Przekierowanie na stronę licosearcz.com

Dla specjalistów Bezpieczeństwo
#1

po skanie programem OTL!zawsze po uruchomieniu ie wyszukiwarka google przekierowuje mnie na strone licosearcz proszę o pomoc jestem całkiem zielony jeśli chodzi o kompa!

OTL by OldTimer - Version 3.2.22.2 Folder = C:\Users\wiola\Downloads

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

PRC - [2009-04-11 06:27:58 | 000,087,552 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\SearchFilterHost.exe

PRC - [2009-04-11 06:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) – C:\Windows\explorer.exe

PRC - [2009-04-11 06:27:33 | 000,081,920 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\dwm.exe

PRC - [2009-04-11 06:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\conime.exe

PRC - [2009-03-05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) – C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

PRC - [2008-08-14 10:40:44 | 000,103,720 | ---- | M] (Synaptics, Inc.) – C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

PRC - [2008-08-14 10:40:36 | 001,348,904 | ---- | M] (Synaptics, Inc.) – C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

PRC - [2008-06-25 13:06:06 | 000,256,536 | ---- | M] (Intel Corporation) – C:\Windows\System32\igfxsrvc.exe

PRC - [2008-06-25 13:06:02 | 000,145,944 | ---- | M] (Intel Corporation) – C:\Windows\System32\igfxpers.exe

PRC - [2008-06-25 13:05:58 | 000,174,616 | ---- | M] (Intel Corporation) – C:\Windows\System32\igfxext.exe

PRC - [2008-06-25 13:05:50 | 000,170,520 | ---- | M] (Intel Corporation) – C:\Windows\System32\hkcmd.exe

PRC - [2008-06-24 10:06:14 | 000,509,816 | ---- | M] (TOSHIBA Corporation) – C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe

PRC - [2008-05-09 11:49:30 | 000,716,800 | ---- | M] (TOSHIBA Corporation) – C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe

PRC - [2008-04-16 23:21:24 | 001,056,768 | ---- | M] (TOSHIBA CORPORATION) – C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe

PRC - [2008-04-16 23:19:16 | 000,405,504 | ---- | M] (TOSHIBA CORPORATION) – C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe

PRC - [2008-04-08 13:14:50 | 006,037,504 | ---- | M] (Realtek Semiconductor) – C:\Windows\RtHDVCpl.exe

PRC - [2008-01-21 02:25:11 | 000,125,952 | ---- | M] (Microsoft Corporation) – C:\Windows\ehome\ehtray.exe

PRC - [2008-01-21 02:25:11 | 000,037,376 | ---- | M] (Microsoft Corporation) – C:\Windows\ehome\ehmsas.exe

PRC - [2008-01-17 16:27:52 | 000,431,456 | ---- | M] (TOSHIBA Corporation) – C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe

PRC - [2007-12-13 18:10:56 | 001,688,872 | ---- | M] (Nero AG) – C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe

PRC - [2005-12-07 22:57:00 | 000,030,208 | ---- | M] (Cyberlink Corp.) – C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

========== Modules (All) ==========

MOD - [2011-03-06 13:41:04 | 000,581,120 | ---- | M] (OldTimer Tools) – C:\Users\wiola\Downloads\OTL.exe

MOD - [2011-02-23 15:04:17 | 000,197,208 | ---- | M] (AVAST Software) – C:\Program Files\Alwil Software\Avast5\snxhk.dll

MOD - [2011-01-21 16:35:22 | 011,586,048 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\shell32.dll

MOD - [2011-01-21 16:35:22 | 000,353,280 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\shlwapi.dll

MOD - [2011-01-20 16:07:42 | 000,258,048 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\winspool.drv

MOD - [2011-01-20 16:07:03 | 001,075,712 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\shdocvw.dll

MOD - [2010-10-15 13:48:59 | 001,205,080 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\ntdll.dll

MOD - [2010-08-31 15:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) – C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll

MOD - [2010-06-28 17:00:21 | 001,316,864 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\ole32.dll

MOD - [2010-04-16 16:46:48 | 000,502,272 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\usp10.dll

MOD - [2009-07-17 13:54:43 | 000,071,680 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\atl.dll

MOD - [2009-06-15 14:53:43 | 000,072,704 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\secur32.dll

MOD - [2009-06-15 14:52:42 | 000,023,552 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\lpk.dll

MOD - [2009-04-23 12:15:07 | 000,784,896 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\rpcrt4.dll

MOD - [2009-04-11 06:28:25 | 001,077,248 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\vssapi.dll

MOD - [2009-04-11 06:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\user32.dll

MOD - [2009-04-11 06:28:25 | 000,287,744 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\Wldap32.dll

MOD - [2009-04-11 06:28:25 | 000,108,544 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\userenv.dll

MOD - [2009-04-11 06:28:25 | 000,020,480 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\version.dll

MOD - [2009-04-11 06:28:24 | 001,591,296 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\setupapi.dll

MOD - [2009-04-11 06:28:24 | 000,142,336 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\spp.dll

MOD - [2009-04-11 06:28:24 | 000,057,344 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\samlib.dll

MOD - [2009-04-11 06:28:23 | 000,754,688 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\propsys.dll

MOD - [2009-04-11 06:28:23 | 000,563,712 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\oleaut32.dll

MOD - [2009-04-11 06:28:23 | 000,467,456 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\netapi32.dll

MOD - [2009-04-11 06:28:23 | 000,121,344 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\ntmarta.dll

MOD - [2009-04-11 06:28:23 | 000,088,576 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\olepro32.dll

MOD - [2009-04-11 06:28:22 | 000,679,936 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\msvcrt.dll

MOD - [2009-04-11 06:28:20 | 000,891,392 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\kernel32.dll

MOD - [2009-04-11 06:28:20 | 000,807,424 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\msctf.dll

MOD - [2009-04-11 06:28:20 | 000,114,688 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\imm32.dll

MOD - [2009-04-11 06:28:20 | 000,068,608 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\mpr.dll

MOD - [2009-04-11 06:28:19 | 000,297,472 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\gdi32.dll

