pypciu
Wdrażany
Liczba postów: 25
|
RE: Windows 7 x64 Ultimate zacina się co 2 dni: log z HijackThis do sprawdzenia
Dzięki za odpowiedz, zrobiłem tak jak mówiłeś i zapodaję logi z programu OTL:
Kod:
OTL logfile created on: 2012-08-02 00: 30: 44 - Run 1
OTL by OldTimer - Version 3.2.55.0 Folder = C: \Users\Pusz\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
8,00 Gb Total Physical Memory | 5,73 Gb Available Physical Memory | 71,65% Memory free
31,99 Gb Paging File | 28,71 Gb Available in Paging File | 89,75% Paging File free
Paging file location(s): [Binary data over 100 bytes]
%SystemDrive% = C: | %SystemRoot% = C: \Windows | %ProgramFiles% = C: \Program Files (x86)
Drive C: | 247,92 Gb Total Space | 196,52 Gb Free Space | 79,27% Space Free | Partition Type: NTFS
Drive D: | 341,70 Gb Total Space | 18,46 Gb Free Space | 5,40% Space Free | Partition Type: NTFS
Drive E: | 341,80 Gb Total Space | 23,71 Gb Free Space | 6,94% Space Free | Partition Type: NTFS
Drive G: | 1,37 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive I: | 596,02 Gb Total Space | 514,35 Gb Free Space | 86,30% Space Free | Partition Type: FAT32
Computer Name: PUSZ-PC | User Name: Pusz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2012-08-02 00: 09: 57 | 000,597,504 | ---- | M] (OldTimer Tools) -- C: \Users\Pusz\Desktop\OTL.exe
PRC - [2012-08-01 11: 48: 33 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C: \Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012-07-31 11: 49: 37 | 001,536,712 | ---- | M] (Adobe Systems, Inc.) -- C: \Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_268.exe
PRC - [2012-06-27 11: 58: 22 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C: \Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012-06-27 11: 58: 22 | 000,462,920 | ---- | M] (Malwarebytes Corporation) -- C: \Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012-06-19 18: 46: 36 | 011,324,352 | ---- | M] (Innovative Solutions) -- C: \Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe
PRC - [2012-06-12 17: 31: 08 | 001,104,440 | ---- | M] () -- C: \Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2012-06-12 17: 31: 08 | 000,935,480 | ---- | M] () -- C: \Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe
PRC - [2012-04-17 17: 19: 40 | 003,671,872 | ---- | M] (DT Soft Ltd) -- C: \Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2012-01-29 17: 22: 26 | 000,075,136 | ---- | M] () -- C: \Windows\SysWOW64\PnkBstrA.exe
PRC - [2012-01-24 18: 24: 26 | 002,416,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C: \Program Files (x86)\AVG\AVG2012\avgtray.exe
PRC - [2011-11-23 03: 36: 24 | 002,391,832 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C: \Program Files (x86)\AVG\AVG2012\avgfws.exe
PRC - [2011-10-12 07: 25: 22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C: \Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011-08-02 07: 09: 08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C: \Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
PRC - [2011-07-13 08: 33: 08 | 004,615,064 | ---- | M] (Almico Software (www.almico.com)) -- C: \Program Files (x86)\SpeedFan\speedfan.exe
PRC - [2011-02-10 02: 00: 16 | 000,012,800 | ---- | M] (Mr. John aka japamd) -- C: \Program Files (x86)\RadeonPro\RadeonProSupport.exe
PRC - [2011-02-10 02: 00: 14 | 001,832,448 | ---- | M] (Mr. John aka japamd) -- C: \Program Files (x86)\RadeonPro\RadeonPro.exe
PRC - [2010-11-20 14: 17: 41 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C: \Program Files (x86)\Windows Sidebar\sidebar.exe
PRC - [2010-06-04 12: 13: 00 | 007,989,768 | ---- | M] (ASRock Incorporation) -- C: \Program Files (x86)\ASRock Utility\IES\AsrIes.exe
PRC - [2007-05-30 14: 14: 22 | 000,050,688 | ---- | M] () -- C: \Program Files (x86)\KatMouse\KatMouse.exe
[color=#E56717]========== Modules (No Company Name) ==========[/color]
MOD - [2012-08-01 22: 34: 43 | 000,192,512 | ---- | M] () -- C: \Users\Pusz\AppData\Local\Temp\sfamcc00001.dll
MOD - [2012-08-01 22: 34: 43 | 000,172,032 | ---- | M] () -- C: \Users\Pusz\AppData\Local\Temp\sfareca00001.dll
MOD - [2012-08-01 11: 48: 33 | 002,249,696 | ---- | M] () -- C: \Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012-07-31 11: 49: 37 | 009,465,032 | ---- | M] () -- C: \Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll
MOD - [2012-06-14 18: 13: 14 | 000,008,648 | ---- | M] () -- C: \Program Files (x86)\Innovative Solutions\DriverMax\sync.dll
MOD - [2012-06-13 17: 43: 19 | 000,212,992 | ---- | M] () -- C: \Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\69ca4a43ba14b66689715ad62aed70e6\System.ServiceProcess.ni.dll
MOD - [2012-06-13 17: 43: 13 | 011,833,344 | ---- | M] () -- C: \Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll
MOD - [2012-06-13 17: 42: 52 | 012,436,480 | ---- | M] () -- C: \Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012-06-13 17: 42: 46 | 001,591,808 | ---- | M] () -- C: \Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012-06-12 17: 31: 09 | 000,132,664 | ---- | M] () -- C: \Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\SiteSafety.dll
MOD - [2012-06-12 17: 31: 08 | 001,104,440 | ---- | M] () -- C: \Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2012-05-10 01: 13: 51 | 001,051,136 | ---- | M] () -- C: \Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll
MOD - [2012-05-10 01: 11: 10 | 000,771,584 | ---- | M] () -- C: \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012-05-10 01: 10: 40 | 000,025,600 | ---- | M] () -- C: \Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\2ec98ab0193d64e95b7d09d094deed97\Accessibility.ni.dll
MOD - [2012-05-10 01: 10: 31 | 003,347,968 | ---- | M] () -- C: \Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012-05-10 01: 10: 27 | 005,452,800 | ---- | M] () -- C: \Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012-05-10 01: 10: 23 | 007,967,232 | ---- | M] () -- C: \Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012-05-10 01: 10: 19 | 011,492,864 | ---- | M] () -- C: \Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2011-03-17 01: 11: 16 | 004,297,568 | ---- | M] () -- C: \PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
MOD - [2010-11-13 04: 03: 59 | 000,425,984 | ---- | M] () -- C: \Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_pl_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2010-11-13 04: 03: 49 | 000,311,296 | ---- | M] () -- C: \Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010-11-06 13: 31: 36 | 001,132,032 | ---- | M] () -- C: \Program Files (x86)\RadeonPro\V8.Net.dll
