wklejto.pl

Dodane przez: ~Anonim (2014-11-27 00:03) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
241.
242.
243.
244.
245.
246.
247.
248.
249.
250.
251.
252.
253.
254.
255.
256.
257.
258.
259.
260.
261.
262.
263.
264.
265.
266.
267.
268.
269.
270.
271.
272.
273.
274.
275.
276.
277.
278.
279.
280.
281.
282.
283.
284.
285.
286.
287.
288.
289.
290.
291.
292.
293.
294.
295.
296.
297.
298.
299.
300.
301.
302.
303.
304.
305.
306.
307.
308.
309.
310.
311.
312.
313.
314.
315.
316.
317.
318.
319.
320.
321.
322.
323.
324.
325.
326.
327.
328.
329.
330.
331.
332.
333.
334.
335.
336.
337.
338.
339.
340.
341.
342.
343.
344.
345.
346.
347.
348.
349.
350.
351.
352.
353.
354.
355.
356.
357.
358.
359.
360.
361.
362.
363.
364.
365.
366.
367.
368.
369.
370.
371.
372.
373.
374.
375.
376.
377.
378.
379.
380.
381.
382.
383.
384.
385.
386.
387.
388.
389.
390.
391.
392.
393.
394.
395.
396.
397.
398.
399.
400.
401.
402.
403.
404.
405.
406.
407.
408.
409.
410.
411.
412.
413.
414.
415.
416.
417.
418.
419.
420.
421.
422.
423.
424.
425.
426.
427.
428.
429.
430.
431.
432.
433.
434.
435.
436.
437.
438.
439.
440.
441.
442.
443.
444.
445.
446.
447.
448.
449.
450.
451.
452.
453.
454.
455.
456.
457.
458.
459.
460.
461.
462.
463.
464.
465.
466.
467.
468.
469.
470.
471.
472.
473.
474.
475.
476.
477.
478.
479.
480.
481.
482.
483.
484.
485.
486.
487.
488.
489.
490.
491.
492.
493.
494.
495.
496.
497.
498.
499.
500.
501.
502.
503.
504.
505.
506.
507.
508.
509.
510.
511.
512.
513.
514.
515.
516.
517.
518.
519.
520.
521.
522.
523.
524.
525.
526.
527.
528.
529.
530.
531.
532.
533.
534.
535.
536.
537.
538.
539.
540.
541.
542.
543.
544.
545.
546.
547.
548.
549.
550.
551.
552.
553.
554.
555.
556.
557.
558.
559.
560.
561.
562.
563.
564.
565.
566.
567.
568.
569.
570.
571.
572.
573.
574.
575.
576.
577.
578.
579.
580.
581.
582.
583.
584.
585.
586.
587.
588.
589.
590.
591.
592.
593.
594.
595.
596.
597.
598.
599.
600.
601.
602.
603.
604.
605.
606.
607.
608.
609.
610.
611.
612.
613.
614.
615.
616.
617.
618.
619.
620.
621.
622.
623.
624.
625.
626.
627.
628.
629.
630.
631.
632.
633.
634.
635.
636.
637.
638.
639.
640.
641.
642.
643.
644.
645.
646.
647.
648.
649.
650.
651.
652.
653.
654.
655.
656.
657.
658.
659.
660.
661.
662.
663.
664.
665.
666.
667.
668.
669.
670.
671.
672.
673.
674.
675.
676.
677.
678.
679.
680.
681.
682.
683.
684.
685.
686.
687.
688.
689.
690.
691.
692.
693.
694.
695.
696.
697.
698.
699.
700.
701.
702.
703.
704.
705.
706.
707.
708.
709.
710.
711.
712.
713.
714.
715.
716.
717.
718.
719.
720.
721.
722.
723.
724.
725.
726.
727.
728.
729.
730.
731.
732.
733.
734.
735.
736.
737.
738.
739.
740.
741.
742.
743.
744.
745.
746.
747.
748.
749.
750.
751.
752.
753.
754.
755.
756.
757.
758.
759.
760.
761.
762.
763.
764.
765.
766.
767.
768.
769.
770.
771.
772.
773.
774.
775.
776.
777.
778.
779.
780.
781.
782.
783.
784.
785.
786.
787.
788.
789.
790.
791.
792.
793.
794.
795.
796.
797.
798.
799.
800.
801.
802.
803.
804.
805.
806.
807.
808.
809.
810.
811.
812.
813.
814.
815.
816.
817.
818.
819.
820.
821.
822.
823.
824.
825.
826.
827.
828.
829.
830.
831.
832.
833.
834.
835.
836.
837.
838.
839.
840.
841.
842.
843.
844.
845.
846.
847.
848.
849.
850.
851.
852.
853.
854.
855.
856.
857.
858.
859.
860.
861.
862.
863.
864.
865.
866.
867.
868.
869.
870.
871.
872.
873.
874.
875.
876.
877.
878.
879.
880.
881.
882.
883.
884.
885.
886.
887.
888.
889.
890.
891.
892.
893.
894.
895.
896.
897.
898.
899.
900.
901.
902.
903.
904.
905.
906.
907.
908.
909.
910.
911.
912.
913.
914.
915.
916.
917.
918.
919.
920.
921.
922.
923.
924.
925.
926.
927.
928.
929.
930.
931.
932.
933.
934.
935.
936.
937.
938.
939.
940.
941.
942.
943.
944.
945.
946.
947.
948.
949.
950.
951.
952.
953.
954.
955.
956.
957.
958.
959.
960.
961.
962.
963.
964.
965.
966.
967.
968.
969.
970.
971.
972.
973.
974.
975.
976.
977.
978.
979.
980.
981.
982.
983.
984.
985.
986.
987.
988.
989.
990.
991.
992.
993.
994.
995.
996.
997.
998.
999.
1000.
1001.
1002.
1003.
1004.
1005.
1006.
1007.
1008.
1009.
1010.
1011.
1012.
1013.
1014.
1015.
1016.
1017.
1018.
1019.
1020.
1021.
1022.
1023.
1024.
1025.
1026.
1027.
1028.
1029.
1030.
1031.
1032.
1033.
1034.
1035.
1036.
1037.
1038.
1039.
1040.
1041.
1042.
1043.
1044.
1045.
1046.
1047.
1048.
1049.
1050.
1051.
1052.
1053.
1054.
1055.
1056.
1057.
1058.
1059.
1060.
1061.
1062.
1063.
1064.
1065.
1066.
1067.
1068.
1069.
1070.
1071.
1072.
1073.
1074.
1075.
1076.
1077.
1078.
1079.
1080.
1081.
1082.
1083.
1084.
1085.
1086.
1087.
1088.
1089.
1090.
1091.
1092.
1093.
1094.
1095.
1096.
1097.
1098.
1099.
1100.
1101.
1102.
1103.
OTL logfile created on: 2014-11-26 22:12:40 - Run 1
 
OTL by OldTimer - Version 3.2.69.0     Folder = C:UsersIrekDesktopLOGI
 
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
 
Internet Explorer (Version = )
 
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
 
 
2,96 Gb Total Physical Memory | 0,97 Gb Available Physical Memory | 32,70% Memory free
 
6,13 Gb Paging File | 4,12 Gb Available in Paging File | 67,23% Paging File free
 
Paging file location(s): ?:pagefile.sys [binary data]
 
 
 
%SystemDrive% = C: | %SystemRoot% = C:Windows | %ProgramFiles% = C:Program Files
 
Drive C: | 117,46 Gb Total Space | 29,87 Gb Free Space | 25,43% Space Free | Partition Type: NTFS
 
Drive D: | 149,05 Gb Total Space | 148,33 Gb Free Space | 99,52% Space Free | Partition Type: NTFS
 
Drive E: | 10,00 Gb Total Space | 5,08 Gb Free Space | 50,75% Space Free | Partition Type: NTFS
 
Drive G: | 170,45 Gb Total Space | 57,65 Gb Free Space | 33,82% Space Free | Partition Type: NTFS
 
Drive H: | 149,04 Gb Total Space | 70,15 Gb Free Space | 47,06% Space Free | Partition Type: NTFS
 
 
 
Computer Name: IREK-PC | User Name: Irek | Logged in as Administrator.
 
