• Ogłoszenie:

Samoczynne włączanie sie reklam w przeglądarce.

Bezpieczeństwo systemów, usuwanie wirusów, dobieranie programów antywirusowych. Obowiązkowe logi w tym dziale: trzy z FRST + Gmer.

Samoczynne włączanie sie reklam w przeglądarce.

Postprzez djbahama11 18 Lut 2014, 13:23

reklama
Witam

Od pewnego czasu samoczynne otwieraja sie okna z roznorakimi reklamami w przegladarce i jest to bardzo uciazliwe i denerwujace, posiadam firefoxsa i prosze o pomoc jak to dziadostwo usunac z góry wielkie dzieki.

pozdrawiam.
djbahama11
~user
 
Posty: 59
Dołączenie: 12 Paź 2013, 17:37



Samoczynne włączanie sie reklam w przeglądarce.

Postprzez MaTi 18 Lut 2014, 13:49

Potrzebne będą logi - > wszystko-o-logach-aktualizacja-30-01-2012-vt117887.html

Wcześniej możesz sam powalczyć programem http://www.programosy.pl/program,adwcleaner.html
Awatar użytkownika
MaTi
@admin
 
Posty: 3620
Dołączenie: 31 Paź 2003, 14:22
Miejscowość: Dąbrowa Górnicza
Pochwały: 206



Samoczynne włączanie sie reklam w przeglądarce.

Postprzez djbahama11 18 Lut 2014, 19:26

Kod: Zaznacz wszystko
GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2014-02-18 18:14:05
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-3 ST3500418AS rev.CC46 465,76GB
Running: z8ykn900.exe; Driver: C:\Users\UKASZ~1\AppData\Local\Temp\ugrdipoc.sys


---- User code sections - GMER 2.1 ----

.text    C:\Program Files (x86)\Internet Download Manager\IDMan.exe[2124] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess                                                                     00000000779dfcb0 5 bytes JMP 000000010033091c
.text    C:\Program Files (x86)\Internet Download Manager\IDMan.exe[2124] C:\Windows\SysWOW64\ntdll.dll!NtWriteVirtualMemory                                                                   00000000779dfe14 5 bytes JMP 0000000100330048
.text    C:\Program Files (x86)\Internet Download Manager\IDMan.exe[2124] C:\Windows\SysWOW64\ntdll.dll!NtOpenEvent                                                                            00000000779dfea8 5 bytes JMP 00000001003302ee
.text    C:\Program Files (x86)\Internet Download Manager\IDMan.exe[2124] C:\Windows\SysWOW64\ntdll.dll!NtCreateThread                                                                         00000000779e0004 5 bytes JMP 00000001003304b2
.text    C:\Program Files (x86)\Internet Download Manager\IDMan.exe[2124] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory                                                                 00000000779e0038 5 bytes JMP 00000001003309fe
.text    C:\Program Files (x86)\Internet Download Manager\IDMan.exe[2124] C:\Windows\SysWOW64\ntdll.dll!NtResumeThread                                                                         00000000779e0068 5 bytes JMP 0000000100330ae0
.text    C:\Program Files (x86)\Internet Download Manager\IDMan.exe[2124] C:\Windows\SysWOW64\ntdll.dll!NtTerminateThread                                                                      00000000779e0084 5 bytes JMP 0000000100020050
.text    C:\Program Files (x86)\Internet Download Manager\IDMan.exe[2124] C:\Windows\SysWOW64\ntdll.dll!NtCreateMutant                                                                         00000000779e079c 5 bytes JMP 000000010033012a
.text    C:\Program Files (x86)\Internet Download Manager\IDMan.exe[2124] C:\Windows\SysWOW64\ntdll.dll!NtCreateSymbolicLinkObject                                                             00000000779e088c 5 bytes JMP 0000000100330758
.text    C:\Program Files (x86)\Internet Download Manager\IDMan.exe[2124] C:\Windows\SysWOW64\ntdll.dll!NtCreateThreadEx                                                                       00000000779e08a4 5 bytes JMP 0000000100330676
.text    C:\Program Files (x86)\Internet Download Manager\IDMan.exe[2124] C:\Windows\SysWOW64\ntdll.dll!NtLoadDriver                                                                           00000000779e0df4 5 bytes JMP 00000001003303d0
.text    C:\Program Files (x86)\Internet Download Manager\IDMan.exe[2124] C:\Windows\SysWOW64\ntdll.dll!NtSetContextThread                                                                     00000000779e1920 5 bytes JMP 0000000100330594
.text    C:\Program Files (x86)\Internet Download Manager\IDMan.exe[2124] C:\Windows\SysWOW64\ntdll.dll!NtSetSystemInformation                                                                 00000000779e1be4 5 bytes JMP 000000010033083a
.text    C:\Program Files (x86)\Internet Download Manager\IDMan.exe[2124] C:\Windows\SysWOW64\ntdll.dll!NtSuspendThread                                                                        00000000779e1d70 5 bytes JMP 000000010033020c
.text    C:\Program Files (x86)\Internet Download Manager\IDMan.exe[2124] C:\Windows\SysWOW64\sechost.dll!SetServiceObjectSecurity + 206                                                       00000000766e524f 7 bytes JMP 0000000100330f52
.text    C:\Program Files (x86)\Internet Download Manager\IDMan.exe[2124] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfigA + 380                                                           00000000766e53d0 7 bytes JMP 0000000100340210
.text    C:\Program Files (x86)\Internet Download Manager\IDMan.exe[2124] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfig2W + 149                                                          00000000766e5677 1 byte JMP 0000000100340048
.text    C:\Program Files (x86)\Internet Download Manager\IDMan.exe[2124] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfig2W + 151                                                          00000000766e5679 5 bytes {JMP 0xffffffff89c5a9d1}
.text    C:\Program Files (x86)\Internet Download Manager\IDMan.exe[2124] C:\Windows\SysWOW64\sechost.dll!CreateServiceA + 542                                                                 00000000766e589a 7 bytes JMP 0000000100330ca6
.text    C:\Program Files (x86)\Internet Download Manager\IDMan.exe[2124] C:\Windows\SysWOW64\sechost.dll!CreateServiceW + 382                                                                 00000000766e5a1d 7 bytes JMP 00000001003403d8
.text    C:\Program Files (x86)\Internet Download Manager\IDMan.exe[2124] C:\Windows\SysWOW64\sechost.dll!QueryServiceConfigW + 370                                                            00000000766e5c9b 7 bytes JMP 000000010034012c
.text    C:\Program Files (x86)\Internet Download Manager\IDMan.exe[2124] C:\Windows\SysWOW64\sechost.dll!ControlServiceExA + 231                                                              00000000766e5d87 7 bytes JMP 00000001003402f4
.text    C:\Program Files (x86)\Internet Download Manager\IDMan.exe[2124] C:\Windows\SysWOW64\sechost.dll!I_ScBroadcastServiceControlMessage + 123                                             00000000766e7240 7 bytes JMP 0000000100330e6e
.text    C:\Program Files (x86)\Internet Download Manager\IDMan.exe[2124] C:\Windows\syswow64\USER32.dll!RecordShutdownReason + 882                                                            0000000076f01492 7 bytes JMP 000000010034059e
.text    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2732] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                          0000000075791465 2 bytes [79, 75]
.text    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2732] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                         00000000757914bb 2 bytes [79, 75]
.text    ...                                                                                                                                                                                   * 2

---- Kernel IAT/EAT - GMER 2.1 ----

IAT      C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort]                                                                                                        [fffff880010b8e94] \SystemRoot\System32\Drivers\sptd.sys [.text]
IAT      C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUchar]                                                                                                               [fffff880010b8c38] \SystemRoot\System32\Drivers\sptd.sys [.text]
IAT      C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUchar]                                                                                                              [fffff880010b9614] \SystemRoot\System32\Drivers\sptd.sys [.text]
IAT      C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUlong]                                                                                                              [fffff880010b9a10] \SystemRoot\System32\Drivers\sptd.sys [.text]
IAT      C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort]                                                                                                       [fffff880010b986c] \SystemRoot\System32\Drivers\sptd.sys [.text]