MOD - [2009-04-11 06:28:18 | 000,450,560 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\comdlg32.dll

MOD - [2009-04-11 06:28:18 | 000,079,872 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\authz.dll

MOD - [2009-04-11 06:28:17 | 000,800,768 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\advapi32.dll

MOD - [2009-04-11 06:28:17 | 000,171,008 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\apphelp.dll

MOD - [2008-01-21 02:25:29 | 000,040,960 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\srclient.dll

MOD - [2008-01-21 02:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\ws2_32.dll

MOD - [2008-01-21 02:24:47 | 000,008,192 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\nsi.dll

MOD - [2008-01-21 02:24:37 | 000,183,296 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\xmllite.dll

MOD - [2008-01-21 02:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\msscript.ocx

MOD - [2008-01-21 02:24:26 | 000,069,120 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\vsstrace.dll

MOD - [2008-01-21 02:24:24 | 000,523,776 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\clbcatq.dll

MOD - [2008-01-21 02:24:06 | 000,039,936 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\dwmapi.dll

MOD - [2008-01-21 02:23:43 | 000,240,128 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\uxtheme.dll

MOD - [2006-11-02 09:46:12 | 000,012,288 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\psapi.dll

========== Win32 Services (All) ==========

SRV - File not found [On_Demand | Stopped] – -- (gusvc)

SRV - File not found [Auto | Stopped] – -- (gupdate) Usługa Google Update (gupdate)

SRV - [2011-02-23 15:04:19 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] – C:\Program Files\Alwil Software\Avast5\AvastSvc.exe – (avast! Antivirus)

SRV - [2011-01-20 13:44:03 | 000,797,184 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\FntCache.dll – (FontCache)

SRV - [2011-01-10 14:24:20 | 000,993,848 | ---- | M] (Secunia) [Auto | Running] – C:\Program Files\Secunia\PSI\PSIA.exe – (Secunia PSI Agent)

SRV - [2011-01-10 14:24:20 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] – C:\Program Files\Secunia\PSI\sua.exe – (Secunia Update Agent)

SRV - [2010-11-27 09:37:29 | 000,167,936 | ---- | M] () [Auto | Running] – C:\Program Files\CyberLink\Shared files\RichVideo.exe – (RichVideo) Cyberlink RichVideo Service(CRVS)

SRV - [2010-11-16 01:10:14 | 000,267,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Program Files\Microsoft Fix it Center\Matsvc.exe – (MatSvc)

SRV - [2010-11-04 18:55:12 | 000,601,600 | ---- | M] (Microsoft Corporation) [unknown | Running] – C:\Windows\System32\schedsvc.dll – (Schedule)

SRV - [2010-09-06 16:20:29 | 000,125,952 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\srvsvc.dll – (LanmanServer)

SRV - [2010-08-17 14:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\spoolsv.exe – (Spooler)

SRV - [2010-06-26 16:05:32 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] – C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe – (GoogleDesktopManager-051210-111108)

SRV - [2010-04-20 06:39:47 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] – C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe – (FLEXnet Licensing Service)

SRV - [2010-03-18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe – (WPFFontCache_v0400)

SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] – C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe – (clr_optimization_v4.0.30319_32)

SRV - [2010-02-18 13:30:03 | 000,200,704 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\iphlpsvc.dll – (iphlpsvc)

SRV - [2009-10-09 21:56:18 | 001,181,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\WsmSvc.dll – (WinRM) Windows Remote Management (WS-Management)

SRV - [2009-10-09 21:55:52 | 000,146,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\wecsvc.dll – (Wecsvc)

SRV - [2009-10-01 01:01:54 | 000,081,920 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\wpdbusenum.dll – (WPDBusEnum)

SRV - [2009-08-24 11:36:45 | 000,377,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\winhttp.dll – (WinHttpAutoProxySvc)

SRV - [2009-08-07 02:23:45 | 001,929,952 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\wuaueng.dll – (wuauserv)

SRV - [2009-07-15 09:08:24 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] – C:\Windows\System32\FsUsbExService.Exe – (FsUsbExService)

SRV - [2009-07-11 19:01:42 | 000,513,536 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\wlansvc.dll – (Wlansvc)

SRV - [2009-07-10 11:47:42 | 000,247,808 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\shsvcs.dll – (Themes)

SRV - [2009-07-10 11:47:42 | 000,247,808 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\shsvcs.dll – (ShellHWDetection)

SRV - [2009-06-15 12:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\lsass.exe – (SamSs)

SRV - [2009-06-15 12:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\lsass.exe – (ProtectedStorage)

SRV - [2009-06-15 12:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\lsass.exe – (Netlogon)

SRV - [2009-06-15 12:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\System32\lsass.exe – (KeyIso)

SRV - [2009-06-10 11:42:23 | 000,160,256 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\wkssvc.dll – (LanmanWorkstation)

SRV - [2009-04-21 16:36:06 | 000,116,104 | ---- | M] (Toshiba Europe GmbH) [Auto | Running] – C:\Program Files\Toshiba TEMPRO\TemproSvc.exe – (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO)

SRV - [2009-04-11 06:28:26 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\wscsvc.dll – (wscsvc)

SRV - [2009-04-11 06:28:25 | 001,017,856 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\wevtsvc.dll – (Eventlog)

SRV - [2009-04-11 06:28:25 | 000,453,120 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\wiaservc.dll – (stisvc) Windows Image Acquisition (WIA)

SRV - [2009-04-11 06:28:25 | 000,413,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\wcncsvc.dll – (wcncsvc)

SRV - [2009-04-11 06:28:25 | 000,282,624 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\w32time.dll – (W32Time)

SRV - [2009-04-11 06:28:25 | 000,222,720 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\umpnpmgr.dll – (PlugPlay)

SRV - [2009-04-11 06:28:25 | 000,199,680 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\WebClnt.dll – (WebClient)

SRV - [2009-04-11 06:28:25 | 000,162,304 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\wbem\WMIsvc.dll – (Winmgmt)

SRV - [2009-04-11 06:28:25 | 000,140,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\wpcsvc.dll – (WPCSvc)

