Jak usunąc qooqle.com ze strony startowej?


(Stefan9713) #1

mam problem z qooqle.com

skan już wykonałem oto logi:

Otl.txt

http://wklej.to/kzfYM

Extras.txt

http://wklej.to/41Zat

Prosił bym o szybką odpowiedz.

Z góry dzięki :smiley:


(jessica) #2


(Stefan9713) #3

OTL logfile created on: 2011-09-03 11:15:41 - Run 1

OTL by OldTimer - Version 3.2.27.0 Folder = C:\Users\Dawid\Downloads

64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,86 Gb Total Physical Memory | 2,37 Gb Available Physical Memory | 61,56% Memory free

7,71 Gb Paging File | 5,99 Gb Available in Paging File | 77,68% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 74,52 Gb Total Space | 29,76 Gb Free Space | 39,93% Space Free | Partition Type: NTFS

Drive D: | 204,03 Gb Total Space | 182,17 Gb Free Space | 89,28% Space Free | Partition Type: NTFS

Computer Name: DAWID-KOMPUTER | User Name: Dawid | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011-09-03 11:11:39 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\Dawid\Downloads\OTL.com

PRC - 2011-09-01 15:16:47 | 000,075,136 | ---- | M -- C:\Windows\SysWOW64\PnkBstrA.exe

PRC - [2011-08-31 21:03:53 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

PRC - 2010-11-04 18:15:50 | 000,810,144 | ---- | M -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe

PRC - 2010-09-30 00:35:58 | 003,054,136 | ---- | M -- C:\Windows\AsScrPro.exe

PRC - [2010-04-05 20:11:26 | 000,144,688 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe

PRC - [2010-04-05 20:10:36 | 000,370,480 | ---- | M] (syncables, LLC) -- C:\Program Files (x86)\syncables\syncables desktop\syncables.exe

PRC - [2010-04-05 19:15:00 | 000,383,792 | ---- | M] (syncables, LLC) -- C:\Program Files (x86)\syncables\syncables desktop\syncablesMAPI.exe

PRC - 2010-01-05 02:43:36 | 001,597,440 | ---- | M -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

PRC - 2009-11-24 22:45:36 | 000,053,888 | ---- | M -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe

PRC - 2009-11-10 04:20:36 | 000,096,896 | ---- | M -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

PRC - 2009-11-02 23:21:26 | 000,103,720 | ---- | M -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

PRC - 2009-10-27 05:29:32 | 006,998,656 | ---- | M -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

PRC - 2009-10-26 19:10:42 | 000,174,720 | ---- | M -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe

PRC - [2009-10-01 04:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

PRC - [2009-10-01 04:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

PRC - 2009-08-20 05:31:48 | 000,170,624 | ---- | M -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

PRC - [2009-08-12 21:32:56 | 000,365,936 | ---- | M] (Boingo Wireless, Inc.) -- C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe

PRC - 2009-06-19 19:29:42 | 000,105,016 | ---- | M -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

PRC - 2009-06-19 19:29:26 | 002,488,888 | ---- | M -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe

PRC - 2009-06-16 02:30:42 | 000,084,536 | ---- | M -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

PRC - 2009-05-19 00:59:10 | 000,428,600 | ---- | M -- C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe

PRC - 2009-05-19 00:58:38 | 000,305,720 | ---- | M -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe

PRC - 2008-12-23 02:15:34 | 000,174,648 | ---- | M -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe

PRC - 2007-11-30 20:20:44 | 000,051,768 | ---- | M -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe

========== Modules (No Company Name) ==========

MOD - 2011-08-31 21:03:53 | 001,846,232 | ---- | M -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

MOD - 2011-08-21 19:09:51 | 006,277,280 | ---- | M -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

MOD - 2010-01-05 02:43:36 | 001,597,440 | ---- | M -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

MOD - 2009-11-24 22:45:36 | 000,053,888 | ---- | M -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe

MOD - 2009-11-02 23:23:36 | 000,013,096 | ---- | M -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll

MOD - 2009-11-02 23:20:10 | 000,619,816 | ---- | M -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll

MOD - 2007-11-30 20:20:44 | 000,051,768 | ---- | M -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe

========== Win32 Services (SafeList) ==========

SRV: 64bit: - 2010-11-04 18:18:12 | 000,042,360 | ---- | M [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)

SRV: 64bit: - 2010-11-04 18:15:50 | 000,810,144 | ---- | M [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)

SRV: 64bit: - [2009-12-08 01:16:34 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)

SRV: 64bit: - [2009-11-27 05:39:45 | 000,243,712 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_38986e29a8b510a2\stacsv64.exe -- (STacSV)

SRV: 64bit: - 2009-11-11 10:29:13 | 000,202,752 | ---- | M [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)

SRV: 64bit: - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - 2011-09-01 15:16:47 | 000,075,136 | ---- | M [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)

SRV - [2010-12-13 09:40:07 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2010-12-13 09:39:54 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - 2010-01-26 13:41:08 | 000,652,800 | ---- | M [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)

SRV - 2009-11-10 04:20:36 | 000,096,896 | ---- | M [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)

SRV - [2009-10-01 04:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®

SRV - [2009-10-01 04:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®

SRV - 2009-06-16 02:30:42 | 000,084,536 | ---- | M [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)

SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV: 64bit: - [2011-03-11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV: 64bit: - [2011-03-11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV: 64bit: - 2010-12-27 17:53:36 | 000,834,544 | ---- | M [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)

DRV: 64bit: - [2010-12-13 09:40:21 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)

DRV: 64bit: - [2010-12-13 09:40:21 | 000,083,120 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)

DRV: 64bit: - 2010-09-03 07:13:46 | 000,170,104 | ---- | M [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)

DRV: 64bit: - 2010-07-29 13:31:26 | 000,141,264 | ---- | M [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)

DRV: 64bit: - 2010-07-29 13:31:26 | 000,126,320 | ---- | M [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)

DRV: 64bit: - [2009-11-27 05:39:45 | 000,505,344 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)

DRV: 64bit: - [2009-11-13 11:47:35 | 000,067,072 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)

DRV: 64bit: - [2009-11-11 11:02:11 | 006,104,576 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)

DRV: 64bit: - [2009-10-15 11:23:19 | 000,117,760 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)

DRV: 64bit: - [2009-10-05 03:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)

DRV: 64bit: - [2009-09-30 03:34:31 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)

DRV: 64bit: - [2009-09-17 21:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel®

DRV: 64bit: - [2009-08-21 08:48:17 | 000,044,032 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)

DRV: 64bit: - 2009-08-12 05:38:01 | 001,799,680 | ---- | M [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)

DRV: 64bit: - [2009-08-06 23:24:13 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

DRV: 64bit: - 2009-07-20 11:29:39 | 000,015,416 | ---- | M [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)

DRV: 64bit: - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV: 64bit: - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV: 64bit: - [2009-07-14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV: 64bit: - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV: 64bit: - [2009-06-10 22:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)

DRV: 64bit: - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV: 64bit: - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV: 64bit: - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV: 64bit: - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV: 64bit: - 2009-05-13 18:07:20 | 000,015,928 | ---- | M [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)

DRV: 64bit: - [2008-12-08 18:35:52 | 000,061,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)

DRV: 64bit: - 2008-08-28 12:44:42 | 000,025,600 | ---- | M [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)

DRV: 64bit: - [2008-05-24 02:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)

DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

DRV - 2009-07-03 02:36:14 | 000,015,416 | ---- | M [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qooqlle.com/

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "qooqlle"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "http://www.qooqlle.com/"

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.0

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2

FF - prefs.js..extensions.enabledItems: cssreloader@kenneth.io:1.0.2

FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6

FF - prefs.js..keyword.URL: "http://www.google.com/cse?cx=partner-pub-5462406484424654%3A8q0sn8-w2ss&ie=ISO-8859-1&q="

FF - prefs.js..network.proxy.backup.ftp: "127.0.0.1"

FF - prefs.js..network.proxy.backup.ftp_port: 9666

FF - prefs.js..network.proxy.backup.gopher: "127.0.0.1"

FF - prefs.js..network.proxy.backup.gopher_port: 9666

FF - prefs.js..network.proxy.backup.socks: "127.0.0.1"

FF - prefs.js..network.proxy.backup.socks_port: 9666

FF - prefs.js..network.proxy.backup.ssl: "127.0.0.1"