Boot Mode: Normal | Scan Mode: All users
 
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
 
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
 
 
PRC - [2014-11-26 22:09:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:UsersIrekDesktopLOGIOTL.exe
 
PRC - [2014-11-26 20:29:33 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:Program FilesMozilla Firefoxfirefox.exe
 
PRC - [2014-11-23 19:00:03 | 005,226,600 | ---- | M] (AVAST Software) -- C:Program FilesAVAST SoftwareAvastAvastUI.exe
 
PRC - [2014-11-23 18:59:11 | 000,050,344 | ---- | M] (AVAST Software) -- C:Program FilesAVAST SoftwareAvastAvastSvc.exe
 
PRC - [2014-11-23 18:58:07 | 000,104,416 | ---- | M] (AVAST Software) -- C:Program FilesAVAST SoftwareAvastafwServ.exe
 
PRC - [2014-11-20 09:46:13 | 000,535,160 | ---- | M] () -- C:Program FilesOpera26.0.1656.24opera_crashreporter.exe
 
PRC - [2014-11-20 09:46:11 | 050,335,352 | ---- | M] (Opera Software) -- C:Program FilesOpera26.0.1656.24opera.exe
 
PRC - [2014-10-26 15:52:28 | 000,508,744 | ---- | M] (QFX Software Corporation) -- C:Program FilesKeyScramblerKeyScrambler.exe
 
PRC - [2014-09-11 12:00:06 | 000,242,912 | ---- | M] (Foxit Software Inc.) -- C:Program FilesFoxit SoftwareFoxit ReaderFoxit CloudFCUpdateService.exe
 
PRC - [2014-09-04 13:50:02 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) -- C:Program FilesCommon FilesAdobeARM1.0armsvc.exe
 
PRC - [2013-11-20 20:12:24 | 005,379,392 | ---- | M] (OrdinarySoft) -- C:Program FilesStart Menu XStartMenuX.exe
 
PRC - [2012-11-27 21:12:44 | 000,479,840 | ---- | M] (Sony Corporation) -- C:Program FilesSonyPlayMemories HomePMBDeviceInfoProvider.exe
 
PRC - [2012-10-30 20:28:05 | 000,843,208 | ---- | M] (Samsung) -- C:Program FilesSamsungKiesExternalFirmwareUpdateKiesPDLR.exe
 
PRC - [2012-10-02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:ProgramDataSkypeToolbarsSkype C2C Servicec2c_service.exe
 
PRC - [2012-07-17 14:55:12 | 000,044,696 | ---- | M] (Cucusoft, Inc.) -- C:Program FilesCucusoftAutoUpdateAutoUpdateSrvc.exe
 
PRC - [2012-05-23 15:49:56 | 000,248,544 | ---- | M] (Cucusoft, Inc.) -- C:Program FilesCucusoftNetGuardSysMsgProxySrvc.sys
 
PRC - [2012-05-23 15:49:52 | 000,216,800 | ---- | M] (Cucusoft, Inc.) -- C:Program FilesCucusoftNetGuardBandwidthGuardSrvc.sys
 
PRC - [2009-06-25 17:48:44 | 000,348,160 | ---- | M] (AMD) -- C:WindowsSystem32atieclxx.exe
 
PRC - [2009-06-25 17:48:16 | 000,176,128 | ---- | M] (AMD) -- C:WindowsSystem32atiesrxx.exe
 
PRC - [2009-04-11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:Windowsexplorer.exe
 
PRC - [2008-08-25 11:31:40 | 000,442,460 | ---- | M] (IDT, Inc.) -- C:Program FilesIDTWDMsttray.exe
 
PRC - [2008-08-25 11:31:34 | 000,225,362 | ---- | M] (IDT, Inc.) -- C:WindowsSystem32DriverStoreFileRepositorystwrt.inf_2ba5baa4stacsv.exe
 
PRC - [2008-08-25 11:31:22 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:WindowsSystem32DriverStoreFileRepositorystwrt.inf_2ba5baa4AEstSrv.exe
 
PRC - [2008-08-01 16:31:11 | 000,238,968 | ---- | M] (Symantec Corporation) -- C:Program FilesSymantecLiveUpdateAluSchedulerSvc.exe
 
PRC - [2008-01-21 03:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:Program FilesWindows DefenderMSASCui.exe
 
 
 
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
 
 
MOD - [2014-11-26 20:29:29 | 003,649,648 | ---- | M] () -- C:Program FilesMozilla Firefoxmozjs.dll
 
MOD - [2014-11-23 18:59:27 | 038,562,088 | ---- | M] () -- C:Program FilesAVAST SoftwareAvastlibcef.dll
 
MOD - [2014-11-20 09:46:23 | 009,312,888 | ---- | M] () -- C:Program FilesOpera26.0.1656.24pdf.dll
 
MOD - [2014-11-20 09:46:18 | 001,358,456 | ---- | M] () -- C:Program FilesOpera26.0.1656.24libGLESv2.dll
 
MOD - [2014-11-20 09:46:17 | 000,219,256 | ---- | M] () -- C:Program FilesOpera26.0.1656.24libEGL.dll
 
MOD - [2014-11-20 09:46:15 | 000,991,352 | ---- | M] () -- C:Program FilesOpera26.0.1656.24ffmpegsumo.dll
 
MOD - [2014-11-20 09:46:13 | 000,535,160 | ---- | M] () -- C:Program FilesOpera26.0.1656.24opera_crashreporter.exe
 
MOD - [2014-11-12 21:57:06 | 016,840,880 | ---- | M] () -- C:WindowsSystem32MacromedFlashNPSWF32_15_0_0_223.dll
 
MOD - [2013-09-05 00:14:10 | 004,300,456 | ---- | M] () -- C:Program FilesCommon Filesmicrosoft sharedOFFICE14CulturesOFFICE.ODF
 
 
 
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
 
 
SRV - [2014-11-26 21:57:12 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:WindowsSystem32MacromedFlashFlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
 
SRV - [2014-11-26 20:29:30 | 000,114,288 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:Program FilesMozilla Maintenance Servicemaintenanceservice.exe -- (MozillaMaintenance)
 
SRV - [2014-11-23 18:59:11 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:Program FilesAVAST SoftwareAvastAvastSvc.exe -- (avast! Antivirus)
 
SRV - [2014-11-23 18:58:07 | 000,104,416 | ---- | M] (AVAST Software) [Auto | Running] -- C:Program FilesAVAST SoftwareAvastafwServ.exe -- (avast! Firewall)
 
SRV - [2014-09-11 12:00:06 | 000,242,912 | ---- | M] (Foxit Software Inc.) [Auto | Running] -- C:Program FilesFoxit SoftwareFoxit ReaderFoxit CloudFCUpdateService.exe -- (FoxitCloudUpdateService)
 
SRV - [2014-09-04 13:50:02 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:Program FilesCommon FilesAdobeARM1.0armsvc.exe -- (AdobeARMservice)
 
SRV - [2013-12-19 00:41:02 | 030,814,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:Program FilesMicrosoft OfficeOffice14GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
 
SRV - [2013-10-23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:Program FilesSkypeUpdaterUpdater.exe -- (SkypeUpdate)
 
SRV - [2012-11-27 21:12:44 | 000,479,840 | ---- | M] (Sony Corporation) [Auto | Running] -- C:Program FilesSonyPlayMemories HomePMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
 
SRV - [2012-11-25 05:13:10 | 000,567,256 | ---- | M] (Mister Group) [On_Demand | Stopped] -- C:Program FilesSystem ExplorerserviceSystemExplorerService.exe -- (SystemExplorerHelpService)
 
SRV - [2012-10-02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:ProgramDataSkypeToolbarsSkype C2C Servicec2c_service.exe -- (Skype C2C Service)
 
SRV - [2012-07-17 14:55:12 | 000,044,696 | ---- | M] (Cucusoft, Inc.) [Auto | Running] -- C:Program FilesCucusoftAutoUpdateAutoUpdateSrvc.exe -- (CS_AutoUpdate)
 
SRV - [2012-05-23 15:49:56 | 000,248,544 | ---- | M] (Cucusoft, Inc.) [Auto | Running] -- C:Program FilesCucusoftNetGuardSysMsgProxySrvc.sys -- (CS_SysMsgProxy)
 
SRV - [2012-05-23 15:49:52 | 000,216,800 | ---- | M] (Cucusoft, Inc.) [Auto | Running] -- C:Program FilesCucusoftNetGuardBandwidthGuardSrvc.sys -- (CS_BandwidthGuard)
 
SRV - [2010-05-06 10:29:12 | 000,293,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:Program FilesCommon FilesLogiShrdBluetoothLBTServ.exe -- (LBTServ)
 
SRV - [2009-06-25 17:48:16 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:WindowsSystem32atiesrxx.exe -- (AMD External Events Utility)
 
SRV - [2008-08-25 11:31:34 | 000,225,362 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:WindowsSystem32DriverStoreFileRepositorystwrt.inf_2ba5baa4stacsv.exe -- (STacSV)
 
SRV - [2008-08-25 11:31:22 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:WindowsSystem32DriverStoreFileRepositorystwrt.inf_2ba5baa4AEstSrv.exe -- (AESTFilters)
 
SRV - [2008-08-01 16:31:11 | 000,238,968 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:Program FilesSymantecLiveUpdateAluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
 
SRV - [2008-08-01 16:31:01 | 003,220,856 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:Program FilesSymantecLiveUpdateLuComServer_3_4.EXE -- (LiveUpdate)
 
SRV - [2008-01-21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:Program FilesWindows DefenderMpSvc.dll -- (WinDefend)
 
SRV - [2007-05-31 08:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:WindowsWindowsMobilewcescomm.dll -- (WcesComm)
 