---- Devices - GMER 2.1 ----

Device   \Driver\atapi \Device\Ide\IdePort0                                                                                                                                                    fffffa80036a22c0
Device   \Driver\atapi \Device\Ide\IdePort1                                                                                                                                                    fffffa80036a22c0
Device   \Driver\atapi \Device\Ide\IdeDeviceP3T0L0-3                                                                                                                                           fffffa80036a22c0
Device   \Driver\atapi \Device\Ide\IdeDeviceP3T1L0-4                                                                                                                                           fffffa80036a22c0
Device   \Driver\atapi \Device\Ide\IdePort2                                                                                                                                                    fffffa80036a22c0
Device   \Driver\atapi \Device\Ide\IdePort3                                                                                                                                                    fffffa80036a22c0
Device   \FileSystem\Ntfs \Ntfs                                                                                                                                                                fffffa80036a62c0
Device   \Driver\usbuhci \Device\USBFDO-3                                                                                                                                                      fffffa80052882c0
Device   \Driver\usbuhci \Device\USBPDO-1                                                                                                                                                      fffffa80052882c0
Device   \Driver\cdrom \Device\CdRom0                                                                                                                                                          fffffa80049552c0
Device   \Driver\usbehci \Device\USBFDO-4                                                                                                                                                      fffffa80053202c0
Device   \Driver\usbuhci \Device\USBFDO-0                                                                                                                                                      fffffa80052882c0
Device   \Driver\usbuhci \Device\USBPDO-2                                                                                                                                                      fffffa80052882c0
Device   \Driver\NetBT \Device\NetBT_Tcpip_{F9DAE1B6-19C5-4395-998A-5D1F11ED267E}                                                                                                              fffffa80049872c0
Device   \Driver\usbuhci \Device\USBPDO-3                                                                                                                                                      fffffa80052882c0
Device   \Driver\usbuhci \Device\USBFDO-1                                                                                                                                                      fffffa80052882c0
Device   \Driver\NetBT \Device\NetBt_Wins_Export                                                                                                                                               fffffa80049872c0
Device   \Driver\usbehci \Device\USBPDO-4                                                                                                                                                      fffffa80053202c0
Device   \Driver\usbuhci \Device\USBFDO-2                                                                                                                                                      fffffa80052882c0
Device   \Driver\atapi \Device\ScsiPort0                                                                                                                                                       fffffa80036a22c0
Device   \Driver\usbuhci \Device\USBPDO-0                                                                                                                                                      fffffa80052882c0
Device   \Driver\atapi \Device\ScsiPort1                                                                                                                                                       fffffa80036a22c0
Device   \Driver\atapi \Device\ScsiPort2                                                                                                                                                       fffffa80036a22c0
Device   \Driver\atapi \Device\ScsiPort3                                                                                                                                                       fffffa80036a22c0

---- Trace I/O - GMER 2.1 ----

Trace    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa80036a22c0]<< sptd.sys ataport.SYS intelide.sys PCIIDEX.SYS hal.dll atapi.sys                                          fffffa80036a22c0
Trace    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80043bc060]                                                                                                                       fffffa80043bc060
Trace    3 CLASSPNP.SYS[fffff8800123b43f] -> nt!IofCallDriver -> [0xfffffa80040c2670]                                                                                                          fffffa80040c2670
Trace    5 ACPI.sys[fffff8800100b7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP3T0L0-3[0xfffffa80040e0060]                                                                                 fffffa80040e0060
Trace    \Driver\atapi[0xfffffa80040bee70] -> IRP_MJ_CREATE -> 0xfffffa80036a22c0                                                                                                              fffffa80036a22c0
---- Processes - GMER 2.1 ----

Process  C:\Users\Łukasz\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe (*** suspicious ***) @ C:\Users\Łukasz\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe [2268](2012-10-26 06:49:04)  00000000013b0000

---- Files - GMER 2.1 ----

File     C:\Users\Łukasz\AppData\Local\Temp\mozilla-temp-files\mozilla-temp-16356                                                                                                              0 bytes

---- EOF - GMER 2.1 ----


Dodano Dzisiaj, 19:27:
Kod: Zaznacz wszystko
OTL Extras logfile created on: 2014-02-18 18:16:39 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Łukasz\Downloads\Programs
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

4,00 Gb Total Physical Memory | 2,19 Gb Available Physical Memory | 54,78% Memory free
8,00 Gb Paging File | 6,25 Gb Available in Paging File | 78,16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 147,17 Gb Total Space | 80,38 Gb Free Space | 54,62% Space Free | Partition Type: NTFS
Drive D: | 97,65 Gb Total Space | 24,94 Gb Free Space | 25,54% Space Free | Partition Type: NTFS
Drive E: | 220,93 Gb Total Space | 42,14 Gb Free Space | 19,07% Space Free | Partition Type: NTFS

Computer Name: ŁUKASZ-KOMPUTER | User Name: Łukasz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" ()
Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" ()
Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04A7CB72-4DE1-4AD5-AA82-AE08E1C464DB}" = lport=138 | protocol=17 | dir=in | app=system |
"{08956B28-E599-476F-9DAF-EA3A7A02FCD7}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{1287631F-9016-45CE-8639-A1695CB6387C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{13329C23-210C-45C4-8184-C8BE6B142296}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{1BAC06C3-C4B9-4CD3-8E71-D82620A2C4FF}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1BDA4744-A92E-41EE-BBFB-30AD025D7C12}" = rport=139 | protocol=6 | dir=out | app=system |
"{2421E41A-E539-4D81-B1DC-6F54ECB2B0D6}" = lport=139 | protocol=6 | dir=in | app=system |
"{39DCEF9D-AE7B-4F56-889A-5C4EAF956C97}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{413D3FC2-A2B2-4F87-816F-263D0DF8E14C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{42692943-3CE6-4560-9D7F-84FC104C35E1}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{43768F03-029B-4B33-B4C4-02AB12FC78F9}" = rport=445 | protocol=6 | dir=out | app=system |
"{462FB1D3-3901-47A3-8A76-9F2698E233B2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{50284730-0845-4EFA-90E7-963F19433704}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{579DD6CF-DB39-43AB-97E0-0A1C63B21F79}" = rport=10243 | protocol=6 | dir=out | app=system |
"{7B12801B-A646-40EA-BA8B-F05B26043876}" = rport=137 | protocol=17 | dir=out | app=system |
"{857CB1CE-596F-4853-BB22-5EC9064D0B15}" = lport=137 | protocol=17 | dir=in | app=system |
"{85924A53-F578-4B53-A148-3E32FCF3BF32}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{9663FFEE-F9E0-4F7C-B9FC-F9D8A9331642}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9ED79AF6-679D-4C7E-AA1D-E6F4553D1CE8}" = lport=445 | protocol=6 | dir=in | app=system |
"{9FCE2AAC-10EC-492D-A5CA-70F4F49FF91A}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{A66ABF91-19EF-4725-9C51-0C3638D2DE1D}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{AFD08510-9CD7-4DDC-BEBA-C3BA505B1516}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{B0BA6574-B1F6-412E-B3AB-03B57496DFB0}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{B313461C-8993-4B4D-8139-ADEE15073269}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B61843CA-89F6-4947-8562-146BEEC3A7C8}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{C0507B87-D18C-49BB-A69A-1D8BD99720C1}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C6A0DE26-9F37-4DF7-ADCF-E25A64199B6F}" = rport=138 | protocol=17 | dir=out | app=system |
"{D752DA1F-0612-41CE-8BE4-89DE2B060BAF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DCB2D9AB-B8DA-4023-A689-23B50D09F038}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{DE0C0C90-E47A-47AF-A2E1-56BE7B03725E}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{E0E8E303-9E97-4FC7-B841-0FC047DB7CCA}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{E8874859-A943-4F79-9356-907A8870BD10}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FE17DA77-55BC-4422-A30C-42B2C0D8B90D}" = lport=10243 | protocol=6 | dir=in | app=system |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{001FE6BF-A25C-4524-817C-FB7AA0BC848C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{02F0539D-57F2-45D0-94AD-2B8A6840A80F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0342167E-4094-4902-A0F4-2230C70AA741}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{279FB5AA-7E05-41A9-94AC-2172D48BADC2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2FF969D8-8A7C-4B5E-B7F7-3E43A5F965FE}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{55331AEC-2295-4CEC-A480-83056D75DB56}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{55FD8287-044C-4177-83BC-6E921C0D368A}" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{58321944-8003-4D10-AFC3-AFEE21031C4B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5C70F2E1-7F4F-4AA9-8CA4-C6E886657925}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{660D4312-2537-49FB-9E4D-C7906BBF6688}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{6CFA3E87-F018-4623-A4C6-2EC47A19ECFC}" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{73886887-2981-4877-B296-FC4CF25E75F3}" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{76CCA553-1330-4FC6-91E9-9B0EB5621B07}" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{895B7BC0-C528-411D-9DDD-1D4DB7B67764}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8E815FD2-52BE-4F68-B7A2-0988A37F129C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{972F635E-9AB6-4FC1-941C-7D42E85C47F9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A18FE39B-1C4F-489C-9649-8A7DEE3488F0}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A5B5130D-705C-4272-A692-86F405025844}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C3024074-C4B6-406D-B825-1BE7FAEDEABA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{C5C9A2AA-BEBB-42D8-B859-6D994B79EE70}" = protocol=6 | dir=out | app=system |
"{CDC8566A-828C-4641-BC80-80DD5A2A79D7}" = protocol=6 | dir=in | app=c:\programdata\esafe\egdpsvc.exe |
"{E551776B-88C8-4FFB-B61F-47D12186FAE8}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EC2897C2-A4C2-4B68-BADF-12426AD8DB06}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{F69633F3-6FA5-464B-AC47-B960E9F2DC14}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8E5DA9A6-7A9F-3A6F-BC5C-D6CBCA6A29C7}" = Microsoft .NET Framework 4 Extended PLK Language Pack
"{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 327.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 327.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 327.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.7.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 326.01
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.13.0725
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 9.3.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.3.26.4
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 9.3.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.9
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"jdownloader2" = JDownloader 2
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{26A24AE4-039D-4CA4-87B4-2F83217051FF}" = Java 7 Update 51
"{41101F0C-DBD9-321C-A6B1-E0689B495A4E}" = Google Talk Plugin
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{9370105C-71BB-4FF9-A85B-36D79B95457A}_is1" = ALLConverter PRO 1.3
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{AC76BA86-7AD7-1045-7B44-A95000000001}" = Adobe Reader 9.5.5 - Polish
"{B45FABE7-D101-4D99-A671-E16DA40AF7F0}" = Microsoft Games for Windows - LIVE
"{B578C85A-A84C-4230-A177-C5B2AF565B8C}" = Microsoft Games for Windows - LIVE Redistributable
"{FE77909E-B782-4554-A92A-4D887CEF0ACC}_is1" = ALLMediaServer
"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"ALLPlayer_is1" = ALLPlayer V5.X
"foxtab" = Foxtab
"fst_pl_41_is1" = fst_pl_41
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Menedżera urządzeń
"Internet Download Manager" = Internet Download Manager
"KLiteCodecPack_is1" = K-Lite Codec Pack 10.1.0 Full
"Łatka polonizacyjna GTA IV v1.0" = Łatka polonizacyjna GTA IV v1.0
"Mobogenie" = Mobogenie
"Mozilla Firefox 27.0.1 (x86 pl)" = Mozilla Firefox 27.0.1 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NapiProjekt_is1" = NapiProjekt 2.0.0 (build 2151)
"NIS" = Norton Internet Security
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Professional Farmer 2014_is1" = Professional Farmer 2014
"Winamp" = Winamp
"WinRAR archiver" = WinRAR archiver

