jmdp\stij.exe
PRC - [2013-07-17 17:20:14 | 001,344,304 | ---- | M] () -- C:\WINDOWS\system32\dmwu.exe
PRC - [2012-06-28 16:40:52 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winampa.exe
PRC - [2010-10-27 10:00:02 | 001,015,808 | ---- | M] (Ares Development Group) -- D:\Documents and Settings\Bodzio\Pulpit\Ryuk\Pulpit\Ares.exe
PRC - [2008-04-15 13:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005-04-26 10:22:32 | 000,589,824 | ---- | M] (VIA Technologies) -- C:\Program Files\VIA\RAID\raid_tool.exe
PRC - [2005-03-24 20:20:30 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2013-11-18 15:31:07 | 003,618,304 | ---- | M] () -- c:\Documents and Settings\All Users\Dane aplikacji\BitGuard\2.7.1832.68\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll
MOD - [2013-11-17 17:18:16 | 003,363,952 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013-11-12 15:15:46 | 003,995,632 | ---- | M] () -- C:\Program Files\fst_pl_6\fst_pl_6.exe
MOD - [2013-11-12 15:15:46 | 003,154,416 | ---- | M] () -- C:\Documents and Settings\Bodzio\Ustawienia lokalne\Dane aplikacji\fst_pl_6\upfst_pl_6.exe
MOD - [2013-10-21 16:55:34 | 000,337,920 | ---- | M] () -- C:\Program Files\BrowseFox\bin\sqlite3.dll
MOD - [2013-10-09 17:50:26 | 000,978,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\1b7600e7fe5e152f21ba6d79f3c0c3b6\System.Configuration.ni.dll
MOD - [2013-10-09 16:30:57 | 016,233,864 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll
MOD - [2013-10-09 16:18:10 | 012,434,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\02257c6b67db33c194fa3beccf977afb\System.Windows.Forms.ni.dll
MOD - [2013-10-09 15:26:51 | 003,194,880 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2013-10-09 15:26:50 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2013-10-09 15:26:50 | 000,425,984 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2013-10-09 15:26:45 | 002,052,096 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2013-10-09 15:26:44 | 000,114,688 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
MOD - [2013-09-26 14:32:45 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\15fd2d2f4e709154b44187a6915db244\System.ServiceProcess.ni.dll
MOD - [2013-09-26 14:32:32 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\cf3c9d1496acdcb836853e59fe20223b\System.Management.ni.dll
MOD - [2013-09-21 17:52:19 | 005,462,016 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\f93600ac836b9140e1df13bb0f6bfccf\System.Xml.ni.dll
MOD - [2013-09-21 17:51:21 | 001,593,344 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b34cb206ab0cec687c3730b14cdff57\System.Drawing.ni.dll
MOD - [2013-09-21 17:47:30 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\10df39542df7d48462451fc39bce8418\System.ni.dll
MOD - [2013-09-21 17:47:17 | 011,497,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\b14359470744c840c59fbe4e58034fd6\mscorlib.ni.dll
MOD - [2013-07-17 17:20:18 | 000,345,904 | ---- | M] () -- C:\WINDOWS\system32\jmdp\stij.exe
MOD - [2013-07-17 17:20:14 | 001,344,304 | ---- | M] () -- C:\WINDOWS\system32\dmwu.exe
MOD - [2013-07-17 17:19:46 | 000,528,896 | ---- | M] () -- C:\WINDOWS\system32\jmdp\lmrn.dll
MOD - [2013-07-04 08:12:00 | 000,362,029 | ---- | M] () -- C:\WINDOWS\system32\jmdp\sqlite3.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013-11-29 20:20:22 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-11-25 13:02:04 | 004,747,280 | ---- | M] (ClickMeIn Limited) [Auto | Running] -- C:\Program Files\VuuPC\Connectivity.exe -- (VuuPCConnectivity)
SRV - [2013-11-25 13:01:22 | 002,967,568 | ---- | M] (ClickMeIn Limited) [Auto | Stopped] -- C:\Program Files\VuuPC\RemoteEngine.exe -- (RemoteEngineService)
SRV - [2013-11-17 17:18:16 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013-11-06 20:07:08 | 000,166,352 | ---- | M] (APN LLC.) [Auto | Running] -- C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe -- (APNMCP)
SRV - [2013-10-05 17:09:01 | 000,148,976 | ---- | M] (BonanzaDeals) [On_Demand | Stopped] -- C:\Program Files\BonanzaDealsLive\Update\BonanzaDealsLive.exe -- (bonanzadealslivem)