MOD - [2010-10-20 16: 45: 26 | 008,801,120 | ---- | M] () -- C: \PROGRA~2\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2009-06-10 15: 10: 44 | 000,032,768 | ---- | M] () -- C: \Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_pl_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2008-12-30 18: 23: 28 | 000,214,528 | ---- | M] () -- C: \Program Files (x86)\KatMouse\KatMouseH.dll
MOD - [2007-06-22 16: 48: 58 | 000,044,032 | ---- | M] () -- C: \Program Files (x86)\KatMouse\KatMouseS.dll
MOD - [2007-05-30 14: 14: 22 | 000,050,688 | ---- | M] () -- C: \Program Files (x86)\KatMouse\KatMouse.exe
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV: [b]64bit: [/b] - [2012-05-25 01: 07: 32 | 000,236,544 | ---- | M] (AMD) [Auto | Running] -- C: \Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV: [b]64bit: [/b] - [2012-04-24 17: 32: 38 | 000,584,224 | ---- | M] (Soluto) [Auto | Stopped] -- C: \Program Files\Soluto\SolutoService.exe -- (SolutoService)
SRV: [b]64bit: [/b] - [2012-04-05 13: 08: 24 | 000,035,648 | ---- | M] (TuneUp Software) [Auto | Running] -- C: \Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV: [b]64bit: [/b] - [2012-03-12 17: 07: 56 | 000,204,792 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C: \Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe -- (NitroReaderDriverReadSpool2)
SRV: [b]64bit: [/b] - [2012-02-17 20: 56: 20 | 000,027,760 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C: \Windows\SysNative\ViakaraokeSrv.exe -- (VIAKaraokeService)
SRV: [b]64bit: [/b] - [2011-12-05 23: 15: 08 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C: \Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV: [b]64bit: [/b] - [2011-06-29 17: 25: 12 | 003,246,920 | ---- | M] (O&O Software GmbH) [Auto | Running] -- C: \Program Files\OO Software\Defrag\oodag.exe -- (OODefragAgent)
SRV: [b]64bit: [/b] - [2009-07-14 03: 41: 27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C: \Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV: [b]64bit: [/b] - [2009-07-14 03: 40: 01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C: \Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012-08-01 11: 48: 33 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C: \Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-07-31 11: 49: 37 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C: \Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-06-27 11: 58: 22 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C: \Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012-06-12 17: 31: 08 | 000,935,480 | ---- | M] () [Auto | Running] -- C: \Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe -- (vToolbarUpdater11.1.0)
SRV - [2012-04-05 13: 08: 34 | 002,143,552 | ---- | M] (TuneUp Software) [Auto | Running] -- C: \Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012-04-05 13: 08: 24 | 000,028,992 | ---- | M] (TuneUp Software) [Auto | Running] -- C: \Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2012-01-29 17: 22: 26 | 000,075,136 | ---- | M] () [Auto | Running] -- C: \Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011-11-23 03: 36: 24 | 002,391,832 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C: \Program Files (x86)\AVG\AVG2012\avgfws.exe -- (avgfws)
SRV - [2011-10-12 07: 25: 22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C: \Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011-08-02 07: 09: 08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C: \Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011-03-01 23: 17: 54 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C: \Windows\SysWOW64\srvany.exe -- (KMService)
SRV - [2011-02-10 02: 00: 16 | 000,012,800 | ---- | M] (Mr. John aka japamd) [Auto | Running] -- C: \Program Files (x86)\RadeonPro\RadeonProSupport.exe -- (RadeonPro Support Service)
SRV - [2010-03-18 14: 16: 28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C: \Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-09-20 12: 55: 20 | 001,037,824 | ---- | M] (Hewlett-Packard Co.) [On_Demand | Running] -- C: \Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009-06-10 23: 23: 09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C: \Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009-05-05 05: 45: 50 | 000,124,256 | ---- | M] () [Auto | Stopped] -- C: \Program Files (x86)\AMD\OverDrive\AODAssist.exe -- (AODService)
SRV - [2007-05-31 17: 11: 54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C: \Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007-05-31 17: 11: 46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C: \Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV: [b]64bit: [/b] - [2012-08-01 23: 32: 16 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C: \Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV: [b]64bit: [/b] - [2012-06-27 11: 58: 24 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C: \Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV: [b]64bit: [/b] - [2012-05-25 22: 23: 14 | 000,438,376 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C: \Windows\SysNative\drivers\Rtenic64.sys -- (RTLE8023x64)
DRV: [b]64bit: [/b] - [2012-05-25 01: 27: 42 | 011,175,424 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV: [b]64bit: [/b] - [2012-05-25 01: 27: 42 | 011,175,424 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C: \Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV: [b]64bit: [/b] - [2012-05-24 23: 54: 34 | 000,343,040 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C: \Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV: [b]64bit: [/b] - [2012-05-16 08: 22: 10 | 000,678,544 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV: [b]64bit: [/b] - [2012-04-24 17: 13: 24 | 000,054,728 | ---- | M] (Soluto LTD.) [File_System | Boot | Stopped] -- C: \Windows\SysNative\drivers\Soluto.sys -- (Soluto)
DRV: [b]64bit: [/b] - [2012-04-10 07: 40: 58 | 000,082,560 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C: \Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV: [b]64bit: [/b] - [2012-04-10 07: 40: 58 | 000,042,624 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C: \Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV: [b]64bit: [/b] - [2012-03-16 16: 02: 54 | 000,685,672 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV: [b]64bit: [/b] - [2012-03-01 08: 46: 16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C: \Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV: [b]64bit: [/b] - [2012-01-19 22: 33: 40 | 000,530,488 | ---- | M] () [Kernel | Boot | Running] -- C: \Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV: [b]64bit: [/b] - [2011-12-29 13: 37: 44 | 000,035,120 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C: \Windows\SysNative\drivers\LPCFilter.sys -- (LPCFilter)