SRV - [2009-04-11 06:28:25 | 000,126,976 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\wersvc.dll – (WerSvc)

SRV - [2009-04-11 06:28:25 | 000,029,184 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\uxsms.dll – (UxSms)

SRV - [2009-04-11 06:28:24 | 000,558,080 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\sysmain.dll – (SysMain)

SRV - [2009-04-11 06:28:24 | 000,550,400 | ---- | M] (Microsoft Corporation) [unknown | Running] – C:\Windows\System32\rpcss.dll – (RpcSs) Remote Procedure Call (RPC)

SRV - [2009-04-11 06:28:24 | 000,550,400 | ---- | M] (Microsoft Corporation) [unknown | Running] – C:\Windows\System32\rpcss.dll – (DcomLaunch)

SRV - [2009-04-11 06:28:24 | 000,449,024 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\termsrv.dll – (TermService)

SRV - [2009-04-11 06:28:24 | 000,311,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\swprv.dll – (swprv)

SRV - [2009-04-11 06:28:24 | 000,262,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\System32\rasmans.dll – (RasMan)

SRV - [2009-04-11 06:28:24 | 000,242,688 | ---- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\System32\tapisrv.dll – (TapiSrv)

SRV - [2009-04-11 06:28:24 | 000,107,008 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\regsvc.dl- C:\Windows\System32\msRV - [2009-04-11 06:28:24 | 000,095,232 | ---- | M] (Microsoft Corporation) [unknown | Stopped] – C:\Windows\System32\SCardSvr.dll – (SCardSvr)

SRV - [2009-04-11 06:28:24 | 000,060,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\SLUINotify.dll – (SLUINotify)

SRV - [2009-04-11 06:28:23 | 000,758,784 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\qmgr.dll – (BITS)

SRV - [2009-04-11 06:28:23 | 000,644,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\p2psvc.dll – (PNRPsvc)

SRV - [2009-04-11 06:28:23 | 000,644,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\p2psvc.dll – (PNRPAutoReg)

SRV - [2009-04-11 06:28:23 | 000,644,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\p2psvc.dll – (p2psvc)

SRV - [2009-04-11 06:28:23 | 000,644,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\p2psvc.dll – (p2pimsvc)

SRV - [2009-04-11 06:28:23 | 000,302,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\QAGENTRT.DLL – (napagent)

SRV - [2009-04-11 06:28:23 | 000,153,088 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\profsvc.dll – (ProfSvc)

SRV - [2009-04-11 06:28:20 | 000,438,784 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\IKEEXT.DLL – (IKEEXT)

SRV - [2009-04-11 06:28:20 | 000,407,552 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\MPSSVC.dll – (MpsSvc)

SRV - [2009-04-11 06:28:20 | 000,364,032 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\IPSECSVC.DLL – (PolicyAgent)

SRV - [2009-04-11 06:28:19 | 000,576,512 | ---- | M] (Microsoft Corporation) [unknown | Running] – C:\Windows\System32\gpsvc.dll – (gpsvc)

SRV - [2009-04-11 06:28:19 | 000,564,224 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\emdmgmt.dll – (EMDMgmt)

SRV - [2009-04-11 06:28:19 | 000,268,800 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\es.dll – (EventSystem)

SRV - [2009-04-11 06:28:19 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\hidserv.dll – (hidserv)

SRV - [2009-04-11 06:28:18 | 000,334,848 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\BFE.DLL – (BFE)

SRV - [2009-04-11 06:28:18 | 000,315,392 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\audiosrv.dll – (Audiosrv)

SRV - [2009-04-11 06:28:18 | 000,315,392 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\audiosrv.dll – (AudioEndpointBuilder)

SRV - [2009-04-11 06:28:18 | 000,204,288 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\dhcpcsvc.dll – (Dhcp)

SRV - [2009-04-11 06:28:18 | 000,175,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\dot3svc.dll – (dot3svc)

SRV - [2009-04-11 06:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\cryptsvc.dll – (CryptSvc)

SRV - [2009-04-11 06:28:18 | 000,086,528 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\dnsrslvr.dll – (Dnscache)

SRV - [2009-04-11 06:28:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [unknown | Stopped] – C:\Windows\System32\certprop.dll – (SCPolicySvc)

SRV - [2009-04-11 06:28:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [unknown | Stopped] – C:\Windows\System32\certprop.dll – (CertPropSvc)

SRV - [2009-04-11 06:28:15 | 000,137,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\wbem\WmiApSrv.exe – (wmiApSrv)

SRV - [2009-04-11 06:28:10 | 001,055,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\VSSVC.exe – (VSS)

SRV - [2009-04-11 06:28:09 | 000,385,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\vds.exe – (vds)

SRV - [2009-04-11 06:28:07 | 000,039,424 | ---- | M] (Microsoft Corporation) [unknown | Stopped] – C:\Windows\servicing\TrustedInstaller.exe – (TrustedInstaller)

SRV - [2009-04-11 06:27:59 | 000,441,344 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\SearchIndexer.exe – (WSearch)

SRV - [2009-04-11 06:27:49 | 003,408,896 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\SLsvc.exe – (slsvc)

SRV - [2009-04-11 06:27:45 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\msiexec.exe – (msiserver)

SRV - [2009-04-11 06:27:31 | 002,092,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\dfsr.exe – (DFSR)

SRV - [2009-03-30 04:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] – C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe – (clr_optimization_v2.0.50727_32)

SRV - [2009-02-18 18:39:20 | 000,043,904 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe – (FontCache3.0.0.0)

SRV - [2009-02-18 18:38:43 | 000,129,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] – C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe – (NetTcpPortSharing)

SRV - [2009-02-18 18:38:42 | 000,879,448 | ---- | M] (Microsoft Corporation) [unknown | Stopped] – C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe – (idsvc)

SRV - [2009-02-06 17:16:54 | 000,712,048 | ---- | M] () [Auto | Running] – C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe – (ioloSystemService)

SRV - [2009-02-06 17:16:54 | 000,712,048 | ---- | M] () [Auto | Running] – C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe – (ioloFileInfoList)

SRV - [2009-01-26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] – C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe – (SBSDWSCService)