SRV - [2007-05-31 08:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:WindowsWindowsMobilerapimgr.dll -- (RapiMgr)
 
 
 
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
 
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (hwdatacard)
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (huawei_enumerator)
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (ewusbnet)
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (ew_hwusbdev)
 
DRV - [2014-11-23 19:00:04 | 000,787,800 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:WindowsSystem32driversaswsnx.sys -- (aswSnx)
 
DRV - [2014-11-23 19:00:00 | 000,423,784 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:WindowsSystem32driversaswsp.sys -- (aswSP)
 
DRV - [2014-11-23 18:59:37 | 000,206,248 | ---- | M] () [Kernel | Boot | Running] -- C:WindowsSystem32driversaswVmm.sys -- (aswVmm)
 
DRV - [2014-11-23 18:59:37 | 000,070,384 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:WindowsSystem32driversaswMonFlt.sys -- (aswMonFlt)
 
DRV - [2014-11-23 18:59:37 | 000,057,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:WindowsSystem32driversaswTdi.sys -- (aswTdi)
 
DRV - [2014-11-23 18:59:37 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:WindowsSystem32driversaswRvrt.sys -- (aswRvrt)
 
DRV - [2014-11-23 18:59:37 | 000,024,184 | ---- | M] () [Kernel | Auto | Running] -- C:WindowsSystem32driversaswHwid.sys -- (aswHwid)
 
DRV - [2014-11-23 18:59:36 | 000,055,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:WindowsSystem32driversaswrdr.sys -- (AswRdr)
 
DRV - [2014-11-23 18:58:50 | 000,026,136 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:WindowsSystem32driversaswKbd.sys -- (aswKbd)
 
DRV - [2014-11-23 18:58:08 | 000,253,640 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:WindowsSystem32driversaswNdis2.sys -- (aswNdis2)
 
DRV - [2013-12-26 15:26:09 | 000,012,112 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:WindowsSystem32driversaswNdis.sys -- (aswNdis)
 
DRV - [2013-05-31 15:53:18 | 000,209,016 | ---- | M] (QFX Software Corporation) [Kernel | On_Demand | Running] -- C:WindowsSystem32driverskeyscrambler.sys -- (KeyScrambler)
 
DRV - [2013-02-22 22:16:47 | 000,231,760 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:WindowsSystem32driverstruecrypt.sys -- (truecrypt)
 
DRV - [2012-09-20 05:35:36 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:WindowsSystem32driversssudmdm.sys -- (ssudmdm)
 
DRV - [2012-09-20 05:35:36 | 000,083,168 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:WindowsSystem32driversssudbus.sys -- (dg_ssudbus)
 
DRV - [2012-02-14 18:36:04 | 000,473,656 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:WindowsSystem32driverssptd.sys -- (sptd)
 
DRV - [2010-10-12 19:31:07 | 000,038,856 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:WindowsSystem32driversHookCentre.sys -- (HookCentre)
 
DRV - [2010-10-12 19:31:06 | 000,062,024 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:WindowsSystem32driversMiniIcpt.sys -- (GDMnIcpt)
 
DRV - [2010-10-10 22:41:01 | 000,029,992 | ---- | M] (G Data Software) [Kernel | System | Running] -- C:WindowsSystem32driversGRD.sys -- (GRD)
 
DRV - [2010-10-10 22:37:18 | 000,040,904 | ---- | M] (G DATA Software AG) [Kernel | System | Running] -- C:WindowsSystem32driversgdwfpcd32.sys -- (gdwfpcd)
 
DRV - [2010-06-23 10:23:46 | 000,023,040 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:WindowsSystem32drivershtcnprot.sys -- (htcnprot)
 
DRV - [2010-05-31 01:54:30 | 000,064,512 | ---- | M] (ASIX Electronics Corp.) [Kernel | On_Demand | Running] -- C:WindowsSystem32driversax88772.sys -- (AX88772)
 
DRV - [2010-04-15 09:23:20 | 000,114,688 | ---- | M] (ZTE Corporation) [Kernel | On_Demand | Stopped] -- C:WindowsSystem32driversZTEusbnet.sys -- (ZTEusbnet)
 
DRV - [2010-03-18 10:02:08 | 000,037,328 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:WindowsSystem32driversLMouFilt.Sys -- (LMouFilt)
 
DRV - [2010-03-18 10:01:52 | 000,038,864 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:WindowsSystem32driversLHidFilt.Sys -- (LHidFilt)
 
DRV - [2010-01-05 15:23:42 | 000,105,856 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:WindowsSystem32driversZTEusbser6k.sys -- (ZTEusbser6k)
 
DRV - [2010-01-05 15:23:42 | 000,105,856 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:WindowsSystem32driversZTEusbnmea.sys -- (ZTEusbnmea)
 
DRV - [2010-01-05 15:23:42 | 000,105,856 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:WindowsSystem32driversZTEusbmdm6k.sys -- (ZTEusbmdm6k)
 
DRV - [2009-09-27 09:46:16 | 000,009,216 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:WindowsSystem32driversmassfilter.sys -- (massfilter)
 
DRV - [2009-07-29 12:46:24 | 000,212,528 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:WindowsSystem32driversApfiltr.sys -- (ApfiltrService)
 
DRV - [2009-07-14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:WindowsSystem32driverswinusb.sys -- (winusb)
 
DRV - [2009-06-25 18:23:46 | 004,993,536 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:WindowsSystem32driversatikmdag.sys -- (R300)
 
DRV - [2009-06-25 18:23:46 | 004,993,536 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:WindowsSystem32driversatikmdag.sys -- (atikmdag)
 
DRV - [2009-06-25 16:58:10 | 000,048,128 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:WindowsSystem32driversrimmptsk.sys -- (rimmptsk)
 
DRV - [2009-06-25 16:25:58 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:WindowsSystem32driversrixdptsk.sys -- (rismxdp)
 
DRV - [2009-06-25 16:10:48 | 000,044,544 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:WindowsSystem32driversrimsptsk.sys -- (rimsptsk)
 
DRV - [2009-06-10 15:49:32 | 000,024,576 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:WindowsSystem32driversANDROIDUSB.sys -- (HTCAND32)
 
DRV - [2009-06-06 23:36:40 | 000,273,448 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:WindowsSystem32driversk57nd60x.sys -- (k57nd60x)
 
DRV - [2009-06-04 06:24:02 | 000,097,808 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:WindowsSystem32driversAtiHdmi.sys -- (AtiHdmiService)
 
DRV - [2009-04-11 06:06:26 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:WindowsSystem32driversWSDScan.sys -- (WSDScan)
 
DRV - [2008-11-12 09:58:00 | 000,054,784 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:WindowsSystem32driversitecir.sys -- (itecir)
 
DRV - [2008-10-27 07:25:30 | 000,144,672 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:WindowsSystem32driversOA001Ufd.sys -- (OA001Ufd)
 
DRV - [2008-10-27 07:25:28 | 000,277,440 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:WindowsSystem32driversOA001Vid.sys -- (OA001Vid)
 
DRV - [2008-08-25 11:31:44 | 000,382,976 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:WindowsSystem32driversstwrt.sys -- (STHDA)
 
DRV - [2008-06-26 06:30:50 | 003,662,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:WindowsSystem32driversNETw5v32.sys -- (NETw5v32)
 
DRV - [2008-05-01 20:25:52 | 000,072,000 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:WindowsSystem32driversftser2k.sys -- (FTSER2K)
 
DRV - [2008-05-01 20:25:52 | 000,057,536 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:WindowsSystem32driversftdibus.sys -- (FTDIBUS)
 
DRV - [2008-01-21 03:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:WindowsSystem32driverse1e6032.sys -- (e1express)
 
DRV - [2008-01-21 03:23:21 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:WindowsSystem32driversWSDPrint.sys -- (WSDPrintDevice)
 
 
 
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
 
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
 
 
 
 
 
 
IE - HKU.DEFAULT..SearchScopes,DefaultScope = 
 
IE - HKU.DEFAULTSoftwareMicrosoftWindowsCurrentVersionInternet Settings: "ProxyEnable" = 0
 
 
 
IE - HKUS-1-5-18..SearchScopes,DefaultScope = 
 
IE - HKUS-1-5-18SoftwareMicrosoftWindowsCurrentVersionInternet Settings: "ProxyEnable" = 0
 
 
 
IE - HKUS-1-5-19..SearchScopes,DefaultScope = 
 
 
 
IE - HKUS-1-5-20..SearchScopes,DefaultScope = 
 
 
 
IE - HKUS-1-5-21-734450612-4114772249-1177829277-1000SOFTWAREMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.msn.com/?ocid=EIE9HP&PC=UP51
 
IE - HKUS-1-5-21-734450612-4114772249-1177829277-1000SOFTWAREMicrosoftInternet ExplorerMain,First Home Page = http://g.msn.com/1me10IE9ENUS/120
 
