Explorer.exe Wirus Zakraplacz


(Maciejoo21) #1

Witam

Mam problem z wirusem tzw. "zakraplacz" siedzi mi w tym pliku explorer.exe.

Antywirus sam go nie usunie. Logi z HijackThis:

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 09:41:34, on 2011-07-19

Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal


Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

C:\WINDOWS\explorer.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe

C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe

C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe

C:\Program Files\Real\RealPlayer\update\realsched.exe

C:\WINDOWS\V0330Mon.exe

C:\Program Files\Livebox\Launcher\Launcher.exe

C:\Program Files\Brother\ControlCenter3\brccMCtl.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe

C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe

C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe

C:\WINDOWS\System32\svchost.exe

C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe

C:\Program Files\DAEMON Tools Lite\DTLite.exe

C:\Program Files\LogMeIn Hamachi\hamachi-2.exe

C:\Program Files\OSCAR Editor X7\OscarEditor.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\windows\system32\QTask.exe

C:\Program Files\Livebox\systray\systrayapp.exe

C:\Program Files\Livebox\connectivity\connectivitymanager.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\AOL 9.5\waol.exe

C:\Documents and Settings\Domowy\Menu Start\Programy\Autostart\lua7.exe

C:\windows\system32\QTask.exe

C:\Program Files\Livebox\connectivity\CoreCom\CoreCom.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe

C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe

C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe

C:\Program Files\Livebox\connectivity\CoreCom\OraConfigRecover.exe

C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe

C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe

C:\Program Files\AOL 9.5\shellmon.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\WINDOWS\system32\msiexec.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe"

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Livebox\SearchURLHook\SearchPageURL.dll

R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTo0.dll

R3 - URLSearchHook: Softonic-Polska Toolbar - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\prxtbSof0.dll

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Special Savings - {74F475FA-6C75-43BD-AAB9-ECDA6184F600} - C:\Program Files\Superfish\Special Savings\SpecialSavings.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Mighty Magoo Text - {97E74A14-E5F1-40cc-9B0F-0D11946E5469} - C:\Program Files\Mighty Magoo\mmagootl.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTo0.dll

O2 - BHO: Softonic-Polska - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\prxtbSof0.dll

O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTo0.dll

O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll

O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll

O3 - Toolbar: Softonic-Polska Toolbar - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\prxtbSof0.dll

O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [ORAHSSSessionManager] "C:\Program Files\Livebox\SessionManager\SessionManager.exe"

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui

O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot

O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"

O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"

O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Dane aplikacji\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini

O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN

O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot

O4 - HKLM\..\Run: [V0330Mon.exe] C:\WINDOWS\V0330Mon.exe

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles

O4 - HKLM\..\Run: [Nokia FastStart] "C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe" /command:faststart

O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start

O4 - HKLM\..\Run: [Graphic Driver] C:\Documents and Settings\Domowy\Dane aplikacji\OvHGRRXwlDmy.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [OscarEditor] "C:\Program Files\OSCAR Editor X7\OscarEditor.exe" Minimum

O4 - HKCU\..\Run: [Audio Device] C:\Documents and Settings\Domowy\Dane aplikacji\OvHGRRXwlDmy.exe

O4 - HKCU\..\Run: [HKCU] C:\Program Files\Microsoft Security\wsecurity.exe

O4 - HKCU\..\Run: [QuickTime] C:\windows\system32\QTask.exe

O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\AOL 9.5\AOL.EXE" -b

O4 - HKCU\..\Policies\Explorer\Run: [Policies] C:\Program Files\Microsoft Security\wsecurity.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: lua7.exe

O4 - Startup: PowerReg Scheduler.exe

O4 - Startup: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Driver performer.lnk = C:\Documents and Settings\Domowy\Pulpit\DriverPerformer_16i.exe

O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: Special Savings - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - C:\Program Files\Superfish\Special Savings\SpecialSavings.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: France Telecom Routing Table Service (FTRTSVC) - Unknown owner - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe

O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe

O23 - Service: Installer Service - Unknown owner - C:\Documents and Settings\All Users\Dane aplikacji\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{3FC42713-B6E7-49AA-A553-A224FE9828A8}\Installer\InstallerService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

Proszę o Pomoc z Gory Dziek ;]

Pozdrawiam


(Acorus) #2

Przeskanuj programem Dr.WEB CureIt http://www.dobreprogramy.pl/Dr.WEB-Cure ... 12976.html

Pokaż logi z OTL http://oldtimer.geekstogo.com/OTL.exe

Zaznacz-Wszyscy użytkownicy.Wszystkie panele-Użyj filtrowania.Zaznacz-infekcja LOP iPurity http://wstaw.org/m/2010/10/31/OTL.png.


(Maciejoo21) #3

Logi z OTL:

PRC - [2011-07-19 10:38:31 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Domowy\Pulpit\OTL.exe

PRC - [2011-07-04 13:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe

PRC - [2011-07-04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

PRC - [2011-06-22 10:49:42 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe

PRC - [2011-06-09 20:00:42 | 001,059,840 | ---- | M] () -- C:\Documents and Settings\Domowy\Menu Start\Programy\Autostart\lua7.exe

PRC - [2011-06-04 21:08:02 | 005,226,838 | ---- | M] () -- C:\WINDOWS\system32\QTask.exe

PRC - [2011-05-25 17:29:54 | 001,951,112 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe

PRC - [2011-05-25 17:29:48 | 001,336,712 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe

PRC - [2010-12-08 14:31:06 | 000,628,736 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

PRC - [2010-11-16 14:48:32 | 000,152,576 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe

PRC - [2010-11-01 21:21:29 | 000,274,608 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe

PRC - [2010-07-22 14:18:08 | 002,636,800 | ---- | M] () -- C:\Program Files\OSCAR Editor X7\OscarEditor.exe

PRC - [2010-05-14 11:32:30 | 001,479,680 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe

PRC - [2010-05-11 10:11:58 | 000,134,144 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe

PRC - [2010-04-01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe

PRC - [2010-03-23 16:54:55 | 000,028,496 | ---- | M] (AOL Inc.) -- C:\Program Files\AOL 9.5\waol.exe

PRC - [2010-03-23 16:54:54 | 000,054,608 | ---- | M] (AOL Inc.) -- C:\Program Files\AOL 9.5\shellmon.exe

PRC - [2009-10-27 09:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe

PRC - [2009-04-14 11:10:30 | 001,032,192 | ---- | M] (Nokia) -- C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe

PRC - [2009-02-10 16:30:02 | 000,364,544 | ---- | M] (France Telecom SA) -- C:\Program Files\Livebox\Connectivity\corecom\CoreCom.exe