DRV: [b]64bit: [/b] - [2011-12-17 16: 43: 28 | 000,011,904 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C: \Windows\SysNative\drivers\amdide64.sys -- (amdide64)
DRV: [b]64bit: [/b] - [2011-12-08 06: 22: 38 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\ssudserd.sys -- (ssudserd)
DRV: [b]64bit: [/b] - [2011-12-08 06: 22: 38 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV: [b]64bit: [/b] - [2011-12-08 06: 22: 38 | 000,098,616 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV: [b]64bit: [/b] - [2011-10-27 03: 25: 56 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\sscemdm.sys -- (sscemdm)
DRV: [b]64bit: [/b] - [2011-10-27 03: 25: 56 | 000,129,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\ssceserd.sys -- (ssceserd)
DRV: [b]64bit: [/b] - [2011-10-27 03: 25: 56 | 000,127,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\sscebus.sys -- (sscebus)
DRV: [b]64bit: [/b] - [2011-10-27 03: 25: 56 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\sscemdfl.sys -- (sscemdfl)
DRV: [b]64bit: [/b] - [2011-10-20 11: 24: 06 | 000,157,696 | ---- | M] (Matrox Graphics Inc.) [Kernel | Boot | Running] -- C: \Windows\SysNative\drivers\MxEFUF64.sys -- (MxEFUF)
DRV: [b]64bit: [/b] - [2011-10-17 19: 40: 50 | 000,093,712 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C: \Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV: [b]64bit: [/b] - [2011-10-07 07: 23: 46 | 000,283,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C: \Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV: [b]64bit: [/b] - [2011-09-13 07: 30: 08 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C: \Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV: [b]64bit: [/b] - [2011-08-08 07: 08: 58 | 000,046,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C: \Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV: [b]64bit: [/b] - [2011-07-11 02: 14: 36 | 000,375,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C: \Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV: [b]64bit: [/b] - [2011-07-11 02: 14: 08 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C: \Windows\SysNative\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV: [b]64bit: [/b] - [2011-07-11 02: 14: 06 | 000,120,400 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C: \Windows\SysNative\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV: [b]64bit: [/b] - [2011-07-11 02: 14: 06 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C: \Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV: [b]64bit: [/b] - [2011-06-24 07: 31: 02 | 000,055,424 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C: \Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV: [b]64bit: [/b] - [2011-05-23 02: 03: 28 | 000,048,992 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C: \Windows\SysNative\drivers\avgfwd6a.sys -- (Avgfwfd)
DRV: [b]64bit: [/b] - [2011-01-15 18: 21: 04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV: [b]64bit: [/b] - [2010-11-20 15: 33: 35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV: [b]64bit: [/b] - [2010-11-20 13: 07: 05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV: [b]64bit: [/b] - [2010-11-20 13: 03: 42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV: [b]64bit: [/b] - [2010-11-06 23: 24: 34 | 000,024,176 | ---- | M] () [Kernel | On_Demand | Stopped] -- C: \Program Files\PeerBlock\pbfilter.sys -- (pbfilter)
DRV: [b]64bit: [/b] - [2010-10-25 11: 10: 22 | 000,020,552 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\dgderdrv.sys -- (dgderdrv)
DRV: [b]64bit: [/b] - [2010-07-01 19: 11: 24 | 000,012,352 | ---- | M] () [Kernel | "Start" not found. | Unknown] -- C: \Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV: [b]64bit: [/b] - [2010-05-06 05: 21: 46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV: [b]64bit: [/b] - [2010-02-18 09: 18: 24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C: \Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV: [b]64bit: [/b] - [2009-10-07 11: 13: 34 | 000,070,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C: \Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV: [b]64bit: [/b] - [2009-10-07 11: 13: 34 | 000,028,728 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C: \Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV: [b]64bit: [/b] - [2009-09-01 16: 29: 56 | 000,157,712 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C: \Windows\SysNative\drivers\kl1.sys -- (kl1)
DRV: [b]64bit: [/b] - [2009-07-14 03: 52: 20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV: [b]64bit: [/b] - [2009-07-14 03: 48: 04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV: [b]64bit: [/b] - [2009-07-14 03: 45: 55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV: [b]64bit: [/b] - [2009-07-14 02: 09: 02 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C: \Windows\SysNative\drivers\irda.sys -- (irda)
DRV: [b]64bit: [/b] - [2009-06-10 22: 34: 33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV: [b]64bit: [/b] - [2009-06-10 22: 34: 28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV: [b]64bit: [/b] - [2009-06-10 22: 34: 23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV: [b]64bit: [/b] - [2009-06-10 22: 31: 59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV: [b]64bit: [/b] - [2009-04-08 19: 44: 58 | 000,232,464 | ---- | M] (Advanced Micro Devices, Inc) [Kernel | Boot | Running] -- C: \Windows\SysNative\drivers\ahcix64s.sys -- (ahcix64s)
DRV: [b]64bit: [/b] - [2008-12-19 05: 43: 30 | 001,120,768 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C: \Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV: [b]64bit: [/b] - [2008-02-14 08: 12: 00 | 001,854,976 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C: \Windows\SysNative\drivers\monfilt.sys -- (monfilt)
DRV: [b]64bit: [/b] - [2008-01-19 06: 36: 12 | 000,027,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C: \Windows\SysNative\drivers\irsir.sys -- (irsir)
DRV: [b]64bit: [/b] - [2007-06-19 07: 50: 54 | 000,143,400 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\s816mdm.sys -- (s816mdm)
DRV: [b]64bit: [/b] - [2007-06-19 07: 50: 54 | 000,124,968 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\s816mgmt.sys -- (s816mgmt)
DRV: [b]64bit: [/b] - [2007-06-19 07: 50: 54 | 000,121,896 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\s816obex.sys -- (s816obex)
