Przycinki,spowolniona praca komputera,internetu

**Posty:** 653 · przez **holi12** 30 Gru 2014, 12:03

Witam
Jak w temacie wolna praca kompa i internetu a także wyskakujące co chwilę dziwne reklamy w przeglądarce.

Kod: Zaznacz wszystko: GMER 2.1.19357 - http://www.gmer.net Rootkit scan 2014-12-28 23:56:28 Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST925041 rev.0004 232,89GB Running: bopyddrw.exe; Driver: C:\Users\Aga\AppData\Local\Temp\pgliapod.sys ---- Kernel code sections - GMER 2.1 ---- .text ntkrnlpa.exe!ZwRollbackEnlistment + 140D 82E4EA35 1 Byte [06] .text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82E88392 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3} ---- User code sections - GMER 2.1 ---- .text C:\Program Files\CCleaner\CCleaner.exe[2112] USER32.dll!SetScrollRange 753E8EC5 5 Bytes JMP 00E45F15 C:\Program Files\CCleaner\CCleaner.exe .text C:\Program Files\CCleaner\CCleaner.exe[2112] USER32.dll!GetScrollInfo 753F2DA3 5 Bytes JMP 00E45EA8 C:\Program Files\CCleaner\CCleaner.exe .text C:\Program Files\CCleaner\CCleaner.exe[2112] USER32.dll!SetScrollInfo 753F48DA 5 Bytes JMP 00E45F4C C:\Program Files\CCleaner\CCleaner.exe .text C:\Program Files\CCleaner\CCleaner.exe[2112] USER32.dll!GetScrollRange 7541045A 5 Bytes JMP 00E45E4B C:\Program Files\CCleaner\CCleaner.exe .text C:\Program Files\CCleaner\CCleaner.exe[2112] USER32.dll!SetScrollPos 754104BE 5 Bytes JMP 00E45E26 C:\Program Files\CCleaner\CCleaner.exe .text C:\Program Files\CCleaner\CCleaner.exe[2112] USER32.dll!GetScrollPos 75410E43 5 Bytes JMP 00E45E83 C:\Program Files\CCleaner\CCleaner.exe .text C:\Program Files\CCleaner\CCleaner.exe[2112] USER32.dll!EnableScrollBar 754119CE 5 Bytes JMP 00E45F80 C:\Program Files\CCleaner\CCleaner.exe .text C:\Program Files\CCleaner\CCleaner.exe[2112] USER32.dll!ShowScrollBar 75413C89 5 Bytes JMP 00E45EDB C:\Program Files\CCleaner\CCleaner.exe ---- Devices - GMER 2.1 ---- Device \Driver\BTHUSB \Device\00000091 bthport.sys Device \Driver\BTHUSB \Device\00000093 bthport.sys ---- Registry - GMER 2.1 ---- Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\904ce5cefbae Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\904ce5cefbae@001f201881cb 0x11 0x1C 0x2D 0x3F ... Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\904ce5cefbae@fca13e236173 0xEB 0xE8 0xF4 0x57 ... Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\904ce5cefbae (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\904ce5cefbae@001f201881cb 0x11 0x1C 0x2D 0x3F ... Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\904ce5cefbae@fca13e236173 0xEB 0xE8 0xF4 0x57 ... Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\System\Active Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\System\Active@15720E72 105 ---- EOF - GMER 2.1 ----