IE - HKUS-1-5-21-734450612-4114772249-1177829277-1000SOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://www.msn.com/?ocid=EIE9HP&PC=UP51
 
IE - HKUS-1-5-21-734450612-4114772249-1177829277-1000SoftwareMicrosoftWindowsCurrentVersionInternet Settings: "ProxyEnable" = 0
 
 
 
[color=#E56717]========== FireFox ==========[/color]
 
 
 
FF - prefs.js..browser.search.defaultengine: "Google"
 
FF - prefs.js..browser.search.order.1: "Google"
 
FF - prefs.js..browser.search.selectedEngine: "Google"
 
FF - prefs.js..browser.search.useDBForOrder: true
 
FF - prefs.js..browser.startup.homepage: "http://www.google.com/firefox"
 
FF - prefs.js..extensions.enabledAddons: %7B5872365e-67d1-4afd-9480-fd293bebd20d%7D:1.7.8
 
FF - prefs.js..extensions.enabledAddons: %7Bd40f5e7b-d2cf-4856-b441-cc613eeffbe3%7D:1.68
 
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.24
 
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:10.0.2502.149
 
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.9.5
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:33.1.1
 
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.4
 
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170633FE}:20.1.0.4
 
FF - prefs.js..extensions.enabledItems: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}:1.49
 
FF - prefs.js..extensions.enabledItems: {5872365e-67d1-4afd-9480-fd293bebd20d}:1.7.8
 
FF - prefs.js..extensions.enabledItems: firefox@ghostery.com:2.5.2
 
FF - prefs.js..extensions.enabledItems: keyscrambler@qfx.software.corporation:2.7.1.0
 
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.9.9
 
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
 
FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=UTF-8&oe=utf-8&q="
 
FF - user.js - File not found
 
 
 
FF - HKLMSoftwareMozillaPlugins@adobe.com/FlashPlayer: C:Windowssystem32MacromedFlashNPSWF32_15_0_0_239.dll ()
 
FF - HKLMSoftwareMozillaPlugins@canon.com/EPPEX: C:Program FilesCanonEasy-PhotoPrint EXNPEZFFPI.DLL (CANON INC.)
 
FF - HKLMSoftwareMozillaPlugins@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:Program FilesFoxit SoftwareFoxit ReaderpluginsnpFoxitReaderPlugin.dll (Foxit Corporation)
 
FF - HKLMSoftwareMozillaPlugins@Google.com/GoogleEarthPlugin: C:Program FilesGoogleGoogle Earthpluginnpgeplugin.dll (Google)
 
FF - HKLMSoftwareMozillaPlugins@java.com/DTPlugin,version=10.67.2: C:Program FilesJavajre7bindtpluginnpDeployJava1.dll (Oracle Corporation)
 
FF - HKLMSoftwareMozillaPlugins@java.com/JavaPlugin,version=10.67.2: C:Program FilesJavajre7binplugin2npjp2.dll (Oracle Corporation)
 
FF - HKLMSoftwareMozillaPlugins@Microsoft.com/NpCtrl,version=1.0: C:Program FilesMicrosoft Silverlight5.1.30514.0npctrl.dll File not found
 
FF - HKLMSoftwareMozillaPlugins@microsoft.com/OfficeAuthz,version=14.0: C:PROGRA~1MICROS~3Office14NPAUTHZ.DLL (Microsoft Corporation)
 
FF - HKLMSoftwareMozillaPlugins@microsoft.com/SharePoint,version=14.0: C:PROGRA~1MICROS~3Office14NPSPWRAP.DLL (Microsoft Corporation)
 
FF - HKLMSoftwareMozillaPlugins@microsoft.com/WPF,version=3.5: C:WindowsMicrosoft.NETFrameworkv3.5Windows Presentation FoundationNPWPF.dll (Microsoft Corporation)
 
FF - HKLMSoftwareMozillaPlugins@Nero.com/KM: C:PROGRA~1COMMON~1NeroBROWSE~1NPBROW~1.DLL File not found
 
FF - HKLMSoftwareMozillaPlugins@tools.google.com/Google Update;version=3: C:Program FilesGoogleUpdate1.3.25.11npGoogleUpdate3.dll (Google Inc.)
 
FF - HKLMSoftwareMozillaPlugins@tools.google.com/Google Update;version=9: C:Program FilesGoogleUpdate1.3.25.11npGoogleUpdate3.dll (Google Inc.)
 
FF - HKLMSoftwareMozillaPluginsAdobe Reader: C:Program FilesAdobeReader 10.0ReaderAIRnppdf32.dll (Adobe Systems Inc.)
 
 
 
FF - HKEY_LOCAL_MACHINEsoftwaremozillaFirefoxExtensionswrc@avast.com: C:Program FilesAVAST SoftwareAvastWebRepFF [2014-11-24 20:28:33 | 000,000,000 | ---D | M]
 
FF - HKEY_LOCAL_MACHINEsoftwaremozillaMozilla Firefox 33.1.1extensionsComponents: C:Program FilesMozilla Firefoxcomponents [2014-11-26 20:29:22 | 000,000,000 | ---D | M]
 
FF - HKEY_LOCAL_MACHINEsoftwaremozillaMozilla Firefox 33.1.1extensionsPlugins: C:Program FilesMozilla Firefoxplugins [2014-11-26 20:29:23 | 000,000,000 | ---D | M]
 
FF - HKEY_CURRENT_USERsoftwaremozillaFirefoxExtensionsSearchToolbar@skywebsearch.com: C:Program FilesSave Tube Video CompanySaveTubeVideoFF
 
 
 
[2010-02-05 23:53:40 | 000,000,000 | ---D | M] (No name found) -- C:UsersIrekAppDataRoamingmozillaExtensions
 
[2010-02-05 23:53:40 | 000,000,000 | ---D | M] (No name found) -- C:UsersIrekAppDataRoamingmozillaExtensions{3550f703-e582-4d05-9a08-453d09bdfdc6}
 
[2014-11-25 20:45:47 | 000,000,000 | ---D | M] (No name found) -- C:UsersIrekAppDataRoamingmozillaFirefoxProfiles9ybcz4ox.defaultextensions
 
[2010-10-15 15:16:24 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:UsersIrekAppDataRoamingmozillaFirefoxProfiles9ybcz4ox.defaultextensions{20a82645-c095-46ed-80e3-08825760534b}
 
[2010-10-11 16:53:44 | 000,000,000 | ---D | M] (PasswordMaker) -- C:UsersIrekAppDataRoamingmozillaFirefoxProfiles9ybcz4ox.defaultextensions{5872365e-67d1-4afd-9480-fd293bebd20d}
 
[2014-09-10 18:57:49 | 000,000,000 | ---D | M] (DownloadHelper) -- C:UsersIrekAppDataRoamingmozillaFirefoxProfiles9ybcz4ox.defaultextensions{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
 
[2014-10-26 21:10:29 | 001,443,602 | ---- | M] () (No name found) -- C:UsersIrekAppDataRoamingmozillafirefoxprofiles9ybcz4ox.defaultextensionsfirefox@ghostery.com.xpi
 
[2014-03-23 20:32:18 | 003,679,842 | R--- | M] () (No name found) -- C:UsersIrekAppDataRoamingmozillafirefoxprofiles9ybcz4ox.defaultextensionssilvermel@pardal.de.xpi
 
[2014-03-23 20:32:18 | 000,062,091 | R--- | M] () (No name found) -- C:UsersIrekAppDataRoamingmozillafirefoxprofiles9ybcz4ox.defaultextensionssilvermelxt@pardal.de.xpi
 
[2014-11-21 21:00:35 | 000,147,897 | ---- | M] () (No name found) -- C:UsersIrekAppDataRoamingmozillafirefoxprofiles9ybcz4ox.defaultextensionstrackmenot@mrl.nyu.edu.xpi
 
[2014-11-25 20:45:47 | 000,543,364 | ---- | M] () (No name found) -- C:UsersIrekAppDataRoamingmozillafirefoxprofiles9ybcz4ox.defaultextensions{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
 
[2014-11-12 22:16:45 | 000,979,699 | ---- | M] () (No name found) -- C:UsersIrekAppDataRoamingmozillafirefoxprofiles9ybcz4ox.defaultextensions{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
 
[2012-01-22 00:15:24 | 000,138,614 | ---- | M] () (No name found) -- C:UsersIrekAppDataRoamingmozillafirefoxprofiles9ybcz4ox.defaultextensions{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
 
[2014-11-26 20:29:22 | 000,000,000 | ---D | M] (No name found) -- C:Program FilesMozilla Firefoxextensions
 
[2014-11-26 20:29:22 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:Program FilesMozilla Firefoxextensions{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
 
[2014-11-26 20:29:22 | 000,000,000 | ---D | M] (G Data WebFilter) -- C:Program FilesMozilla Firefoxextensions{9AA46F4F-4DC7-4c06-97AF-5035170633FE}
 
[2014-11-26 20:29:22 | 000,000,000 | ---D | M] (Java Console) -- C:Program FilesMozilla Firefoxextensions{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}
 
