Skocz do zawartości

Wirus Ukash: Pomocy!


Rekomendowane odpowiedzi

Witajcie! Ostatnio od glupiego klikania na reklamy, zalapalem okropnie denerwujacego wirusa Ukash. Aby ,,splacic kare" musialbym zaplacic 500zl za pomoca Ukash albo Paysafecard. Na szczescie jest od czegos tryb Awaryjny z obsluga sieci... Niestety wirus byl tak zaawansowany, ze dostal sie takze do trybu awaryjnego. Pozostal mi tylko Awaryjny z Wierszem Polecenia. Bardzo prosilbym o szczegulowa pomoc. Ponizej przesylam logi z OLT:

 

 

OTL logfile created on: 2012-09-16 13:46:05 - Run 2

OTL by OldTimer - Version 3.2.61.5 Folder = C:\Documents and Settings

Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

 

2,00 Gb Total Physical Memory | 1,74 Gb Available Physical Memory | 86,85% Memory free

3,85 Gb Paging File | 3,79 Gb Available in Paging File | 98,42% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 146,48 Gb Total Space | 36,88 Gb Free Space | 25,18% Space Free | Partition Type: NTFS

Drive D: | 86,40 Gb Total Space | 5,78 Gb Free Space | 6,69% Space Free | Partition Type: NTFS

Drive E: | 0,29 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

 

Computer Name: JACEK | User Name: Jacek | Logged in as Administrator.

Boot Mode: SafeMode | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2012-09-16 10:22:33 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\OTL.exe

PRC - [2008-04-15 14:00:00 | 000,396,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cmd.exe

 

 

========== Modules (No Company Name) ==========

 

 

========== Services (SafeList) ==========

 

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)

SRV - [2012-09-06 20:19:35 | 004,537,664 | ---- | M] () [Auto | Stopped] -- c:\program files\common files\akamai/netsession_win_5891ae0.dll -- (Akamai)

SRV - [2012-08-21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)

SRV - [2012-08-13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Stopped] -- C:\Documents and Settings\All Users\Dane aplikacji\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)

SRV - [2012-05-03 20:22:42 | 000,254,464 | ---- | M] (Ryan Conrad) [Auto | Stopped] -- C:\Program Files\Droid Explorer\DroidExplorer.Service.exe -- (DroidExplorerService)

SRV - [2012-04-21 03:16:42 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2012-03-21 12:23:14 | 000,793,048 | ---- | M] (PC Tools) [Auto | Stopped] -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)

SRV - [2012-02-29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2012-01-18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)

SRV - [2011-08-15 17:18:10 | 001,361,288 | ---- | M] (LogMeIn Inc.) [Auto | Stopped] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)

SRV - [2011-04-25 05:55:00 | 004,066,168 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\system32\GameMon.des -- (npggsvc)

SRV - [2011-02-02 11:57:54 | 000,052,288 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper)

SRV - [2010-09-29 03:33:40 | 000,249,856 | ---- | M] () [Auto | Stopped] -- C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\DCService.exe -- (DCService.exe)

SRV - [2010-06-14 15:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)

SRV - [2010-03-18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)

SRV - [2007-03-03 13:48:28 | 000,067,056 | ---- | M] (Ulead Systems, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)

 

 

========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbser6k.sys -- (ZTEusbser6k)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbnmea.sys -- (ZTEusbnmea)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbnet.sys -- (ZTEusbnet)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)

DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\massfilter.sys -- (massfilter)

DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)

DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbdev.sys -- (hwusbdev)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleNT.sys -- (EagleNT)

DRV - File not found [Kernel | System | Stopped] -- -- (Changer)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\catchme.sys -- (catchme)

DRV - File not found [Kernel | Boot | Stopped] -- System32\drivers\kqdfryn.sys -- (ayjmud)

DRV - [2012-09-15 19:21:00 | 000,027,424 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hitmanpro36.sys -- (hitmanpro36)

DRV - [2012-08-30 15:40:13 | 000,477,240 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)

DRV - [2012-08-21 11:13:15 | 000,729,752 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)

DRV - [2012-08-21 11:13:15 | 000,355,632 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)

DRV - [2012-08-21 11:13:15 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)

DRV - [2012-08-21 11:13:14 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)

DRV - [2012-08-21 11:13:14 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)

DRV - [2012-08-21 11:13:13 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)

DRV - [2012-08-21 11:13:13 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)

DRV - [2012-01-27 13:49:34 | 000,164,992 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\athsgt.sys -- (athsgt)

DRV - [2012-01-27 13:49:33 | 000,012,544 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\limsgt.sys -- (limsgt)

DRV - [2010-11-01 06:08:46 | 000,014,416 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys -- (WinRing0_1_2_0)

DRV - [2010-08-27 14:53:32 | 000,117,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet)

DRV - [2010-08-07 18:48:30 | 000,106,496 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)

DRV - [2010-07-27 16:25:48 | 000,072,832 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ew_jubusenum.sys -- (huawei_enumerator)

DRV - [2010-07-27 10:52:02 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)

DRV - [2010-03-20 13:06:58 | 000,011,136 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)

DRV - [2010-02-26 14:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)

DRV - [2010-02-26 14:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)

DRV - [2010-02-26 14:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)

DRV - [2010-02-26 14:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)

DRV - [2010-02-26 14:21:22 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)

DRV - [2010-01-27 04:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (npf)

DRV - [2009-03-18 18:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)

DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)

DRV - [2007-05-10 12:28:08 | 004,419,584 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)

DRV - [2007-04-14 10:28:00 | 000,094,592 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)

DRV - [2006-12-24 05:15:18 | 000,027,904 | ---- | M] (Compuware Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\xPADFL02.sys -- (XPADFL02)

DRV - [2006-11-02 07:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)

DRV - [2006-04-01 17:16:44 | 000,162,176 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\V0260Vid.sys -- (V0260VID)

DRV - [2005-01-01 11:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\npptNT2.sys -- (NPPTNT2)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKLM\..\SearchScopes\{4fa67103-5daf-45a1-9ddb-236d1ff7a590}: "URL" = http://search.mywebs...r={searchTerms}

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://isearch.avg....r=&d=2012-09-14 17:56:52&v=12.2.5.34&sap=hp

IE - HKCU\..\URLSearchHook: {22dbe5ef-4a42-4a71-85db-502caed821fc} - No CLSID value found

IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC

IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...0000019dbd0b4b2

IE - HKCU\..\SearchScopes\{4fa67103-5daf-45a1-9ddb-236d1ff7a590}: "URL" = http://search.mywebs...r={searchTerms}

IE - HKCU\..\SearchScopes\{8095CFA5-4A48-4EFA-ABFE-EEFEA04EB379}: "URL" = http://www.google.co...q={searchTerms}

IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg....r=&d=2012-09-14 17:56:52&v=12.2.5.34&sap=dsp&q={searchTerms}

IE - HKCU\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = http://www.bigseekpr...q={searchTerms}

IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2612669

IE - HKCU\..\SearchScopes\{C2529EE5-9EED-412F-B3E2-6F2DE94E3FB1}: "URL" = http://websearch.ask...B-85C62CD4C7F5

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

 

========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"

FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"

FF - prefs.js..browser.search.selectedEngine: "Google"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "https://isearch.avg.com?cid=%7Bb5bf6539-08db-40c9-9fcb-07e41c78b9a5%7D&mid=87e7d85621174e188e24cdc58575a011-e41fa53fe9f36fd0e273bc36718ba8099b9fa4a9&ds=ax011&v=12.2.5.34&lang=pl&pr=&d=2012-09-14%2017%3A56%3A52&sap=hp"

FF - prefs.js..extensions.enabledAddons: m3ffxtbr@mywebsearch.com:1.3

FF - prefs.js..extensions.enabledAddons: battlefieldplay4free@ea.com:1.0.66.2

FF - prefs.js..extensions.enabledAddons: 3gffxtbr@FestiveBar_3g.com:2.26.0.46753

FF - prefs.js..extensions.enabledAddons: {90b49673-5506-483e-b92b-ca0265bd9ca8}:3.15.1.0

FF - prefs.js..extensions.enabledAddons: ffxtlbr@babylon.com:1.5.0

FF - prefs.js..extensions.enabledAddons: battlefieldheroespatcher@ea.com:5.0.145.0

FF - prefs.js..extensions.enabledAddons: avg@toolbar:12.2.5.34

FF - prefs.js..extensions.enabledItems: {FFB96CC1-7EB3-449D-B827-DB661701C6BB}:1.5.227.0

FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.90

FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.732

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: {75656794-AB59-4712-BFBC-5D816D56F3BC}:1.1.7

FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906

FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2612669&SearchSource=2&q="

FF - prefs.js..network.proxy.http: "127.0.0.1"

FF - prefs.js..network.proxy.http_port: 51455

FF - prefs.js..network.proxy.type: 4

 

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll File not found

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+®,version=1.6.2.90: C:\Program Files\NOS\bin\np_gp.dll (NOS Microsystems Ltd.)

FF - HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+®,version=1.6.2.99: C:\Program Files\NOS\bin\np_gp.dll (NOS Microsystems Ltd.)

FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2010-09-13 20:52:41 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-09-15 19:42:00 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-05-08 00:35:55 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-11-28 18:05:27 | 000,000,000 | ---D | M]

 

[2010-07-26 19:53:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jacek\Dane aplikacji\Mozilla\Extensions

[2012-09-10 19:15:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jacek\Dane aplikacji\Mozilla\Firefox\Profiles\zg4jvt8i.default\extensions

[2010-09-10 21:27:40 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Jacek\Dane aplikacji\Mozilla\Firefox\Profiles\zg4jvt8i.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2012-08-24 09:42:19 | 000,000,000 | ---D | M] (IMVU Inc Community Toolbar) -- C:\Documents and Settings\Jacek\Dane aplikacji\Mozilla\Firefox\Profiles\zg4jvt8i.default\extensions\{90b49673-5506-483e-b92b-ca0265bd9ca8}

[2012-08-24 09:42:18 | 000,000,000 | ---D | M] (FestiveBar) -- C:\Documents and Settings\Jacek\Dane aplikacji\Mozilla\Firefox\Profiles\zg4jvt8i.default\extensions\3gffxtbr@FestiveBar_3g.com

[2012-09-10 19:15:38 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Documents and Settings\Jacek\Dane aplikacji\Mozilla\Firefox\Profiles\zg4jvt8i.default\extensions\battlefieldheroespatcher@ea.com

[2012-04-28 13:29:04 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Documents and Settings\Jacek\Dane aplikacji\Mozilla\Firefox\Profiles\zg4jvt8i.default\extensions\battlefieldplay4free@ea.com

[2012-08-30 17:10:15 | 000,000,000 | ---D | M] (Babylon) -- C:\Documents and Settings\Jacek\Dane aplikacji\Mozilla\Firefox\Profiles\zg4jvt8i.default\extensions\ffxtlbr@babylon.com

[2012-02-20 20:32:42 | 000,000,000 | ---D | M] (My Web Search) -- C:\Documents and Settings\Jacek\Dane aplikacji\Mozilla\Firefox\Profiles\zg4jvt8i.default\extensions\m3ffxtbr@mywebsearch.com

[2011-03-28 20:13:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jacek\Dane aplikacji\Mozilla\Firefox\Profiles\zg4jvt8i.default\extensions\nostmp

[2012-05-01 14:18:33 | 000,000,000 | ---D | M] (YouTube to ALLPlayer) -- C:\Documents and Settings\Jacek\Dane aplikacji\Mozilla\Firefox\Profiles\zg4jvt8i.default\extensions\YouTubetoALL@ALLPlayer.org

[2011-08-23 22:16:36 | 000,002,333 | ---- | M] () -- C:\Documents and Settings\Jacek\Dane aplikacji\Mozilla\Firefox\Profiles\zg4jvt8i.default\searchplugins\askcom.xml

[2011-10-26 21:21:44 | 000,009,932 | ---- | M] () -- C:\Documents and Settings\Jacek\Dane aplikacji\Mozilla\Firefox\Profiles\zg4jvt8i.default\searchplugins\mywebsearch.xml

[2010-11-29 21:47:37 | 000,002,374 | ---- | M] () -- C:\Documents and Settings\Jacek\Dane aplikacji\Mozilla\Firefox\Profiles\zg4jvt8i.default\searchplugins\search.xml

[2012-05-08 00:35:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2012-08-30 09:53:46 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\DANE APLIKACJI\AVG SECURE SEARCH\12.2.5.34

[2012-04-21 03:18:00 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2011-10-03 06:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

[2012-04-21 04:18:44 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml

[2012-08-30 15:39:51 | 000,002,349 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml

[2012-04-21 04:18:44 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml

[2012-04-21 04:18:44 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml

[2012-04-21 04:18:44 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml

[2012-04-21 04:18:44 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml

[2012-04-21 04:18:44 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

 

========== Chrome ==========

 

CHR - homepage: http://www.google.com/

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}

CHR - homepage: http://www.google.com/

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1180.89\pdf.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1180.89\gcswf32.dll

CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

CHR - plugin: Skype Toolbars (Enabled) = C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll

CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll

CHR - plugin: Java™ Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL

CHR - plugin: getPlusPlus for Adobe 16290 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np_gp.dll

CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll

CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll

CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll

CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.111\npGoogleUpdate3.dll

CHR - plugin: MindSpark Toolbar Platform Plugin Stub (Enabled) = C:\Program Files\FestiveBar_3g\bar\1.bin\NP3gStub.dll

CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll

CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

CHR - Extension: YouTube = C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\

CHR - Extension: Szukaj w Google = C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\

CHR - Extension: Skype Click to Call = C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\

CHR - Extension: No name found = C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.2.5.34_0\

CHR - Extension: Gmail = C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

 

Hosts file not found

O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O2 - BHO: (YouTube To ALLPlayer) - {61DB16C5-B733-43F4-872E-B20DC9E72740} - C:\Program Files\ALLPlayer\YouTubeToALLPlayer.dll (ALLPlayer.org)

O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (no name) - {CCCADFDB-F59C-578E-34B0-4C80C69F0003} - c:\windows\system32\dll221.dll File not found

O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {9AE277E9-32F4-46D5-94F4-20201609D1D0} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.

O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)

O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [iPlusManager] C:\Program Files\iPlus\iPlusChecker.exe ()

O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)

O4 - HKLM..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)

O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()

O4 - HKLM..\Run: [ROC_ROC_NT] "C:\Program Files\AVG Secure Search\ROC_ROC_NT.exe" / /PROMPT /CMPID=ROC_NT File not found

O4 - HKLM..\Run: [uVS11 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe (InterVideo Digital Technology Corporation)

O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\Akamai\netsession_win.exe (Akamai Technologies, Inc.)

O4 - HKCU..\Run: [engel] C:\Documents and Settings\Jacek\Dane aplikacji\updates\updates.exe File not found

O4 - HKCU..\Run: [MusicWrzuta] G:\MusicWrzuta.exe /v File not found

O4 - HKCU..\Run: [sony PC Companion] C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe (Sony)

O4 - HKCU..\Run: [steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)

O4 - HKCU..\Run: [tuaca] C:\Documents and Settings\Jacek\tuaca.exe /d File not found

O4 - HKCU..\Run: [Windows Init] "C:\Documents and Settings\Jacek\Dane aplikacji\xwxa1zco1usyyzoiybsoxgfygdrqgqoi2\svcnost.exe" File not found

O4 - Startup: C:\Documents and Settings\Jacek\Menu Start\Programy\Autostart\IMVU.lnk = C:\Documents and Settings\Jacek\Dane aplikacji\IMVUClient\IMVUQualityAgent.exe ()

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)

O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Jacek\Menu Start\Programy\IMVU\Run IMVU.lnk ()

O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (get_atlcom Class)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{08AB8CA5-F305-432C-B2BB-26F421F94263}: DhcpNameServer = 192.168.1.1 192.168.1.1

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKCU Winlogon: Shell - (C:\Documents and Settings\Jacek\Dane aplikacji\msconfig.dat) - C:\Documents and Settings\Jacek\Dane aplikacji\msconfig.dat ()

O24 - Desktop Components:0 () - http://pl.memgenerat...bkowy-pl-ffffff

O31 - SafeBoot: UseAlternatShell - 1

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2010-07-26 18:59:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

 

========== Files/Folders - Created Within 30 Days ==========

 

[2012-09-16 12:37:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\DeepBurner

[2012-09-16 12:37:08 | 000,000,000 | ---D | C] -- C:\Program Files\Astonsoft

[2012-09-16 12:33:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Nero

[2012-09-16 12:33:47 | 000,089,184 | ---- | C] (Ahead Software AG and its licensors) -- C:\WINDOWS\System32\drivers\imagedrv.sys

[2012-09-16 12:33:47 | 000,057,344 | ---- | C] (Ahead Software AG) -- C:\WINDOWS\System32\ImageDrive.cpl

[2012-09-16 12:33:38 | 000,569,344 | ---- | C] (Pegasus Software,LLC) -- C:\WINDOWS\System32\imagr5.dll

[2012-09-16 12:33:38 | 000,544,768 | ---- | C] (Pegasus Software, LLC) -- C:\WINDOWS\System32\imagx5.dll

[2012-09-16 12:33:38 | 000,283,920 | ---- | C] (Pegasus Software, LLC) -- C:\WINDOWS\System32\ImagXpr5.dll

[2012-09-16 12:33:38 | 000,155,648 | ---- | C] (Ahead Software Gmbh) -- C:\WINDOWS\System32\NeroCheck.exe

[2012-09-16 12:33:38 | 000,038,912 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\picn20.dll

[2012-09-16 12:33:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Ahead

[2012-09-16 12:33:35 | 000,000,000 | ---D | C] -- C:\Program Files\Ahead

[2012-09-16 10:44:39 | 000,000,000 | -HSD | C] -- C:\RECYCLER

[2012-09-15 19:42:14 | 000,021,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys

[2012-09-15 19:42:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\avast! Free Antivirus

[2012-09-15 19:42:13 | 000,355,632 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys

[2012-09-15 19:42:10 | 000,054,232 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys

[2012-09-15 19:42:10 | 000,035,928 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys

[2012-09-15 19:42:09 | 000,729,752 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys

[2012-09-15 19:42:08 | 000,097,608 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys

[2012-09-15 19:42:08 | 000,089,624 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys

[2012-09-15 19:42:08 | 000,025,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys

[2012-09-15 19:41:44 | 000,041,224 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr

[2012-09-15 19:41:43 | 000,227,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe

[2012-09-15 19:41:23 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software

[2012-09-15 19:41:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software

[2012-09-15 19:06:39 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro

[2012-09-15 19:06:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\HitmanPro

[2012-09-15 17:25:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes' Anti-Malware

[2012-09-15 17:24:59 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2012-09-15 16:49:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP

[2012-09-15 16:48:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp

[2012-09-15 16:39:07 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe

[2012-09-15 16:39:07 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe

[2012-09-15 16:39:07 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe

[2012-09-15 16:39:07 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe

[2012-09-15 16:39:00 | 000,000,000 | ---D | C] -- C:\ComboFix

[2012-09-15 15:12:03 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner

[2012-09-15 14:40:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\wxDownload Fast

[2012-09-15 14:40:35 | 000,000,000 | ---D | C] -- C:\Program Files\wxDownload Fast

[2012-09-15 14:40:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Premium

[2012-09-15 14:40:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\GBox

[2012-09-15 14:40:29 | 000,000,000 | ---D | C] -- C:\Program Files\SProtector

[2012-09-15 14:38:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\InstallMate

[2012-09-14 17:57:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\AVG Secure Search

