Ad adserverplus com

Piszę, ponieważ nie mam już siły.

Znalazłem kilka instrukcji na usunięcie ad adserverplus com i chyba coś robiłem źle, bo wyskakujące okna znowu mnie męczą.

OTS:

OTS logfile created on: 2012-10-27 16:00:53 - Run 2

OTS by OldTimer - Version 3.1.47.2 Folder = D:\Download

Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd


2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 37,00% Memory free

4,00 Gb Paging File | 3,00 Gb Available in Paging File | 66,00% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]


%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 19,53 Gb Total Space | 2,51 Gb Free Space | 12,86% Space Free | Partition Type: NTFS

Drive D: | 195,31 Gb Total Space | 71,59 Gb Free Space | 36,66% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

Drive F: | 18,03 Gb Total Space | 16,72 Gb Free Space | 92,71% Space Free | Partition Type: NTFS

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded


Computer Name: FTNK-4CE081241

Current User Name: FN

Logged in as Administrator.


Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days


[Processes - Safe List]

ots.exe -> D:\Download\OTS.exe -> [2012-10-27 15:56:13 | 000,646,656 | ---- | M] (OldTimer Tools)

firefox.exe -> D:\Program Files 2\Mozilla Firefox\firefox.exe -> [2012-10-11 03:04:29 | 000,917,984 | ---- | M] (Mozilla Corporation)

chrome.exe -> C:\Documents and Settings\KW\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe -> [2012-10-10 12:06:17 | 001,239,064 | ---- | M] (Google Inc.)

aqq.exe -> D:\Program Files 2\WapSter\WapSter AQQ\AQQ.exe -> [2012-10-08 13:53:06 | 010,833,408 | ---- | M] ()

jqs.exe -> C:\Program Files\Java\jre7\bin\jqs.exe -> [2012-09-24 23:12:59 | 000,161,768 | ---- | M] (Oracle Corporation)

googlecrashhandler.exe -> C:\Documents and Settings\KW\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.123\GoogleCrashHandler.exe -> [2012-09-17 07:13:20 | 000,212,432 | ---- | M] (Google Inc.)

avastui.exe -> C:\Program Files\AVAST Software\Avast\AvastUI.exe -> [2012-08-21 11:12:26 | 004,282,728 | ---- | M] (AVAST Software)

avastsvc.exe -> C:\Program Files\AVAST Software\Avast\AvastSvc.exe -> [2012-08-21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software)

ouc.exe -> C:\Documents and Settings\All Users\Dane aplikacji\PLAY ONLINE\OnlineUpdate\ouc.exe -> [2012-04-11 20:00:26 | 000,246,112 | ---- | M] ()

egazetast.exe -> D:\Program Files 2\e-Kiosk Reader\eGazetaST.exe -> [2011-09-21 13:57:50 | 001,690,624 | ---- | M] (e-Kiosk S.A.)

hwdeviceservice.exe -> C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\HWDeviceService.exe -> [2011-03-14 17:27:28 | 000,271,712 | ---- | M] ()

notepad++.exe -> D:\Program Files 2\Notepad++\notepad++.exe -> [2011-01-29 00:17:28 | 001,523,712 | ---- | M] (Don HO don.h@free.fr)

hijackthis.exe -> D:\Program Files 2\HiJackThis\Trend Micro\HiJackThis\HiJackThis.exe -> [2010-03-25 18:42:36 | 000,388,096 | ---- | M] (Trend Micro Inc.)

tlen.exe -> D:\Tlen.pl\tlen.exe -> [2009-01-17 16:48:08 | 005,853,672 | ---- | M] (o2.pl Sp. z o.o.)

explorer.exe -> C:\WINDOWS\explorer.exe -> [2008-04-14 19:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation)

nmindexstoresvr.exe -> C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe -> [2007-06-01 11:21:30 | 001,209,904 | ---- | M] (Nero AG)

nmbgmonitor.exe -> C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe -> [2007-06-01 11:21:08 | 000,153,136 | ---- | M] (Nero AG)


[Modules - No Company Name]

algo.dll -> C:\Program Files\AVAST Software\Avast\defs\12102700\algo.dll -> [2012-10-27 10:05:31 | 001,824,768 | ---- | M] ()

algo.dll -> C:\Program Files\AVAST Software\Avast\defs\12102601\algo.dll -> [2012-10-26 20:12:22 | 001,824,768 | ---- | M] ()

nppftp.dll -> D:\Program Files 2\Notepad++\plugins\NppFTP.dll -> [2012-10-21 21:09:07 | 001,673,728 | ---- | M] ()

mozjs.dll -> D:\Program Files 2\Mozilla Firefox\mozjs.dll -> [2012-10-11 03:04:42 | 002,294,240 | ---- | M] ()

ppgooglenaclpluginchrome.dll -> C:\Documents and Settings\KW\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\22.0.1229.94\ppgooglenaclpluginchrome.dll -> [2012-10-10 12:06:15 | 000,460,312 | ---- | M] ()

pepflashplayer.dll -> C:\Documents and Settings\KW\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\22.0.1229.94\PepperFlash\pepflashplayer.dll -> [2012-10-10 12:06:13 | 012,435,992 | ---- | M] ()

pdf.dll -> C:\Documents and Settings\KW\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\22.0.1229.94\pdf.dll -> [2012-10-10 12:06:12 | 004,005,912 | ---- | M] ()

avutil-51.dll -> C:\Documents and Settings\KW\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\22.0.1229.94\avutil-51.dll -> [2012-10-10 12:04:44 | 000,156,712 | ---- | M] ()

avformat-54.dll -> C:\Documents and Settings\KW\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\22.0.1229.94\avformat-54.dll -> [2012-10-10 12:04:43 | 000,275,496 | ---- | M] ()

avcodec-54.dll -> C:\Documents and Settings\KW\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\22.0.1229.94\avcodec-54.dll -> [2012-10-10 12:04:42 | 002,168,360 | ---- | M] ()

aqq.exe -> D:\Program Files 2\WapSter\WapSter AQQ\AQQ.exe -> [2012-10-08 13:53:06 | 010,833,408 | ---- | M] ()

ggnet.dll -> D:\Program Files 2\WapSter\WapSter AQQ\System\Shared\Plugins\GGNet.dll -> [2012-09-25 14:07:02 | 001,354,752 | ---- | M] ()

