Strona używa cookies (ciasteczek). Dowiedz się więcej o celu ich używania i zmianach ustawień. Korzystając ze strony wyrażasz zgodę na używanie cookies, zgodnie z aktualnymi ustawieniami przeglądarki.   
Pobierz program wersja stabilna (32-bit)

OTL jest przydatnym narzędziem do walki z wszelakiego rodzaju złośliwym oprogramowaniem, na które natknąć się można m.in. podczas korzystania z Internetu.

Galeria programu

Program analizuje charakterystyczne miejsca na dysku twardym, gdzie najczęściej lokują się szkodniki, a następnie generuje raport, który później wykorzystywany jest do ich usuwania. OTL umożliwia skanowanie w dwóch trybach - normalnym i szybkim, a także pracę w obszarze procesów, usług, sterowników, rejestru systemowego itp. Operacja usuwania wykrytych komponentów odbywa się w oparciu o skrypty. W przypadku systemu, którego uruchomienie nie jest możliwe skorzystać można z płyty zawierającej narzędzie OTLPE.

OTL dobrze sprawdza się w sytuacjach kiedy złośliwe oprogramowanie podmieniło stronę startową w przeglądarce, tapetę na pulpicie, czy też zainstalowało dodatkowe toolbary.

Uwaga!

  1. Nie zalecamy samodzielnego usuwania poszczególnych wykrytych wpisów, komponentów czy programów początkującym użytkownikom. Na naszym forum można uzyskać pomoc dotyczącą raportów generowanych przez program.
© dobreprogramy

Recenzje użytkowników

Zaloguj się, aby dodać swoją recenzję!

Komentarze

MPP (niezalogowany) 05.04.2014 22:33 #89
abv (niezalogowany) 14.03.2014 17:36 #88

Przestańcie wklejać tu logi, bo i tak wam nikt nie pomoże.

Frelka (niezalogowany) 02.03.2014 21:07 #87

Proszę o pomoc nie mam pojęcia o usuwaniu wirusów z instrukcji na forum zrobiłam wszystko wydaje mi się ok .
http://www.wklej.org/id/1288053/

Anonim (niezalogowany) 24.02.2014 20:09 #86

Co za geniusze Neostrady wstawiają pod programem, w komentarzach logi z OTL ? Od tego jest forum a nie komentarze...

izzy91  12.02.2014 11:03 #85
Anonim (niezalogowany) 09.02.2014 15:02 #84

@scopy: http://www.pcrisk.pl/narzedzia-usuwania/7423-awesomehpcom-virus
ten poradnik mi pomógł i pozbyłam się tego czegoś .

aikon353353 (niezalogowany) 04.02.2014 15:30 #83

WIRUS FACEBOOK WYSYŁA ZAINFEKOWANY LINK DO ZNAJOMYCH POPRZEZ WIADOMOSC

OTL logfile created on: 2014-02-04 15:23:58 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ankon353\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,50 Gb Total Physical Memory | 1,96 Gb Available Physical Memory | 55,97% Memory free
6,99 Gb Paging File | 4,94 Gb Available in Paging File | 70,63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 38,96 Gb Total Space | 21,26 Gb Free Space | 54,56% Space Free | Partition Type: NTFS
Drive D: | 892,45 Gb Total Space | 776,20 Gb Free Space | 86,97% Space Free | Partition Type: NTFS
Drive K: | 1,84 Gb Total Space | 0,08 Gb Free Space | 4,58% Space Free | Partition Type: FAT