[2014-11-26 20:29:21 | 000,000,000 | ---D | M] (No name found) -- C:Program FilesMozilla Firefoxbrowserextensions
 
[2014-11-26 20:29:34 | 000,000,000 | ---D | M] (Default) -- C:Program FilesMozilla Firefoxbrowserextensions{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
[2014-11-24 20:28:33 | 000,000,000 | ---D | M] ("Avast Online Security") -- C:PROGRAM FILESAVAST SOFTWAREAVASTWEBREPFF
 
[2009-07-31 12:06:48 | 001,654,784 | ---- | M] (LizardTech) -- C:Program Filesmozilla firefoxpluginsnpdjvu.dll
 
[2010-10-13 18:50:58 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:Program Filesmozilla firefoxpluginsnpFoxitReaderPlugin.dll
 
 
 
[color=#E56717]========== Chrome  ==========[/color]
 
 
 
CHR - default_search_provider: Google (Enabled)
 
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
 
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
 
CHR - plugin: Windows Presentation Foundation (Enabled) = C:Windowssystem32npDeployJava1.dll
 
CHR - Extension: avast! Ad Blocker = C:UsersIrekAppDataLocalGoogleChromeUser DataDefaultExtensionsfplhdcjmbpfkejbhngmlngaecbjmoimd8.0_0
 
CHR - Extension: avast! Online Security = C:UsersIrekAppDataLocalGoogleChromeUser DataDefaultExtensionsgomekmidlodglbbmalcneegieacbdmki8.0.8_0
 
CHR - Extension: Skype Click to Call = C:UsersIrekAppDataLocalGoogleChromeUser DataDefaultExtensionslifbcibllhkdhoafpjfnlhfpfgnpldfl6.3.0.11079_0
 
CHR - Extension: Google Wallet = C:UsersIrekAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda0.0.5.0_0
 
 
 
O1 HOSTS File: ([2006-09-18 22:41:30 | 000,000,761 | ---- | M]) - C:WindowsSystem32driversetchosts
 
O1 - Hosts: 127.0.0.1       localhost
 
O1 - Hosts: ::1             localhost
 
O2 - BHO: (no name) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - No CLSID value found.
 
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:Program FilesMicrosoft OfficeOffice14GROOVEEX.DLL (Microsoft Corporation)
 
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
 
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:Program FilesAVAST SoftwareAvastaswWebRepIE.dll (AVAST Software)
 
O2 - BHO: (no name) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - No CLSID value found.
 
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
 
O4 - HKLM..Run: [AvastUI.exe] C:Program FilesAVAST SoftwareAvastAvastUI.exe (AVAST Software)
 
O4 - HKLM..Run: [KeyScrambler] C:Program FilesKeyScramblerkeyscrambler.exe (QFX Software Corporation)
 
O4 - HKLM..Run: [SysTrayApp] C:Program FilesIDTWDMsttray.exe (IDT, Inc.)
 
O4 - HKLM..Run: [Windows Defender] C:Program FilesWindows DefenderMSASCui.exe (Microsoft Corporation)
 
O4 - HKUS-1-5-19..Run: [WindowsWelcomeCenter] C:WindowsSystem32oobefldr.dll (Microsoft Corporation)
 
O4 - HKUS-1-5-20..Run: [WindowsWelcomeCenter] C:WindowsSystem32oobefldr.dll (Microsoft Corporation)
 
O4 - HKUS-1-5-21-734450612-4114772249-1177829277-1000..Run: [] C:Program FilesSamsungKiesExternalFirmwareUpdateKiesPDLR.exe (Samsung)
 
O4 - HKUS-1-5-21-734450612-4114772249-1177829277-1000..Run: [StartMenuX] C:Program FilesStart Menu XStartMenuX.exe (OrdinarySoft)
 
O6 - HKLMSoftwarePoliciesMicrosoftInternet ExplorerRestrictions present
 
O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: EnableLUA = 0
 
O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: EnableLinkedConnections = 1
 
O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: SoftwareSASGeneration = 1
 
O7 - HKU.DEFAULTSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
 
O7 - HKU.DEFAULTSoftwarePoliciesMicrosoftInternet ExplorerRestrictions present
 
O7 - HKU.DEFAULTSoftwarePoliciesMicrosoftInternet ExplorerSecurity present
 
O7 - HKU.DEFAULTSoftwarePoliciesMicrosoftInternet ExplorerTabbedBrowsing present
 
O7 - HKU.DEFAULTSoftwarePoliciesMicrosoftInternet ExplorerZOOM present
 
O7 - HKUS-1-5-18SoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
 
O7 - HKUS-1-5-18SoftwarePoliciesMicrosoftInternet ExplorerRestrictions present
 
O7 - HKUS-1-5-18SoftwarePoliciesMicrosoftInternet ExplorerSecurity present
 
O7 - HKUS-1-5-18SoftwarePoliciesMicrosoftInternet ExplorerTabbedBrowsing present
 
O7 - HKUS-1-5-18SoftwarePoliciesMicrosoftInternet ExplorerZOOM present
 
O7 - HKUS-1-5-19SoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
 
O7 - HKUS-1-5-19SoftwarePoliciesMicrosoftInternet ExplorerRestrictions present
 
O7 - HKUS-1-5-19SoftwarePoliciesMicrosoftInternet ExplorerSecurity present
 
O7 - HKUS-1-5-19SoftwarePoliciesMicrosoftInternet ExplorerTabbedBrowsing present
 
O7 - HKUS-1-5-19SoftwarePoliciesMicrosoftInternet ExplorerZOOM present
 
O7 - HKUS-1-5-20SoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
 
O7 - HKUS-1-5-20SoftwarePoliciesMicrosoftInternet ExplorerRestrictions present
 
O7 - HKUS-1-5-20SoftwarePoliciesMicrosoftInternet ExplorerSecurity present
 
O7 - HKUS-1-5-20SoftwarePoliciesMicrosoftInternet ExplorerTabbedBrowsing present
 
O7 - HKUS-1-5-20SoftwarePoliciesMicrosoftInternet ExplorerZOOM present
 
O7 - HKUS-1-5-21-734450612-4114772249-1177829277-1000SoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
 
O7 - HKUS-1-5-21-734450612-4114772249-1177829277-1000SoftwarePoliciesMicrosoftInternet ExplorerRestrictions present
 
O7 - HKUS-1-5-21-734450612-4114772249-1177829277-1000SoftwarePoliciesMicrosoftInternet ExplorerSecurity present
 
O7 - HKUS-1-5-21-734450612-4114772249-1177829277-1000SoftwarePoliciesMicrosoftInternet ExplorerTabbedBrowsing present
 
O7 - HKUS-1-5-21-734450612-4114772249-1177829277-1000SoftwarePoliciesMicrosoftInternet ExplorerZOOM present
 
O7 - HKUS-1-5-21-734450612-4114772249-1177829277-1000SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoViewOnDrive = 0
 
O7 - HKUS-1-5-21-734450612-4114772249-1177829277-1000SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDrives = 0
 
O13 - gopher Prefix: missing
 
O15 - HKUS-1-5-21-734450612-4114772249-1177829277-1000..Trusted Domains: dell.com ([]* in Trusted sites)
 
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Java Plug-in 10.67.2)
 
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
 
O16 - DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Java Plug-in 1.6.0_39)
 
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Java Plug-in 10.67.2)
 
O17 - HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 217.172.224.160 89.231.1.206
 
O17 - HKLMSystemCCSServicesTcpipParametersInterfaces{23538496-F44D-45F3-A07F-77D22FD6A37E}: DhcpNameServer = 192.168.42.129
 
O17 - HKLMSystemCCSServicesTcpipParametersInterfaces{95A89558-CA78-4A77-BB70-1E2AD4E1F47C}: DhcpNameServer = 192.168.42.129
 
O17 - HKLMSystemCCSServicesTcpipParametersInterfaces{DB96B6B1-2F3E-4B6E-A7F7-0A2D985172B7}: DhcpNameServer = 217.172.224.160 89.231.1.206
 
O17 - HKLMSystemCCSServicesTcpipParametersInterfaces{E4264BAD-4C4D-478D-B82D-5B9FEF7E05C1}: DhcpNameServer = 192.168.1.1
 
O18 - ProtocolHandlerskype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:Program FilesCommon FilesSkypeSkype4COM.dll (Skype Technologies)
 
O18 - ProtocolHandlerskype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll (Skype Technologies S.A.)
 