DRV: [b]64bit: [/b] - [2007-06-19 07: 50: 48 | 000,018,472 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\s816mdfl.sys -- (s816mdfl)
DRV: [b]64bit: [/b] - [2007-06-19 07: 50: 46 | 000,107,048 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\s816bus.sys -- (s816bus)
DRV: [b]64bit: [/b] - [2007-04-03 14: 57: 40 | 000,130,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\s116unic.sys -- (s116unic)
DRV: [b]64bit: [/b] - [2007-04-03 14: 57: 38 | 000,031,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\s116nd5.sys -- (s116nd5)
DRV: [b]64bit: [/b] - [2007-04-03 13: 57: 40 | 000,123,656 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\s116obex.sys -- (s116obex)
DRV: [b]64bit: [/b] - [2007-04-03 13: 57: 38 | 000,126,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\s116mgmt.sys -- (s116mgmt)
DRV: [b]64bit: [/b] - [2007-04-03 13: 57: 36 | 000,144,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\s116mdm.sys -- (s116mdm)
DRV: [b]64bit: [/b] - [2007-04-03 13: 57: 36 | 000,019,720 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\s116mdfl.sys -- (s116mdfl)
DRV: [b]64bit: [/b] - [2007-04-03 13: 57: 34 | 000,108,296 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\s116bus.sys -- (s116bus)
DRV - [2011-11-08 22: 25: 24 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C: \Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2011-02-05 16: 00: 18 | 000,021,712 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C: \Windows\SysWOW64\drivers\DrvAgent64.SYS -- (DrvAgent64)
DRV - [2010-10-25 11: 03: 52 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C: \Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)
DRV - [2009-07-14 03: 19: 10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C: \Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE: [b]64bit: [/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE: [b]64bit: [/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http: //www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http: //www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http: //www.msn.com/
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http: //www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http: //isearch.avg.com/search?cid={5445E9E2-9937-4FDB-844D-E42375B08F1E}&mid=e52a6837447347d1a107d16c64e053cb-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=en&ds=gm011&pr=sa&d=2012-03-26 21: 24: 58&v=10.2.0.3&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http: //www.daemon-search.com/search/web?q={searchTerms}
IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http: //search.sweetim.com/search.asp?src=6&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "about: home"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}: 1.3.2
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru: 9.0.0.736
FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com: 4.51
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}: 6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}: 6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}: 6.0.23
FF - prefs.js..extensions.enabledItems: 2020Player@2020Technologies.com: 4.5.4.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}: 6.0.24
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}: 2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: 5.5
FF - prefs.js..keyword.URL: "http: //www.google.pl/search?hl=pl&q="
FF: [b]64bit: [/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C: \Windows\system32\Macromed\Flash\NPSWF64_11_3_300_268.dll File not found
FF: [b]64bit: [/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C: \Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF: [b]64bit: [/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C: \Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF: [b]64bit: [/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF: [b]64bit: [/b] - HKLM\Software\MozillaPlugins\[url=http: //windows7forum.pl/microsoft-33418-u]Microsoft[/url].com/NpCtrl,version=1.0: c: \Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF: [b]64bit: [/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C: \PROGRA~1\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C: \Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C: \Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C: \Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C: \ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C: \Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C: \Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\[url=http: //windows7forum.pl/microsoft-33418-u]Microsoft[/url].com/NpCtrl,version=1.0: c: \Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C: \PROGRA~2\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C: \PROGRA~2\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C: \Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll ( )
FF - HKLM\Software\MozillaPlugins\@vividas.com/npVividasPlayer: C: \Program Files (x86)\Vividas\Player\npVividasPlayer.dll ( )
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C: \Users\Pusz\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C: \Users\Pusz\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C: \Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-03-23 17: 24: 32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C: \Program Files (x86)\AVG\AVG2012\Firefox4\ [2012-02-09 16: 38: 11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C: \ProgramData\AVG Secure Search\11.1.0.7\ [2012-06-12 17: 31: 12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fmconverter@gmail.com: C: \Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2012-05-03 10: 13: 04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C: \Program Files (x86)\Mozilla Firefox\components [2012-08-01 19: 34: 39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C: \Program Files (x86)\Mozilla Firefox\plugins [2012-08-01 19: 34: 39 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C: \Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-03-23 17: 24: 32 | 000,000,000 | ---D | M]
[2012-03-21 13: 12: 04 | 000,000,000 | ---D | M] (No name found) -- C: \Users\Pusz\AppData\Roaming\mozilla\Extensions
[2012-03-21 13: 12: 04 | 000,000,000 | ---D | M] (No name found) -- C: \Users\Pusz\AppData\Roaming\mozilla\Extensions\prism@developer.mozilla.org
[2012-07-31 11: 08: 03 | 000,000,000 | ---D | M] (No name found) -- C: \Users\Pusz\AppData\Roaming\mozilla\Firefox\Profiles\awbtheky.default\extensions
[2011-01-26 15: 22: 08 | 000,000,000 | ---D | M] (20-20 3D Viewer) -- C: \Users\Pusz\AppData\Roaming\mozilla\Firefox\Profiles\awbtheky.default\extensions\2020Player@2020Technologies.com
