Problem z programem Privacy Protection


(Hoopcola 95) #1

Witam. Mam problem z pewnym programem "Privacy Protection". Nie wiem co mam zrobić pomocy. Włącza się program po czym zaczyna coś skanować nie wiem do końca o co chodzi. Powiedzieli mi niektórzy, ze to wirus i ze tutaj na forum mi pomożecie. A wię nie zawiedzcie mnie i proszę o jak najszybszą pomoc. Pozdro. Z góry dzięki.

-- Dodane 12.11.2011 (So) 19:46 --

eee a jednak nikt nie pomoze. :frowning: :frowning: :frowning: :frowning: ale lipnie ;(


(Miodowe) #2

To jakiś program fake. Jak chcesz się go pozbyć samemu spróbuj tym http://www.dobreprogramy.pl/Malwarebyte ... 13117.html

a najlepiej jak wykonasz obowiązkowe logi OTL.


(Bartolini234) #3

Dziecinny post,skoro chcesz pomocy,to chociaż przeczytaj zasady działu,to forum komputerowe,a nie zlot wróżek.

Bez logów OTL nikt nic nie pomoże,a są one podstawą tutaj.Więc wykonaj je i załącz według TEJ INSTRUKCJI.


(Hoopcola 95) #4

No dobra a mozesz mi powiedziec w stronie wklej.to o co chodzi w: Rodzaj kolorowania Kod usuwający Klucz zabezpieczający co w tych polach wpisac?


(Bartolini234) #5

Nic nie wpisuj,wklejasz log,generujesz wklejkę i adres do niej podajesz na forum,to tyle :slight_smile:


(Hoopcola 95) #6

no i dobra skanuje mi sie. Bartolini234 mistrzu mozesz być w poblizu mojego tematu w razie pomocy.? Plisss

-- Dodane 12.11.2011 (So) 20:12 --

ok przeskanowane ile powinno mi sie okienek otworzyc bo otworzło mi sie jedno samo OTL

-- Dodane 12.11.2011 (So) 20:22 --

OTL logfile created on: 2011-11-12 19:14:22 - Run 2

OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Oliwier\Downloads

64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,91 Gb Total Physical Memory | 1,40 Gb Available Physical Memory | 35,68% Memory free

7,83 Gb Paging File | 5,29 Gb Available in Paging File | 67,61% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 115,22 Gb Total Space | 44,94 Gb Free Space | 39,01% Space Free | Partition Type: NTFS

Drive D: | 329,05 Gb Total Space | 310,70 Gb Free Space | 94,42% Space Free | Partition Type: NTFS

Drive R: | 21,47 Gb Total Space | 8,87 Gb Free Space | 41,32% Space Free | Partition Type: FAT32

Computer Name: OLIWIERDJ | User Name: Oliwier | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011-11-12 19:02:27 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Oliwier\Downloads\OTL(1).exe

PRC - 2011-11-02 16:00:01 | 000,257,024 | ---- | M -- C:\Windows\sysdriver32.exe

PRC - 2011-10-31 17:18:30 | 000,344,576 | ---- | M -- C:\Windows\update.5.0\svchost.exe

PRC - 2011-10-31 17:18:30 | 000,344,576 | ---- | M -- C:\Windows\update.5.0\svchost.exe

PRC - 2011-10-31 17:18:30 | 000,344,576 | ---- | M -- C:\Windows\update.5.0\svchost.exe

PRC - 2011-10-31 17:18:30 | 000,344,576 | ---- | M -- C:\Windows\update.5.0\svchost.exe

PRC - 2011-10-31 17:18:30 | 000,344,576 | ---- | M -- C:\Windows\update.5.0\svchost.exe

PRC - 2011-10-31 17:18:30 | 000,344,576 | ---- | M -- C:\Windows\update.5.0\svchost.exe

PRC - 2011-10-31 17:18:30 | 000,344,576 | ---- | M -- C:\Windows\update.5.0\svchost.exe

PRC - 2011-10-31 17:18:30 | 000,344,576 | ---- | M -- C:\Windows\update.5.0\svchost.exe

PRC - 2011-10-31 17:18:30 | 000,344,576 | ---- | M -- C:\Windows\update.5.0\svchost.exe

PRC - 2011-10-31 17:18:30 | 000,344,576 | ---- | M -- C:\Windows\update.5.0\svchost.exe

PRC - 2011-10-31 17:15:49 | 001,942,528 | ---- | M -- C:\Windows\update.2\svchost.exe

PRC - 2011-10-31 17:15:49 | 001,942,528 | ---- | M -- C:\Windows\update.2\svchost.exe

PRC - 2011-10-31 17:15:49 | 001,942,528 | ---- | M -- C:\Windows\update.2\svchost.exe

PRC - 2011-10-31 17:15:49 | 001,942,528 | ---- | M -- C:\Windows\update.2\svchost.exe

PRC - 2011-10-31 17:15:49 | 001,942,528 | ---- | M -- C:\Windows\update.2\svchost.exe