PRC - [2008-06-20 12:11:04 | 000,028,672 | ---- | M] (France Telecom SA) -- C:\Program Files\Livebox\Connectivity\corecom\OraConfigRecover.exe

PRC - [2008-06-20 12:08:24 | 000,065,536 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe

PRC - [2008-06-20 12:08:08 | 000,065,536 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe

PRC - [2008-06-10 11:14:42 | 000,147,456 | ---- | M] (France Telecom SA) -- C:\Program Files\Livebox\Systray\SystrayApp.exe

PRC - [2008-06-10 11:14:14 | 000,602,864 | ---- | M] (France Telecom SA) -- C:\Program Files\Livebox\Launcher\Launcher.exe

PRC - [2008-06-10 11:11:34 | 000,712,704 | ---- | M] (France Telecom SA) -- C:\Program Files\Livebox\Connectivity\ConnectivityManager.exe

PRC - [2008-06-10 11:11:04 | 000,090,112 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe

PRC - [2008-04-15 14:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2007-04-30 02:03:00 | 000,032,768 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\V0330Mon.exe

PRC - [2007-03-02 16:48:00 | 000,098,304 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfcMon.exe

PRC - [2006-10-23 14:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\aol\acs\AOLacsd.exe



[color=#E56717]========== Modules (SafeList) ==========[/color]


MOD - [2011-07-19 10:38:31 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Domowy\Pulpit\OTL.exe

MOD - [2011-04-18 22:51:18 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll

MOD - [2011-04-18 22:51:18 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll

MOD - [2010-11-01 21:21:38 | 000,040,448 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll

MOD - [2010-08-23 18:12:53 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll

MOD - [2010-04-03 11:37:14 | 000,127,488 | ---- | M] () -- C:\Program Files\OSCAR Editor X7\dll\DLL_Wheel4D.dll

MOD - [2008-06-10 11:12:26 | 000,006,144 | ---- | M] (France Telecom SA) -- C:\Program Files\Livebox\Launcher\Inactivity.dll



[color=#E56717]========== Win32 Services (SafeList) ==========[/color]


SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)

SRV - [2011-07-04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)

SRV - [2011-06-28 07:47:57 | 003,435,096 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_e477fed.dll -- (Akamai)

SRV - [2011-05-25 17:29:48 | 001,336,712 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)

SRV - [2011-04-27 16:28:13 | 000,119,296 | ---- | M] () [On_Demand | Stopped] -- C:\Documents and Settings\All Users\Dane aplikacji\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{3FC42713-B6E7-49AA-A553-A224FE9828A8}\Installer\InstallerService.exe -- (Installer Service)

SRV - [2011-01-11 17:13:02 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)

SRV - [2010-12-08 14:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)

SRV - [2010-01-15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)

SRV - [2008-06-20 12:08:08 | 000,065,536 | ---- | M] (France Telecom SA) [Auto | Running] -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC)

SRV - [2006-10-23 14:50:35 | 000,046,640 | R--- | M] (AOL LLC) [On_Demand | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)



[color=#E56717]========== Driver Services (SafeList) ==========[/color]


DRV - [2011-07-04 13:36:43 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)

DRV - [2011-07-04 13:36:32 | 000,309,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)

DRV - [2011-07-04 13:35:23 | 000,043,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)

DRV - [2011-07-04 13:35:12 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)

DRV - [2011-07-04 13:32:32 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)

DRV - [2011-07-04 13:32:13 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)

DRV - [2011-07-04 13:32:12 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)

DRV - [2010-11-15 19:58:01 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)

DRV - [2010-09-22 21:19:02 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\taphss.sys -- (taphss)

DRV - [2009-07-03 17:26:34 | 000,157,728 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\V0330Vid.sys -- (V0330VID)

DRV - [2009-06-09 12:12:14 | 005,086,208 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)

DRV - [2009-06-05 09:16:32 | 000,142,336 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)

DRV - [2009-03-18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)

DRV - [2008-08-26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)

DRV - [2008-08-05 14:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)

DRV - [2007-10-12 03:40:00 | 000,009,096 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\amdide.sys -- (amdide)

DRV - [2006-03-01 19:53:54 | 000,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5)

DRV - [2006-01-04 09:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)

DRV - [2003-09-23 11:38:34 | 000,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcampr5.sys -- (PCAMPR5)

DRV - [2003-01-10 23:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)



[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


IE - HKU\S-1-5-21-1004336348-1547161642-682003330-1004\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Livebox\SearchURLHook\SearchPageURL.dll ()

IE - HKU\S-1-5-21-1004336348-1547161642-682003330-1004\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTo0.dll (Conduit Ltd.)

IE - HKU\S-1-5-21-1004336348-1547161642-682003330-1004\..\URLSearchHook: {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\prxtbSof0.dll (Conduit Ltd.)

IE - HKU\S-1-5-21-1004336348-1547161642-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[color=#E56717]========== FireFox ==========[/color]


FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.0

FF - prefs.js..extensions.enabledItems: {0b521176-81b5-4849-b963-98c7a257827d}:3.0

FF - prefs.js..extensions.enabledItems: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}:3.3.3.2

FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.7.0190

FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.7

FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2

FF - prefs.js..extensions.enabledItems: {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}:3.3.3.2

FF - prefs.js..extensions.enabledItems: support@auto-hide-ip.com:1.0

FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.732

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: support@super-hide-ip.com:1.0

FF - prefs.js..extensions.enabledItems: textlinks@mmagoo.com:1.0.0

FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7550

FF - prefs.js..extensions.enabledItems: superfish@superfish.com:1.2.0.12

FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.6

FF - prefs.js..network.proxy.backup.ftp: "184.22.251.74"

FF - prefs.js..network.proxy.backup.ftp_port: 3129

FF - prefs.js..network.proxy.backup.gopher: "184.22.251.74"

FF - prefs.js..network.proxy.backup.gopher_port: 3129

FF - prefs.js..network.proxy.backup.socks: "184.22.251.74"

FF - prefs.js..network.proxy.backup.socks_port: 3129

FF - prefs.js..network.proxy.backup.ssl: "184.22.251.74"

FF - prefs.js..network.proxy.backup.ssl_port: 3129

FF - prefs.js..network.proxy.no_proxies_on: ""

FF - prefs.js..network.proxy.share_proxy_settings: true

FF - prefs.js..network.proxy.type: 0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.599: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.599: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.599: C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.599: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found

FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)


FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010-11-01 21:21:38 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2010-12-31 22:34:22 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-07-18 19:24:57 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-06-22 10:49:44 | 000,000,000 | ---D | M]