[2012-05-17 18: 28: 43 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C: \Users\Pusz\AppData\Roaming\mozilla\Firefox\Profiles\awbtheky.default\extensions\ich@maltegoetz.de
[2011-12-21 12: 31: 33 | 000,000,000 | ---D | M] (Open in Private Browsing Mode) -- C: \Users\Pusz\AppData\Roaming\mozilla\Firefox\Profiles\awbtheky.default\extensions\jid1-0FHdJAAQ7Nb73Q@jetpack
[2012-07-31 11: 09: 33 | 000,000,000 | ---D | M] (rein) -- C: \Users\Pusz\AppData\Roaming\mozilla\Firefox\Profiles\awbtheky.default\extensions\rein@notiz.jp
[2010-08-20 01: 17: 07 | 000,002,059 | ---- | M] () -- C: \Users\Pusz\AppData\Roaming\Mozilla\Firefox\Profiles\awbtheky.default\searchplugins\daemon-search.xml
[2012-03-12 21: 53: 17 | 000,000,000 | ---D | M] (No name found) -- C: \Program Files (x86)\mozilla firefox\extensions
[2010-03-11 19: 06: 38 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C: \Program Files (x86)\mozilla firefox\extensions\linkfilter@kaspersky.ru
[2012-08-01 11: 48: 34 | 000,000,000 | ---D | M] (No name found) -- C: \Program Files (x86)\mozilla firefox\distribution\extensions
[2012-05-31 06: 44: 40 | 000,505,801 | ---- | M] () (No name found) -- C: \USERS\PUSZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AWBTHEKY.DEFAULT\EXTENSIONS\{1280606B-2510-4FE0-97EF-9B5A22EAFE30}.XPI
[2011-04-06 18: 37: 12 | 000,079,135 | ---- | M] () (No name found) -- C: \USERS\PUSZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AWBTHEKY.DEFAULT\EXTENSIONS\{1A2D0EC4-75F5-4C91-89C4-3656F6E44B68}.XPI
[2012-07-25 08: 28: 44 | 000,276,167 | ---- | M] () (No name found) -- C: \USERS\PUSZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AWBTHEKY.DEFAULT\EXTENSIONS\{64161300-E22B-11DB-8314-0800200C9A66}.XPI
[2012-07-10 23: 00: 14 | 000,177,357 | ---- | M] () (No name found) -- C: \USERS\PUSZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AWBTHEKY.DEFAULT\EXTENSIONS\{C36177C0-224A-11DA-8CD6-0800200C9A91}.XPI
[2012-04-03 21: 22: 40 | 000,140,964 | ---- | M] () (No name found) -- C: \USERS\PUSZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AWBTHEKY.DEFAULT\EXTENSIONS\FIREGESTURES@XULDEV.ORG.XPI
[2012-04-13 20: 17: 32 | 000,049,306 | ---- | M] () (No name found) -- C: \USERS\PUSZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AWBTHEKY.DEFAULT\EXTENSIONS\MP4DOWNLOADER@JEFF.NET.XPI
[2012-03-23 19: 46: 36 | 001,184,804 | ---- | M] () (No name found) -- C: \USERS\PUSZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AWBTHEKY.DEFAULT\EXTENSIONS\TESTPILOT@LABS.MOZILLA.COM.XPI
[2012-07-25 08: 28: 44 | 000,234,654 | ---- | M] () (No name found) -- C: \USERS\PUSZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AWBTHEKY.DEFAULT\EXTENSIONS\THUMBNAILZOOM@DADLER.GITHUB.COM.XPI
[2012-08-01 11: 48: 34 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C: \Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010-11-30 16: 11: 52 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C: \Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2011-11-10 22: 35: 18 | 000,002,105 | ---- | M] () -- C: \Program Files (x86)\mozilla firefox\searchplugins\adawaretb.xml
[2012-08-01 11: 48: 31 | 000,002,767 | ---- | M] () -- C: \Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2012-07-10 23: 28: 12 | 000,003,769 | ---- | M] () -- C: \Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012-08-01 11: 48: 31 | 000,001,406 | ---- | M] () -- C: \Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2012-08-01 11: 48: 31 | 000,000,917 | ---- | M] () -- C: \Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2012-08-01 11: 48: 31 | 000,000,858 | ---- | M] () -- C: \Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2012-08-01 11: 48: 31 | 000,001,183 | ---- | M] () -- C: \Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-08-01 11: 48: 31 | 000,001,683 | ---- | M] () -- C: \Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml
[color=#E56717]========== Chrome ==========[/color]
CHR - homepage: http: //home.sweetim.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google: baseURL}search?{google: RLZ}{google: acceptedSuggestion}{google: originalQueryForSuggestion}{google: searchFieldtrialParameter}{google: instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google: baseSuggestURL}search?{google: searchFieldtrialParameter}{google: instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http: //home.sweetim.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C: \Users\Pusz\AppData\Local\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C: \Users\Pusz\AppData\Local\Google\Chrome\Application\19.0.1084.52\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C: \Users\Pusz\AppData\Local\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C: \Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C: \Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C: \Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Winamp Application Detector (Enabled) = C: \Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: DivX Web Player (Enabled) = C: \Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Picasa (Enabled) = C: \Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Vividas Player Plugin (Enabled) = C: \Program Files (x86)\Vividas\Player\npVividasPlayer.dll
CHR - plugin: QUAKE LIVE (Enabled) = C: \ProgramData\id Software\QuakeLive\npquakezero.dll
CHR - plugin: Google Update (Enabled) = C: \Users\Pusz\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c: \Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C: \Users\Pusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Szukaj w Google = C: \Users\Pusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Freemake Video Converter = C: \Users\Pusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj\1.0.0_0\
CHR - Extension: AVG Safe Search = C: \Users\Pusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\