SRV - [2013-10-05 17:09:01 | 000,148,976 | ---- | M] (BonanzaDeals) [Auto | Stopped] -- C:\Program Files\BonanzaDealsLive\Update\BonanzaDealsLive.exe -- (bonanzadealslive)
SRV - [2013-10-04 15:38:07 | 000,065,312 | ---- | M] (BrowseFox) [Auto | Running] -- C:\Program Files\BrowseFox\bin\utilBrowseFox.exe -- (Util BrowseFox)
SRV - [2013-10-04 15:37:53 | 000,065,312 | ---- | M] (BrowseFox) [Auto | Running] -- C:\Program Files\BrowseFox\updateBrowseFox.exe -- (Update BrowseFox)
SRV - [2013-07-17 17:20:14 | 001,344,304 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\dmwu.exe -- (IBUpdaterService)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2009-09-19 05:29:36 | 004,477,952 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005-03-25 14:04:40 | 002,314,560 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1202660629-1935655697-1606980848-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.startup.homepage: "http://home.sweetim.com/?barid={DFC25BFD-2AA0-11E3-83D6-00112F5A84D5}&src=10&crg=3.16010003&st=23&ptr=100"
FF - prefs.js..keyword.URL: "http://search.sweetim.com/search.asp?src=6&barid={DFC25BFD-2AA0-11E3-83D6-00112F5A84D5}&crg=3.16010003&st=23&ptr=100&q="
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=3: C:\Program Files\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll (BonanzaDeals)
FF - HKLM\Software\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=9: C:\Program Files\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll (BonanzaDeals)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013-09-20 11:37:05 | 000,000,000 | ---D | M]
 
[2013-09-22 12:39:43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ryuk\Dane aplikacji\Mozilla\Extensions
[2013-11-12 14:36:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ryuk\Dane aplikacji\Mozilla\Firefox\Profiles\4b2wxmw5.default\Extensions
[2013-10-01 15:00:02 | 000,000,000 | ---D | M] (PriceGong) -- C:\Documents and Settings\Ryuk\Dane aplikacji\Mozilla\Firefox\Profiles\4b2wxmw5.default\Extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}
[2013-09-25 13:37:59 | 000,000,000 | ---D | M] (FT Downloader) -- C:\Documents and Settings\Ryuk\Dane aplikacji\Mozilla\Firefox\Profiles\4b2wxmw5.default\Extensions\ftd@ftd.com
[2013-11-12 14:33:22 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Documents and Settings\Ryuk\Dane aplikacji\Mozilla\Firefox\Profiles\4b2wxmw5.default\Extensions\toolbar_CME-V7@apn.ask.com
[2013-06-26 18:40:28 | 000,228,503 | ---- | M] () (No name found) -- C:\Documents and Settings\Ryuk\Dane aplikacji\Mozilla\Firefox\Profiles\4b2wxmw5.default\Extensions\ftd@ftd.com.xpi
[2013-11-12 14:33:20 | 000,534,941 | ---- | M] () (No name found) -- C:\Documents and Settings\Ryuk\Dane aplikacji\Mozilla\Firefox\Profiles\4b2wxmw5.default\Extensions\toolbar_CME-V7@apn.ask.com.xpi
[2013-09-25 13:38:37 | 000,002,660 | ---- | M] () -- C:\Documents and Settings\Ryuk\Dane aplikacji\Mozilla\Firefox\Profiles\4b2wxmw5.default\searchplugins\ask-search.xml
[2013-10-01 16:08:54 | 000,004,115 | ---- | M] () -- C:\Documents and Settings\Ryuk\Dane aplikacji\Mozilla\Firefox\Profiles\4b2wxmw5.default\searchplugins\SweetIM Search.xml
[2013-10-01 14:55:55 | 000,002,087 | ---- | M] () -- C:\Documents and Settings\Ryuk\Dane aplikacji\Mozilla\Firefox\Profiles\4b2wxmw5.default\searchplugins\sweetim.xml
[2013-09-20 08:40:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013-09-20 10:40:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013-11-17 17:18:18 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012-06-28 16:42:00 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
 
O1 HOSTS File: ([2008-04-15 13:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (PriceGong - Price Comparison) - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files\PriceGong\2.6.12\PriceGongIE.dll (PriceGong)
O2 - BHO: (searchgol Helper Object) - {8F547BDD-FCD4-48F8-A06F-573D6F404A3C} - C:\Program Files\searchgol\searchgol\1.8.16.19\bh\searchgol.dll (Montera Technologeis LTD)
O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files\Delta\delta\1.8.24.6\bh\delta.dll (Delta-search.com)