Kod: Zaznacz wszystko: OTL logfile created on: 2014-12-28 23:06:27 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Aga\Downloads Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.17501) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1,93 Gb Total Physical Memory | 1,12 Gb Available Physical Memory | 58,21% Memory free 3,85 Gb Paging File | 3,01 Gb Available in Paging File | 78,10% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 97,56 Gb Total Space | 75,69 Gb Free Space | 77,58% Space Free | Partition Type: NTFS Drive D: | 135,23 Gb Total Space | 122,84 Gb Free Space | 90,84% Space Free | Partition Type: NTFS Drive E: | 4,22 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Drive F: | 53,85 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: DELL6400 | User Name: Aga | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2014-12-28 23:01:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Aga\Downloads\OTL_[www.programosy.pl].exe PRC - [2014-12-26 15:53:11 | 001,506,792 | ---- | M] (Lid) -- C:\Program Files\App Lid\03201907-30cc-49ca-a512-acbf926d4428-6.exe PRC - [2014-12-26 12:19:15 | 000,715,656 | ---- | M] (Cherished Technololgy LIMITED) -- C:\ProgramData\IePluginServices\PluginService.exe PRC - [2014-12-26 12:19:00 | 000,485,888 | ---- | M] (Fuyu LIMITED) -- C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe PRC - [2014-12-12 18:21:24 | 005,489,944 | ---- | M] (Piriform Ltd) -- C:\Program Files\CCleaner\CCleaner.exe PRC - [2014-08-22 11:44:44 | 000,022,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe PRC - [2014-05-17 08:03:08 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2014-04-29 19:53:28 | 002,055,624 | ---- | M] () -- C:\Windows\System32\nvwmi.exe PRC - [2014-04-29 18:24:16 | 000,931,784 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe PRC - [2014-04-29 17:40:40 | 000,413,128 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2014-03-11 15:31:58 | 000,179,968 | ---- | M] (Intel Corporation) -- C:\Windows\System32\IPROSetMonitor.exe PRC - [2014-03-11 15:28:22 | 000,141,016 | R--- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\NCS2\WMIProv\ncs2prov.exe PRC - [2012-10-24 16:09:34 | 000,826,312 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe PRC - [2012-10-24 16:09:34 | 000,031,688 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe PRC - [2011-05-31 22:06:02 | 000,088,576 | ---- | M] () -- C:\Program Files\Mobile Partner\Mobile Partner.exe PRC - [2011-02-25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010-09-29 02:33:40 | 000,249,856 | ---- | M] () -- C:\ProgramData\DataCardService\DCService.exe PRC - [2010-09-29 02:33:34 | 000,228,352 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DataCardService\DCSHelper.exe PRC - [2009-09-24 09:54:36 | 000,430,080 | R--- | M] () -- C:\Program Files\Dell\Dell WWAN\WMCore\mini_WMCore.exe PRC - [2009-08-17 19:20:56 | 000,591,136 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe PRC - [2009-07-14 02:14:44 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WerFault.exe PRC - [2009-06-19 11:57:04 | 000,292,128 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\Ambient Light Sensor\AlsSvc.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2014-12-28 22:59:44 | 000,380,416 | ---- | M] () -- C:\Users\Aga\Downloads\bopyddrw.exe MOD - [2014-12-12 23:25:04 | 000,057,344 | ---- | M] () -- C:\Program Files\CCleaner\Lang\lang-1045.dll MOD - [2011-05-31 22:06:02 | 000,088,576 | ---- | M] () -- C:\Program Files\Mobile Partner\Mobile Partner.exe MOD - [2011-03-09 09:11:34 | 009,515,520 | R--- | M] () -- C:\Program Files\Mobile Partner\QtGui4.dll MOD - [2011-03-09 09:11:34 | 002,415,104 | R--- | M] () -- C:\Program Files\Mobile Partner\QtCore4.dll MOD - [2011-03-09 09:11:34 | 001,148,416 | R--- | M] () -- C:\Program Files\Mobile Partner\QtNetwork4.dll MOD - [2011-03-09 09:11:34 | 001,101,824 | R--- | M] () -- C:\Program Files\Mobile Partner\NDISAPI.dll MOD - [2011-03-09 09:11:34 | 001,078,784 | R--- | M] () -- C:\Program Files\Mobile Partner\AddrBookPlugin.dll MOD - [2011-03-09 09:11:34 | 000,769,536 | R--- | M] () -- C:\Program Files\Mobile Partner\SMSUIPlugin.dll MOD - [2011-03-09 09:11:34 | 000,736,256 | R--- | M] () -- C:\Program Files\Mobile Partner\AddrBookUIPlugin.dll MOD - [2011-03-09 09:11:34 | 000,669,696 | R--- | M] () -- C:\Program Files\Mobile Partner\SmsAppPlugin.dll MOD - [2011-03-09 09:11:34 | 000,643,584 | R--- | M] () -- C:\Program Files\Mobile Partner\CallUIPlugin.dll MOD - [2011-03-09 09:11:34 | 000,550,400 | R--- | M] () -- C:\Program Files\Mobile Partner\CallAppPlugin.dll MOD - [2011-03-09 09:11:34 | 000,547,840 | R--- | M] () -- C:\Program Files\Mobile Partner\CallLogSrvPlugin.dll MOD - [2011-03-09 09:11:34 | 000,545,280 | R--- | M] () -- C:\Program Files\Mobile Partner\PluginContainer.dll MOD - [2011-03-09 09:11:34 | 000,490,496 | R--- | M] () -- C:\Program Files\Mobile Partner\DeviceMgrUIPlugin.dll MOD - [2011-03-09 09:11:34 | 000,444,416 | R--- | M] () -- C:\Program Files\Mobile Partner\NetInfoUIExPlugin.dll MOD - [2011-03-09 09:11:34 | 000,413,184 | R--- | M] () -- C:\Program Files\Mobile Partner\DialupUIPlugin.dll MOD - [2011-03-09 09:11:34 | 000,408,576 | R--- | M] () -- C:\Program Files\Mobile Partner\CallLogUIPlugin.dll MOD - [2011-03-09 09:11:34 | 000,381,952 | R--- | M] () -- C:\Program Files\Mobile Partner\Proxy.dll MOD - [2011-03-09 09:11:34 | 000,370,176 | R--- | M] () -- C:\Program Files\Mobile Partner\plugins\imageformats\qtiff4.dll MOD - [2011-03-09 09:11:34 | 000,350,720 | R--- | M] () -- C:\Program Files\Mobile Partner\plugins\imageformats\qmng4.dll MOD - [2011-03-09 09:11:34 | 000,348,160 | R--- | M] () -- C:\Program Files\Mobile Partner\core.dll MOD - [2011-03-09 09:11:34 | 000,337,408 | R--- | M] () -- C:\Program Files\Mobile Partner\DeviceAppPlugin.dll MOD - [2011-03-09 09:11:34 | 000,333,312 | R--- | M] () -- C:\Program Files\Mobile Partner\USSDUIPlugin.dll MOD - [2011-03-09 09:11:34 | 000,327,168 | R--- | M] () -- C:\Program Files\Mobile Partner\NetConnectPlugin.dll MOD - [2011-03-09 09:11:34 | 000,317,440 | R--- | M] () -- C:\Program Files\Mobile Partner\StatusBarMgrPlugin.dll MOD - [2011-03-09 09:11:34 | 000,300,544 | R--- | M] () -- C:\Program Files\Mobile Partner\DeviceSrvPlugin.dll MOD - [2011-03-09 09:11:34 | 000,271,872 | R--- | M] () -- C:\Program Files\Mobile Partner\NetInfoSrvPlugin.dll MOD - [2011-03-09 09:11:34 | 000,264,704 | R--- | M] () -- C:\Program Files\Mobile Partner\AddrBookSrvPlugin.dll MOD - [2011-03-09 09:11:34 | 000,260,608 | R--- | M] () -- C:\Program Files\Mobile Partner\sdk.dll MOD - [2011-03-09 09:11:34 | 000,244,736 | R--- | M] () -- C:\Program Files\Mobile Partner\MenuMgrPlugin.dll MOD - [2011-03-09 09:11:34 | 000,238,592 | R--- | M] () -- C:\Program Files\Mobile Partner\AtCodec.dll MOD - [2011-03-09 09:11:34 | 000,236,544 | R--- | M] () -- C:\Program Files\Mobile Partner\LiveUpdateInterface.dll MOD - [2011-03-09 09:11:34 | 000,232,448 | R--- | M] () -- C:\Program Files\Mobile Partner\NetSrvPlugin.dll MOD - [2011-03-09 09:11:34 | 000,229,376 | R--- | M] () -- C:\Program Files\Mobile Partner\ToolBarMgrPlugin.dll MOD - [2011-03-09 09:11:34 | 000,218,112 | R--- | M] () -- C:\Program Files\Mobile Partner\Common.dll MOD - [2011-03-09 09:11:34 | 000,217,600 | R--- | M] () -- C:\Program Files\Mobile Partner\SmsSrvPlugin.dll MOD - [2011-03-09 09:11:34 | 000,209,920 | R--- | M] () -- C:\Program Files\Mobile Partner\NetInfoRecordUIPlugin.dll MOD - [2011-03-09 09:11:34 | 000,209,920 | R--- | M] () -- C:\Program Files\Mobile Partner\DialUpPlugin.dll MOD - [2011-03-09 09:11:34 | 000,192,000 | R--- | M] () -- C:\Program Files\Mobile Partner\plugins\imageformats\qjpeg4.dll MOD - [2011-03-09 09:11:34 | 000,182,272 | R--- | M] () -- C:\Program Files\Mobile Partner\XFramePlugin.dll MOD - [2011-03-09 09:11:34 | 000,175,104 | R--- | M] () -- C:\Program Files\Mobile Partner\CallSrvPlugin.dll MOD - [2011-03-09 09:11:34 | 000,174,592 | R--- | M] () -- C:\Program Files\Mobile Partner\NDISPlugin.dll MOD - [2011-03-09 09:11:34 | 000,159,232 | R--- | M] () -- C:\Program Files\Mobile Partner\XCodec.dll MOD - [2011-03-09 09:11:34 | 000,158,720 | R--- | M] () -- C:\Program Files\Mobile Partner\NetConnectSrvPlugin.dll MOD - [2011-03-09 09:11:34 | 000,156,672 | R--- | M] () -- C:\Program Files\Mobile Partner\STKSrvPlugin.dll MOD - [2011-03-09 09:11:34 | 000,156,672 | R--- | M] () -- C:\Program Files\Mobile Partner\DataServicePlugin.dll MOD - [2011-03-09 09:11:34 | 000,142,336 | R--- | M] () -- C:\Program Files\Mobile Partner\USSDSrvPlugin.dll MOD - [2011-03-09 09:11:34 | 000,135,168 | R--- | M] () -- C:\Program Files\Mobile Partner\Trace.dll MOD - [2011-03-09 09:11:34 | 000,132,608 | R--- | M] () -- C:\Program Files\Mobile Partner\OSDialup.dll MOD - [2011-03-09 09:11:34 | 000,124,928 | R--- | M] () -- C:\Program Files\Mobile Partner\OSNDIS.dll MOD - [2011-03-09 09:11:34 | 000,123,392 | R--- | M] () -- C:\Program Files\Mobile Partner\ATR2SMgr.dll MOD - [2011-03-09 09:11:34 | 000,117,248 | R--- | M] () -- C:\Program Files\Mobile Partner\LayoutPlugin.dll MOD - [2011-03-09 09:11:34 | 000,106,496 | R--- | M] () -- C:\Program Files\Mobile Partner\Win7Support.dll MOD - [2011-03-09 09:11:34 | 000,101,376 | R--- | M] () -- C:\Program Files\Mobile Partner\OSAdapt.dll MOD - [2011-03-09 09:11:34 | 000,093,184 | R--- | M] () -- C:\Program Files\Mobile Partner\NotifyServicePlugin.dll MOD - [2011-03-09 09:11:34 | 000,082,944 | R--- | M] () -- C:\Program Files\Mobile Partner\plugins\imageformats\qgif4.dll MOD - [2011-03-09 09:11:34 | 000,081,920 | R--- | M] () -- C:\Program Files\Mobile Partner\plugins\imageformats\qico4.dll MOD - [2011-03-09 09:11:34 | 000,065,536 | R--- | M] () -- C:\Program Files\Mobile Partner\OSPowerMgr.dll MOD - [2011-03-09 09:11:34 | 000,062,976 | R--- | M] () -- C:\Program Files\Mobile Partner\OSCall.dll MOD - [2011-03-09 09:11:34 | 000,043,008 | R--- | M] () -- C:\Program Files\Mobile Partner\libgcc_s_dw2-1.dll MOD - [2011-03-09 09:11:34 | 000,011,362 | R--- | M] () -- C:\Program Files\Mobile Partner\mingwm10.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - [2014-12-26 16:46:34 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2014-12-26 15:53:00 | 000,068,608 | ---- | M] (globalUpdate) [On_Demand | Stopped] -- C:\Program Files\globalUpdate\Update\GoogleUpdate.exe -- (globalUpdatem) SRV - [2014-12-26 15:53:00 | 000,068,608 | ---- | M] (globalUpdate) [On_Demand | Stopped] -- C:\Program Files\globalUpdate\Update\GoogleUpdate.exe -- (globalUpdate) SRV - [2014-12-26 12:19:15 | 000,715,656 | ---- | M] (Cherished Technololgy LIMITED) [Auto | Running] -- C:\ProgramData\IePluginServices\PluginService.exe -- (IePluginServices) SRV - [2014-12-26 12:19:00 | 000,485,888 | ---- | M] (Fuyu LIMITED) [Auto | Running] -- C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -- (WindowsMangerProtect) SRV - [2014-12-11 10:30:48 | 000,315,496 | R--- | M] (Skype Technologies) [On_Demand | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2014-12-03 07:31:16 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2014-11-26 17:40:36 | 000,114,800 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2014-11-22 02:55:14 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService) SRV - [2014-08-22 11:44:44 | 000,022,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV - [2014-08-22 11:44:40 | 000,288,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv) SRV - [2014-05-17 11:28:46 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2014-04-29 19:53:28 | 002,055,624 | ---- | M] () [Auto | Running] -- C:\Windows\System32\nvwmi.exe -- (NVWMI) SRV - [2014-04-29 17:40:40 | 000,413,128 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2014-03-11 15:31:58 | 000,179,968 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\System32\IPROSetMonitor.exe -- (Intel(R) SRV - [2013-05-27 05:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2012-10-24 16:09:34 | 000,826,312 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe -- (Credential Vault Host Control Service) SRV - [2012-10-24 16:09:34 | 000,031,688 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe -- (Credential Vault Host Storage) SRV - [2010-09-29 02:33:40 | 000,249,856 | ---- | M] () [Auto | Running] -- C:\ProgramData\DataCardService\DCService.exe -- (DCService.exe) SRV - [2009-09-24 09:54:36 | 000,430,080 | R--- | M] () [Auto | Running] -- C:\Program Files\Dell\Dell WWAN\WMCore\mini_WMCore.exe -- (WMCoreService) SRV - [2009-08-17 19:20:56 | 000,591,136 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV - [2009-08-04 13:00:14 | 002,058,776 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe -- (UNS) SRV - [2009-08-04 13:00:00 | 000,174,616 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\AMT\LMS.exe -- (LMS) SRV - [2009-07-14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc) SRV - [2009-07-14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009-06-19 11:57:04 | 000,292,128 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\Ambient Light Sensor\AlsSvc.exe -- (alssvc) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\Aga\AppData\Local\Temp\pgliapod.sys -- (pgliapod) DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1578726F-04DC-4A4F-9902-A11BEE924E26}\MpKsld12883e9.sys -- (MpKsld12883e9) DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1578726F-04DC-4A4F-9902-A11BEE924E26}\MpKsl83abf70d.sys -- (MpKsl83abf70d) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbnet.sys -- (ewusbnet) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Aga\AppData\Local\Temp\catchme.sys -- (catchme) DRV - [2014-12-25 21:36:58 | 000,043,160 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\System32\drivers\{f17a6425-9752-4042-9063-36eef24d8b77}Gw.sys -- ({f17a6425-9752-4042-9063-36eef24d8b77}Gw) DRV - [2014-12-23 19:25:48 | 000,043,144 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\System32\drivers\{97daceee-c4d3-4ae1-975b-b77d85ce2d13}Gw.sys -- ({97daceee-c4d3-4ae1-975b-b77d85ce2d13}Gw) DRV - [2014-12-21 01:23:42 | 000,043,144 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\System32\drivers\{8aefbcaf-640f-4dca-9a92-ed05ee387238}Gw.sys -- ({8aefbcaf-640f-4dca-9a92-ed05ee387238}Gw) DRV - [2014-12-17 18:26:04 | 000,043,144 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\System32\drivers\{993baf86-643c-42e9-95e5-094f337533f0}Gw.sys -- ({993baf86-643c-42e9-95e5-094f337533f0}Gw) DRV - [2014-12-17 05:24:32 | 000,043,144 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\System32\drivers\{47a3b56f-80e6-4ea5-8093-7656ffd5c11a}Gw.sys -- ({47a3b56f-80e6-4ea5-8093-7656ffd5c11a}Gw) DRV - [2014-07-17 17:05:08 | 000,095,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv) DRV - [2014-04-29 19:53:28 | 010,510,680 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2013-10-02 01:42:31 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2012-10-24 16:09:36 | 000,041,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\cvusbdrv.sys -- (cvusbdrv) DRV - [2012-08-23 15:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV - [2011-12-16 02:36:22 | 000,354,816 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbwwan.sys -- (ewusbmbb) DRV - [2011-12-02 07:23:04 | 000,190,976 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_juwwanecm.sys -- (huawei_wwanecm) DRV - [2011-10-20 19:24:20 | 000,232,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1y6232.sys -- (e1yexpress) DRV - [2011-09-09 04:50:10 | 000,089,856 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_jucdcacm.sys -- (huawei_cdcacm) DRV - [2011-09-09 04:50:10 | 000,073,984 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator) DRV - [2011-09-09 04:50:10 | 000,026,624 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_juextctrl.sys -- (huawei_ext_ctrl) DRV - [2011-08-16 10:17:20 | 000,195,200 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2010-11-20 22:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2010-11-20 22:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc) DRV - [2010-11-20 22:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2010-11-20 22:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010-11-20 22:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2010-11-20 22:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD) DRV - [2010-11-20 22:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010-11-20 22:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2010-08-05 17:17:36 | 000,040,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (HECI) DRV - [2010-07-27 02:52:02 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev) DRV - [2010-07-04 20:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5) DRV - [2010-03-20 05:06:58 | 000,011,136 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter) DRV - [2009-11-24 14:30:34 | 000,217,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService) DRV - [2009-09-22 14:47:34 | 000,216,616 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WwanUsbMp.sys -- (WwanUsbServ) DRV - [2009-09-22 09:09:38 | 000,014,848 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wwanussf.sys -- (ecnssndisfltr) DRV - [2009-09-22 09:09:38 | 000,010,240 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wwanuss.sys -- (ecnssndis) DRV - [2009-09-19 04:30:10 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm) DRV - [2009-09-19 04:30:10 | 000,100,224 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bserd.sys -- (ss_bserd) DRV - [2009-09-19 04:30:10 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus) DRV - [2009-09-19 04:30:10 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl) DRV - [2009-07-14 00:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial) DRV - [2009-07-14 00:45:20 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\acpials.sys -- (acpials) DRV - [2009-07-13 23:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) DRV - [2009-07-10 14:53:22 | 000,082,984 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\d554gps.sys -- (d554gps) DRV - [2009-06-29 08:42:12 | 000,374,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\d557mdm.sys -- (d557mdm) DRV - [2009-06-29 08:42:12 | 000,357,248 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\d557mgmt.sys -- (d557mgmt) DRV - [2009-06-29 08:42:12 | 000,285,056 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\d557bus.sys -- (d557bus) DRV - [2009-06-29 08:42:12 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\d557mdfl.sys -- (d557mdfl) DRV - [2009-06-25 15:58:10 | 000,048,128 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1419592681&from=cor&uid=ST9250410ASG_5VG3RJAEXXXX5VG3RJAE&q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=ds&ts=1419592681&from=cor&uid=ST9250410ASG_5VG3RJAEXXXX5VG3RJAE&q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.bing.com/search?q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com/search?q={searchTerms} IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{9a216821-0ec5-49a3-85ac-fb72ae79a1e8}: "URL" = http://search.tb.ask.com/search/GGmain.jhtml?p2=^Y6^man000^YYA^&ptb=867638A5-C98E-4F17-8768-3E92B04BAD5A&ind=2014120812&n=780d0b6c&psa=&st=sb&searchfor={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{009263DB-41A6-409B-A166-82058F9D7C47}: "URL" = http://www.search.ask.com/web?tpid=BTR-SP&o=APN11584&pf=V7&p2=^BJ2^YYYYYY^YY^PL&gct=&itbv=12.17.1.2468&apn_uid=84FE5A49-8361-4AA7-B2F0-ECFBEAE9C284&apn_ptnrs=^BJ2&apn_dtid=^YYYYYY^YY^PL&apn_dbr=ie_11.0.9600.17420&doi=2014-12-08&trgb=IE&q={searchTerms}&psv=&pt=crx IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 IE - HKCU\..\SearchScopes\{9a216821-0ec5-49a3-85ac-fb72ae79a1e8}: "URL" = http://search.tb.ask.com/search/GGmain.jhtml?p2=^Y6^man000^YYA^&ptb=867638A5-C98E-4F17-8768-3E92B04BAD5A&ind=2014120812&n=780d0b6c&psa=&st=sb&searchfor={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.isUS: false FF - prefs.js..extensions.enabledAddons: d9676068985d4d81bb390a%407be93ab3c8e144f694a0509d5.com:0.95.17 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:34.0.5 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.65.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.65.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10: C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate) FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4: C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 34.0.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 34.0.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014-12-26 12:52:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Aga\AppData\Roaming\mozilla\Extensions [2014-12-26 16:46:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Aga\AppData\Roaming\mozilla\Firefox\Profiles\d254qke1.default\extensions [2014-12-26 15:53:32 | 000,000,000 | ---D | M] ("App Lid") -- C:\Users\Aga\AppData\Roaming\mozilla\Firefox\Profiles\d254qke1.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com [2014-12-26 15:53:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Aga\AppData\Roaming\mozilla\Firefox\Profiles\d254qke1.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData [2014-12-26 15:53:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Aga\AppData\Roaming\mozilla\Firefox\Profiles\d254qke1.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\plugins [2014-12-26 15:53:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Aga\AppData\Roaming\mozilla\Firefox\Profiles\d254qke1.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\userCode [2014-12-26 12:51:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions [2014-12-26 12:51:52 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [color=#E56717]========== Chrome ==========[/color] CHR - plugin: Error reading preferences file CHR - Extension: No name found = C:\Users\Aga\AppData\Local\Google\Chrome\User Data\Default\Extensions\akjbfncbadcmnkopckegnmjgihagponf\1.10_0\ CHR - Extension: No name found = C:\Users\Aga\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\ CHR - Extension: No name found = C:\Users\Aga\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\ CHR - Extension: Music Maker = C:\Users\Aga\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdblcahgpgoandbbidibfjnlfkmpccaf\238\ CHR - Extension: No name found = C:\Users\Aga\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk\6.65.62_0\ CHR - Extension: No name found = C:\Users\Aga\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.3.16540.9015_0\ CHR - Extension: No name found = C:\Users\Aga\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\ CHR - Extension: FoxFilter The content filter = C:\Users\Aga\AppData\Local\Google\Chrome\User Data\Default\Extensions\nopeodilnmhhlfageeohjojginlgeljk\142\ CHR - Extension: APP = C:\Users\Aga\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnacehkknmafkjgkikclamogikoiaaa\1.1_0\ O1 HOSTS File: ([2014-11-30 15:40:26 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (App Lid) - {11111111-1111-1111-1111-110611571143} - C:\Program Files\App Lid\App Lid-bho.dll (Lid) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{28F1CEAF-781E-4DB7-9E34-9B363AED2BF3}: DhcpNameServer = 62.233.233.233 87.204.204.204 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3411CE9E-E920-4740-A040-8DD08E1554F4}: NameServer = 194.204.159.1 194.204.152.34 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7DB662C9-272F-49FD-80B8-0F43C1870A41}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{865352E0-CB6B-4711-B593-E0DE1424ED84}: NameServer = 217.116.104.104 217.116.100.100 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2012-02-11 22:06:03 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.) - F:\AutoRun.exe -- [ CDFS ] O32 - AutoRun File - [2012-03-21 19:52:32 | 000,000,313 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2014-12-26 17:14:59 | 000,000,000 | ---D | C] -- C:\Users\Aga\AppData\Local\Macromedia [2014-12-26 16:12:05 | 000,861,696 | ---- | C] (DiBcom SA) -- C:\Windows\System32\drivers\mod7700.sys [2014-12-26 16:12:05 | 000,354,816 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbwwan.sys [2014-12-26 16:12:05 | 000,195,200 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys [2014-12-26 16:12:05 | 000,190,976 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_juwwanecm.sys [2014-12-26 16:12:05 | 000,102,784 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_hwusbdev.sys [2014-12-26 16:12:05 | 000,089,856 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcacm.sys [2014-12-26 16:12:05 | 000,073,984 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jubusenum.sys [2014-12-26 16:12:05 | 000,066,688 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcecm.sys [2014-12-26 16:12:05 | 000,026,624 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_juextctrl.sys [2014-12-26 16:12:05 | 000,025,856 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\Windows\System32\drivers\ewdcsc.sys [2014-12-26 16:12:05 | 000,019,200 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_hwupgrade.sys [2014-12-26 16:12:05 | 000,011,136 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_usbenumfilter.sys [2014-12-26 15:57:03 | 000,000,000 | ---D | C] -- C:\Users\Aga\AppData\Roaming\BRT [2014-12-26 15:56:42 | 000,043,160 | ---- | C] (StdLib) -- C:\Windows\System32\drivers\{f17a6425-9752-4042-9063-36eef24d8b77}Gw.sys [2014-12-26 15:53:01 | 000,000,000 | ---D | C] -- C:\Users\Aga\AppData\Local\globalUpdate [2014-12-26 15:53:01 | 000,000,000 | ---D | C] -- C:\Program Files\globalUpdate [2014-12-26 15:53:01 | 000,000,000 | ---D | C] -- C:\Program Files\d066fa9e-6777-40dd-88f9-026f1b29484c [2014-12-26 15:52:58 | 000,000,000 | ---D | C] -- C:\Program Files\App Lid [2014-12-26 15:51:56 | 000,000,000 | ---D | C] -- C:\Users\Aga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker [2014-12-26 15:51:56 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker [2014-12-26 13:00:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Odkurzacz [2014-12-26 13:00:06 | 000,000,000 | ---D | C] -- C:\Program Files\Odkurzacz [2014-12-26 12:52:04 | 000,000,000 | ---D | C] -- C:\Users\Aga\AppData\Local\Mozilla [2014-12-26 12:52:03 | 000,000,000 | ---D | C] -- C:\Users\Aga\AppData\Roaming\Mozilla [2014-12-26 12:51:54 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service [2014-12-26 12:51:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2014-12-26 12:51:48 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2014-12-26 12:27:52 | 001,037,896 | ---- | C] (Mindspark) -- C:\Program Files\65Uninstall FromDocToPDF.dll [2014-12-26 12:27:52 | 000,196,480 | ---- | C] (Mindspark) -- C:\Program Files\65res.dll [2014-12-26 12:20:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2014-12-26 12:20:05 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2014-12-26 12:19:19 | 000,000,000 | ---D | C] -- C:\ProgramData\IePluginServices [2014-12-26 12:19:01 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsMangerProtect [2014-12-24 13:32:52 | 000,043,144 | ---- | C] (StdLib) -- C:\Windows\System32\drivers\{97daceee-c4d3-4ae1-975b-b77d85ce2d13}Gw.sys [2014-12-23 18:26:53 | 000,000,000 | ---D | C] -- C:\Program Files\CCllickFForSalae [2014-12-23 18:25:16 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt [2014-12-23 18:24:39 | 000,000,000 | ---D | C] -- C:\Program Files\SShiooppEuRMaustero [2014-12-23 18:23:58 | 000,000,000 | ---D | C] -- C:\ProgramData\1790955706 [2014-12-22 19:59:21 | 000,000,000 | ---D | C] -- C:\ProgramData\SShiooppEuRMaustero [2014-12-22 15:59:02 | 000,000,000 | ---D | C] -- C:\ProgramData\CCllickFForSalae [2014-12-22 15:58:16 | 000,000,000 | ---D | C] -- C:\ProgramData\2f3f57f2ffcce268 [2014-12-21 10:36:11 | 000,043,144 | ---- | C] (StdLib) -- C:\Windows\System32\drivers\{8aefbcaf-640f-4dca-9a92-ed05ee387238}Gw.sys [2014-12-18 06:21:58 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2014-12-18 06:13:07 | 000,043,144 | ---- | C] (StdLib) -- C:\Windows\System32\drivers\{993baf86-643c-42e9-95e5-094f337533f0}Gw.sys [2014-12-17 16:06:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobile Partner [2014-12-17 15:17:10 | 000,000,000 | -H-D | C] -- C:\Users\Aga\Desktop\.temp [2014-12-17 14:38:27 | 000,043,144 | ---- | C] (StdLib) -- C:\Windows\System32\drivers\{47a3b56f-80e6-4ea5-8093-7656ffd5c11a}Gw.sys [2014-12-13 09:20:29 | 000,000,000 | ---D | C] -- C:\ProgramData\3404536544500703848 [2014-12-12 