CHR - Extension: Gmail = C: \Users\Pusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2011-12-24 17: 34: 57 | 000,001,240 | ---- | M]) - C: \Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2: [b]64bit: [/b] - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C: \Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2: [b]64bit: [/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C: \Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2: [b]64bit: [/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C: \Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C: \Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C: \PROGRA~2\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C: \Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C: \Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C: \PROGRA~2\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C: \Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3: [b]64bit: [/b] - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C: \Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C: \Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C: \Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C: \Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C: \Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [VIAJDS] C: \Program Files (x86)\VIA\VIAudioi\HDADeck\VIAJDS.exe (TODO: <Company name>)
O4 - HKLM..\Run: [vProt] C: \Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [DAEMON Tools Lite] C: \Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [DriverMax] C: \Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe (Innovative Solutions)
O4 - HKCU..\Run: [DriverMax_RESTART] C: \Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe (Innovative Solutions)
O4 - HKCU..\Run: [F.lux] C: \Users\Pusz\Local Settings\Apps\F.lux\flux.exe ()
O4 - HKCU..\Run: [RadeonPro] C: \Program Files (x86)\RadeonPro\RadeonPro.exe (Mr. John aka japamd)
O4 - Startup: C: \Users\Pusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\KatMouse.lnk = C: \Program Files (x86)\KatMouse\KatMouse.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8: [b]64bit: [/b] - Extra context menu item: Add to Google Photos Screensa&ver - res: //C: \Windows\system32\GPhotos.scr/200 File not found
O8: [b]64bit: [/b] - Extra context menu item: E&ksportuj do programu Microsoft Excel - res: //C: \PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8: [b]64bit: [/b] - Extra context menu item: E&xport to Microsoft Excel - res: //C: \PROGRA~2\Microsoft Office\Office14\EXCEL.EXE/3000 File not found
O8: [b]64bit: [/b] - Extra context menu item: Se&nd to OneNote - res: //C: \PROGRA~2\Microsoft Office\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C: \Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res: //C: \PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res: //C: \PROGRA~2\Microsoft Office\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Se&nd to OneNote - res: //C: \PROGRA~2\Microsoft Office\Office14\ONBttnIE.dll/105 File not found
O9 - Extra Button: @C: \Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C: \Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C: \Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C: \Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O13[b]64bit: [/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B421F2EC-F5E5-4625-ABBA-4DA02E3123D6}: NameServer = 95.158.95.95,95.158.95.96
O18: [b]64bit: [/b] - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C: \Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18: [b]64bit: [/b] - Protocol\Handler\ms-help - No CLSID value found
O18: [b]64bit: [/b] - Protocol\Handler\viprotocol - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C: \Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C: \Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll ()
O20: [b]64bit: [/b] - HKLM Winlogon: Shell - (explorer.exe) - C: \Windows\explorer.exe (Microsoft Corporation)
O20: [b]64bit: [/b] - HKLM Winlogon: UserInit - (C: \Windows\system32\userinit.exe) - C: \Windows\SysNative\userinit.exe (Microsoft Corporation)
O20: [b]64bit: [/b] - HKLM Winlogon: UserInit - (C: \Program Files\Soluto\soluto.exe /userinit) - C: \Program Files\Soluto\soluto.exe (Soluto)
O20: [b]64bit: [/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C: \Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20: [b]64bit: [/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C: \Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C: \Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21: [b]64bit: [/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22: [b]64bit: [/b] - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - C: \Program Files (x86)\Stardock\Fences\FencesMenu64.dll (Stardock)
O27: [b]64bit: [/b] - HKLM IFEO\excel.exe: Debugger - C: \Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27: [b]64bit: [/b] - HKLM IFEO\groove.exe: Debugger - C: \Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27: [b]64bit: [/b] - HKLM IFEO\infopath.exe: Debugger - C: \Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27: [b]64bit: [/b] - HKLM IFEO\misc.exe: Debugger - C: \Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27: [b]64bit: [/b] - HKLM IFEO\msaccess.exe: Debugger - C: \Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27: [b]64bit: [/b] - HKLM IFEO\msoxmled.exe: Debugger - C: \Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27: [b]64bit: [/b] - HKLM IFEO\mspub.exe: Debugger - C: \Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27: [b]64bit: [/b] - HKLM IFEO\mstore.exe: Debugger - C: \Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27: [b]64bit: [/b] - HKLM IFEO\ois.exe: Debugger - C: \Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27: [b]64bit: [/b] - HKLM IFEO\onenote.exe: Debugger - C: \Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27: [b]64bit: [/b] - HKLM IFEO\outlook.exe: Debugger - C: \Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27: [b]64bit: [/b] - HKLM IFEO\powerpnt.exe: Debugger - C: \Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27: [b]64bit: [/b] - HKLM IFEO\setup.exe: Debugger - C: \Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27: [b]64bit: [/b] - HKLM IFEO\Winword.exe: Debugger - C: \Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\excel.exe: Debugger - C: \Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\groove.exe: Debugger - C: \Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\infopath.exe: Debugger - C: \Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\misc.exe: Debugger - C: \Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\msaccess.exe: Debugger - C: \Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\msoxmled.exe: Debugger - C: \Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\mspub.exe: Debugger - C: \Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\mstore.exe: Debugger - C: \Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\ois.exe: Debugger - C: \Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\onenote.exe: Debugger - C: \Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\outlook.exe: Debugger - C: \Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\powerpnt.exe: Debugger - C: \Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\setup.exe: Debugger - C: \Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\Winword.exe: Debugger - C: \Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C: \PROGRA~2\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012-07-27 23: 50: 03 | 000,000,115 | R--- | M] () - G: \autorun.inf -- [ CDFS ]