[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BankBrowser" = BankBrowser
"FLV Player" = FLV Player

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2014-01-23 10:37:48 | Computer Name = Łukasz-Komputer | Source = WinMgmt | ID = 10
Description =

Error - 2014-01-24 06:33:34 | Computer Name = Łukasz-Komputer | Source = NvStreamSvc | ID = 131073
Description =

Error - 2014-01-24 06:33:34 | Computer Name = Łukasz-Komputer | Source = NvStreamSvc | ID = 131073
Description =

Error - 2014-01-24 06:34:50 | Computer Name = Łukasz-Komputer | Source = WinMgmt | ID = 10
Description =

Error - 2014-01-24 11:16:30 | Computer Name = Łukasz-Komputer | Source = NvStreamSvc | ID = 131073
Description =

Error - 2014-01-24 11:16:30 | Computer Name = Łukasz-Komputer | Source = NvStreamSvc | ID = 131073
Description =

Error - 2014-01-24 11:17:49 | Computer Name = Łukasz-Komputer | Source = WinMgmt | ID = 10
Description =

Error - 2014-01-24 12:25:38 | Computer Name = Łukasz-Komputer | Source = NvStreamSvc | ID = 131073
Description =

Error - 2014-01-24 12:25:38 | Computer Name = Łukasz-Komputer | Source = NvStreamSvc | ID = 131073
Description =

Error - 2014-01-24 12:26:57 | Computer Name = Łukasz-Komputer | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 2014-02-05 08:41:24 | Computer Name = Łukasz-Komputer | Source = Microsoft-Windows-WHEA-Logger | ID = 18
Description = Wystąpił krytyczny błąd sprzętowy.    Zgłoszone przez składnik: rdzeń
procesora  Źródło błędu: 3  Typ błędu: 10  Identyfikator procesora: 2    Widok szczegółów
tego wpisu zawiera dodatkowe informacje.

Error - 2014-02-05 08:41:24 | Computer Name = Łukasz-Komputer | Source = Microsoft-Windows-WHEA-Logger | ID = 18
Description = Wystąpił krytyczny błąd sprzętowy.    Zgłoszone przez składnik: rdzeń
procesora  Źródło błędu: 3  Typ błędu: 10  Identyfikator procesora: 3    Widok szczegółów
tego wpisu zawiera dodatkowe informacje.

Error - 2014-02-05 09:47:27 | Computer Name = Łukasz-Komputer | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Wsys Service z powodu następującego błędu:
   %%2

Error - 2014-02-05 23:02:29 | Computer Name = Łukasz-Komputer | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Wsys Service z powodu następującego błędu:
   %%2

Error - 2014-02-06 03:46:59 | Computer Name = Łukasz-Komputer | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Wsys Service z powodu następującego błędu:
   %%2

Error - 2014-02-06 04:14:19 | Computer Name = Łukasz-Komputer | Source = nvlddmkm | ID = 11141134
Description =

Error - 2014-02-06 07:00:34 | Computer Name = Łukasz-Komputer | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Wsys Service z powodu następującego błędu:
   %%2

Error - 2014-02-06 10:09:48 | Computer Name = Łukasz-Komputer | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Wsys Service z powodu następującego błędu:
   %%2

Error - 2014-02-06 10:30:04 | Computer Name = Łukasz-Komputer | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 15:28:39 na ?2014-?02-?06 było
nieoczekiwane.

Error - 2014-02-06 10:30:04 | Computer Name = Łukasz-Komputer | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Wsys Service z powodu następującego błędu:
   %%2


< End of report >


Dodano Dzisiaj, 19:28:
Kod: Zaznacz wszystko
OTL logfile created on: 2014-02-18 18:16:39 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Łukasz\Downloads\Programs
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

4,00 Gb Total Physical Memory | 2,19 Gb Available Physical Memory | 54,78% Memory free
8,00 Gb Paging File | 6,25 Gb Available in Paging File | 78,16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 147,17 Gb Total Space | 80,38 Gb Free Space | 54,62% Space Free | Partition Type: NTFS
Drive D: | 97,65 Gb Total Space | 24,94 Gb Free Space | 25,54% Space Free | Partition Type: NTFS
Drive E: | 220,93 Gb Total Space | 42,14 Gb Free Space | 19,07% Space Free | Partition Type: NTFS