[2012-09-14 17:56:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Dane aplikacji\AVG Secure Search

[2012-09-14 17:54:50 | 000,368,104 | ---- | C] (Ringier Axel Springer Polska) -- C:\Documents and Settings\Jacek\Moje dokumenty\gimp-282-setupexe.exe

[2012-09-12 20:40:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Menu Start\Programy\Fraps

[2012-09-12 20:28:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Game Booster 3

[2012-09-12 20:28:42 | 000,000,000 | ---D | C] -- C:\Program Files\IObit

[2012-09-12 20:28:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\IObit

[2012-09-12 20:18:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Moje dokumenty\Battlefield Heroes

[2012-09-12 19:01:54 | 000,000,000 | ---D | C] -- C:\Program Files\EA Games

[2012-09-08 11:39:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Moje dokumenty\Kolaże

[2012-09-07 19:01:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Dane aplikacji\Registry Mechanic

[2012-09-07 17:21:09 | 001,101,824 | ---- | C] (Woodbury Associates Limited) -- C:\WINDOWS\System32\UniBox210.ocx

[2012-09-07 17:21:09 | 000,880,640 | ---- | C] (Woodbury Associates Limited) -- C:\WINDOWS\System32\UniBox10.ocx

[2012-09-07 17:21:09 | 000,212,992 | ---- | C] (Woodbury Associates Limited) -- C:\WINDOWS\System32\UniBoxVB12.ocx

[2012-09-07 17:21:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\PC Tools Registry Mechanic

[2012-09-07 17:21:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools

[2012-09-07 17:21:06 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools Registry Mechanic

[2012-09-03 16:44:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Adobe

[2012-09-03 15:55:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Moje dokumenty\f_data

[2012-09-02 11:31:53 | 000,000,000 | ---D | C] -- C:\Premiere

[2012-09-02 11:22:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Dane aplikacji\com.adobe.downloadassistant.AdobeDownloadAssistant

[2012-09-02 11:22:53 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Download Assistant

[2012-08-30 15:40:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Dane aplikacji\BabylonToolbar

[2012-08-28 14:50:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Menu Start\Programy\ElcomSoft

[2012-08-28 14:50:13 | 000,000,000 | ---D | C] -- C:\Program Files\ElcomSoft

[2012-08-28 11:23:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\Softwrap

[2012-08-28 11:23:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\Fonts

[2012-08-28 11:23:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\Config

[2012-08-28 11:23:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Menu Start\Programy\Game Maker 7

[2012-08-28 11:23:15 | 000,000,000 | ---D | C] -- C:\Program Files\Game_Maker7

[2012-08-28 11:03:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Moje dokumenty\New Unity Project 3

[2012-08-28 10:59:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Moje dokumenty\New Unity Project 2

[2012-08-27 10:08:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Dane aplikacji\IMVU

[2012-08-27 10:08:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Menu Start\Programy\IMVU

[2012-08-27 10:07:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Dane aplikacji\IMVUClient

[2012-08-25 12:14:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Caphyon

[2012-08-25 12:14:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Google SketchUp 8

[2012-08-25 12:14:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Google

[2012-08-25 12:13:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Dane aplikacji\ProGrupa sp. z o.o

[2012-08-24 12:31:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Moje dokumenty\New Unity Project 1

[2012-08-24 12:13:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Moje dokumenty\New Unity Project

[2012-08-24 11:59:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Dane aplikacji\Unity

[2012-08-24 11:48:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Moje dokumenty\Nowy folder

[2012-08-24 11:39:50 | 000,000,000 | ---D | C] -- C:\tmp

[2012-08-24 11:37:34 | 000,000,000 | ---D | C] -- C:\Program Files\2.63

[2012-08-24 11:20:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Dane aplikacji\FaceGen

[2012-08-24 11:20:28 | 000,000,000 | ---D | C] -- C:\Program Files\Singular Inversions

[2012-08-24 11:02:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PACE Anti-Piracy

[2012-08-24 11:02:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\PACE Anti-Piracy

[2012-08-24 11:02:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Dane aplikacji\PACE Anti-Piracy

[2012-08-24 11:02:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\PACE Anti-Piracy

[2012-08-24 11:01:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Blender Foundation

[2012-08-24 10:56:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\Unity Projects

[2012-08-24 10:56:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Unity

[2012-08-24 09:42:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Dane aplikacji\FestiveBar_3g

[2012-08-23 09:22:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Dane aplikacji\Mocyot

[2012-08-23 09:22:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Dane aplikacji\Isonhi

[2012-08-23 09:22:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Dane aplikacji\Giim

[2012-08-23 09:21:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Dane aplikacji\x2hrewgthpqxznnxovzywufevitsphki2

[2012-05-10 11:57:00 | 015,195,136 | ---- | C] (Blender Foundation) -- C:\Program Files\blenderplayer.exe

[2012-05-10 11:56:06 | 028,058,624 | ---- | C] (Blender Foundation) -- C:\Program Files\blender.exe

[2012-02-20 10:21:02 | 000,174,592 | ---- | C] (Creative Labs) -- C:\Program Files\wrap_oal.dll

[2012-02-20 10:21:02 | 000,090,112 | ---- | C] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Program Files\OpenAL32.dll

[2012-01-27 17:24:31 | 002,161,160 | ---- | C] (DownVision ) -- C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\setup.exe

[2012-01-13 18:59:31 | 003,623,592 | ---- | C] (Ask) -- C:\Program Files\Common Files\ApnToolbarInstaller.exe

[2012-01-13 18:59:31 | 000,143,240 | ---- | C] (Ask.com) -- C:\Program Files\Common Files\ApnStub.exe

[2011-03-04 02:13:52 | 002,343,936 | ---- | C] (Python Software Foundation) -- C:\Program Files\python32.dll

[2008-04-11 03:32:14 | 000,655,872 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msvcr90.dll

[2008-04-11 03:32:14 | 000,572,928 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msvcp90.dll

[2008-04-10 21:52:48 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msvcm90.dll

[2007-12-28 23:23:04 | 000,086,070 | ---- | C] (Open Source Software community project) -- C:\Program Files\pthreadVC2.dll

[2007-11-07 01:19:22 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Program Files\vcomp90.dll

[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2012-09-16 13:37:24 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2012-09-16 13:23:54 | 000,000,432 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics

[2012-09-16 13:19:14 | 000,000,045 | ---- | M] () -- C:\Documents and Settings\Jacek\Dane aplikacji\msconfig.ini

[2012-09-16 13:18:47 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\RMAutoUpdate.job

[2012-09-16 13:18:45 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\Game_Booster_AutoUpdate.job

