wklejto.pl

Dodane przez: ~Anonim (2014-04-15 12:13) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
241.
242.
243.
244.
245.
246.
247.
248.
249.
250.
251.
252.
253.
254.
255.
256.
257.
258.
259.
260.
261.
262.
263.
264.
265.
266.
267.
268.
269.
270.
271.
272.
273.
274.
275.
276.
277.
278.
279.
280.
281.
282.
283.
284.
285.
286.
287.
288.
289.
290.
291.
292.
293.
294.
295.
296.
297.
298.
299.
300.
301.
302.
303.
304.
305.
306.
307.
308.
309.
310.
311.
312.
313.
314.
315.
316.
317.
318.
319.
320.
321.
322.
323.
324.
325.
326.
327.
328.
329.
330.
331.
332.
333.
334.
335.
336.
337.
338.
339.
340.
341.
342.
343.
344.
345.
346.
347.
348.
349.
350.
351.
352.
353.
354.
355.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-04-2014
Ran by Reni (administrator) on RENI-PC on 15-04-2014 00:23:08
Running from C:\Users\Reni\Desktop\Nowy folder
Microsoft® Windows Vista™ Home Premium  Service Pack 1 (X86) OS Language: Polish
Internet Explorer Version 7
Boot Mode: Normal
 
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(TOSHIBA) C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
() C:\ProgramData\DatacardService\HWDeviceService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
() C:\ProgramData\PLAY ONLINE\OnlineUpdate\ouc.exe
() C:\Windows\system32\config\systemprofile\AppData\Local\tuto4pc_pl_6\supt4pc_pl_6.exe
(Toshiba Europe GmbH) C:\Program Files\Toshiba TEMPRO\TemproSvc.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
(TOSHIBA Corporation) C:\Windows\system32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TEco.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Toshiba Europe GmbH) C:\Program Files\Toshiba TEMPRO\TemproTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
() C:\Program Files\PLAY ONLINE\PLAY ONLINE.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\mcmscsvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7289376 2009-03-30] (Realtek Semiconductor)
HKLM\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [421888 2007-04-16] (TOSHIBA Electronics, Inc.)
HKLM\...\Run: [SVPWUTIL] => C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [438272 2008-11-21] (TOSHIBA)
HKLM\...\Run: [KeNotify] => C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [34088 2009-01-13] (TOSHIBA CORPORATION)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe [1011712 2009-04-23] (TOSHIBA Corporation)
HKLM\...\Run: [Google Desktop Search] => C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-07-27] (Google)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [150040 2009-03-13] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe [178712 2009-03-13] (Intel Corporation)
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe [154136 2009-03-13] (Intel Corporation)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [468320 2009-03-06] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [55160 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [503808 2009-03-31] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [729088 2009-03-23] (TOSHIBA Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1451304 2009-03-20] (Synaptics Incorporated)
HKLM\...\Run: [SmartFaceVWatcher] => C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [163840 2009-03-24] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1323008 2009-04-24] (TOSHIBA Corporation)
HKLM\...\Run: [ToshibaServiceStation] => C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1283384 2009-04-01] (TOSHIBA Corporation)
HKLM\...\Run: [TPCHWMsg] => C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe [570736 2009-04-15] (TOSHIBA Corporation)
HKLM\...\Run: [NDSTray.exe] => C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe [299008 2009-05-12] (TOSHIBA CORPORATION)