FF - prefs.js..network.proxy.backup.ssl_port: 9666

FF - prefs.js..network.proxy.ftp: "127.0.0.1"

FF - prefs.js..network.proxy.ftp_port: 9666

FF - prefs.js..network.proxy.gopher: "127.0.0.1"

FF - prefs.js..network.proxy.gopher_port: 9666

FF - prefs.js..network.proxy.http: "127.0.0.1"

FF - prefs.js..network.proxy.http_port: 9666

FF - prefs.js..network.proxy.share_proxy_settings: true

FF - prefs.js..network.proxy.socks: "127.0.0.1"

FF - prefs.js..network.proxy.socks_port: 9666

FF - prefs.js..network.proxy.ssl: "127.0.0.1"

FF - prefs.js..network.proxy.ssl_port: 9666

FF - prefs.js..network.proxy.type: 0

FF: 64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_10_3_162.dll File not found

FF: 64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+®,version=1.6.2.97: C:\Program Files (x86)\NOS\bin\np_gp.dll File not found

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011-08-31 21:03:53 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011-01-14 17:48:56 | 000,000,000 | ---D | M]

[2011-08-30 19:22:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\Extensions

[2011-09-02 20:38:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\Firefox\Profiles\0vo8qbct.default\extensions

2011-09-03 10:44:32 | 000,001,860 | ---- | M -- C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\0vo8qbct.default\searchplugins\search.xml

[2011-08-30 19:21:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions

[2011-08-31 21:03:53 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

2011-08-12 05:51:25 | 000,002,767 | ---- | M -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml

2011-08-12 05:51:25 | 000,001,406 | ---- | M -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml

2011-08-12 05:51:25 | 000,000,917 | ---- | M -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml

2011-08-12 05:51:25 | 000,000,858 | ---- | M -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml

2011-08-12 05:51:25 | 000,001,183 | ---- | M -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml

2011-08-12 05:51:25 | 000,001,683 | ---- | M -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2: 64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)

O2: 64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O2: 64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg64.dll (Google Inc.)

O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)

O3: 64bit: - HKLM..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O3: 64bit: - HKLM..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM..\Toolbar: (no name) - Locked - No CLSID value found.

O4: 64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)

O4: 64bit: - HKLM..\Run: [ASUS WebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe ()

O4: 64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)

O4: 64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)

O4: 64bit: - HKLM..\Run: [setwallpaper] File not found

O4: 64bit: - HKLM..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)

O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)

O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)

O4 - HKLM..\Run: [boingo Wi-Fi] C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk ()

O4 - HKLM..\Run: [csrs] C:\ProgramData\csrs.exe (Created with WinAutomation (http://www.WinAutomation.com))

O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)

O4 - HKLM..\Run: [startCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [svhost] C:\Program Files (x86)\Common Files\svhost.exe ()

O4 - HKLM..\Run: [updateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [updateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [winloqon] C:\ProgramData\winloqon.exe (Created with WinAutomation (http://www.WinAutomation.com))

O4 - HKCU..\Run: [ALLUpdate] File not found

O4 - HKCU..\Run: [ares] C:\Program Files (x86)\Ares\Ares.exe (Ares Development Group)

O4 - HKCU..\Run: [Crystal.exe] File not found

O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)

O4 - HKCU..\Run: [nvwiz] C:\ProgramData\nvwiz.exe ( )

O4 - HKCU..\Run: [syncables] C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe (syncables, LLC)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0

O8: 64bit: - Extra context menu item: Funkcja Google Sidewiki - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)

O8 - Extra context menu item: Funkcja Google Sidewiki - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)

O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)

O13 - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {AEA3991E-3109-4C98-989E-33994FEB1A91} http://content.systemrequirementslab.co ... .3.1.0.cab (SysInfo Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield.play4free.com/stati ... 0.64.2.cab (Battlefield Play4Free Updater)

O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces{1BDDC808-BEE0-410D-A296-FBB1A6A52803}: DhcpNameServer = 192.168.1.1

O18: 64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found

O18: 64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18: 64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found

O18: 64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18: 64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found