07:16:20 | 000,000,000 | ---D | C] -- C:\Windows\System32\appraiser [2014-12-12 06:19:46 | 003,209,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll [2014-12-11 06:52:45 | 001,160,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aitstatic.exe [2014-12-11 06:52:44 | 000,873,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll [2014-12-11 06:52:44 | 000,728,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appraiser.dll [2014-12-11 06:52:44 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepic.dll [2014-12-11 06:52:43 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\invagent.dll [2014-12-11 06:52:42 | 000,337,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\generaltel.dll [2014-12-11 06:52:42 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devinv.dll [2014-12-11 06:52:41 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll [2014-12-11 06:51:50 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe [2014-12-11 06:51:50 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll [2014-12-11 06:51:50 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll [2014-12-11 06:51:49 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe [2014-12-11 06:51:49 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2014-12-11 06:51:48 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll [2014-12-11 06:51:48 | 000,418,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2014-12-11 06:51:48 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll [2014-12-11 06:51:43 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2014-12-11 06:51:41 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2014-12-11 06:51:38 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll [2014-12-11 06:51:36 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll [2014-12-11 06:51:31 | 004,299,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2014-12-11 06:51:24 | 000,684,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2014-12-11 06:51:24 | 000,342,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2014-12-11 06:51:24 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2014-12-11 06:51:23 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2014-12-11 06:51:23 | 000,688,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2014-12-11 06:51:22 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2014-12-11 06:51:19 | 002,052,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2014-12-11 06:51:18 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2014-12-11 06:51:17 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2014-12-11 06:50:18 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2014-12-11 06:49:56 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\charmap.exe [2014-12-11 06:49:55 | 000,248,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll [2014-12-11 06:49:55 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll [2014-12-11 06:49:55 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe [2014-12-11 06:49:55 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll [2014-12-08 18:33:35 | 000,000,000 | ---D | C] -- C:\Users\Aga\AppData\Roaming\RHEng [2014-12-08 18:33:17 | 000,000,000 | ---D | C] -- C:\ProgramData\APN [2014-12-08 18:32:57 | 000,000,000 | ---D | C] -- C:\Users\Aga\AppData\Roaming\uTorrent [2014-12-08 18:28:49 | 000,000,000 | ---D | C] -- C:\Users\Aga\AppData\Local\IAC [2014-12-03 08:21:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AbiWord Word Processor [2014-12-03 08:20:35 | 000,000,000 | ---D | C] -- C:\Program Files\AbiWord [2014-11-30 20:12:19 | 000,000,000 | ---D | C] -- C:\Windows\Sun [2014-11-30 15:46:43 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2014-11-30 15:17:26 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2014-11-30 15:17:26 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2014-11-30 15:17:26 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2014-11-30 15:14:26 | 000,000,000 | ---D | C] -- C:\Qoobox [2014-11-30 15:13:22 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2014-11-29 12:52:37 | 000,114,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-11-29 12:52:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware [2014-11-29 12:51:18 | 000,075,480 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys [2014-11-29 12:51:17 | 000,051,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys [2014-11-29 12:51:17 | 000,023,256 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2014-11-29 12:51:17 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware [2014-11-29 12:51:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2014-11-29 12:21:30 | 000,000,000 | ---D | C] -- C:\Windows\pss [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2014-12-28 23:16:09 | 000,031,312 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2014-12-28 23:16:09 | 000,031,312 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2014-12-28 23:13:32 | 000,743,280 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2014-12-28 23:13:32 | 000,656,628 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2014-12-28 23:13:32 | 000,156,730 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2014-12-28 23:13:32 | 000,122,440 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2014-12-28 23:10:16 | 000,005,474 | ---- | M] () -- C:\Windows\tasks\03201907-30cc-49ca-a512-acbf926d4428-6.job [2014-12-28 23:05:25 | 000,002,402 | ---- | M] () -- C:\Windows\tasks\03201907-30cc-49ca-a512-acbf926d4428-5.job [2014-12-28 23:05:24 | 000,002,402 | ---- | M] () -- C:\Windows\tasks\03201907-30cc-49ca-a512-acbf926d4428-5_user.job [2014-12-28 23:05:11 | 000,004,794 | ---- | M] () -- C:\Windows\tasks\03201907-30cc-49ca-a512-acbf926d4428-4.job [2014-12-28 23:05:07 | 000,005,138 | ---- | M] () -- C:\Windows\tasks\03201907-30cc-49ca-a512-acbf926d4428-7.job [2014-12-28 23:05:07 | 000,003,394 | ---- | M] () -- C:\Windows\tasks\03201907-30cc-49ca-a512-acbf926d4428-1.job [2014-12-28 23:05:07 | 000,002,066 | ---- | M] () -- C:\Windows\tasks\03201907-30cc-49ca-a512-acbf926d4428-2.job [2014-12-28 23:04:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2014-12-28 23:04:41 | 230,287,259 | ---- | M] () -- C:\Windows\MEMORY.DMP [2014-12-28 23:04:36 | 1550,766,080 | -HS- | M] () -- C:\hiberfil.sys [2014-12-27 13:34:23 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2014-12-26 16:46:34 | 000,701,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2014-12-26 16:46:34 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2014-12-26 16:05:22 | 000,000,874 | ---- | M] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job [2014-12-26 16:05:22 | 000,000,870 | ---- | M] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job [2014-12-26 15:39:33 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2014-12-26 15:39:33 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2014-12-26 15:39:26 | 000,411,240 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2014-12-26 13:00:12 | 000,000,977 | ---- | M] () -- C:\Users\Aga\Desktop\Odkurzacz.lnk [2014-12-26 12:51:56 | 000,001,065 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2014-12-26 12:26:39 | 000,002,135 | ---- | M] () -- C:\Users\Aga\Desktop\Google Chrome.lnk [2014-12-26 12:20:07 | 000,000,925 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2014-12-25 21:36:58 | 000,043,160 | ---- | M] (StdLib) -- C:\Windows\System32\drivers\{f17a6425-9752-4042-9063-36eef24d8b77}Gw.sys [2014-12-23 19:25:48 | 000,043,144 | ---- | M] (StdLib) -- C:\Windows\System32\drivers\{97daceee-c4d3-4ae1-975b-b77d85ce2d13}Gw.sys [2014-12-21 01:23:42 | 000,043,144 | ---- | M] (StdLib) -- C:\Windows\System32\drivers\{8aefbcaf-640f-4dca-9a92-ed05ee387238}Gw.sys [2014-12-19 15:33:22 | 000,000,472 | RHS- | M] () -- C:\ProgramData\ntuser.pol [2014-12-17 18:26:04 | 000,043,144 | ---- | M] (StdLib) -- C:\Windows\System32\drivers\{993baf86-643c-42e9-95e5-094f337533f0}Gw.sys [2014-12-17 16:06:45 | 000,000,997 | ---- | M] () -- C:\Users\Public\Desktop\Mobile Partner.lnk [2014-12-17 05:24:32 | 000,043,144 | ---- | M] (StdLib) -- C:\Windows\System32\drivers\{47a3b56f-80e6-4ea5-8093-7656ffd5c11a}Gw.sys [2014-12-13 04:33:44 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2014-12-08 18:27:48 | 001,037,896 | ---- | M] (Mindspark) -- C:\Program Files\65Uninstall FromDocToPDF.dll [2014-12-08 18:27:48 | 000,196,480 | ---- | M] (Mindspark) -- C:\Program Files\65res.dll [2014-12-06 07:16:22 | 000,001,148 | ---- | M] () -- C:\Windows\System32\--regulamin-przyznawania-jednorazowych-srodkow-na-podjecie-dzialalnosci-gospodarczej-w-tym-na-zasadach-okreslonych-dla-spoldzielni-socjalnych-przez-powiatowy-urzad-pracy-w-chrzanowie-obowiazujace-od-lip.lnk [2014-12-04 05:38:59 | 000,337,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\generaltel.dll [2014-12-04 05:38:45 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\invagent.dll [2014-12-04 05:38:40 | 000,315,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devinv.dll [2014-12-04 05:38:37 | 000,728,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\appraiser.dll [2014-12-04 05:38:36 | 000,202,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll [2014-12-04 05:38:36 | 000,159,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aepic.dll [2014-12-04 05:34:13 | 000,873,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll [2014-12-02 00:28:26 | 001,160,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aitstatic.exe [2014-11-30 15:40:26 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts [2014-11-29 12:53:14 | 000,114,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-11-29 12:36:47 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_juextctrl_01007.Wdf [2014-11-29 12:35:46 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf [color=#E56717]========== Files Created - No Company Name ==========[/color] [2014-12-28 23:04:41 | 230,287,259 | ---- | C] () -- C:\Windows\MEMORY.DMP [2014-12-26 15:53:55 | 000,002,402 | ---- | C] () -- C:\Windows\tasks\03201907-30cc-49ca-a512-acbf926d4428-5_user.job [2014-12-26 15:53:54 | 000,002,402 | ---- | C] () -- C:\Windows\tasks\03201907-30cc-49ca-a512-acbf926d4428-5.job [2014-12-26 15:53:43 | 000,002,066 | ---- | C] () -- C:\Windows\tasks\03201907-30cc-49ca-a512-acbf926d4428-2.job [2014-12-26 15:53:37 | 000,003,394 | ---- | C] () -- C:\Windows\tasks\03201907-30cc-49ca-a512-acbf926d4428-1.job [2014-12-26 15:53:20 | 000,004,794 | ---- | C] () -- C:\Windows\tasks\03201907-30cc-49ca-a512-acbf926d4428-4.job [2014-12-26 15:53:06 | 000,000,874 | ---- | C] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job [2014-12-26 15:53:05 | 000,005,474 | ---- | C] () -- C:\Windows\tasks\03201907-30cc-49ca-a512-acbf926d4428-6.job [2014-12-26 15:53:04 | 000,000,870 | ---- | C] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job [2014-12-26 15:53:02 | 000,005,138 | ---- | C] () -- C:\Windows\tasks\03201907-30cc-49ca-a512-acbf926d4428-7.job [2014-12-26 15:39:06 | 000,411,240 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2014-12-26 13:00:12 | 000,000,977 | ---- | C] () -- C:\Users\Aga\Desktop\Odkurzacz.lnk [2014-12-26 12:51:56 | 000,001,077 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2014-12-26 12:51:56 | 000,001,065 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2014-12-26 12:20:07 | 000,000,925 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2014-12-19 15:33:21 | 000,000,472 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2014-12-17 16:06:45 | 000,000,997 | ---- | C] () -- C:\Users\Public\Desktop\Mobile Partner.lnk [2014-12-06 07:05:03 | 000,001,148 | ---- | C] () -- C:\Windows\System32\--regulamin-przyznawania-jednorazowych-srodkow-na-podjecie-dzialalnosci-gospodarczej-w-tym-na-zasadach-okreslonych-dla-spoldzielni-socjalnych-przez-powiatowy-urzad-pracy-w-chrzanowie-obowiazujace-od-lip.lnk [2014-11-30 15:17:26 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2014-11-30 15:17:26 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2014-11-30 15:17:26 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2014-11-30 15:17:26 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2014-11-30 15:17:26 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2014-11-29 12:36:47 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_juextctrl_01007.Wdf [2014-11-29 12:35:46 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf [2014-05-17 19:27:05 | 000,308,624 | ---- | C] () -- C:\Windows\System32\brcmbsp.dll [2014-05-17 19:27:05 | 000,208,304 | ---- | C] () -- C:\Windows\System32\bipbsp.dll [2014-05-17 09:01:54 | 000,743,280 | ---- | C] () -- C:\Windows\System32\perfh015.dat [2014-05-17 09:01:54 | 000,337,158 | ---- | C] () -- C:\Windows\System32\perfi015.dat [2014-05-17 09:01:54 | 000,156,730 | ---- | C] () -- C:\Windows\System32\perfc015.dat [2014-05-17 09:01:54 | 000,038,710 | ---- | C] () -- C:\Windows\System32\perfd015.dat [2014-05-17 07:53:53 | 002,055,624 | ---- | C] () -- C:\Windows\System32\nvwmi.exe [color=#E56717]========== ZeroAccess Check ==========[/color] [2009-07-14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2014-06-25 02:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 22:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2014-12-26 15:57:03 | 000,000,000 | ---D | M] -- C:\Users\Aga\AppData\Roaming\BRT [2014-08-10 09:46:26 | 000,000,000 | ---D | M] -- C:\Users\Aga\AppData\Roaming\com.rovio.AngryBirdsBreakfast1 [2014-05-18 11:34:20 | 000,000,000 | ---D | M] -- C:\Users\Aga\AppData\Roaming\com.rovio.AngryBirdsBreakfast2 [2014-12-26 13:06:12 | 000,000,000 | ---D | M] -- C:\Users\Aga\AppData\Roaming\MPC-HC [2014-12-26 12:35:51 | 000,000,000 | ---D | M] -- C:\Users\Aga\AppData\Roaming\Opera Software [2014-12-08 18:33:35 | 000,000,000 | ---D | M] -- C:\Users\Aga\AppData\Roaming\RHEng [2014-06-15 12:22:53 | 000,000,000 | ---D | M] -- C:\Users\Aga\AppData\Roaming\Unity [2014-12-23 18:23:00 | 000,000,000 | ---D | M] -- C:\Users\Aga\AppData\Roaming\uTorrent [2014-05-17 19:19:14 | 000,000,000 | ---D | M] -- C:\Users\Aga\AppData\Roaming\WirelessManager [2014-05-18 20:20:32 | 000,000,000 | ---D | M] -- C:\Users\Aga\AppData\Roaming\WMCore [color=#E56717]========== Purity Check ==========[/color] < End of report >