[2012-09-16 13:18:42 | 000,001,030 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2012-09-16 13:18:42 | 000,000,506 | -H-- | M] () -- C:\WINDOWS\tasks\WxDFastUpdaterTask{A94E8C95-6149-4EBB-982A-34A97DDDF140}.job

[2012-09-16 13:18:42 | 000,000,488 | -H-- | M] () -- C:\WINDOWS\tasks\GBoxUpdaterTask{A7B223BD-0AE7-4775-8D8B-09754DB14821}.job

[2012-09-16 13:18:42 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job

[2012-09-16 13:18:42 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\Express Files Updater.job

[2012-09-16 12:31:27 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat

[2012-09-16 06:54:03 | 000,001,034 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2012-09-16 06:37:15 | 000,001,132 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-57989841-117609710-682003330-1004UA.job

[2012-09-15 22:16:25 | 000,001,112 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-57989841-117609710-682003330-500Core.job

[2012-09-15 19:42:14 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk

[2012-09-15 19:42:09 | 000,002,644 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT

[2012-09-15 19:21:00 | 000,027,424 | ---- | M] () -- C:\WINDOWS\System32\drivers\hitmanpro36.sys

[2012-09-15 19:18:03 | 000,015,364 | ---- | M] () -- C:\WINDOWS\System32\.crusader

[2012-09-15 18:21:01 | 000,079,360 | ---- | M] () -- C:\Documents and Settings\Jacek\3hnx.exe

[2012-09-15 18:19:12 | 000,000,884 | ---- | M] () -- C:\Documents and Settings\Jacek\Menu Start\Programy\Autostart\IMVU.lnk

[2012-09-15 15:47:16 | 000,131,072 | ---- | M] () -- C:\Documents and Settings\Jacek\xouhof.com

[2012-09-15 15:37:09 | 000,549,584 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2012-09-14 21:43:34 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RMSchedule.job

[2012-09-14 18:01:09 | 000,270,240 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr

[2012-09-14 17:54:49 | 000,368,104 | ---- | M] (Ringier Axel Springer Polska) -- C:\Documents and Settings\Jacek\Moje dokumenty\gimp-282-setupexe.exe

[2012-09-14 17:53:19 | 000,468,072 | ---- | M] () -- C:\Documents and Settings\Jacek\Moje dokumenty\GIMP(13219).exe

[2012-09-14 17:36:54 | 000,270,240 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.ex0

[2012-09-14 16:33:49 | 000,000,056 | ---- | M] () -- C:\WINDOWS\Kulki.ini

[2012-09-14 15:37:00 | 000,001,080 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-57989841-117609710-682003330-1004Core.job

[2012-09-14 15:28:55 | 000,238,592 | ---- | M] () -- C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012-09-14 13:22:18 | 000,002,645 | ---- | M] () -- C:\Documents and Settings\All Users\Dokumenty\Global.sw2

[2012-09-14 12:52:59 | 000,094,208 | ---- | M] () -- C:\Documents and Settings\Jacek\kaukus.com

[2012-09-14 11:32:41 | 000,208,188 | ---- | M] () -- C:\Documents and Settings\Jacek\Pulpit\piknikrodzinny.pdf

[2012-09-14 10:09:52 | 000,094,208 | ---- | M] () -- C:\Documents and Settings\Jacek\maamal.com

[2012-09-13 17:56:18 | 000,200,761 | ---- | M] () -- C:\Documents and Settings\Jacek\zqdb.exe

[2012-09-12 20:17:35 | 000,138,056 | ---- | M] () -- C:\Documents and Settings\Jacek\Dane aplikacji\PnkBstrK.sys

[2012-09-10 07:14:18 | 000,131,072 | ---- | M] () -- C:\Documents and Settings\Jacek\zeubov.com

[2012-09-09 12:35:22 | 000,073,728 | ---- | M] () -- C:\Documents and Settings\Jacek\xouliv.com

[2012-09-08 10:51:56 | 000,122,880 | ---- | M] () -- C:\Documents and Settings\Jacek\wieiw.com

[2012-09-07 19:32:07 | 000,779,598 | ---- | M] () -- C:\Documents and Settings\Jacek\Pulpit\cz.bmp

[2012-09-07 17:21:09 | 000,000,871 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\PC Tools Registry Mechanic.lnk

[2012-09-07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2012-09-07 16:18:11 | 002,911,117 | ---- | M] () -- C:\Documents and Settings\Jacek\Moje dokumenty\Firma - Czas na walkę (Instrumental) pobrano z DjOles.pl pobrano z DjOles.pl.mp3

[2012-09-07 16:10:06 | 000,122,880 | ---- | M] () -- C:\Documents and Settings\Jacek\yaugev.com

[2012-09-03 15:55:06 | 000,001,340 | ---- | M] () -- C:\Documents and Settings\Jacek\Moje dokumenty\f.aup

[2012-09-03 15:13:54 | 000,016,000 | ---- | M] () -- C:\Documents and Settings\Jacek\tnol.com

[2012-09-03 13:21:30 | 000,028,253 | ---- | M] () -- C:\Documents and Settings\Jacek\ynat.com

[2012-09-03 12:38:36 | 000,024,000 | ---- | M] () -- C:\Documents and Settings\Jacek\faawof.com

[2012-09-03 07:25:40 | 000,028,253 | ---- | M] () -- C:\Documents and Settings\Jacek\xujez.com

[2012-09-03 07:23:14 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2012-09-01 17:28:44 | 000,028,253 | ---- | M] () -- C:\Documents and Settings\Jacek\wipoc.com

[2012-09-01 10:52:22 | 000,028,253 | ---- | M] () -- C:\Documents and Settings\Jacek\qeoqek.com

[2012-09-01 10:46:37 | 000,028,253 | ---- | M] () -- C:\Documents and Settings\Jacek\dyaf.com

[2012-09-01 08:41:24 | 000,028,253 | ---- | M] () -- C:\Documents and Settings\Jacek\beixec.com

[2012-08-31 12:05:25 | 000,036,864 | ---- | M] () -- C:\Documents and Settings\Jacek\xaijoz.com

[2012-08-31 11:27:38 | 000,202,888 | ---- | M] () -- C:\Documents and Settings\Jacek\2guf.exe

[2012-08-30 15:40:28 | 000,000,463 | ---- | M] () -- C:\user.js

[2012-08-28 11:31:52 | 000,010,694 | ---- | M] () -- C:\Documents and Settings\Jacek\Moje dokumenty\ads.bmp

[2012-08-28 11:23:34 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SwSys2.bmp

[2012-08-28 11:23:34 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SwSys1.bmp

[2012-08-24 11:37:47 | 000,134,382 | ---- | M] () -- C:\Program Files\uninstall.exe