PRC - 2011-10-31 17:15:49 | 001,942,528 | ---- | M -- C:\Windows\update.2\svchost.exe

PRC - 2011-10-31 17:15:49 | 001,942,528 | ---- | M -- C:\Windows\update.2\svchost.exe

PRC - 2011-10-31 17:15:49 | 001,942,528 | ---- | M -- C:\Windows\update.2\svchost.exe

PRC - 2011-10-31 17:15:49 | 001,942,528 | ---- | M -- C:\Windows\update.2\svchost.exe

PRC - 2011-08-22 20:15:37 | 000,232,960 | ---- | M -- C:\Windows\l1rezerv.exe

PRC - 2011-08-22 20:10:56 | 000,382,464 | ---- | M -- C:\Windows\update.7.1\svchostdriver.exe

PRC - 2011-08-22 19:54:32 | 001,213,440 | -H-- | M -- C:\Windows\update.1\svchost.exe

PRC - 2011-08-22 19:54:32 | 001,213,440 | ---- | M -- C:\Windows\services32.exe

PRC - [2011-08-11 16:55:16 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

PRC - 2011-06-29 11:20:24 | 000,743,936 | ---- | M -- C:\Windows\ufa\ufa.exe

PRC - [2011-06-01 13:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe

PRC - [2011-05-26 08:18:08 | 013,345,376 | ---- | M] (GG Network S.A.) -- C:\Program Files (x86)\Gadu-Gadu 10\gg.exe

PRC - 2011-03-05 02:39:05 | 003,058,304 | ---- | M -- C:\Windows\AsScrPro.exe

PRC - [2010-11-30 01:49:59 | 001,997,416 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

PRC - 2010-10-07 23:05:14 | 000,170,624 | ---- | M -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

PRC - 2010-08-21 03:47:58 | 000,077,312 | ---- | M -- C:\ExpressGateUtil\VAWinService.exe

PRC - 2010-08-17 23:55:42 | 005,732,992 | ---- | M -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

PRC - 2010-08-13 02:52:16 | 000,021,504 | ---- | M -- C:\ExpressGateUtil\VAWinAgent.exe

PRC - [2010-07-19 21:26:00 | 000,370,480 | ---- | M] (syncables, LLC) -- C:\Program Files (x86)\syncables\syncables desktop\syncables.exe

PRC - [2010-07-19 21:26:00 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe

PRC - 2010-05-25 00:44:48 | 000,151,552 | ---- | M -- C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe

PRC - [2010-01-21 07:22:03 | 000,909,824 | ---- | M] (Sonix Technology Co., Ltd.) -- C:\Windows\vsnp2uvc.exe

PRC - [2009-12-23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- D:\Alcohol\Alcohol 120\StarWind\StarWindServiceAE.exe

PRC - 2009-12-15 19:39:38 | 000,096,896 | ---- | M -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

PRC - 2009-11-02 23:21:26 | 000,103,720 | ---- | M -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

PRC - 2009-07-31 19:38:24 | 000,305,720 | ---- | M -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe

PRC - [2009-07-06 23:22:04 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe

PRC - 2009-06-19 19:29:42 | 000,105,016 | ---- | M -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

PRC - 2009-06-16 02:30:42 | 000,084,536 | ---- | M -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

PRC - 2007-11-30 20:20:44 | 000,051,768 | ---- | M -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe

========== Modules (No Company Name) ==========

MOD - 2011-08-22 20:15:37 | 000,232,960 | ---- | M -- C:\Windows\l1rezerv.exe

MOD - 2011-08-22 19:54:32 | 001,213,440 | ---- | M -- C:\Windows\services32.exe

MOD - 2011-08-11 16:55:15 | 001,846,232 | ---- | M -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

MOD - 2011-05-26 08:18:56 | 000,217,696 | ---- | M -- C:\Program Files (x86)\Gadu-Gadu 10\gglog.dll

MOD - 2011-05-26 08:18:56 | 000,123,488 | ---- | M -- C:\Program Files (x86)\Gadu-Gadu 10\ggipcradioproxy.dll

MOD - 2011-05-26 08:18:52 | 000,017,504 | ---- | M -- C:\Program Files (x86)\Gadu-Gadu 10\ggipc.dll

MOD - 2011-05-26 08:18:50 | 000,027,744 | ---- | M -- C:\Program Files (x86)\Gadu-Gadu 10\ggcrypto.dll

MOD - 2011-05-26 08:18:48 | 000,356,960 | ---- | M -- C:\Program Files (x86)\Gadu-Gadu 10\ggcommon.dll

MOD - 2011-04-16 04:04:30 | 014,749,696 | ---- | M -- C:\Program Files (x86)\Gadu-Gadu 10\QtWebKit4.dll

MOD - 2011-02-17 10:00:28 | 001,781,760 | ---- | M -- C:\Program Files (x86)\Gadu-Gadu 10\QtScript4.dll

MOD - 2011-02-17 10:00:28 | 000,393,216 | ---- | M -- C:\Program Files (x86)\Gadu-Gadu 10\QtXml4.dll