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:Windowsexplorer.exe (Microsoft Corporation)
 
O20 - HKLM Winlogon: UserInit - (C:Windowssystem32userinit.exe) - C:WindowsSystem32userinit.exe (Microsoft Corporation)
 
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:Program FilesMicrosoft OfficeOffice14GROOVEEX.DLL (Microsoft Corporation)
 
O32 - HKLM CDRom: AutoRun - 0
 
O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () - C:autoexec.bat -- [ NTFS ]
 
O32 - AutoRun File - [2014-10-08 18:05:20 | 001,184,235 | ---- | M] () - C:AutoMapaSetupLog.txt -- [ NTFS ]
 
O33 - MountPoints2{7c194d8e-4644-11e3-ba7c-001e101f3315}Shell - "" = AutoRun
 
O33 - MountPoints2{7c194d8e-4644-11e3-ba7c-001e101f3315}ShellAutoRuncommand - "" = L:AutoRun.exe
 
O33 - MountPoints2{7d724982-4562-11e3-bbac-001e101fe5e1}Shell - "" = AutoRun
 
O33 - MountPoints2{7d724982-4562-11e3-bbac-001e101fe5e1}ShellAutoRuncommand - "" = J:AutoRun.exe
 
O34 - HKLM BootExecute: (autocheck autochk *)
 
O35 - HKLM..comfile [open] -- "%1" %*
 
O35 - HKLM..exefile [open] -- "%1" %*
 
O37 - HKLM...com [@ = comfile] -- "%1" %*
 
O37 - HKLM...exe [@ = exefile] -- "%1" %*
 
O38 - SubSystemsWindows: (ServerDll=winsrv:UserServerDllInitialization,3)
 
O38 - SubSystemsWindows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
 
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
 
 
[2014-11-26 22:04:51 | 000,000,000 | ---D | C] -- C:UsersIrekDesktopLOGI
 
[2014-11-26 20:29:21 | 000,000,000 | ---D | C] -- C:Program FilesMozilla Firefox
 
[2014-11-24 22:21:22 | 000,000,000 | ---D | C] -- C:WindowsSoftwareDistribution
 
[2014-11-24 22:11:42 | 000,347,816 | ---- | C] (Microsoft Corporation) -- C:UsersIrekDesktopMicrosoftFixit.wu.Run.exe
 
[2014-11-24 20:28:44 | 000,291,352 | ---- | C] (AVAST Software) -- C:WindowsSystem32aswBoot.exe
 
[2014-11-23 19:00:25 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuProgramsAVAST Software
 
[2014-11-23 18:59:32 | 000,043,152 | ---- | C] (AVAST Software) -- C:WindowsavastSS.scr
 
[2014-11-11 19:44:24 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:WindowsSystem32msaudite.dll
 
[2014-11-11 19:44:22 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:WindowsSystem32adtschema.dll
 
[2014-11-11 19:44:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:WindowsSystem32msxml3r.dll
 
[2014-11-11 19:43:11 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:WindowsSystem32packager.dll
 
[2014-11-11 19:40:01 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:WindowsSystem32IMJP10K.DLL
 
[2014-11-11 19:37:21 | 000,396,800 | ---- | C] (Microsoft Corporation) -- C:WindowsSystem32AudioEng.dll
 
[2014-11-11 19:37:21 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:WindowsSystem32AUDIOKSE.dll
 
[2014-11-11 19:37:20 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:WindowsSystem32EncDump.dll
 
[2014-11-11 19:28:47 | 002,054,656 | ---- | C] (Microsoft Corporation) -- C:WindowsSystem32win32k.sys
 
[2014-11-11 19:28:05 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:WindowsSystem32msfeedssync.exe
 
[2014-11-11 19:28:04 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:WindowsSystem32jsproxy.dll
 
[2014-11-11 19:28:04 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:WindowsSystem32msfeedsbs.dll
 
[2014-11-11 19:28:03 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:WindowsSystem32dxtmsft.dll
 
[2014-11-11 19:28:02 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:WindowsSystem32msfeeds.dll
 
[2014-11-11 19:28:01 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:WindowsSystem32mshtml.tlb
 
[2014-11-11 19:28:01 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:WindowsSystem32inetcpl.cpl
 
[2014-11-11 19:28:01 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:WindowsSystem32url.dll
 
[2014-11-11 19:28:01 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:WindowsSystem32ieUnatt.exe
 
[2014-11-11 19:28:00 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:WindowsSystem32dxtrans.dll
 
[2014-11-11 19:28:00 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:WindowsSystem32ieui.dll
 
[2014-11-11 19:27:55 | 001,810,944 | ---- | C] (Microsoft Corporation) -- C:WindowsSystem32jscript9.dll
 
[2014-11-05 22:32:01 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuProgramsQuickTime
 
[2014-11-05 22:31:37 | 000,000,000 | ---D | C] -- C:Program FilesQuickTime
 
[2014-11-05 22:31:36 | 000,000,000 | ---D | C] -- C:ProgramDataApple Computer
 
[2014-11-05 22:27:18 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuProgramsFoxit Reader
 
[2014-11-05 22:21:52 | 000,272,808 | ---- | C] (Oracle Corporation) -- C:WindowsSystem32javaws.exe
 
[2014-11-05 22:21:32 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:WindowsSystem32javaw.exe
 
[2014-11-05 22:21:32 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:WindowsSystem32java.exe
 
[2014-11-05 22:21:32 | 000,096,680 | ---- | C] (Oracle Corporation) -- C:WindowsSystem32WindowsAccessBridge.dll
 
[2010-11-14 21:19:25 | 000,047,360 | ---- | C] (VSO Software) -- C:UsersIrekAppDataRoamingpcouffin.sys
 
[1 C:Windows*.tmp files -> C:Windows*.tmp -> ]
 
 
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
 
 
[2014-11-26 22:11:00 | 000,001,036 | ---- | M] () -- C:WindowstasksGoogleUpdateTaskMachineUA.job
 
[2014-11-26 22:08:56 | 000,003,744 | -H-- | M] () -- C:WindowsSystem327B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
 
[2014-11-26 22:08:56 | 000,003,744 | -H-- | M] () -- C:WindowsSystem327B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
 
[2014-11-26 21:57:14 | 000,000,930 | ---- | M] () -- C:WindowstasksAdobe Flash Player Updater.job
 
[2014-11-26 21:57:12 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- C:WindowsSystem32FlashPlayerApp.exe
 
[2014-11-26 21:57:12 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:WindowsSystem32FlashPlayerCPLApp.cpl
 
[2014-11-26 20:09:23 | 000,001,032 | ---- | M] () -- C:WindowstasksGoogleUpdateTaskMachineCore.job
 
[2014-11-26 20:08:51 | 000,067,584 | --S- | M] () -- C:Windowsbootstat.dat
 
[2014-11-26 20:08:49 | 3184,410,624 | -HS- | M] () -- C:hiberfil.sys
 
[2014-11-25 23:44:04 | 000,003,204 | ---- | M] () -- C:Windowsbthservsdp.dat
 
[2014-11-25 20:16:04 | 000,222,042 | ---- | M] () -- C:UsersIrekDocumentscc_20141125_201551.reg
 
[2014-11-24 22:11:43 | 000,347,816 | ---- | M] (Microsoft Corporation) -- C:UsersIrekDesktopMicrosoftFixit.wu.Run.exe
 
[2014-11-24 22:01:31 | 000,007,620 | ---- | M] () -- C:UsersIrekAppDataLocald3d9caps.dat
 
[2014-11-24 20:29:36 | 000,001,899 | ---- | M] () -- C:UsersPublicDesktopAvast SafeZone.lnk
 
[2014-11-24 20:29:36 | 000,001,839 | ---- | M] () -- C:UsersPublicDesktopAvast Internet Security.lnk
 
[2014-11-23 19:00:04 | 000,787,800 | ---- | M] (AVAST Software) -- C:WindowsSystem32driversaswsnx.sys
 
[2014-11-23 19:00:00 | 000,423,784 | ---- | M] (AVAST Software) -- C:WindowsSystem32driversaswsp.sys
 
[2014-11-23 18:59:37 | 000,206,248 | ---- | M] () -- C:WindowsSystem32driversaswVmm.sys
 
[2014-11-23 18:59:37 | 000,070,384 | ---- | M] (AVAST Software) -- C:WindowsSystem32driversaswMonFlt.sys
 
[2014-11-23 18:59:37 | 000,057,928 | ---- | M] (AVAST Software) -- C:WindowsSystem32driversaswTdi.sys
 
[2014-11-23 18:59:37 | 000,049,944 | ---- | M] () -- C:WindowsSystem32driversaswRvrt.sys
 
[2014-11-23 18:59:37 | 000,024,184 | ---- | M] () -- C:WindowsSystem32driversaswHwid.sys
 
[2014-11-23 18:59:36 | 000,055,240 | ---- | M] (AVAST Software) -- C:WindowsSystem32driversaswrdr.sys
 
[2014-11-23 18:59:32 | 000,291,352 | ---- | M] (AVAST Software) -- C:WindowsSystem32aswBoot.exe
 
[2014-11-23 18:59:32 | 000,043,152 | ---- | M] (AVAST Software) -- C:WindowsavastSS.scr
 
[2014-11-23 18:58:50 | 000,026,136 | ---- | M] (AVAST Software) -- C:WindowsSystem32driversaswKbd.sys
 