O18: 64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found

O18: 64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20: 64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20: 64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20: 64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20: 64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O21: 64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2{ade18496-7f94-11e0-88f9-20cf306c9b94}\Shell - "" = AutoRun

O33 - MountPoints2{ade18496-7f94-11e0-88f9-20cf306c9b94}\Shell\AutoRun\command - "" = H:\Startme.exe

O33 - MountPoints2{bbf5bd7c-11d1-11e0-832f-20cf306c9b94}\Shell - "" = AutoRun

O33 - MountPoints2{bbf5bd7c-11d1-11e0-832f-20cf306c9b94}\Shell\AutoRun\command - "" = G:\cdstart.exe

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35: 64bit: - HKLM..comfile [open] -- "%1" %*

O35: 64bit: - HKLM..exefile [open] -- "%1" %*

O35 - HKLM..comfile [open] -- "%1" %*

O35 - HKLM..exefile [open] -- "%1" %*

O37: 64bit: - HKLM...com [@ = comfile] -- "%1" %*

O37: 64bit: - HKLM...exe [@ = exefile] -- "%1" %*

O37 - HKLM...com [@ = comfile] -- "%1" %*

O37 - HKLM...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011-09-03 11:07:17 | 000,000,000 | ---D | C] -- C:\Users\Dawid\AppData\Roaming\Malwarebytes

[2011-09-03 11:07:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2011-09-03 11:07:00 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2011-09-03 10:54:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro

[2011-09-03 10:54:15 | 000,000,000 | ---D | C] -- C:\rsit

[2011-09-01 16:01:32 | 000,000,000 | ---D | C] -- C:\Users\Dawid\Documents\Battlefield Play4Free

[2011-09-01 15:16:45 | 000,000,000 | ---D | C] -- C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EA Games

[2011-08-30 19:22:04 | 000,000,000 | ---D | C] -- C:\Users\Dawid\AppData\Roaming\Mozilla

[2011-08-30 19:22:04 | 000,000,000 | ---D | C] -- C:\Users\Dawid\AppData\Local\Mozilla

[2011-08-30 19:21:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox

[2011-08-30 17:47:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games

2011-08-30 10:32:32 | 000,498,688 | ---- | C -- C:\ProgramData\nvwiz.exe

[2011-08-29 15:14:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IrfanView

[2011-08-25 13:38:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab

[2011-08-25 13:38:32 | 000,000,000 | ---D | C] -- C:\Users\Dawid\SystemRequirementsLab

[2011-08-23 20:04:35 | 000,000,000 | ---D | C] -- C:\Users\Dawid\AppData\Roaming\Ubisoft

[2011-08-21 19:09:00 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

[2011-08-11 09:08:32 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll

[2011-08-11 09:08:31 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll

[2011-08-11 09:08:31 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll

[2011-08-11 09:08:31 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll

[2011-08-11 09:08:31 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll

[2011-08-11 09:08:31 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll

[2011-08-11 09:08:30 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll

[2011-08-11 09:08:30 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll

[2011-08-11 09:08:30 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll

[2011-08-11 09:08:30 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll

[2011-08-11 09:08:28 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll

[2011-08-11 09:08:28 | 000,422,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll

[2011-08-11 09:08:28 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe

[2011-08-11 09:08:28 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll

[2011-08-11 09:08:28 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll

[2011-08-11 09:08:28 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe

[2011-08-11 09:08:27 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll

[2011-08-11 09:08:27 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll

[2011-08-11 09:08:27 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll

[2011-08-11 09:08:27 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll

[2011-08-11 09:08:27 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll

[2011-08-11 09:08:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll

[2011-08-11 09:08:26 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll

[2011-08-11 09:08:26 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll

[2011-08-11 09:08:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll

[2011-08-11 09:08:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll

[2011-08-11 09:08:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll

[2011-08-11 09:08:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll

[2011-08-11 09:08:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll

[2011-08-11 09:08:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll

[2011-08-11 09:08:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll

[2011-08-11 09:08:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll

[2011-08-11 09:08:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll

[2011-08-11 09:08:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll

[2011-08-11 09:08:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll

[2011-08-11 09:08:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll

[2011-08-11 09:08:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll

[2011-08-11 09:08:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll

[2011-08-11 09:08:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll

[2011-08-11 09:08:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll

[2011-08-11 09:08:25 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll

[2011-08-11 09:08:25 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll

[2011-08-11 09:08:25 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll

[2011-08-11 09:08:25 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll

[2011-08-11 09:08:25 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll

[2011-08-11 09:08:25 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll

[2011-08-11 09:08:25 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll

[2011-08-11 09:08:25 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll

[2011-08-11 09:08:25 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll

[2011-08-11 09:08:25 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll

[2011-08-11 09:08:25 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll

[2011-08-11 09:08:25 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll

[2011-08-11 09:08:25 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll

[2011-08-11 09:08:25 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll

[2011-08-11 09:08:25 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll

[2011-08-11 09:08:25 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll

[2011-08-11 09:08:25 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll

[2011-08-11 09:08:25 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll

[2011-08-11 09:08:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll

[2011-08-11 09:08:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll

[2011-08-11 09:08:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll

[2011-08-11 09:08:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll

[2011-08-11 09:08:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll

[2011-08-11 09:08:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll

[2011-08-11 09:08:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll

[2011-08-11 09:08:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll

[2011-08-11 09:08:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll

[2011-08-11 09:08:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll

[2011-08-11 09:08:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll

[2011-08-11 09:08:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll

[2011-08-11 09:08:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll

[2011-08-11 09:08:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll

[2011-08-11 09:08:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll

[2011-08-11 09:08:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll

[2011-08-11 09:08:24 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe

[2011-08-11 09:08:24 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll

[2011-08-11 09:08:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll

[2011-08-11 09:08:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll

[2011-08-11 09:08:24 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe

[2011-08-11 09:08:03 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll

[2011-08-11 09:08:01 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll

[2011-08-11 09:08:01 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll

[2011-08-11 09:08:01 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll

[2011-08-11 09:08:01 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

[2011-08-11 09:08:01 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll

[2011-08-11 09:08:01 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll

[2011-08-11 09:08:01 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll

[2011-08-11 09:08:01 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll

[2011-08-11 09:08:01 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll

[2011-08-11 09:08:00 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec

[2011-08-11 09:08:00 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec

[2011-08-11 09:08:00 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll

[2011-08-11 09:08:00 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe

[2011-08-11 09:08:00 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe

[2011-08-11 09:07:30 | 005,507,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe

[2011-08-11 09:07:28 | 003,957,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe

[2011-08-11 09:07:26 | 003,902,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe

[2011-08-10 09:18:38 | 000,000,000 | ---D | C] -- C:\Users\Dawid\AppData\Roaming\x

[2011-08-10 09:10:08 | 000,000,000 | ---D | C] -- C:\Users\Dawid\AppData\Roaming\kasica

[2011-08-08 15:08:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi

[2011-08-05 13:09:31 | 000,000,000 | ---D | C] -- C:\Users\Dawid\AppData\Roaming\mod

[2011-06-17 19:36:01 | 000,339,968 | RHS- | C] (Created with WinAutomation (http://www.WinAutomation.com)) -- C:\ProgramData\csrs.exe

[2011-06-17 19:36:01 | 000,331,776 | RHS- | C] (Created with WinAutomation (http://www.WinAutomation.com)) -- C:\ProgramData\winloqon.exe

[8 C:\Windows\SysWow64*.tmp files -> C:\Windows\SysWow64*.tmp ->]

[1 C:\Users\Dawid\AppData\Local*.tmp files -> C:\Users\Dawid\AppData\Local*.tmp ->]

========== Files - Modified Within 30 Days ==========

[2060-08-18 19:02:32 | 002,023,424 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWow64\VCL50.BPL

[2060-08-18 19:02:22 | 001,496,064 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWow64\CC3250MT.DLL

[2060-08-18 19:02:12 | 000,248,832 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWow64\VCLX50.BPL

[2060-08-18 18:40:44 | 000,909,824 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWow64\cp3245mt.dll

[2060-08-18 18:40:44 | 000,024,064 | ---- | M] (Inprise Corporation) -- C:\Windows\SysWow64\borlndmm.dll