Computer Name: ANKON353NOKNA | User Name: Ankon353 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2014-02-04 15:22:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ankon353\Downloads\OTL.exe
PRC - [2014-02-04 14:51:01 | 000,113,704 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2014-02-04 14:24:54 | 003,767,096 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014-02-04 14:24:54 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014-02-04 13:53:51 | 001,307,736 | ---- | M] (BitTorrent Inc.) -- C:\Users\Ankon353\AppData\Roaming\uTorrent\uTorrent.exe
PRC - [2014-02-04 07:15:32 | 000,223,112 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
PRC - [2014-02-02 00:42:39 | 000,866,632 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013-12-11 10:00:34 | 003,402,304 | ---- | M] (GG Network S.A.) -- C:\Users\Ankon353\AppData\Local\GG\Application\ggdrive\ggdrive.exe
PRC - [2013-12-11 10:00:32 | 004,047,424 | ---- | M] (GG Network S.A.) -- C:\Users\Ankon353\AppData\Local\GG\Application\gghub.exe
PRC - [2013-12-11 10:00:32 | 000,132,672 | ---- | M] (GG Network S.A.) -- C:\Users\Ankon353\AppData\Local\GG\Application\ggapp.exe
PRC - [2010-11-30 05:20:28 | 000,493,384 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe
PRC - [2010-11-21 04:24:27 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2010-11-15 12:21:56 | 000,841,544 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe
PRC - [2010-11-15 12:21:54 | 000,477,000 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe
PRC - [2010-11-04 09:25:46 | 000,493,384 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2014-02-04 14:24:54 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014-02-02 00:42:37 | 013,616,456 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll
MOD - [2014-02-02 00:42:37 | 000,399,688 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll
MOD - [2014-02-02 00:42:35 | 004,055,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll
MOD - [2014-02-02 00:41:45 | 000,715,592 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libglesv2.dll
MOD - [2014-02-02 00:41:45 | 000,100,168 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libegl.dll
MOD - [2014-02-02 00:41:43 | 001,634,632 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll
MOD - [2013-12-11 10:00:34 | 000,141,888 | ---- | M] () -- C:\Users\Ankon353\AppData\Local\GG\Application\ggdrive\zlib1.dll
MOD - [2013-12-11 10:00:32 | 003,006,528 | ---- | M] () -- C:\Users\Ankon353\AppData\Local\GG\Application\xulrunner\mozjs.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2014-02-04 14:51:01 | 000,113,704 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV:[b]64bit:[/b] - [2014-02-04 14:24:54 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:[b]64bit:[/b] - [2011-06-07 14:54:56 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2010-04-06 16:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2010-11-30 05:20:28 | 000,493,384 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe -- (WCUService_STC_FF)
SRV - [2010-11-15 12:21:54 | 000,477,000 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe -- (SCBackService)
SRV - [2010-11-04 09:25:46 | 000,493,384 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe -- (WCUService_STC_IE)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV:[b]64bit:[/b] - [2014-02-04 14:51:10 | 000,028,184 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:[b]64bit:[/b] - [2014-02-04 14:51:01 | 000,440,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswNdisFlt.sys -- (aswNdisFlt)
DRV:[b]64bit:[/b] - [2014-02-04 14:24:55 | 001,038,072 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:[b]64bit:[/b] - [2014-02-04 14:24:55 | 000,421,704 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:[b]64bit:[/b] - [2014-02-04 14:24:55 | 000,207,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:[b]64bit:[/b] - [2014-02-04 14:24:55 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:[b]64bit:[/b] - [2014-02-04 14:24:55 | 000,080,184 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:[b]64bit:[/b] - [2014-02-04 14:24:55 | 000,078,648 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:[b]64bit:[/b] - [2014-02-04 14:24:55 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:[b]64bit:[/b] - [2011-06-07 15:42:26 | 009,360,896 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2011-06-07 14:16:14 | 000,309,760 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2011-04-15 07:37:50 | 000,079,488 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:[b]64bit:[/b] - [2011-04-15 07:37:50 | 000,040,064 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:[b]64bit:[/b] - [2011-01-10 18:16:08 | 000,021,104 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:[b]64bit:[/b] - [2010-12-15 16:06:46 | 000,047,232 | R--- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:[b]64bit:[/b] - [2010-11-21 04:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2010-11-21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010-06-29 22:01:04 | 000,011,832 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdide64.sys -- (amdide64)
DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-06-10 21:35:53 | 000,051,712 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rtnic64.sys -- (RTL8023x64)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2014-02-04 14:29:34 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\etdrv.sys -- (etdrv)
DRV - [2014-02-04 14:28:59 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2014-02-04 14:28:47 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\..\URLSearchHook: {0F3DC9E0-C459-4a40-BCF8-747BD9322E10} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\AddressBarSearch.dll (Splashtop Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH
IE - HKCU\..\SearchScopes\{0D723CAA-6ED1-44f3-944F-ED8CED161AE5}: "URL" = http://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UT...}
IE - HKCU\..\SearchScopes\{C48F0F9D-A72E-4272-B411-0460B86805E3}: "URL" = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=I...
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[color=#E56717]========== FireFox ==========[/color]

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1}: C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1} [2014-02-04 12:05:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0}: C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0} [2014-02-04 12:05:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{d9284e50-81fc-11da-a72b-0800200c9a66}: C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{d9284e50-81fc-11da-a72b-0800200c9a66} [2014-02-04 12:05:19 | 000,000,000 | ---D | M]