HKLM\...\Run: [cfFncEnabler.exe] => C:\Program Files\TOSHIBA\ConfigFree\cfFncEnabler.exe [16384 2009-03-24] (Toshiba Corporation)
HKLM\...\Run: [TWebCamera] => C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2513472 2009-04-16] (TOSHIBA)
HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files\Toshiba TEMPRO\TemproTray.exe [1045904 2009-03-23] (Toshiba Europe GmbH)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [NBAgent] => C:\Program Files\Nero\Nero 11\Nero BackItUp\NBAgent.exe [1493288 2012-01-13] (Nero AG)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKU\.DEFAULT\...\Run: [TOSHIBA Online Product Information] => C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [6158240 2009-03-16] (TOSHIBA)
HKU\S-1-5-19\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1233920 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1233920 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-187372915-3310667568-3965922056-1000\...\Run: [ChomikBox] => C:\Program Files\ChomikBox\chomikbox.exe [5979648 2012-12-21] ( )
HKU\S-1-5-21-187372915-3310667568-3965922056-1000\...\MountPoints2: G - G:\AutoRun.exe
HKU\S-1-5-21-187372915-3310667568-3965922056-1000\...\MountPoints2: {06d8b082-aa71-11de-9324-00225ff13965} - D:\AutoRun.exe
HKU\S-1-5-21-187372915-3310667568-3965922056-1000\...\MountPoints2: {06d8b0a3-aa71-11de-9324-00225ff13965} - D:\AutoRun.exe
HKU\S-1-5-21-187372915-3310667568-3965922056-1000\...\MountPoints2: {0c04f719-49ff-11e2-9a22-0026222f6127} - D:\AutoRun.exe
HKU\S-1-5-21-187372915-3310667568-3965922056-1000\...\MountPoints2: {12a4ef92-d8c7-11de-a973-0026222f6127} - D:\AutoRun.exe
HKU\S-1-5-21-187372915-3310667568-3965922056-1000\...\MountPoints2: {292655cd-9828-11df-bae7-00225ff13965} - D:\LaunchU3.exe
HKU\S-1-5-21-187372915-3310667568-3965922056-1000\...\MountPoints2: {2cf42c7c-12cc-11e2-ac43-0026222f6127} - G:\AutoRun.exe
HKU\S-1-5-21-187372915-3310667568-3965922056-1000\...\MountPoints2: {2f799f09-858d-11e1-b9b2-00225ff13965} - G:\AutoRun.exe
HKU\S-1-5-21-187372915-3310667568-3965922056-1000\...\MountPoints2: {2f799f17-858d-11e1-b9b2-0026222f6127} - D:\AutoRun.exe
HKU\S-1-5-21-187372915-3310667568-3965922056-1000\...\MountPoints2: {576ca2da-26b7-11e2-8ced-00225ff13965} - D:\AutoRun.exe
HKU\S-1-5-21-187372915-3310667568-3965922056-1000\...\MountPoints2: {576ca2e7-26b7-11e2-8ced-0026222f6127} - D:\AutoRun.exe
HKU\S-1-5-21-187372915-3310667568-3965922056-1000\...\MountPoints2: {5fbbcc22-5387-11e3-a7f8-b3806ff58e9a} - D:\AutoRun.exe
HKU\S-1-5-21-187372915-3310667568-3965922056-1000\...\MountPoints2: {7f136533-d0a7-11e0-974e-0026222f6127} - D:\AutoRun.exe
HKU\S-1-5-21-187372915-3310667568-3965922056-1000\...\MountPoints2: {9fafee09-25b6-11e1-b280-00225ff13965} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL D:\index.html
HKU\S-1-5-21-187372915-3310667568-3965922056-1000\...\MountPoints2: {aa53cec8-86e1-11e1-b7ee-0026222f6127} - D:\AutoRun.exe
HKU\S-1-5-21-187372915-3310667568-3965922056-1000\...\MountPoints2: {e8f1caa2-870e-11e2-aea5-e2c7d5b165a8} - D:\AutoRun.exe
HKU\S-1-5-21-187372915-3310667568-3965922056-1000\...\MountPoints2: {f21b1c16-ab47-11de-ac6c-00225ff13965} - D:\AutoRun.exe
HKU\S-1-5-21-187372915-3310667568-3965922056-1000\...\MountPoints2: {f21b1c19-ab47-11de-ac6c-00225ff13965} - D:\AutoRun.exe
AppInit_DLLs: c:\progra~2\bitguard\261673~1.238\{c16c1~1\bitguard.dll => c:\progra~2\bitguard\261673~1.238\{c16c1~1\bitguard.dll File Not Found
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Reni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Powiadomienia monitorowania tuszu - HP Deskjet 1510 series.lnk
ShortcutTarget: Powiadomienia monitorowania tuszu - HP Deskjet 1510 series.lnk -> C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
 