[2012-08-23 21:51:09 | 133,183,672 | ---- | M] () -- C:\Documents and Settings\Jacek\Moje dokumenty\setup_11.0.0.1245.x01_2012_08_23_21_03.exe

[2012-08-23 20:35:56 | 000,000,043 | ---- | M] () -- C:\Documents and Settings\Jacek\Dane aplikacji\B9F2E7.dat

[2012-08-23 09:21:00 | 000,000,054 | ---- | M] () -- C:\Documents and Settings\Jacek\inv.vbs

[2012-08-21 11:13:15 | 000,729,752 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys

[2012-08-21 11:13:15 | 000,355,632 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys

[2012-08-21 11:13:15 | 000,054,232 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys

[2012-08-21 11:13:14 | 000,097,608 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys

[2012-08-21 11:13:14 | 000,089,624 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys

[2012-08-21 11:13:14 | 000,035,928 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys

[2012-08-21 11:13:13 | 000,025,256 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys

[2012-08-21 11:13:13 | 000,021,256 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys

[2012-08-21 11:12:33 | 000,041,224 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr

[2012-08-21 11:12:23 | 000,227,648 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe

[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2012-09-16 11:52:25 | 000,161,720 | ---- | C] () -- C:\Program Files\3gres.dll

[2012-09-15 19:42:14 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk

[2012-09-15 19:42:09 | 000,000,330 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job

[2012-09-15 19:32:40 | 000,001,112 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-57989841-117609710-682003330-500Core.job

[2012-09-15 19:19:32 | 000,027,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro36.sys

[2012-09-15 19:18:03 | 000,015,364 | ---- | C] () -- C:\WINDOWS\System32\.crusader

[2012-09-15 16:39:07 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe

[2012-09-15 16:39:07 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe

[2012-09-15 16:39:07 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe

[2012-09-15 16:39:07 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe

[2012-09-15 16:39:07 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe

[2012-09-15 15:47:16 | 000,131,072 | ---- | C] () -- C:\Documents and Settings\Jacek\xouhof.com

[2012-09-15 14:40:31 | 000,000,488 | -H-- | C] () -- C:\WINDOWS\tasks\GBoxUpdaterTask{A7B223BD-0AE7-4775-8D8B-09754DB14821}.job

[2012-09-15 14:38:52 | 000,000,506 | -H-- | C] () -- C:\WINDOWS\tasks\WxDFastUpdaterTask{A94E8C95-6149-4EBB-982A-34A97DDDF140}.job

[2012-09-15 08:35:53 | 000,000,045 | ---- | C] () -- C:\Documents and Settings\Jacek\Dane aplikacji\msconfig.ini

[2012-09-15 08:35:49 | 000,079,360 | ---- | C] () -- C:\Documents and Settings\Jacek\3hnx.exe

[2012-09-14 17:53:34 | 000,468,072 | ---- | C] () -- C:\Documents and Settings\Jacek\Moje dokumenty\GIMP(13219).exe

[2012-09-14 12:52:59 | 000,094,208 | ---- | C] () -- C:\Documents and Settings\Jacek\kaukus.com

[2012-09-14 11:32:41 | 000,208,188 | ---- | C] () -- C:\Documents and Settings\Jacek\Pulpit\piknikrodzinny.pdf

[2012-09-14 10:09:52 | 000,094,208 | ---- | C] () -- C:\Documents and Settings\Jacek\maamal.com

[2012-09-13 17:56:18 | 000,200,761 | ---- | C] () -- C:\Documents and Settings\Jacek\zqdb.exe

[2012-09-12 20:28:53 | 000,000,278 | ---- | C] () -- C:\WINDOWS\tasks\Game_Booster_AutoUpdate.job

[2012-09-10 07:14:18 | 000,131,072 | ---- | C] () -- C:\Documents and Settings\Jacek\zeubov.com

[2012-09-09 12:35:22 | 000,073,728 | ---- | C] () -- C:\Documents and Settings\Jacek\xouliv.com

[2012-09-08 10:51:56 | 000,122,880 | ---- | C] () -- C:\Documents and Settings\Jacek\wieiw.com

[2012-09-07 19:32:06 | 000,779,598 | ---- | C] () -- C:\Documents and Settings\Jacek\Pulpit\cz.bmp

[2012-09-07 19:00:01 | 000,000,272 | ---- | C] () -- C:\WINDOWS\tasks\RMAutoUpdate.job

[2012-09-07 17:21:14 | 000,000,274 | ---- | C] () -- C:\WINDOWS\tasks\RMSchedule.job

[2012-09-07 17:21:09 | 000,000,871 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\PC Tools Registry Mechanic.lnk

[2012-09-07 17:21:08 | 000,037,336 | ---- | C] () -- C:\WINDOWS\System32\CleanMFT32.exe

[2012-09-07 16:17:48 | 002,911,117 | ---- | C] () -- C:\Documents and Settings\Jacek\Moje dokumenty\Firma - Czas na walkę (Instrumental) pobrano z DjOles.pl pobrano z DjOles.pl.mp3

[2012-09-07 16:10:06 | 000,122,880 | ---- | C] () -- C:\Documents and Settings\Jacek\yaugev.com

[2012-09-03 15:55:06 | 000,001,340 | ---- | C] () -- C:\Documents and Settings\Jacek\Moje dokumenty\f.aup

[2012-09-03 15:13:54 | 000,016,000 | ---- | C] () -- C:\Documents and Settings\Jacek\tnol.com

[2012-09-03 13:21:30 | 000,028,253 | ---- | C] () -- C:\Documents and Settings\Jacek\ynat.com

[2012-09-03 12:38:36 | 000,024,000 | ---- | C] () -- C:\Documents and Settings\Jacek\faawof.com

[2012-09-03 07:25:40 | 000,028,253 | ---- | C] () -- C:\Documents and Settings\Jacek\xujez.com

[2012-09-02 11:22:53 | 000,000,796 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Download Assistant.lnk

[2012-09-01 17:28:44 | 000,028,253 | ---- | C] () -- C:\Documents and Settings\Jacek\wipoc.com

[2012-09-01 10:52:22 | 000,028,253 | ---- | C] () -- C:\Documents and Settings\Jacek\qeoqek.com

[2012-09-01 10:46:37 | 000,028,253 | ---- | C] () -- C:\Documents and Settings\Jacek\dyaf.com

[2012-09-01 08:41:24 | 000,028,253 | ---- | C] () -- C:\Documents and Settings\Jacek\beixec.com

[2012-08-31 12:05:25 | 000,036,864 | ---- | C] () -- C:\Documents and Settings\Jacek\xaijoz.com