O33 - MountPoints2\{2b028388-fdef-11df-b80c-00252204ba38}\Shell - "" = AutoRun
O33 - MountPoints2\{2b028388-fdef-11df-b80c-00252204ba38}\Shell\AutoRun\command - "" = H: \LaunchU3.exe -a
O33 - MountPoints2\{4ebc14fe-e131-11df-885e-00252204ba38}\Shell - "" = AutoRun
O33 - MountPoints2\{4ebc14fe-e131-11df-885e-00252204ba38}\Shell\AutoRun\command - "" = G: \autorun.exe
O33 - MountPoints2\{cc429a75-103a-11df-8b80-00252204ba38}\Shell - "" = AutoRun
O33 - MountPoints2\{cc429a75-103a-11df-8b80-00252204ba38}\Shell\AutoRun\command - "" = G: \Autoplay.exe
O33 - MountPoints2\{f63422a1-4fd7-11e1-9197-00252204ba38}\Shell - "" = AutoRun
O33 - MountPoints2\{f63422a1-4fd7-11e1-9197-00252204ba38}\Shell\AutoRun\command - "" = J: \LaunchU3.exe -a
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H: \autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (OODBS)
O34 - HKLM BootExecute: (C: \PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35: [b]64bit: [/b] - HKLM\..comfile [open] -- "%1" %*
O35: [b]64bit: [/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37: [b]64bit: [/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37: [b]64bit: [/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv: UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv: ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
Malwerbytes nie znalazł nic, tak samo jak AVG. Czekam na pomoc i dzięki!
(Log podzieliłem na dwa posty)
Kod:
[2012-08-02 00: 09: 57 | 000,597,504 | ---- | C] (OldTimer Tools) -- C: \Users\Pusz\Desktop\OTL.exe
[2012-08-01 23: 46: 21 | 000,000,000 | ---D | C] -- C: \Users\Pusz\Documents\Activision
[2012-08-01 23: 32: 37 | 000,000,000 | ---D | C] -- C: \ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012-08-01 23: 32: 16 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C: \Windows\SysNative\drivers\dtsoftbus01.sys
[2012-08-01 23: 32: 07 | 000,000,000 | ---D | C] -- C: \Program Files (x86)\DAEMON Tools Lite
[2012-08-01 19: 34: 33 | 000,000,000 | ---D | C] -- C: \ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012-08-01 19: 34: 27 | 000,000,000 | ---D | C] -- C: \Program Files (x86)\QuickTime
[2012-08-01 19: 34: 27 | 000,000,000 | ---D | C] -- C: \ProgramData\Apple Computer
[2012-08-01 19: 33: 49 | 000,000,000 | ---D | C] -- C: \Program Files (x86)\Common Files\Apple
[2012-08-01 19: 33: 43 | 000,000,000 | ---D | C] -- C: \Users\Pusz\AppData\Local\Apple
[2012-08-01 19: 33: 42 | 000,000,000 | ---D | C] -- C: \Program Files (x86)\Apple Software Update
[2012-08-01 19: 33: 42 | 000,000,000 | ---D | C] -- C: \ProgramData\Apple
[2012-08-01 19: 31: 37 | 039,483,256 | ---- | C] (Apple Inc.) -- C: \Users\Pusz\Desktop\QuickTimeInstaller.exe
[2012-08-01 11: 56: 58 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C: \Windows\SysWow64\qdvd.dll
[2012-08-01 11: 56: 58 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C: \Windows\SysNative\qdvd.dll
[2012-07-31 17: 01: 32 | 000,000,000 | ---D | C] -- C: \Users\Pusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2012-07-31 11: 40: 06 | 000,000,000 | ---D | C] -- C: \Users\Pusz\AppData\Roaming\Canneverbe Limited
[2012-07-31 11: 40: 06 | 000,000,000 | ---D | C] -- C: \ProgramData\Canneverbe Limited
[2012-07-31 11: 39: 55 | 000,000,000 | ---D | C] -- C: \Program Files\CDBurnerXP
[2012-07-31 11: 26: 27 | 005,659,648 | ---- | C] (Canneverbe Limited ) -- C: \Users\Pusz\Desktop\cdbxp_setup_4.4.1.3243_x64.exe
[2012-07-31 11: 18: 37 | 003,907,920 | ---- | C] (Piriform Ltd) -- C: \Users\Pusz\Desktop\ccsetup321.exe
[2012-07-31 10: 42: 29 | 000,000,000 | ---D | C] -- C: \Program Files (x86)\Trend Micro
[2012-07-30 19: 03: 32 | 000,000,000 | ---D | C] -- C: \Users\Pusz\Desktop\Nowy folder
[2012-07-26 22: 31: 18 | 000,000,000 | ---D | C] -- C: \Program Files (x86)\Common Files\MAGIX Services
[2012-07-26 17: 40: 59 | 000,000,000 | ---D | C] -- C: \Program Files\K-Lite Codec Pack x64
[2012-07-25 09: 51: 12 | 000,000,000 | ---D | C] -- C: \Users\Pusz\AppData\Roaming\MAGIX
[2012-07-25 09: 50: 58 | 000,000,000 | ---D | C] -- C: \ProgramData\mufin
[2012-07-25 09: 50: 58 | 000,000,000 | ---D | C] -- C: \Program Files (x86)\mufin
[2012-07-25 09: 50: 50 | 000,000,000 | ---D | C] -- C: \ProgramData\MAGIX
[2012-07-25 08: 58: 14 | 000,000,000 | ---D | C] -- C: \ProgramData\ATI
[2012-07-25 08: 58: 12 | 000,000,000 | ---D | C] -- C: \Program Files (x86)\AMD AVT
[2012-07-23 23: 25: 27 | 000,000,000 | ---D | C] -- C: \Windows\SysNative\temp
[2012-07-23 23: 25: 27 | 000,000,000 | ---D | C] -- C: \ProgramData\PassMark
[2012-07-23 23: 25: 26 | 000,000,000 | ---D | C] -- C: \Users\Pusz\Documents\PassMark
[2012-07-23 23: 25: 26 | 000,000,000 | ---D | C] -- C: \Program Files\BurnInTest
[2012-07-16 19: 49: 06 | 000,000,000 | ---D | C] -- C: \ProgramData\OO Software
[2012-07-16 19: 49: 03 | 000,000,000 | ---D | C] -- C: \Program Files (x86)\OO Software
[2012-07-16 19: 46: 25 | 000,000,000 | ---D | C] -- C: \Users\Pusz\AppData\Local\O&O
[2012-07-11 15: 40: 30 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C: \Windows\SysNative\url.dll
[2012-07-11 15: 40: 30 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C: \Windows\SysWow64\url.dll
[2012-07-11 15: 40: 30 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C: \Windows\SysNative\mshtmled.dll
[2012-07-11 15: 40: 30 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C: \Windows\SysWow64\mshtmled.dll
[2012-07-11 15: 40: 29 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C: \Windows\SysNative\ieui.dll
[2012-07-11 15: 40: 29 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C: \Windows\SysWow64\ieui.dll
[2012-07-11 15: 40: 29 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C: \Windows\SysNative\ieUnatt.exe
[2012-07-11 15: 40: 29 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C: \Windows\SysWow64\ieUnatt.exe
[2012-07-11 15: 40: 28 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C: \Windows\SysNative\inetcpl.cpl
[2012-07-11 15: 40: 28 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C: \Windows\SysWow64\inetcpl.cpl
[2012-07-11 15: 40: 27 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C: \Windows\SysNative\jscript9.dll