O3 - HKLM\..\Toolbar: (searchgol Toolbar) - {00078E95-3A4A-4137-8DE7-2824908D1C17} - C:\Program Files\searchgol\searchgol\1.8.16.19\searchgolTlbr.dll (Montera Technologeis LTD)
O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files\Delta\delta\1.8.24.6\deltaTlbr.dll (Delta-search.com)
O4 - HKLM..\Run: [AnyProtect] C:\Program Files\AnyProtectEx\AnyProtect.exe (AnyProtect by CMI)
O4 - HKLM..\Run: [ApnTBMon] C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (APN)
O4 - HKLM..\Run: [fst_pl_6] C:\Program Files\fst_pl_6\fst_pl_6.exe ()
O4 - HKLM..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe (VIA Technologies)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [upfst_pl_6.exe] C:\Documents and Settings\Ryuk\Ustawienia lokalne\Dane aplikacji\fst_pl_6\upfst_pl_6.exe -runhelper File not found
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\S-1-5-21-1202660629-1935655697-1606980848-1005..\Run: [ares] D:\Documents and Settings\Bodzio\Pulpit\Ryuk\Pulpit\Ares.exe (Ares Development Group)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1202660629-1935655697-1606980848-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 82.139.8.40 95.160.170.92 88.156.222.92
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{71030E84-9990-459E-A613-0B06E845E718}: DhcpNameServer = 82.139.8.40 95.160.170.92 88.156.222.92
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Ryuk\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Ryuk\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013-09-20 07:43:21 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (MACHINE BootExecut)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2013-11-30 13:31:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ryuk\Ustawienia lokalne\Dane aplikacji\fst_pl_6
[2013-11-29 20:18:52 | 000,000,000 | ---D | C] -- C:\Program Files\AnyProtectEx
[2013-11-29 19:51:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\FREESOFTTODAY
[2013-11-29 19:51:09 | 000,000,000 | ---D | C] -- C:\Program Files\fst_pl_6
[2013-11-29 19:50:20 | 000,017,280 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\WINDOWS\System32\roboot.exe
[2013-11-29 19:50:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\RegClean Pro
[2013-11-29 19:50:14 | 000,000,000 | ---D | C] -- C:\Program Files\RegClean Pro
[2013-11-29 19:47:44 | 000,000,000 | ---D | C] -- C:\Program Files\VuuPC
[2013-11-13 21:38:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ryuk\Ustawienia lokalne\Dane aplikacji\HP
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2013-11-30 14:28:02 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013-11-30 14:14:02 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
[2013-11-30 14:10:06 | 000,000,428 | ---- | M] () -- C:\WINDOWS\tasks\At5.job
[2013-11-30 14:00:06 | 000,000,468 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2013-11-30 13:31:28 | 000,000,910 | ---- | M] () -- C:\WINDOWS\tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
[2013-11-30 13:31:05 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013-11-29 20:41:04 | 000,002,424 | ---- | M] () -- C:\WINDOWS\System32\ASOROSet.bin
[2013-11-29 20:20:22 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013-11-29 20:20:21 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013-11-29 19:50:41 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RegClean Pro_UPDATES.job
[2013-11-29 19:50:41 | 000,000,266 | ---- | M] () -- C:\WINDOWS\tasks\RegClean Pro_DEFAULT.job
[2013-11-27 20:40:02 | 000,000,468 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2013-11-21 21:15:42 | 000,002,361 | ---- | M] () -- C:\Documents and Settings\Ryuk\Ustawienia lokalne\Dane aplikacji\recently-used.xbel
[2013-11-19 20:12:02 | 000,005,207 | ---- | M] () -- C:\Documents and Settings\Ryuk\Pulpit\postacie.hstoria.rtf
[2013-11-14 18:52:01 | 000,001,628 | ---- | M] () -- C:\Documents and Settings\Ryuk\Pulpit\daty_hist.rtf
[2013-11-14 18:17:49 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013-11-13 21:59:20 | 000,727,395 | ---- | M] () -- C:\Documents and Settings\Ryuk\Moje dokumenty\Scan0003.jpg
[2013-11-13 21:57:28 | 000,494,774 | ---- | M] () -- C:\Documents and Settings\Ryuk\Moje dokumenty\Scan0002.jpg