[2014-11-23 18:58:08 | 000,253,640 | ---- | M] (AVAST Software) -- C:WindowsSystem32driversaswNdis2.sys
 
[2014-11-22 14:29:26 | 000,728,036 | ---- | M] () -- C:WindowsSystem32perfh015.dat
 
[2014-11-22 14:29:26 | 000,646,302 | ---- | M] () -- C:WindowsSystem32perfh009.dat
 
[2014-11-22 14:29:26 | 000,158,688 | ---- | M] () -- C:WindowsSystem32perfc015.dat
 
[2014-11-22 14:29:26 | 000,125,066 | ---- | M] () -- C:WindowsSystem32perfc009.dat
 
[2014-11-11 20:18:49 | 000,523,056 | ---- | M] () -- C:WindowsSystem32FNTCACHE.DAT
 
[2014-11-10 12:28:05 | 000,000,322 | ---- | M] () -- C:WindowstasksNorton SystemWorks One Button Checkup.job
 
[2014-11-05 22:32:01 | 000,001,688 | ---- | M] () -- C:UsersPublicDesktopQuickTime Player.lnk
 
[2014-11-05 22:27:19 | 000,001,888 | ---- | M] () -- C:UsersPublicDesktopFoxit Reader.lnk
 
[2014-11-05 22:21:22 | 000,096,680 | ---- | M] (Oracle Corporation) -- C:WindowsSystem32WindowsAccessBridge.dll
 
[2014-11-05 22:21:18 | 000,272,808 | ---- | M] (Oracle Corporation) -- C:WindowsSystem32javaws.exe
 
[2014-11-05 22:21:18 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:WindowsSystem32javaw.exe
 
[2014-11-05 22:21:18 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:WindowsSystem32java.exe
 
[2014-11-04 14:30:58 | 000,229,000 | ---- | M] (Microsoft Corporation) -- C:WindowsSystem32MpSigStub.exe
 
[2014-10-29 21:15:17 | 001,698,304 | ---- | M] () -- C:UsersIrekDocumentsHJK X 2014 scal.pub
 
[1 C:Windows*.tmp files -> C:Windows*.tmp -> ]
 
 
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
 
 
[2014-11-25 20:15:53 | 000,222,042 | ---- | C] () -- C:UsersIrekDocumentscc_20141125_201551.reg
 
[2014-11-25 17:52:42 | 3184,410,624 | -HS- | C] () -- C:hiberfil.sys
 
[2014-11-23 19:00:25 | 000,001,899 | ---- | C] () -- C:UsersPublicDesktopAvast SafeZone.lnk
 
[2014-11-23 19:00:25 | 000,001,839 | ---- | C] () -- C:UsersPublicDesktopAvast Internet Security.lnk
 
[2014-11-05 22:32:01 | 000,001,688 | ---- | C] () -- C:UsersPublicDesktopQuickTime Player.lnk
 
[2014-11-05 22:27:19 | 000,001,888 | ---- | C] () -- C:UsersPublicDesktopFoxit Reader.lnk
 
[2014-10-24 20:28:16 | 000,000,000 | ---- | C] () -- C:UsersIrekAppDataLocal{5C86AC6B-735F-4EF8-B922-75D45FF2446A}
 
[2014-08-27 20:04:52 | 000,011,730 | ---- | C] () -- C:UsersIrekAppDataLocalrecently-used.xbel
 
[2014-05-02 13:40:19 | 000,024,184 | ---- | C] () -- C:WindowsSystem32driversaswHwid.sys
 
[2014-01-07 18:49:45 | 000,000,097 | ---- | C] () -- C:WindowswinDecrypt.INI
 
[2013-12-19 21:18:03 | 000,000,134 | ---- | C] () -- C:UsersIrekAppDataRoamingWB.CFG
 
[2013-09-28 21:14:09 | 000,707,354 | ---- | C] () -- C:Windowsunins001.exe
 
[2013-09-28 21:14:09 | 000,001,529 | ---- | C] () -- C:Windowsunins001.dat
 
[2013-09-28 18:26:03 | 000,013,942 | ---- | C] () -- C:UsersIrekAppDataRoamingUserTile.png
 
[2013-09-26 20:24:21 | 000,715,763 | ---- | C] () -- C:Windowsunins000.exe
 
[2013-09-26 20:24:20 | 000,001,786 | ---- | C] () -- C:Windowsunins000.dat
 
[2013-08-31 19:05:50 | 000,000,041 | ---- | C] () -- C:Windowsodbcisam.ini
 
[2013-08-31 19:05:49 | 000,000,815 | ---- | C] () -- C:WindowsODBCINST.INI
 
[2013-08-31 19:05:48 | 000,000,226 | ---- | C] () -- C:WindowsEURO.INI
 
[2013-08-31 19:05:48 | 000,000,172 | ---- | C] () -- C:WindowsECONFIG.INI
 
[2013-08-31 19:05:48 | 000,000,036 | ---- | C] () -- C:WindowsSPELL.INI
 
[2013-08-31 19:05:46 | 000,002,812 | ---- | C] () -- C:WindowsMEDIATXT.INI
 
[2013-08-31 19:05:46 | 000,002,713 | ---- | C] () -- C:WindowsPHOTO.INI
 
[2013-08-31 19:05:46 | 000,002,259 | ---- | C] () -- C:WindowsTEXT.INI
 
[2013-08-31 19:05:46 | 000,002,256 | ---- | C] () -- C:WindowsORDER.INI
 
[2013-08-31 19:05:46 | 000,002,255 | ---- | C] () -- C:WindowsQUEST.INI
 
[2013-08-31 19:05:46 | 000,002,255 | ---- | C] () -- C:WindowsLABEL.INI
 
[2013-08-31 19:05:46 | 000,002,255 | ---- | C] () -- C:WindowsJIGSAW.INI
 
[2013-08-31 19:05:46 | 000,002,253 | ---- | C] () -- C:WindowsWORDS.INI
 
[2013-08-31 19:05:46 | 000,002,253 | ---- | C] () -- C:WindowsPHREC.INI
 
[2013-08-31 19:05:46 | 000,002,253 | ---- | C] () -- C:WindowsPHRASE.INI
 
[2013-08-31 19:05:46 | 000,002,253 | ---- | C] () -- C:WindowsIDENT.INI
 
[2013-08-31 19:05:46 | 000,002,253 | ---- | C] () -- C:WindowsDLGREC.INI
 
[2013-08-31 19:05:45 | 000,002,253 | ---- | C] () -- C:WindowsDLGINS.INI
 
[2013-08-31 19:05:45 | 000,002,253 | ---- | C] () -- C:WindowsDICT.INI
 
[2013-08-31 19:05:45 | 000,002,249 | ---- | C] () -- C:WindowsDIALOGUE.INI
 
[2013-08-31 19:05:44 | 000,002,442 | ---- | C] () -- C:WindowsTAPE.INI
 
[2013-08-31 19:05:44 | 000,002,255 | ---- | C] () -- C:WindowsCLOZE.INI
 
[2013-08-31 19:05:44 | 000,002,253 | ---- | C] () -- C:WindowsCONNECT.INI
 
[2013-08-31 19:05:44 | 000,002,253 | ---- | C] () -- C:WindowsCHOICE.INI
 
[2013-08-31 19:05:44 | 000,002,253 | ---- | C] () -- C:WindowsCHART.INI
 
[2013-08-31 19:05:44 | 000,002,248 | ---- | C] () -- C:WindowsDICTONRY.INI
 
[2013-08-31 19:05:44 | 000,002,243 | ---- | C] () -- C:WindowsFORMS.INI
 
[2013-08-31 19:05:42 | 000,000,144 | ---- | C] () -- C:WindowsINDEO.INI
 
[2013-08-16 21:58:02 | 000,000,032 | ---- | C] () -- C:Windowsstart.INI
 
[2013-08-08 20:12:30 | 000,206,248 | ---- | C] () -- C:WindowsSystem32driversaswVmm.sys
 
[2013-08-08 20:12:30 | 000,049,944 | ---- | C] () -- C:WindowsSystem32driversaswRvrt.sys
 
[2013-07-23 19:10:56 | 000,000,092 | ---- | C] () -- C:UsersIrekAppDataLocalfusioncache.dat
 
[2013-04-21 23:04:31 | 000,294,912 | ---- | C] () -- C:WindowsSystem32ATIODE.exe
 
[2013-04-21 23:04:31 | 000,045,056 | ---- | C] () -- C:WindowsSystem32ATIODCLI.exe
 
[2013-04-21 23:04:30 | 000,197,654 | ---- | C] () -- C:WindowsSystem32atiicdxx.dat
 
[2013-04-10 23:10:19 | 000,000,649 | ---- | C] () -- C:WindowsStarBurn.INI
 
[2011-04-05 21:47:50 | 000,723,981 | ---- | C] () -- C:UsersIrekAppDataLocalunins000.exe
 
[2011-04-05 21:47:50 | 000,002,156 | ---- | C] () -- C:UsersIrekAppDataLocalunins000.dat
 