[2012-07-11 15: 40: 27 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C: \Windows\SysNative\jscript.dll
[2012-07-11 15: 40: 27 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C: \Windows\SysWow64\jscript.dll
[2012-07-11 15: 39: 08 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C: \Windows\SysNative\ncrypt.dll
[2012-07-11 15: 39: 08 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C: \Windows\SysWow64\msxml3r.dll
[2012-07-11 15: 39: 08 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C: \Windows\SysNative\msxml3r.dll
[2012-07-11 15: 39: 06 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C: \Windows\SysNative\cdosys.dll
[2012-07-11 15: 39: 06 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C: \Windows\SysWow64\cdosys.dll
[2012-07-05 18: 40: 06 | 000,000,000 | ---D | C] -- C: \Users\Pusz\AppData\Roaming\Comodo
[2012-07-04 16: 05: 59 | 000,000,000 | ---D | C] -- C: \Users\Pusz\AppData\Local\Comodo
[2012-07-04 16: 05: 50 | 000,000,000 | ---D | C] -- C: \Program Files (x86)\Comodo
[2012-07-04 00: 03: 00 | 000,955,840 | ---- | C] (Oracle Corporation) -- C: \Windows\SysNative\npDeployJava1.dll
[2012-07-04 00: 03: 00 | 000,839,096 | ---- | C] (Oracle Corporation) -- C: \Windows\SysNative\deployJava1.dll
[2012-07-04 00: 03: 00 | 000,268,720 | ---- | C] (Oracle Corporation) -- C: \Windows\SysNative\javaws.exe
[2012-07-04 00: 02: 51 | 000,189,360 | ---- | C] (Oracle Corporation) -- C: \Windows\SysNative\javaw.exe
[2012-07-04 00: 02: 51 | 000,188,840 | ---- | C] (Oracle Corporation) -- C: \Windows\SysNative\java.exe
[2012-07-04 00: 02: 44 | 000,000,000 | ---D | C] -- C: \Program Files\Java
[2012-07-03 23: 59: 05 | 021,869,488 | ---- | C] (Oracle Corporation) -- C: \Users\Pusz\Desktop\jre-7u5-windows-x64.exe
[2012-07-03 23: 57: 21 | 000,000,000 | ---D | C] -- C: \Program Files (x86)\Common Files\Java
[2012-07-03 23: 56: 49 | 000,227,720 | ---- | C] (Oracle Corporation) -- C: \Windows\SysWow64\javaws.exe
[2012-07-03 23: 56: 42 | 000,174,064 | ---- | C] (Oracle Corporation) -- C: \Windows\SysWow64\javaw.exe
[2012-07-03 23: 56: 42 | 000,174,064 | ---- | C] (Oracle Corporation) -- C: \Windows\SysWow64\java.exe
[2012-07-03 23: 56: 34 | 000,000,000 | ---D | C] -- C: \Program Files (x86)\Java
[2012-07-03 23: 54: 52 | 000,894,448 | ---- | C] (Oracle Corporation) -- C: \Users\Pusz\Desktop\jxpiinstall.exe
[2012-07-03 23: 46: 17 | 003,889,704 | ---- | C] (Piriform Ltd) -- C: \Users\Pusz\Desktop\ccsetup320.exe
[2012-07-03 22: 59: 29 | 029,467,048 | ---- | C] (COMODO) -- C: \Users\Pusz\Desktop\DragonSetup.exe
[2012-07-03 20: 10: 58 | 000,000,000 | ---D | C] -- C: \ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012-07-03 20: 10: 58 | 000,000,000 | ---D | C] -- C: \Program Files (x86)\MALWAREBYTES ANTI-MALWARE
[2012-07-03 20: 10: 57 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C: \Windows\SysNative\drivers\mbam.sys
[2012-07-03 20: 10: 57 | 000,000,000 | ---D | C] -- C: \Program Files (x86)\Malwarebytes' Anti-Malware
[2012-07-03 19: 55: 07 | 000,000,000 | ---D | C] -- C: \Users\Pusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[1 C: \Windows\*.tmp files -> C: \Windows\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2012-08-02 00: 09: 57 | 000,597,504 | ---- | M] (OldTimer Tools) -- C: \Users\Pusz\Desktop\OTL.exe
[2012-08-01 23: 49: 00 | 000,000,930 | ---- | M] () -- C: \Windows\tasks\Adobe Flash Player Updater.job
[2012-08-01 23: 44: 19 | 000,000,697 | ---- | M] () -- C: \Users\Pusz\Desktop\prototype2.exe — skrót.lnk
[2012-08-01 23: 32: 41 | 000,001,958 | ---- | M] () -- C: \Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012-08-01 23: 32: 16 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C: \Windows\SysNative\drivers\dtsoftbus01.sys
[2012-08-01 23: 17: 01 | 000,001,209 | ---- | M] () -- C: \Users\Pusz\Application Data\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk
[2012-08-01 23: 17: 01 | 000,001,185 | ---- | M] () -- C: \Users\Public\Desktop\GOM Player.lnk
[2012-08-01 19: 38: 11 | 000,014,192 | -H-- | M] () -- C: \Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-08-01 19: 38: 11 | 000,014,192 | -H-- | M] () -- C: \Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-08-01 19: 32: 12 | 039,483,256 | ---- | M] (Apple Inc.) -- C: \Users\Pusz\Desktop\QuickTimeInstaller.exe
[2012-08-01 15: 09: 53 | 102,697,338 | ---- | M] () -- C: \Windows\SysNative\drivers\AVG\incavi.avm
[2012-08-01 14: 49: 25 | 000,067,584 | --S- | M] () -- C: \Windows\bootstat.dat
[2012-08-01 14: 49: 22 | 2146,148,351 | -HS- | M] () -- C: \hiberfil.sys
[2012-08-01 14: 49: 19 | 000,897,028 | ---- | M] () -- C: \Windows\SysNative\oodbs.lor
[2012-07-31 17: 01: 32 | 000,003,003 | ---- | M] () -- C: \Users\Pusz\Desktop\HiJackThis.lnk
[2012-07-31 17: 00: 50 | 001,402,880 | ---- | M] () -- C: \Users\Pusz\Desktop\HiJackThis.msi
[2012-07-31 11: 49: 37 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C: \Windows\SysWow64\FlashPlayerApp.exe
[2012-07-31 11: 49: 37 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C: \Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012-07-31 11: 39: 56 | 000,001,750 | ---- | M] () -- C: \Users\Public\Desktop\CDBurnerXP.lnk
[2012-07-31 11: 26: 31 | 005,659,648 | ---- | M] (Canneverbe Limited ) -- C: \Users\Pusz\Desktop\cdbxp_setup_4.4.1.3243_x64.exe
[2012-07-31 11: 19: 11 | 000,000,824 | ---- | M] () -- C: \Users\Public\Desktop\CCleaner.lnk
[2012-07-31 11: 18: 38 | 003,907,920 | ---- | M] (Piriform Ltd) -- C: \Users\Pusz\Desktop\ccsetup321.exe
[2012-07-23 23: 24: 02 | 000,069,043 | ---- | M] () -- C: \Users\Pusz\Desktop\memtest86+-4.20.iso.zip
[2012-07-11 15: 46: 41 | 000,441,648 | ---- | M] () -- C: \Windows\SysNative\FNTCACHE.DAT
[2012-07-08 11: 37: 17 | 000,767,072 | ---- | M] () -- C: \Users\Pusz\Desktop\green 038.jpg
[2012-07-04 00: 02: 45 | 000,955,840 | ---- | M] (Oracle Corporation) -- C: \Windows\SysNative\npDeployJava1.dll
[2012-07-04 00: 02: 45 | 000,839,096 | ---- | M] (Oracle Corporation) -- C: \Windows\SysNative\deployJava1.dll
[2012-07-04 00: 02: 45 | 000,268,720 | ---- | M] (Oracle Corporation) -- C: \Windows\SysNative\javaws.exe
[2012-07-04 00: 02: 45 | 000,189,360 | ---- | M] (Oracle Corporation) -- C: \Windows\SysNative\javaw.exe
[2012-07-04 00: 02: 45 | 000,188,840 | ---- | M] (Oracle Corporation) -- C: \Windows\SysNative\java.exe
[2012-07-03 23: 59: 18 | 021,869,488 | ---- | M] (Oracle Corporation) -- C: \Users\Pusz\Desktop\jre-7u5-windows-x64.exe
[2012-07-03 23: 56: 36 | 000,174,064 | ---- | M] (Oracle Corp
(Ten post był ostatnio modyfikowany: 02.08.2012 00:01 przez pypciu.)
01.08.2012 23:41
|