[2010-10-23 09:49:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Domowy\Dane aplikacji\Mozilla\Extensions

[2011-07-19 09:48:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Domowy\Dane aplikacji\Mozilla\Firefox\Profiles\l7ugw3uq.default\extensions

[2010-11-10 22:24:33 | 000,000,000 | ---D | M] (OpinionSquare) -- C:\Documents and Settings\Domowy\Dane aplikacji\Mozilla\Firefox\Profiles\l7ugw3uq.default\extensions\{0b521176-81b5-4849-b963-98c7a257827d}

[2010-10-24 13:38:50 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Domowy\Dane aplikacji\Mozilla\Firefox\Profiles\l7ugw3uq.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2011-05-21 14:14:54 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Documents and Settings\Domowy\Dane aplikacji\Mozilla\Firefox\Profiles\l7ugw3uq.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}

[2011-05-21 14:14:53 | 000,000,000 | ---D | M] (Softonic-Polska Community Toolbar) -- C:\Documents and Settings\Domowy\Dane aplikacji\Mozilla\Firefox\Profiles\l7ugw3uq.default\extensions\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}

[2011-06-15 21:03:53 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Documents and Settings\Domowy\Dane aplikacji\Mozilla\Firefox\Profiles\l7ugw3uq.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}

[2011-07-18 19:58:22 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\Domowy\Dane aplikacji\Mozilla\Firefox\Profiles\l7ugw3uq.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}

[2011-05-21 14:14:47 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Documents and Settings\Domowy\Dane aplikacji\Mozilla\Firefox\Profiles\l7ugw3uq.default\extensions\DTToolbar@toolbarnet.com

[2011-05-21 14:14:52 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\Domowy\Dane aplikacji\Mozilla\Firefox\Profiles\l7ugw3uq.default\extensions\engine@conduit.com

[2011-07-19 10:40:18 | 000,000,000 | ---D | M] (WindowShopper) -- C:\Documents and Settings\Domowy\Dane aplikacji\Mozilla\Firefox\Profiles\l7ugw3uq.default\extensions\superfish@superfish.com

[2010-12-23 15:27:48 | 000,000,000 | ---D | M] (Auto Hide IP) -- C:\Documents and Settings\Domowy\Dane aplikacji\Mozilla\Firefox\Profiles\l7ugw3uq.default\extensions\support@auto-hide-ip.com

[2011-06-04 12:43:38 | 000,000,000 | ---D | M] (Super Hide IP) -- C:\Documents and Settings\Domowy\Dane aplikacji\Mozilla\Firefox\Profiles\l7ugw3uq.default\extensions\support@super-hide-ip.com

[2010-11-15 19:58:02 | 000,002,059 | ---- | M] () -- C:\Documents and Settings\Domowy\Dane aplikacji\Mozilla\Firefox\Profiles\l7ugw3uq.default\searchplugins\daemon-search.xml

[2011-07-19 09:48:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2011-07-06 16:11:18 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

[2011-05-03 16:27:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}

[2010-11-01 21:21:38 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\DANE APLIKACJI\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT

[2011-07-04 10:08:08 | 000,000,000 | ---D | M] (Mighty Magoo TextLinks) -- C:\DOCUMENTS AND SETTINGS\DOMOWY\DANE APLIKACJI\MOZILLA\EXTENSIONS\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}\TEXTLINKS@MMAGOO.COM

[2011-05-03 16:27:42 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF

[2010-12-31 22:34:22 | 000,000,000 | ---D | M] (PC Sync 2 Synchronisation Extension) -- C:\PROGRAM FILES\NOKIA\NOKIA PC SUITE 7\BKMRKSYNC

[2011-05-03 16:27:40 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

[2010-10-26 08:22:51 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml

[2010-10-26 08:22:51 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml

[2010-10-26 08:22:51 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml

[2010-10-26 08:22:51 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml

[2010-10-26 08:22:51 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml

[2010-10-26 08:22:51 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml


O1 HOSTS File: ([2008-04-15 14:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)

O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll (Conduit Ltd.)

O2 - BHO: (Special Savings) - {74F475FA-6C75-43BD-AAB9-ECDA6184F600} - C:\Program Files\Superfish\Special Savings\SpecialSavings.dll (Superfish)

O2 - BHO: (Mighty Magoo Text) - {97E74A14-E5F1-40cc-9B0F-0D11946E5469} - C:\Program Files\Mighty Magoo\mmagootl.dll ()

O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTo0.dll (Conduit Ltd.)

O2 - BHO: (Softonic-Polska Toolbar) - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\prxtbSof0.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()

O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTo0.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (Softonic-Polska Toolbar) - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\prxtbSof0.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.

O3 - HKU\S-1-5-21-1004336348-1547161642-682003330-1004\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll (Conduit Ltd.)

O3 - HKU\S-1-5-21-1004336348-1547161642-682003330-1004\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()

O3 - HKU\S-1-5-21-1004336348-1547161642-682003330-1004\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files\uTorrentBar\tbuTo0.dll (Conduit Ltd.)

O3 - HKU\S-1-5-21-1004336348-1547161642-682003330-1004\..\Toolbar\WebBrowser: (Softonic-Polska Toolbar) - {C86EB8A9-CCC2-4B6C-B75D-73576ED591BF} - C:\Program Files\Softonic-Polska\prxtbSof0.dll (Conduit Ltd.)

O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)

O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)

O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)

O4 - HKLM..\Run: [Graphic Driver] C:\Documents and Settings\Domowy\Dane aplikacji\OvHGRRXwlDmy.exe ()

O4 - HKLM..\Run: [HKLM] C:\Program Files\Microsoft Security\wsecurity.exe ()

O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)

O4 - HKLM..\Run: [Nokia FastStart] C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe (Nokia)

O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)

O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()

O4 - HKLM..\Run: [ORAHSSSessionManager] C:\Program Files\Livebox\SessionManager\SessionManager.exe (France Telecom SA)

O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)

O4 - HKLM..\Run: [V0330Mon.exe] C:\WINDOWS\V0330Mon.exe (Creative Technology Ltd.)

O4 - HKU\S-1-5-21-1004336348-1547161642-682003330-1004..\Run: [AOL Fast Start] C:\Program Files\AOL 9.5\AOL.EXE (AOL Inc.)