2011-09-03 10:51:16 | 000,010,240 | -H-- | M -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2011-09-03 10:51:16 | 000,010,240 | -H-- | M -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2011-09-03 10:43:59 | 000,001,044 | ---- | M -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

2011-09-03 10:43:47 | 000,067,584 | --S- | M -- C:\Windows\bootstat.dat

2011-09-03 10:43:42 | 3105,259,520 | -HS- | M -- C:\hiberfil.sys

2011-09-02 20:38:00 | 000,001,048 | ---- | M -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

2011-09-01 21:29:25 | 000,234,768 | ---- | M -- C:\Windows\SysWow64\PnkBstrB.xtr

2011-09-01 21:29:25 | 000,234,768 | ---- | M -- C:\Windows\SysWow64\PnkBstrB.exe

2011-09-01 15:16:47 | 000,075,136 | ---- | M -- C:\Windows\SysWow64\PnkBstrA.exe

2011-08-30 19:22:00 | 000,001,144 | ---- | M -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

2011-08-30 19:11:47 | 000,001,886 | ---- | M -- C:\Windows\SysNative\AutoRunFilter.ini

2011-08-30 10:36:46 | 000,498,688 | ---- | M -- C:\ProgramData\nvwiz.exe

2011-08-30 10:32:33 | 000,000,000 | ---- | M -- C:\Users\Dawid\AppData\Local\patterns.ini

2011-08-29 19:14:26 | 001,310,660 | ---- | M -- C:\Users\Dawid\Documents\zdjcie119o.jpg

2011-08-26 18:24:30 | 000,000,549 | ---- | M -- C:\Users\Dawid\Desktop\Dirt 3.lnk

2011-08-26 18:04:58 | 000,003,288 | ---- | M -- C:\bootsqm.dat

[2011-08-21 19:09:51 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2011-08-18 11:10:46 | 001,549,696 | ---- | M -- C:\Windows\SysNative\PerfStringBackup.INI

2011-08-18 11:10:46 | 000,697,912 | ---- | M -- C:\Windows\SysNative\perfh015.dat

2011-08-18 11:10:46 | 000,616,008 | ---- | M -- C:\Windows\SysNative\perfh009.dat

2011-08-18 11:10:46 | 000,134,990 | ---- | M -- C:\Windows\SysNative\perfc015.dat

2011-08-18 11:10:46 | 000,106,388 | ---- | M -- C:\Windows\SysNative\perfc009.dat

[8 C:\Windows\SysWow64*.tmp files -> C:\Windows\SysWow64*.tmp ->]

[1 C:\Users\Dawid\AppData\Local*.tmp files -> C:\Users\Dawid\AppData\Local*.tmp ->]

========== Files Created - No Company Name ==========

2011-08-30 19:25:27 | 000,234,768 | ---- | C -- C:\Windows\SysWow64\PnkBstrB.xtr

2011-08-30 19:22:00 | 000,001,156 | ---- | C -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

2011-08-30 19:22:00 | 000,001,144 | ---- | C -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

2011-08-30 10:32:33 | 000,000,000 | ---- | C -- C:\Users\Dawid\AppData\Local\patterns.ini

2011-08-29 19:14:26 | 001,310,660 | ---- | C -- C:\Users\Dawid\Documents\zdjcie119o.jpg

2011-08-26 18:24:30 | 000,000,549 | ---- | C -- C:\Users\Dawid\Desktop\Dirt 3.lnk

2011-08-26 18:04:58 | 000,003,288 | ---- | C -- C:\bootsqm.dat

2011-08-10 09:09:51 | 006,719,683 | ---- | C -- C:\Users\Dawid\AppData\Roaming[1.7.3]LB Photo Realism Compressed.zip

2011-08-04 20:48:44 | 001,510,085 | ---- | C -- C:\Users\Dawid\AppData\Roaming\minecraft.jar

2011-07-18 12:37:15 | 000,000,000 | ---- | C -- C:\Users\Dawid\AppData\Local{771B24E3-2719-45A3-BCCD-EE18D9987A2B}

2011-06-19 19:47:43 | 000,000,300 | ---- | C -- C:\Windows\game.ini

2011-06-17 19:36:01 | 006,855,168 | RHS- | C -- C:\Program Files (x86)\Common Files\svhost.exe