Kod: Zaznacz wszystko: OTL Extras logfile created on: 2014-12-28 23:06:27 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Aga\Downloads Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.17501) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1,93 Gb Total Physical Memory | 1,12 Gb Available Physical Memory | 58,21% Memory free 3,85 Gb Paging File | 3,01 Gb Available in Paging File | 78,10% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 97,56 Gb Total Space | 75,69 Gb Free Space | 77,58% Space Free | Partition Type: NTFS Drive D: | 135,23 Gb Total Space | 122,84 Gb Free Space | 90,84% Space Free | Partition Type: NTFS Drive E: | 4,22 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Drive F: | 53,85 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: DELL6400 | User Name: Aga | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = OperaStable] -- Reg Error: Key error. File not found [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) https [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{029EA85D-D470-4C61-9384-5056E042A8E3}" = rport=137 | protocol=17 | dir=out | app=system | "{0DA5C548-AEC1-4625-90FD-AFA28E01987D}" = lport=2869 | protocol=6 | dir=in | app=system | "{123EDDD9-78EF-4EC9-A37F-6BCA1886904D}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{128F5780-9AB0-4F3A-8DA0-3CCCBFB56BF5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{18190B03-FC4A-4074-98F9-FD3665AE3D92}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{1B96CECE-E359-48DC-BE14-2F2E92EA7D0D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{1C4C902B-80AF-4919-9953-E703857156FE}" = lport=137 | protocol=17 | dir=in | app=system | "{20802A33-21FA-4CD4-83A1-9DDE361BAAB5}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe | "{2BBED44A-1A94-4AF6-BB7E-478519FB9824}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{336DE1A8-5E23-4D30-AC57-D6646BDDD97F}" = lport=139 | protocol=6 | dir=in | app=system | "{3D4BE541-6D39-4FF2-9F1D-C23D9BA92BDF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{821C3476-2153-4E2E-B0F7-B51E0CF0D729}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | "{824A1CC7-1D27-4F4E-B40D-C26BC1D17AC6}" = rport=445 | protocol=6 | dir=out | app=system | "{853560BA-64F7-4653-AAEB-FAC8B743262B}" = rport=10243 | protocol=6 | dir=out | app=system | "{8A853E52-B1DF-4964-8551-5DFE6C3947B6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{A0E109B1-B6C7-467E-A139-2992C04CEF16}" = lport=10243 | protocol=6 | dir=in | app=system | "{B35E077D-26DE-4176-AB35-21E0D9F5E849}" = lport=445 | protocol=6 | dir=in | app=system | "{BA501B6A-B123-44B9-8293-9297785CF47B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{C920DEA6-49CD-40E3-8A76-F2E41EBA6598}" = lport=138 | protocol=17 | dir=in | app=system | "{D50410C4-1BCB-4999-A895-8661E555F656}" = rport=138 | protocol=17 | dir=out | app=system | "{D9DBED06-9397-4869-B74B-5A347BB3BCDC}" = rport=139 | protocol=6 | dir=out | app=system | "{DE9005C5-B85D-47D8-9835-0A5836395784}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{EF4CC6A0-AFEB-4F18-AE0F-9DD48960A3FF}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{130953F1-474F-4625-B20A-93F0D0C6B899}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{22A8C10B-00BE-4A76-98D6-13FA958D7FC1}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{260353C7-8A33-4A6E-9224-5D5ECE42509B}" = protocol=17 | dir=in | app=c:\program files\faster light\bin\fasterlight.brt.helper.exe | "{33FEAC52-1BFF-4784-BE95-A02B7E8365BA}" = protocol=6 | dir=in | app=c:\program files\faster light\bin\fasterlight.brt.helper.exe | "{3F991E28-C665-48F6-B40A-32A5D52E3A3C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{4771F219-4D1C-47AF-81DA-B799A65EDEF7}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{544A22A1-8844-43AB-985C-45F08E8EFDF8}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{594EFFAD-1A6F-4B15-BFAB-0DE1C44E9332}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{5EA3F1D0-7203-4837-B620-0B9E156D363B}" = protocol=17 | dir=in | app=c:\program files\faster light\bin\fasterlight.brt.helper.exe | "{76042FA1-3723-4F4F-A3B8-BBC642FB7BE1}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{81EB38C6-4CDB-4601-9766-82A7ECB80091}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{8A173752-8B71-4216-AD31-3F2283EF7CFE}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | "{96BAD21A-9EE0-4B07-AA70-00D147461EC4}" = protocol=6 | dir=out | app=system | "{A2B09BBF-D0D3-45E2-A4E3-0B341D13EF9C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{A304528F-B515-42DA-8F7B-A3DC2A08BA55}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{AFE42CF9-57A9-4385-8428-478A43420C3F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{B97D08EE-73AE-4C0C-A65F-B9069F44ECCA}" = protocol=6 | dir=in | app=c:\program files\faster light\bin\fasterlight.brt.helper.exe | "{B9D19A53-C3D9-4734-9E72-C3E8D5BCD09A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{BC908102-8C79-4555-AF81-261EBF5908F0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{C59263E3-6649-499B-A714-35315997DF8B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{C66714D7-513E-4B22-8F93-C6A9229B8E0B}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet ink adv 2060 k110\bin\usbsetup.exe | "{CDCB6C59-655D-4525-8464-A9F3456EC4D2}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | "{D516B808-BD64-428D-8FAD-57C9389559EC}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{DD3161EA-9ACC-474D-AD9D-368A557E3BBE}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet ink adv 2060 k110\bin\usbsetup.exe | "{E0F5475C-2882-4D29-99D0-AC24C50E3D3A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{E1A0ED09-6115-4CD6-B609-6C5BE70AA1E8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{E375C45B-36B4-49CC-99DD-C71B46189189}" = dir=in | app=c:\program files\skype\phone\skype.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{107F27B7-8EE4-4B3A-9CE5-497B120369DC}" = Microsoft Security Client "{23EEC842-57ED-4055-A056-9D4185DFB1AA}" = Dell Mobile Broadband Manager "{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.0 "{261A4762-744B-4C71-81D2-57FA5038DC7B}" = HP Deskjet Ink Adv 2060 K110 Pomoc "{26A24AE4-039D-4CA4-87B4-2F83217055FF}" = Java 7 Update 65 "{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{5AF4F4C5-C71C-418F-B0B1-3903A345BD71}" = Ambient Light Sensor "{74307B42-C023-46C8-B9F8-1BDD3A043973}" = Intel(R) Chipset Device Software "{7C551168-C398-47B6-AD42-93BE2E36DD37}" = HP Deskjet Ink Adv 2060 K110 Badanie ulepszeń produktu "{85A2C545-B193-4053-8F3E-BB1527A73676}" = Dell Wireless HSPA Mini-Card Drivers "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = 2007 Microsoft Office Suite Service Pack 3 (SP3) "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = 2007 Microsoft Office Suite Service Pack 3 (SP3) "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = 2007 Microsoft Office Suite Service Pack 3 (SP3) "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = 2007 Microsoft Office Suite Service Pack 3 (SP3) "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = 2007 Microsoft Office Suite Service Pack 3 (SP3) "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = 2007 Microsoft Office Suite Service Pack 3 (SP3) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = 2007 Microsoft Office Suite Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = 2007 Microsoft Office Suite Service Pack 3 (SP3) "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{9CC96D78-9E1D-46E0-AF4D-3EB440CD4619}" = 2007 Microsoft Office Suite Service Pack 3 (SP3) "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = 2007 Microsoft Office Suite Service Pack 3 (SP3) "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = 2007 Microsoft Office Suite Service Pack 3 (SP3) "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = 2007 Microsoft Office Suite Service Pack 3 (SP3) "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = 2007 Microsoft Office Suite Service Pack 3 (SP3) "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = 2007 Microsoft Office Suite Service Pack 3 (SP3) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AA22FE8A-5247-4051-BF25-E86BA687C0D9}" = HP Deskjet Ink Adv 2060 K110 Podstawowe oprogramowanie urządzenia "{AC76BA86-7AD7-1045-7B44-AB0000000001}" = Adobe Reader XI (11.0.10) - Polish "{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 333.11 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 333.11 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 333.11 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 141.13 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI" = NVIDIA WMI 2.16.0 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B75554EF-1A58-4476-8532-853F159AB263}" = Dell ControlVault Host Components Installer "{C83B8B35-C2C4-3302-9A6E-C2AF1A59E8D6}" = Microsoft .NET Framework 4.5.1 (PLK) "{e48a2f61-851a-4155-82f9-af1b04db8c3b}" = Oprogramowanie mikroukładu Intel® "{FD42EE05-18F9-459F-935D-770E75B3BEE5}" = Intel(R) Network Connections 19.1.51.0 "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Adobe Flash Player ActiveX" = Adobe Flash Player 15 ActiveX "Adobe Flash Player NPAPI" = Adobe Flash Player 16 NPAPI "Adobe Flash Player Pepper" = Adobe Flash Player 15 Pepper "CCleaner" = CCleaner "ENTERPRISE" = Microsoft Office Enterprise 2007 "HECI" = Intel(R) Management Engine Interface "HP Photo Creations" = HP Photo Creations "Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 2.0.3.1025 "MESOL" = Intel® Active Management Technology "Microsoft Security Client" = Microsoft Security Essentials "Mobile Partner" = Mobile Partner "Mozilla Firefox 34.0.5 (x86 pl)" = Mozilla Firefox 34.0.5 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "Odkurzacz 13.5_is1" = Odkurzacz "PROSetDX" = Intel(R) Network Connections 19.1.51.0 "Unlocker" = Unlocker 1.9.2 [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2014-12-28 04:23:15 | Computer Name = Dell6400 | Source = VSS | ID = 8193 Description = Error - 2014-12-28 05:21:09 | Computer Name = Dell6400 | Source = WinMgmt | ID = 10 Description = Error - 2014-12-28 06:30:46 | Computer Name = Dell6400 | Source = VSS | ID = 13 Description = Error - 2014-12-28 06:30:46 | Computer Name = Dell6400 | Source = VSS | ID = 8193 Description = Error - 2014-12-28 06:30:46 | Computer Name = Dell6400 | Source = VSS | ID = 13 Description = Error - 2014-12-28 06:30:46 | Computer Name = Dell6400 | Source = VSS | ID = 8193 Description = Error - 2014-12-28 06:30:47 | Computer Name = Dell6400 | Source = VSS | ID = 13 Description = Error - 2014-12-28 06:30:47 | Computer Name = Dell6400 | Source = VSS | ID = 8193 Description = Error - 2014-12-28 15:56:10 | Computer Name = Dell6400 | Source = WinMgmt | ID = 10 Description = Error - 2014-12-28 18:05:27 | Computer Name = Dell6400 | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 2014-12-27 02:57:42 | Computer Name = Dell6400 | Source = BTHUSB | ID = 327697 Description = W lokalnym adapterze Bluetooth wystąpił nieokreślony błąd. Adapter nie będzie używany. Sterownik został usunięty z pamięci. Error - 2014-12-27 08:34:13 | Computer Name = Dell6400 | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 08:28:08 na ?2014-?12-?27 było nieoczekiwane. Error - 2014-12-27 11:06:38 | Computer Name = Dell6400 | Source = BTHUSB | ID = 327697 Description = W lokalnym adapterze Bluetooth wystąpił nieokreślony błąd. Adapter nie będzie używany. Sterownik został usunięty z pamięci. Error - 2014-12-27 14:57:20 | Computer Name = Dell6400 | Source = BTHUSB | ID = 327697 Description = W lokalnym adapterze Bluetooth wystąpił nieokreślony błąd. Adapter nie będzie używany. Sterownik został usunięty z pamięci. Error - 2014-12-28 02:48:54 | Computer Name = Dell6400 | Source = BTHUSB | ID = 327697 Description = W lokalnym adapterze Bluetooth wystąpił nieokreślony błąd. Adapter nie będzie używany. Sterownik został usunięty z pamięci. Error - 2014-12-28 05:20:38 | Computer Name = Dell6400 | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 10:17:55 na ?2014-?12-?28 było nieoczekiwane. Error - 2014-12-28 11:54:22 | Computer Name = Dell6400 | Source = BTHUSB | ID = 327697 Description = W lokalnym adapterze Bluetooth wystąpił nieokreślony błąd. Adapter nie będzie używany. Sterownik został usunięty z pamięci. Error - 2014-12-28 15:55:36 | Computer Name = Dell6400 | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 18:24:32 na ?2014-?12-?28 było nieoczekiwane. Error - 2014-12-28 18:04:52 | Computer Name = Dell6400 | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 23:03:17 na ?2014-?12-?28 było nieoczekiwane. Error - 2014-12-28 18:05:03 | Computer Name = Dell6400 | Source = BugCheck | ID = 1001 Description = < End of report >