Computer Name: ŁUKASZ-KOMPUTER | User Name: Łukasz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2014-02-18 18:15:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Łukasz\Downloads\Programs\OTL.exe
PRC - [2014-02-15 10:41:19 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014-01-27 13:04:28 | 003,996,656 | ---- | M] () -- C:\Program Files (x86)\fst_pl_41\fst_pl_41.exe
PRC - [2013-11-11 11:37:32 | 003,565,432 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
PRC - [2013-11-08 21:46:18 | 001,028,384 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013-11-08 21:45:42 | 001,914,656 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013-10-18 09:40:43 | 000,738,496 | ---- | M] () -- C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
PRC - [2013-10-08 13:28:15 | 000,275,696 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe
PRC - [2013-09-12 01:17:46 | 000,414,496 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012-12-12 14:44:48 | 000,268,248 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
PRC - [2012-10-26 07:49:04 | 000,202,752 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2014-02-15 10:41:19 | 003,578,992 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014-01-27 13:04:28 | 003,996,656 | ---- | M] () -- C:\Program Files (x86)\fst_pl_41\fst_pl_41.exe
MOD - [2013-10-18 09:40:43 | 000,738,496 | ---- | M] () -- C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
MOD - [2012-10-26 07:49:04 | 000,202,752 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2014-02-06 11:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2013-11-08 21:47:21 | 015,125,280 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:[b]64bit:[/b] - [2013-05-27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2014-02-15 10:41:19 | 000,118,896 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014-02-05 13:15:26 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-11-08 21:45:42 | 001,914,656 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013-10-08 13:28:15 | 000,275,696 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe -- (NIS)
SRV - [2013-09-12 01:17:46 | 000,414,496 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2014-02-18 17:37:38 | 000,386,680 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:[b]64bit:[/b] - [2013-11-21 20:26:51 | 000,177,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:[b]64bit:[/b] - [2013-09-28 00:01:44 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:[b]64bit:[/b] - [2013-09-27 04:18:30 | 001,147,480 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1501000.012\SymEFA64.sys -- (SymEFA)
DRV:[b]64bit:[/b] - [2013-09-27 03:45:56 | 000,264,280 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1501000.012\Ironx64.sys -- (SymIRON)
DRV:[b]64bit:[/b] - [2013-09-27 03:26:03 | 000,858,200 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1501000.012\srtsp64.sys -- (SRTSP)
DRV:[b]64bit:[/b] - [2013-09-26 04:28:00 | 000,590,936 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1501000.012\symnets.sys -- (SymNetS)
DRV:[b]64bit:[/b] - [2013-09-26 03:50:25 | 000,162,392 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1501000.012\ccSetx64.sys -- (ccSet_NIS)
DRV:[b]64bit:[/b] - [2013-09-10 03:47:26 | 000,493,656 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1501000.012\SymDS64.sys -- (SymDS)
DRV:[b]64bit:[/b] - [2013-09-10 02:49:49 | 000,036,952 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1501000.012\srtspx64.sys -- (SRTSPX)
DRV:[b]64bit:[/b] - [2013-06-16 13:38:15 | 000,196,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:[b]64bit:[/b] - [2012-11-22 01:43:14 | 000,165,112 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP)
DRV:[b]64bit:[/b] - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010-11-21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2009-10-21 04:30:32 | 001,270,784 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:[b]64bit:[/b] - [2009-07-16 04:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-06-10 21:35:42 | 000,187,392 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2014-01-21 20:11:19 | 000,521,944 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140217.001\IDSvia64.sys -- (IDSVia64)
DRV - [2013-12-18 01:32:10 | 001,526,488 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140121.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2013-11-21 01:00:00 | 002,099,288 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140217.066\EX64.SYS -- (NAVEX15)
DRV - [2013-11-21 01:00:00 | 000,484,952 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2013-11-21 01:00:00 | 000,137,648 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2013-11-21 01:00:00 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140217.066\ENG64.SYS -- (NAVENG)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope =
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=pl&pid=nis&pvid=20.1.0.24
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "http://www.interia.pl/"
FF - prefs.js..extensions.enabledAddons: %7BBBDA0591-3099-440a-AA10-41764D9DB4DB%7D:12.0.5.3%20-%201
FF - prefs.js..extensions.enabledAddons: %7B2D3F3651-74B9-4795-BDEC-6DA2F431CB62%7D:2014.6.5.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1
FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Łukasz\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Łukasz\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Łukasz\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Łukasz\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Łukasz\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\ [2014-02-18 17:39:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF [2013-11-23 05:09:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Łukasz\AppData\Roaming\IDM\idmmzcc5 [2013-11-11 11:35:50 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Łukasz\AppData\Roaming\IDM\idmmzcc5 [2013-11-11 11:35:50 | 000,000,000 | ---D | M]

[2013-11-04 17:05:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Łukasz\AppData\Roaming\mozilla\Extensions
[2014-02-18 12:24:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Łukasz\AppData\Roaming\mozilla\Firefox\Profiles\v9ylzi5w.default\extensions
[2013-11-06 02:12:38 | 000,010,043 | ---- | M] () (No name found) -- C:\Users\Łukasz\AppData\Roaming\mozilla\firefox\profiles\v9ylzi5w.default\extensions\IplextoALL@ALLPlayer.org.xpi
[2014-02-12 19:29:56 | 000,178,893 | ---- | M] () (No name found) -- C:\Users\Łukasz\AppData\Roaming\mozilla\firefox\profiles\v9ylzi5w.default\extensions\p24ext@przelewy24.pl.xpi
[2013-11-07 16:54:57 | 000,015,799 | ---- | M] () (No name found) -- C:\Users\Łukasz\AppData\Roaming\mozilla\firefox\profiles\v9ylzi5w.default\extensions\trtransferfill@transferuj.pl.xpi
[2014-02-18 12:24:45 | 000,940,775 | ---- | M] () (No name found) -- C:\Users\Łukasz\AppData\Roaming\mozilla\firefox\profiles\v9ylzi5w.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014-02-15 10:41:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2014-02-15 10:41:20 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014-02-18 17:39:53 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\COFFPLGN
[2013-11-23 05:09:36 | 000,000,000 | ---D | M] (Norton Vulnerability Protection) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF

O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2:[b]64bit:[/b] - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~2\ALLPLA~1\Iplex\IPLEXT~1.DLL (ALLCinema Ltd.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [fst_pl_41] C:\Program Files (x86)\fst_pl_41\fst_pl_41.exe ()
O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe ()
O4 - HKCU..\Run: [FLV Player] C:\Users\Łukasz\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe ()
O4 - HKCU..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:[b]64bit:[/b] - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\OFFICE11\EXCEL.EXE/3000 File not found
O8:[b]64bit:[/b] - Extra context menu item: Ściągnij przez IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8:[b]64bit:[/b] - Extra context menu item: Ściągnij wszystkie linki przez IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Ściągnij przez IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Ściągnij wszystkie linki przez IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.1.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F9DAE1B6-19C5-4395-998A-5D1F11ED267E}: DhcpNameServer = 10.1.1.1
O18:[b]64bit:[/b] - Protocol\Handler\msdaipp - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\mso-offdap11 - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Filter\text/xml - No CLSID value found
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2014-02-18 12:53:40 | 000,386,680 | ---- | C] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys
[2014-02-15 10:41:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014-02-14 05:55:00 | 000,548,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014-02-14 05:54:20 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014-02-14 05:54:20 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014-02-14 05:54:20 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014-02-14 05:54:19 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014-02-14 05:54:19 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014-02-14 05:54:19 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014-02-14 05:54:19 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014-02-14 05:54:18 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014-02-14 05:54:18 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014-02-14 05:54:18 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014-02-14 05:54:18 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014-02-14 05:54:17 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014-02-14 05:54:17 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014-02-14 05:54:17 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014-02-14 05:54:17 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014-02-14 05:54:17 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014-02-14 05:54:17 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014-02-14 05:54:16 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014-02-14 05:54:16 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014-02-14 05:54:16 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014-02-14 05:54:15 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014-02-14 05:54:15 | 001,964,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014-02-14 05:54:12 | 005,768,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014-02-13 21:15:51 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014-02-13 21:15:51 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014-02-13 21:15:43 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2014-02-13 21:15:43 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2014-02-13 21:15:43 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2014-02-13 21:15:43 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2014-02-13 21:15:42 | 000,553,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2014-02-13 21:15:42 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2014-02-13 21:15:42 | 000,528,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2014-02-13 21:15:42 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2014-02-13 21:15:42 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2014-02-13 21:15:42 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2014-02-13 21:15:42 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2014-02-13 21:15:42 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2014-02-13 21:15:42 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2014-02-13 21:15:41 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2014-02-13 21:15:41 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2014-02-13 21:15:41 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2014-02-13 21:15:41 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2014-02-13 21:15:29 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2014-02-13 21:15:28 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2014-02-11 13:26:44 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014-01-30 17:43:21 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\.android
[2014-01-30 17:42:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
[2014-01-29 13:48:33 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\Local Settings
[2014-01-29 13:48:24 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Local\fst_pl_41
[2014-01-29 13:48:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\fst_pl_41
[2014-01-29 13:47:31 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player
[2014-01-29 13:47:27 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Local\WebPlayer
[2014-01-29 13:44:46 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Roaming\NapiProjekt
[2014-01-26 08:44:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2014-01-26 08:44:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2014-01-26 08:44:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014-01-26 08:44:25 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014-01-26 08:44:11 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014-01-26 08:44:11 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014-01-26 08:44:11 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014-01-26 08:44:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014-01-26 08:44:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2014-01-26 08:36:26 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Local\Google