SRV - [2008-07-18 20:39:30 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] – C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe – (TNaviSrv)

SRV - [2008-04-24 18:35:46 | 000,073,728 | ---- | M] (Toshiba) [On_Demand | Running] – C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe – (SmartFaceVWatchSrv)

SRV - [2008-04-16 23:19:48 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] – C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe – (ConfigFree Service)

SRV - [2008-04-07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] – C:\Program Files\PC Connectivity Solution\ServiceLayer.exe – (ServiceLayer)

SRV - [2008-02-06 14:12:56 | 000,126,976 | ---- | M] (TOSHIBA Corporation) [Auto | Running] – C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe – (TOSHIBA SMART Log Service)

SRV - [2008-01-21 02:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Program Files\Windows Media Player\wmpnetwk.exe – (WMPNetworkSvc)

SRV - [2008-01-21 02:25:11 | 000,053,760 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] – C:\Windows\System32\Mcx2Svc.dll – (Mcx2Svc)

SRV - [2008-01-21 02:25:09 | 000,292,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\ehome\ehrecvr.exe – (ehRecvr)

SRV - [2008-01-21 02:25:05 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\System32\sstpsvc.dll – (SstpSvc)

SRV - [2008-01-21 02:25:01 | 000,057,344 | ---- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\System32\eapsvc.dll – (EapHost)

SRV - [2008-01-21 02:25:00 | 000,188,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\lltdsvc.dll – (lltdsvc)

SRV - [2008-01-21 02:24:59 | 000,055,296 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\WUDFSvc.dll – (wudfsvc)

SRV - [2008-01-21 02:24:55 | 000,084,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\SessEnv.dll – (SessionEnv)

SRV - [2008-01-21 02:24:54 | 000,045,056 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\mmcss.dll – (THREADORDER)

SRV - [2008-01-21 02:24:54 | 000,045,056 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\mmcss.dll – (MMCSS)

SRV - [2008-01-21 02:24:49 | 000,155,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\System32\ssdpsrv.dll – (SSDPSRV)

SRV - [2008-01-21 02:24:47 | 000,018,432 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\nsisvc.dll – (nsi)

SRV - [2008-01-21 02:24:44 | 000,047,104 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\Sens.dll – (SENS)

SRV - [2008-01-21 02:24:37 | 000,073,728 | ---- | M] (Microsoft Corporation) [unknown | Running] – C:\Windows\System32\wdi.dll – (WdiSystemHost)

SRV - [2008-01-21 02:24:37 | 000,073,728 | ---- | M] (Microsoft Corporation) [unknown | Stopped] – C:\Windows\System32\wdi.dll – (WdiServiceHost)

SRV - [2008-01-21 02:24:36 | 000,081,920 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\browser.dll – (Browser)

SRV - [2008-01-21 02:24:35 | 000,134,656 | ---- | M] (Microsoft Corporation) [unknown | Running] – C:\Windows\System32\dps.dll – (DPS)

SRV - [2008-01-21 02:24:35 | 000,019,968 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\seclogon.dll – (seclogon)

SRV - [2008-01-21 02:24:30 | 000,068,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\KMSVC.DLL – (hkmsvc)

SRV - [2008-01-21 02:24:30 | 000,056,320 | ---- | M] (Microsoft Corporation) [Auto | Stopped] – C:\Windows\System32\tbssvc.dll – (TBS)

SRV - [2008-01-21 02:24:23 | 000,237,056 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\netprofm.dll – (netprofm)

SRV - [2008-01-21 02:24:21 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\System32\fdPHost.dll – (fdPHost)

SRV - [2008-01-21 02:24:20 | 000,068,608 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] – C:\Windows\System32\mprdim.dll – (RemoteAccess)

SRV - [2008-01-21 02:24:19 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\rasauto.dll – (RasAuto)

SRV - [2008-01-21 02:24:18 | 000,344,576 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\msdtckrm.dll – (KtmRm)

SRV - [2008-01-21 02:24:18 | 000,105,984 | ---- | M] (Microsoft Corporation) [unknown | Stopped] – C:\Windows\System32\msdtc.exe – (MSDTC)

SRV - [2008-01-21 02:24:18 | 000,074,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\IPBusEnum.dll – (IPBusEnum)

SRV - [2008-01-21 02:24:17 | 000,033,280 | ---- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\System32\appinfo.dll – (Appinfo)

SRV - [2008-01-21 02:24:14 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\alg.exe – (ALG)

SRV - [2008-01-21 02:24:11 | 000,274,432 | ---- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\System32\netman.dll – (Netman)

SRV - [2008-01-21 02:24:09 | 000,288,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\ipnathlp.dll – (SharedAccess) Internet Connection Sharing (ICS)

SRV - [2008-01-21 02:24:08 | 000,035,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\UI0Detect.exe – (UI0Detect)

SRV - [2008-01-21 02:24:05 | 000,075,264 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\trkwks.dll – (TrkWks)

SRV - [2008-01-21 02:24:04 | 000,259,072 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\upnphost.dll – (upnphost)

SRV - [2008-01-21 02:24:03 | 001,502,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\pla.dll – (pla)

SRV - [2008-01-21 02:23:53 | 000,062,976 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\wercplsupport.dll – (wercplsupport)

SRV - [2008-01-21 02:23:49 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\iscsiexe.dll – (MSiSCSI)

SRV - [2008-01-21 02:23:44 | 000,168,448 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\nlasvc.dll – (NlaSvc)

SRV - [2008-01-21 02:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Program Files\Windows Defender\MpSvc.dll – (WinDefend)

SRV - [2008-01-21 02:23:31 | 000,243,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\qwave.dll – (QWAVE)

SRV - [2008-01-21 02:23:29 | 000,037,888 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\pcasvc.dll – (PcaSvc)

SRV - [2008-01-21 02:23:27 | 000,104,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\sdrsvc.dll – (SDRSVC)

SRV - [2008-01-17 16:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Auto | Running] – C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe – (TosCoSrv)

SRV - [2007-12-13 18:10:56 | 000,447,784 | ---- | M] (Nero AG) [On_Demand | Running] – C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe – (NMIndexingService)