sms.dll -> D:\Program Files 2\WapSter\WapSter AQQ\System\Shared\Plugins\SMS.dll -> [2012-09-10 16:24:46 | 001,143,808 | ---- | M] ()

libglesv2.dll -> C:\Documents and Settings\KW\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\SwiftShader\1.0.1.3\libGLESv2.dll -> [2012-08-17 07:47:32 | 004,051,456 | ---- | M] ()

libegl.dll -> C:\Documents and Settings\KW\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\SwiftShader\1.0.1.3\libEGL.dll -> [2012-08-17 07:47:32 | 000,100,864 | ---- | M] ()

contact.dll -> D:\Program Files 2\WapSter\WapSter AQQ\System\Shared\Plugins\Contact.dll -> [2012-08-12 17:55:54 | 000,134,656 | ---- | M] ()

qtnetwork4.dll -> C:\Documents and Settings\All Users\Dane aplikacji\PLAY ONLINE\OnlineUpdate\QtNetwork4.dll -> [2012-04-11 20:00:28 | 001,148,416 | ---- | M] ()

qtxml4.dll -> C:\Documents and Settings\All Users\Dane aplikacji\PLAY ONLINE\OnlineUpdate\QtXml4.dll -> [2012-04-11 20:00:28 | 000,398,336 | ---- | M] ()

querystrategy.dll -> C:\Documents and Settings\All Users\Dane aplikacji\PLAY ONLINE\OnlineUpdate\QueryStrategy.dll -> [2012-04-11 20:00:28 | 000,384,512 | ---- | M] ()

qtcore4.dll -> C:\Documents and Settings\All Users\Dane aplikacji\PLAY ONLINE\OnlineUpdate\QtCore4.dll -> [2012-04-11 20:00:27 | 002,415,104 | ---- | M] ()

ouc.exe -> C:\Documents and Settings\All Users\Dane aplikacji\PLAY ONLINE\OnlineUpdate\ouc.exe -> [2012-04-11 20:00:26 | 000,246,112 | ---- | M] ()

libgcc_s_dw2-1.dll -> C:\Documents and Settings\All Users\Dane aplikacji\PLAY ONLINE\OnlineUpdate\libgcc_s_dw2-1.dll -> [2012-04-11 20:00:26 | 000,043,008 | ---- | M] ()

mingwm10.dll -> C:\Documents and Settings\All Users\Dane aplikacji\PLAY ONLINE\OnlineUpdate\mingwm10.dll -> [2012-04-11 20:00:26 | 000,011,362 | ---- | M] ()

npsignpluginbph.dll -> C:\Documents and Settings\KW\Dane aplikacji\Mozilla\Firefox\Profiles\h6n2v2r8.default\extensions\SignPlugin@bph.pl\plugins\NPSignPluginBPH.dll -> [2011-12-21 15:13:56 | 000,373,248 | ---- | M] ()

hwdeviceservice.exe -> C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\HWDeviceService.exe -> [2011-03-14 17:27:28 | 000,271,712 | ---- | M] ()

compareplugin.dll -> D:\Program Files 2\Notepad++\plugins\ComparePlugin.dll -> [2010-08-15 20:34:24 | 000,204,800 | ---- | M] ()

polish.dll -> D:\Tlen.pl\languages\polish.dll -> [2009-01-17 16:47:38 | 000,033,792 | ---- | M] ()

tlensms.tpl -> D:\Tlen.pl\plugins\TlenSMS.tpl -> [2009-01-06 13:55:46 | 000,061,464 | ---- | M] ()

video.tpl -> D:\Tlen.pl\plugins\Video.tpl -> [2008-12-23 16:11:32 | 000,195,096 | ---- | M] ()

voice.tpl -> D:\Tlen.pl\plugins\Voice.tpl -> [2008-12-22 15:32:06 | 000,093,720 | ---- | M] ()

libgadu.dll -> D:\Tlen.pl\libgadu.dll -> [2008-12-16 15:51:44 | 000,151,552 | ---- | M] ()

nppnetnote.dll -> D:\Program Files 2\Notepad++\plugins\NppNetNote.dll -> [2008-11-11 19:48:40 | 000,074,240 | ---- | M] ()

nppexport.dll -> D:\Program Files 2\Notepad++\plugins\NppExport.dll -> [2008-09-06 14:51:16 | 000,014,336 | ---- | M] ()

filetm.tpl -> D:\Tlen.pl\plugins\FileTM.tpl -> [2008-07-22 09:49:48 | 000,075,800 | ---- | M] ()

file.tpl -> D:\Tlen.pl\plugins\File.tpl -> [2008-07-22 09:49:40 | 000,106,520 | ---- | M] ()

hook.dll -> D:\Tlen.pl\hook.dll -> [2008-06-19 14:20:08 | 000,017,408 | ---- | M] ()

libutil2.dll -> D:\Tlen.pl\libutil2.dll -> [2008-06-19 14:15:54 | 000,030,720 | ---- | M] ()

libexpat2.dll -> D:\Tlen.pl\libexpat2.dll -> [2008-06-19 14:15:46 | 000,139,264 | ---- | M] ()

msdmo.dll -> C:\WINDOWS\system32\msdmo.dll -> [2008-04-14 19:20:37 | 000,014,336 | ---- | M] ()

tlenofon.tpl -> D:\Tlen.pl\plugins\Tlenofon.tpl -> [2008-01-15 16:57:06 | 000,349,720 | ---- | M] ()

libutil.dll -> D:\Tlen.pl\libutil.dll -> [2007-10-05 15:00:58 | 000,181,248 | ---- | M] ()

libtidy.dll -> D:\Program Files 2\Notepad++\plugins\Config\tidy\libTidy.dll -> [2007-08-05 03:10:52 | 000,250,368 | ---- | M] ()

libexpat.dll -> D:\Tlen.pl\libs\libexpat.dll -> [2005-11-18 11:33:58 | 000,054,784 | ---- | M] ()

stlpmt45.dll -> D:\Tlen.pl\stlpmt45.dll -> [2003-01-30 06:04:00 | 000,618,496 | ---- | M] ()

pdfcmnnt.dll -> C:\WINDOWS\system32\pdfcmnnt.dll -> [2001-10-28 18:42:30 | 000,116,224 | ---- | M] ()


[Win32 Services - Safe List]