O4 - HKU\S-1-5-21-1004336348-1547161642-682003330-1004..\Run: [Audio Device] C:\Documents and Settings\Domowy\Dane aplikacji\OvHGRRXwlDmy.exe ()

O4 - HKU\S-1-5-21-1004336348-1547161642-682003330-1004..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)

O4 - HKU\S-1-5-21-1004336348-1547161642-682003330-1004..\Run: [HKCU] C:\Program Files\Microsoft Security\wsecurity.exe ()

O4 - HKU\S-1-5-21-1004336348-1547161642-682003330-1004..\Run: [OscarEditor] C:\Program Files\OSCAR Editor X7\OscarEditor.exe ()

O4 - HKU\S-1-5-21-1004336348-1547161642-682003330-1004..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)

O4 - HKU\S-1-5-21-1004336348-1547161642-682003330-1004..\Run: [QuickTime] C:\WINDOWS\system32\QTask.exe ()

O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Driver performer.lnk = File not found

O4 - Startup: C:\Documents and Settings\Domowy\Menu Start\Programy\Autostart\lua7.exe ()

O4 - Startup: C:\Documents and Settings\Domowy\Menu Start\Programy\Autostart\PowerReg Scheduler.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = C:\Program Files\Microsoft Security\wsecurity.exe ()

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-1004336348-1547161642-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-1004336348-1547161642-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = C:\Program Files\Microsoft Security\wsecurity.exe ()

O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra Button: Special Savings - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - C:\Program Files\Superfish\Special Savings\SpecialSavings.dll (Superfish)

O15 - HKU\S-1-5-21-1004336348-1547161642-682003330-1004\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)

O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 0.0.0.0

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\Domowy\Dane aplikacji\Mozilla\Firefox\Tapeta pulpitu.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Domowy\Dane aplikacji\Mozilla\Firefox\Tapeta pulpitu.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2010-10-23 09:20:43 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [NTFS]

O32 - AutoRun File - [2008-11-15 11:52:50 | 000,161,088 | R--- | M] (Take-Two Interactive Software, Inc.) - G:\Autorun.exe -- [UDF]

O32 - AutoRun File - [2008-10-11 19:03:48 | 000,000,054 | R--- | M] () - G:\Autorun.inf -- [UDF]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*


[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]


[2011-07-19 10:38:27 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Domowy\Pulpit\OTL.exe

[2011-07-19 09:41:15 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro

[2011-07-19 09:41:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Domowy\Menu Start\Programy\HiJackThis

[2011-07-18 08:38:46 | 000,000,000 | ---D | C] -- C:\avalon

[2011-07-10 21:25:25 | 000,532,480 | ---- | C] (Trend Micro Incorporated) -- C:\Documents and Settings\Domowy\Pulpit\cwshredder.exe

[2011-07-10 18:16:27 | 000,051,232 | ---- | C] (gkweb) -- C:\Documents and Settings\Domowy\Pulpit\wwdc_141_(dobreprogramy.pl).exe

[2011-07-09 18:15:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Domowy\Pulpit\Worms 3D

[2011-07-08 20:10:07 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys

[2011-07-08 14:22:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Domowy\Dane aplikacji\Superfish

[2011-07-08 14:22:18 | 000,000,000 | ---D | C] -- C:\Program Files\Superfish

[2011-07-08 10:32:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Domowy\Pulpit\Serwer Bukki

[2011-07-08 10:24:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Domowy\Pulpit\plugins

[2011-07-08 09:56:04 | 000,000,000 | RHSD | C] -- C:\Program Files\Microsoft Security

[2011-07-08 09:56:03 | 000,000,000 | RHSD | C] -- C:\Documents and Settings\Domowy\Dane aplikacji\Microsoft Security

[2011-07-06 16:10:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Skype

[2011-07-06 15:23:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Super Hide IP

[2011-07-06 15:23:48 | 000,000,000 | ---D | C] -- C:\Program Files\SuperHideIP

[2011-07-06 12:56:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Domowy\Pulpit\NG

[2011-07-05 12:11:18 | 000,307,200 | ---- | C] (InstallShield Software Corporation) -- C:\WINDOWS\IsUn0415.exe

[2011-07-05 08:01:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Domowy\Pulpit\mcmap-win32

[2011-07-04 13:24:38 | 000,000,000 | ---D | C] -- C:\TibiaBot NG

[2011-07-04 10:08:01 | 000,000,000 | ---D | C] -- C:\Program Files\Mighty Magoo

[2011-07-03 14:06:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\TibiaBot NG

[2011-07-02 19:41:10 | 000,000,000 | ---D | C] -- C:\ElvenSoft

[2011-07-02 19:03:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Domowy\Pulpit\minecraft

[2011-07-02 17:07:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Domowy\Dane aplikacji\Tibia

[2011-07-02 17:06:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Tibia

[2011-07-02 11:53:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Domowy\Menu Start\Programy\Tibia Auto

[2011-07-02 10:42:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Domowy\Dane aplikacji\Altaron

[2011-07-02 10:42:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Domowy\Pulpit\Tibia

[2011-06-30 17:18:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\A4TECH Software

[2011-06-30 17:18:35 | 000,000,000 | ---D | C] -- C:\Program Files\OSCAR Editor X7

[2011-06-30 17:18:11 | 000,000,000 | ---D | C] -- C:\Program Files\OscarX7

[2011-06-29 10:33:56 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll

[2011-06-20 19:45:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Domowy\Moje dokumenty\Rockstar Games

[2011-06-20 10:36:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Domowy\Menu Start\Programy\Google Chrome

[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp ->]

[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp ->]


[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]


[2011-07-19 10:44:13 | 071,761,704 | ---- | M] () -- C:\Documents and Settings\Domowy\Pulpit\launch(2).exe

[2011-07-19 10:44:10 | 000,943,967 | -H-- | M] () -- C:\Documents and Settings\Domowy\Dane aplikacji\Domowylog.dat

[2011-07-19 10:39:00 | 000,001,136 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1004336348-1547161642-682003330-1004UA.job

[2011-07-19 10:39:00 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1004336348-1547161642-682003330-1004Core.job

[2011-07-19 10:38:31 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Domowy\Pulpit\OTL.exe

[2011-07-19 10:01:08 | 000,047,888 | ---- | M] () -- C:\Documents and Settings\Domowy\Pulpit\MC900331546.WMF

[2011-07-19 10:01:00 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

[2011-07-19 09:42:31 | 000,002,445 | ---- | M] () -- C:\Documents and Settings\Domowy\Pulpit\HiJackThis.lnk

[2011-07-19 09:40:46 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\Domowy\Pulpit\HijackThis.msi

[2011-07-19 09:37:10 | 000,000,645 | ---- | M] () -- C:\WINDOWS\win.ini

[2011-07-19 09:35:37 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1004336348-1547161642-682003330-1004.job

[2011-07-19 09:35:34 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2011-07-19 09:35:24 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2011-07-18 20:23:24 | 006,815,744 | -H-- | M] () -- C:\Documents and Settings\Domowy\NTUSER.DAT

