
Pobrałem niechcący jakiegoś wirusa, który zmienił mi google na gogolle... nie mam zupełnie pojęcia jak to naprawić....
Szukałem pomocy w internecie, znalazłem program OTL i wykonałem skany wedle tutoriala, ale nie wiem co mam zrobić dalej... wklejam pliki które pokazały mi się po wykonaniu skanu. Bardzo proszę o pomoc...
OTL:
- Kod: Zaznacz wszystko
- OTL logfile created on: 2013-11-14 10:34:19 - Run 2
 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\dom\Pulpit
 Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
 Internet Explorer (Version = 7.0.5730.13)
 Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
 1,99 Gb Total Physical Memory | 1,22 Gb Available Physical Memory | 61,41% Memory free
 3,84 Gb Paging File | 3,24 Gb Available in Paging File | 84,28% Paging File free
 Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
 %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
 Drive C: | 19,53 Gb Total Space | 3,07 Gb Free Space | 15,71% Space Free | Partition Type: NTFS
 Drive D: | 27,49 Gb Total Space | 10,07 Gb Free Space | 36,63% Space Free | Partition Type: NTFS
 Drive E: | 27,49 Gb Total Space | 14,92 Gb Free Space | 54,26% Space Free | Partition Type: NTFS
 
 Computer Name: PC | User Name: dom | Logged in as Administrator.
 Boot Mode: Normal | Scan Mode: All users
 Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
 [color=#E56717]========== Processes (SafeList) ==========[/color]
 
 PRC - [2013-11-14 10:27:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\dom\Pulpit\OTL.exe
 PRC - [2013-11-10 18:20:26 | 002,420,248 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
 PRC - [2013-11-10 18:20:26 | 001,734,680 | ---- | M] (AVG Secure Search) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe
 PRC - [2013-11-10 18:20:25 | 000,159,768 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\loggingserver.exe
 PRC - [2013-11-05 23:18:59 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
 PRC - [2012-02-15 17:56:52 | 000,147,784 | ---- | M] () -- C:\Program Files\Browsers Protector\regmon32.exe
 PRC - [2012-01-18 13:02:04 | 000,508,136 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
 PRC - [2010-06-03 20:51:45 | 000,057,344 | ---- | M] () -- C:\WINDOWS\system32\XYNTService.exe
 PRC - [2009-11-25 00:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
 PRC - [2009-11-25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
 PRC - [2009-11-25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
 PRC - [2009-11-25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
 PRC - [2009-11-25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
 PRC - [2008-04-15 00:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
 PRC - [2006-11-02 20:40:12 | 000,174,656 | ---- | M] () -- C:\Program Files\Common Files\Protexis\License Service\PSIService.exe
 PRC - [2005-02-16 16:15:20 | 000,581,632 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
 
 
 [color=#E56717]========== Modules (No Company Name) ==========[/color]
 
 MOD - [2013-11-10 18:20:26 | 002,420,248 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
 MOD - [2013-11-10 18:20:26 | 000,519,704 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\log4cplusU.dll
 MOD - [2013-11-10 18:20:26 | 000,142,360 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.2\SiteSafety.dll
 MOD - [2013-11-10 18:20:25 | 000,159,768 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\loggingserver.exe
 MOD - [2013-11-05 23:18:58 | 003,368,048 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
 MOD - [2013-10-10 17:17:06 | 016,233,864 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll
 MOD - [2012-02-15 17:56:52 | 000,147,784 | ---- | M] () -- C:\Program Files\Browsers Protector\regmon32.exe
 MOD - [2010-06-03 20:51:45 | 000,057,344 | ---- | M] () -- C:\WINDOWS\system32\XYNTService.exe
 MOD - [2006-11-02 20:40:12 | 000,174,656 | ---- | M] () -- C:\Program Files\Common Files\Protexis\License Service\PSIService.exe
 MOD - [2006-09-14 00:20:24 | 000,126,464 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
 MOD - [2001-10-28 16:42:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\pdfcmnnt.dll
 
 
 [color=#E56717]========== Services (SafeList) ==========[/color]
 
 SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
 SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state)
 SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
 SRV - [2013-11-10 18:20:26 | 001,734,680 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe -- (vToolbarUpdater17.1.2)
 SRV - [2013-11-05 23:18:59 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
 SRV - [2013-10-10 17:17:08 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
 SRV - [2010-06-03 20:51:45 | 000,057,344 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\XYNTService.exe -- (Network APP)
 SRV - [2009-11-25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
 SRV - [2009-11-25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
 SRV - [2009-11-25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
 SRV - [2009-11-25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
 SRV - [2006-11-02 20:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Protexis\License Service\PSIService.exe -- (ProtexisLicensing)
 
 
 [color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
 DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
 DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
 DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
 DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
 DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
 DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
 DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
 DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
 DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
 DRV - [2013-11-10 18:20:26 | 000,037,664 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
 DRV - [2012-03-27 16:03:36 | 006,100,072 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
 DRV - [2009-11-25 00:50:59 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
 DRV - [2009-11-25 00:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
 DRV - [2009-11-25 00:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
 DRV - [2009-11-25 00:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
 DRV - [2009-11-25 00:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
 DRV - [2009-11-25 00:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
 DRV - [2009-11-18 06:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
 DRV - [2009-11-18 06:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
 DRV - [2009-03-21 20:38:54 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
 DRV - [2008-07-01 04:27:44 | 000,108,800 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
 