==================== Internet (Whitelisted) ====================
 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll No File
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {CCF9C3AA-B086-45EE-BCA5-671BAD9D9D1B} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSEG;
SearchScopes: HKLM - {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^HJ^xdm073^YY^pl&si=pconverter&ptb=B31AFA16-B818-4B33-985E-63B937797948&ind=2013022718&n=77fc49fe&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKCU - {CCF9C3AA-B086-45EE-BCA5-671BAD9D9D1B} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSEG_pl
SearchScopes: HKCU - {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^HJ^xdm073^YY^pl&si=pconverter&ptb=B31AFA16-B818-4B33-985E-63B937797948&ind=2013022718&n=77fc49fe&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKCU - {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://search.yahoo.com/search?fr=mcafee&p={searchTerms}
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll No File
BHO: ALLYouTubeDownloader - {61DB16C5-B733-43F4-872E-B20DC9E72740} - C:\Program Files\ALLYouTubeDownloader\ALLYouTubeDownloader.dll (ALLCinema Ltd.)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll No File
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll No File
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll No File
Tcpip\..\Interfaces\{83FDE817-745D-4FDC-B4A8-24D6C8986DCE}: [NameServer]89.108.195.21 89.108.202.21
 
FireFox:
========
FF ProfilePath: C:\Users\Reni\AppData\Roaming\Mozilla\Firefox\Profiles\46t4fsmd.default
FF Homepage: hxxp://www.gazeta.pl/0,0.html?p=143
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF Plugin: @google.com/npPicasa2,version=2.0.0 - C:\Program Files\Picasa2\npPicasa2.dll No File
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @mcafee.com/SAFFPlugin - C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @Nero.com/KM - C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\googledesktop.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
FF Extension: Adblock Plus - C:\Users\Reni\AppData\Roaming\Mozilla\Firefox\Profiles\46t4fsmd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-03-04]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor
FF Extension: No Name - C:\Program Files\McAfee\SiteAdvisor [2009-06-18]
 
Chrome: 
=======
CHR DefaultSearchKeyword: sweet-page
CHR DefaultSearchProvider: sweet-page
CHR DefaultSearchURL: http://www.sweet-page.com/web/?type=ds&ts=1390236745&from=cor&uid=TOSHIBAXMK2555GSX_69OKSP27SXX69OKSP27S&q={searchTerms}
CHR DefaultNewTabURL: 
CHR Extension: (Google Wallet) - C:\Users\Reni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR HKLM\...\Chrome\Extension: [debmkdhphjfcbaomiknnceliiclnpmfg] - C:\Program Files\Jump Flip\debmkdhphjfcbaomiknnceliiclnpmfg.crx [2013-08-22]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx [2013-08-22]
 
========================== Services (Whitelisted) =================
 
R2 camsvc; C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe [20544 2009-04-16] (TOSHIBA)
R2 ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [46448 2009-03-10] (TOSHIBA CORPORATION)
S3 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-07-27] (Google)
R2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [271712 2011-03-14] ()
R2 mcmscsvc; C:\Program Files\McAfee\MSC\mcmscsvc.exe [865832 2009-07-10] (McAfee, Inc.)
R2 McNASvc; C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe [2482848 2009-07-07] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\McProxy\McProxy.exe [359952 2009-07-08] (McAfee, Inc.)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [687400 2011-11-25] (Nero AG)
S2 PLAY ONLINE. RunOuc; C:\Program Files\PLAY ONLINE\UpdateDog\ouc.exe [246112 2012-11-04] ()
R2 supt4pc_pl_6; C:\Windows\system32\config\systemprofile\AppData\Local\tuto4pc_pl_6\supt4pc_pl_6.exe [3057512 2013-01-25] ()
R2 TemproMonitoringService; C:\Program Files\Toshiba TEMPRO\TemproSvc.exe [116104 2009-03-23] (Toshiba Europe GmbH)
R2 TMachInfo; C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [62776 2009-04-01] (TOSHIBA Corporation)
R2 TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [176128 2009-04-24] (TOSHIBA Corporation)
R2 TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [73728 2009-03-17] (TOSHIBA Corporation)
R2 TPCHSrv; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [656752 2009-04-15] (TOSHIBA Corporation)
S2 McAfee SiteAdvisor Service; "C:\Program Files\McAfee\SiteAdvisor\McSACore.exe" [X]
S3 McODS; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [X]
S2 McShield; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [X]
S3 McSysmon; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [X]
S2 MpfService; "C:\Program Files\McAfee\MPF\MPFSrv.exe" [X]
S2 MSK80Service; "C:\Program Files\McAfee\MSK\MskSrver.exe" [X]
S2 supt4pc_pl_1; C:\Users\Reni\AppData\Local\tuto4pc_pl_1\supt4pc_pl_1.exe [X]
 