MOD - 2011-02-17 10:00:28 | 000,327,680 | ---- | M -- C:\Program Files (x86)\Gadu-Gadu 10\QtSvg4.dll

MOD - 2011-02-17 10:00:26 | 001,044,480 | ---- | M -- C:\Program Files (x86)\Gadu-Gadu 10\QtNetwork4.dll

MOD - 2011-02-17 10:00:24 | 009,097,216 | ---- | M -- C:\Program Files (x86)\Gadu-Gadu 10\QtGui4.dll

MOD - 2011-02-17 10:00:24 | 002,560,000 | ---- | M -- C:\Program Files (x86)\Gadu-Gadu 10\QtCore4.dll

MOD - 2011-02-17 09:59:40 | 000,311,296 | ---- | M -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qtiff4.dll

MOD - 2011-02-17 09:59:40 | 000,274,432 | ---- | M -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qmng4.dll

MOD - 2011-02-17 09:59:40 | 000,143,360 | ---- | M -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qjpeg4.dll

MOD - 2011-02-17 09:59:40 | 000,027,648 | ---- | M -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qgif4.dll

MOD - 2011-02-17 09:59:40 | 000,018,944 | ---- | M -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qsvg4.dll

MOD - 2011-02-17 09:59:32 | 000,059,904 | ---- | M -- C:\Program Files (x86)\Gadu-Gadu 10\zlib1.dll

MOD - 2010-11-30 01:49:59 | 000,004,096 | ---- | M -- C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll

MOD - 2010-08-13 02:52:16 | 000,021,504 | ---- | M -- C:\ExpressGateUtil\VAWinAgent.exe

MOD - 2009-11-02 23:23:36 | 000,013,096 | ---- | M -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll

MOD - 2009-11-02 23:20:10 | 000,619,816 | ---- | M -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll

MOD - 2009-07-18 04:21:00 | 003,883,424 | ---- | M -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

MOD - 2009-07-14 02:15:51 | 000,232,448 | ---- | M -- \?\globalroot\systemroot\syswow64\mswsock.DLL

MOD - 2007-11-30 20:20:44 | 000,051,768 | ---- | M -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe

========== Win32 Services (SafeList) ==========

SRV - 2011-11-02 16:00:01 | 000,257,024 | ---- | M [Auto | Running] -- C:\Windows\sysdriver32.exe -- (srvsysdriver32)

SRV - 2011-08-22 20:10:56 | 000,382,464 | ---- | M [Auto | Running] -- C:\Windows\update.7.1\svchostdriver.exe -- (ddservice)

SRV - [2011-06-01 13:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)

SRV - [2010-11-30 01:49:59 | 001,997,416 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)

SRV - [2010-11-26 05:29:54 | 000,052,896 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe -- (AtherosSvc)

SRV - 2010-08-21 03:47:58 | 000,077,312 | ---- | M [Auto | Running] -- C:\ExpressGateUtil\VAWinService.exe -- (VideAceWindowsService)

SRV - 2010-05-25 00:44:48 | 000,151,552 | ---- | M [Auto | Running] -- C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent)

SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2009-12-23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- D:\Alcohol\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)

SRV - 2009-12-15 19:39:38 | 000,096,896 | ---- | M [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)

SRV - 2009-06-16 02:30:42 | 000,084,536 | ---- | M [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)

SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV - 2010-07-26 22:57:20 | 000,017,024 | ---- | M [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)

DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

DRV - 2009-07-03 02:36:14 | 000,015,416 | ---- | M [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddr&s={searchTerms}&f=4

IE - HKLM..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)

IE - HKU.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3143684902-87973750-473527267-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com

IE - HKU\S-1-5-21-3143684902-87973750-473527267-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com

IE - HKU\S-1-5-21-3143684902-87973750-473527267-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3143684902-87973750-473527267-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com

IE - HKU\S-1-5-21-3143684902-87973750-473527267-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2786678

IE - HKU\S-1-5-21-3143684902-87973750-473527267-1002..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)

IE - HKU\S-1-5-21-3143684902-87973750-473527267-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: " "

FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&SearchSource=3&q={searchTerms}"

FF - prefs.js..browser.startup.homepage: "http://my.daemon-search.com/|www.google.pl"

FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&q="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\msntoolbar@msn.com: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\Firefox [2011-03-05 02:05:47 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011-03-05 02:05:51 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2011-03-05 02:05:54 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011-08-11 16:55:16 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011-10-11 21:49:15 | 000,000,000 | ---D | M]

[2011-05-30 20:15:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Oliwier\AppData\Roaming\mozilla\Extensions

[2011-11-12 17:22:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Oliwier\AppData\Roaming\mozilla\Firefox\Profiles\gl8rpp5p.default\extensions

2011-07-10 10:13:10 | 000,000,000 | ---D | M -- C:\Users\Oliwier\AppData\Roaming\mozilla\Firefox\Profiles\gl8rpp5p.default\extensions{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}