SRV - [2007-12-03 13:21:24 | 000,869,672 | ---- | M] (Nero AG) [Auto | Running] – C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe – (Nero BackItUp Scheduler 3)

SRV - [2007-11-21 16:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] – C:\Windows\System32\TODDSrv.exe – (TODDSrv)

SRV - [2006-11-02 12:35:29 | 000,131,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\ehome\ehsched.exe – (ehSched)

SRV - [2006-11-02 12:35:29 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] – C:\Windows\ehome\ehstart.dll – (ehstart)

SRV - [2006-11-02 12:35:24 | 000,068,096 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\TabSvc.dll – (TabletInputService)

SRV - [2006-11-02 09:46:13 | 000,032,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\WcsPlugInService.dll – (WcsPlugInService)

SRV - [2006-11-02 09:46:05 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\lmhsvc.dll – (lmhosts)

SRV - [2006-11-02 09:46:04 | 000,027,648 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\FDResPub.dll – (FDResPub)

SRV - [2006-11-02 09:46:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\aelupsvc.dll – (AeLookupSvc)

SRV - [2006-11-02 09:45:46 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\snmptrap.exe – (SNMPTRAP)

SRV - [2006-11-02 09:45:21 | 000,007,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\Locator.exe – (RpcLocator) Remote Procedure Call (RPC)

SRV - [2006-11-02 09:45:02 | 000,007,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\dllhost.exe – (COMSysApp)

SRV - [2006-10-05 11:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] – C:\Windows\System32\agrsmsvc.exe – (AgereModemAudio)

SRV - [2006-08-23 15:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] – C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe – (UleadBurningHelper)

[2010-11-20 01:53:00 | 000,000,000 | —D | M] (No name found) – C:\Users\wiola\AppData\Roaming\Mozilla\Extensions

[2011-03-05 20:45:35 | 000,000,000 | —D | M] (No name found) – C:\Users\wiola\AppData\Roaming\Mozilla\Firefox\Profiles\lw1it3z9.waksyk\extensions

[2011-01-09 20:00:17 | 000,000,000 | —D | M] (Microsoft .NET Framework Assistant) – C:\Users\wiola\AppData\Roaming\Mozilla\Firefox\Profiles\lw1it3z9.waksyk\extensions{20a82645-c095-46ed-80e3-08825760534b}

[2010-12-18 12:27:30 | 000,000,000 | —D | M] (No name found) – C:\Program Files\Mozilla Firefox\extensions

[2010-04-24 12:46:22 | 000,000,000 | —D | M] (Java Console) – C:\Program Files\Mozilla Firefox\extensions{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

[2010-02-21 10:22:32 | 000,712,704 | ---- | M] (BitComet) – C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll

[2010-04-12 16:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) – C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2011-03-05 23:45:10 | 000,430,643 | R— | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost

O1 - Hosts: 127.0.0.1 www.007guard.com

O1 - Hosts: 127.0.0.1 007guard.com

O1 - Hosts: 127.0.0.1 008i.com

O1 - Hosts: 127.0.0.1 www.008k.com

O1 - Hosts: 127.0.0.1 008k.com

O1 - Hosts: 127.0.0.1 www.00hq.com

O1 - Hosts: 127.0.0.1 00hq.com

O1 - Hosts: 127.0.0.1 010402.com

O1 - Hosts: 127.0.0.1 www.032439.com

O1 - Hosts: 127.0.0.1 032439.com

O1 - Hosts: 127.0.0.1 www.0scan.com

O1 - Hosts: 127.0.0.1 0scan.com

O1 - Hosts: 127.0.0.1 1000gratisproben.com

O1 - Hosts: 127.0.0.1 www.1000gratisproben.com

O1 - Hosts: 127.0.0.1 1001namen.com

O1 - Hosts: 127.0.0.1 www.1001namen.com

O1 - Hosts: 127.0.0.1 100888290cs.com

O1 - Hosts: 127.0.0.1 www.100888290cs.com

O1 - Hosts: 127.0.0.1 www.100sexlinks.com

O1 - Hosts: 127.0.0.1 100sexlinks.com

O1 - Hosts: 127.0.0.1 10sek.com

O1 - Hosts: 127.0.0.1 www.10sek.com

O1 - Hosts: 127.0.0.1 www.1-2005-search.com

O1 - Hosts: 14826 more lines…

O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll ()

O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)

O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - No CLSID value found.

O2 - BHO: (no name) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - No CLSID value found.

O3 - HKLM…\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)

O3 - HKLM…\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll ()

O3 - HKCU…\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)

O4 - HKLM…\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)

O4 - HKLM…\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)

O4 - HKLM…\Run: [b2C\_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics)

O4 - HKLM…\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)

O4 - HKLM…\Run: [cfFncEnabler.exe] File not found

O4 - HKLM…\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()

O4 - HKLM…\Run: [NDSTray.exe] File not found

O4 - HKLM…\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)

O4 - HKLM…\Run: [smoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)

O4 - HKLM…\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)

O4 - HKCU…\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe ()

O4 - HKCU…\Run: [Anti Trojan Elite] File not found

O4 - HKCU…\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.)

O4 - HKCU…\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)

O4 - HKCU…\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)

O4 - HKCU…\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)

O4 - HKCU…\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)

O4 - HKLM…\RunOnce: [symInstallStub] C:\Windows\System32\Adobe\Shockwave 11\syminstallstub.exe (Symantec Corporation)

O4 - HKCU…\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10m_Plugin.exe (Adobe Systems, Inc.)