==================== Drivers (Whitelisted) ====================
 
R3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [89856 2012-11-04] (Huawei Technologies Co., Ltd.)
R3 huawei_cdcecm; C:\Windows\System32\DRIVERS\ew_jucdcecm.sys [66688 2012-11-04] (Huawei Technologies Co., Ltd.)
R3 huawei_ext_ctrl; C:\Windows\System32\DRIVERS\ew_juextctrl.sys [26624 2012-11-04] (Huawei Technologies Co., Ltd.)
R0 LPCFilter; C:\Windows\System32\DRIVERS\LPCFilter.sys [25896 2008-05-07] (COMPAL ELECTRONIC INC.)
S3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [79816 2009-07-08] (McAfee, Inc.)
S3 mfebopk; C:\Windows\System32\drivers\mfebopk.sys [35272 2009-07-08] (McAfee, Inc.)
R1 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [214024 2009-07-08] (McAfee, Inc.)
S3 mferkdk; C:\Windows\System32\drivers\mferkdk.sys [34248 2009-07-08] (McAfee, Inc.)
S3 mfesmfk; C:\Windows\System32\drivers\mfesmfk.sys [40552 2009-07-08] (McAfee, Inc.)
R1 MPFP; C:\Windows\System32\Drivers\Mpfp.sys [130424 2009-07-16] (McAfee, Inc.)
R3 PGEffect; C:\Windows\System32\DRIVERS\pgeffect.sys [22272 2009-03-18] (TOSHIBA Corporation)
S3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [154272 2008-11-11] (Realtek Semiconductor Corp.)
R3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [346112 2009-01-13] (Realtek Semiconductor Corporation                           )
R1 RtlProt; C:\Windows\System32\DRIVERS\rtlprot.sys [25896 2007-04-23] (Windows (R) Codename Longhorn DDK provider)
R2 TVALZFL; C:\Windows\System32\DRIVERS\TVALZFL.sys [12920 2009-03-20] (TOSHIBA Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-04-14 18:40 - 2014-04-15 00:23 - 00000000 ____D () C:\FRST
2014-04-14 18:20 - 2014-04-15 00:18 - 00000000 ____D () C:\Program Files\trend micro
2014-04-14 18:20 - 2014-04-14 18:20 - 00000000 ____D () C:\rsit
2014-04-14 17:35 - 2014-04-15 00:23 - 00000000 ____D () C:\Users\Reni\Desktop\Nowy folder
2014-04-14 17:25 - 2014-04-14 23:41 - 00000000 ____D () C:\AdwCleaner
2014-04-14 17:25 - 2014-04-14 17:25 - 01426178 _____ () C:\Users\Reni\Downloads\adwcleaner.exe
2014-04-14 12:04 - 2014-04-14 12:04 - 00003189 _____ () C:\Users\Reni\Downloads\hijackthis.log
2014-04-14 11:11 - 2014-04-14 14:15 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-14 11:11 - 2014-04-14 11:11 - 00000864 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-14 11:11 - 2014-04-14 11:11 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-14 11:11 - 2014-04-14 11:11 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-04-14 11:11 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-14 11:11 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-14 11:11 - 2014-04-03 09:50 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-14 11:06 - 2014-04-14 11:07 - 04765152 _____ (Piriform Ltd) C:\Users\Reni\Downloads\ccsetup411.exe
2014-04-14 11:04 - 2014-04-14 11:05 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Reni\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-14 10:58 - 2014-04-14 11:02 - 88551496 _____ (AVAST Software) C:\Users\Reni\Downloads\avast_free_antivirus_setup.exe
2014-04-13 23:53 - 2014-04-13 23:53 - 00000824 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-04-13 23:52 - 2014-04-13 23:52 - 00000000 ____D () C:\Program Files\VideoLAN
2014-04-13 23:50 - 2014-04-13 23:51 - 24677393 _____ () C:\Users\Reni\Downloads\vlc-2.1.3-win32.exe
2014-03-20 00:32 - 2014-03-20 00:34 - 60699128 _____ () C:\Users\Reni\Downloads\mel_b_10_minutowy_trening_brzucha-VvNrNn798OY_fmt43-orig.flv
2014-03-18 15:56 - 2014-03-18 15:58 - 00000000 ____D () C:\Users\Reni\Desktop\na piatek
2014-03-18 14:55 - 2014-03-18 14:55 - 00004544 _____ () C:\Users\Reni\Desktop\Nowy dokument dziennika.jnt
2014-03-18 14:55 - 2014-03-18 14:55 - 00000000 ___RD () C:\Users\Reni\Documents\Notes
2014-03-17 23:08 - 2014-03-17 23:08 - 00736020 _____ () C:\Users\Reni\Downloads\do_pracy.zip
 