[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://websearch.mocaflix.com/
CHR - Extension: Dokumenty Google = C:\Users\Ankon353\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Dysk Google = C:\Users\Ankon353\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Ankon353\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Szukaj w Google = C:\Users\Ankon353\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: CSS reload! = C:\Users\Ankon353\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\0.1_0\
CHR - Extension: avast! Online Security = C:\Users\Ankon353\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2013.75_0\
CHR - Extension: Google Wallet = C:\Users\Ankon353\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Gmail = C:\Users\Ankon353\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:[b]64bit:[/b] - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll File not found
O2 - BHO: (Splashtop Connect VisualBookmark) - {0E5680D1-BF44-4929-94AF-FD30D784AD1D} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STC.dll (Splashtop Inc.)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll File not found
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [EasyTune] C:\Program Files (x86)\GIGABYTE\ET6\ETCall.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [STCAgent] C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe (Splashtop Inc.)
O4 - HKLM..\Run: [ZyngaGamesAgent] C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe (Splashtop Inc.)
O4 - HKCU..\Run: [GG] C:\Users\Ankon353\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
O4 - HKCU..\Run: [uTorrent] C:\Users\Ankon353\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F3D75160-8387-49FE-8869-F4219564CD4D}: DhcpNameServer = 192.168.0.1
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014-02-04 11:56:05 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{077d250b-8d62-11e3-8553-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{077d250b-8d62-11e3-8553-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Run.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2014-02-04 14:51:22 | 000,028,184 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys
[2014-02-04 14:51:01 | 000,440,672 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdisFlt.sys
[2014-02-04 14:42:26 | 000,000,000 | ---D | C] -- C:\Users\Ankon353\AppData\Roaming\AVAST Software
[2014-02-04 14:40:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014-02-04 14:27:23 | 000,454,656 | ---- | C] (PixArt Imaging Inc.) -- C:\Windows\SysWow64\drivers\PAC7302.sys
[2014-02-04 14:27:23 | 000,129,024 | ---- | C] (PixArt Imaging Incorporation) -- C:\Windows\SysWow64\SP7302.ax
[2014-02-04 14:27:23 | 000,014,336 | ---- | C] (PixArt Imaging Inc.) -- C:\Windows\SysWow64\P7302USD.dll
[2014-02-04 14:27:23 | 000,000,000 | ---D | C] -- C:\Windows\PixArt
[2014-02-04 14:27:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PAC7302
[2014-02-04 14:27:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\P228 USB PC CAMERA
[2014-02-04 14:27:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ANC
[2014-02-04 14:26:36 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2014-02-04 14:24:57 | 001,038,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014-02-04 14:24:57 | 000,421,704 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2014-02-04 14:24:57 | 000,092,544 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014-02-04 14:24:57 | 000,080,184 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2014-02-04 14:24:57 | 000,078,648 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014-02-04 14:24:56 | 000,334,136 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014-02-04 14:24:55 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014-02-04 14:10:12 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014-02-04 14:09:21 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014-02-04 14:07:10 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014-02-04 13:58:25 | 000,000,000 | ---D | C] -- C:\Users\Ankon353\AppData\Roaming\Adobe
[2014-02-04 13:58:21 | 000,000,000 | --SD | C] -- C:\Users\Ankon353\GG dysk
[2014-02-04 13:58:17 | 000,000,000 | ---D | C] -- C:\Users\Ankon353\AppData\Roaming\Macromedia
[2014-02-04 13:57:53 | 000,000,000 | ---D | C] -- C:\Users\Ankon353\AppData\Roaming\Mozilla
[2014-02-04 13:52:32 | 000,000,000 | ---D | C] -- C:\Users\Ankon353\AppData\Roaming\GG
[2014-02-04 13:52:32 | 000,000,000 | ---D | C] -- C:\Users\Ankon353\AppData\Local\GG
[2014-02-04 13:51:45 | 000,000,000 | ---D | C] -- C:\Users\Ankon353\AppData\Roaming\uTorrent
[2014-02-04 12:18:51 | 000,000,000 | ---D | C] -- C:\Users\Ankon353\Desktop\Programy
[2014-02-04 12:14:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
[2014-02-04 12:14:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD
[2014-02-04 12:13:31 | 000,000,000 | ---D | C] -- C:\Program Files\GIGABYTE
[2014-02-04 12:13:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GIGABYTE
[2014-02-04 12:12:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2014-02-04 12:12:02 | 000,000,000 | ---D | C] -- C:\Users\Ankon353\AppData\Roaming\ATI
[2014-02-04 12:12:02 | 000,000,000 | ---D | C] -- C:\Users\Ankon353\AppData\Local\ATI
[2014-02-04 12:12:02 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2014-02-04 12:09:54 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2014-02-04 12:09:54 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2014-02-04 12:09:32 | 002,601,816 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2014-02-04 12:09:30 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2014-02-04 12:09:30 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2014-02-04 12:09:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Splashtop
[2014-02-04 12:09:29 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2014-02-04 12:09:29 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2014-02-04 12:09:16 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2014-02-04 12:09:15 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2014-02-04 12:09:15 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2014-02-04 12:09:15 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2014-02-04 12:09:14 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2014-02-04 12:09:14 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2014-02-04 12:09:00 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2014-02-04 12:08:59 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2014-02-04 12:08:45 | 002,085,440 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2014-02-04 12:08:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2014-02-04 12:08:36 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2014-02-04 12:08:36 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2014-02-04 12:08:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2014-02-04 12:08:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2014-02-04 12:08:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2014-02-04 12:08:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2014-02-04 12:08:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2014-02-04 12:07:29 | 000,058,880 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst.dll
[2014-02-04 12:07:09 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2014-02-04 12:07:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2014-02-04 12:04:44 | 000,000,000 | -H-D | C] -- C:\ProgramData\{8533ADFA-85F0-4dc1-946A-2A0BA58E78E3}
[2014-02-04 12:04:42 | 000,000,000 | ---D | C] -- C:\Users\Ankon353\AppData\Roaming\Splashtop
[2014-02-04 12:04:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Splashtop
[2014-02-04 11:56:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2014-02-04 11:55:39 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2014-02-04 11:55:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2014-02-04 07:20:01 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2014-02-04 07:19:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014-02-04 07:15:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2014-02-04 07:15:29 | 000,000,000 | ---D | C] -- C:\Users\Ankon353\AppData\Local\Google
[2014-02-04 07:14:08 | 000,000,000 | ---D | C] -- C:\Users\Ankon353\AppData\Local\Deployment
[2014-02-04 07:14:08 | 000,000,000 | ---D | C] -- C:\Users\Ankon353\AppData\Local\Apps
[2014-02-04 07:10:57 | 000,000,000 | R--D | C] -- C:\Users\Ankon353\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014-02-04 07:10:57 | 000,000,000 | R--D | C] -- C:\Users\Ankon353\Searches
[2014-02-04 07:10:57 | 000,000,000 | R--D | C] -- C:\Users\Ankon353\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014-02-04 07:10:49 | 000,000,000 | ---D | C] -- C:\Users\Ankon353\AppData\Roaming\Identities
[2014-02-04 07:10:47 | 000,000,000 | R--D | C] -- C:\Users\Ankon353\Contacts
[2014-02-04 07:10:45 | 000,000,000 | ---D | C] -- C:\Users\Ankon353\AppData\Local\VirtualStore
[2014-02-04 07:10:37 | 000,000,000 | --SD | C] -- C:\Users\Ankon353\AppData\Roaming\Microsoft
[2014-02-04 07:10:37 | 000,000,000 | R--D | C] -- C:\Users\Ankon353\Videos
[2014-02-04 07:10:37 | 000,000,000 | R--D | C] -- C:\Users\Ankon353\Saved Games
[2014-02-04 07:10:37 | 000,000,000 | R--D | C] -- C:\Users\Ankon353\Pictures
[2014-02-04 07:10:37 | 000,000,000 | R--D | C] -- C:\Users\Ankon353\Music
[2014-02-04 07:10:37 | 000,000,000 | R--D | C] -- C:\Users\Ankon353\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014-02-04 07:10:37 | 000,000,000 | R--D | C] -- C:\Users\Ankon353\Links
[2014-02-04 07:10:37 | 000,000,000 | R--D | C] -- C:\Users\Ankon353\Favorites
[2014-02-04 07:10:37 | 000,000,000 | R--D | C] -- C:\Users\Ankon353\Downloads
[2014-02-04 07:10:37 | 000,000,000 | R--D | C] -- C:\Users\Ankon353\Documents
[2014-02-04 07:10:37 | 000,000,000 | R--D | C] -- C:\Users\Ankon353\Desktop
[2014-02-04 07:10:37 | 000,000,000 | R--D | C] -- C:\Users\Ankon353\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014-02-04 07:10:37 | 000,000,000 | -HSD | C] -- C:\Users\Ankon353\Ustawienia lokalne
[2014-02-04 07:10:37 | 000,000,000 | -HSD | C] -- C:\Users\Ankon353\AppData\Local\Temporary Internet Files
[2014-02-04 07:10:37 | 000,000,000 | -HSD | C] -- C:\Users\Ankon353\Szablony
[2014-02-04 07:10:37 | 000,000,000 | -HSD | C] -- C:\Users\Ankon353\SendTo
[2014-02-04 07:10:37 | 000,000,000 | -HSD | C] -- C:\Users\Ankon353\Recent
[2014-02-04 07:10:37 | 000,000,000 | -HSD | C] -- C:\Users\Ankon353\PrintHood
[2014-02-04 07:10:37 | 000,000,000 | -HSD | C] -- C:\Users\Ankon353\NetHood
[2014-02-04 07:10:37 | 000,000,000 | -HSD | C] -- C:\Users\Ankon353\Documents\Moje wideo
[2014-02-04 07:10:37 | 000,000,000 | -HSD | C] -- C:\Users\Ankon353\Documents\Moje obrazy
[2014-02-04 07:10:37 | 000,000,000 | -HSD | C] -- C:\Users\Ankon353\Moje dokumenty
[2014-02-04 07:10:37 | 000,000,000 | -HSD | C] -- C:\Users\Ankon353\Documents\Moja muzyka
[2014-02-04 07:10:37 | 000,000,000 | -HSD | C] -- C:\Users\Ankon353\Menu Start
[2014-02-04 07:10:37 | 000,000,000 | -HSD | C] -- C:\Users\Ankon353\AppData\Local\Historia
[2014-02-04 07:10:37 | 000,000,000 | -HSD | C] -- C:\Users\Ankon353\Dane aplikacji
[2014-02-04 07:10:37 | 000,000,000 | -HSD | C] -- C:\Users\Ankon353\AppData\Local\Dane aplikacji
[2014-02-04 07:10:37 | 000,000,000 | -HSD | C] -- C:\Users\Ankon353\Cookies
[2014-02-04 07:10:37 | 000,000,000 | -H-D | C] -- C:\Users\Ankon353\AppData
[2014-02-04 07:10:37 | 000,000,000 | ---D | C] -- C:\Users\Ankon353\AppData\Local\Temp
[2014-02-04 07:10:37 | 000,000,000 | ---D | C] -- C:\Users\Ankon353\AppData\Local\Microsoft
[2014-02-04 07:10:37 | 000,000,000 | ---D | C] -- C:\Users\Ankon353\AppData\Roaming\Media Center Programs
[2014-02-04 07:10:23 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione
[2014-02-04 07:10:23 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony
[2014-02-04 07:10:23 | 000,000,000 | -HSD | C] -- C:\Recovery
[2014-02-04 07:10:23 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit
[2014-02-04 07:10:23 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo
[2014-02-04 07:10:23 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy
[2014-02-04 07:10:23 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka
[2014-02-04 07:10:23 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start
[2014-02-04 07:10:23 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty
[2014-02-04 07:10:23 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji
[2014-02-04 07:06:03 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2014-02-04 07:03:57 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2014-02-04 07:03:19 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2014-02-04 07:02:28 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2014-02-04 15:22:25 | 001,549,696 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014-02-04 15:22:25 | 000,697,674 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2014-02-04 15:22:25 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014-02-04 15:22:25 | 000,134,784 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2014-02-04 15:22:25 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014-02-04 15:20:01 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014-02-04 14:53:44 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014-02-04 14:53:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014-02-04 14:53:33 | 2816,389,120 | -HS- | M] () -- C:\hiberfil.sys
[2014-02-04 14:52:55 | 000,016,640 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014-02-04 14:52:53 | 000,016,640 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014-02-04 14:52:12 | 000,002,032 | ---- | M] () -- C:\Users\Public\Desktop\avast! SafeZone.lnk
[2014-02-04 14:52:12 | 000,001,972 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2014-02-04 14:51:10 | 000,028,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys
[2014-02-04 14:51:01 | 000,440,672 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdisFlt.sys
[2014-02-04 14:28:59 | 000,030,528 | ---- | M] () -- C:\Windows\GVTDrv64.sys
[2014-02-04 14:24:55 | 001,038,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014-02-04 14:24:55 | 000,421,704 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2014-02-04 14:24:55 | 000,334,136 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014-02-04 14:24:55 | 000,207,904 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014-02-04 14:24:55 | 000,092,544 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014-02-04 14:24:55 | 000,080,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2014-02-04 14:24:55 | 000,078,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014-02-04 14:24:55 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014-02-04 14:24:55 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014-02-04 12:11:46 | 000,000,010 | ---- | M] () -- C:\Windows\GSetup.ini
[2014-02-04 12:11:10 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2014-02-04 11:56:05 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2014-02-04 07:19:29 | 000,002,257 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014-02-04 07:07:01 | 000,067,908 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2014-02-04 07:07:01 | 000,067,908 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2014-02-04 07:05:05 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014-02-04 07:03:44 | 000,274,840 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2014-02-04 14:52:12 | 000,002,032 | ---- | C] () -- C:\Users\Public\Desktop\avast! SafeZone.lnk
[2014-02-04 14:52:12 | 000,001,972 | ---- | C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2014-02-04 14:27:23 | 000,040,960 | ---- | C] () -- C:\Windows\98Setup.exe
[2014-02-04 14:27:23 | 000,000,566 | ---- | C] () -- C:\Windows\SysWow64\SP7302.ini
[2014-02-04 14:24:57 | 000,207,904 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014-02-04 14:24:57 | 000,065,776 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014-02-04 13:52:32 | 000,001,155 | ---- | C] () -- C:\Users\Ankon353\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GG.lnk
[2014-02-04 12:18:49 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2014-02-04 12:13:31 | 000,031,272 | ---- | C] () -- C:\Windows\SysNative\AppleChargerSrv.exe
[2014-02-04 12:13:31 | 000,021,104 | ---- | C] () -- C:\Windows\SysNative\drivers\AppleCharger.sys
[2014-02-04 12:11:10 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2014-02-04 12:07:29 | 000,032,635 | ---- | C] () -- C:\Windows\atiogl.xml
[2014-02-04 12:07:27 | 000,166,704 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2014-02-04 12:07:26 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2014-02-04 12:07:26 | 000,003,929 | ---- | C] () -- C:\Windows\SysNative\atipblag.dat
[2014-02-04 12:04:42 | 000,001,422 | ---- | C] () -- C:\Users\Ankon353\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Social Games.lnk
[2014-02-04 12:03:28 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2014-02-04 11:56:05 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2014-02-04 07:19:29 | 000,002,257 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014-02-04 07:15:34 | 000,001,052 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014-02-04 07:15:34 | 000,001,048 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014-02-04 07:11:03 | 000,001,413 | ---- | C] () -- C:\Users\Ankon353\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2014-02-04 07:10:58 | 000,001,447 | ---- | C] () -- C:\Users\Ankon353\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014-02-04 07:06:49 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2014-02-04 07:06:43 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2014-02-04 07:05:05 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014-02-04 07:03:19 | 2816,389,120 | -HS- | C] () -- C:\hiberfil.sys

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2010-11-21 04:23:55 | 014,174,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010-11-21 04:24:02 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== LOP Check ==========[/color]

[2014-02-04 14:42:26 | 000,000,000 | ---D | M] -- C:\Users\Ankon353\AppData\Roaming\AVAST Software
[2014-02-04 14:53:48 | 000,000,000 | ---D | M] -- C:\Users\Ankon353\AppData\Roaming\GG
[2014-02-04 12:04:42 | 000,000,000 | ---D | M] -- C:\Users\Ankon353\AppData\Roaming\Splashtop
[2014-02-04 15:24:23 | 000,000,000 | ---D | M] -- C:\Users\Ankon353\AppData\Roaming\uTorrent

[color=#E56717]========== Purity Check ==========[/color]

scopy  31.01.2014 12:31 #82

awesomehp wirus
witam złapałem go :( oto log z OTL

byłbym wdzieczny gdyby ktos luknoł (strona startowa w mozilli to własnie strona wirusa





http://www.wklejto.pl/190213

cotojest  30.01.2014 17:06 #81

Bardzo proszę o pomoc. zawiesza mi się dolny pasek tam gdzie start i w przeglądarce 3 przyciski gdzie zamykamy okno, pomimo tego mogę swobodnie poruszać sie po necie. jeszcze zauważyłam że jak tak się zrobi to na pulpicie nie mogę przesuwań ikonek, pomaga tylko włączenie menadżera zadań. ale tylko przeglądarka znowu jakoś działa ale ikonki dalej jak skały ale można je otwierać.
Przeskanowałam kompa nodem i malwarebytes i nie wykazało żadnych wirusów.
Skanowałam hijackiem ale tam nic nie wykazało więc zrobiłam logi w OTL oto one:

OTL .txt http://wklej.to/RIKgk
wxtras.txt http://wklej.to/hwYaZ

proszę o odpowiedz co zrobić bo to zawiszanie jak dla mnie uciążliwe

Qubick  26.01.2014 21:17 #80

Prosze o pomoc to moje logi
OTL http://wklej.to/CMeln

Extras http://wklej.to/b3Avt

Qubick  26.01.2014 20:19 #78

Witam mam pliki z OTL prosze o pomoc

http://wklej.to/f1hsr

http://wklej.to/Zzf9O

jastrzab78  19.01.2014 21:55 #77

proszę o pomoc minimalizują mi się okna przy oglądaniu filmów


OTL Extras logfile created on: 2014-01-19 21:39:59 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrator\Moje dokumenty\Downloads
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,50 Gb Total Physical Memory | 0,82 Gb Available Physical Memory | 32,89% Memory free
4,39 Gb Paging File | 2,73 Gb Available in Paging File | 62,15% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48,83 Gb Total Space | 2,59 Gb Free Space | 5,31% Space Free | Partition Type: NTFS
Drive D: | 416,92 Gb Total Space | 89,01 Gb Free Space | 21,35% Space Free | Partition Type: NTFS
Drive E: | 0,38 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive J: | 4,25 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: 94D9C58D5151461 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent\uTorrent.exe" = C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent Inc.)
"C:\WINDOWS\system32\PnkBstrA.exe" = C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA -- ()
"C:\WINDOWS\system32\PnkBstrB.exe" = C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB -- ()
"C:\Program Files\Ubisoft\Far Cry 2\bin\FarCry2.exe" = C:\Program Files\Ubisoft\Far Cry 2\bin\FarCry2.exe:*:Enabled:Far Cry 2 -- (Ubisoft Entertainment)
"C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe" = C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe:*:Enabled:Far Cry 2 Updater -- (Ubisoft)
"C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Editor.exe" = C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Editor.exe:*:Enabled:Editor -- (Ubisoft Entertainment)
"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe" = C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) -- ()
"D:\torrenty\cod5\CoDWaWmp.exe" = D:\torrenty\cod5\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM) -- (Activision Blizzard, Inc.)
"D:\torrenty\cod5\CoDWaW.exe" = D:\torrenty\cod5\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM) -- (Activision Blizzard, Inc.)


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2413" = CanoScan LiDE 100 Scanner Driver
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{1ADE1AA0-7F82-4BB1-B1BD-727DE438057B}" = Cool & Quiet
"{2767DEDE-EA9D-4FCE-A06A-40F4DD293330}" = hppusgP1000
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{310BC5E2-31AF-49BB-904D-E71EB93645DC}" = AI Suite
"{319D91C6-3D44-436C-9F79-36C0D22372DC}" = TP-LINK Wireless Configuration Utility
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3F3733A5-8322-454D-A638-3B74E1C83752}" = Gadget Installer
"{481EA8F8-CAC0-4137-9CF8-DD0297593E61}" = TP-LINK Wireless Client Utility
"{5271C0D4-24E4-4C3D-A782-C012033FD3CF}" = AMD USB Filter Driver
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{58ECE031-9AAD-4011-B34A-BC78E77527E2}" = hppMSRedist
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7902E313-FF0F-4493-ACB1-A8147B78DCD0}" = HPSSupply
"{7A2A107B-9695-423F-9462-8F17C178BD35}" = TP-LINK Wireless Client Utility
"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}" = EPU-4 Engine
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
"{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}" = Software Version Updater
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CE80D58-2E74-4FF4-A2D2-5E714E470F36}" = ASUS nVidia Driver
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 SP2
"{A4D7B764-4140-11D4-88EB-0050DA3579C0}" = Nero - Burning Rom
"{A790BEB1-BCCF-4EC6-807B-5708B36E8A79}" = Intel(R) PROSet
"{A82D052A-0806-42DF-80CD-1730A1AC0ED3}" = MrvlUsgTracking
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{BB05D173-9681-4812-A7FA-BD4042A3DA00}" = Alky for Applications (Windows XP)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 SP2
"{C0C6BCBC-0884-4C66-B5EF-0B7668FE2B10}" = TP-LINK TL-WDN3200 Driver
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 SP1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{DD1865F0-AD73-40FB-B23E-1822E02396FF}" = NVIDIA PhysX
"{E1230694-33DA-4E74-82E1-06CC9D545E9B}" = Windows Vista Sounds Pack
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{F7338FA3-DAB5-49B2-900D-0AFB5760C166}" = PC Probe II
"{F855C3AE-992D-4B84-A09D-07103CDCDAC2}" = Compact Wireless-G USB Adapter
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Adobe Acrobat 4.0" = Adobe Acrobat 4.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"avast" = avast! Free Antivirus
"Call of Duty Modern Warfare 2_is1" = Call of Duty Modern Warfare 2
"CANONIJPLM100" = Inkjet Printer/Scanner Extended Survey Program
"CanonSolutionMenu" = Canon Utilities Solution Menu
"DAEMON Tools Lite" = DAEMON Tools Lite
"Enable S3 for USB Device" = Enable S3 for USB Device
"ExpressBurn" = Express Burn
"Google Chrome" = Google Chrome
"HP LaserJet P1000 series" = HP LaserJet P1000 series
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MP Navigator EX 2.0" = Canon MP Navigator EX 2.0
"Network Stumbler" = Network Stumbler 0.4.0 (remove only)
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"Office8.0" = Microsoft Office 97, wersja Standard
"Picasa 3" = Picasa 3
"PunkBusterSvc" = PunkBuster Services
"RBPlus" = Roulette Bot Plus
"RealPlayer 12.0" = RealPlayer
"SkanerOnline" = Skaner on-line mks_vir
"Sound Blaster AudioPCI 128" = Sound Blaster AudioPCI 128
"SubEdit-Player_is1" = SubEdit-Player
"Uplay" = Uplay
"VLC media player" = VLC media player 2.0.6
"William Hill CASINO CLUB" = William Hill CASINO CLUB
"Windows Sidebar" = Windows Sidebar
"WinRAR archiver" = Archiwizator WinRAR

[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ System Events ]
Error - 2014-01-19 08:12:22 | Computer Name = 94D9C58D5151461 | Source = Disk | ID = 262155
Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk2\D.

Error - 2014-01-19 08:12:51 | Computer Name = 94D9C58D5151461 | Source = Service Control Manager | ID = 7011
Description = Limit czasu (30000 milisekund) podczas oczekiwania na odpowiedź transakcji
z usługi NVSvc.

Error - 2014-01-19 08:13:19 | Computer Name = 94D9C58D5151461 | Source = Disk | ID = 262155
Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk3\D.

Error - 2014-01-19 08:15:22 | Computer Name = 94D9C58D5151461 | Source = Disk | ID = 262155
Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk4\D.

Error - 2014-01-19 09:56:02 | Computer Name = 94D9C58D5151461 | Source = Disk | ID = 262155
Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk3\D.

Error - 2014-01-19 10:20:49 | Computer Name = 94D9C58D5151461 | Source = Disk | ID = 262155
Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk4\D.

Error - 2014-01-19 16:01:03 | Computer Name = 94D9C58D5151461 | Source = Disk | ID = 262155
Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk3\D.

Error - 2014-01-19 16:02:02 | Computer Name = 94D9C58D5151461 | Source = Disk | ID = 262155
Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk3\D.

Error - 2014-01-19 16:08:38 | Computer Name = 94D9C58D5151461 | Source = Disk | ID = 262155
Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk2\D.

Error - 2014-01-19 16:16:09 | Computer Name = 94D9C58D5151461 | Source = Disk | ID = 262155
Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk1\D.

Brązowa (niezalogowany) 18.01.2014 15:50 #76

http://wklej.to/lMcb7 pomocy, same otwierają się okna z rekalmami w mozzili !

paula888  16.01.2014 18:52 #75

http://www.wklej.org/id/1238633/
Prosze o pomoc please :(

dotiblu  14.01.2014 22:45 #74
Light Code (niezalogowany) 11.01.2014 19:39 #73
donciaa  06.01.2014 02:10 #72

witam! bardzo proszę o pomoc! z góry dziękuję dobrym serduszkom! :)
otl:
http://wklej.org/id/1226381/
i extras:
http://wklej.org/id/1226382/

tomaszek25  05.12.2013 17:38 #71

Witam,
mam również syf z static.australianbrewingcompany.co.
Poniżej przedstawiam logi otl:
wklej.org/id/1197681/
i extras:
wklej.org/id/1197682/
Z góry dziękuję za pomoc

tomaszek25  05.12.2013 10:51 #70

Proszę o pomoc, mam syf z static.australianbrewingcompany.com.
Poniżej skany otl:
http://wklej.org/id/1197669/
i extras:
http://wklej.org/id/1197671/
Z góruy dziękuję za pomoc.