[2011-10-03 19:43:07 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Users\Oliwier\AppData\Roaming\mozilla\Firefox\Profiles\gl8rpp5p.default\extensions\DTToolbar@toolbarnet.com

[2011-07-05 00:24:40 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Oliwier\AppData\Roaming\mozilla\Firefox\Profiles\gl8rpp5p.default\extensions\engine@conduit.com

2011-10-08 16:14:21 | 000,000,000 | ---D | M -- C:\Users\Oliwier\AppData\Roaming\mozilla\Firefox\Profiles\gl8rpp5p.default\extensions\ffxtlbr@Facemoods.com

[2011-08-23 21:40:05 | 000,000,000 | ---D | M] (Vividas player plugin) -- C:\Users\Oliwier\AppData\Roaming\mozilla\Firefox\Profiles\gl8rpp5p.default\extensions\player@vividas.com

2011-07-05 00:24:40 | 000,000,863 | ---- | M -- C:\Users\Oliwier\AppData\Roaming\Mozilla\Firefox\Profiles\gl8rpp5p.default\searchplugins\conduit.xml

2011-10-03 19:42:52 | 000,002,055 | ---- | M -- C:\Users\Oliwier\AppData\Roaming\Mozilla\Firefox\Profiles\gl8rpp5p.default\searchplugins\daemon-search.xml

[2011-10-11 21:49:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions

[2011-10-11 21:49:17 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

[2011-08-11 16:55:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\distribution\extensions

() (No name found) -- C:\USERS\OLIWIER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GL8RPP5P.DEFAULT\EXTENSIONS\TESTPILOT@LABS.MOZILLA.COM.XPI

[2011-08-11 16:55:16 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2011-10-11 21:49:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll

2011-06-20 14:47:30 | 000,189,088 | ---- | M -- C:\Program Files (x86)\mozilla firefox\plugins\npVividasPlayer.dll

2011-06-22 11:07:16 | 000,002,767 | ---- | M -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml

2011-06-22 11:07:16 | 000,001,406 | ---- | M -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml

2010-12-13 13:36:54 | 000,002,035 | ---- | M -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchddr.xml

2011-06-22 11:07:16 | 000,000,917 | ---- | M -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml

2011-06-22 11:07:16 | 000,000,858 | ---- | M -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml

2011-06-22 11:07:16 | 000,001,183 | ---- | M -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml

2011-06-22 11:07:16 | 000,001,683 | ---- | M -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml

========== Chrome ==========

CHR - default_search_provider: ()

CHR - default_search_provider: search_url =

CHR - default_search_provider: suggest_url =

CHR - Extension: No name found = C:\Users\Oliwier\AppData\Local\Google\Chrome\User Data\Default\Extensions\bejbohlohkkgompgecdcbbglkpjfjgdj\2.0.1.4_0\

O1 HOSTS File: ([2011-11-12 17:20:22 | 000,202,984 | -H-- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: 127.0.0.1 facebook.com

O1 - Hosts: 127.0.0.1 http://www.facebook.com

O1 - Hosts: 127.0.0.1 af-za.facebook.com

O1 - Hosts: 127.0.0.1 az-az.facebook.com

O1 - Hosts: 127.0.0.1 id-id.facebook.com

O1 - Hosts: 127.0.0.1 ms-my.facebook.com

O1 - Hosts: 127.0.0.1 bs-ba.facebook.com

O1 - Hosts: 127.0.0.1 ca-es.facebook.com

O1 - Hosts: 127.0.0.1 cs-cz.facebook.com

O1 - Hosts: 127.0.0.1 cy-gb.facebook.com

O1 - Hosts: 127.0.0.1 da-dk.facebook.com

O1 - Hosts: 127.0.0.1 de-de.facebook.com

O1 - Hosts: 127.0.0.1 et-ee.facebook.com

O1 - Hosts: 127.0.0.1 en-gb.facebook.com

O1 - Hosts: 127.0.0.1 es-la.facebook.com

O1 - Hosts: 127.0.0.1 eo-eo.facebook.com

O1 - Hosts: 127.0.0.1 eu-es.facebook.com

O1 - Hosts: 127.0.0.1 tl-ph.facebook.com

O1 - Hosts: 127.0.0.1 fo-fo.facebook.com

O1 - Hosts: 127.0.0.1 fr-fr.facebook.com

O1 - Hosts: 127.0.0.1 fy-nl.facebook.com

O1 - Hosts: 127.0.0.1 ga-ie.facebook.com

O1 - Hosts: 127.0.0.1 gl-es.facebook.com

O1 - Hosts: 127.0.0.1 ko-kr.facebook.com

O1 - Hosts: 50053 more lines...

O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngin.dll (Conduit Ltd.)

O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\bh\facemoods.dll (facemoods.com BHO)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)

O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)

O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)

O3 - HKLM..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngin.dll (Conduit Ltd.)