(HWDeviceService.exe) HWDeviceService.exe [Auto | Running] -> -> File not found

(AppMgmt) Zarządzanie aplikacjami [On_Demand | Stopped] -> -> File not found

(MozillaMaintenance) Mozilla Maintenance Service [On_Demand | Stopped] -> C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -> [2012-10-11 03:04:37 | 000,115,168 | ---- | M] (Mozilla Foundation)

(AdobeFlashPlayerUpdateSvc) Adobe Flash Player Update Service [On_Demand | Stopped] -> C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -> [2012-10-09 17:33:12 | 000,250,808 | ---- | M] (Adobe Systems Incorporated)

(JavaQuickStarterService) Java Quick Starter [Auto | Running] -> C:\Program Files\Java\jre7\bin\jqs.exe -> [2012-09-24 23:12:59 | 000,161,768 | ---- | M] (Oracle Corporation)

(avast! Antivirus) avast! Antivirus [Auto | Running] -> C:\Program Files\AVAST Software\Avast\AvastSvc.exe -> [2012-08-21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software)

(PLAY ONLINE. RunOuc) PLAY ONLINE. OUC [Auto | Stopped] -> C:\Program Files\PLAY ONLINE\UpdateDog\ouc.exe -> [2012-04-11 20:00:26 | 000,246,112 | ---- | M] ()


[Driver Services - Safe List]

(MBAMSwissArmy) MBAMSwissArmy [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\mbamswissarmy.sys -> [2012-10-14 10:09:49 | 000,040,776 | ---- | M] (Malwarebytes Corporation)

(aswSnx) aswSnx [File_System | System | Running] -> C:\WINDOWS\System32\drivers\aswSnx.sys -> [2012-08-21 11:13:15 | 000,729,752 | ---- | M] (AVAST Software)

(aswSP) aswSP [Kernel | System | Running] -> C:\WINDOWS\System32\drivers\aswSP.sys -> [2012-08-21 11:13:15 | 000,355,632 | ---- | M] (AVAST Software)

(aswTdi) avast! Network Shield Support [Kernel | System | Running] -> C:\WINDOWS\System32\drivers\aswTdi.sys -> [2012-08-21 11:13:15 | 000,054,232 | ---- | M] (AVAST Software)

(aswMon2) avast! Standard Shield Support [File_System | Auto | Running] -> C:\WINDOWS\System32\drivers\aswmon2.sys -> [2012-08-21 11:13:14 | 000,097,608 | ---- | M] (AVAST Software)

(aswRdr) aswRdr [Kernel | System | Running] -> C:\WINDOWS\System32\drivers\aswRdr.sys -> [2012-08-21 11:13:14 | 000,035,928 | ---- | M] (AVAST Software)

(aswKbd) aswKbd [Kernel | System | Running] -> C:\WINDOWS\System32\drivers\aswKbd.sys -> [2012-08-21 11:13:14 | 000,018,544 | ---- | M] (AVAST Software)

(Aavmker4) avast! Asynchronous Virus Monitor [Kernel | System | Running] -> C:\WINDOWS\System32\drivers\aavmker4.sys -> [2012-08-21 11:13:13 | 000,025,256 | ---- | M] (AVAST Software)

(aswFsBlk) aswFsBlk [File_System | Auto | Running] -> C:\WINDOWS\System32\drivers\aswFsBlk.sys -> [2012-08-21 11:13:13 | 000,021,256 | ---- | M] (AVAST Software)

(ew_hwusbdev) Huawei MobileBroadband USB PNP Device [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\ew_hwusbdev.sys -> [2012-04-11 20:00:29 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.)

(huawei_enumerator) huawei_enumerator [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\ew_jubusenum.sys -> [2012-04-11 20:00:29 | 000,073,216 | ---- | M] (Huawei Technologies Co., Ltd.)

(tap0901) TAP-Win32 Adapter V9 [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\tap0901.sys -> [2011-07-01 02:46:40 | 000,026,624 | ---- | M] (The OpenVPN Project)

(MHIKEY10) MHIKEY10 [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\MHIKEY10.sys -> [2011-02-10 04:34:22 | 000,051,968 | ---- | M] (Generic USB smartcard reader)

(IntcAzAudAddService) Service for Realtek HD Audio (WDM) [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\RtkHDAud.sys -> [2006-12-21 10:00:00 | 004,405,248 | R--- | M] (Realtek Semiconductor Corp.)

(AtcL001) NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\atl01_xp.sys -> [2006-10-31 21:10:06 | 000,035,840 | R--- | M] (Attansic Technology corporation.)

(MTsensor) ATK0110 ACPI UTILITY [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\ASACPI.sys -> [2004-08-13 20:56:20 | 000,005,810 | R--- | M] ()


[Registry - Safe List]

< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> 

< Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> 

HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 -> 

< Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> 

HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 -> 

< Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> 

< Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> 

< Internet Explorer Settings [HKEY_USERS\S-1-5-21-1715567821-602609370-725345543-1004\] > -> -> 

HKEY_USERS\S-1-5-21-1715567821-602609370-725345543-1004\: Main\\"Secondary Start Pages" -> [Binary data over 100 bytes] -> 

HKEY_USERS\S-1-5-21-1715567821-602609370-725345543-1004\: Main\\"Start Page" -> about:blank -> 

HKEY_USERS\S-1-5-21-1715567821-602609370-725345543-1004\: "ProxyEnable" -> 0 -> 

< FireFox Settings [Prefs.js] > -> C:\Documents and Settings\KW\Dane aplikacji\Mozilla\FireFox\Profiles\h6n2v2r8.default\prefs.js -> 

browser.startup.homepage -> "http://www.onet.pl/|http://www.interia.pl/|http://www.wp.pl/" ->

< FireFox Settings [User.js] > -> C:\Documents and Settings\KW\Dane aplikacji\Mozilla\FireFox\Profiles\h6n2v2r8.default\user.js -> 

< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla

HKLM\software\mozilla\Firefox\Extensions -> -> 

HKLM\software\mozilla\Firefox\Extensions\\wrc@avast.com -> C:\Program Files\AVAST Software\Avast\WebRep\FF [C] -> [2012-08-26 20:09:40 | 000,000,000 | ---D | M]

HKLM\software\mozilla\Mozilla Firefox 16.0.1\extensions -> -> 

HKLM\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components -> D:\Program Files 2\Mozilla Firefox\components [D] -> [2012-10-23 10:59:10 | 000,000,000 | ---D | M]