==================== One Month Modified Files and Folders =======
 
2014-04-15 00:23 - 2014-04-14 18:40 - 00000000 ____D () C:\FRST
2014-04-15 00:23 - 2014-04-14 17:35 - 00000000 ____D () C:\Users\Reni\Desktop\Nowy folder
2014-04-15 00:18 - 2014-04-14 18:20 - 00000000 ____D () C:\Program Files\trend micro
2014-04-15 00:04 - 2010-03-04 11:54 - 00001036 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-15 00:04 - 2010-03-04 11:54 - 00001032 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-14 23:51 - 2008-01-21 08:24 - 01526408 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-14 23:51 - 2008-01-21 08:24 - 00686614 _____ () C:\Windows\system32\perfh015.dat
2014-04-14 23:51 - 2008-01-21 08:24 - 00135810 _____ () C:\Windows\system32\perfc015.dat
2014-04-14 23:48 - 2009-08-12 04:29 - 01868237 _____ () C:\Windows\WindowsUpdate.log
2014-04-14 23:46 - 2014-01-20 18:58 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-14 23:45 - 2012-04-25 18:02 - 00000000 ____D () C:\Users\Reni\AppData\Local\ChomikBox
2014-04-14 23:45 - 2012-04-13 19:34 - 00000000 ____D () C:\ProgramData\DatacardService
2014-04-14 23:45 - 2009-09-26 13:35 - 00000000 ____D () C:\Users\Reni\.gstreamer-0.10
2014-04-14 23:44 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-14 23:44 - 2006-11-02 14:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-14 23:44 - 2006-11-02 14:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-14 23:43 - 2008-01-21 04:47 - 00555434 _____ () C:\Windows\PFRO.log
2014-04-14 23:43 - 2006-11-02 15:01 - 00032532 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-14 23:41 - 2014-04-14 17:25 - 00000000 ____D () C:\AdwCleaner
2014-04-14 23:41 - 2013-01-21 12:06 - 00001046 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-14 23:41 - 2009-09-24 17:36 - 00000952 _____ () C:\Users\Reni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-14 23:13 - 2013-08-02 02:45 - 00000000 ____D () C:\Users\Reni\AppData\Roaming\vlc
2014-04-14 18:20 - 2014-04-14 18:20 - 00000000 ____D () C:\rsit
2014-04-14 18:00 - 2014-01-20 18:58 - 00000366 _____ () C:\Windows\Tasks\APSnotifierCA.job
2014-04-14 17:25 - 2014-04-14 17:25 - 01426178 _____ () C:\Users\Reni\Downloads\adwcleaner.exe
2014-04-14 16:17 - 2011-03-21 12:26 - 00000000 ____D () C:\Users\Reni\AppData\Roaming\BitTorrent
2014-04-14 14:15 - 2014-04-14 11:11 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-14 12:04 - 2014-04-14 12:04 - 00003189 _____ () C:\Users\Reni\Downloads\hijackthis.log
2014-04-14 11:11 - 2014-04-14 11:11 - 00000864 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-14 11:11 - 2014-04-14 11:11 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-14 11:11 - 2014-04-14 11:11 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-04-14 11:07 - 2014-04-14 11:06 - 04765152 _____ (Piriform Ltd) C:\Users\Reni\Downloads\ccsetup411.exe