O3 - HKLM..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()

O3 - HKLM..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)

O3 - HKLM..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)

O3 - HKLM..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\facemoodsTlbr.dll (facemoods.com)

O3 - HKLM..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKU\S-1-5-21-3143684902-87973750-473527267-1002..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()

O3 - HKU\S-1-5-21-3143684902-87973750-473527267-1002..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files (x86)\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)

O4 - HKLM..\Run: [3503196.exe] C:\Windows\Temp\3503196.exe ()

O4 - HKLM..\Run: [404926.exe] C:\Users\Oliwier\AppData\Local\Temp\404926.exe ()

O4 - HKLM..\Run: [4564515.exe] C:\Windows\Temp\4564515.exe ()

O4 - HKLM..\Run: [4896140.exe] C:\Windows\Temp\4896140.exe ()

O4 - HKLM..\Run: [5223334.exe] C:\Users\Oliwier\AppData\Local\Temp\5223334.exe ()

O4 - HKLM..\Run: [77583013-loader2.exe] C:\Windows\Temp\77583013-loader2.exe ()

O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)

O4 - HKLM..\Run: [facemoods] C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\facemoodssrv.exe (facemoods.com)

O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)

O4 - HKLM..\Run: [l1rezerv.exe] C:\Windows\l1rezerv.exe ()

O4 - HKLM..\Run: [Nuance PDF Reader-reminder] C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe (Nuance Communications, Inc.)

O4 - HKLM..\Run: [RemoteControl9] C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)

O4 - HKLM..\Run: [sessionLogon] C:\ExpressGateUtil\SessionLogon.exe File not found

O4 - HKLM..\Run: [sonicMasterTray] C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe (Virage Logic Corporation / Sonic Focus)

O4 - HKLM..\Run: [sysdriver32.exe] C:\Windows\sysdriver32.exe ()

O4 - HKLM..\Run: [sysdriver32_.exe] C:\Windows\sysdriver32_.exe ()

O4 - HKLM..\Run: [systemup] C:\Windows\systemup.exe ()

O4 - HKLM..\Run: [tray_ico] File not found

O4 - HKLM..\Run: [tray_ico0] File not found

O4 - HKLM..\Run: [tray_ico1] File not found

O4 - HKLM..\Run: [tray_ico2] File not found

O4 - HKLM..\Run: [tray_ico3] File not found

O4 - HKLM..\Run: [tray_ico4] File not found

O4 - HKLM..\Run: [updateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [updateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [updatePSTShortCut] C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [VAWinAgent] C:\ExpressGateUtil\VAWinAgent.exe ()

O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()

O4 - HKLM..\Run: [wxpdrv] C:\Windows\services32.exe ()

O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-3143684902-87973750-473527267-1000..\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)

O4 - HKU\S-1-5-21-3143684902-87973750-473527267-1000..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-3143684902-87973750-473527267-1002..\Run: [AlcoholAutomount] D:\Alcohol\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)

O4 - HKU\S-1-5-21-3143684902-87973750-473527267-1002..\Run: [ares] "D:\Ares\Ares.exe" -h File not found

O4 - HKU\S-1-5-21-3143684902-87973750-473527267-1002..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)

O4 - HKU\S-1-5-21-3143684902-87973750-473527267-1002..\Run: [ChomikBox] C:\Program Files (x86)\ChomikBox\ChomikBox.exe File not found

O4 - HKU\S-1-5-21-3143684902-87973750-473527267-1002..\Run: [DAEMON Tools Lite] D:\Bartka\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)

O4 - HKU\S-1-5-21-3143684902-87973750-473527267-1002..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe (Electronic Arts)

O4 - HKU\S-1-5-21-3143684902-87973750-473527267-1002..\Run: [Gadu-Gadu 10] C:\Program Files (x86)\Gadu-Gadu 10\gg.exe (GG Network S.A.)

O4 - HKU\S-1-5-21-3143684902-87973750-473527267-1002..\Run: [Privacy Protection] C:\ProgramData\privacy.exe (JetBrains s.r.o)

O4 - HKU\S-1-5-21-3143684902-87973750-473527267-1002..\Run: [syncables] C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe (syncables, LLC)

O4 - HKU\S-1-5-21-3143684902-87973750-473527267-1002..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - HKU\S-1-5-21-3143684902-87973750-473527267-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - Startup: C:\Users\Oliwier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe (Stardock)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 0

O7 - HKU\S-1-5-21-3143684902-87973750-473527267-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-3143684902-87973750-473527267-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0

O7 - HKU\S-1-5-21-3143684902-87973750-473527267-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\system32\wshbth.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\system32\wshbth.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\system32\wshbth.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\system32\wshbth.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - %SystemRoot%\system32\wshbth.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - %SystemRoot%\system32\wshbth.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - %SystemRoot%\system32\wshbth.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - %SystemRoot%\system32\wshbth.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - %SystemRoot%\system32\wshbth.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - %SystemRoot%\system32\wshbth.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - %SystemRoot%\system32\wshbth.dll File not found

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)

O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)

O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.247.0.217 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces{0F87A409-F8D3-421B-9198-BA6161247D60}: DhcpNameServer = 194.247.0.217 192.168.1.1