HKLM\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins -> D:\PROGRAM FILES 2\MOZILLA FIREFOX\PLUGINS -> 

< FireFox Extensions [User Folders] > -> 

  -> C:\Documents and Settings\KW\Dane aplikacji\Mozilla\Extensions -> [2011-10-30 18:35:09 | 000,000,000 | ---D | M]

  -> C:\Documents and Settings\KW\Dane aplikacji\Mozilla\Firefox\Profiles\h6n2v2r8.default\extensions -> [2012-10-23 08:22:24 | 000,000,000 | ---D | M]

  -> C:\Documents and Settings\KW\Dane aplikacji\Mozilla\Firefox\Profiles\h6n2v2r8.default\extensions\bbrs_002@blabbers.com -> [2012-04-19 20:46:49 | 000,000,000 | ---D | M]

  -> C:\Documents and Settings\KW\Dane aplikacji\Mozilla\Firefox\Profiles\h6n2v2r8.default\extensions\SignPlugin@bph.pl -> [2012-07-04 20:41:15 | 000,000,000 | ---D | M]

< FireFox SearchPlugins [User Folders] > -> 

< FireFox Extensions [Program Folders] > -> 

Browser Companion Helper -> C:\DOCUMENTS AND SETTINGS\KW\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\H6N2V2R8.DEFAULT\EXTENSIONS\BBRS_002@BLABBERS.COM -> [2012-04-19 20:46:49 | 000,000,000 | ---D | M]

BPH Sign Plugin -> C:\DOCUMENTS AND SETTINGS\KW\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\H6N2V2R8.DEFAULT\EXTENSIONS\SIGNPLUGIN@BPH.PL -> [2012-07-04 20:41:15 | 000,000,000 | ---D | M]

avast! WebRep -> C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF -> [2012-08-26 20:09:40 | 000,000,000 | ---D | M]

< HOSTS File > ([2006-03-02 14:00:00 | 000,000,742 | ---- | M] - 19 lines) -> C:\WINDOWS\system32\drivers\etc\hosts -> 

Reset Hosts

127.0.0.1 localhost

< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> 

{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> d:\Program Files 2\Spybot - Search & Destroy\SDHelper.dll [Spybot-S&D IE Protection] -> [2009-01-26 15:31:02 | 001,879,896 | ---- | M] (Safer Networking Limited)

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> C:\Program Files\Java\jre7\bin\ssv.dll [Java(tm) Plug-In SSV Helper] -> [2012-09-25 00:02:30 | 000,449,512 | ---- | M] (Oracle Corporation)

{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} [HKLM] -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [avast! WebRep] -> [2012-08-21 11:12:16 | 001,227,224 | ---- | M] (AVAST Software)

{DBC80044-A445-435b-BC74-9C25C1C588A9} [HKLM] -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [Java(tm) Plug-In 2 SSV Helper] -> [2012-09-25 00:02:30 | 000,155,384 | ---- | M] (Oracle Corporation)

< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> 

"{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}" [HKLM] -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [avast! WebRep] -> [2012-08-21 11:12:16 | 001,227,224 | ---- | M] (AVAST Software)

< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 

"Alcmtr" -> C:\WINDOWS\Alcmtr.exe [ALCMTR.EXE] -> [2005-05-03 10:00:00 | 000,069,632 | R--- | M] (Realtek Semiconductor Corp.)

"APSDaemon" -> C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe ["C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"] -> [2011-11-02 00:25:58 | 000,059,240 | ---- | M] (Apple Inc.)

"avast" -> C:\Program Files\AVAST Software\Avast\avastUI.exe ["C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui] -> [2012-08-21 11:12:26 | 004,282,728 | ---- | M] (AVAST Software)

"BluetoothAuthenticationAgent" -> C:\WINDOWS\System32\bthprops.cpl [rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent] -> [2008-04-14 19:21:52 | 000,110,592 | ---- | M] (Microsoft Corporation)

"e-Kiosk" -> d:\Program Files 2\e-Kiosk Reader\eGazetaST.exe ["d:\Program Files 2\e-Kiosk Reader\eGazetaST.exe"] -> [2011-09-21 13:57:50 | 001,690,624 | ---- | M] (e-Kiosk S.A.)

"NeroFilterCheck" -> C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [C] -> [2007-03-01 16:57:24 | 000,153,136 | ---- | M] (Nero AG)

"UpdatePDRShortCut" -> d:\Program Files 2\CyberLink\PowerDirector\PowerDirector\MUITransfer\MUIStartMenu.exe ["d:\Program Files 2\CyberLink\PowerDirector\PowerDirector\MUITransfer\MUIStartMenu.exe" "d:\Program Files 2\CyberLink\PowerDirector\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\9.0"] -> [2009-05-19 22:16:16 | 000,222,504 | ---- | M] (CyberLink Corp.)

< Run [HKEY_USERS\S-1-5-21-1715567821-602609370-725345543-1004\] > -> HKEY_USERS\S-1-5-21-1715567821-602609370-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 

"AQQ" -> D:\Program Files 2\WapSter\WapSter AQQ\AQQ.exe [D] -> [2012-10-08 13:53:06 | 010,833,408 | ---- | M] ()

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" -> C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe ["C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"] -> [2007-06-01 11:21:08 | 000,153,136 | ---- | M] (Nero AG)

"SpybotSD TeaTimer" -> d:\Program Files 2\Spybot - Search & Destroy\TeaTimer.exe [d] -> [2009-01-26 15:31:16 | 002,144,088 | ---- | M] (Safer Networking Limited)

"Tlen.pl" -> D:\Program Files 2\Tlen7\tlen7.exe [D] -> [2011-04-11 15:40:12 | 000,082,432 | ---- | M] ()

< All Users Startup Folder > -> C:\Documents and Settings\All Users\Menu Start\Programy\Autostart -> 

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe -> [2002-09-13 13:09:58 | 000,113,664 | ---- | M] (Adobe Systems, Inc.)