**Posty:** 4765 · przez **ordynat** 30 Gru 2014, 13:14

1) Użyj Adw-Cleaner http://www.programosy.pl/program,adwcleaner.html
najpierw kliknij na SZUKAJ, a dopiero po zakończeniu skanowania, gdy uaktywni się przycisk USUŃ, to kliknij na niego.
Daj z tego raport C:\AdwCleaner\AdwCleaner[S].txt.

2) Uruchom OTL i w oknie Własne opcje skanowania/Skrypt wklej to:

:OTL
[2014-12-26 15:53:55 | 000,002,402 | ---- | C] () -- C:\Windows\tasks\03201907-30cc-49ca-a512-acbf926d4428-5_user.job
[2014-12-26 15:53:54 | 000,002,402 | ---- | C] () -- C:\Windows\tasks\03201907-30cc-49ca-a512-acbf926d4428-5.job
[2014-12-26 15:53:43 | 000,002,066 | ---- | C] () -- C:\Windows\tasks\03201907-30cc-49ca-a512-acbf926d4428-2.job
[2014-12-26 15:53:37 | 000,003,394 | ---- | C] () -- C:\Windows\tasks\03201907-30cc-49ca-a512-acbf926d4428-1.job
[2014-12-26 15:53:20 | 000,004,794 | ---- | C] () -- C:\Windows\tasks\03201907-30cc-49ca-a512-acbf926d4428-4.job
[2014-12-26 15:53:06 | 000,000,874 | ---- | C] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job
[2014-12-26 15:53:05 | 000,005,474 | ---- | C] () -- C:\Windows\tasks\03201907-30cc-49ca-a512-acbf926d4428-6.job
[2014-12-26 15:53:04 | 000,000,870 | ---- | C] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job
[2014-12-26 15:53:02 | 000,005,138 | ---- | C] () -- C:\Windows\tasks\03201907-30cc-49ca-a512-acbf926d4428-7.job
[2014-12-25 21:36:58 | 000,043,160 | ---- | M] (StdLib) -- C:\Windows\System32\drivers\{f17a6425-9752-4042-9063-36eef24d8b77}Gw.sys
[2014-12-23 19:25:48 | 000,043,144 | ---- | M] (StdLib) -- C:\Windows\System32\drivers\{97daceee-c4d3-4ae1-975b-b77d85ce2d13}Gw.sys
[2014-12-21 01:23:42 | 000,043,144 | ---- | M] (StdLib) -- C:\Windows\System32\drivers\{8aefbcaf-640f-4dca-9a92-ed05ee387238}Gw.sys
[2014-12-17 18:26:04 | 000,043,144 | ---- | M] (StdLib) -- C:\Windows\System32\drivers\{993baf86-643c-42e9-95e5-094f337533f0}Gw.sys
[2014-12-17 05:24:32 | 000,043,144 | ---- | M] (StdLib) -- C:\Windows\System32\drivers\{47a3b56f-80e6-4ea5-8093-7656ffd5c11a}Gw.sys
[2014-12-13 09:20:29 | 000,000,000 | ---D | C] -- C:\ProgramData\3404536544500703848
[2014-12-23 18:24:39 | 000,000,000 | ---D | C] -- C:\Program Files\SShiooppEuRMaustero
[2014-12-23 18:23:58 | 000,000,000 | ---D | C] -- C:\ProgramData\1790955706
[2014-12-22 19:59:21 | 000,000,000 | ---D | C] -- C:\ProgramData\SShiooppEuRMaustero
[2014-12-22 15:59:02 | 000,000,000 | ---D | C] -- C:\ProgramData\CCllickFForSalae
[2014-12-22 15:58:16 | 000,000,000 | ---D | C] -- C:\ProgramData\2f3f57f2ffcce268
[2014-12-23 18:26:53 | 000,000,000 | ---D | C] -- C:\Program Files\CCllickFForSalae
[2014-12-26 12:19:19 | 000,000,000 | ---D | C] -- C:\ProgramData\IePluginServices
[2014-12-26 12:19:01 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsMangerProtect
[2014-12-26 15:56:42 | 000,043,160 | ---- | C] (StdLib) -- C:\Windows\System32\drivers\{f17a6425-9752-4042-9063-36eef24d8b77}Gw.sys
[2014-12-26 15:53:01 | 000,000,000 | ---D | C] -- C:\Users\Aga\AppData\Local\globalUpdate
[2014-12-26 15:53:01 | 000,000,000 | ---D | C] -- C:\Program Files\globalUpdate
[2014-12-26 15:53:01 | 000,000,000 | ---D | C] -- C:\Program Files\d066fa9e-6777-40dd-88f9-026f1b29484c
O2 - BHO: (App Lid) - {11111111-1111-1111-1111-110611571143} - C:\Program Files\App Lid\App Lid-bho.dll (Lid)
[2014-12-26 15:52:58 | 000,000,000 | ---D | C] -- C:\Program Files\App Lid
[2014-12-26 15:53:32 | 000,000,000 | ---D | M] ("App Lid") -- C:\Users\Aga\AppData\Roaming\mozilla\Firefox\Profiles\d254qke1.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com
[2014-12-26 15:53:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Aga\AppData\Roaming\mozilla\Firefox\Profiles\d254qke1.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData
[2014-12-26 15:53:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Aga\AppData\Roaming\mozilla\Firefox\Profiles\d254qke1.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\plugins
[2014-12-26 15:53:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Aga\AppData\Roaming\mozilla\Firefox\Profiles\d254qke1.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\userCode
FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10: C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4: C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
IE - HKCU\..\SearchScopes\{9a216821-0ec5-49a3-85ac-fb72ae79a1e8}: "URL" = http://search.tb.ask.com/search/GGmain.jhtml?p2=^Y6^man000^YYA^&ptb=867638A5-C98E-4F17-8768-3E92B04BAD5A&ind=2014120812&n=780d0b6c&psa=&st=sb&searchfor={searchTerms}
IE - HKCU\..\SearchScopes\{009263DB-41A6-409B-A166-82058F9D7C47}: "URL" = http://www.search.ask.com/web?tpid=BTR-SP&o=APN11584&pf=V7&p2=^BJ2^YYYYYY^YY^PL&gct=&itbv=12.17.1.2468&apn_uid=84FE5A49-8361-4AA7-B2F0-ECFBEAE9C284&apn_ptnrs=^BJ2&apn_dtid=^YYYYYY^YY^PL&apn_dbr=ie_11.0.9600.17420&doi=2014-12-08&trgb=IE&q={searchTerms}&psv=&pt=crx
IE - HKLM\..\SearchScopes\{9a216821-0ec5-49a3-85ac-fb72ae79a1e8}: "URL" = http://search.tb.ask.com/search/GGmain.jhtml?p2=^Y6^man000^YYA^&ptb=867638A5-C98E-4F17-8768-3E92B04BAD5A&ind=2014120812&n=780d0b6c&psa=&st=sb&searchfor={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1419592681&from=cor&uid=ST9250410ASG_5VG3RJAEXXXX5VG3RJAE&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=ds&ts=1419592681&from=cor&uid=ST9250410ASG_5VG3RJAEXXXX5VG3RJAE&q={searchTerms}
DRV - [2014-12-25 21:36:58 | 000,043,160 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\System32\drivers\{f17a6425-9752-4042-9063-36eef24d8b77}Gw.sys -- ({f17a6425-9752-4042-9063-36eef24d8b77}Gw)
DRV - [2014-12-23 19:25:48 | 000,043,144 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\System32\drivers\{97daceee-c4d3-4ae1-975b-b77d85ce2d13}Gw.sys -- ({97daceee-c4d3-4ae1-975b-b77d85ce2d13}Gw)
DRV - [2014-12-21 01:23:42 | 000,043,144 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\System32\drivers\{8aefbcaf-640f-4dca-9a92-ed05ee387238}Gw.sys -- ({8aefbcaf-640f-4dca-9a92-ed05ee387238}Gw)
DRV - [2014-12-17 18:26:04 | 000,043,144 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\System32\drivers\{993baf86-643c-42e9-95e5-094f337533f0}Gw.sys -- ({993baf86-643c-42e9-95e5-094f337533f0}Gw)
DRV - [2014-12-17 05:24:32 | 000,043,144 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\System32\drivers\{47a3b56f-80e6-4ea5-8093-7656ffd5c11a}Gw.sys -- ({47a3b56f-80e6-4ea5-8093-7656ffd5c11a}Gw)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1578726F-04DC-4A4F-9902-A11BEE924E26}\MpKsld12883e9.sys -- (MpKsld12883e9)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1578726F-04DC-4A4F-9902-A11BEE924E26}\MpKsl83abf70d.sys -- (MpKsl83abf70d)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbnet.sys -- (ewusbnet)
SRV - [2014-12-26 15:53:00 | 000,068,608 | ---- | M] (globalUpdate) [On_Demand | Stopped] -- C:\Program Files\globalUpdate\Update\GoogleUpdate.exe -- (globalUpdatem)
SRV - [2014-12-26 15:53:00 | 000,068,608 | ---- | M] (globalUpdate) [On_Demand | Stopped] -- C:\Program Files\globalUpdate\Update\GoogleUpdate.exe -- (globalUpdate)
SRV - [2014-12-26 12:19:15 | 000,715,656 | ---- | M] (Cherished Technololgy LIMITED) [Auto | Running] -- C:\ProgramData\IePluginServices\PluginService.exe -- (IePluginServices)
SRV - [2014-12-26 12:19:00 | 000,485,888 | ---- | M] (Fuyu LIMITED) [Auto | Running] -- C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -- (WindowsMangerProtect)