[2011-07-18 20:22:47 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1004336348-1547161642-682003330-1004.job

[2011-07-18 09:17:05 | 648,591,211 | ---- | M] () -- C:\Documents and Settings\Domowy\Pulpit\AvalonMT2_Client_v1.2.exe

[2011-07-18 08:38:18 | 033,504,679 | ---- | M] () -- C:\Documents and Settings\Domowy\Pulpit\AvalonMT2_Launcher_v1.4.exe

[2011-07-18 08:23:21 | 000,276,560 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2011-07-17 21:38:02 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2011-07-17 20:40:25 | 000,002,311 | ---- | M] () -- C:\Documents and Settings\Domowy\Pulpit\Google Chrome.lnk

[2011-07-17 20:34:12 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2011-07-10 21:25:26 | 000,532,480 | ---- | M] (Trend Micro Incorporated) -- C:\Documents and Settings\Domowy\Pulpit\cwshredder.exe

[2011-07-10 18:16:28 | 000,051,232 | ---- | M] (gkweb) -- C:\Documents and Settings\Domowy\Pulpit\wwdc_141_(dobreprogramy.pl).exe

[2011-07-10 16:54:29 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk

[2011-07-09 22:11:25 | 002,644,622 | -H-- | M] () -- C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\IconCache.db

[2011-07-08 20:10:07 | 000,002,645 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT

[2011-07-08 14:21:52 | 000,000,498 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Driver performer.lnk

[2011-07-07 20:44:33 | 006,386,878 | ---- | M] () -- C:\Documents and Settings\Domowy\Pulpit\Alex Gaudino - Destination Calabria pobrano z ulub_pl.mp3

[2011-07-06 15:43:51 | 002,293,760 | RHS- | M] () -- C:\Documents and Settings\Domowy\Dane aplikacji\ZV5m34iHVoxn.exe

[2011-07-06 15:43:51 | 002,293,760 | RHS- | M] () -- C:\Documents and Settings\Domowy\Dane aplikacji\OvHGRRXwlDmy.exe

[2011-07-06 15:23:50 | 000,000,718 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Super Hide IP.lnk

[2011-07-05 12:23:23 | 000,487,882 | ---- | M] () -- C:\Documents and Settings\Domowy\Moje dokumenty\qt_temp.Ep3932.png

[2011-07-05 12:22:33 | 000,955,242 | ---- | M] () -- C:\Documents and Settings\Domowy\Moje dokumenty\dla jakubak.bmp

[2011-07-05 12:14:03 | 000,002,163 | ---- | M] () -- C:\Documents and Settings\Domowy\Pulpit\Ventrilo.lnk

[2011-07-05 12:13:24 | 000,000,986 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Gamma Loader.lnk

[2011-07-05 07:54:23 | 006,363,928 | ---- | M] () -- C:\Documents and Settings\Domowy\Pulpit\Minecraft Cartographer 1.7.rar

[2011-07-04 15:57:56 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini

[2011-07-04 15:57:55 | 000,043,520 | ---- | M] () -- C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011-07-04 13:43:53 | 000,040,112 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr

[2011-07-04 13:43:51 | 000,199,304 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe

[2011-07-04 13:36:43 | 000,441,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys

[2011-07-04 13:36:32 | 000,309,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys

[2011-07-04 13:35:23 | 000,043,608 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys

[2011-07-04 13:35:12 | 000,102,616 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys

[2011-07-04 13:35:09 | 000,096,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys

[2011-07-04 13:32:32 | 000,025,432 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys

[2011-07-04 13:32:13 | 000,030,808 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys

[2011-07-04 13:32:12 | 000,019,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys

[2011-07-04 13:24:38 | 000,000,531 | ---- | M] () -- C:\Documents and Settings\Domowy\Pulpit\TibiaBot NG.lnk

[2011-07-02 19:41:13 | 000,001,369 | ---- | M] () -- C:\Documents and Settings\Domowy\Pulpit\NeoBot.lnk

[2011-07-02 19:40:59 | 008,750,265 | ---- | M] () -- C:\Documents and Settings\Domowy\Pulpit\NeoBot-2.5.6.exe

[2011-07-02 17:06:53 | 000,000,434 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Tibia.lnk

[2011-07-02 11:53:00 | 000,001,607 | ---- | M] () -- C:\Documents and Settings\Domowy\Pulpit\Tibia Auto.lnk

[2011-07-02 11:51:45 | 001,867,776 | ---- | M] () -- C:\WINDOWS\System32\python24.dll

[2011-07-02 11:51:45 | 001,867,776 | ---- | M] () -- C:\WINDOWS\python24.dll

[2011-06-30 17:18:39 | 000,001,954 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\X7 Oscar Editor.lnk

[2011-06-30 14:52:17 | 007,048,192 | ---- | M] () -- C:\Documents and Settings\Domowy\Moje dokumenty\.minecraft.rar

[2011-06-24 17:01:20 | 000,000,529 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Deer Avenger 4.lnk

[2011-06-23 10:41:17 | 001,242,562 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI

[2011-06-23 10:41:17 | 000,567,210 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat

[2011-06-23 10:41:17 | 000,504,702 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2011-06-23 10:41:17 | 000,109,404 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat

[2011-06-23 10:41:17 | 000,088,316 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2011-06-19 11:15:19 | 001,305,718 | ---- | M] () -- C:\Documents and Settings\Domowy\Moje dokumenty\qt_temp.FP2976.png

[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp ->]

[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp ->]


[color=#E56717]========== Files Created - No Company Name ==========[/color]


[2011-07-19 10:40:24 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Domowy\Pulpit\launch(2).exe

[2011-07-19 10:40:23 | 064,310,452 | ---- | C] () -- C:\Documents and Settings\Domowy\Pulpit\launch(2).exe.part

[2011-07-19 10:01:07 | 000,047,888 | ---- | C] () -- C:\Documents and Settings\Domowy\Pulpit\MC900331546.WMF

[2011-07-19 09:41:15 | 000,002,445 | ---- | C] () -- C:\Documents and Settings\Domowy\Pulpit\HiJackThis.lnk

[2011-07-19 09:40:43 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\Domowy\Pulpit\HijackThis.msi

[2011-07-18 20:19:16 | 000,032,887 | ---- | C] () -- C:\Documents and Settings\Domowy\Pulpit\G1 Credits and Weapon Hack.rar

[2011-07-18 11:12:44 | 003,932,214 | ---- | C] () -- C:\Documents and Settings\Domowy\Pulpit\jakie galy.bmp