< Default User Startup Folder > -> C:\Documents and Settings\Default User\Menu Start\Programy\Autostart -> 

< Gosc Startup Folder > -> C:\Documents and Settings\Gosc\Menu Start\Programy\Autostart -> 

< KW Startup Folder > -> C:\Documents and Settings\KW\Menu Start\Programy\Autostart -> 

< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer

\\"HonorAutoRunSetting" -> [1] -> File not found

< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System

< CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer

\\"NoDriveTypeAutoRun" -> [145] -> File not found

< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 

HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer

\\"NoDriveTypeAutoRun" -> [145] -> File not found

< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 

HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer

\\"NoDriveTypeAutoRun" -> [145] -> File not found

< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 

HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer

\\"NoDriveTypeAutoRun" -> [145] -> File not found

< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1715567821-602609370-725345543-1004] > -> HKEY_USERS\S-1-5-21-1715567821-602609370-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 

HKEY_USERS\S-1-5-21-1715567821-602609370-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer

\\"NoDriveTypeAutoRun" -> [145] -> File not found

< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1715567821-602609370-725345543-1004] > -> HKEY_USERS\S-1-5-21-1715567821-602609370-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 

< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> 

{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}:{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> d:\Program Files 2\Spybot - Search & Destroy\SDHelper.dll [Menu] -> [2009-01-26 15:31:02 | 001,879,896 | ---- | M] (Safer Networking Limited)

< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> 

< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix

"" -> http://

< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> 

< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 

< Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 

< Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 

< Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 

HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 

< Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 

HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 

< Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 

HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 

< Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 

HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 

< Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 

HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 

< Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 

HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 

< Trusted Sites Domains [HKEY_USERS\S-1-5-21-1715567821-602609370-725345543-1004\] > -> HKEY_USERS\S-1-5-21-1715567821-602609370-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 

HKEY_USERS\S-1-5-21-1715567821-602609370-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 

< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-1715567821-602609370-725345543-1004\] > -> HKEY_USERS\S-1-5-21-1715567821-602609370-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 

HKEY_USERS\S-1-5-21-1715567821-602609370-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 

< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> 

{7530BFB8-7293-4D34-9923-61A11451AFC5} [HKLM] -> http://download.eset.com/special/eos/OnlineScanner.cab [Reg Error: Key error.] -> 

{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab [Reg Error: Value error.] -> 

{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab [Java Plug-in 1.6.0_31] -> 

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab [Java Plug-in 1.6.0_31] -> 

{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab [Shockwave Flash Object] -> 

< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> 

DhcpNameServer -> 192.168.0.1 -> 

< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> 

{7D767AA8-0B41-41E2-B409-5ABDA68E4B4A}\\DhcpNameServer -> 192.168.0.1 (Attansic L1 Gigabit Ethernet 10/100/1000Base-T Controller) -> 

< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 

*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> 

Explorer.exe -> C:\WINDOWS\explorer.exe -> [2008-04-14 19:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation)

*MultiFile Done* -> -> 

*UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> 

C:\WINDOWS\system32\userinit.exe -> C:\WINDOWS\system32\userinit.exe -> [2008-04-14 19:21:45 | 000,026,624 | ---- | M] (Microsoft Corporation)

*MultiFile Done* -> -> 

< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List -> 

< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> 

"C:\Documents and Settings\KW\Ustawienia lokalne\Temp\CProgram FilesOpera\OperaUpgrader.exe" -> [C] -> File not found

"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" -> C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe [C] -> [2011-11-02 00:26:24 | 000,014,184 | ---- | M] (Apple Inc.)

"C:\Program Files\Opera\opera.exe" -> C:\Program Files\Opera\opera.exe [C] -> [2012-09-04 19:42:37 | 000,874,896 | ---- | M] (Opera Software)

"C:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe" -> [C] -> File not found

"D:\Program Files 2\eMule\emule.exe" -> [D] -> File not found

"D:\Program Files 2\Tlen7\tlen7.exe" -> D:\Program Files 2\Tlen7\tlen7.exe [D] -> [2011-04-11 15:40:12 | 000,082,432 | ---- | M] ()

"D:\Program Files 2\WapSter\WapSter AQQ\AQQ.exe" -> D:\Program Files 2\WapSter\WapSter AQQ\AQQ.exe [D] -> [2012-10-08 13:53:06 | 010,833,408 | ---- | M] ()

"D:\Program Files 2\WapStery\WAPSTE~1\AQQ.exe" -> D:\Program Files 2\WapStery\WAPSTE~1\AQQ.exe [D] -> [2011-11-28 15:28:02 | 010,211,328 | ---- | M] (Creative Team S.A.)

"D:\Program Files2\Gadu-Gadu 10\gg.exe" -> D:\Program Files2\Gadu-Gadu 10\gg.exe [D] -> [2011-07-04 19:45:30 | 013,374,048 | ---- | M] (GG Network S.A.)

"D:\Program Files2\Gadu-Gadu\gg.exe" -> D:\Program Files2\Gadu-Gadu\gg.exe [D] -> [2007-07-09 09:39:12 | 002,119,104 | ---- | M] (Gadu-Gadu S.A.)

"D:\Program Files2\Gadu-Gadu-6\gg.exe" -> D:\Program Files2\Gadu-Gadu-6\gg.exe [D] -> [2008-02-08 23:09:43 | 000,745,472 | ---- | M] (sms-express.com)

"D:\Tlen.pl\tlen.exe" -> D:\Tlen.pl\tlen.exe [D] -> [2009-01-17 16:48:08 | 005,853,672 | ---- | M] (o2.pl Sp. z o.o.)

"E:\EasySetupAssistant\wr741n\EasySetupAssistant.exe" -> [E] -> File not found

< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> 

< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->

"AutoRun" -> 1 -> 

"DisplayName" -> Sterownik stacji dysków CD-ROM -> 

"ImagePath" -> [system32\DRIVERS\cdrom.sys] -> File not found

< Drives with AutoRun files > -> -> 

C:\AUTOEXEC.BAT [] -> C:\AUTOEXEC.BAT [NTFS] -> [2011-10-30 17:24:39 | 000,000,000 | ---- | M] ()

< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> 

\{24f602e0-8409-11e1-a813-001e101f5224}

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{24f602e0-8409-11e1-a813-001e101f5224}\Shell

\{24f602e0-8409-11e1-a813-001e101f5224}\Shell\\"" -> [AutoRun] -> File not found

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{24f602e0-8409-11e1-a813-001e101f5224}\Shell\AutoRun\command

\{24f602e0-8409-11e1-a813-001e101f5224}\Shell\AutoRun\command\\"" -> [G] -> File not found

\{24f602e2-8409-11e1-a813-001e101f5224}

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{24f602e2-8409-11e1-a813-001e101f5224}\Shell