[2012-08-31 11:27:38 | 000,202,888 | ---- | C] () -- C:\Documents and Settings\Jacek\2guf.exe

[2012-08-28 11:31:52 | 000,010,694 | ---- | C] () -- C:\Documents and Settings\Jacek\Moje dokumenty\ads.bmp

[2012-08-28 11:23:34 | 000,002,645 | ---- | C] () -- C:\Documents and Settings\All Users\Dokumenty\Global.sw2

[2012-08-28 11:23:34 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SwSys2.bmp

[2012-08-28 11:23:34 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SwSys1.bmp

[2012-08-27 10:15:17 | 000,000,884 | ---- | C] () -- C:\Documents and Settings\Jacek\Menu Start\Programy\Autostart\IMVU.lnk

[2012-08-24 11:37:47 | 000,134,382 | ---- | C] () -- C:\Program Files\uninstall.exe

[2012-08-24 11:20:33 | 000,002,621 | ---- | C] () -- C:\Documents and Settings\Jacek\Menu Start\Programy\FaceGen Modeller 3.5 Free.lnk

[2012-08-23 21:37:34 | 133,183,672 | ---- | C] () -- C:\Documents and Settings\Jacek\Moje dokumenty\setup_11.0.0.1245.x01_2012_08_23_21_03.exe

[2012-08-23 09:22:48 | 000,000,043 | ---- | C] () -- C:\Documents and Settings\Jacek\Dane aplikacji\B9F2E7.dat

[2012-08-23 09:21:00 | 000,000,054 | ---- | C] () -- C:\Documents and Settings\Jacek\inv.vbs

[2012-08-10 17:39:13 | 000,028,253 | ---- | C] () -- C:\Documents and Settings\Jacek\jde.com

[2012-08-10 13:26:53 | 000,028,253 | ---- | C] () -- C:\Documents and Settings\Jacek\baudof.com

[2012-08-10 13:26:21 | 000,028,253 | ---- | C] () -- C:\Documents and Settings\Jacek\wavaj.com

[2012-08-10 13:25:37 | 000,028,253 | ---- | C] () -- C:\Documents and Settings\Jacek\noopih.com

[2012-08-10 13:25:28 | 000,028,253 | ---- | C] () -- C:\Documents and Settings\Jacek\ziw.com

[2012-08-10 13:25:09 | 000,028,253 | ---- | C] () -- C:\Documents and Settings\Jacek\soesew.com

[2012-06-28 20:02:53 | 000,444,283 | ---- | C] () -- C:\Program Files\Common Files\WinPcapNmap.exe

[2012-05-21 20:03:04 | 000,000,047 | ---- | C] () -- C:\Program Files\FotoCyfraFotocyfra.url

[2012-05-09 21:01:08 | 000,005,712 | ---- | C] () -- C:\Program Files\readme.html

[2012-03-08 13:39:57 | 000,017,408 | ---- | C] () -- C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\WebpageIcons.db

[2012-01-27 17:23:59 | 000,460,624 | ---- | C] () -- C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\promo.exe

[2012-01-27 13:49:34 | 000,164,992 | ---- | C] () -- C:\WINDOWS\System32\drivers\athsgt.sys

[2012-01-27 13:49:33 | 000,012,544 | ---- | C] () -- C:\WINDOWS\System32\drivers\limsgt.sys

[2012-01-04 22:17:54 | 001,073,152 | ---- | C] () -- C:\WINDOWS\System32\libmysql_c.dll

[2011-12-17 17:40:58 | 000,000,604 | ---- | C] () -- C:\WINDOWS\Spiderman.INI

[2011-12-15 19:56:13 | 000,000,218 | ---- | C] () -- C:\Documents and Settings\Jacek\.recently-used.xbel

[2011-12-15 19:56:12 | 000,010,440 | ---- | C] () -- C:\Documents and Settings\Jacek\Dokument bez nazwy 2

[2011-11-25 21:22:15 | 000,255,906 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat

[2011-11-25 21:22:15 | 000,255,906 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-57989841-117609710-682003330-1004-0.dat

[2011-10-31 00:04:54 | 000,002,048 | -HS- | C] () -- C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\7174992b\@

[2011-09-16 20:56:54 | 000,100,864 | ---- | C] () -- C:\Program Files\BlendThumb64.dll

[2011-09-16 20:56:54 | 000,067,584 | ---- | C] () -- C:\Program Files\BlendThumb.dll

[2011-07-20 13:25:52 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll

[2011-07-13 21:27:46 | 002,304,512 | ---- | C] () -- C:\Program Files\libsndfile-1.dll

[2011-07-07 17:08:48 | 000,138,056 | ---- | C] () -- C:\Documents and Settings\Jacek\Dane aplikacji\PnkBstrK.sys

[2011-07-07 17:08:27 | 000,270,240 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe

[2011-07-07 17:08:26 | 000,075,136 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe

[2011-05-22 08:58:09 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\{1A72F6F6-C1BE-461C-BFEA-C50EAA06F1BD}

[2011-05-21 10:04:50 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\{12A1FCB0-F662-4972-BB2D-9523A174CFB9}

[2011-04-13 21:30:23 | 000,000,189 | ---- | C] () -- C:\WINDOWS\GNMIDI.INI

[2011-04-09 17:36:23 | 000,162,304 | ---- | C] () -- C:\Program Files\UNWISE.EXE

[2011-03-24 21:31:44 | 000,210,456 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll

[2011-03-24 21:31:44 | 000,206,360 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll

[2011-03-24 21:31:44 | 000,198,168 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll

[2011-03-24 21:31:44 | 000,198,168 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll

[2011-03-24 21:31:44 | 000,194,072 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll

[2011-03-24 21:31:44 | 000,026,136 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll

[2011-02-28 19:55:25 | 000,000,025 | ---- | C] () -- C:\WINDOWS\popcinfot.dat

[2011-02-18 13:29:01 | 000,000,056 | ---- | C] () -- C:\WINDOWS\Kulki.ini

[2011-02-07 17:06:12 | 000,011,239 | ---- | C] () -- C:\WINDOWS\wininit.ini

[2010-12-21 18:46:32 | 000,000,284 | ---- | C] () -- C:\WINDOWS\game.ini

[2010-11-30 20:06:55 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat

[2010-11-13 21:33:56 | 000,111,104 | ---- | C] () -- C:\WINDOWS\System32\Uharc.exe

[2010-09-23 17:13:24 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\fusioncache.dat

[2010-07-27 20:30:30 | 000,238,592 | ---- | C] () -- C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010-07-02 14:28:02 | 000,120,320 | ---- | C] () -- C:\Program Files\zlib.dll

[2008-04-15 14:00:00 | 000,079,360 | ---- | C] () -- C:\Documents and Settings\Jacek\Dane aplikacji\msconfig.dat

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 98 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:D1B5B4F1

@Alternate Data Stream - 963 bytes -> C:\Program Files\WindowsUpdate:GN3RjJGZrAvKnmLrIlrQNGrM1

@Alternate Data Stream - 904 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\Microsoft:hmW2rMRrVRuruv5SrbMmaMzKK

@Alternate Data Stream - 1064 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\Microsoft:JL1zJiq1oi8mAjgQi4ZFh8g

@Alternate Data Stream - 1033 bytes -> C:\Program Files\WindowsUpdate:x0rS8AfXlXGI7dTcnJhL2h

 

< End of report >

 

Odnośnik do komentarza
Pomoc jest darmowa, ale proszę rozważ przekazanie dotacji na utrzymanie serwisu: klik.