[2011-07-18 08:43:50 | 648,591,211 | ---- | C] () -- C:\Documents and Settings\Domowy\Pulpit\AvalonMT2_Client_v1.2.exe

[2011-07-18 08:36:38 | 033,504,679 | ---- | C] () -- C:\Documents and Settings\Domowy\Pulpit\AvalonMT2_Launcher_v1.4.exe

[2011-07-10 21:00:33 | 005,226,838 | ---- | C] () -- C:\WINDOWS\System32\QTask.exe

[2011-07-08 15:08:25 | 000,024,274 | ---- | C] () -- C:\Documents and Settings\Domowy\Pulpit\TPack_V3_0.zip

[2011-07-08 14:21:52 | 000,000,498 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Driver performer.lnk

[2011-07-08 10:19:52 | 011,714,909 | ---- | C] () -- C:\Documents and Settings\Domowy\Pulpit\plugins.rar

[2011-07-07 20:15:02 | 006,386,878 | ---- | C] () -- C:\Documents and Settings\Domowy\Pulpit\Alex Gaudino - Destination Calabria pobrano z ulub_pl.mp3

[2011-07-07 17:02:03 | 002,293,760 | RHS- | C] () -- C:\Documents and Settings\Domowy\Dane aplikacji\OvHGRRXwlDmy.exe

[2011-07-07 17:02:00 | 002,293,760 | RHS- | C] () -- C:\Documents and Settings\Domowy\Dane aplikacji\ZV5m34iHVoxn.exe

[2011-07-06 15:23:50 | 000,000,718 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Super Hide IP.lnk

[2011-07-06 14:44:05 | 004,959,098 | ---- | C] () -- C:\Documents and Settings\Domowy\Pulpit\Super_Hide_IP_3.0.9.2.rar

[2011-07-06 12:46:00 | 003,438,120 | ---- | C] () -- C:\Documents and Settings\Domowy\Pulpit\825494.rar

[2011-07-05 12:22:37 | 000,487,882 | ---- | C] () -- C:\Documents and Settings\Domowy\Moje dokumenty\qt_temp.Ep3932.png

[2011-07-05 12:22:33 | 000,955,242 | ---- | C] () -- C:\Documents and Settings\Domowy\Moje dokumenty\dla jakubak.bmp

[2011-07-05 12:13:24 | 000,000,986 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Gamma Loader.lnk

[2011-07-05 12:13:23 | 000,000,842 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe ImageReady 7.0 CE.lnk

[2011-07-05 12:13:23 | 000,000,837 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Photoshop 7.0 CE.lnk

[2011-07-05 07:54:00 | 006,363,928 | ---- | C] () -- C:\Documents and Settings\Domowy\Pulpit\Minecraft Cartographer 1.7.rar

[2011-07-04 13:24:38 | 000,000,531 | ---- | C] () -- C:\Documents and Settings\Domowy\Pulpit\TibiaBot NG.lnk

[2011-07-03 08:55:49 | 001,059,840 | ---- | C] () -- C:\Documents and Settings\Domowy\Menu Start\Programy\Autostart\lua7.exe

[2011-07-02 19:41:13 | 000,001,369 | ---- | C] () -- C:\Documents and Settings\Domowy\Pulpit\NeoBot.lnk

[2011-07-02 19:40:04 | 008,750,265 | ---- | C] () -- C:\Documents and Settings\Domowy\Pulpit\NeoBot-2.5.6.exe

[2011-07-02 17:06:53 | 000,000,434 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Tibia.lnk

[2011-07-02 11:53:00 | 000,001,607 | ---- | C] () -- C:\Documents and Settings\Domowy\Pulpit\Tibia Auto.lnk

[2011-07-02 11:52:43 | 001,867,776 | ---- | C] () -- C:\WINDOWS\System32\python24.dll

[2011-07-02 11:52:34 | 001,867,776 | ---- | C] () -- C:\WINDOWS\python24.dll

[2011-06-30 17:18:39 | 000,001,954 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\X7 Oscar Editor.lnk

[2011-06-30 14:30:47 | 007,048,192 | ---- | C] () -- C:\Documents and Settings\Domowy\Moje dokumenty\.minecraft.rar

[2011-06-24 17:01:20 | 000,000,529 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Deer Avenger 4.lnk

[2011-06-20 10:36:23 | 000,002,311 | ---- | C] () -- C:\Documents and Settings\Domowy\Pulpit\Google Chrome.lnk

[2011-06-20 10:34:14 | 000,001,136 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1004336348-1547161642-682003330-1004UA.job

[2011-06-20 10:34:14 | 000,001,084 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1004336348-1547161642-682003330-1004Core.job

[2011-06-19 11:13:19 | 001,305,718 | ---- | C] () -- C:\Documents and Settings\Domowy\Moje dokumenty\qt_temp.FP2976.png

[2011-04-09 18:55:28 | 000,179,261 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat

[2011-03-15 20:30:34 | 000,382,976 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat

[2011-02-23 16:18:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PowerReg.dat

[2011-02-09 20:36:51 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll

[2011-02-02 16:11:28 | 000,036,892 | ---- | C] () -- C:\WINDOWS\System32\bassmod.dll

[2011-01-20 14:22:07 | 000,000,255 | ---- | C] () -- C:\WINDOWS\game.ini

[2010-12-29 16:59:25 | 000,240,592 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin

[2010-12-29 16:59:23 | 000,240,592 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin

[2010-12-29 16:59:23 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin

[2010-12-29 16:59:09 | 002,293,194 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin

[2010-11-15 21:36:30 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll

[2010-11-15 19:58:01 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys

[2010-11-15 19:43:13 | 000,815,104 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll

[2010-11-15 19:43:13 | 000,258,048 | ---- | C] () -- C:\WINDOWS\System32\libFLAC.dll

[2010-11-13 09:07:24 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini

[2010-11-13 09:07:20 | 000,043,520 | ---- | C] () -- C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010-11-01 22:53:49 | 002,644,622 | -H-- | C] () -- C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\IconCache.db

[2010-11-01 08:52:43 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2010-10-24 17:17:55 | 000,000,404 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI

[2010-10-24 17:17:55 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI

[2010-10-24 17:16:59 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\bridf07a.dat

[2010-10-24 17:15:38 | 000,031,567 | ---- | C] () -- C:\WINDOWS\maxlink.ini

[2010-10-24 14:23:01 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat

[2010-10-23 11:13:20 | 001,242,562 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI

[2010-10-23 11:13:19 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2010-10-23 11:12:20 | 000,276,560 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2010-10-23 09:52:28 | 000,074,024 | ---- | C] () -- C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT

[2010-10-23 09:49:55 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat

[2010-10-23 09:32:19 | 000,073,728 | R--- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll

[2010-10-23 09:22:37 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2010-10-23 09:20:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\control.ini

[2010-10-23 09:20:05 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest

[2010-10-23 09:20:01 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest

[2010-10-23 09:18:42 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2010-10-23 09:18:34 | 000,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini

[2010-10-23 09:18:34 | 000,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini

[2010-10-23 09:17:49 | 000,026,717 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini

[2010-10-23 09:17:48 | 000,003,813 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini

[2008-04-15 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin

[2008-04-15 14:00:00 | 001,015,477 | ---- | C] () -- C:\WINDOWS\System32\esentprf.ini

[2008-04-15 14:00:00 | 000,733,696 | ---- | C] () -- C:\WINDOWS\System32\qedwipes.dll

[2008-04-15 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat

[2008-04-15 14:00:00 | 000,567,210 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat

[2008-04-15 14:00:00 | 000,504,702 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat

[2008-04-15 14:00:00 | 000,355,112 | ---- | C] () -- C:\WINDOWS\System32\msjetoledb40.dll

[2008-04-15 14:00:00 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat

[2008-04-15 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat

[2008-04-15 14:00:00 | 000,270,848 | ---- | C] () -- C:\WINDOWS\System32\sbe.dll

[2008-04-15 14:00:00 | 000,253,440 | ---- | C] () -- C:\WINDOWS\System32\compatUI.dll

[2008-04-15 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat

[2008-04-15 14:00:00 | 000,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32.dll

[2008-04-15 14:00:00 | 000,186,880 | ---- | C] () -- C:\WINDOWS\System32\encdec.dll

[2008-04-15 14:00:00 | 000,109,404 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat

[2008-04-15 14:00:00 | 000,094,282 | ---- | C] () -- C:\WINDOWS\System32\msencode.dll

[2008-04-15 14:00:00 | 000,088,316 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat

[2008-04-15 14:00:00 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\amstream.dll

[2008-04-15 14:00:00 | 000,070,622 | ---- | C] () -- C:\WINDOWS\System32\edit.com

[2008-04-15 14:00:00 | 000,053,920 | ---- | C] () -- C:\WINDOWS\System32\dosx.exe

[2008-04-15 14:00:00 | 000,053,478 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.ini

[2008-04-15 14:00:00 | 000,051,823 | ---- | C] () -- C:\WINDOWS\System32\command.com

[2008-04-15 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin

[2008-04-15 14:00:00 | 000,042,809 | ---- | C] () -- C:\WINDOWS\System32\key01.sys

[2008-04-15 14:00:00 | 000,042,537 | ---- | C] () -- C:\WINDOWS\System32\keyboard.sys

[2008-04-15 14:00:00 | 000,039,434 | ---- | C] () -- C:\WINDOWS\System32\mem.exe

[2008-04-15 14:00:00 | 000,035,648 | ---- | C] () -- C:\WINDOWS\System32\ntio411.sys

[2008-04-15 14:00:00 | 000,035,424 | ---- | C] () -- C:\WINDOWS\System32\ntio412.sys

[2008-04-15 14:00:00 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat

[2008-04-15 14:00:00 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio804.sys

[2008-04-15 14:00:00 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio404.sys

[2008-04-15 14:00:00 | 000,033,936 | ---- | C] () -- C:\WINDOWS\System32\ntio.sys

[2008-04-15 14:00:00 | 000,029,370 | ---- | C] () -- C:\WINDOWS\System32\ntdos411.sys

[2008-04-15 14:00:00 | 000,029,274 | ---- | C] () -- C:\WINDOWS\System32\ntdos412.sys

[2008-04-15 14:00:00 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos804.sys

[2008-04-15 14:00:00 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos404.sys

[2008-04-15 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat

[2008-04-15 14:00:00 | 000,027,898 | ---- | C] () -- C:\WINDOWS\System32\ntdos.sys

[2008-04-15 14:00:00 | 000,027,097 | ---- | C] () -- C:\WINDOWS\System32\country.sys

[2008-04-15 14:00:00 | 000,020,986 | ---- | C] () -- C:\WINDOWS\System32\debug.exe

[2008-04-15 14:00:00 | 000,019,806 | ---- | C] () -- C:\WINDOWS\System32\graphics.com

[2008-04-15 14:00:00 | 000,016,024 | ---- | C] () -- C:\WINDOWS\System32\rsvp.ini

[2008-04-15 14:00:00 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\tsd32.dll

[2008-04-15 14:00:00 | 000,014,913 | ---- | C] () -- C:\WINDOWS\System32\kb16.com

[2008-04-15 14:00:00 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo.dll

[2008-04-15 14:00:00 | 000,013,819 | ---- | C] () -- C:\WINDOWS\System32\pschdprf.ini

[2008-04-15 14:00:00 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\win87em.dll

[2008-04-15 14:00:00 | 000,012,866 | ---- | C] () -- C:\WINDOWS\System32\edlin.exe

[2008-04-15 14:00:00 | 000,012,594 | ---- | C] () -- C:\WINDOWS\System32\append.exe

[2008-04-15 14:00:00 | 000,011,859 | ---- | C] () -- C:\WINDOWS\System32\setver.exe

[2008-04-15 14:00:00 | 000,009,043 | ---- | C] () -- C:\WINDOWS\System32\ansi.sys

[2008-04-15 14:00:00 | 000,008,520 | ---- | C] () -- C:\WINDOWS\System32\exe2bin.exe

[2008-04-15 14:00:00 | 000,007,116 | ---- | C] () -- C:\WINDOWS\System32\nlsfunc.exe

[2008-04-15 14:00:00 | 000,006,074 | ---- | C] () -- C:\WINDOWS\System32\rasctrs.ini

[2008-04-15 14:00:00 | 000,004,976 | ---- | C] () -- C:\WINDOWS\System32\himem.sys

[2008-04-15 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat

[2008-04-15 14:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

[2008-04-15 14:00:00 | 000,003,346 | ---- | C] () -- C:\WINDOWS\System32\redir.exe

[2008-04-15 14:00:00 | 000,002,992 | ---- | C] () -- C:\WINDOWS\System32\perfci.ini

[2008-04-15 14:00:00 | 000,002,890 | ---- | C] () -- C:\WINDOWS\System32\perfwci.ini

[2008-04-15 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin

[2008-04-15 14:00:00 | 000,001,405 | ---- | C] () -- C:\WINDOWS\msdfmap.ini

[2008-04-15 14:00:00 | 000,001,295 | ---- | C] () -- C:\WINDOWS\System32\perffilt.ini