\{24f602e2-8409-11e1-a813-001e101f5224}\Shell\\"" -> [AutoRun] -> File not found

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{24f602e2-8409-11e1-a813-001e101f5224}\Shell\AutoRun\command

\{24f602e2-8409-11e1-a813-001e101f5224}\Shell\AutoRun\command\\"" -> [G] -> File not found

\{24f602e5-8409-11e1-a813-001bfcc95002}

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{24f602e5-8409-11e1-a813-001bfcc95002}\Shell

\{24f602e5-8409-11e1-a813-001bfcc95002}\Shell\\"" -> [AutoRun] -> File not found

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{24f602e5-8409-11e1-a813-001bfcc95002}\Shell\AutoRun\command

\{24f602e5-8409-11e1-a813-001bfcc95002}\Shell\AutoRun\command\\"" -> [G] -> File not found

\{c5303576-83fc-11e1-a812-001bfcc95002}

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c5303576-83fc-11e1-a812-001bfcc95002}\Shell

\{c5303576-83fc-11e1-a812-001bfcc95002}\Shell\\"" -> [AutoRun] -> File not found

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c5303576-83fc-11e1-a812-001bfcc95002}\Shell\AutoRun\command

\{c5303576-83fc-11e1-a812-001bfcc95002}\Shell\AutoRun\command\\"" -> [G] -> File not found

< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> 

comfile [open] -> "%1" %* -> 

exefile [open] -> "%1" %* -> 

< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\ -> 

.com [@ = comfile] -> "%1" %* -> 

.exe [@ = exefile] -> "%1" %* -> 



[Files/Folders - Created Within 30 Days]

 DriverCure -> C:\Documents and Settings\KW\Dane aplikacji\DriverCure -> [2012-10-27 15:31:05 | 000,000,000 | ---D | C]

 SpeedyPC Software -> C:\Documents and Settings\KW\Dane aplikacji\SpeedyPC Software -> [2012-10-27 15:31:04 | 000,000,000 | ---D | C]

 SpeedyPC Software -> C:\Documents and Settings\KW\Menu Start\Programy\SpeedyPC Software -> [2012-10-27 15:30:58 | 000,000,000 | ---D | C]

 SpeedyPC Software -> C:\Program Files\Common Files\SpeedyPC Software -> [2012-10-27 15:30:54 | 000,000,000 | ---D | C]

 SpeedyPC Software -> C:\Documents and Settings\All Users\Dane aplikacji\SpeedyPC Software -> [2012-10-27 15:30:50 | 000,000,000 | ---D | C]

 Mozilla Maintenance Service -> C:\Program Files\Mozilla Maintenance Service -> [2012-10-23 10:59:12 | 000,000,000 | ---D | C]

 Recent -> C:\Documents and Settings\KW\Recent -> [2012-10-23 09:55:34 | 000,000,000 | RH-D | C]

 javaw.exe -> C:\WINDOWS\System32\javaw.exe -> [2012-10-17 09:00:35 | 000,174,056 | ---- | C] (Oracle Corporation)

 java.exe -> C:\WINDOWS\System32\java.exe -> [2012-10-17 09:00:35 | 000,174,056 | ---- | C] (Oracle Corporation)

 WindowsAccessBridge.dll -> C:\WINDOWS\System32\WindowsAccessBridge.dll -> [2012-10-17 09:00:35 | 000,093,672 | ---- | C] (Oracle Corporation)

 Spybot - Search & Destroy -> C:\Documents and Settings\All Users\Menu Start\Programy\Spybot - Search & Destroy -> [2012-10-14 10:42:05 | 000,000,000 | ---D | C]

 Spybot - Search & Destroy -> C:\Documents and Settings\All Users\Dane aplikacji\Spybot - Search & Destroy -> [2012-10-14 10:41:58 | 000,000,000 | ---D | C]

 FreeFixer -> C:\Documents and Settings\KW\Ustawienia lokalne\Dane aplikacji\FreeFixer -> [2012-10-14 10:28:00 | 000,000,000 | ---D | C]

 FreeFixer -> C:\Documents and Settings\KW\Dane aplikacji\FreeFixer -> [2012-10-14 10:28:00 | 000,000,000 | ---D | C]

 mbamswissarmy.sys -> C:\WINDOWS\System32\drivers\mbamswissarmy.sys -> [2012-10-14 10:09:49 | 000,040,776 | ---- | C] (Malwarebytes Corporation)

 avast! Pro Antivirus -> C:\Documents and Settings\All Users\Menu Start\Programy\avast! Pro Antivirus -> [2012-10-10 22:15:25 | 000,000,000 | ---D | C]

 aswKbd.sys -> C:\WINDOWS\System32\drivers\aswKbd.sys -> [2012-10-10 22:15:24 | 000,018,544 | ---- | C] (AVAST Software)

 Rozliczenie Roczne 2010 -> C:\Rozliczenie Roczne 2010 -> [2012-10-03 11:28:31 | 000,000,000 | ---D | C]

 Program Pit 2008 - rozliczenie roczne -> C:\Documents and Settings\All Users\Menu Start\Programy\Program Pit 2008 - rozliczenie roczne -> [2012-10-03 10:41:21 | 000,000,000 | ---D | C]

 Gofin -> C:\Program Files\Gofin -> [2012-10-03 10:41:19 | 000,000,000 | ---D | C]

 Rozliczenie Roczne 2007 -> C:\Rozliczenie Roczne 2007 -> [2012-10-02 21:15:02 | 000,000,000 | ---D | C]

 PITy2006 -> C:\Documents and Settings\All Users\Menu Start\Programy\PITy2006 -> [2012-10-02 12:55:58 | 000,000,000 | ---D | C]

 PITy2006 -> C:\Program Files\PITy2006 -> [2012-10-02 12:55:53 | 000,000,000 | ---D | C]

 e-Deklaracje-wtyczka_v2-0-1.exe -> C:\Program Files\e-Deklaracje-wtyczka_v2-0-1.exe -> [2012-03-07 21:15:27 | 000,485,560 | ---- | C] (Ministerstwo Finansów )

 5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> 

 1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> 


[Files/Folders - Modified Within 30 Days]

 Adobe Flash Player Updater.job -> C:\WINDOWS\tasks\Adobe Flash Player Updater.job -> [2012-10-27 15:33:00 | 000,000,930 | ---- | M] ()