O4 - Startup: C:\Users\wiola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Media Player.lnk = File not found

O4 - Startup: C:\Users\wiola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mkcltaof.exe ()

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1

O9 - Extra Button: eBay.co.uk - Buy It Sell It Love It - {76577871-04EC-495E-A12B-91F7C3600AFA} - File not found

O9 - Extra Button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - File not found

O9 - Extra ‘Tools’ menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O13 - gopher Prefix: missing

O15 - HKCU…Trusted Domains: localhost ([]http in Local intranet)

O15 - HKCU…Trusted Ranges: GD ([http] in Local intranet)

O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc … tor/sw.cab (Shockwave ActiveX Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_07)

O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_24)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1

O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\Users\wiola\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg

O24 - Desktop BackupWallPaper: C:\Users\wiola\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2{ef62879d-17f0-11e0-b733-001e33761dfd}\Shell - “” = AutoRun

O33 - MountPoints2{ef62879d-17f0-11e0-b733-001e33761dfd}\Shell\AutoRun\command - “” = G:\LaunchU3.exe -a

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM…comfile [open] – “%1” %*

O35 - HKLM…exefile [open] – “%1” %*

O37 - HKLM…com [@ = comfile] – “%1” %*

O37 - HKLM…exe [@ = exefile] – “%1” %*

========== Files - Modified Within 30 Days ==========

[2011-03-06 13:51:02 | 000,001,058 | ---- | M] () – C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3306853571-2432300133-3570212535-1000UA.job

[2011-03-06 13:51:02 | 000,001,006 | ---- | M] () – C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3306853571-2432300133-3570212535-1000Core.job

[2011-03-06 13:25:48 | 000,003,216 | -H-- | M] () – C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2011-03-06 13:25:48 | 000,003,216 | -H-- | M] () – C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2011-03-06 12:57:00 | 000,001,034 | ---- | M] () – C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2011-03-06 12:17:42 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) – C:\Windows\System32\deployJava1.dll

[2011-03-06 12:17:42 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) – C:\Windows\System32\javaws.exe

[2011-03-06 12:17:42 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) – C:\Windows\System32\javaw.exe

[2011-03-06 12:17:42 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) – C:\Windows\System32\java.exe

[2011-03-06 12:07:36 | 000,001,878 | ---- | M] () – C:\Users\Public\Desktop\Skype.lnk

[2011-03-06 12:03:58 | 000,001,023 | ---- | M] () – C:\Users\Public\Desktop\OpenOffice.org 3.3.lnk

[2011-03-06 11:44:35 | 000,000,530 | ---- | M] () – C:\Windows\tasks\SymInstallStub.job

[2011-03-06 11:35:13 | 000,595,996 | ---- | M] () – C:\Windows\System32\perfh009.dat

[2011-03-06 11:35:13 | 000,104,070 | ---- | M] () – C:\Windows\System32\perfc009.dat

[2011-03-06 11:30:04 | 000,001,030 | ---- | M] () – C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2011-03-06 11:25:53 | 000,000,304 | -HS- | M] () – C:\Windows\tasks\PRDKSUOE.job

[2011-03-06 11:25:33 | 000,067,584 | --S- | M] () – C:\Windows\bootstat.dat

[2011-03-06 01:07:29 | 000,000,904 | ---- | M] () – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk

[2011-03-06 00:37:11 | 000,000,929 | ---- | M] () – C:\Users\Public\Desktop\Malwarebytes’ Anti-Malware.lnk

[2011-03-05 23:45:10 | 000,430,643 | R— | M] () – C:\Windows\System32\drivers\etc\hosts

[2011-03-05 23:42:11 | 000,430,643 | R— | M] () – C:\Windows\System32\drivers\etc\hosts.20110305-234510.backup

[2011-03-05 23:21:22 | 000,042,496 | ---- | M] () – C:\Users\wiola\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011-03-05 22:58:18 | 000,001,076 | ---- | M] () – C:\Users\wiola\Desktop\Spybot - Search & Destroy.lnk

[2011-03-05 21:15:49 | 000,000,829 | ---- | M] () – C:\Users\wiola\Desktop\SpywareBlaster.lnk

[2011-03-05 16:28:38 | 000,000,474 | -H-- | M] () – C:\Windows\tasks\Norton Security Scan for wiola.job

[2011-03-05 12:56:01 | 000,002,577 | ---- | M] () – C:\Windows\System32\config.nt

[2011-03-05 12:52:39 | 000,002,413 | ---- | M] () – C:\Windows\System32\lgAxconfig.ini

[2011-03-05 11:32:03 | 000,165,747 | ---- | M] () – C:\Users\wiola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mkcltaof.exe

[2011-03-04 12:40:07 | 000,001,892 | ---- | M] () – C:\Users\Public\Desktop\Adobe Reader 9.lnk

[2011-02-24 12:11:56 | 000,026,340 | ---- | M] () – C:\Users\wiola\AppData\Roaming\UserTile.png

[2011-02-24 11:16:16 | 000,001,511 | ---- | M] () – C:\Users\Public\Desktop\LG PC Suite.lnk

[2011-02-23 15:04:21 | 000,040,648 | ---- | M] (AVAST Software) – C:\Windows\avastSS.scr

[2011-02-23 15:04:17 | 000,190,016 | ---- | M] (AVAST Software) – C:\Windows\System32\aswBoot.exe

[2011-02-23 14:56:55 | 000,371,544 | ---- | M] (AVAST Software) – C:\Windows\System32\drivers\aswSnx.sys

[2011-02-23 14:56:45 | 000,301,528 | ---- | M] (AVAST Software) – C:\Windows\System32\drivers\aswSP.sys

[2011-02-23 14:55:49 | 000,049,240 | ---- | M] (AVAST Software) – C:\Windows\System32\drivers\aswTdi.sys

[2011-02-23 14:55:10 | 000,025,432 | ---- | M] (AVAST Software) – C:\Windows\System32\drivers\aswRdr.sys

[2011-02-23 14:55:03 | 000,053,592 | ---- | M] (AVAST Software) – C:\Windows\System32\drivers\aswMonFlt.sys

[2011-02-23 14:54:55 | 000,019,544 | ---- | M] (AVAST Software) – C:\Windows\System32\drivers\aswFsBlk.sys

[2011-02-23 12:45:43 | 000,000,776 | ---- | M] () – C:\Users\wiola\Desktop\LGMobile update.lnk

[2011-02-10 03:22:46 | 000,335,656 | ---- | M] () – C:\Windows\System32\FNTCACHE.DAT

[244 C:\Users\wiola\AppData\Local*.tmp files -> C:\Users\wiola\AppData\Local*.tmp ->]