:Files
C:\Users\Aga\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnacehkknmafkjgkikclamogikoiaaa

:Reg
[-HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes]
[-HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes]
[-HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes]
[-HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes]

:Commands
[emptytemp]

Kliknij w Wykonaj Skrypt. Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie.
Następnie uruchom OTL ponownie, tym razem kliknij Skanuj.
Pokaż nowy log OTL.txt oraz raport z usuwania Skryptem.

===========================================================

Error - 2014-12-28 18:05:27 | Computer Name = Dell6400 | Source = WinMgmt | ID = 10
Description =

Aby automatycznie rozwiązać ten problem, kliknij > Fix.it. na stronie http://support2.microsoft.com/kb/2545227/en-us
Następnie kliknij przycisk Uruchom w oknie dialogowym Pobieranie pliku i wykonaj kroki w kreatorze Fix.it.
(Link zapasowy > http://www.mediafire.com/download/6hwcm6b77098cbb/MicrosoftFixit50688.msi )
.

Autor postu otrzymał pochwałę

**Posty:** 653 · przez **holi12** 30 Gru 2014, 19:12

Kod: Zaznacz wszystko: # AdwCleaner v4.106 - Log utworzony 30/12/2014 o 12:27:59 # Aktualizacja 21/12/2014 przez Xplode # Database : 2014-12-28.1 [Live] # System operacyjny : Windows 7 Professional Service Pack 1 (32 bits) # Użytkownik : Aga - DELL6400 # Ścieżka : C:\Users\Aga\Downloads\AdwCleaner.exe # Opcja : Usuń ***** [ Usługi ] ***** [#] Usługa Usunięto : globalUpdate [#] Usługa Usunięto : globalUpdatem Usługa Usunięto : IePluginServices Usługa Usunięto : WindowsMangerProtect Usługa Usunięto : {47a3b56f-80e6-4ea5-8093-7656ffd5c11a}Gw Usługa Usunięto : {8aefbcaf-640f-4dca-9a92-ed05ee387238}Gw Usługa Usunięto : {97daceee-c4d3-4ae1-975b-b77d85ce2d13}Gw Usługa Usunięto : {993baf86-643c-42e9-95e5-094f337533f0}Gw Usługa Usunięto : {f17a6425-9752-4042-9063-36eef24d8b77}Gw ***** [ Pliki / Foldery ] ***** Folder Usunięto : C:\ProgramData\apn Folder Usunięto : C:\ProgramData\IePluginServices Folder Usunięto : C:\ProgramData\WindowsMangerProtect Folder Usunięto : C:\ProgramData\CCllickFForSalae Folder Usunięto : C:\ProgramData\SShiooppEuRMaustero Folder Usunięto : C:\ProgramData\2f3f57f2ffcce268 Folder Usunięto : C:\ProgramData\3404536544500703848 Folder Usunięto : C:\Program Files\globalUpdate Folder Usunięto : C:\Program Files\App Lid Folder Usunięto : C:\Program Files\CCllickFForSalae Folder Usunięto : C:\Program Files\SShiooppEuRMaustero Folder Usunięto : C:\Users\Aga\AppData\Local\Temp\Faster Light Folder Usunięto : C:\Users\Aga\AppData\Local\globalUpdate Folder Usunięto : C:\Users\Aga\AppData\Local\iac Folder Usunięto : C:\Users\Aga\AppData\Roaming\RHEng Folder Usunięto : C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\d254qke1.default\Extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com Folder Usunięto : C:\Users\Aga\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdblcahgpgoandbbidibfjnlfkmpccaf Folder Usunięto : C:\Users\Aga\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Plik Usunięto : C:\Windows\system32\drivers\{47a3b56f-80e6-4ea5-8093-7656ffd5c11a}Gw.sys Plik Usunięto : C:\Windows\system32\drivers\{8aefbcaf-640f-4dca-9a92-ed05ee387238}Gw.sys Plik Usunięto : C:\Windows\system32\drivers\{97daceee-c4d3-4ae1-975b-b77d85ce2d13}Gw.sys Plik Usunięto : C:\Windows\system32\drivers\{993baf86-643c-42e9-95e5-094f337533f0}Gw.sys Plik Usunięto : C:\Windows\system32\drivers\{f17a6425-9752-4042-9063-36eef24d8b77}Gw.sys Plik Usunięto : C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\d254qke1.default\user.js ***** [ Zadania ] ***** Zadanie Usunięto : globalUpdateUpdateTaskMachineCore Zadanie Usunięto : globalUpdateUpdateTaskMachineUA Zadanie Usunięto : 03201907-30cc-49ca-a512-acbf926d4428-1 Zadanie Usunięto : 03201907-30cc-49ca-a512-acbf926d4428-2 Zadanie Usunięto : 03201907-30cc-49ca-a512-acbf926d4428-4 Zadanie Usunięto : 03201907-30cc-49ca-a512-acbf926d4428-5 Zadanie Usunięto : 03201907-30cc-49ca-a512-acbf926d4428-5_user Zadanie Usunięto : 03201907-30cc-49ca-a512-acbf926d4428-6 Zadanie Usunięto : 03201907-30cc-49ca-a512-acbf926d4428-7 ***** [ Skróty ] ***** ***** [ Rejestr ] ***** Klucz Usunięto : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Klucz Usunięto : HKLM\SOFTWARE\Classes\FromDocToPDF_65.ToolbarProtector Klucz Usunięto : HKLM\SOFTWARE\Classes\FromDocToPDF_65.ToolbarProtector.1 Klucz Usunięto : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10 Klucz Usunięto : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine Klucz Usunięto : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0 Klucz Usunięto : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4 Klucz Usunięto : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync Klucz Usunięto : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0 Klucz Usunięto : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass Klucz Usunięto : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1 Klucz Usunięto : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass Klucz Usunięto : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1 Klucz Usunięto : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine Klucz Usunięto : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0 Klucz Usunięto : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine Klucz Usunięto : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0 Klucz Usunięto : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback Klucz Usunięto : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0 Klucz Usunięto : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc Klucz Usunięto : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0 Klucz Usunięto : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher Klucz Usunięto : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0 Klucz Usunięto : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService Klucz Usunięto : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0 Klucz Usunięto : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine Klucz Usunięto : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0 Klucz Usunięto : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback Klucz Usunięto : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0 Klucz Usunięto : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc Klucz Usunięto : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0 Klucz Usunięto : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10 Klucz Usunięto : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4 Klucz Usunięto : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices Klucz Usunięto : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492} Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52} Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB} Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492} Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978} Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298} Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52} Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52} Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1} Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30} Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7} Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61} Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87} Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5} Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474} Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A} Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC} Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F} Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A} Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C} Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78} Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611571143} Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622572243} Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB} Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC} Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5} Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655575543} Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666576643} Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{4D8AEB1D-4ED4-44AC-A039-4775B2575DB0} Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66} Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755} Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644574443} Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611571143} Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC7E25D7-4681-46A3-AF5A-9A1B865783ED} Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BC7E25D7-4681-46A3-AF5A-9A1B865783ED} Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298} Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A} Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{36B445BF-1B84-466A-A623-A360A8CFF8C3} Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298} Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1} Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A} Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8545d7fe-a845-4b60-923d-7c857bee29b2} Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{882b1dc2-1326-4047-a6ef-85580a9d48f3} Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8b7ba47f-75e4-4a46-b62a-44cae601fa26} Klucz Usunięto : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{009263DB-41A6-409B-A166-82058F9D7C47} Klucz Usunięto : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9a216821-0ec5-49a3-85ac-fb72ae79a1e8} Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9a216821-0ec5-49a3-85ac-fb72ae79a1e8} Klucz Usunięto : HKCU\Software\FromDocToPDF_65 Klucz Usunięto : HKCU\Software\GlobalUpdate Klucz Usunięto : HKCU\Software\InstallCore Klucz Usunięto : HKCU\Software\InstalledBrowserExtensions Klucz Usunięto : HKCU\Software\Optimizer Pro Klucz Usunięto : HKCU\Software\SupHpUISoft Klucz Usunięto : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F} Klucz Usunięto : HKCU\Software\AppDataLow\Software\Crossrider Klucz Usunięto : HKCU\Software\AppDataLow\Software\FromDocToPDF_65 Klucz Usunięto : HKCU\Software\AppDataLow\Software\App Lid Klucz Usunięto : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0} Klucz Usunięto : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C} Klucz Usunięto : HKLM\SOFTWARE\FromDocToPDF_65 Klucz Usunięto : HKLM\SOFTWARE\GlobalUpdate Klucz Usunięto : HKLM\SOFTWARE\InstalledBrowserExtensions Klucz Usunięto : HKLM\SOFTWARE\omiga-plusSoftware Klucz Usunięto : HKLM\SOFTWARE\SupTab Klucz Usunięto : HKLM\SOFTWARE\supWindowsMangerProtect Klucz Usunięto : HKLM\SOFTWARE\supWPM Klucz Usunięto : HKLM\SOFTWARE\App Lid Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{35E0D123-1F22-9AE6-F973-B7ECA46E8BFE} ***** [ Przeglądarki internetowe ] ***** -\\ Internet Explorer v11.0.9600.17496 Ustawienie Przywrócono : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] Ustawienie Przywrócono : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] -\\ Mozilla Firefox v34.0.5 (x86 pl) [d254qke1.default\prefs.js] - Wpis usunięty : user_pref("extensions.ad9676068985d4d81bb390a7be93ab3c8e144f694a0509d5com65743.65743.internaldb.Resources_meta.value", "%7B%2219x19.png%22%3A%7B%22id%22%3A853130%2C%22ver%22%3A1%2C%22status%22%3A1%2C%[...] [d254qke1.default\prefs.js] - Wpis usunięty : user_pref("extensions.ad9676068985d4d81bb390a7be93ab3c8e144f694a0509d5com65743.65743.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D[...] [d254qke1.default\prefs.js] - Wpis usunięty : user_pref("extensions.crossrider.bic", "14a8718a0f0d3a49d50b3e10927ca77f"); -\\ Google Chrome v38.0.2125.111 [C:\Users\Aga\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Usunięto [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=PTF&o=15507&locale=en_US&apn_uid=02907e58-bfd6-4606-8c10-d13d6932be35&apn_ptnrs=%5ELJ&apn_sauid=5F96822F-A1EA-4F02-9576-F295E3303321&apn_dtid=%5EYYYYYY%5EYY%5EPL&q={searchTerms} [C:\Users\Aga\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Usunięto [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=PTF&o=15507&locale=en_US&apn_uid=02907e58-bfd6-4606-8c10-d13d6932be35&apn_ptnrs=%5ELJ&apn_sauid=5F96822F-A1EA-4F02-9576-F295E3303321&apn_dtid=%5EYYYYYY%5EYY%5EPL&q={searchTerms} [C:\Users\Aga\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Usunięto [Search Provider] : hxxp://isearch.avg.com/search?cid={0BFB92D0-1620-47FF-A3B8-DD58522075B1}&mid=71da0ba6329644df9d764077028cb097-ae273c6c87edc9865622ae2d9b831083c3e9cf40&lang=pl&ds=ik011&pr=&d=2013-01-07 21:51:24&v=13.2.0.4&sap=dsp&q={searchTerms} [C:\Users\Aga\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Usunięto [Search Provider] : hxxp://www.search.ask.com/web?tpid=ORJ-V7&o=APN10616&pf=&p2=%5EADN%5EOSJ000%5EYY%5EPL&gct=&itbv=12.0.1.100&apn_uid=62AEDC62-81E0-4742-BF13-921131E84165&apn_ptnrs=ADN&apn_dtid=%5EOSJ000%5EYY%5EPL&apn_dbr=ie_9.0.8112.16470&doi=2013-09-11&trgb=IE&q={searchTerms}&psv= [C:\Users\Aga\AppData\Local\Google\Chrome\User Data\Default\preferences] - Usunięto [Extension] : bdblcahgpgoandbbidibfjnlfkmpccaf ************************* AdwCleaner[R0].txt - [15285 octets] - [30/12/2014 12:20:41] AdwCleaner[S0].txt - [14448 octets] - [30/12/2014 12:27:59] ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [14509 octets] ##########