O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) -C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKU\S-1-5-21-3143684902-87973750-473527267-1002 Winlogon: Shell - (C:\Users\Oliwier\AppData\Local\dcaf96e9\X) - File not found

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O31 - SafeBoot: AlternateShell - services32.exe

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2{955ac940-edea-11e0-a3ac-806e6f6e6963}\Shell - "" = AutoRun

O33 - MountPoints2{955ac940-edea-11e0-a3ac-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Autorun.exe

O33 - MountPoints2{b66d6440-a938-11e0-aa64-806e6f6e6963}\Shell - "" = AutoRun

O33 - MountPoints2{b66d6440-a938-11e0-aa64-806e6f6e6963}\Shell\AutoRun\command - "" = F:\RunGame.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM..comfile [open] -- "%1" %*

O35 - HKLM..exefile [open] -- "%1" %*

O37 - HKLM...com [@ = comfile] -- "%1" %*

O37 - HKLM...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011-11-12 17:19:58 | 000,000,000 | R--D | C] -- C:\Users\Oliwier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices

[2011-11-07 20:38:34 | 000,834,560 | ---- | C] (JetBrains s.r.o) -- C:\ProgramData\privacy.exe

[2011-11-07 20:37:42 | 000,000,000 | ---D | C] -- C:\Windows\Sun

[2011-10-31 18:53:53 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

[2011-10-31 18:02:09 | 000,000,000 | ---D | C] -- C:\Users\Oliwier\Documents\FIFA 12

[2011-10-31 17:59:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Sports

[2011-10-24 21:57:39 | 000,000,000 | -HSD | C] -- C:\Config.Msi

[2011-10-24 16:09:29 | 000,000,000 | ---D | C] -- C:\Users\Oliwier\AppData\Local\ODUI

[2011-10-24 16:09:19 | 000,000,000 | ---D | C] -- C:\Users\Oliwier\Documents\Stardock

[2011-10-24 16:09:19 | 000,000,000 | ---D | C] -- C:\Users\Oliwier\AppData\Local\Stardock

[2011-10-24 16:09:15 | 000,000,000 | ---D | C] -- C:\Users\Oliwier\AppData\Roaming\Stardock

[2011-10-24 16:09:13 | 000,000,000 | -H-D | C] -- C:\ProgramData{5486EA6B-AF91-4B4B-868E-F80AB4BCD83A}

[2011-10-24 16:09:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock

[2011-10-24 16:09:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Stardock

[2011-10-24 16:08:37 | 000,000,000 | ---D | C] -- C:\Users\Oliwier\AppData\Local\PackageAware

[2 C:\Windows\SysWow64*.tmp files -> C:\Windows\SysWow64*.tmp ->]

========== Files - Modified Within 30 Days ==========

2011-11-12 19:15:25 | 002,097,152 | -HS- | M -- C:\Users\Oliwier\NTUSER.DAT

2011-11-12 18:18:00 | 000,001,062 | ---- | M -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

2011-11-12 17:19:52 | 000,000,035 | ---- | M -- C:\Users\Public\Documents\AtherosServiceConfig.ini

2011-11-12 17:19:43 | 000,001,058 | ---- | M -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

2011-11-12 17:19:39 | 000,000,006 | -H-- | M -- C:\Windows\tasks\SA.DAT

2011-11-12 17:19:33 | 000,067,584 | --S- | M -- C:\Windows\bootstat.dat

2011-11-12 17:19:27 | 3151,851,520 | -HS- | M -- C:\hiberfil.sys

[2011-11-07 20:38:34 | 000,834,560 | ---- | M] (JetBrains s.r.o) -- C:\ProgramData\privacy.exe

2011-11-07 20:38:34 | 000,000,630 | ---- | M -- C:\Users\Oliwier\Desktop\Privacy Protection.lnk

2011-11-02 16:00:03 | 000,000,225 | ---- | M -- C:\Windows\info1

2011-11-02 16:00:01 | 000,257,024 | ---- | M -- C:\Windows\sysdriver32_.exe

2011-11-02 16:00:01 | 000,257,024 | ---- | M -- C:\Windows\sysdriver32.exe

2011-11-01 08:58:02 | 000,001,275 | ---- | M -- C:\Users\Oliwier\Desktop\FIFA 12 Conf..lnk

2011-11-01 08:55:10 | 000,000,868 | ---- | M -- C:\Users\Oliwier\Desktop\FIFA 11 — skrót.lnk

[2011-10-31 18:53:53 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2011-10-31 17:59:11 | 000,000,724 | ---- | M -- C:\Users\Public\Desktop\FIFA 12.lnk

2011-10-24 21:57:50 | 000,002,082 | ---- | M -- C:\Users\Oliwier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk

2011-10-23 16:49:03 | 000,233,963 | ---- | M -- C:\Users\Oliwier\Documents\Bartek.wma

2011-10-23 16:47:42 | 000,233,963 | ---- | M -- C:\Users\Oliwier\Documents\Bez_nazwy (2).wma