[1 C:\Windows\System32*.tmp files -> C:\Windows\System32*.tmp ->]

[1 C:\Windows*.tmp files -> C:\Windows*.tmp ->]

========== Files Created - No Company Name ==========

[2011-03-06 12:07:36 | 000,001,878 | ---- | C] () – C:\Users\Public\Desktop\Skype.lnk

[2011-03-06 12:03:58 | 000,001,023 | ---- | C] () – C:\Users\Public\Desktop\OpenOffice.org 3.3.lnk

[2011-03-06 11:44:35 | 000,000,530 | ---- | C] () – C:\Windows\tasks\SymInstallStub.job

[2011-03-06 11:44:26 | 000,002,048 | ---- | C] () – C:\Users\wiola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SymInstallStub.lnk

[2011-03-06 01:07:29 | 000,000,904 | ---- | C] () – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk

[2011-03-06 01:07:29 | 000,000,867 | ---- | C] () – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk

[2011-03-06 00:37:11 | 000,000,929 | ---- | C] () – C:\Users\Public\Desktop\Malwarebytes’ Anti-Malware.lnk

[2011-03-05 22:58:18 | 000,001,076 | ---- | C] () – C:\Users\wiola\Desktop\Spybot - Search & Destroy.lnk

[2011-03-05 21:15:49 | 000,000,829 | ---- | C] () – C:\Users\wiola\Desktop\SpywareBlaster.lnk

[2011-03-05 11:32:31 | 000,165,747 | ---- | C] () – C:\Users\wiola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mkcltaof.exe

[2011-02-24 12:11:56 | 000,026,340 | ---- | C] () – C:\Users\wiola\AppData\Roaming\UserTile.png

[2011-02-24 11:16:16 | 000,001,511 | ---- | C] () – C:\Users\Public\Desktop\LG PC Suite.lnk

[2011-02-23 22:45:30 | 000,201,184 | ---- | C] () – C:\Windows\System32\winrm.vbs

[2011-02-23 22:45:30 | 000,004,675 | ---- | C] () – C:\Windows\System32\wsmanconfig_schema.xml

[2011-02-23 22:45:30 | 000,002,426 | ---- | C] () – C:\Windows\System32\WsmTxt.xsl

[2011-02-23 12:45:43 | 000,000,776 | ---- | C] () – C:\Users\wiola\Desktop\LGMobile update.lnk

[2011-02-23 12:45:38 | 000,053,248 | ---- | C] () – C:\Windows\System32\CommonDL.dll

[2011-02-23 12:45:38 | 000,002,413 | ---- | C] () – C:\Windows\System32\lgAxconfig.ini

[2010-09-24 09:22:33 | 000,165,376 | ---- | C] () – C:\Windows\System32\unrar.dll

[2010-09-18 23:22:51 | 000,000,022 | -HS- | C] () – C:\Users\wiola\AppData\Roaming\Sys6925.Config Collection.sys

[2010-09-01 10:46:01 | 001,970,176 | ---- | C] () – C:\Windows\System32\d3dx9.dll

[2010-08-23 12:49:07 | 000,000,680 | ---- | C] () – C:\Users\wiola\AppData\Local\d3d9caps.dat

[2010-07-26 22:54:13 | 000,881,664 | ---- | C] () – C:\Windows\System32\xvidcore.dll

[2010-07-26 22:54:13 | 000,258,048 | ---- | C] () – C:\Windows\System32\libFLAC.dll

[2010-05-02 20:48:25 | 000,087,608 | ---- | C] () – C:\Users\wiola\AppData\Roaming\inst.exe

[2010-05-02 20:48:25 | 000,007,887 | ---- | C] () – C:\Users\wiola\AppData\Roaming\pcouffin.cat

[2010-05-02 20:48:25 | 000,001,144 | ---- | C] () – C:\Users\wiola\AppData\Roaming\pcouffin.inf

[2010-04-21 15:38:26 | 000,000,120 | ---- | C] () – C:\Users\wiola\AppData\Local\Fdaponudowubuc.dat

[2010-04-21 15:38:26 | 000,000,000 | ---- | C] () – C:\Users\wiola\AppData\Local\Byobeyoxiy.bin

[2010-04-10 07:53:32 | 000,000,022 | -HS- | C] () – C:\Windows\Sys3390 SettingsCollection.bin

[2010-04-10 07:53:31 | 000,001,046 | ---- | C] () – C:\Windows\disney.ini

[2010-04-10 07:53:31 | 000,000,069 | ---- | C] () – C:\Windows\NeroDigital.ini

[2010-04-10 07:44:12 | 000,162,304 | ---- | C] () – C:\Windows\System32\ztvunrar36.dll

[2010-04-10 07:44:12 | 000,153,088 | ---- | C] () – C:\Windows\System32\unrar3.dll

[2010-04-10 07:44:12 | 000,077,312 | ---- | C] () – C:\Windows\System32\ztvunace26.dll

[2010-04-10 07:44:12 | 000,075,264 | ---- | C] () – C:\Windows\System32\unacev2.dll

[2009-12-17 09:22:31 | 000,110,592 | ---- | C] () – C:\Windows\System32\FsUsbExDevice.Dll

[2009-12-17 09:22:31 | 000,036,608 | ---- | C] () – C:\Windows\System32\FsUsbExDisk.Sys

[2009-12-03 09:27:30 | 000,080,416 | ---- | C] () – C:\Windows\System32\RtNicProp32.dll

[2009-11-11 10:28:33 | 000,000,040 | -HS- | C] () – C:\ProgramData.zreglib

[2009-08-03 14:07:42 | 000,403,816 | ---- | C] () – C:\Windows\System32\OGACheckControl.dll

[2009-08-03 14:07:42 | 000,230,768 | ---- | C] () – C:\Windows\System32\OGAEXEC.exe

[2009-07-20 23:21:17 | 000,117,248 | ---- | C] () – C:\Windows\System32\EhStorAuthn.dll

[2009-07-20 23:21:17 | 000,107,612 | ---- | C] () – C:\Windows\System32\StructuredQuerySchema.bin