[2013-11-13 21:38:40 | 000,545,762 | ---- | M] () -- C:\Documents and Settings\Ryuk\Moje dokumenty\Scan0001.jpg
[2013-11-12 20:24:23 | 000,009,881 | ---- | M] () -- C:\Documents and Settings\Ryuk\Pulpit\poj_hist.rtf
[2013-11-12 15:31:12 | 000,046,798 | ---- | M] () -- C:\Documents and Settings\Ryuk\Pulpit\1456542_664161250285117_2046633853_n.jpg
[2013-11-12 15:30:19 | 000,055,395 | ---- | M] () -- C:\Documents and Settings\Ryuk\Pulpit\1465235_664161266951782_906804238_n.jpg
[2013-11-12 15:29:34 | 000,052,053 | ---- | M] () -- C:\Documents and Settings\Ryuk\Pulpit\1426524_664161260285116_1037622021_n.jpg
[2013-11-12 15:27:57 | 000,092,520 | ---- | M] () -- C:\Documents and Settings\Ryuk\Pulpit\1391758_664161316951777_1377103853_n.jpg
[2013-11-12 15:24:29 | 000,083,328 | ---- | M] () -- C:\Documents and Settings\Ryuk\Pulpit\1460190_664161310285111_2079991610_n.jpg
[2013-11-05 20:55:44 | 000,000,272 | ---- | M] () -- C:\WINDOWS\cncscore.ini
[2013-11-05 16:07:29 | 000,003,493 | ---- | M] () -- C:\Documents and Settings\Ryuk\Pulpit\francois.rtf
[2013-11-05 15:02:27 | 000,039,573 | ---- | M] () -- C:\Documents and Settings\Ryuk\Pulpit\ferdydurke_witold gombrowicz.rtf
[2013-11-05 14:32:30 | 000,020,907 | ---- | M] () -- C:\Documents and Settings\Ryuk\Pulpit\proces kafki.rtf
[2013-11-04 19:54:06 | 000,031,972 | ---- | M] () -- C:\Documents and Settings\Ryuk\Pulpit\lolololol.rtf
[2013-11-04 19:32:03 | 000,013,780 | ---- | M] () -- C:\Documents and Settings\Ryuk\Pulpit\cudzoziemka_maria kuncewiczowa.rtf
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013-11-29 20:37:47 | 000,002,424 | ---- | C] () -- C:\WINDOWS\System32\ASOROSet.bin
[2013-11-29 19:50:41 | 000,000,266 | ---- | C] () -- C:\WINDOWS\tasks\RegClean Pro_DEFAULT.job
[2013-11-29 19:50:40 | 000,000,274 | ---- | C] () -- C:\WINDOWS\tasks\RegClean Pro_UPDATES.job
[2013-11-21 21:15:42 | 000,002,361 | ---- | C] () -- C:\Documents and Settings\Ryuk\Ustawienia lokalne\Dane aplikacji\recently-used.xbel
[2013-11-19 20:12:02 | 000,005,207 | ---- | C] () -- C:\Documents and Settings\Ryuk\Pulpit\postacie.hstoria.rtf
[2013-11-14 18:52:01 | 000,001,628 | ---- | C] () -- C:\Documents and Settings\Ryuk\Pulpit\daty_hist.rtf
[2013-11-13 21:59:15 | 000,727,395 | ---- | C] () -- C:\Documents and Settings\Ryuk\Moje dokumenty\Scan0003.jpg
[2013-11-13 21:57:23 | 000,494,774 | ---- | C] () -- C:\Documents and Settings\Ryuk\Moje dokumenty\Scan0002.jpg
[2013-11-13 21:38:36 | 000,545,762 | ---- | C] () -- C:\Documents and Settings\Ryuk\Moje dokumenty\Scan0001.jpg
[2013-11-12 19:55:52 | 000,009,881 | ---- | C] () -- C:\Documents and Settings\Ryuk\Pulpit\poj_hist.rtf
[2013-11-12 15:31:11 | 000,046,798 | ---- | C] () -- C:\Documents and Settings\Ryuk\Pulpit\1456542_664161250285117_2046633853_n.jpg
[2013-11-12 15:30:18 | 000,055,395 | ---- | C] () -- C:\Documents and Settings\Ryuk\Pulpit\1465235_664161266951782_906804238_n.jpg
[2013-11-12 15:29:34 | 000,052,053 | ---- | C] () -- C:\Documents and Settings\Ryuk\Pulpit\1426524_664161260285116_1037622021_n.jpg
[2013-11-12 15:27:57 | 000,092,520 | ---- | C] () -- C:\Documents and Settings\Ryuk\Pulpit\1391758_664161316951777_1377103853_n.jpg
[2013-11-12 15:24:28 | 000,083,328 | ---- | C] () -- C:\Documents and Settings\Ryuk\Pulpit\1460190_664161310285111_2079991610_n.jpg
[2013-11-05 20:55:44 | 000,000,272 | ---- | C] () -- C:\WINDOWS\cncscore.ini
[2013-11-05 16:07:29 | 000,003,493 | ---- | C] () -- C:\Documents and Settings\Ryuk\Pulpit\francois.rtf
[2013-11-05 15:00:45 | 000,039,573 | ---- | C] () -- C:\Documents and Settings\Ryuk\Pulpit\ferdydurke_witold gombrowicz.rtf
[2013-11-05 14:32:30 | 000,020,907 | ---- | C] () -- C:\Documents and Settings\Ryuk\Pulpit\proces kafki.rtf
[2013-11-04 19:51:50 | 000,031,972 | ---- | C] () -- C:\Documents and Settings\Ryuk\Pulpit\lolololol.rtf
[2013-11-04 19:32:03 | 000,013,780 | ---- | C] () -- C:\Documents and Settings\Ryuk\Pulpit\cudzoziemka_maria kuncewiczowa.rtf
[2013-10-01 14:54:37 | 001,344,304 | ---- | C] () -- C:\WINDOWS\System32\dmwu.exe