 SpeedyPC Registration3.job -> C:\WINDOWS\tasks\SpeedyPC Registration3.job -> [2012-10-27 15:31:10 | 000,000,462 | ---- | M] ()

 SpeedyPC Pro.lnk -> C:\Documents and Settings\KW\Pulpit\SpeedyPC Pro.lnk -> [2012-10-27 15:30:58 | 000,000,722 | ---- | M] ()

 SpeedyPC Update Version3 Startup Task.job -> C:\WINDOWS\tasks\SpeedyPC Update Version3 Startup Task.job -> [2012-10-27 15:30:58 | 000,000,486 | ---- | M] ()

 SpeedyPC Update Version3.job -> C:\WINDOWS\tasks\SpeedyPC Update Version3.job -> [2012-10-27 15:30:58 | 000,000,434 | ---- | M] ()

 SpeedyPC Pro.job -> C:\WINDOWS\tasks\SpeedyPC Pro.job -> [2012-10-27 15:30:57 | 000,000,398 | ---- | M] ()

 GoogleUpdateTaskUserS-1-5-21-1715567821-602609370-725345543-1004UA.job -> C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1715567821-602609370-725345543-1004UA.job -> [2012-10-27 15:18:00 | 000,001,120 | ---- | M] ()

 wincmd.ini -> C:\WINDOWS\wincmd.ini -> [2012-10-27 10:06:26 | 000,003,052 | ---- | M] ()

 wcx_ftp.ini -> C:\WINDOWS\wcx_ftp.ini -> [2012-10-27 09:36:03 | 000,000,905 | ---- | M] ()

 avast! Emergency Update.job -> C:\WINDOWS\tasks\avast! Emergency Update.job -> [2012-10-27 08:46:54 | 000,000,308 | -H-- | M] ()

 bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2012-10-27 08:46:22 | 000,002,048 | --S- | M] ()

 GoogleUpdateTaskUserS-1-5-21-1715567821-602609370-725345543-1004Core.job -> C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1715567821-602609370-725345543-1004Core.job -> [2012-10-25 07:18:00 | 000,001,068 | ---- | M] ()

 Mozilla Firefox.lnk -> C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk -> [2012-10-23 10:59:14 | 000,000,616 | ---- | M] ()

 Norton Security Scan for KW.job -> C:\WINDOWS\tasks\Norton Security Scan for KW.job -> [2012-10-23 09:24:36 | 000,000,430 | -H-- | M] ()

 AppleSoftwareUpdate.job -> C:\WINDOWS\tasks\AppleSoftwareUpdate.job -> [2012-10-20 20:11:06 | 000,000,284 | ---- | M] ()

 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Documents and Settings\KW\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2012-10-20 18:59:42 | 000,153,088 | ---- | M] ()

 Spybot - Search & Destroy.lnk -> C:\Documents and Settings\KW\Pulpit\Spybot - Search & Destroy.lnk -> [2012-10-14 10:42:05 | 000,000,803 | ---- | M] ()

 mbamswissarmy.sys -> C:\WINDOWS\System32\drivers\mbamswissarmy.sys -> [2012-10-14 10:09:49 | 000,040,776 | ---- | M] (Malwarebytes Corporation)

 wpa.dbl -> C:\WINDOWS\System32\wpa.dbl -> [2012-10-12 14:43:48 | 000,013,756 | ---- | M] ()

 avast! Pro Antivirus.lnk -> C:\Documents and Settings\All Users\Pulpit\avast! Pro Antivirus.lnk -> [2012-10-10 22:15:26 | 000,001,689 | ---- | M] ()

 CONFIG.NT -> C:\WINDOWS\System32\CONFIG.NT -> [2012-10-10 22:15:24 | 000,002,644 | ---- | M] ()

 FlashPlayerApp.exe -> C:\WINDOWS\System32\FlashPlayerApp.exe -> [2012-10-09 17:33:12 | 000,696,760 | ---- | M] (Adobe Systems Incorporated)

 FlashPlayerCPLApp.cpl -> C:\WINDOWS\System32\FlashPlayerCPLApp.cpl -> [2012-10-09 17:33:12 | 000,073,656 | ---- | M] (Adobe Systems Incorporated)

 pit2007.ini -> C:\WINDOWS\pit2007.ini -> [2012-10-04 10:04:48 | 000,000,021 | ---- | M] ()

 pit2008.ini -> C:\WINDOWS\pit2008.ini -> [2012-10-03 10:41:34 | 000,000,079 | ---- | M] ()

 Angola wniosek.odt -> C:\Documents and Settings\KW\Moje dokumenty\Angola wniosek.odt -> [2012-09-30 10:35:51 | 000,043,188 | ---- | M] ()

 5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> 

 1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> 


[Files - No Company Name]

 SpeedyPC Registration3.job -> C:\WINDOWS\tasks\SpeedyPC Registration3.job -> [2012-10-27 15:31:08 | 000,000,462 | ---- | C] ()

 SpeedyPC Pro.lnk -> C:\Documents and Settings\KW\Pulpit\SpeedyPC Pro.lnk -> [2012-10-27 15:30:58 | 000,000,722 | ---- | C] ()

 SpeedyPC Update Version3 Startup Task.job -> C:\WINDOWS\tasks\SpeedyPC Update Version3 Startup Task.job -> [2012-10-27 15:30:57 | 000,000,486 | ---- | C] ()

 SpeedyPC Update Version3.job -> C:\WINDOWS\tasks\SpeedyPC Update Version3.job -> [2012-10-27 15:30:57 | 000,000,434 | ---- | C] ()

 SpeedyPC Pro.job -> C:\WINDOWS\tasks\SpeedyPC Pro.job -> [2012-10-27 15:30:56 | 000,000,398 | ---- | C] ()

 Mozilla Firefox.lnk -> C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk -> [2012-10-23 10:59:14 | 000,000,616 | ---- | C] ()

 Mozilla Firefox.lnk -> C:\Documents and Settings\All Users\Menu Start\Programy\Mozilla Firefox.lnk -> [2012-10-23 10:59:14 | 000,000,616 | ---- | C] ()

 Spybot - Search & Destroy.lnk -> C:\Documents and Settings\KW\Pulpit\Spybot - Search & Destroy.lnk -> [2012-10-14 10:42:05 | 000,000,803 | ---- | C] ()

 avast! Pro Antivirus.lnk -> C:\Documents and Settings\All Users\Pulpit\avast! Pro Antivirus.lnk -> [2012-10-10 22:15:26 | 000,001,689 | ---- | C] ()

 pit2008.ini -> C:\WINDOWS\pit2008.ini -> [2012-10-03 10:41:34 | 000,000,079 | ---- | C] ()

 pit2007.ini -> C:\WINDOWS\pit2007.ini -> [2012-10-03 10:41:34 | 000,000,021 | ---- | C] ()