Kod: Zaznacz wszystko: All processes killed ========== OTL ========== File C:\Windows\tasks\03201907-30cc-49ca-a512-acbf926d4428-5_user.job not found. File C:\Windows\tasks\03201907-30cc-49ca-a512-acbf926d4428-5.job not found. File C:\Windows\tasks\03201907-30cc-49ca-a512-acbf926d4428-2.job not found. File C:\Windows\tasks\03201907-30cc-49ca-a512-acbf926d4428-1.job not found. File C:\Windows\tasks\03201907-30cc-49ca-a512-acbf926d4428-4.job not found. File C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job not found. File C:\Windows\tasks\03201907-30cc-49ca-a512-acbf926d4428-6.job not found. File C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job not found. File C:\Windows\tasks\03201907-30cc-49ca-a512-acbf926d4428-7.job not found. File C:\Windows\System32\drivers\{f17a6425-9752-4042-9063-36eef24d8b77}Gw.sys not found. File C:\Windows\System32\drivers\{97daceee-c4d3-4ae1-975b-b77d85ce2d13}Gw.sys not found. File C:\Windows\System32\drivers\{8aefbcaf-640f-4dca-9a92-ed05ee387238}Gw.sys not found. File C:\Windows\System32\drivers\{993baf86-643c-42e9-95e5-094f337533f0}Gw.sys not found. File C:\Windows\System32\drivers\{47a3b56f-80e6-4ea5-8093-7656ffd5c11a}Gw.sys not found. Folder C:\ProgramData\3404536544500703848\ not found. Folder C:\Program Files\SShiooppEuRMaustero\ not found. C:\ProgramData\1790955706 folder moved successfully. Folder C:\ProgramData\SShiooppEuRMaustero\ not found. Folder C:\ProgramData\CCllickFForSalae\ not found. Folder C:\ProgramData\2f3f57f2ffcce268\ not found. Folder C:\Program Files\CCllickFForSalae\ not found. Folder C:\ProgramData\IePluginServices\ not found. Folder C:\ProgramData\WindowsMangerProtect\ not found. File C:\Windows\System32\drivers\{f17a6425-9752-4042-9063-36eef24d8b77}Gw.sys not found. Folder C:\Users\Aga\AppData\Local\globalUpdate\ not found. Folder C:\Program Files\globalUpdate\ not found. C:\Program Files\d066fa9e-6777-40dd-88f9-026f1b29484c folder moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611571143}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611571143}\ not found. File C:\Program Files\App Lid\App Lid-bho.dll not found. Folder C:\Program Files\App Lid\ not found. Folder C:\Users\Aga\AppData\Roaming\mozilla\Firefox\Profiles\d254qke1.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\ not found. Folder C:\Users\Aga\AppData\Roaming\mozilla\Firefox\Profiles\d254qke1.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\ not found. Folder C:\Users\Aga\AppData\Roaming\mozilla\Firefox\Profiles\d254qke1.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\plugins\ not found. Folder C:\Users\Aga\AppData\Roaming\mozilla\Firefox\Profiles\d254qke1.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\userCode\ not found. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10\ not found. File C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll not found. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4\ not found. File C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9a216821-0ec5-49a3-85ac-fb72ae79a1e8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9a216821-0ec5-49a3-85ac-fb72ae79a1e8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{009263DB-41A6-409B-A166-82058F9D7C47}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{009263DB-41A6-409B-A166-82058F9D7C47}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9a216821-0ec5-49a3-85ac-fb72ae79a1e8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9a216821-0ec5-49a3-85ac-fb72ae79a1e8}\ not found. HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully! HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully! Error: No service named {f17a6425-9752-4042-9063-36eef24d8b77}Gw was found to stop! Service\Driver key {f17a6425-9752-4042-9063-36eef24d8b77}Gw not found. File C:\Windows\System32\drivers\{f17a6425-9752-4042-9063-36eef24d8b77}Gw.sys not found. Error: No service named {97daceee-c4d3-4ae1-975b-b77d85ce2d13}Gw was found to stop! Service\Driver key {97daceee-c4d3-4ae1-975b-b77d85ce2d13}Gw not found. File C:\Windows\System32\drivers\{97daceee-c4d3-4ae1-975b-b77d85ce2d13}Gw.sys not found. Error: No service named {8aefbcaf-640f-4dca-9a92-ed05ee387238}Gw was found to stop! Service\Driver key {8aefbcaf-640f-4dca-9a92-ed05ee387238}Gw not found. File C:\Windows\System32\drivers\{8aefbcaf-640f-4dca-9a92-ed05ee387238}Gw.sys not found. Error: No service named {993baf86-643c-42e9-95e5-094f337533f0}Gw was found to stop! Service\Driver key {993baf86-643c-42e9-95e5-094f337533f0}Gw not found. File C:\Windows\System32\drivers\{993baf86-643c-42e9-95e5-094f337533f0}Gw.sys not found. Error: No service named {47a3b56f-80e6-4ea5-8093-7656ffd5c11a}Gw was found to stop! Service\Driver key {47a3b56f-80e6-4ea5-8093-7656ffd5c11a}Gw not found. File C:\Windows\System32\drivers\{47a3b56f-80e6-4ea5-8093-7656ffd5c11a}Gw.sys not found. Service MpKsld12883e9 stopped successfully! Service MpKsld12883e9 deleted successfully! File C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1578726F-04DC-4A4F-9902-A11BEE924E26}\MpKsld12883e9.sys not found. Service MpKsl83abf70d stopped successfully! Service MpKsl83abf70d deleted successfully! File C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1578726F-04DC-4A4F-9902-A11BEE924E26}\MpKsl83abf70d.sys not found. Service ewusbnet stopped successfully! Service ewusbnet deleted successfully! File system32\DRIVERS\ewusbnet.sys not found. Error: No service named globalUpdatem was found to stop! Service\Driver key globalUpdatem not found. File C:\Program Files\globalUpdate\Update\GoogleUpdate.exe not found. Error: No service named globalUpdate was found to stop! Service\Driver key globalUpdate not found. File C:\Program Files\globalUpdate\Update\GoogleUpdate.exe not found. Error: No service named IePluginServices was found to stop! Service\Driver key IePluginServices not found. File C:\ProgramData\IePluginServices\PluginService.exe not found. Error: No service named WindowsMangerProtect was found to stop! Service\Driver key WindowsMangerProtect not found. File C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe not found. ========== FILES ========== C:\Users\Aga\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnacehkknmafkjgkikclamogikoiaaa\1.1_0\images folder moved successfully. C:\Users\Aga\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnacehkknmafkjgkikclamogikoiaaa\1.1_0 folder moved successfully. C:\Users\Aga\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnacehkknmafkjgkikclamogikoiaaa folder moved successfully. ========== REGISTRY ========== Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\ deleted successfully. Registry key HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\ not found. Registry key HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\ deleted successfully. Registry key HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\ deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: Aga ->Temp folder emptied: 4683212 bytes ->Temporary Internet Files folder emptied: 4502604 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 369165445 bytes ->Google Chrome cache emptied: 0 bytes ->Flash cache emptied: 2491 bytes User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public ->Temp folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 4485210 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 365,00 mb OTL by OldTimer - Version 3.2.69.0 log created on 12302014_125331 Files\Folders moved on Reboot... PendingFileRenameOperations files... Registry entries deleted on Reboot...

**Posty:** 4765 · przez **ordynat** 30 Gru 2014, 19:36

Kończymy:
W Adw-Cleaner kliknij na przycisk Odinstaluj (UNINSTALL).
W OTL kliknij na przycisk Sprzątanie - to go usunie razem z jego Kwarantanną.

**Posty:** 653 · przez **holi12** 30 Gru 2014, 21:24

dziękuję

) duża różnica

)