[2013-09-26 12:11:48 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2013-09-20 11:02:55 | 000,679,936 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2013-09-20 11:02:55 | 000,421,888 | ---- | C] () -- C:\WINDOWS\System32\OpenQuicktimeLib.dll
[2013-09-20 11:02:55 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2013-09-20 11:02:54 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2013-09-20 10:57:21 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2013-09-20 10:51:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2013-09-20 10:48:14 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2013-09-20 10:48:14 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe
[2013-09-20 10:48:13 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe
[2013-09-20 10:48:13 | 000,195,855 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2013-09-20 10:48:13 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2013-09-20 08:45:25 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013-09-20 08:31:46 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2013-09-20 08:31:43 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2013-09-20 08:31:43 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2013-09-20 08:24:28 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll
[2013-09-20 07:54:52 | 000,000,057 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\Ament.ini
[2013-09-20 07:54:34 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2013-09-20 07:51:40 | 000,098,256 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013-09-20 07:45:52 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013-09-20 07:40:13 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2013-09-20 10:11:44 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2013-08-01 05:17:39 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009-02-09 11:53:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008-04-15 13:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2013-09-26 12:01:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AlawarWrapper
[2013-09-25 13:38:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\APN
[2013-09-25 13:38:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AskPartnerNetwork
[2013-09-20 08:40:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Babylon
[2013-11-21 17:01:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BitGuard
[2013-10-05 17:09:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BonanzaDealsLive
[2013-09-20 08:02:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Visan
[2013-10-05 16:10:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bodzio\Dane aplikacji\0F1F1C2Y1H1P1C0I0T
[2013-10-05 17:09:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bodzio\Dane aplikacji\1J1F1H1E2Y2Z1P1C1B2W1L1T2ZtF1E1I
[2013-09-20 08:40:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bodzio\Dane aplikacji\BabSolution
[2013-09-20 08:40:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bodzio\Dane aplikacji\Babylon
[2013-10-05 16:07:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bodzio\Dane aplikacji\Delta
[2013-10-05 17:09:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bodzio\Dane aplikacji\Funmoods
[2013-09-20 08:27:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bodzio\Dane aplikacji\GHISLER
[2013-11-29 20:26:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bodzio\Dane aplikacji\PriceGong
[2013-11-05 20:33:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bodzio\Dane aplikacji\searchgol
[2013-11-29 19:49:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bodzio\Dane aplikacji\systweak
[2013-11-02 18:48:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ilona\Dane aplikacji\Delta
[2013-11-02 18:48:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ilona\Dane aplikacji\PriceGong
[2013-11-02 18:48:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ilona\Dane aplikacji\searchgol
[2013-11-30 13:32:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryuk\Dane aplikacji\PriceGong
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
< End of report >
 
Wygenerowano w 0.104s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!