 C4dll.dll -> C:\WINDOWS\System32\C4dll.dll -> [2012-09-25 20:08:15 | 000,560,404 | ---- | C] ()

 mspen.ini -> C:\WINDOWS\mspen.ini -> [2012-09-25 20:08:15 | 000,000,086 | ---- | C] ()

 unins001.exe -> C:\WINDOWS\unins001.exe -> [2012-04-11 21:16:35 | 000,683,801 | ---- | C] ()

 unins001.dat -> C:\WINDOWS\unins001.dat -> [2012-04-11 21:16:35 | 000,000,894 | ---- | C] ()

 unins000.exe -> C:\Documents and Settings\KW\Ustawienia lokalne\Dane aplikacji\unins000.exe -> [2012-03-19 21:04:59 | 000,707,504 | ---- | C] ()

 unins000.msg -> C:\Documents and Settings\KW\Ustawienia lokalne\Dane aplikacji\unins000.msg -> [2012-03-07 21:15:54 | 000,011,761 | ---- | C] ()

 unins000.dat -> C:\Documents and Settings\KW\Ustawienia lokalne\Dane aplikacji\unins000.dat -> [2012-03-07 21:15:54 | 000,005,614 | ---- | C] ()

 PhotoSnapViewer.INI -> C:\WINDOWS\PhotoSnapViewer.INI -> [2011-12-18 18:41:28 | 000,000,151 | ---- | C] ()

 unrar.dll -> C:\WINDOWS\System32\unrar.dll -> [2011-11-30 19:04:38 | 000,165,376 | ---- | C] ()

 bwmedia.dll -> C:\WINDOWS\System32\bwmedia.dll -> [2011-11-27 15:50:32 | 000,150,016 | ---- | C] ()

 unins000.dat -> C:\WINDOWS\unins000.dat -> [2011-11-20 10:59:45 | 000,001,228 | ---- | C] ()

 iyvu9_32.dll -> C:\WINDOWS\System32\iyvu9_32.dll -> [2011-11-18 21:38:28 | 000,056,320 | ---- | C] ()

 NeroDigital.ini -> C:\WINDOWS\NeroDigital.ini -> [2011-11-14 23:14:21 | 000,000,069 | ---- | C] ()

 d3d9caps.dat -> C:\WINDOWS\System32\d3d9caps.dat -> [2011-11-06 15:21:00 | 000,000,664 | ---- | C] ()

 pdfcmnnt.dll -> C:\WINDOWS\System32\pdfcmnnt.dll -> [2011-11-05 10:50:47 | 000,116,224 | ---- | C] ()

 mlfcache.dat -> C:\WINDOWS\System32\mlfcache.dat -> [2011-11-02 20:29:12 | 000,019,532 | -H-- | C] ()

 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Documents and Settings\KW\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2011-11-01 20:35:01 | 000,153,088 | ---- | C] ()

 wcx_ftp.ini -> C:\WINDOWS\wcx_ftp.ini -> [2011-10-30 19:31:31 | 000,000,905 | ---- | C] ()

 wincmd.ini -> C:\WINDOWS\wincmd.ini -> [2011-10-30 19:25:09 | 000,003,052 | ---- | C] ()

 ChCfg.exe -> C:\WINDOWS\System32\ChCfg.exe -> [2011-10-30 19:16:50 | 000,049,152 | R--- | C] ()

 ODBCINST.INI -> C:\WINDOWS\ODBCINST.INI -> [2011-10-30 18:15:21 | 000,004,293 | ---- | C] ()

 FNTCACHE.DAT -> C:\WINDOWS\System32\FNTCACHE.DAT -> [2011-10-30 18:12:44 | 000,138,056 | ---- | C] ()

 igfxCoIn_v4670.dll -> C:\WINDOWS\System32\igfxCoIn_v4670.dll -> [2011-10-30 17:35:15 | 000,192,512 | R--- | C] ()

 igmedkrn.dll -> C:\WINDOWS\System32\igmedkrn.dll -> [2011-10-30 17:35:14 | 000,459,664 | R--- | C] ()

 ASACPI.sys -> C:\WINDOWS\System32\drivers\ASACPI.sys -> [2011-10-30 17:32:12 | 000,005,810 | R--- | C] ()

 Ascd_tmp.ini -> C:\WINDOWS\Ascd_tmp.ini -> [2011-10-30 17:32:10 | 000,010,165 | ---- | C] ()

 ASUSHWIO.SYS -> C:\WINDOWS\System32\drivers\ASUSHWIO.SYS -> [2011-10-30 17:32:00 | 000,010,288 | ---- | C] ()

 bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2011-10-30 17:26:17 | 000,002,048 | --S- | C] ()

 emptyregdb.dat -> C:\WINDOWS\System32\emptyregdb.dat -> [2011-10-30 17:22:38 | 000,021,856 | ---- | C] ()

< End of report >

OTL - Raport obowiązkowy:

analiza-dezynfekcja-zestaw-nieingerencyjnych-narzedzi-t485632.html#p3059741

a przepraszam, uzupełniam braki:

http://www.wklej.org/id/856333/ OTL txt i http://www.wklej.org/id/856336/ OTL Extras

Nic ciekawego nie widać w tych logach.

Pobierz AdwCleaner

Zamknij przeglądarkę internetową.

Uruchom AdwCleaner i kliknij Delete

Do okna Własne opcje skanowania / skrypt wklej:

Kliknij Wykonaj skrypt i zatwierdź restart.

Później kliknij Sprzątanie.

po wykonaniu powyższych czynności, tak jakby świeża instalacja Firefox sie pojawiła; Robiłem to już wcześniej tradycyjnie odinstalowując i instalując raz jeszcze.

Jak na razie wyskoczyła ankieta Gemius, adserverplus nie wyskoczył jeszcze mimo aktywności w Firefoxie, zobaczymy w dłuższej perspektywie…

A tak z ciekawości, to ten skrypt do OTL to jakich czynności dokonał ?

Zainstaluj i subskrybuj listę filtrów: Klik