2011-10-19 14:33:41 | 000,400,093 | ---- | M -- C:\Users\Oliwier\Documents\Bez_nazwy.wma

[2 C:\Windows\SysWow64*.tmp files -> C:\Windows\SysWow64*.tmp ->]

========== Files Created - No Company Name ==========

2011-11-07 20:38:34 | 000,000,630 | ---- | C -- C:\Users\Oliwier\Desktop\Privacy Protection.lnk

2011-11-01 08:58:02 | 000,001,275 | ---- | C -- C:\Users\Oliwier\Desktop\FIFA 12 Conf..lnk

2011-11-01 08:55:10 | 000,000,868 | ---- | C -- C:\Users\Oliwier\Desktop\FIFA 11 — skrót.lnk

2011-10-31 17:59:11 | 000,000,724 | ---- | C -- C:\Users\Public\Desktop\FIFA 12.lnk

2011-10-24 16:09:19 | 000,002,082 | ---- | C -- C:\Users\Oliwier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk

2011-10-23 16:49:03 | 000,233,963 | ---- | C -- C:\Users\Oliwier\Documents\Bartek.wma

2011-10-23 16:47:42 | 000,233,963 | ---- | C -- C:\Users\Oliwier\Documents\Bez_nazwy (2).wma

2011-10-19 14:33:41 | 000,400,093 | ---- | C -- C:\Users\Oliwier\Documents\Bez_nazwy.wma

2011-08-22 20:15:42 | 000,232,960 | ---- | C -- C:\Windows\l1rezerv.exe

2011-08-22 20:08:31 | 000,130,560 | ---- | C -- C:\Windows\systemup.exe

2011-08-22 19:57:19 | 000,246,272 | ---- | C -- C:\Windows\unrar.exe

2011-08-22 19:55:26 | 000,000,000 | ---- | C -- C:\Windows\loader2.exe_ok

2011-08-22 19:55:22 | 000,257,024 | ---- | C -- C:\Windows\sysdriver32_.exe

2011-08-22 19:55:08 | 000,257,024 | ---- | C -- C:\Windows\sysdriver32.exe

2011-08-22 19:54:42 | 001,213,440 | ---- | C -- C:\Windows\services32.exe

2011-06-04 12:34:18 | 000,000,020 | ---- | C -- C:\Windows\ATKPF.ini

2011-05-30 20:02:07 | 000,063,152 | ---- | C -- C:\Users\Oliwier\AppData\Local\GDIPFONTCACHEV1.DAT

2011-03-05 02:06:54 | 000,131,472 | ---- | C -- C:\ProgramData\FullRemove.exe

2010-11-28 14:21:29 | 000,145,804 | ---- | C -- C:\Windows\SysWow64\igcompkrng600.bin

2010-11-28 14:21:27 | 000,960,940 | ---- | C -- C:\Windows\SysWow64\igkrng600.bin

2010-11-28 14:21:27 | 000,206,952 | ---- | C -- C:\Windows\SysWow64\igfcg600m.bin

2009-10-26 04:38:22 | 000,000,176 | ---- | C -- C:\Windows\explorer.exe.config

2009-07-29 06:20:40 | 000,000,010 | ---- | C -- C:\Windows\SysWow64\ABLKSR.ini

2009-07-14 06:38:36 | 000,067,584 | --S- | C -- C:\Windows\bootstat.dat

2009-07-14 03:35:51 | 000,000,741 | ---- | C -- C:\Windows\SysWow64\NOISE.DAT

2009-07-14 03:35:42 | 000,001,405 | ---- | C -- C:\Windows\msdfmap.ini

2009-07-14 03:34:57 | 000,000,403 | ---- | C -- C:\Windows\win.ini

2009-07-14 03:34:57 | 000,000,219 | ---- | C -- C:\Windows\system.ini

2009-07-14 03:34:42 | 000,215,943 | ---- | C -- C:\Windows\SysWow64\dssec.dat

2009-07-14 01:10:29 | 000,043,131 | ---- | C -- C:\Windows\mib.bin

2009-07-14 00:42:10 | 000,064,000 | ---- | C -- C:\Windows\SysWow64\BWContextHandler.dll

2009-07-13 22:03:59 | 000,364,544 | ---- | C -- C:\Windows\SysWow64\msjetoledb40.dll

2009-06-10 22:26:10 | 000,673,088 | ---- | C -- C:\Windows\SysWow64\mlang.dat

2006-05-19 04:39:57 | 000,015,497 | ---- | C -- C:\Windows\snp2uvc.ini

========== LOP Check ==========

[2011-11-12 17:42:57 | 000,000,000 | ---D | M] -- C:\Users\Oliwier\AppData\Roaming\AIMP

[2011-05-30 22:15:52 | 000,000,000 | ---D | M] -- C:\Users\Oliwier\AppData\Roaming\Asus WebStorage

[2011-07-08 09:07:46 | 000,000,000 | ---D | M] -- C:\Users\Oliwier\AppData\Roaming\DAEMON Tools Lite