2011-06-16 23:09:50 | 000,089,088 | ---- | C -- C:\Windows\SysWow64\Zlib.dll

2011-04-09 18:55:28 | 000,179,261 | ---- | C -- C:\Windows\SysWow64\xlive.dll.cat

2011-02-02 16:16:57 | 000,075,136 | ---- | C -- C:\Windows\SysWow64\PnkBstrA.exe

2011-02-02 16:16:49 | 000,234,768 | ---- | C -- C:\Windows\SysWow64\PnkBstrB.exe

2011-02-02 13:37:25 | 000,004,096 | ---- | C -- C:\Windows\d3dx.dat

2011-01-26 21:56:24 | 000,005,120 | ---- | C -- C:\Users\Dawid\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2011-01-23 11:31:18 | 000,034,816 | ---- | C -- C:\Windows\StmClean.exe

2011-01-20 21:24:17 | 000,010,240 | ---- | C -- C:\Windows\SysWow64\vidx16.dll

2011-01-17 18:55:20 | 000,007,611 | ---- | C -- C:\Users\Dawid\AppData\Local\resmon.resmoncfg

2010-12-27 11:14:00 | 000,000,056 | -H-- | C -- C:\ProgramData\ezsidmv.dat

2010-12-25 15:00:56 | 000,000,157 | ---- | C -- C:\Windows\disney.ini

2010-09-30 00:36:29 | 000,053,248 | ---- | C -- C:\Windows\SysWow64\LogonStart.dll

2010-09-30 00:28:54 | 000,000,000 | ---- | C -- C:\Windows\ativpsrm.bin

2010-02-09 09:07:38 | 000,020,480 | ---- | C -- C:\Windows\OOBEPlayer.exe

2010-02-09 09:07:38 | 000,000,269 | ---- | C -- C:\Windows\OOBEPlayer.ini

2009-10-26 05:38:22 | 000,000,176 | ---- | C -- C:\Windows\explorer.exe.config

2009-07-29 07:20:40 | 000,000,010 | ---- | C -- C:\Windows\SysWow64\ABLKSR.ini

2009-07-14 07:38:36 | 000,067,584 | --S- | C -- C:\Windows\bootstat.dat

2009-07-14 04:35:51 | 000,000,741 | ---- | C -- C:\Windows\SysWow64\NOISE.DAT

2009-07-14 04:34:42 | 000,215,943 | ---- | C -- C:\Windows\SysWow64\dssec.dat

2009-07-14 02:10:29 | 000,043,131 | ---- | C -- C:\Windows\mib.bin

2009-07-14 01:42:10 | 000,064,000 | ---- | C -- C:\Windows\SysWow64\BWContextHandler.dll

2009-07-13 23:03:59 | 000,364,544 | ---- | C -- C:\Windows\SysWow64\msjetoledb40.dll

2009-06-10 23:26:10 | 000,673,088 | ---- | C -- C:\Windows\SysWow64\mlang.dat

2006-05-19 05:39:57 | 000,015,497 | ---- | C -- C:\Windows\snp2uvc.ini

========== Alternate Data Streams ==========

@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:4CF61E54

@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:115CEE00

@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:A724744F

@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:AB689DEA

< End of report >


(jessica) #4

Uruchom OTL i w oknie Własne opcje skanowania/Script wklej to:

Kliknij w Wykonaj Script. Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie.

Następnie uruchom OTL ponownie, tym razem kliknij Skanuj.

Pokaż nowy log OTL.txt oraz raport z usuwania.

Log wklej na > http://www.wklejto.pl/ , a tu daj tylko link.

jessi


(Stefan9713) #5

Otl.txt

http://wklejto.pl/104326

Raport

http://wklejto.pl/104327


(jessica) #6

Wg mnie - powinno być OK.

W OTL kliknij na przycisk Sprzątanie - to go usunie razem z jego Kwarantanną.

jessi


(Stefan9713) #7

Spoko. Dzięki :smiley:


#8

stefan9713 , proszę o zapoznanie się z tematem zasady-wklejania-logow-forum-t253052.html i dostosowanie się do niego. W przeciwnym wypadku temat poleci do kosza.