[2010-11-14 21:19:25 | 000,081,920 | ---- | C] () -- C:UsersIrekAppDataRoamingezpinst.exe
 
[2010-11-14 21:19:25 | 000,007,176 | ---- | C] () -- C:UsersIrekAppDataRoamingpcouffin.cat
 
[2010-11-14 21:19:25 | 000,001,144 | ---- | C] () -- C:UsersIrekAppDataRoamingpcouffin.inf
 
[2009-12-13 18:54:43 | 000,000,020 | ---- | C] () -- C:UsersIrekAppDataRoamingfvgqad.dat
 
[2009-12-13 18:54:41 | 000,000,004 | ---- | C] () -- C:UsersIrekAppDataRoamingavdrn.dat
 
[2009-02-12 21:10:24 | 000,007,620 | ---- | C] () -- C:UsersIrekAppDataLocald3d9caps.dat
 
[2009-02-09 18:07:38 | 000,028,160 | ---- | C] () -- C:UsersIrekAppDataLocalDCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
[2009-02-09 17:58:53 | 000,000,186 | ---- | C] () -- C:UsersIrekAppDataRoamingwklnhst.dat
 
 
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
 
 
[2006-11-02 13:54:22 | 000,000,227 | RHS- | M] () -- C:WindowsassemblyDesktop.ini
 
 
 
[HKEY_CURRENT_USERSoftwareClassesclsid{42aedc87-2188-41fd-b9a3-0c966feabec1}InProcServer32]
 
 
 
[HKEY_CURRENT_USERSoftwareClassesclsid{fbeb8a05-beee-4442-804e-409d6c4515e9}InProcServer32]
 
 
 
[HKEY_LOCAL_MACHINESoftwareClassesclsid{42aedc87-2188-41fd-b9a3-0c966feabec1}InProcServer32]
 
"" = %SystemRoot%system32shell32.dll -- [2014-03-25 14:26:04 | 011,587,584 | ---- | M] (Microsoft Corporation)
 
"ThreadingModel" = Apartment
 
 
 
[HKEY_LOCAL_MACHINESoftwareClassesclsid{5839FCA9-774D-42A1-ACDA-D6A79037F57F}InProcServer32]
 
"" = %systemroot%system32wbemfastprox.dll -- [2009-04-11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
 
"ThreadingModel" = Free
 
 
 
[HKEY_LOCAL_MACHINESoftwareClassesclsid{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}InProcServer32]
 
"" = %systemroot%system32wbemwbemess.dll -- [2009-04-11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
 
"ThreadingModel" = Both
 
 
 
[color=#E56717]========== LOP Check ==========[/color]
 
 
 
[2014-09-21 13:11:18 | 000,000,000 | ---D | M] -- C:UsersIrekAppDataRoaming1J1F1H1E2Y2Z1P1C1B2W1L1T2ZtF1E1I
 
[2014-01-18 14:45:50 | 000,000,000 | ---D | M] -- C:UsersIrekAppDataRoamingAshampoo
 
[2013-11-02 18:05:47 | 000,000,000 | ---D | M] -- C:UsersIrekAppDataRoamingAVAST Software
 
[2013-07-25 19:42:08 | 000,000,000 | ---D | M] -- C:UsersIrekAppDataRoamingCanon
 
[2011-08-06 19:20:50 | 000,000,000 | ---D | M] -- C:UsersIrekAppDataRoamingCD-LabelPrint
 
[2014-09-21 12:38:12 | 000,000,000 | ---D | M] -- C:UsersIrekAppDataRoamingDAEMON Tools Lite
 
[2011-03-25 18:47:07 | 000,000,000 | ---D | M] -- C:UsersIrekAppDataRoamingDroppix
 
[2014-04-23 11:07:42 | 000,000,000 | ---D | M] -- C:UsersIrekAppDataRoaminge-Deklaracje
 
[2011-04-05 21:40:09 | 000,000,000 | ---D | M] -- C:UsersIrekAppDataRoaminge-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1
 
[2013-11-20 23:32:39 | 000,000,000 | ---D | M] -- C:UsersIrekAppDataRoamingEaseware
 
[2012-02-28 22:46:31 | 000,000,000 | ---D | M] -- C:UsersIrekAppDataRoamingEBookSys
 
[2014-10-02 17:46:17 | 000,000,000 | ---D | M] -- C:UsersIrekAppDataRoamingEssentialPIM
 
[2013-09-28 20:09:05 | 000,000,000 | ---D | M] -- C:UsersIrekAppDataRoamingeUpdate
 
[2010-08-02 22:25:14 | 000,000,000 | ---D | M] -- C:UsersIrekAppDataRoamingEurekaLog
 
[2014-09-24 20:11:52 | 000,000,000 | ---D | M] -- C:UsersIrekAppDataRoamingFoxit Software
 
[2009-07-28 21:21:25 | 000,000,000 | ---D | M] -- C:UsersIrekAppDataRoamingGHISLER
 
[2013-12-03 20:25:59 | 000,000,000 | ---D | M] -- C:UsersIrekAppDataRoaminggramps
 
[2012-02-17 12:17:15 | 000,000,000 | ---D | M] -- C:UsersIrekAppDataRoaminggtk-2.0
 
[2010-09-14 20:41:40 | 000,000,000 | ---D | M] -- C:UsersIrekAppDataRoamingHEXelon
 
[2014-05-23 19:41:46 | 000,000,000 | ---D | M] -- C:UsersIrekAppDataRoamingHTC
 
[2012-02-17 11:22:48 | 000,000,000 | ---D | M] -- C:UsersIrekAppDataRoamingHTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
 
[2010-08-23 20:07:45 | 000,000,000 | ---D | M] -- C:UsersIrekAppDataRoamingLeadertech
 
[2013-08-03 23:09:45 | 000,000,000 | ---D | M] -- C:UsersIrekAppDataRoamingMael
 
[2012-11-26 20:57:38 | 000,000,000 | ---D | M] -- C:UsersIrekAppDataRoamingNetGuard
 
[2014-02-22 23:32:20 | 000,000,000 | ---D | M] -- C:UsersIrekAppDataRoamingnewnext.me
 
[2014-10-26 11:42:44 | 000,000,000 | ---D | M] -- C:UsersIrekAppDataRoamingOpera
 
[2013-11-27 11:57:02 | 000,000,000 | ---D | M] -- C:UsersIrekAppDataRoamingOpera Software
 
[2010-01-21 23:19:52 | 000,000,000 | ---D | M] -- C:UsersIrekAppDataRoamingPDF Writer
 
[2013-09-28 18:26:03 | 000,000,000 | ---D | M] -- C:UsersIrekAppDataRoamingPeerNetworking
 
[2009-06-15 21:39:12 | 000,000,000 | ---D | M] -- C:UsersIrekAppDataRoamingPixmantec
 
[2011-06-25 22:05:19 | 000,000,000 | ---D | M] -- C:UsersIrekAppDataRoamingQFX Software
 
[2013-01-12 13:40:34 | 000,000,000 | ---D | M] -- C:UsersIrekAppDataRoamingSamsung
 
[2013-06-24 22:29:58 | 000,000,000 | ---D | M] -- C:UsersIrekAppDataRoamingStartMenuX
 
[2009-02-09 17:58:54 | 000,000,000 | ---D | M] -- C:UsersIrekAppDataRoamingTemplate
 
[2010-02-05 23:53:38 | 000,000,000 | ---D | M] -- C:UsersIrekAppDataRoamingThunderbird
 
[2010-11-14 20:36:07 | 000,000,000 | ---D | M] -- C:UsersIrekAppDataRoamingTRIWORKS
 
[2014-02-02 17:38:17 | 000,000,000 | ---D | M] -- C:UsersIrekAppDataRoamingTrueCrypt
 
[2014-01-17 23:43:21 | 000,000,000 | ---D | M] -- C:UsersIrekAppDataRoamingVista Start Menu
 
[2010-11-14 21:19:59 | 000,000,000 | ---D | M] -- C:UsersIrekAppDataRoamingVso
 
[2011-10-16 22:27:25 | 000,000,000 | ---D | M] -- C:UsersIrekAppDataRoamingVSRevoGroup
 
[2011-11-21 22:20:32 | 000,000,000 | ---D | M] -- C:UsersIrekAppDataRoamingXnConvert
 
[2014-11-25 20:16:49 | 000,000,000 | ---D | M] -- C:UsersIrekAppDataRoamingXnView
 
[2014-02-06 23:00:01 | 000,000,000 | ---D | M] -- C:UsersIrekAppDataRoamingXnViewMP
 
 
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
 
 
 
 
[color=#E56717]========== Files - Unicode (All) ==========[/color]
 
(C:UsersIrekAppDataRoamingMicrosoftWindowsStart MenuPrograms??????) -- C:UsersIrekAppDataRoamingMicrosoftWindowsStart MenuPrograms/=45:A
 
 
 
< End of report >
 
 
Wygenerowano w 0.142s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!