[2008-04-15 14:00:00 | 000,001,168 | ---- | C] () -- C:\WINDOWS\System32\loadfix.com

[2008-04-15 14:00:00 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\share.exe

[2008-04-15 14:00:00 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\fastopen.exe

[2008-04-15 14:00:00 | 000,000,817 | ---- | C] () -- C:\WINDOWS\System32\mscdexnt.exe

[2008-04-15 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

[2008-04-15 14:00:00 | 000,000,645 | ---- | C] () -- C:\WINDOWS\win.ini

[2008-04-15 14:00:00 | 000,000,359 | ---- | C] () -- C:\WINDOWS\System32\prodspec.ini

[2008-04-15 14:00:00 | 000,000,227 | ---- | C] () -- C:\WINDOWS\system.ini

[2005-04-08 04:16:43 | 000,942,864 | -H-- | C] () -- C:\Documents and Settings\Domowy\Dane aplikacji\Domowylog.dat

[2001-10-26 19:29:54 | 000,057,856 | ---- | C] () -- C:\WINDOWS\System32\dvdplay.exe

[2001-10-26 19:29:42 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\paqsp.dll


[color=#E56717]========== LOP Check ==========[/color]


[2010-10-23 09:46:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software

[2010-12-23 15:27:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AutoHideIP

[2011-06-04 12:42:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\C__DOCUME~1_Domowy_USTAWI~1_Temp_Rar$EX02.391_Super_Hide_IP_v3.0.6.8_Crack_SuperHideIP.exe

[2010-11-15 19:57:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite

[2010-10-23 09:48:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10

[2011-03-15 21:01:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations

[2011-02-28 16:44:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla

[2011-03-27 16:37:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\LAG

[2011-03-15 21:02:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia

[2011-04-27 16:28:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NokiaInstallerCache

[2011-03-15 20:27:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NokiaMusic

[2011-02-12 09:24:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM

[2010-12-31 22:35:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite

[2011-04-08 13:58:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PMB Files

[2010-10-24 17:15:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ScanSoft

[2011-06-04 12:43:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SuperHideIP

[2011-07-04 19:20:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP

[2011-06-23 18:40:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ubisoft

[2010-10-29 20:59:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Viewpoint

[2011-05-07 22:46:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Domowy\Dane aplikacji\.minecraft

[2011-07-02 10:44:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Domowy\Dane aplikacji\Altaron

[2010-12-23 15:27:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Domowy\Dane aplikacji\AutoHideIP

[2011-06-04 12:42:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Domowy\Dane aplikacji\C__DOCUME~1_Domowy_USTAWI~1_Temp_Rar$EX02.391_Super_Hide_IP_v3.0.6.8_Crack_SuperHideIP.exe

[2010-11-15 20:51:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Domowy\Dane aplikacji\DAEMON Tools Lite

[2010-12-02 10:11:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Domowy\Dane aplikacji\Gadu-Gadu 10

[2010-10-23 14:43:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Domowy\Dane aplikacji\Gearbox Software

[2010-11-13 12:47:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Domowy\Dane aplikacji\Groove Games

[2011-02-28 21:25:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Domowy\Dane aplikacji\ipla

[2011-07-01 19:51:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Domowy\Dane aplikacji\Mumble

[2011-03-15 20:30:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Domowy\Dane aplikacji\Nokia

[2011-04-27 20:40:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Domowy\Dane aplikacji\Nseries

[2010-11-19 22:32:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Domowy\Dane aplikacji\OpenFM

[2011-04-28 16:06:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Domowy\Dane aplikacji\PC Suite

[2011-07-18 20:02:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Domowy\Dane aplikacji\PriceGong

[2010-11-15 21:40:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Domowy\Dane aplikacji\RigNRoll_pol

[2011-04-16 16:13:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Domowy\Dane aplikacji\SFBot

[2011-07-08 14:22:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Domowy\Dane aplikacji\Superfish

[2011-06-04 12:43:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Domowy\Dane aplikacji\SuperHideIP

[2011-07-02 17:07:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Domowy\Dane aplikacji\Tibia

[2011-05-25 19:18:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Domowy\Dane aplikacji\TS3Client

[2011-06-23 18:40:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Domowy\Dane aplikacji\Ubisoft

[2011-07-04 17:14:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Domowy\Dane aplikacji\uTorrent

[2011-07-19 10:01:00 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

(deFco247) #4

Nie obcinaj w żaden sposób logów i nie wklejaj ich na forum, tylko na wklej.org podając tutaj tylko link.

Zresztą zabrakło tutaj również drugiego loga z OTL - Extras.txt.


#5

maciejoo21 , proszę o zapoznanie się z tematem zasady-wklejania-logow-forum-t253052.html i dostosowanie się do niego. W przeciwnym wypadku temat poleci do kosza.


(Maciejoo21) #6

http://www.wklej.eu/index.php?id=1d62530329 --> OTL.Txt

http://www.wklej.eu/index.php?id=ae928f62da --> Extras.Txt

Sorki za wczesniejsze;D i prosze o usunięcie tamtej odp.


(Acorus) #7

Uruchom OTL i w okno (Własne opcje skanowania/Script)wklej:

Kliknij Wykonaj skrypt..Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie. Następnie uruchom OTL ponownie, tym razem kliknij (Skanuj).

Pokaż nowy log OTL.txt oraz raport z usuwania.

Odinstaluj Akamai NetSession Interface,DAEMON Tools Toolbar,McAfee Security Scan Plus,Softonic-Polska Toolbar,uTorrentBar Toolbar.


(Maciejoo21) #8

Logi które prosiłeś:

http://www.wklej.eu/index.php?id=3158836f2d

http://www.wklej.eu/index.php?id=28bb6bea03


(Acorus) #9

Powtórz usuwanie.Nie wkleiłeś :OTL


(Maciejoo21) #10

Wszystko sie naprawilo. Oto log:

http://www.wklej.eu/index.php?id=ec88399cb4


(Acorus) #11

W OTL użyj opcji Sprzątanie.Wyłącz i włącz przywracanie systemu na wszystkich dyskach:http://support.microsoft.com/kb/310405/pl

Przeskanuj progr.Malwarebytes Anti-Malware

http://www.dobreprogramy.pl/Malwarebyte ... 13117.html

Przed skanowaniem wykonaj RĘCZNĄ AKTUALIZACJĘ BAZY WIRUSÓW

Zainstaluj aktualizacje do programow wskazanych przez: http://screen317.spywareinfoforum.org/SecurityCheck.exe jako out of date.


(Maciejoo21) #12

Powinno być już wszystko ok;]

Dzieki za pomoc temat do zamknięcia