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2014-02-18 18:15:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014-02-18 17:51:00 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1920341736-3238655564-193974235-1000UA.job
[2014-02-18 17:46:35 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014-02-18 17:46:35 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014-02-18 17:39:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014-02-18 17:39:19 | 3220,529,152 | -HS- | M] () -- C:\hiberfil.sys
[2014-02-18 17:37:38 | 000,386,680 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys
[2014-02-18 17:21:00 | 000,000,294 | ---- | M] () -- C:\Windows\tasks\FoxTab.job
[2014-02-18 09:51:00 | 000,001,010 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1920341736-3238655564-193974235-1000Core.job
[2014-02-18 09:25:33 | 432,633,367 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014-02-17 11:57:26 | 004,002,382 | ---- | M] () -- C:\Users\Łukasz\Desktop\focus(old)_2004.pdf
[2014-02-16 23:18:58 | 000,509,409 | ---- | M] () -- C:\Users\Łukasz\Desktop\Bez tytułu.png
[2014-02-16 19:59:53 | 000,260,721 | ---- | M] () -- C:\Users\Łukasz\Desktop\reg_przenies_numer.pdf
[2014-02-15 15:49:05 | 000,115,298 | ---- | M] () -- C:\Users\Łukasz\Desktop\prawko2.JPG
[2014-02-15 15:49:04 | 000,105,661 | ---- | M] () -- C:\Users\Łukasz\Desktop\prawko1.JPG
[2014-02-14 13:48:24 | 001,117,428 | ---- | M] () -- C:\Users\Łukasz\Desktop\2014-02-14 12.48.24.jpg
[2014-02-14 10:03:44 | 001,360,042 | ---- | M] () -- C:\Users\Łukasz\Desktop\2014-02-14 09.46.47.jpg
[2014-02-14 06:04:33 | 001,637,758 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014-02-14 06:04:33 | 000,737,730 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2014-02-14 06:04:33 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014-02-14 06:04:33 | 000,154,418 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2014-02-14 06:04:33 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014-02-14 06:04:19 | 001,637,758 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014-02-14 00:21:04 | 000,000,161 | ---- | M] () -- C:\Users\Łukasz\AppData\Roaming\WB.CFG
[2014-02-11 13:26:18 | 001,166,132 | ---- | M] () -- C:\Users\Łukasz\Desktop\AdwCleaner.exe
[2014-02-10 01:12:26 | 000,297,546 | ---- | M] () -- C:\Users\Łukasz\Desktop\kupon.jpg
[2014-02-06 12:30:12 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014-02-06 12:07:39 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014-02-06 12:06:47 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014-02-06 11:56:03 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014-02-06 11:52:11 | 000,574,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014-02-06 11:49:03 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014-02-06 11:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014-02-06 11:48:11 | 000,708,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014-02-06 11:32:49 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014-02-06 11:17:15 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014-02-06 11:11:37 | 005,768,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014-02-06 11:01:36 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014-02-06 11:00:46 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014-02-06 10:57:13 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014-02-06 10:52:21 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014-02-06 10:50:32 | 002,041,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014-02-06 10:49:22 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014-02-06 10:47:22 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014-02-06 10:46:27 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014-02-06 10:25:43 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014-02-06 10:09:30 | 001,964,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014-02-06 09:40:06 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014-02-06 09:34:31 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014-02-05 13:15:23 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014-02-05 13:15:23 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014-02-03 00:04:23 | 000,083,620 | ---- | M] () -- C:\Users\Łukasz\Desktop\wniosekd1.pdf
[2014-01-30 17:12:04 | 000,502,565 | ---- | M] () -- C:\Users\Łukasz\Desktop\kupon.png
[2014-01-29 13:47:31 | 000,002,147 | ---- | M] () -- C:\Users\Łukasz\Desktop\FLV Player.lnk
[2014-01-26 08:44:04 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014-01-26 08:44:04 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014-01-26 08:44:04 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014-01-26 08:44:03 | 000,174,504 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2014-02-17 11:57:08 | 004,002,382 | ---- | C] () -- C:\Users\Łukasz\Desktop\focus(old)_2004.pdf
[2014-02-16 20:00:00 | 000,260,721 | ---- | C] () -- C:\Users\Łukasz\Desktop\reg_przenies_numer.pdf
[2014-02-15 15:49:05 | 000,115,298 | ---- | C] () -- C:\Users\Łukasz\Desktop\prawko2.JPG
[2014-02-15 15:49:04 | 000,105,661 | ---- | C] () -- C:\Users\Łukasz\Desktop\prawko1.JPG
[2014-02-14 12:52:51 | 001,117,428 | ---- | C] () -- C:\Users\Łukasz\Desktop\2014-02-14 12.48.24.jpg
[2014-02-14 10:03:19 | 001,360,042 | ---- | C] () -- C:\Users\Łukasz\Desktop\2014-02-14 09.46.47.jpg
[2014-02-11 13:26:12 | 001,166,132 | ---- | C] () -- C:\Users\Łukasz\Desktop\AdwCleaner.exe
[2014-02-10 01:12:26 | 000,297,546 | ---- | C] () -- C:\Users\Łukasz\Desktop\kupon.jpg
[2014-02-03 00:04:29 | 000,083,620 | ---- | C] () -- C:\Users\Łukasz\Desktop\wniosekd1.pdf
[2014-01-30 17:12:04 | 000,502,565 | ---- | C] () -- C:\Users\Łukasz\Desktop\kupon.png
[2014-01-29 13:47:31 | 000,002,147 | ---- | C] () -- C:\Users\Łukasz\Desktop\FLV Player.lnk
[2014-01-26 08:36:27 | 000,001,062 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1920341736-3238655564-193974235-1000UA.job
[2014-01-26 08:36:26 | 000,001,010 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1920341736-3238655564-193974235-1000Core.job
[2014-01-02 16:02:39 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2013-12-18 20:49:01 | 000,000,161 | ---- | C] () -- C:\Users\Łukasz\AppData\Roaming\WB.CFG
[2013-11-04 20:14:45 | 000,217,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2013-11-04 18:04:18 | 000,644,608 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2013-11-04 18:04:18 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll
[2013-11-04 16:45:36 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2013-11-04 16:45:32 | 000,020,906 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2013-11-04 16:37:29 | 001,637,758 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013-07-26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013-07-26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== LOP Check ==========[/color]

[2013-11-04 17:21:36 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Canneverbe Limited
[2013-11-20 20:07:32 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\DAEMON Tools Lite
[2014-02-18 17:38:37 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\DMCache
[2013-11-04 17:49:39 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\FoxTab
[2013-11-17 14:38:09 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\IDM
[2014-01-17 23:53:36 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Landwirt2014
[2013-11-05 12:12:16 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\MPC-HC
[2014-01-29 13:45:38 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\NapiProjekt

[color=#E56717]========== Purity Check ==========[/color]



< End of report >
djbahama11
~user
 
Posty: 59
Dołączenie: 12 Paź 2013, 17:37



Samoczynne włączanie sie reklam w przeglądarce.

Postprzez ordynat 18 Lut 2014, 23:32

1) Odinstaluj:
"Mobogenie" = Mobogenie
"foxtab" = Foxtab
"fst_pl_41_is1" = fst_pl_41

2) Użyj Adw-Cleaner, którego zalecił Ci @MaTi
najpierw kliknij na SZUKAJ, a dopiero po zakończeniu skanowania, gdy uaktywni się przycisk USUŃ, to kliknij na niego.
Pokaż raport z niego C:\AdwCleaner\AdwCleaner[S].txt

3) Zrób nowy log z OTL.

[2014-01-29 13:47:31 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player
[2014-01-29 13:47:27 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Local\WebPlayer

To sam instalowałeś, czy może samo się zainstalowało (w tym samym czasie zainstalowały się inne śmieci) ?
.
ordynat
~user
 
Posty: 4765
Dołączenie: 02 Kwi 2010, 11:18
Pochwały: 866



Samoczynne włączanie sie reklam w przeglądarce.

Postprzez djbahama11 19 Lut 2014, 10:06

Jak mam to odinstalowac ?

Odinstaluj:
"Mobogenie" = Mobogenie
"foxtab" = Foxtab
"fst_pl_41_is1" = fst_pl_41

normalnie dodaj usun programy ?

[2014-01-29 13:47:31 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player
[2014-01-29 13:47:27 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Local\WebPlayer


ie powiem ci bo pewnie ja instalowałem jedno a drugie sie samo zainstalowało ?

Dodano Dzisiaj, 10:29:
Kod: Zaznacz wszystko
# AdwCleaner v3.018 - Log utworzony 19/02/2014 o 09:25:27
# Aktualizacja 28/01/2014 przez Xplode
# System operacyjny : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uzytkownik : Łukasz - ŁUKASZ-KOMPUTER
# Sciezka : C:\Users\Łukasz\Desktop\AdwCleaner.exe
# Opcja : Usun

***** [ Uslugi ] *****


***** [ Pliki / Foldery ] *****

Folder Usunieto : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
Folder Usunieto : C:\Program Files (x86)\RegClean Pro
Folder Usunieto : C:\Users\Łukasz\AppData\Roaming\Systweak
Plik Usunieto : C:\Users\Public\Desktop\RegClean Pro.lnk
Plik Usunieto : C:\Windows\System32\roboot64.exe
Plik Usunieto : C:\Windows\System32\Tasks\RegClean Pro

***** [ Skróty ] *****


***** [ Rejestr ] *****

Klucz Usunieto : HKCU\Software\systweak
Klucz Usunieto : HKCU\Software\Webplayer
Klucz Usunieto : HKLM\Software\systweak
Klucz Usunieto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1

***** [ Przegladarki internetowe ] *****

-\\ Internet Explorer v11.0.9600.16518


-\\ Mozilla Firefox v27.0.1 (pl)

[ Plik : C:\Users\Łukasz\AppData\Roaming\Mozilla\Firefox\Profiles\v9ylzi5w.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [2976 octets] - [11/02/2014 13:26:50]
AdwCleaner[R1].txt - [1007 octets] - [12/02/2014 01:07:17]
AdwCleaner[R2].txt - [2314 octets] - [18/02/2014 17:35:01]
AdwCleaner[R3].txt - [1815 octets] - [19/02/2014 09:24:43]
AdwCleaner[S0].txt - [2564 octets] - [11/02/2014 13:28:02]
AdwCleaner[S1].txt - [1535 octets] - [19/02/2014 09:25:27]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1595 octets] ##########
djbahama11
~user
 
Posty: 59
Dołączenie: 12 Paź 2013, 17:37



Samoczynne włączanie sie reklam w przeglądarce.

Postprzez ordynat 19 Lut 2014, 10:33

normalnie dodaj usun programy ?

Tak.
ordynat
~user
 
Posty: 4765
Dołączenie: 02 Kwi 2010, 11:18
Pochwały: 866



Samoczynne włączanie sie reklam w przeglądarce.

Postprzez djbahama11 19 Lut 2014, 10:37

Kod: Zaznacz wszystko
# AdwCleaner v3.018 - Log utworzony 19/02/2014 o 09:25:27
# Aktualizacja 28/01/2014 przez Xplode
# System operacyjny : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uzytkownik : Łukasz - ŁUKASZ-KOMPUTER
# Sciezka : C:\Users\Łukasz\Desktop\AdwCleaner.exe
# Opcja : Usun

***** [ Uslugi ] *****


***** [ Pliki / Foldery ] *****

Folder Usunieto : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
Folder Usunieto : C:\Program Files (x86)\RegClean Pro
Folder Usunieto : C:\Users\Łukasz\AppData\Roaming\Systweak
Plik Usunieto : C:\Users\Public\Desktop\RegClean Pro.lnk
Plik Usunieto : C:\Windows\System32\roboot64.exe
Plik Usunieto : C:\Windows\System32\Tasks\RegClean Pro

***** [ Skróty ] *****


***** [ Rejestr ] *****

Klucz Usunieto : HKCU\Software\systweak
Klucz Usunieto : HKCU\Software\Webplayer
Klucz Usunieto : HKLM\Software\systweak
Klucz Usunieto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1

***** [ Przegladarki internetowe ] *****

-\\ Internet Explorer v11.0.9600.16518


-\\ Mozilla Firefox v27.0.1 (pl)

[ Plik : C:\Users\Łukasz\AppData\Roaming\Mozilla\Firefox\Profiles\v9ylzi5w.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [2976 octets] - [11/02/2014 13:26:50]
AdwCleaner[R1].txt - [1007 octets] - [12/02/2014 01:07:17]
AdwCleaner[R2].txt - [2314 octets] - [18/02/2014 17:35:01]
AdwCleaner[R3].txt - [1815 octets] - [19/02/2014 09:24:43]
AdwCleaner[S0].txt - [2564 octets] - [11/02/2014 13:28:02]
AdwCleaner[S1].txt - [1535 octets] - [19/02/2014 09:25:27]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1595 octets] ##########
djbahama11
~user
 
Posty: 59
Dołączenie: 12 Paź 2013, 17:37



Samoczynne włączanie sie reklam w przeglądarce.

Postprzez ordynat 19 Lut 2014, 11:00

3) Zrób nowy log z OTL.

jeszcze to
ordynat
~user
 
Posty: 4765
Dołączenie: 02 Kwi 2010, 11:18
Pochwały: 866



Samoczynne włączanie sie reklam w przeglądarce.

Postprzez djbahama11 19 Lut 2014, 11:39

Kod: Zaznacz wszystko
OTL logfile created on: 2014-02-19 10:35:02 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Łukasz\Downloads\Programs
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

4,00 Gb Total Physical Memory | 2,43 Gb Available Physical Memory | 60,68% Memory free
8,00 Gb Paging File | 6,37 Gb Available in Paging File | 79,64% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 147,17 Gb Total Space | 80,81 Gb Free Space | 54,91% Space Free | Partition Type: NTFS
Drive D: | 97,65 Gb Total Space | 24,94 Gb Free Space | 25,54% Space Free | Partition Type: NTFS
Drive E: | 220,93 Gb Total Space | 42,14 Gb Free Space | 19,07% Space Free | Partition Type: NTFS

Computer Name: ŁUKASZ-KOMPUTER | User Name: Łukasz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2014-02-18 18:15:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Łukasz\Downloads\Programs\OTL.exe
PRC - [2014-02-15 10:41:19 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014-02-05 13:15:23 | 001,863,048 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
PRC - [2013-11-11 11:37:32 | 003,565,432 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
PRC - [2013-11-08 21:46:18 | 001,028,384 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013-11-08 21:45:42 | 001,914,656 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013-10-08 13:28:15 | 000,275,696 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe
PRC - [2013-09-12 01:17:46 | 000,414,496 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012-12-12 14:44:48 | 000,268,248 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
PRC - [2012-10-26 07:49:04 | 000,202,752 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2014-02-15 10:41:19 | 003,578,992 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014-02-05 13:15:22 | 016,287,624 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll
MOD - [2012-10-26 07:49:04 | 000,202,752 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2014-02-06 11:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2013-11-08 21:47:21 | 015,125,280 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:[b]64bit:[/b] - [2013-05-27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2014-02-15 10:41:19 | 000,118,896 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014-02-05 13:15:26 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-11-08 21:45:42 | 001,914,656 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013-10-08 13:28:15 | 000,275,696 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe -- (NIS)
SRV - [2013-09-12 01:17:46 | 000,414,496 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2014-02-18 17:37:38 | 000,386,680 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:[b]64bit:[/b] - [2013-11-21 20:26:51 | 000,177,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:[b]64bit:[/b] - [2013-09-28 00:01:44 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:[b]64bit:[/b] - [2013-09-27 04:18:30 | 001,147,480 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1501000.012\SymEFA64.sys -- (SymEFA)
DRV:[b]64bit:[/b] - [2013-09-27 03:45:56 | 000,264,280 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1501000.012\Ironx64.sys -- (SymIRON)
DRV:[b]64bit:[/b] - [2013-09-27 03:26:03 | 000,858,200 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1501000.012\srtsp64.sys -- (SRTSP)
DRV:[b]64bit:[/b] - [2013-09-26 04:28:00 | 000,590,936 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1501000.012\symnets.sys -- (SymNetS)
DRV:[b]64bit:[/b] - [2013-09-26 03:50:25 | 000,162,392 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1501000.012\ccSetx64.sys -- (ccSet_NIS)
DRV:[b]64bit:[/b] - [2013-09-10 03:47:26 | 000,493,656 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1501000.012\SymDS64.sys -- (SymDS)
DRV:[b]64bit:[/b] - [2013-09-10 02:49:49 | 000,036,952 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1501000.012\srtspx64.sys -- (SRTSPX)
DRV:[b]64bit:[/b] - [2013-06-16 13:38:15 | 000,196,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:[b]64bit:[/b] - [2012-11-22 01:43:14 | 000,165,112 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP)
DRV:[b]64bit:[/b] - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010-11-21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2009-10-21 04:30:32 | 001,270,784 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:[b]64bit:[/b] - [2009-07-16 04:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-06-10 21:35:42 | 000,187,392 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2014-01-21 20:11:19 | 000,521,944 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140218.001\IDSvia64.sys -- (IDSVia64)
DRV - [2013-12-18 01:32:10 | 001,526,488 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2013-11-21 01:00:00 | 002,099,288 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140218.032\EX64.SYS -- (NAVEX15)
DRV - [2013-11-21 01:00:00 | 000,484,952 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2013-11-21 01:00:00 | 000,137,648 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2013-11-21 01:00:00 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140218.032\ENG64.SYS -- (NAVENG)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope =
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=pl&pid=nis&pvid=20.1.0.24
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "http://www.interia.pl/"
FF - prefs.js..extensions.enabledAddons: %7B2D3F3651-74B9-4795-BDEC-6DA2F431CB62%7D:2014.6.5.1
FF - prefs.js..extensions.enabledAddons: %7BBBDA0591-3099-440a-AA10-41764D9DB4DB%7D:12.0.5.3%20-%201
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1
FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Łukasz\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Łukasz\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Łukasz\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Łukasz\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Łukasz\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\ [2014-02-19 09:27:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF [2013-11-23 05:09:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Łukasz\AppData\Roaming\IDM\idmmzcc5 [2013-11-11 11:35:50 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Łukasz\AppData\Roaming\IDM\idmmzcc5 [2013-11-11 11:35:50 | 000,000,000 | ---D | M]

[2013-11-04 17:05:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Łukasz\AppData\Roaming\mozilla\Extensions
[2014-02-18 12:24:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Łukasz\AppData\Roaming\mozilla\Firefox\Profiles\v9ylzi5w.default\extensions
[2013-11-06 02:12:38 | 000,010,043 | ---- | M] () (No name found) -- C:\Users\Łukasz\AppData\Roaming\mozilla\firefox\profiles\v9ylzi5w.default\extensions\IplextoALL@ALLPlayer.org.xpi
[2014-02-12 19:29:56 | 000,178,893 | ---- | M] () (No name found) -- C:\Users\Łukasz\AppData\Roaming\mozilla\firefox\profiles\v9ylzi5w.default\extensions\p24ext@przelewy24.pl.xpi
[2013-11-07 16:54:57 | 000,015,799 | ---- | M] () (No name found) -- C:\Users\Łukasz\AppData\Roaming\mozilla\firefox\profiles\v9ylzi5w.default\extensions\trtransferfill@transferuj.pl.xpi
[2014-02-18 12:24:45 | 000,940,775 | ---- | M] () (No name found) -- C:\Users\Łukasz\AppData\Roaming\mozilla\firefox\profiles\v9ylzi5w.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014-02-15 10:41:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2014-02-15 10:41:20 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014-02-19 09:27:40 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\COFFPLGN
[2013-11-23 05:09:36 | 000,000,000 | ---D | M] (Norton Vulnerability Protection) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF

O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2:[b]64bit:[/b] - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~2\ALLPLA~1\Iplex\IPLEXT~1.DLL (ALLCinema Ltd.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [fst_pl_41]  File not found
O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe File not found
O4 - HKCU..\Run: [FLV Player] C:\Users\Łukasz\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe ()
O4 - HKCU..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:[b]64bit:[/b] - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\OFFICE11\EXCEL.EXE/3000 File not found
O8:[b]64bit:[/b] - Extra context menu item: Ściągnij przez IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8:[b]64bit:[/b] - Extra context menu item: Ściągnij wszystkie linki przez IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Ściągnij przez IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Ściągnij wszystkie linki przez IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.1.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F9DAE1B6-19C5-4395-998A-5D1F11ED267E}: DhcpNameServer = 10.1.1.1
O18:[b]64bit:[/b] - Protocol\Handler\msdaipp - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\mso-offdap11 - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Filter\text/xml - No CLSID value found
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2014-02-19 09:18:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\predm
[2014-02-19 09:15:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Absolute Uninstaller
[2014-02-19 09:15:45 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Roaming\GlarySoft
[2014-02-19 09:15:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Absolute Uninstaller
[2014-02-18 12:53:40 | 000,386,680 | ---- | C] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys
[2014-02-15 10:41:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014-02-14 05:55:00 | 000,548,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014-02-14 05:54:20 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014-02-14 05:54:20 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014-02-14 05:54:20 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014-02-14 05:54:19 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014-02-14 05:54:19 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014-02-14 05:54:19 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014-02-14 05:54:19 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014-02-14 05:54:18 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014-02-14 05:54:18 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014-02-14 05:54:18 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014-02-14 05:54:18 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014-02-14 05:54:17 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014-02-14 05:54:17 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014-02-14 05:54:17 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014-02-14 05:54:17 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014-02-14 05:54:17 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014-02-14 05:54:17 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014-02-14 05:54:16 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014-02-14 05:54:16 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014-02-14 05:54:16 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014-02-14 05:54:15 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014-02-14 05:54:15 | 001,964,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014-02-14 05:54:12 | 005,768,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014-02-13 21:15:51 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014-02-13 21:15:51 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014-02-13 21:15:43 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2014-02-13 21:15:43 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2014-02-13 21:15:43 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2014-02-13 21:15:43 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2014-02-13 21:15:42 | 000,553,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2014-02-13 21:15:42 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2014-02-13 21:15:42 | 000,528,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2014-02-13 21:15:42 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2014-02-13 21:15:42 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2014-02-13 21:15:42 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2014-02-13 21:15:42 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2014-02-13 21:15:42 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2014-02-13 21:15:42 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2014-02-13 21:15:41 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2014-02-13 21:15:41 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2014-02-13 21:15:41 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2014-02-13 21:15:41 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2014-02-13 21:15:29 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2014-02-13 21:15:28 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2014-02-11 13:26:44 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014-01-30 17:43:21 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\.android
[2014-01-30 17:42:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
[2014-01-29 13:48:33 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\Local Settings
[2014-01-29 13:47:31 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player
[2014-01-29 13:47:27 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Local\WebPlayer
[2014-01-29 13:44:46 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Roaming\NapiProjekt
[2014-01-26 08:44:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2014-01-26 08:44:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2014-01-26 08:44:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014-01-26 08:44:25 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014-01-26 08:44:11 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014-01-26 08:44:11 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014-01-26 08:44:11 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014-01-26 08:44:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014-01-26 08:44:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2014-01-26 08:36:26 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Local\Google

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2014-02-19 10:21:00 | 000,000,294 | ---- | M] () -- C:\Windows\tasks\FoxTab.job
[2014-02-19 10:15:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014-02-19 09:51:00 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1920341736-3238655564-193974235-1000UA.job
[2014-02-19 09:51:00 | 000,001,010 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1920341736-3238655564-193974235-1000Core.job
[2014-02-19 09:33:25 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014-02-19 09:33:25 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014-02-19 09:26:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014-02-19 09:26:09 | 3220,529,152 | -HS- | M] () -- C:\hiberfil.sys
[2014-02-19 09:15:46 | 000,001,106 | ---- | M] () -- C:\Users\Łukasz\Desktop\Absolute Uninstaller.lnk
[2014-02-19 09:15:46 | 000,000,168 | ---- | M] () -- C:\Users\Łukasz\Desktop\Glarysoft Freeware.url
[2014-02-18 17:37:38 | 000,386,680 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys
[2014-02-18 09:25:33 | 432,633,367 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014-02-17 11:57:26 | 004,002,382 | ---- | M] () -- C:\Users\Łukasz\Desktop\focus(old)_2004.pdf
[2014-02-16 23:18:58 | 000,509,409 | ---- | M] () -- C:\Users\Łukasz\Desktop\Bez tytułu.png
[2014-02-16 19:59:53 | 000,260,721 | ---- | M] () -- C:\Users\Łukasz\Desktop\reg_przenies_numer.pdf
[2014-02-15 15:49:05 | 000,115,298 | ---- | M] () -- C:\Users\Łukasz\Desktop\prawko2.JPG
[2014-02-15 15:49:04 | 000,105,661 | ---- | M] () -- C:\Users\Łukasz\Desktop\prawko1.JPG
[2014-02-14 13:48:24 | 001,117,428 | ---- | M] () -- C:\Users\Łukasz\Desktop\2014-02-14 12.48.24.jpg
[2014-02-14 10:03:44 | 001,360,042 | ---- | M] () -- C:\Users\Łukasz\Desktop\2014-02-14 09.46.47.jpg
[2014-02-14 06:04:33 | 001,637,758 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014-02-14 06:04:33 | 000,737,730 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2014-02-14 06:04:33 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014-02-14 06:04:33 | 000,154,418 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2014-02-14 06:04:33 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014-02-14 06:04:19 | 001,637,758 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014-02-14 00:21:04 | 000,000,161 | ---- | M] () -- C:\Users\Łukasz\AppData\Roaming\WB.CFG
[2014-02-11 13:26:18 | 001,166,132 | ---- | M] () -- C:\Users\Łukasz\Desktop\AdwCleaner.exe
[2014-02-10 01:12:26 | 000,297,546 | ---- | M] () -- C:\Users\Łukasz\Desktop\kupon.jpg
[2014-02-06 12:30:12 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014-02-06 12:07:39 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014-02-06 12:06:47 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014-02-06 11:56:03 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014-02-06 11:52:11 | 000,574,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014-02-06 11:49:03 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014-02-06 11:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014-02-06 11:48:11 | 000,708,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014-02-06 11:32:49 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014-02-06 11:17:15 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014-02-06 11:11:37 | 005,768,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014-02-06 11:01:36 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014-02-06 11:00:46 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014-02-06 10:57:13 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014-02-06 10:52:21 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014-02-06 10:50:32 | 002,041,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014-02-06 10:49:22 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014-02-06 10:47:22 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014-02-06 10:46:27 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014-02-06 10:25:43 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014-02-06 10:09:30 | 001,964,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014-02-06 09:40:06 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014-02-06 09:34:31 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014-02-05 13:15:23 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014-02-05 13:15:23 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014-02-03 00:04:23 | 000,083,620 | ---- | M] () -- C:\Users\Łukasz\Desktop\wniosekd1.pdf
[2014-01-30 17:12:04 | 000,502,565 | ---- | M] () -- C:\Users\Łukasz\Desktop\kupon.png
[2014-01-29 13:47:31 | 000,002,147 | ---- | M] () -- C:\Users\Łukasz\Desktop\FLV Player.lnk
[2014-01-26 08:44:04 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014-01-26 08:44:04 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014-01-26 08:44:04 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014-01-26 08:44:03 | 000,174,504 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2014-02-19 09:15:46 | 000,001,106 | ---- | C] () -- C:\Users\Łukasz\Desktop\Absolute Uninstaller.lnk
[2014-02-19 09:15:46 | 000,000,168 | ---- | C] () -- C:\Users\Łukasz\Desktop\Glarysoft Freeware.url
[2014-02-17 11:57:08 | 004,002,382 | ---- | C] () -- C:\Users\Łukasz\Desktop\focus(old)_2004.pdf
[2014-02-16 20:00:00 | 000,260,721 | ---- | C] () -- C:\Users\Łukasz\Desktop\reg_przenies_numer.pdf
[2014-02-15 15:49:05 | 000,115,298 | ---- | C] () -- C:\Users\Łukasz\Desktop\prawko2.JPG
[2014-02-15 15:49:04 | 000,105,661 | ---- | C] () -- C:\Users\Łukasz\Desktop\prawko1.JPG
[2014-02-14 12:52:51 | 001,117,428 | ---- | C] () -- C:\Users\Łukasz\Desktop\2014-02-14 12.48.24.jpg
[2014-02-14 10:03:19 | 001,360,042 | ---- | C] () -- C:\Users\Łukasz\Desktop\2014-02-14 09.46.47.jpg
[2014-02-11 13:26:12 | 001,166,132 | ---- | C] () -- C:\Users\Łukasz\Desktop\AdwCleaner.exe
[2014-02-10 01:12:26 | 000,297,546 | ---- | C] () -- C:\Users\Łukasz\Desktop\kupon.jpg
[2014-02-03 00:04:29 | 000,083,620 | ---- | C] () -- C:\Users\Łukasz\Desktop\wniosekd1.pdf
[2014-01-30 17:12:04 | 000,502,565 | ---- | C] () -- C:\Users\Łukasz\Desktop\kupon.png
[2014-01-29 13:47:31 | 000,002,147 | ---- | C] () -- C:\Users\Łukasz\Desktop\FLV Player.lnk
[2014-01-26 08:36:27 | 000,001,062 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1920341736-3238655564-193974235-1000UA.job
[2014-01-26 08:36:26 | 000,001,010 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1920341736-3238655564-193974235-1000Core.job
[2014-01-02 16:02:39 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2013-12-18 20:49:01 | 000,000,161 | ---- | C] () -- C:\Users\Łukasz\AppData\Roaming\WB.CFG
[2013-11-04 20:14:45 | 000,217,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2013-11-04 18:04:18 | 000,644,608 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2013-11-04 18:04:18 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll
[2013-11-04 16:45:36 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2013-11-04 16:45:32 | 000,020,906 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2013-11-04 16:37:29 | 001,637,758 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013-07-26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013-07-26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== LOP Check ==========[/color]

[2013-11-04 17:21:36 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Canneverbe Limited
[2013-11-20 20:07:32 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\DAEMON Tools Lite
[2014-02-18 20:26:34 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\DMCache
[2014-02-19 09:23:16 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\GlarySoft
[2013-11-17 14:38:09 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\IDM
[2014-01-17 23:53:36 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Landwirt2014
[2013-11-05 12:12:16 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\MPC-HC
[2014-01-29 13:45:38 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\NapiProjekt

[color=#E56717]========== Purity Check ==========[/color]



< End of report >
djbahama11
~user
 
Posty: 59
Dołączenie: 12 Paź 2013, 17:37



Samoczynne włączanie sie reklam w przeglądarce.

Postprzez ordynat 19 Lut 2014, 11:53

Uruchom OTL i w oknie Własne opcje skanowania/Skrypt wklej to:
:OTL
[2014-01-30 17:43:21 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\.android
[2014-02-19 09:18:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\predm
O4 - HKLM..\Run: [fst_pl_41] File not found
O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe File not found

:Commands
[emptytemp]

Kliknij w Wykonaj Skrypt.

Raportu już nie dawaj.

Kończymy:
W Adw-Cleaner kliknij na przycisk Odinstaluj (UNINSTALL)
W OTL kliknij na przycisk Sprzątanie - to go usunie razem z jego Kwarantanną.
.
ordynat
~user
 
Posty: 4765
Dołączenie: 02 Kwi 2010, 11:18
Pochwały: 866



Samoczynne włączanie sie reklam w przeglądarce.

Postprzez djbahama11 19 Lut 2014, 14:26

Wszystko zrobione jak mówiles dzieki za pomoc reklam juz nie ma :) tylko jeszcze pytanie jakbys polecił mi jakis program do spyware zebym mogl sobie nim co 2 tygodnie skanowac? bo nortona mam ale jakos on tego typy nie znalazł :(
djbahama11
~user
 
Posty: 59
Dołączenie: 12 Paź 2013, 17:37



Samoczynne włączanie sie reklam w przeglądarce.

Postprzez MaTi 19 Lut 2014, 14:30

Myślę, że http://www.programosy.pl/program,malwarebytes-anti-malware.html byłby ok jako dodatek do Antywirusa.
Awatar użytkownika
MaTi
@admin
 
Posty: 3620
Dołączenie: 31 Paź 2003, 14:22
Miejscowość: Dąbrowa Górnicza
Pochwały: 206




Powróć do Bezpieczeństwo

Kto jest na forum

Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 15 gości