Logi wstawia się opcją załączniki na forum to pierwsza sprawa. Druga - zabrakło drugiego loga z OTL - extras. Nie miałeś zaznaczonej opcji Rejestr - skan dodatkowy na "Użyj filtrowania". Dołącz ten log w kolejnym poście.

 

1. Uruchom OTL i w oknie Własne opcje skanowania/Skrypt wklej następujący tekst:

 

:OTL
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbnet.sys -- (ZTEusbnet)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\massfilter.sys -- (massfilter)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbdev.sys -- (hwusbdev)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | Boot | Stopped] -- System32\drivers\kqdfryn.sys -- (ayjmud)
IE - HKCU\..\URLSearchHook: {22dbe5ef-4a42-4a71-85db-502caed821fc} - No CLSID value found
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..extensions.enabledAddons: m3ffxtbr@mywebsearch.com:1.3
FF - prefs.js..extensions.enabledAddons: ffxtlbr@babylon.com:1.5.0
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2612669&SearchSource=2&q="
[2012-08-24 09:42:19 | 000,000,000 | ---D | M] (IMVU Inc Community Toolbar) -- C:\Documents and Settings\Jacek\Dane aplikacji\Mozilla\Firefox\Profiles\zg4jvt8i.default\extensions\{90b49673-5506-483e-b92b-ca0265bd9ca8}
[2012-08-30 17:10:15 | 000,000,000 | ---D | M] (Babylon) -- C:\Documents and Settings\Jacek\Dane aplikacji\Mozilla\Firefox\Profiles\zg4jvt8i.default\extensions\ffxtlbr@babylon.com
[2012-02-20 20:32:42 | 000,000,000 | ---D | M] (My Web Search) -- C:\Documents and Settings\Jacek\Dane aplikacji\Mozilla\Firefox\Profiles\zg4jvt8i.default\extensions\m3ffxtbr@mywebsearch.com
[2011-08-23 22:16:36 | 000,002,333 | ---- | M] () -- C:\Documents and Settings\Jacek\Dane aplikacji\Mozilla\Firefox\Profiles\zg4jvt8i.default\searchplugins\askcom.xml
[2011-10-26 21:21:44 | 000,009,932 | ---- | M] () -- C:\Documents and Settings\Jacek\Dane aplikacji\Mozilla\Firefox\Profiles\zg4jvt8i.default\searchplugins\mywebsearch.xml
[2010-11-29 21:47:37 | 000,002,374 | ---- | M] () -- C:\Documents and Settings\Jacek\Dane aplikacji\Mozilla\Firefox\Profiles\zg4jvt8i.default\searchplugins\search.xml
[2012-08-30 15:39:51 | 000,002,349 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
O2 - BHO: (no name) - {CCCADFDB-F59C-578E-34B0-4C80C69F0003} - c:\windows\system32\dll221.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {9AE277E9-32F4-46D5-94F4-20201609D1D0} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O4 - HKCU..\Run: [engel] C:\Documents and Settings\Jacek\Dane aplikacji\updates\updates.exe File not found
O4 - HKCU..\Run: [tuaca] C:\Documents and Settings\Jacek\tuaca.exe /d File not found
O4 - HKCU..\Run: [Windows Init] "C:\Documents and Settings\Jacek\Dane aplikacji\xwxa1zco1usyyzoiybsoxgfygdrqgqoi2\svcnost.exe" File not found
 
:Files
C:\Documents and Settings\Jacek\*.exe
C:\Documents and Settings\Jacek\*.com
C:\Documents and Settings\Jacek\Dane aplikacji\Mocyot
C:\Documents and Settings\Jacek\Dane aplikacji\Isonhi
C:\Documents and Settings\Jacek\Dane aplikacji\Giim
C:\Documents and Settings\Jacek\Dane aplikacji\msconfig.dat
C:\Documents and Settings\Jacek\Dane aplikacji\updates
C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\7174992b
C:\Documents and Settings\Jacek\Dane aplikacji\xwxa1zco1usyyzoiybsoxgfygdrqgqoi2
 
:Reg
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Shell"=-
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
[-HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{4fa67103-5daf-45a1-9ddb-236d1ff7a590}]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{4fa67103-5daf-45a1-9ddb-236d1ff7a590}]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{C2529EE5-9EED-412F-B3E2-6F2DE94E3FB1}]
 
:Commands
[emptytemp]

 

Adnotacja dla innych czytających: skrypt unikatowy - dopasowany tylko i wyłącznie pod ten system, proszę nie stosować na swoich systemach.

 

Kliknij w Wykonaj skrypt. Zatwierdź restart komputera.

 

2. Uruchom AdwCleaner z opcji Delete

 

3. System nie ma pliku HOSTS. Odbuduj go. Włącz pokazywanie rozszerzeń: w Panel sterowania > Opcje folderów > Widok > odznacz Ukrywaj rozszerzenia znanych typów. Otwórz Notatnik i wklej w nim:

 

127.0.0.1 localhost

 

Z menu Notatnika > Plik > Zapisz jako > Ustaw rozszerzenie na Wszystkie pliki > Zapisz pod nazwą hosts bez żadnego rozszerzenia

 

Plik wstaw do folderu C:\Windows\system32\drivers\etc.

 

4. Uruchamiasz OTL ponownie, tym razem wywołujesz opcję Skanuj. Pokazujesz nowy log z OTL (bez extras)

Edytowane przez picasso
17.10.2012 - Temat zostaje zamknięty z powodu braku odpowiedzi. //picasso
Odnośnik do komentarza
Gość
Ten temat został zamknięty. Brak możliwości dodania odpowiedzi.
  • Ostatnio przeglądający   0 użytkowników

    • Brak zarejestrowanych użytkowników przeglądających tę stronę.
×
×
  • Dodaj nową pozycję...