[2009-07-05 19:06:51 | 000,000,000 | ---- | C] () – C:\Windows\System32\cddsi.dll

[2009-03-22 20:52:34 | 000,933,208 | ---- | C] () – C:\Windows\System32\Incinerator.dll

[2009-03-22 20:49:59 | 000,074,703 | ---- | C] () – C:\Windows\System32\mfc45.dll

[2008-12-21 13:52:07 | 000,000,000 | ---- | C] () – C:\Users\wiola\AppData\Roaming\wklnhst.dat

[2008-11-30 18:28:02 | 000,042,496 | ---- | C] () – C:\Users\wiola\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2008-11-22 01:26:23 | 000,000,056 | -H-- | C] () – C:\ProgramData\ezsidmv.dat

[2008-11-22 01:08:17 | 000,018,904 | ---- | C] () – C:\Windows\System32\StructuredQuerySchemaTrivial.bin

[2008-11-21 23:52:36 | 000,131,072 | ---- | C] () – C:\Windows\System32\EnumDevLib.dll

[2008-11-21 22:37:49 | 000,128,113 | ---- | C] () – C:\Windows\System32\csellang.ini

[2008-11-21 22:37:49 | 000,045,056 | ---- | C] () – C:\Windows\System32\csellang.dll

[2008-11-21 22:37:49 | 000,010,150 | ---- | C] () – C:\Windows\System32\tosmreg.ini

[2008-11-21 22:37:49 | 000,007,671 | ---- | C] () – C:\Windows\System32\cseltbl.ini

[2008-08-07 16:37:59 | 000,204,800 | ---- | C] () – C:\Windows\System32\IVIresizeW7.dll

[2008-08-07 16:37:59 | 000,200,704 | ---- | C] () – C:\Windows\System32\IVIresizeA6.dll

[2008-08-07 16:37:59 | 000,192,512 | ---- | C] () – C:\Windows\System32\IVIresizeP6.dll

[2008-08-07 16:37:59 | 000,192,512 | ---- | C] () – C:\Windows\System32\IVIresizeM6.dll

[2008-08-07 16:37:59 | 000,188,416 | ---- | C] () – C:\Windows\System32\IVIresizePX.dll

[2008-08-07 16:37:59 | 000,020,480 | ---- | C] () – C:\Windows\System32\IVIresize.dll

[2008-08-07 16:29:47 | 000,000,000 | ---- | C] () – C:\Windows\NDSTray.INI

[2008-08-07 16:15:11 | 000,147,456 | ---- | C] () – C:\Windows\System32\igfxCoIn_v1502.dll

[2008-08-07 16:15:10 | 002,192,024 | ---- | C] () – C:\Windows\System32\igkrng500.bin

[2008-08-07 16:15:08 | 000,147,172 | ---- | C] () – C:\Windows\System32\igfcg550.bin

[2008-08-07 16:15:07 | 000,492,496 | ---- | C] () – C:\Windows\System32\igcompkrng500.bin

[2008-08-07 15:31:36 | 001,060,424 | ---- | C] () – C:\Windows\System32\WdfCoInstaller01000.dll

[2008-04-24 18:43:50 | 000,057,344 | ---- | C] () – C:\Windows\System32\SmartFaceVCapt.dll

[2008-04-24 18:42:44 | 000,479,232 | ---- | C] () – C:\Windows\System32\SmartFaceVCP.dll

[2008-04-24 18:25:46 | 006,701,056 | ---- | C] () – C:\Windows\System32\FaceHI.dll

[2008-04-24 18:25:46 | 000,995,328 | ---- | C] () – C:\Windows\System32\FaceRec.dll

[2008-04-24 18:25:46 | 000,126,976 | ---- | C] () – C:\Windows\System32\SmartFaceVCtrl.dll

[2008-04-24 18:23:58 | 000,094,208 | ---- | C] () – C:\Windows\System32\IppLib.dll

[2007-10-25 17:26:10 | 000,005,632 | ---- | C] () – C:\Windows\System32\drivers\StarOpen.sys

[2007-10-01 15:13:12 | 001,511,424 | ---- | C] () – C:\Windows\System32\HDX4MediaReveal.dll

[2006-11-02 12:57:28 | 000,067,584 | --S- | C] () – C:\Windows\bootstat.dat

[2006-11-02 12:47:37 | 000,335,656 | ---- | C] () – C:\Windows\System32\FNTCACHE.DAT

[2006-11-02 12:35:32 | 000,005,632 | ---- | C] () – C:\Windows\System32\sysprepMCE.dll

[2006-11-02 10:33:01 | 000,595,996 | ---- | C] () – C:\Windows\System32\perfh009.dat

[2006-11-02 10:33:01 | 000,287,440 | ---- | C] () – C:\Windows\System32\perfi009.dat

[2006-11-02 10:33:01 | 000,104,070 | ---- | C] () – C:\Windows\System32\perfc009.dat

[2006-11-02 10:33:01 | 000,030,674 | ---- | C] () – C:\Windows\System32\perfd009.dat

[2006-11-02 10:23:21 | 000,215,943 | ---- | C] () – C:\Windows\System32\dssec.dat

[2006-11-02 08:58:30 | 000,043,131 | ---- | C] () – C:\Windows\mib.bin

[2006-11-02 08:19:00 | 000,000,741 | ---- | C] () – C:\Windows\System32\NOISE.DAT

[2006-11-02 07:40:29 | 000,013,750 | ---- | C] () – C:\Windows\System32\pacerprf.ini

[2006-11-02 07:25:31 | 000,673,088 | ---- | C] () – C:\Windows\System32\mlang.dat

========== Purity Check ==========

#2

OTL w oknie Custom Scans-Fixes (własne opcje skanowania/skrypt)wklej następujący skrypt:

Kliknij w Run Fix (Wykonaj scrypt). Zatwierdź restart komputera.

potem nowy log OTL robiony opcją Run Scan (Skanuj)

Proszę nie obcinać logów

logi wklejamy http://www.wklej.org/

zasady-wklejania-logow-forum-tytulowania-tematow-t253052.html

:slight_smile: