sprawdzenie OTL
-
majka123
- Posty: 13
- Rejestracja: 22 lut 2014, 16:06
sprawdzenie OTL
Bardzo proszę o analizę Dostępne tylko dla zarejestrowanych użytkowników
-
filutka78
- Posty: 1485
- Rejestracja: 28 sty 2009, 17:40
sprawdzenie OTL
Uruchom OTL i w oknie Własne opcje skanowania/Skrypt wklej to:
Kliknij w Wykonaj Skrypt. Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie.
Następnie uruchom OTL ponownie, tym razem kliknij Skanuj.
Pokaż nowy log OTL.txt oraz raport z usuwania Skryptem.
F.
:OTL
O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files\Mobogenie\DaemonProcess.exe File not found
O4 - HKU\S-1-5-21-682003330-1770027372-839522115-1003..\Run: [DriverToolkit] "C:\Program Files\DriverToolkit\DriverToolkit.exe" --autorun File not found
:Files
C:\Documents and Settings\user\Dane aplikacji\newnext.me
:Commands
[emptytemp]
Kliknij w Wykonaj Skrypt. Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie.
Następnie uruchom OTL ponownie, tym razem kliknij Skanuj.
Pokaż nowy log OTL.txt oraz raport z usuwania Skryptem.
F.
-
majka123
- Posty: 13
- Rejestracja: 22 lut 2014, 16:06
sprawdzenie OTL
raport:
All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\mobilegeni daemon deleted successfully.
Registry value HKEY_USERS\S-1-5-21-682003330-1770027372-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run\\DriverToolkit deleted successfully.
File ptytemp] not found.
OTL by OldTimer - Version 3.2.69.0 log created on 02222014_181310
Files\Folders moved on Reboot...
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
OTL
OTL logfile created on: 2014-02-22 18:20:13 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\user\Pulpit
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
765,10 Mb Total Physical Memory | 164,94 Mb Available Physical Memory | 21,56% Memory free
1,83 Gb Paging File | 1,26 Gb Available in Paging File | 68,89% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29,29 Gb Total Space | 19,13 Gb Free Space | 65,29% Space Free | Partition Type: NTFS
Drive D: | 45,23 Gb Total Space | 43,32 Gb Free Space | 95,79% Space Free | Partition Type: NTFS
Drive F: | 53,82 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: USER-10C60856AC | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014-02-22 15:45:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Pulpit\OTL.exe
PRC - [2014-02-21 18:39:33 | 003,767,096 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014-02-21 18:39:32 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014-02-15 18:47:53 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2014-01-06 12:47:40 | 000,246,112 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\Internet w Cyfrowym Polsacie\OnlineUpdate\ouc.exe
PRC - [2014-01-04 13:08:14 | 000,514,560 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\Internet w Cyfrowym Polsacie.exe
PRC - [2011-04-11 10:41:00 | 001,044,480 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files\Realtek\11n USB Wireless LAN Utility\RtWLan.exe
PRC - [2011-03-14 16:27:28 | 000,271,712 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\HWDeviceService.exe
PRC - [2011-01-31 08:40:38 | 004,737,960 | ---- | M] (Redefine Sp. z o.o.) -- C:\Program Files\RedApp\redApp.exe
PRC - [2007-08-03 16:06:32 | 000,262,144 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\sistray.exe
PRC - [2004-08-04 00:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2014-02-22 14:20:31 | 002,181,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\14022201\algo.dll
MOD - [2014-02-21 18:39:38 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014-02-15 18:47:42 | 003,578,992 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2014-02-06 21:39:16 | 016,287,624 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll
MOD - [2014-01-06 12:47:48 | 000,185,344 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\XFramePlugin.dll
MOD - [2014-01-06 12:47:48 | 000,159,232 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\XCodec.dll
MOD - [2014-01-06 12:47:48 | 000,106,496 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\Win7Support.dll
MOD - [2014-01-06 12:47:47 | 000,818,176 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\SMSUIPlugin.dll
MOD - [2014-01-06 12:47:47 | 000,670,720 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\SmsAppPlugin.dll
MOD - [2014-01-06 12:47:47 | 000,317,952 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\StatusBarMgrPlugin.dll
MOD - [2014-01-06 12:47:47 | 000,233,984 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\ToolBarMgrPlugin.dll
MOD - [2014-01-06 12:47:47 | 000,217,600 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\SmsSrvPlugin.dll
MOD - [2014-01-06 12:47:47 | 000,156,672 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\STKSrvPlugin.dll
MOD - [2014-01-06 12:47:47 | 000,142,336 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\USSDSrvPlugin.dll
MOD - [2014-01-06 12:47:47 | 000,135,168 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\Trace.dll
MOD - [2014-01-06 12:47:47 | 000,082,944 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\UpdateSettingUIPlugin.dll
MOD - [2014-01-06 12:47:46 | 009,515,520 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\QtGui4.dll
MOD - [2014-01-06 12:47:46 | 001,148,416 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\QtNetwork4.dll
MOD - [2014-01-06 12:47:46 | 001,148,416 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\Internet w Cyfrowym Polsacie\OnlineUpdate\QtNetwork4.dll
MOD - [2014-01-06 12:47:46 | 000,398,336 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\Internet w Cyfrowym Polsacie\OnlineUpdate\QtXml4.dll
MOD - [2014-01-06 12:47:46 | 000,384,512 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\Internet w Cyfrowym Polsacie\OnlineUpdate\QueryStrategy.dll
MOD - [2014-01-06 12:47:46 | 000,370,176 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\plugins\imageformats\qtiff4.dll
MOD - [2014-01-06 12:47:46 | 000,261,632 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\sdk.dll
MOD - [2014-01-06 12:47:46 | 000,186,368 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\SettingUIPlugin.dll
MOD - [2014-01-06 12:47:45 | 002,415,104 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\QtCore4.dll
MOD - [2014-01-06 12:47:45 | 002,415,104 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\Internet w Cyfrowym Polsacie\OnlineUpdate\QtCore4.dll
MOD - [2014-01-06 12:47:44 | 000,350,720 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\plugins\imageformats\qmng4.dll
MOD - [2014-01-06 12:47:44 | 000,192,000 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\plugins\imageformats\qjpeg4.dll
MOD - [2014-01-06 12:47:44 | 000,082,944 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\plugins\imageformats\qgif4.dll
MOD - [2014-01-06 12:47:44 | 000,081,920 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\plugins\imageformats\qico4.dll
MOD - [2014-01-06 12:47:43 | 000,545,280 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\PluginContainer.dll
MOD - [2014-01-06 12:47:43 | 000,381,952 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\Proxy.dll
MOD - [2014-01-06 12:47:43 | 000,235,008 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\NetSrvPlugin.dll
MOD - [2014-01-06 12:47:43 | 000,133,120 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\OSDialup.dll
MOD - [2014-01-06 12:47:43 | 000,131,072 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\OSNDIS.dll
MOD - [2014-01-06 12:47:43 | 000,101,376 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\OSAdapt.dll
MOD - [2014-01-06 12:47:43 | 000,093,184 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\NotifyServicePlugin.dll
MOD - [2014-01-06 12:47:43 | 000,065,536 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\OSPowerMgr.dll
MOD - [2014-01-06 12:47:43 | 000,062,976 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\OSCall.dll
MOD - [2014-01-06 12:47:42 | 001,101,824 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\NDISAPI.dll
MOD - [2014-01-06 12:47:42 | 000,487,424 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\NetInfoUIExPlugin.dll
MOD - [2014-01-06 12:47:42 | 000,342,016 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\NetConnectPlugin.dll
MOD - [2014-01-06 12:47:42 | 000,278,528 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\NetInfoSrvPlugin.dll
MOD - [2014-01-06 12:47:42 | 000,273,408 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\LiveUpdateInterface.dll
MOD - [2014-01-06 12:47:42 | 000,254,976 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\MenuMgrPlugin.dll
MOD - [2014-01-06 12:47:42 | 000,180,224 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\NDISPlugin.dll
MOD - [2014-01-06 12:47:42 | 000,158,720 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\NetConnectSrvPlugin.dll
MOD - [2014-01-06 12:47:42 | 000,043,008 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\libgcc_s_dw2-1.dll
MOD - [2014-01-06 12:47:42 | 000,043,008 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\Internet w Cyfrowym Polsacie\OnlineUpdate\libgcc_s_dw2-1.dll
MOD - [2014-01-06 12:47:42 | 000,011,362 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\mingwm10.dll
MOD - [2014-01-06 12:47:42 | 000,011,362 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\Internet w Cyfrowym Polsacie\OnlineUpdate\mingwm10.dll
MOD - [2014-01-06 12:47:41 | 000,538,112 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\DeviceMgrUIPlugin.dll
MOD - [2014-01-06 12:47:41 | 000,503,296 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\core.dll
MOD - [2014-01-06 12:47:41 | 000,473,088 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\DialupUIPlugin.dll
MOD - [2014-01-06 12:47:41 | 000,338,432 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\DeviceAppPlugin.dll
MOD - [2014-01-06 12:47:41 | 000,321,024 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\DiagnosisPlugin.dll
MOD - [2014-01-06 12:47:41 | 000,301,056 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\DeviceSrvPlugin.dll
MOD - [2014-01-06 12:47:41 | 000,218,112 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\Common.dll
MOD - [2014-01-06 12:47:41 | 000,215,552 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\DialUpPlugin.dll
MOD - [2014-01-06 12:47:41 | 000,176,128 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\CallSrvPlugin.dll
MOD - [2014-01-06 12:47:41 | 000,157,184 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\DataServicePlugin.dll
MOD - [2014-01-06 12:47:41 | 000,117,760 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\LayoutPlugin.dll
MOD - [2014-01-06 12:47:40 | 001,077,248 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\AddrBookPlugin.dll
MOD - [2014-01-06 12:47:40 | 000,743,424 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\AddrBookUIPlugin.dll
MOD - [2014-01-06 12:47:40 | 000,550,400 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\CallAppPlugin.dll
MOD - [2014-01-06 12:47:40 | 000,547,840 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\CallLogSrvPlugin.dll
MOD - [2014-01-06 12:47:40 | 000,264,704 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\AddrBookSrvPlugin.dll
MOD - [2014-01-06 12:47:40 | 000,246,112 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\Internet w Cyfrowym Polsacie\OnlineUpdate\ouc.exe
MOD - [2014-01-06 12:47:40 | 000,238,080 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\AtCodec.dll
MOD - [2014-01-06 12:47:40 | 000,123,392 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\ATR2SMgr.dll
MOD - [2014-01-04 13:08:14 | 000,514,560 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\Internet w Cyfrowym Polsacie.exe
MOD - [2011-03-14 16:27:28 | 000,271,712 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\HWDeviceService.exe
MOD - [2009-12-09 21:20:06 | 000,126,976 | ---- | M] () -- C:\Program Files\Realtek\11n USB Wireless LAN Utility\EnumDevLib.dll
MOD - [2007-07-12 11:11:54 | 001,163,264 | ---- | M] () -- C:\Program Files\Realtek\11n USB Wireless LAN Utility\acAuth.dll
========== Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2014-02-22 16:41:08 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014-02-21 18:39:32 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2014-02-15 18:47:44 | 000,118,896 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014-01-06 12:47:40 | 000,246,112 | ---- | M] () [Auto | Stopped] -- D:\Internet w Cyfrowym Polsacie\UpdateDog\ouc.exe -- (Internet w Cyfrowym Polsacie. RunOuc)
SRV - [2011-03-14 16:27:28 | 000,271,712 | ---- | M] () [Auto | Running] -- C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\HWDeviceService.exe -- (HWDeviceService.exe)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2014-02-21 19:20:23 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmonflt.sys -- (aswMonFlt)
DRV - [2014-02-21 18:39:41 | 000,775,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2014-02-21 18:39:41 | 000,180,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014-02-21 18:39:41 | 000,057,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2014-02-21 18:39:40 | 000,410,784 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2014-02-21 18:39:40 | 000,054,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2014-02-21 18:39:40 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2014-02-21 18:39:26 | 000,026,136 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2014-01-06 12:47:49 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2014-01-06 12:47:49 | 000,073,216 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2014-01-06 12:47:49 | 000,011,136 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)
DRV - [2014-01-06 12:47:48 | 000,235,392 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2014-01-06 12:47:48 | 000,194,816 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2011-05-09 16:54:02 | 000,904,680 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rtwlanu.sys -- (RTL8192cu)
DRV - [2007-08-10 13:52:44 | 004,603,904 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2007-08-03 16:31:44 | 000,018,688 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2007-08-03 16:10:14 | 000,321,536 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2007-06-21 22:58:32 | 000,547,072 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2007-05-16 12:00:00 | 000,042,368 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SiSGbeXP.sys -- (SiSGbeXP)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-682003330-1770027372-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.google.com/"
FF - prefs.js..extensions.enabledAddons: toolbar.addon%40onet.pl:1.0.14
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: D:\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.40.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-21 18:39:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2014-01-14 14:47:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Extensions
[2014-02-16 14:13:41 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\2mcb8dtq.default\extensions
[2014-02-16 14:13:41 | 000,519,238 | ---- | M] () (No name found) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\2mcb8dtq.default\extensions\toolbar.addon@onet.pl.xpi
[2014-02-15 18:46:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014-02-15 18:48:12 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014-02-15 18:46:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2014-02-15 18:46:55 | 000,000,000 | ---D | M] (OnetToolbar) -- C:\Program Files\Mozilla Firefox\distribution\extensions\toolbar.addon@onet.pl
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Error reading preferences file
CHR - Extension: Dokumenty Google = C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Dysk Google = C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Google Wallet = C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2001-10-26 15:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [SiSPower] C:\WINDOWS\System32\SiSPower.dll (Silicon Integrated Systems Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\REALTEK 11n USB Wireless LAN Utility.lnk = C:\Program Files\Realtek\11n USB Wireless LAN Utility\RtWLan.exe (Realtek Semiconductor Corp.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe (Silicon Integrated Systems Corporation)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-682003330-1770027372-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.2.96.51 212.2.96.52
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{715837F1-5080-4124-B271-2CC9F18176DB}: DhcpNameServer = 212.2.96.51 212.2.96.52
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014-01-04 11:35:14 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011-03-15 00:27:21 | 000,148,320 | R--- | M] () - F:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2008-10-07 18:12:34 | 000,000,045 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{116015b3-7f76-11e3-8a62-001e101f7433}\Shell\AutoRun\command - "" = "Start PC.exe"
O33 - MountPoints2\{8e1d20b8-752c-11e3-8a42-ea823915aa63}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{9ed2ea2a-76c8-11e3-8a48-00a0d1cd589b}\Shell - "" = AutoRun
O33 - MountPoints2\{9ed2ea2a-76c8-11e3-8a48-00a0d1cd589b}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{a97d783c-7538-11e3-8a46-00a0d1cd589b}\Shell - "" = AutoRun
O33 - MountPoints2\{a97d783c-7538-11e3-8a46-00a0d1cd589b}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011-03-15 00:27:21 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{e8500698-76c7-11e3-8a47-00a0d1cd589b}\Shell - "" = AutoRun
O33 - MountPoints2\{e8500698-76c7-11e3-8a47-00a0d1cd589b}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2014-02-22 18:13:10 | 000,000,000 | ---D | C] -- C:\_OTL
[2014-02-22 15:45:39 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\user\Pulpit\OTL.exe
[2014-02-21 18:50:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\AVAST Software
[2014-02-21 18:47:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Avast
[2014-02-21 18:46:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Google Chrome
[2014-02-21 18:39:49 | 000,026,136 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswKbd.sys
[2014-02-21 18:15:36 | 118,051,104 | ---- | C] (AVAST Software) -- C:\avast_pro_antivirus_setup.exe
[2014-02-20 21:01:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Winamp
[2014-02-20 21:00:09 | 000,123,888 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpyi64.exe
[2014-02-20 21:00:09 | 000,009,200 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdralw2k.sys
[2014-02-20 21:00:09 | 000,009,072 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys
[2014-02-20 21:00:08 | 002,095,600 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxsfs.dll
[2014-02-20 21:00:08 | 000,571,888 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxdrv.dll
[2014-02-20 21:00:08 | 000,440,816 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxwave.dll
[2014-02-20 21:00:08 | 000,133,616 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxafs.dll
[2014-02-20 21:00:08 | 000,126,448 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxinsi64.exe
[2014-02-20 21:00:08 | 000,100,848 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\vxblock.dll
[2014-02-20 21:00:08 | 000,072,176 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxhpinst.exe
[2014-02-20 21:00:08 | 000,068,592 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxinsa64.exe
[2014-02-20 21:00:08 | 000,068,080 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpya64.exe
[2014-02-20 21:00:08 | 000,059,888 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxwma.dll
[2014-02-20 21:00:07 | 000,219,632 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxmas.dll
[2014-02-20 21:00:06 | 000,698,864 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\px.dll
[2014-02-20 20:59:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Winamp
[2014-02-15 18:46:46 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014-02-10 11:48:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Google+ Auto Backup
[2014-02-10 11:47:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Picasa 3
[2014-02-06 21:39:11 | 017,268,616 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[2014-01-25 12:46:38 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusb.dll
[2014-01-25 12:46:35 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusd.dll
[2014-01-25 12:46:34 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014-02-22 18:15:30 | 000,000,360 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2014-02-22 18:14:28 | 000,001,028 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014-02-22 18:14:12 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014-02-22 16:52:07 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014-02-22 16:41:10 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014-02-22 16:41:03 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2014-02-22 16:41:03 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2014-02-22 16:40:48 | 017,268,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[2014-02-22 15:45:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Pulpit\OTL.exe
[2014-02-21 19:20:23 | 000,067,824 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmonflt.sys
[2014-02-21 18:47:09 | 000,001,791 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! SafeZone.lnk
[2014-02-21 18:47:09 | 000,001,731 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! Pro Antivirus.lnk
[2014-02-21 18:46:52 | 000,001,819 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk
[2014-02-21 18:39:41 | 000,775,952 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2014-02-21 18:39:41 | 000,180,248 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2014-02-21 18:39:41 | 000,057,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2014-02-21 18:39:40 | 000,410,784 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2014-02-21 18:39:40 | 000,054,832 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2014-02-21 18:39:40 | 000,049,944 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2014-02-21 18:39:39 | 000,270,240 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2014-02-21 18:39:39 | 000,043,152 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2014-02-21 18:39:26 | 000,026,136 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswKbd.sys
[2014-02-21 18:35:29 | 118,051,104 | ---- | M] (AVAST Software) -- C:\avast_pro_antivirus_setup.exe
[2014-02-20 21:01:14 | 000,000,440 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Winamp.lnk
[2014-02-20 18:53:04 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014-02-10 11:47:19 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014-02-21 18:47:09 | 000,001,791 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\avast! SafeZone.lnk
[2014-02-21 18:47:09 | 000,001,731 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\avast! Pro Antivirus.lnk
[2014-02-21 18:46:51 | 000,001,819 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk
[2014-02-21 18:41:03 | 000,001,032 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014-02-21 18:41:02 | 000,001,028 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014-02-20 21:01:14 | 000,000,440 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Winamp.lnk
[2014-01-17 16:19:43 | 000,006,656 | ---- | C] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014-01-06 14:26:57 | 000,451,072 | ---- | C] () -- C:\WINDOWS\System32\ISSRemoveSP.exe
[2014-01-04 12:26:01 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2014-01-04 12:24:41 | 000,267,800 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2014-01-04 11:53:42 | 000,180,248 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2014-01-04 11:53:42 | 000,049,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2014-01-04 11:45:52 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2014-01-04 11:43:06 | 000,092,983 | ---- | C] () -- C:\WINDOWS\VGAsetup.ini
[2014-01-04 11:42:47 | 000,208,896 | ---- | C] () -- C:\WINDOWS\Progress.exe
[2014-01-04 11:42:47 | 000,049,152 | ---- | C] () -- C:\WINDOWS\InstFunc.exe
[2014-01-04 11:42:31 | 000,128,511 | ---- | C] () -- C:\WINDOWS\System32\VGAunistlog.ini
[2014-01-04 11:42:22 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\sis760.bin
[2014-01-04 11:42:22 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\sis741.bin
[2014-01-04 11:42:22 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\sis660.bin
[2014-01-04 11:38:00 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2014-01-04 11:31:42 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
========== ZeroAccess Check ==========
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2004-08-04 00:44:10 | 001,483,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2004-08-04 00:43:58 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2004-08-04 00:44:14 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2014-02-21 18:36:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software
[2014-01-06 12:49:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DatacardService
[2014-01-04 13:09:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Internet w Cyfrowym Polsacie
[2014-01-06 12:50:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\RedApp
[2014-02-21 18:50:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\AVAST Software
[2014-01-04 11:54:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\BESTplayer
[2014-01-06 12:40:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\newnext.me
[2014-01-04 13:11:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\RedApp
========== Purity Check ==========
< End of report >
All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\mobilegeni daemon deleted successfully.
Registry value HKEY_USERS\S-1-5-21-682003330-1770027372-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run\\DriverToolkit deleted successfully.
File ptytemp] not found.
OTL by OldTimer - Version 3.2.69.0 log created on 02222014_181310
Files\Folders moved on Reboot...
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
OTL
OTL logfile created on: 2014-02-22 18:20:13 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\user\Pulpit
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
765,10 Mb Total Physical Memory | 164,94 Mb Available Physical Memory | 21,56% Memory free
1,83 Gb Paging File | 1,26 Gb Available in Paging File | 68,89% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29,29 Gb Total Space | 19,13 Gb Free Space | 65,29% Space Free | Partition Type: NTFS
Drive D: | 45,23 Gb Total Space | 43,32 Gb Free Space | 95,79% Space Free | Partition Type: NTFS
Drive F: | 53,82 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: USER-10C60856AC | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014-02-22 15:45:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Pulpit\OTL.exe
PRC - [2014-02-21 18:39:33 | 003,767,096 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014-02-21 18:39:32 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014-02-15 18:47:53 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2014-01-06 12:47:40 | 000,246,112 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\Internet w Cyfrowym Polsacie\OnlineUpdate\ouc.exe
PRC - [2014-01-04 13:08:14 | 000,514,560 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\Internet w Cyfrowym Polsacie.exe
PRC - [2011-04-11 10:41:00 | 001,044,480 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files\Realtek\11n USB Wireless LAN Utility\RtWLan.exe
PRC - [2011-03-14 16:27:28 | 000,271,712 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\HWDeviceService.exe
PRC - [2011-01-31 08:40:38 | 004,737,960 | ---- | M] (Redefine Sp. z o.o.) -- C:\Program Files\RedApp\redApp.exe
PRC - [2007-08-03 16:06:32 | 000,262,144 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\sistray.exe
PRC - [2004-08-04 00:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2014-02-22 14:20:31 | 002,181,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\14022201\algo.dll
MOD - [2014-02-21 18:39:38 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014-02-15 18:47:42 | 003,578,992 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2014-02-06 21:39:16 | 016,287,624 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll
MOD - [2014-01-06 12:47:48 | 000,185,344 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\XFramePlugin.dll
MOD - [2014-01-06 12:47:48 | 000,159,232 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\XCodec.dll
MOD - [2014-01-06 12:47:48 | 000,106,496 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\Win7Support.dll
MOD - [2014-01-06 12:47:47 | 000,818,176 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\SMSUIPlugin.dll
MOD - [2014-01-06 12:47:47 | 000,670,720 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\SmsAppPlugin.dll
MOD - [2014-01-06 12:47:47 | 000,317,952 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\StatusBarMgrPlugin.dll
MOD - [2014-01-06 12:47:47 | 000,233,984 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\ToolBarMgrPlugin.dll
MOD - [2014-01-06 12:47:47 | 000,217,600 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\SmsSrvPlugin.dll
MOD - [2014-01-06 12:47:47 | 000,156,672 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\STKSrvPlugin.dll
MOD - [2014-01-06 12:47:47 | 000,142,336 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\USSDSrvPlugin.dll
MOD - [2014-01-06 12:47:47 | 000,135,168 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\Trace.dll
MOD - [2014-01-06 12:47:47 | 000,082,944 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\UpdateSettingUIPlugin.dll
MOD - [2014-01-06 12:47:46 | 009,515,520 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\QtGui4.dll
MOD - [2014-01-06 12:47:46 | 001,148,416 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\QtNetwork4.dll
MOD - [2014-01-06 12:47:46 | 001,148,416 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\Internet w Cyfrowym Polsacie\OnlineUpdate\QtNetwork4.dll
MOD - [2014-01-06 12:47:46 | 000,398,336 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\Internet w Cyfrowym Polsacie\OnlineUpdate\QtXml4.dll
MOD - [2014-01-06 12:47:46 | 000,384,512 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\Internet w Cyfrowym Polsacie\OnlineUpdate\QueryStrategy.dll
MOD - [2014-01-06 12:47:46 | 000,370,176 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\plugins\imageformats\qtiff4.dll
MOD - [2014-01-06 12:47:46 | 000,261,632 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\sdk.dll
MOD - [2014-01-06 12:47:46 | 000,186,368 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\SettingUIPlugin.dll
MOD - [2014-01-06 12:47:45 | 002,415,104 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\QtCore4.dll
MOD - [2014-01-06 12:47:45 | 002,415,104 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\Internet w Cyfrowym Polsacie\OnlineUpdate\QtCore4.dll
MOD - [2014-01-06 12:47:44 | 000,350,720 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\plugins\imageformats\qmng4.dll
MOD - [2014-01-06 12:47:44 | 000,192,000 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\plugins\imageformats\qjpeg4.dll
MOD - [2014-01-06 12:47:44 | 000,082,944 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\plugins\imageformats\qgif4.dll
MOD - [2014-01-06 12:47:44 | 000,081,920 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\plugins\imageformats\qico4.dll
MOD - [2014-01-06 12:47:43 | 000,545,280 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\PluginContainer.dll
MOD - [2014-01-06 12:47:43 | 000,381,952 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\Proxy.dll
MOD - [2014-01-06 12:47:43 | 000,235,008 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\NetSrvPlugin.dll
MOD - [2014-01-06 12:47:43 | 000,133,120 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\OSDialup.dll
MOD - [2014-01-06 12:47:43 | 000,131,072 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\OSNDIS.dll
MOD - [2014-01-06 12:47:43 | 000,101,376 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\OSAdapt.dll
MOD - [2014-01-06 12:47:43 | 000,093,184 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\NotifyServicePlugin.dll
MOD - [2014-01-06 12:47:43 | 000,065,536 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\OSPowerMgr.dll
MOD - [2014-01-06 12:47:43 | 000,062,976 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\OSCall.dll
MOD - [2014-01-06 12:47:42 | 001,101,824 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\NDISAPI.dll
MOD - [2014-01-06 12:47:42 | 000,487,424 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\NetInfoUIExPlugin.dll
MOD - [2014-01-06 12:47:42 | 000,342,016 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\NetConnectPlugin.dll
MOD - [2014-01-06 12:47:42 | 000,278,528 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\NetInfoSrvPlugin.dll
MOD - [2014-01-06 12:47:42 | 000,273,408 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\LiveUpdateInterface.dll
MOD - [2014-01-06 12:47:42 | 000,254,976 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\MenuMgrPlugin.dll
MOD - [2014-01-06 12:47:42 | 000,180,224 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\NDISPlugin.dll
MOD - [2014-01-06 12:47:42 | 000,158,720 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\NetConnectSrvPlugin.dll
MOD - [2014-01-06 12:47:42 | 000,043,008 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\libgcc_s_dw2-1.dll
MOD - [2014-01-06 12:47:42 | 000,043,008 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\Internet w Cyfrowym Polsacie\OnlineUpdate\libgcc_s_dw2-1.dll
MOD - [2014-01-06 12:47:42 | 000,011,362 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\mingwm10.dll
MOD - [2014-01-06 12:47:42 | 000,011,362 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\Internet w Cyfrowym Polsacie\OnlineUpdate\mingwm10.dll
MOD - [2014-01-06 12:47:41 | 000,538,112 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\DeviceMgrUIPlugin.dll
MOD - [2014-01-06 12:47:41 | 000,503,296 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\core.dll
MOD - [2014-01-06 12:47:41 | 000,473,088 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\DialupUIPlugin.dll
MOD - [2014-01-06 12:47:41 | 000,338,432 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\DeviceAppPlugin.dll
MOD - [2014-01-06 12:47:41 | 000,321,024 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\DiagnosisPlugin.dll
MOD - [2014-01-06 12:47:41 | 000,301,056 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\DeviceSrvPlugin.dll
MOD - [2014-01-06 12:47:41 | 000,218,112 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\Common.dll
MOD - [2014-01-06 12:47:41 | 000,215,552 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\DialUpPlugin.dll
MOD - [2014-01-06 12:47:41 | 000,176,128 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\CallSrvPlugin.dll
MOD - [2014-01-06 12:47:41 | 000,157,184 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\DataServicePlugin.dll
MOD - [2014-01-06 12:47:41 | 000,117,760 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\LayoutPlugin.dll
MOD - [2014-01-06 12:47:40 | 001,077,248 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\AddrBookPlugin.dll
MOD - [2014-01-06 12:47:40 | 000,743,424 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\AddrBookUIPlugin.dll
MOD - [2014-01-06 12:47:40 | 000,550,400 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\CallAppPlugin.dll
MOD - [2014-01-06 12:47:40 | 000,547,840 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\CallLogSrvPlugin.dll
MOD - [2014-01-06 12:47:40 | 000,264,704 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\AddrBookSrvPlugin.dll
MOD - [2014-01-06 12:47:40 | 000,246,112 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\Internet w Cyfrowym Polsacie\OnlineUpdate\ouc.exe
MOD - [2014-01-06 12:47:40 | 000,238,080 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\AtCodec.dll
MOD - [2014-01-06 12:47:40 | 000,123,392 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\ATR2SMgr.dll
MOD - [2014-01-04 13:08:14 | 000,514,560 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\Internet w Cyfrowym Polsacie.exe
MOD - [2011-03-14 16:27:28 | 000,271,712 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\HWDeviceService.exe
MOD - [2009-12-09 21:20:06 | 000,126,976 | ---- | M] () -- C:\Program Files\Realtek\11n USB Wireless LAN Utility\EnumDevLib.dll
MOD - [2007-07-12 11:11:54 | 001,163,264 | ---- | M] () -- C:\Program Files\Realtek\11n USB Wireless LAN Utility\acAuth.dll
========== Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2014-02-22 16:41:08 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014-02-21 18:39:32 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2014-02-15 18:47:44 | 000,118,896 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014-01-06 12:47:40 | 000,246,112 | ---- | M] () [Auto | Stopped] -- D:\Internet w Cyfrowym Polsacie\UpdateDog\ouc.exe -- (Internet w Cyfrowym Polsacie. RunOuc)
SRV - [2011-03-14 16:27:28 | 000,271,712 | ---- | M] () [Auto | Running] -- C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\HWDeviceService.exe -- (HWDeviceService.exe)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2014-02-21 19:20:23 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmonflt.sys -- (aswMonFlt)
DRV - [2014-02-21 18:39:41 | 000,775,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2014-02-21 18:39:41 | 000,180,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014-02-21 18:39:41 | 000,057,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2014-02-21 18:39:40 | 000,410,784 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2014-02-21 18:39:40 | 000,054,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2014-02-21 18:39:40 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2014-02-21 18:39:26 | 000,026,136 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2014-01-06 12:47:49 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2014-01-06 12:47:49 | 000,073,216 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2014-01-06 12:47:49 | 000,011,136 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)
DRV - [2014-01-06 12:47:48 | 000,235,392 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2014-01-06 12:47:48 | 000,194,816 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2011-05-09 16:54:02 | 000,904,680 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rtwlanu.sys -- (RTL8192cu)
DRV - [2007-08-10 13:52:44 | 004,603,904 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2007-08-03 16:31:44 | 000,018,688 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2007-08-03 16:10:14 | 000,321,536 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2007-06-21 22:58:32 | 000,547,072 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2007-05-16 12:00:00 | 000,042,368 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SiSGbeXP.sys -- (SiSGbeXP)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-682003330-1770027372-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.google.com/"
FF - prefs.js..extensions.enabledAddons: toolbar.addon%40onet.pl:1.0.14
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: D:\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.40.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-21 18:39:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2014-01-14 14:47:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Extensions
[2014-02-16 14:13:41 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\2mcb8dtq.default\extensions
[2014-02-16 14:13:41 | 000,519,238 | ---- | M] () (No name found) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\2mcb8dtq.default\extensions\toolbar.addon@onet.pl.xpi
[2014-02-15 18:46:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014-02-15 18:48:12 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014-02-15 18:46:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2014-02-15 18:46:55 | 000,000,000 | ---D | M] (OnetToolbar) -- C:\Program Files\Mozilla Firefox\distribution\extensions\toolbar.addon@onet.pl
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Error reading preferences file
CHR - Extension: Dokumenty Google = C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Dysk Google = C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Google Wallet = C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2001-10-26 15:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [SiSPower] C:\WINDOWS\System32\SiSPower.dll (Silicon Integrated Systems Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\REALTEK 11n USB Wireless LAN Utility.lnk = C:\Program Files\Realtek\11n USB Wireless LAN Utility\RtWLan.exe (Realtek Semiconductor Corp.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe (Silicon Integrated Systems Corporation)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-682003330-1770027372-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.2.96.51 212.2.96.52
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{715837F1-5080-4124-B271-2CC9F18176DB}: DhcpNameServer = 212.2.96.51 212.2.96.52
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014-01-04 11:35:14 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011-03-15 00:27:21 | 000,148,320 | R--- | M] () - F:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2008-10-07 18:12:34 | 000,000,045 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{116015b3-7f76-11e3-8a62-001e101f7433}\Shell\AutoRun\command - "" = "Start PC.exe"
O33 - MountPoints2\{8e1d20b8-752c-11e3-8a42-ea823915aa63}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{9ed2ea2a-76c8-11e3-8a48-00a0d1cd589b}\Shell - "" = AutoRun
O33 - MountPoints2\{9ed2ea2a-76c8-11e3-8a48-00a0d1cd589b}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{a97d783c-7538-11e3-8a46-00a0d1cd589b}\Shell - "" = AutoRun
O33 - MountPoints2\{a97d783c-7538-11e3-8a46-00a0d1cd589b}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011-03-15 00:27:21 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{e8500698-76c7-11e3-8a47-00a0d1cd589b}\Shell - "" = AutoRun
O33 - MountPoints2\{e8500698-76c7-11e3-8a47-00a0d1cd589b}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2014-02-22 18:13:10 | 000,000,000 | ---D | C] -- C:\_OTL
[2014-02-22 15:45:39 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\user\Pulpit\OTL.exe
[2014-02-21 18:50:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\AVAST Software
[2014-02-21 18:47:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Avast
[2014-02-21 18:46:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Google Chrome
[2014-02-21 18:39:49 | 000,026,136 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswKbd.sys
[2014-02-21 18:15:36 | 118,051,104 | ---- | C] (AVAST Software) -- C:\avast_pro_antivirus_setup.exe
[2014-02-20 21:01:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Winamp
[2014-02-20 21:00:09 | 000,123,888 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpyi64.exe
[2014-02-20 21:00:09 | 000,009,200 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdralw2k.sys
[2014-02-20 21:00:09 | 000,009,072 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys
[2014-02-20 21:00:08 | 002,095,600 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxsfs.dll
[2014-02-20 21:00:08 | 000,571,888 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxdrv.dll
[2014-02-20 21:00:08 | 000,440,816 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxwave.dll
[2014-02-20 21:00:08 | 000,133,616 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxafs.dll
[2014-02-20 21:00:08 | 000,126,448 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxinsi64.exe
[2014-02-20 21:00:08 | 000,100,848 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\vxblock.dll
[2014-02-20 21:00:08 | 000,072,176 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxhpinst.exe
[2014-02-20 21:00:08 | 000,068,592 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxinsa64.exe
[2014-02-20 21:00:08 | 000,068,080 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpya64.exe
[2014-02-20 21:00:08 | 000,059,888 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxwma.dll
[2014-02-20 21:00:07 | 000,219,632 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxmas.dll
[2014-02-20 21:00:06 | 000,698,864 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\px.dll
[2014-02-20 20:59:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Winamp
[2014-02-15 18:46:46 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014-02-10 11:48:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Google+ Auto Backup
[2014-02-10 11:47:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Picasa 3
[2014-02-06 21:39:11 | 017,268,616 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[2014-01-25 12:46:38 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusb.dll
[2014-01-25 12:46:35 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusd.dll
[2014-01-25 12:46:34 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014-02-22 18:15:30 | 000,000,360 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2014-02-22 18:14:28 | 000,001,028 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014-02-22 18:14:12 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014-02-22 16:52:07 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014-02-22 16:41:10 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014-02-22 16:41:03 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2014-02-22 16:41:03 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2014-02-22 16:40:48 | 017,268,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[2014-02-22 15:45:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Pulpit\OTL.exe
[2014-02-21 19:20:23 | 000,067,824 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmonflt.sys
[2014-02-21 18:47:09 | 000,001,791 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! SafeZone.lnk
[2014-02-21 18:47:09 | 000,001,731 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! Pro Antivirus.lnk
[2014-02-21 18:46:52 | 000,001,819 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk
[2014-02-21 18:39:41 | 000,775,952 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2014-02-21 18:39:41 | 000,180,248 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2014-02-21 18:39:41 | 000,057,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2014-02-21 18:39:40 | 000,410,784 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2014-02-21 18:39:40 | 000,054,832 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2014-02-21 18:39:40 | 000,049,944 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2014-02-21 18:39:39 | 000,270,240 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2014-02-21 18:39:39 | 000,043,152 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2014-02-21 18:39:26 | 000,026,136 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswKbd.sys
[2014-02-21 18:35:29 | 118,051,104 | ---- | M] (AVAST Software) -- C:\avast_pro_antivirus_setup.exe
[2014-02-20 21:01:14 | 000,000,440 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Winamp.lnk
[2014-02-20 18:53:04 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014-02-10 11:47:19 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014-02-21 18:47:09 | 000,001,791 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\avast! SafeZone.lnk
[2014-02-21 18:47:09 | 000,001,731 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\avast! Pro Antivirus.lnk
[2014-02-21 18:46:51 | 000,001,819 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk
[2014-02-21 18:41:03 | 000,001,032 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014-02-21 18:41:02 | 000,001,028 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014-02-20 21:01:14 | 000,000,440 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Winamp.lnk
[2014-01-17 16:19:43 | 000,006,656 | ---- | C] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014-01-06 14:26:57 | 000,451,072 | ---- | C] () -- C:\WINDOWS\System32\ISSRemoveSP.exe
[2014-01-04 12:26:01 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2014-01-04 12:24:41 | 000,267,800 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2014-01-04 11:53:42 | 000,180,248 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2014-01-04 11:53:42 | 000,049,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2014-01-04 11:45:52 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2014-01-04 11:43:06 | 000,092,983 | ---- | C] () -- C:\WINDOWS\VGAsetup.ini
[2014-01-04 11:42:47 | 000,208,896 | ---- | C] () -- C:\WINDOWS\Progress.exe
[2014-01-04 11:42:47 | 000,049,152 | ---- | C] () -- C:\WINDOWS\InstFunc.exe
[2014-01-04 11:42:31 | 000,128,511 | ---- | C] () -- C:\WINDOWS\System32\VGAunistlog.ini
[2014-01-04 11:42:22 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\sis760.bin
[2014-01-04 11:42:22 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\sis741.bin
[2014-01-04 11:42:22 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\sis660.bin
[2014-01-04 11:38:00 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2014-01-04 11:31:42 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
========== ZeroAccess Check ==========
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2004-08-04 00:44:10 | 001,483,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2004-08-04 00:43:58 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2004-08-04 00:44:14 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2014-02-21 18:36:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software
[2014-01-06 12:49:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DatacardService
[2014-01-04 13:09:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Internet w Cyfrowym Polsacie
[2014-01-06 12:50:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\RedApp
[2014-02-21 18:50:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\AVAST Software
[2014-01-04 11:54:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\BESTplayer
[2014-01-06 12:40:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\newnext.me
[2014-01-04 13:11:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\RedApp
========== Purity Check ==========
< End of report >
-
majka123
- Posty: 13
- Rejestracja: 22 lut 2014, 16:06
sprawdzenie OTL
All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\mobilegeni daemon not found.
Registry value HKEY_USERS\S-1-5-21-682003330-1770027372-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run\\DriverToolkit not found.
========== FILES ==========
C:\Documents and Settings\user\Dane aplikacji\newnext.me\cache folder moved successfully.
C:\Documents and Settings\user\Dane aplikacji\newnext.me folder moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: user
->Temp folder emptied: 461446645 bytes
->Temporary Internet Files folder emptied: 81033645 bytes
->FireFox cache emptied: 78157600 bytes
->Google Chrome cache emptied: 18625693 bytes
->Flash cache emptied: 7567 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2114584 bytes
%systemroot%\System32 .tmp files removed: 2596 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 35789756 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 646,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 02222014_185930
Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
OTL
OTL logfile created on: 2014-02-22 19:05:45 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\user\Pulpit
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
765,10 Mb Total Physical Memory | 188,60 Mb Available Physical Memory | 24,65% Memory free
1,83 Gb Paging File | 1,30 Gb Available in Paging File | 70,86% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29,29 Gb Total Space | 19,88 Gb Free Space | 67,86% Space Free | Partition Type: NTFS
Drive D: | 45,23 Gb Total Space | 43,32 Gb Free Space | 95,79% Space Free | Partition Type: NTFS
Drive F: | 53,82 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: USER-10C60856AC | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014-02-22 15:45:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Pulpit\OTL.exe
PRC - [2014-02-21 18:39:33 | 003,767,096 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014-02-21 18:39:32 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014-02-15 18:47:53 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2014-01-06 12:47:40 | 000,246,112 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\Internet w Cyfrowym Polsacie\OnlineUpdate\ouc.exe
PRC - [2014-01-04 13:08:14 | 000,514,560 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\Internet w Cyfrowym Polsacie.exe
PRC - [2011-04-11 10:41:00 | 001,044,480 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files\Realtek\11n USB Wireless LAN Utility\RtWLan.exe
PRC - [2011-03-14 16:27:28 | 000,271,712 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\HWDeviceService.exe
PRC - [2011-01-31 08:40:38 | 004,737,960 | ---- | M] (Redefine Sp. z o.o.) -- C:\Program Files\RedApp\redApp.exe
PRC - [2007-08-03 16:06:32 | 000,262,144 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\sistray.exe
PRC - [2004-08-04 00:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2014-02-22 18:40:56 | 016,265,096 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll
MOD - [2014-02-22 14:20:31 | 002,181,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\14022201\algo.dll
MOD - [2014-02-21 18:39:38 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014-02-15 18:47:42 | 003,578,992 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2014-01-06 12:47:48 | 000,185,344 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\XFramePlugin.dll
MOD - [2014-01-06 12:47:48 | 000,159,232 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\XCodec.dll
MOD - [2014-01-06 12:47:48 | 000,106,496 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\Win7Support.dll
MOD - [2014-01-06 12:47:47 | 000,818,176 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\SMSUIPlugin.dll
MOD - [2014-01-06 12:47:47 | 000,670,720 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\SmsAppPlugin.dll
MOD - [2014-01-06 12:47:47 | 000,317,952 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\StatusBarMgrPlugin.dll
MOD - [2014-01-06 12:47:47 | 000,233,984 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\ToolBarMgrPlugin.dll
MOD - [2014-01-06 12:47:47 | 000,217,600 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\SmsSrvPlugin.dll
MOD - [2014-01-06 12:47:47 | 000,156,672 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\STKSrvPlugin.dll
MOD - [2014-01-06 12:47:47 | 000,142,336 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\USSDSrvPlugin.dll
MOD - [2014-01-06 12:47:47 | 000,135,168 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\Trace.dll
MOD - [2014-01-06 12:47:47 | 000,082,944 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\UpdateSettingUIPlugin.dll
MOD - [2014-01-06 12:47:46 | 009,515,520 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\QtGui4.dll
MOD - [2014-01-06 12:47:46 | 001,148,416 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\QtNetwork4.dll
MOD - [2014-01-06 12:47:46 | 001,148,416 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\Internet w Cyfrowym Polsacie\OnlineUpdate\QtNetwork4.dll
MOD - [2014-01-06 12:47:46 | 000,398,336 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\Internet w Cyfrowym Polsacie\OnlineUpdate\QtXml4.dll
MOD - [2014-01-06 12:47:46 | 000,384,512 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\Internet w Cyfrowym Polsacie\OnlineUpdate\QueryStrategy.dll
MOD - [2014-01-06 12:47:46 | 000,370,176 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\plugins\imageformats\qtiff4.dll
MOD - [2014-01-06 12:47:46 | 000,261,632 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\sdk.dll
MOD - [2014-01-06 12:47:46 | 000,186,368 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\SettingUIPlugin.dll
MOD - [2014-01-06 12:47:45 | 002,415,104 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\QtCore4.dll
MOD - [2014-01-06 12:47:45 | 002,415,104 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\Internet w Cyfrowym Polsacie\OnlineUpdate\QtCore4.dll
MOD - [2014-01-06 12:47:44 | 000,350,720 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\plugins\imageformats\qmng4.dll
MOD - [2014-01-06 12:47:44 | 000,192,000 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\plugins\imageformats\qjpeg4.dll
MOD - [2014-01-06 12:47:44 | 000,082,944 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\plugins\imageformats\qgif4.dll
MOD - [2014-01-06 12:47:44 | 000,081,920 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\plugins\imageformats\qico4.dll
MOD - [2014-01-06 12:47:43 | 000,545,280 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\PluginContainer.dll
MOD - [2014-01-06 12:47:43 | 000,381,952 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\Proxy.dll
MOD - [2014-01-06 12:47:43 | 000,235,008 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\NetSrvPlugin.dll
MOD - [2014-01-06 12:47:43 | 000,133,120 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\OSDialup.dll
MOD - [2014-01-06 12:47:43 | 000,131,072 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\OSNDIS.dll
MOD - [2014-01-06 12:47:43 | 000,101,376 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\OSAdapt.dll
MOD - [2014-01-06 12:47:43 | 000,093,184 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\NotifyServicePlugin.dll
MOD - [2014-01-06 12:47:43 | 000,065,536 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\OSPowerMgr.dll
MOD - [2014-01-06 12:47:43 | 000,062,976 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\OSCall.dll
MOD - [2014-01-06 12:47:42 | 001,101,824 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\NDISAPI.dll
MOD - [2014-01-06 12:47:42 | 000,487,424 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\NetInfoUIExPlugin.dll
MOD - [2014-01-06 12:47:42 | 000,342,016 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\NetConnectPlugin.dll
MOD - [2014-01-06 12:47:42 | 000,278,528 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\NetInfoSrvPlugin.dll
MOD - [2014-01-06 12:47:42 | 000,273,408 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\LiveUpdateInterface.dll
MOD - [2014-01-06 12:47:42 | 000,254,976 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\MenuMgrPlugin.dll
MOD - [2014-01-06 12:47:42 | 000,180,224 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\NDISPlugin.dll
MOD - [2014-01-06 12:47:42 | 000,158,720 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\NetConnectSrvPlugin.dll
MOD - [2014-01-06 12:47:42 | 000,043,008 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\libgcc_s_dw2-1.dll
MOD - [2014-01-06 12:47:42 | 000,043,008 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\Internet w Cyfrowym Polsacie\OnlineUpdate\libgcc_s_dw2-1.dll
MOD - [2014-01-06 12:47:42 | 000,011,362 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\mingwm10.dll
MOD - [2014-01-06 12:47:42 | 000,011,362 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\Internet w Cyfrowym Polsacie\OnlineUpdate\mingwm10.dll
MOD - [2014-01-06 12:47:41 | 000,538,112 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\DeviceMgrUIPlugin.dll
MOD - [2014-01-06 12:47:41 | 000,503,296 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\core.dll
MOD - [2014-01-06 12:47:41 | 000,473,088 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\DialupUIPlugin.dll
MOD - [2014-01-06 12:47:41 | 000,338,432 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\DeviceAppPlugin.dll
MOD - [2014-01-06 12:47:41 | 000,321,024 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\DiagnosisPlugin.dll
MOD - [2014-01-06 12:47:41 | 000,301,056 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\DeviceSrvPlugin.dll
MOD - [2014-01-06 12:47:41 | 000,218,112 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\Common.dll
MOD - [2014-01-06 12:47:41 | 000,215,552 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\DialUpPlugin.dll
MOD - [2014-01-06 12:47:41 | 000,176,128 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\CallSrvPlugin.dll
MOD - [2014-01-06 12:47:41 | 000,157,184 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\DataServicePlugin.dll
MOD - [2014-01-06 12:47:41 | 000,117,760 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\LayoutPlugin.dll
MOD - [2014-01-06 12:47:40 | 001,077,248 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\AddrBookPlugin.dll
MOD - [2014-01-06 12:47:40 | 000,743,424 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\AddrBookUIPlugin.dll
MOD - [2014-01-06 12:47:40 | 000,550,400 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\CallAppPlugin.dll
MOD - [2014-01-06 12:47:40 | 000,547,840 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\CallLogSrvPlugin.dll
MOD - [2014-01-06 12:47:40 | 000,264,704 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\AddrBookSrvPlugin.dll
MOD - [2014-01-06 12:47:40 | 000,246,112 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\Internet w Cyfrowym Polsacie\OnlineUpdate\ouc.exe
MOD - [2014-01-06 12:47:40 | 000,238,080 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\AtCodec.dll
MOD - [2014-01-06 12:47:40 | 000,123,392 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\ATR2SMgr.dll
MOD - [2014-01-04 13:08:14 | 000,514,560 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\Internet w Cyfrowym Polsacie.exe
MOD - [2011-03-14 16:27:28 | 000,271,712 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\HWDeviceService.exe
MOD - [2009-12-09 21:20:06 | 000,126,976 | ---- | M] () -- C:\Program Files\Realtek\11n USB Wireless LAN Utility\EnumDevLib.dll
MOD - [2007-07-12 11:11:54 | 001,163,264 | ---- | M] () -- C:\Program Files\Realtek\11n USB Wireless LAN Utility\acAuth.dll
========== Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2014-02-22 18:41:01 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014-02-21 18:39:32 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2014-02-15 18:47:44 | 000,118,896 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014-01-06 12:47:40 | 000,246,112 | ---- | M] () [Auto | Stopped] -- D:\Internet w Cyfrowym Polsacie\UpdateDog\ouc.exe -- (Internet w Cyfrowym Polsacie. RunOuc)
SRV - [2011-03-14 16:27:28 | 000,271,712 | ---- | M] () [Auto | Running] -- C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\HWDeviceService.exe -- (HWDeviceService.exe)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2014-02-21 19:20:23 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmonflt.sys -- (aswMonFlt)
DRV - [2014-02-21 18:39:41 | 000,775,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2014-02-21 18:39:41 | 000,180,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014-02-21 18:39:41 | 000,057,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2014-02-21 18:39:40 | 000,410,784 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2014-02-21 18:39:40 | 000,054,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2014-02-21 18:39:40 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2014-02-21 18:39:26 | 000,026,136 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2014-01-06 12:47:49 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2014-01-06 12:47:49 | 000,073,216 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2014-01-06 12:47:49 | 000,011,136 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)
DRV - [2014-01-06 12:47:48 | 000,235,392 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2014-01-06 12:47:48 | 000,194,816 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2011-05-09 16:54:02 | 000,904,680 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rtwlanu.sys -- (RTL8192cu)
DRV - [2007-08-10 13:52:44 | 004,603,904 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2007-08-03 16:31:44 | 000,018,688 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2007-08-03 16:10:14 | 000,321,536 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2007-06-21 22:58:32 | 000,547,072 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2007-05-16 12:00:00 | 000,042,368 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SiSGbeXP.sys -- (SiSGbeXP)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-682003330-1770027372-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.google.com/"
FF - prefs.js..extensions.enabledAddons: toolbar.addon%40onet.pl:1.0.14
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: D:\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.40.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-21 18:39:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2014-01-14 14:47:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Extensions
[2014-02-16 14:13:41 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\2mcb8dtq.default\extensions
[2014-02-16 14:13:41 | 000,519,238 | ---- | M] () (No name found) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\2mcb8dtq.default\extensions\toolbar.addon@onet.pl.xpi
[2014-02-15 18:46:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014-02-15 18:48:12 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014-02-15 18:46:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2014-02-15 18:46:55 | 000,000,000 | ---D | M] (OnetToolbar) -- C:\Program Files\Mozilla Firefox\distribution\extensions\toolbar.addon@onet.pl
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Error reading preferences file
CHR - Extension: Dokumenty Google = C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Dysk Google = C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Google Wallet = C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2001-10-26 15:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [SiSPower] C:\WINDOWS\System32\SiSPower.dll (Silicon Integrated Systems Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\REALTEK 11n USB Wireless LAN Utility.lnk = C:\Program Files\Realtek\11n USB Wireless LAN Utility\RtWLan.exe (Realtek Semiconductor Corp.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe (Silicon Integrated Systems Corporation)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-682003330-1770027372-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.2.96.51 212.2.96.52
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{715837F1-5080-4124-B271-2CC9F18176DB}: DhcpNameServer = 212.2.96.51 212.2.96.52
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014-01-04 11:35:14 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011-03-15 00:27:21 | 000,148,320 | R--- | M] () - F:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2008-10-07 18:12:34 | 000,000,045 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{116015b3-7f76-11e3-8a62-001e101f7433}\Shell\AutoRun\command - "" = "Start PC.exe"
O33 - MountPoints2\{8e1d20b8-752c-11e3-8a42-ea823915aa63}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{9ed2ea2a-76c8-11e3-8a48-00a0d1cd589b}\Shell - "" = AutoRun
O33 - MountPoints2\{9ed2ea2a-76c8-11e3-8a48-00a0d1cd589b}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{a97d783c-7538-11e3-8a46-00a0d1cd589b}\Shell - "" = AutoRun
O33 - MountPoints2\{a97d783c-7538-11e3-8a46-00a0d1cd589b}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011-03-15 00:27:21 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{e8500698-76c7-11e3-8a47-00a0d1cd589b}\Shell - "" = AutoRun
O33 - MountPoints2\{e8500698-76c7-11e3-8a47-00a0d1cd589b}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2014-02-22 18:13:10 | 000,000,000 | ---D | C] -- C:\_OTL
[2014-02-22 15:45:39 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\user\Pulpit\OTL.exe
[2014-02-21 18:50:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\AVAST Software
[2014-02-21 18:47:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Avast
[2014-02-21 18:46:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Google Chrome
[2014-02-21 18:39:49 | 000,026,136 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswKbd.sys
[2014-02-21 18:15:36 | 118,051,104 | ---- | C] (AVAST Software) -- C:\avast_pro_antivirus_setup.exe
[2014-02-20 21:01:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Winamp
[2014-02-20 21:00:09 | 000,123,888 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpyi64.exe
[2014-02-20 21:00:09 | 000,009,200 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdralw2k.sys
[2014-02-20 21:00:09 | 000,009,072 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys
[2014-02-20 21:00:08 | 002,095,600 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxsfs.dll
[2014-02-20 21:00:08 | 000,571,888 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxdrv.dll
[2014-02-20 21:00:08 | 000,440,816 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxwave.dll
[2014-02-20 21:00:08 | 000,133,616 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxafs.dll
[2014-02-20 21:00:08 | 000,126,448 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxinsi64.exe
[2014-02-20 21:00:08 | 000,100,848 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\vxblock.dll
[2014-02-20 21:00:08 | 000,072,176 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxhpinst.exe
[2014-02-20 21:00:08 | 000,068,592 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxinsa64.exe
[2014-02-20 21:00:08 | 000,068,080 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpya64.exe
[2014-02-20 21:00:08 | 000,059,888 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxwma.dll
[2014-02-20 21:00:07 | 000,219,632 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxmas.dll
[2014-02-20 21:00:06 | 000,698,864 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\px.dll
[2014-02-20 20:59:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Winamp
[2014-02-15 18:46:46 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014-02-10 11:48:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Google+ Auto Backup
[2014-02-10 11:47:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Picasa 3
[2014-01-25 12:46:38 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusb.dll
[2014-01-25 12:46:35 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusd.dll
[2014-01-25 12:46:34 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
========== Files - Modified Within 30 Days ==========
[2014-02-22 19:03:12 | 000,000,360 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2014-02-22 19:02:10 | 000,001,028 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014-02-22 19:02:02 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014-02-22 18:52:07 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014-02-22 18:41:02 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014-02-22 18:40:59 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2014-02-22 18:40:58 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2014-02-22 15:45:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Pulpit\OTL.exe
[2014-02-21 19:20:23 | 000,067,824 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmonflt.sys
[2014-02-21 18:47:09 | 000,001,791 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! SafeZone.lnk
[2014-02-21 18:47:09 | 000,001,731 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! Pro Antivirus.lnk
[2014-02-21 18:46:52 | 000,001,819 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk
[2014-02-21 18:39:41 | 000,775,952 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2014-02-21 18:39:41 | 000,180,248 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2014-02-21 18:39:41 | 000,057,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2014-02-21 18:39:40 | 000,410,784 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2014-02-21 18:39:40 | 000,054,832 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2014-02-21 18:39:40 | 000,049,944 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2014-02-21 18:39:39 | 000,270,240 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2014-02-21 18:39:39 | 000,043,152 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2014-02-21 18:39:26 | 000,026,136 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswKbd.sys
[2014-02-21 18:35:29 | 118,051,104 | ---- | M] (AVAST Software) -- C:\avast_pro_antivirus_setup.exe
[2014-02-20 21:01:14 | 000,000,440 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Winamp.lnk
[2014-02-20 18:53:04 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014-02-10 11:47:19 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
========== Files Created - No Company Name ==========
[2014-02-21 18:47:09 | 000,001,791 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\avast! SafeZone.lnk
[2014-02-21 18:47:09 | 000,001,731 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\avast! Pro Antivirus.lnk
[2014-02-21 18:46:51 | 000,001,819 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk
[2014-02-21 18:41:03 | 000,001,032 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014-02-21 18:41:02 | 000,001,028 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014-02-20 21:01:14 | 000,000,440 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Winamp.lnk
[2014-01-17 16:19:43 | 000,006,656 | ---- | C] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014-01-06 14:26:57 | 000,451,072 | ---- | C] () -- C:\WINDOWS\System32\ISSRemoveSP.exe
[2014-01-04 12:26:01 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2014-01-04 12:24:41 | 000,267,800 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2014-01-04 11:53:42 | 000,180,248 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2014-01-04 11:53:42 | 000,049,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2014-01-04 11:45:52 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2014-01-04 11:43:06 | 000,092,983 | ---- | C] () -- C:\WINDOWS\VGAsetup.ini
[2014-01-04 11:42:47 | 000,208,896 | ---- | C] () -- C:\WINDOWS\Progress.exe
[2014-01-04 11:42:47 | 000,049,152 | ---- | C] () -- C:\WINDOWS\InstFunc.exe
[2014-01-04 11:42:31 | 000,128,511 | ---- | C] () -- C:\WINDOWS\System32\VGAunistlog.ini
[2014-01-04 11:42:22 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\sis760.bin
[2014-01-04 11:42:22 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\sis741.bin
[2014-01-04 11:42:22 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\sis660.bin
[2014-01-04 11:38:00 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2014-01-04 11:31:42 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
========== ZeroAccess Check ==========
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2004-08-04 00:44:10 | 001,483,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2004-08-04 00:43:58 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2004-08-04 00:44:14 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2014-02-21 18:36:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software
[2014-01-06 12:49:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DatacardService
[2014-01-04 13:09:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Internet w Cyfrowym Polsacie
[2014-01-06 12:50:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\RedApp
[2014-02-21 18:50:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\AVAST Software
[2014-01-04 11:54:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\BESTplayer
[2014-01-04 13:11:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\RedApp
========== Purity Check ==========
< End of report >
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\mobilegeni daemon not found.
Registry value HKEY_USERS\S-1-5-21-682003330-1770027372-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run\\DriverToolkit not found.
========== FILES ==========
C:\Documents and Settings\user\Dane aplikacji\newnext.me\cache folder moved successfully.
C:\Documents and Settings\user\Dane aplikacji\newnext.me folder moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: user
->Temp folder emptied: 461446645 bytes
->Temporary Internet Files folder emptied: 81033645 bytes
->FireFox cache emptied: 78157600 bytes
->Google Chrome cache emptied: 18625693 bytes
->Flash cache emptied: 7567 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2114584 bytes
%systemroot%\System32 .tmp files removed: 2596 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 35789756 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 646,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 02222014_185930
Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
OTL
OTL logfile created on: 2014-02-22 19:05:45 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\user\Pulpit
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
765,10 Mb Total Physical Memory | 188,60 Mb Available Physical Memory | 24,65% Memory free
1,83 Gb Paging File | 1,30 Gb Available in Paging File | 70,86% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29,29 Gb Total Space | 19,88 Gb Free Space | 67,86% Space Free | Partition Type: NTFS
Drive D: | 45,23 Gb Total Space | 43,32 Gb Free Space | 95,79% Space Free | Partition Type: NTFS
Drive F: | 53,82 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: USER-10C60856AC | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014-02-22 15:45:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Pulpit\OTL.exe
PRC - [2014-02-21 18:39:33 | 003,767,096 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014-02-21 18:39:32 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014-02-15 18:47:53 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2014-01-06 12:47:40 | 000,246,112 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\Internet w Cyfrowym Polsacie\OnlineUpdate\ouc.exe
PRC - [2014-01-04 13:08:14 | 000,514,560 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\Internet w Cyfrowym Polsacie.exe
PRC - [2011-04-11 10:41:00 | 001,044,480 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files\Realtek\11n USB Wireless LAN Utility\RtWLan.exe
PRC - [2011-03-14 16:27:28 | 000,271,712 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\HWDeviceService.exe
PRC - [2011-01-31 08:40:38 | 004,737,960 | ---- | M] (Redefine Sp. z o.o.) -- C:\Program Files\RedApp\redApp.exe
PRC - [2007-08-03 16:06:32 | 000,262,144 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\sistray.exe
PRC - [2004-08-04 00:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2014-02-22 18:40:56 | 016,265,096 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll
MOD - [2014-02-22 14:20:31 | 002,181,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\14022201\algo.dll
MOD - [2014-02-21 18:39:38 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014-02-15 18:47:42 | 003,578,992 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2014-01-06 12:47:48 | 000,185,344 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\XFramePlugin.dll
MOD - [2014-01-06 12:47:48 | 000,159,232 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\XCodec.dll
MOD - [2014-01-06 12:47:48 | 000,106,496 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\Win7Support.dll
MOD - [2014-01-06 12:47:47 | 000,818,176 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\SMSUIPlugin.dll
MOD - [2014-01-06 12:47:47 | 000,670,720 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\SmsAppPlugin.dll
MOD - [2014-01-06 12:47:47 | 000,317,952 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\StatusBarMgrPlugin.dll
MOD - [2014-01-06 12:47:47 | 000,233,984 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\ToolBarMgrPlugin.dll
MOD - [2014-01-06 12:47:47 | 000,217,600 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\SmsSrvPlugin.dll
MOD - [2014-01-06 12:47:47 | 000,156,672 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\STKSrvPlugin.dll
MOD - [2014-01-06 12:47:47 | 000,142,336 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\USSDSrvPlugin.dll
MOD - [2014-01-06 12:47:47 | 000,135,168 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\Trace.dll
MOD - [2014-01-06 12:47:47 | 000,082,944 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\UpdateSettingUIPlugin.dll
MOD - [2014-01-06 12:47:46 | 009,515,520 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\QtGui4.dll
MOD - [2014-01-06 12:47:46 | 001,148,416 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\QtNetwork4.dll
MOD - [2014-01-06 12:47:46 | 001,148,416 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\Internet w Cyfrowym Polsacie\OnlineUpdate\QtNetwork4.dll
MOD - [2014-01-06 12:47:46 | 000,398,336 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\Internet w Cyfrowym Polsacie\OnlineUpdate\QtXml4.dll
MOD - [2014-01-06 12:47:46 | 000,384,512 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\Internet w Cyfrowym Polsacie\OnlineUpdate\QueryStrategy.dll
MOD - [2014-01-06 12:47:46 | 000,370,176 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\plugins\imageformats\qtiff4.dll
MOD - [2014-01-06 12:47:46 | 000,261,632 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\sdk.dll
MOD - [2014-01-06 12:47:46 | 000,186,368 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\SettingUIPlugin.dll
MOD - [2014-01-06 12:47:45 | 002,415,104 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\QtCore4.dll
MOD - [2014-01-06 12:47:45 | 002,415,104 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\Internet w Cyfrowym Polsacie\OnlineUpdate\QtCore4.dll
MOD - [2014-01-06 12:47:44 | 000,350,720 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\plugins\imageformats\qmng4.dll
MOD - [2014-01-06 12:47:44 | 000,192,000 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\plugins\imageformats\qjpeg4.dll
MOD - [2014-01-06 12:47:44 | 000,082,944 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\plugins\imageformats\qgif4.dll
MOD - [2014-01-06 12:47:44 | 000,081,920 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\plugins\imageformats\qico4.dll
MOD - [2014-01-06 12:47:43 | 000,545,280 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\PluginContainer.dll
MOD - [2014-01-06 12:47:43 | 000,381,952 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\Proxy.dll
MOD - [2014-01-06 12:47:43 | 000,235,008 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\NetSrvPlugin.dll
MOD - [2014-01-06 12:47:43 | 000,133,120 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\OSDialup.dll
MOD - [2014-01-06 12:47:43 | 000,131,072 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\OSNDIS.dll
MOD - [2014-01-06 12:47:43 | 000,101,376 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\OSAdapt.dll
MOD - [2014-01-06 12:47:43 | 000,093,184 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\NotifyServicePlugin.dll
MOD - [2014-01-06 12:47:43 | 000,065,536 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\OSPowerMgr.dll
MOD - [2014-01-06 12:47:43 | 000,062,976 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\OSCall.dll
MOD - [2014-01-06 12:47:42 | 001,101,824 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\NDISAPI.dll
MOD - [2014-01-06 12:47:42 | 000,487,424 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\NetInfoUIExPlugin.dll
MOD - [2014-01-06 12:47:42 | 000,342,016 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\NetConnectPlugin.dll
MOD - [2014-01-06 12:47:42 | 000,278,528 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\NetInfoSrvPlugin.dll
MOD - [2014-01-06 12:47:42 | 000,273,408 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\LiveUpdateInterface.dll
MOD - [2014-01-06 12:47:42 | 000,254,976 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\MenuMgrPlugin.dll
MOD - [2014-01-06 12:47:42 | 000,180,224 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\NDISPlugin.dll
MOD - [2014-01-06 12:47:42 | 000,158,720 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\NetConnectSrvPlugin.dll
MOD - [2014-01-06 12:47:42 | 000,043,008 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\libgcc_s_dw2-1.dll
MOD - [2014-01-06 12:47:42 | 000,043,008 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\Internet w Cyfrowym Polsacie\OnlineUpdate\libgcc_s_dw2-1.dll
MOD - [2014-01-06 12:47:42 | 000,011,362 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\mingwm10.dll
MOD - [2014-01-06 12:47:42 | 000,011,362 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\Internet w Cyfrowym Polsacie\OnlineUpdate\mingwm10.dll
MOD - [2014-01-06 12:47:41 | 000,538,112 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\DeviceMgrUIPlugin.dll
MOD - [2014-01-06 12:47:41 | 000,503,296 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\core.dll
MOD - [2014-01-06 12:47:41 | 000,473,088 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\DialupUIPlugin.dll
MOD - [2014-01-06 12:47:41 | 000,338,432 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\DeviceAppPlugin.dll
MOD - [2014-01-06 12:47:41 | 000,321,024 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\DiagnosisPlugin.dll
MOD - [2014-01-06 12:47:41 | 000,301,056 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\DeviceSrvPlugin.dll
MOD - [2014-01-06 12:47:41 | 000,218,112 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\Common.dll
MOD - [2014-01-06 12:47:41 | 000,215,552 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\DialUpPlugin.dll
MOD - [2014-01-06 12:47:41 | 000,176,128 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\CallSrvPlugin.dll
MOD - [2014-01-06 12:47:41 | 000,157,184 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\DataServicePlugin.dll
MOD - [2014-01-06 12:47:41 | 000,117,760 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\LayoutPlugin.dll
MOD - [2014-01-06 12:47:40 | 001,077,248 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\AddrBookPlugin.dll
MOD - [2014-01-06 12:47:40 | 000,743,424 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\AddrBookUIPlugin.dll
MOD - [2014-01-06 12:47:40 | 000,550,400 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\CallAppPlugin.dll
MOD - [2014-01-06 12:47:40 | 000,547,840 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\CallLogSrvPlugin.dll
MOD - [2014-01-06 12:47:40 | 000,264,704 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\AddrBookSrvPlugin.dll
MOD - [2014-01-06 12:47:40 | 000,246,112 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\Internet w Cyfrowym Polsacie\OnlineUpdate\ouc.exe
MOD - [2014-01-06 12:47:40 | 000,238,080 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\AtCodec.dll
MOD - [2014-01-06 12:47:40 | 000,123,392 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\ATR2SMgr.dll
MOD - [2014-01-04 13:08:14 | 000,514,560 | ---- | M] () -- D:\Internet w Cyfrowym Polsacie\Internet w Cyfrowym Polsacie.exe
MOD - [2011-03-14 16:27:28 | 000,271,712 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\HWDeviceService.exe
MOD - [2009-12-09 21:20:06 | 000,126,976 | ---- | M] () -- C:\Program Files\Realtek\11n USB Wireless LAN Utility\EnumDevLib.dll
MOD - [2007-07-12 11:11:54 | 001,163,264 | ---- | M] () -- C:\Program Files\Realtek\11n USB Wireless LAN Utility\acAuth.dll
========== Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2014-02-22 18:41:01 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014-02-21 18:39:32 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2014-02-15 18:47:44 | 000,118,896 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014-01-06 12:47:40 | 000,246,112 | ---- | M] () [Auto | Stopped] -- D:\Internet w Cyfrowym Polsacie\UpdateDog\ouc.exe -- (Internet w Cyfrowym Polsacie. RunOuc)
SRV - [2011-03-14 16:27:28 | 000,271,712 | ---- | M] () [Auto | Running] -- C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\HWDeviceService.exe -- (HWDeviceService.exe)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2014-02-21 19:20:23 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmonflt.sys -- (aswMonFlt)
DRV - [2014-02-21 18:39:41 | 000,775,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2014-02-21 18:39:41 | 000,180,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014-02-21 18:39:41 | 000,057,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2014-02-21 18:39:40 | 000,410,784 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2014-02-21 18:39:40 | 000,054,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2014-02-21 18:39:40 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2014-02-21 18:39:26 | 000,026,136 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2014-01-06 12:47:49 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2014-01-06 12:47:49 | 000,073,216 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2014-01-06 12:47:49 | 000,011,136 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)
DRV - [2014-01-06 12:47:48 | 000,235,392 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2014-01-06 12:47:48 | 000,194,816 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2011-05-09 16:54:02 | 000,904,680 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rtwlanu.sys -- (RTL8192cu)
DRV - [2007-08-10 13:52:44 | 004,603,904 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2007-08-03 16:31:44 | 000,018,688 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2007-08-03 16:10:14 | 000,321,536 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2007-06-21 22:58:32 | 000,547,072 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2007-05-16 12:00:00 | 000,042,368 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SiSGbeXP.sys -- (SiSGbeXP)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-682003330-1770027372-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.google.com/"
FF - prefs.js..extensions.enabledAddons: toolbar.addon%40onet.pl:1.0.14
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: D:\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.40.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-21 18:39:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2014-01-14 14:47:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Extensions
[2014-02-16 14:13:41 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\2mcb8dtq.default\extensions
[2014-02-16 14:13:41 | 000,519,238 | ---- | M] () (No name found) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\2mcb8dtq.default\extensions\toolbar.addon@onet.pl.xpi
[2014-02-15 18:46:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014-02-15 18:48:12 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014-02-15 18:46:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2014-02-15 18:46:55 | 000,000,000 | ---D | M] (OnetToolbar) -- C:\Program Files\Mozilla Firefox\distribution\extensions\toolbar.addon@onet.pl
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Error reading preferences file
CHR - Extension: Dokumenty Google = C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Dysk Google = C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Google Wallet = C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2001-10-26 15:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [SiSPower] C:\WINDOWS\System32\SiSPower.dll (Silicon Integrated Systems Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\REALTEK 11n USB Wireless LAN Utility.lnk = C:\Program Files\Realtek\11n USB Wireless LAN Utility\RtWLan.exe (Realtek Semiconductor Corp.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe (Silicon Integrated Systems Corporation)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-682003330-1770027372-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.2.96.51 212.2.96.52
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{715837F1-5080-4124-B271-2CC9F18176DB}: DhcpNameServer = 212.2.96.51 212.2.96.52
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014-01-04 11:35:14 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011-03-15 00:27:21 | 000,148,320 | R--- | M] () - F:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2008-10-07 18:12:34 | 000,000,045 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{116015b3-7f76-11e3-8a62-001e101f7433}\Shell\AutoRun\command - "" = "Start PC.exe"
O33 - MountPoints2\{8e1d20b8-752c-11e3-8a42-ea823915aa63}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{9ed2ea2a-76c8-11e3-8a48-00a0d1cd589b}\Shell - "" = AutoRun
O33 - MountPoints2\{9ed2ea2a-76c8-11e3-8a48-00a0d1cd589b}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{a97d783c-7538-11e3-8a46-00a0d1cd589b}\Shell - "" = AutoRun
O33 - MountPoints2\{a97d783c-7538-11e3-8a46-00a0d1cd589b}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011-03-15 00:27:21 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{e8500698-76c7-11e3-8a47-00a0d1cd589b}\Shell - "" = AutoRun
O33 - MountPoints2\{e8500698-76c7-11e3-8a47-00a0d1cd589b}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2014-02-22 18:13:10 | 000,000,000 | ---D | C] -- C:\_OTL
[2014-02-22 15:45:39 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\user\Pulpit\OTL.exe
[2014-02-21 18:50:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\AVAST Software
[2014-02-21 18:47:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Avast
[2014-02-21 18:46:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Google Chrome
[2014-02-21 18:39:49 | 000,026,136 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswKbd.sys
[2014-02-21 18:15:36 | 118,051,104 | ---- | C] (AVAST Software) -- C:\avast_pro_antivirus_setup.exe
[2014-02-20 21:01:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Winamp
[2014-02-20 21:00:09 | 000,123,888 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpyi64.exe
[2014-02-20 21:00:09 | 000,009,200 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdralw2k.sys
[2014-02-20 21:00:09 | 000,009,072 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys
[2014-02-20 21:00:08 | 002,095,600 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxsfs.dll
[2014-02-20 21:00:08 | 000,571,888 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxdrv.dll
[2014-02-20 21:00:08 | 000,440,816 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxwave.dll
[2014-02-20 21:00:08 | 000,133,616 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxafs.dll
[2014-02-20 21:00:08 | 000,126,448 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxinsi64.exe
[2014-02-20 21:00:08 | 000,100,848 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\vxblock.dll
[2014-02-20 21:00:08 | 000,072,176 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxhpinst.exe
[2014-02-20 21:00:08 | 000,068,592 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxinsa64.exe
[2014-02-20 21:00:08 | 000,068,080 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpya64.exe
[2014-02-20 21:00:08 | 000,059,888 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxwma.dll
[2014-02-20 21:00:07 | 000,219,632 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxmas.dll
[2014-02-20 21:00:06 | 000,698,864 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\px.dll
[2014-02-20 20:59:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Winamp
[2014-02-15 18:46:46 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014-02-10 11:48:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Google+ Auto Backup
[2014-02-10 11:47:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Picasa 3
[2014-01-25 12:46:38 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusb.dll
[2014-01-25 12:46:35 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusd.dll
[2014-01-25 12:46:34 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
========== Files - Modified Within 30 Days ==========
[2014-02-22 19:03:12 | 000,000,360 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2014-02-22 19:02:10 | 000,001,028 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014-02-22 19:02:02 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014-02-22 18:52:07 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014-02-22 18:41:02 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014-02-22 18:40:59 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2014-02-22 18:40:58 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2014-02-22 15:45:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Pulpit\OTL.exe
[2014-02-21 19:20:23 | 000,067,824 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmonflt.sys
[2014-02-21 18:47:09 | 000,001,791 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! SafeZone.lnk
[2014-02-21 18:47:09 | 000,001,731 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! Pro Antivirus.lnk
[2014-02-21 18:46:52 | 000,001,819 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk
[2014-02-21 18:39:41 | 000,775,952 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2014-02-21 18:39:41 | 000,180,248 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2014-02-21 18:39:41 | 000,057,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2014-02-21 18:39:40 | 000,410,784 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2014-02-21 18:39:40 | 000,054,832 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2014-02-21 18:39:40 | 000,049,944 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2014-02-21 18:39:39 | 000,270,240 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2014-02-21 18:39:39 | 000,043,152 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2014-02-21 18:39:26 | 000,026,136 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswKbd.sys
[2014-02-21 18:35:29 | 118,051,104 | ---- | M] (AVAST Software) -- C:\avast_pro_antivirus_setup.exe
[2014-02-20 21:01:14 | 000,000,440 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Winamp.lnk
[2014-02-20 18:53:04 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014-02-10 11:47:19 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
========== Files Created - No Company Name ==========
[2014-02-21 18:47:09 | 000,001,791 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\avast! SafeZone.lnk
[2014-02-21 18:47:09 | 000,001,731 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\avast! Pro Antivirus.lnk
[2014-02-21 18:46:51 | 000,001,819 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk
[2014-02-21 18:41:03 | 000,001,032 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014-02-21 18:41:02 | 000,001,028 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014-02-20 21:01:14 | 000,000,440 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Winamp.lnk
[2014-01-17 16:19:43 | 000,006,656 | ---- | C] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014-01-06 14:26:57 | 000,451,072 | ---- | C] () -- C:\WINDOWS\System32\ISSRemoveSP.exe
[2014-01-04 12:26:01 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2014-01-04 12:24:41 | 000,267,800 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2014-01-04 11:53:42 | 000,180,248 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2014-01-04 11:53:42 | 000,049,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2014-01-04 11:45:52 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2014-01-04 11:43:06 | 000,092,983 | ---- | C] () -- C:\WINDOWS\VGAsetup.ini
[2014-01-04 11:42:47 | 000,208,896 | ---- | C] () -- C:\WINDOWS\Progress.exe
[2014-01-04 11:42:47 | 000,049,152 | ---- | C] () -- C:\WINDOWS\InstFunc.exe
[2014-01-04 11:42:31 | 000,128,511 | ---- | C] () -- C:\WINDOWS\System32\VGAunistlog.ini
[2014-01-04 11:42:22 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\sis760.bin
[2014-01-04 11:42:22 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\sis741.bin
[2014-01-04 11:42:22 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\sis660.bin
[2014-01-04 11:38:00 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2014-01-04 11:31:42 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
========== ZeroAccess Check ==========
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2004-08-04 00:44:10 | 001,483,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2004-08-04 00:43:58 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2004-08-04 00:44:14 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2014-02-21 18:36:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software
[2014-01-06 12:49:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DatacardService
[2014-01-04 13:09:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Internet w Cyfrowym Polsacie
[2014-01-06 12:50:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\RedApp
[2014-02-21 18:50:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\AVAST Software
[2014-01-04 11:54:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\BESTplayer
[2014-01-04 13:11:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\RedApp
========== Purity Check ==========
< End of report >
-
filutka78
- Posty: 1485
- Rejestracja: 28 sty 2009, 17:40
sprawdzenie OTL
Teraz usuwanie było udane.
Kończymy:
W OTL kliknij na przycisk Sprzątanie - to go usunie razem z jego Kwarantanną.
F.
Kończymy:
W OTL kliknij na przycisk Sprzątanie - to go usunie razem z jego Kwarantanną.
F.
-
majka123
- Posty: 13
- Rejestracja: 22 lut 2014, 16:06
sprawdzenie OTL
Dziękuje 
Ostatnio zmieniony 24 lut 2014, 19:02 przez djarta, łącznie zmieniany 1 raz.
Powód: Zamek.
Powód: Zamek.
-
- Reklama
Kto jest online
Użytkownicy przeglądający to forum: Obecnie na forum nie ma żadnego zarejestrowanego użytkownika i 5 gości