2014-04-14 11:05 - 2014-04-14 11:04 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Reni\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-14 11:02 - 2014-04-14 10:58 - 88551496 _____ (AVAST Software) C:\Users\Reni\Downloads\avast_free_antivirus_setup.exe
2014-04-14 10:37 - 2014-01-27 11:39 - 00001612 _____ () C:\Users\Reni\Desktop\Wyczyść rejestr za darmo!.lnk
2014-04-13 23:53 - 2014-04-13 23:53 - 00000824 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-04-13 23:52 - 2014-04-13 23:52 - 00000000 ____D () C:\Program Files\VideoLAN
2014-04-13 23:51 - 2014-04-13 23:50 - 24677393 _____ () C:\Users\Reni\Downloads\vlc-2.1.3-win32.exe
2014-04-10 16:21 - 2009-06-18 12:26 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-10 16:17 - 2013-08-10 16:58 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-10 16:14 - 2006-11-02 12:24 - 88028728 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-04-08 21:29 - 2013-03-15 17:45 - 00000000 ____D () C:\Users\Reni\Desktop\praca mgr
2014-04-08 21:21 - 2011-11-22 21:21 - 00000000 ____D () C:\Users\Reni\Desktop\licencjat
2014-04-08 16:12 - 2012-02-02 18:06 - 00000000 ____D () C:\Users\Reni\Desktop\wywołaj
2014-04-03 09:51 - 2014-04-14 11:11 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-14 11:11 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-14 11:11 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-28 00:06 - 2009-09-25 08:54 - 00193024 _____ () C:\Users\Reni\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-25 21:57 - 2009-11-06 19:15 - 00000000 ____D () C:\Users\Reni\Desktop\APS wszystkie materiały
2014-03-23 23:02 - 2006-11-02 14:52 - 00196956 _____ () C:\Windows\setupact.log
2014-03-20 00:34 - 2014-03-20 00:32 - 60699128 _____ () C:\Users\Reni\Downloads\mel_b_10_minutowy_trening_brzucha-VvNrNn798OY_fmt43-orig.flv
2014-03-18 15:58 - 2014-03-18 15:56 - 00000000 ____D () C:\Users\Reni\Desktop\na piatek
2014-03-18 14:55 - 2014-03-18 14:55 - 00004544 _____ () C:\Users\Reni\Desktop\Nowy dokument dziennika.jnt
2014-03-18 14:55 - 2014-03-18 14:55 - 00000000 ___RD () C:\Users\Reni\Documents\Notes
2014-03-17 23:08 - 2014-03-17 23:08 - 00736020 _____ () C:\Users\Reni\Downloads\do_pracy.zip
 
Some content of TEMP:
====================
C:\Users\Reni\AppData\Local\Temp\Quarantine.exe
C:\Users\Reni\AppData\Local\Temp\t.dll
C:\Users\Reni\AppData\Local\Temp\uninst1.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-04-14 23:50
 
==================== End Of Log ============================
Wygenerowano w 0.041s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!