[2011-06-29 23:24:25 | 000,000,000 | ---D | M] -- C:\Users\Oliwier\AppData\Roaming\Gadu-Gadu 10

[2011-07-08 12:08:07 | 000,000,000 | ---D | M] -- C:\Users\Oliwier\AppData\Roaming\GameRanger

[2011-06-24 13:38:06 | 000,000,000 | ---D | M] -- C:\Users\Oliwier\AppData\Roaming\gtk-2.0

[2011-07-03 20:29:28 | 000,000,000 | ---D | M] -- C:\Users\Oliwier\AppData\Roaming\Image-Line

[2011-07-08 09:23:23 | 000,000,000 | ---D | M] -- C:\Users\Oliwier\AppData\Roaming\Leadertech

[2011-06-04 14:35:44 | 000,000,000 | ---D | M] -- C:\Users\Oliwier\AppData\Roaming\Need for Speed World

[2011-06-03 21:33:21 | 000,000,000 | ---D | M] -- C:\Users\Oliwier\AppData\Roaming\Nuance

[2011-06-13 22:44:31 | 000,000,000 | ---D | M] -- C:\Users\Oliwier\AppData\Roaming\Nvu

[2011-05-30 21:09:59 | 000,000,000 | ---D | M] -- C:\Users\Oliwier\AppData\Roaming\OpenFM

[2011-07-03 20:52:50 | 000,000,000 | ---D | M] -- C:\Users\Oliwier\AppData\Roaming\REAPER

[2011-10-24 16:09:15 | 000,000,000 | ---D | M] -- C:\Users\Oliwier\AppData\Roaming\Stardock

[2011-11-12 17:22:32 | 000,000,000 | ---D | M] -- C:\Users\Oliwier\AppData\Roaming\uTorrent

[2011-06-03 21:33:18 | 000,000,000 | ---D | M] -- C:\Users\Oliwier\AppData\Roaming\Zeon

2011-09-14 14:29:09 | 000,032,604 | ---- | M -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< %systemdrive%*.* >

2009-07-14 02:38:58 | 000,383,562 | RHS- | M -- C:\bootmgr

2009-07-29 07:03:37 | 000,008,192 | RHS- | M -- C:\BOOTSECT.BAK

2011-03-05 02:48:52 | 000,015,254 | ---- | M -- C:\devlist.txt

2011-03-05 02:48:51 | 000,000,009 | ---- | M -- C:\Finish.log

2011-11-12 17:19:27 | 3151,851,520 | -HS- | M -- C:\hiberfil.sys

2011-03-05 02:27:16 | 000,000,029 | ---- | M -- C:\mini-agent.txt

2010-12-02 07:54:11 | 002,621,440 | -H-- | M -- C:\N73SV.BIN

2010-12-17 02:49:49 | 000,000,019 | ---- | M -- C:\N73SV_WIN7.20

2011-11-12 17:19:29 | 4202,471,424 | -HS- | M -- C:\pagefile.sys

2011-03-04 12:08:54 | 000,000,233 | ---- | M -- C:\Pass.txt

2010-12-17 02:50:22 | 000,000,005 | ---- | M -- C:\RECOVERY.DAT

2011-03-05 02:23:01 | 000,002,306 | ---- | M -- C:\RHDSetup.log

2011-03-05 02:38:40 | 000,000,168 | ---- | M -- C:\setup.log

2011-03-05 02:33:08 | 000,000,378 | ---- | M -- C:\setuplogfile.log

2006-05-13 17:22:24 | 000,000,005 | ---- | M -- C:\store.log

2011-08-11 11:56:07 | 000,000,060 | ---- | M -- C:\TempCmd.txt

< MD5 for: AGP440.SYS >

[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys

[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys

[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >

[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys

[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys

[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: BEEP.SYS >

[2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\SysNative\drivers\beep.sys

[2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys

< MD5 for: CDROM.SYS >

[2009-07-14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\drivers\cdrom.sys

[2009-07-14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys

[2009-07-14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys

[2010-11-20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: NDIS.SYS >

[2010-11-20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys

[2009-07-14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\SysNative\drivers\ndis.sys

[2009-07-14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

< MD5 for: USERINIT.EXE >

[2010-11-20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe

[2009-07-14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe

[2009-07-14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

[2009-07-14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe

[2009-07-14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

[2010-11-20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >

[2010-11-20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

[2009-07-14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe

[2011-03-05 01:43:49 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe

[2011-03-05 01:43:49 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe

[2011-03-05 01:43:49 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< End of report >

-- Dodane 12.11.2011 (So) 20:24 --

i co dalej??


(Acorus) #7

Logi umieszczamy na wklej.org

Potrzebny jeszcze log extras


(Hoopcola 95) #8

ale log extras mi nie wyskoczył


(Acorus) #9

Aby powstał raport Extras.txt Opcja Rejestr skan dodatkowy musi być ustawiona na Użyj filtrowania