 
 [color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
 [color=#E56717]========== Internet Explorer ==========[/color]
 
 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.v9.com/?utm_source=b&utm_medium=bnd&from=bnd&uid=WDCXWD800JB-00JJC0_WD-WCAM9L68252382523&ts=1375694699
 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://en.v9.com/?utm_source=b&utm_medium=bnd&from=bnd&uid=WDCXWD800JB-00JJC0_WD-WCAM9L68252382523&ts=1375694699
 IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
 IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.v9.com/web/?utm_source=b&utm_medium=bnd&from=bnd&uid=WDCXWD800JB-00JJC0_WD-WCAM9L68252382523&ts=1375694699
 
 
 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
 IE - HKU\S-1-5-21-823518204-1844823847-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.v9.com/?utm_source=b&utm_medium=bnd&from=bnd&uid=WDCXWD800JB-00JJC0_WD-WCAM9L68252382523&ts=1375694699
 IE - HKU\S-1-5-21-823518204-1844823847-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
 IE - HKU\S-1-5-21-823518204-1844823847-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
 IE - HKU\S-1-5-21-823518204-1844823847-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
 IE - HKU\S-1-5-21-823518204-1844823847-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www1.delta-search.com/?babsrc=HP_ss&mntrId=58AC001966952923&affID=119357&tt=070813_wt4&tsp=4968
 IE - HKU\S-1-5-21-823518204-1844823847-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
 IE - HKU\S-1-5-21-823518204-1844823847-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
 IE - HKU\S-1-5-21-823518204-1844823847-1417001333-1003\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
 IE - HKU\S-1-5-21-823518204-1844823847-1417001333-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 IE - HKU\S-1-5-21-823518204-1844823847-1417001333-1003\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=58AC001966952923&affID=119357&tt=070813_wt4&tsp=4968
 IE - HKU\S-1-5-21-823518204-1844823847-1417001333-1003\..\SearchScopes\{19F2B849-4ADE-4d4b-85F9-C31C643DBDE9}: "URL" = http://www.fastbrowsersearch.com/results/results.aspx?q={searchTerms}&c=web&s=DSP&v=19&tid={EC4C59CD-7593-4dea-86F1-ECA11E6221EE}
 IE - HKU\S-1-5-21-823518204-1844823847-1417001333-1003\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=88a11b06-b24c-11e1-863d-001966952923&q={searchTerms}
 IE - HKU\S-1-5-21-823518204-1844823847-1417001333-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sear
 IE - HKU\S-1-5-21-823518204-1844823847-1417001333-1003\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={45D53C71-D0B2-4EAA-9929-CB9024517F29}&mid=e5279062739947d0abadd1502071c0d0-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=pl&ds=xn011&pr=sa&d=2012-12-03 21:48:01&v=15.5.0.2&pid=avg&sg=0&sap=dsp&q={searchTerms}
 IE - HKU\S-1-5-21-823518204-1844823847-1417001333-1003\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678
 IE - HKU\S-1-5-21-823518204-1844823847-1417001333-1003\..\SearchScopes\{DA92724E-A2FB-40DB-9C2F-D24020043F9E}: "URL" = http://www.google.pl/cse?q={searchTerms}&cx=partner-pub-2489206448026482%3A4041638047&tbm=&ie=UTF-8#gsc.tab=0&gsc.q={searchTerms}
 IE - HKU\S-1-5-21-823518204-1844823847-1417001333-1003\..\SearchScopes\{DEDA9F40-49D6-4D2B-A41F-B8EAF24CD90F}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=512435&p={searchTerms}
 IE - HKU\S-1-5-21-823518204-1844823847-1417001333-1003\..\SearchScopes\{F0603834-136E-4B9F-9140-E404B9F13F03}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
 IE - HKU\S-1-5-21-823518204-1844823847-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 [color=#E56717]========== FireFox ==========[/color]
 
 FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=512435"
 FF - prefs.js..browser.search.useDBForOrder: true
 FF - prefs.js..browser.startup.homepage: "http://startsear.ch/?aff=1&cf=88a11b06-b24c-11e1-863d-001966952923"
 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0
 
 
 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
 FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.2\\npsitesafety.dll ()
 FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
 FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
 FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
 FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
 FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
 FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
 FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
 FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
 FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
 FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
 FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
 
 FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\avg@toolbar: C:\Documents and Settings\All Users\Dane aplikacji\AVG Secure Search\FireFoxExt\17.1.2.1 [2013-11-10 18:20:41 | 000,000,000 | ---D | M]
 FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
 FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013-11-05 23:18:50 | 000,000,000 | ---D | M]
 
 [2012-06-09 19:05:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\dom\Dane aplikacji\Mozilla\Extensions
 [2013-10-06 16:56:37 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\dom\Dane aplikacji\Mozilla\Firefox\Profiles\1o1silgd.default\extensions
 [2013-09-28 21:52:58 | 000,003,727 | ---- | M] () -- C:\Documents and Settings\dom\Dane aplikacji\Mozilla\Firefox\Profiles\1o1silgd.default\searchplugins\avg-secure-search.xml
 [2013-08-08 14:00:40 | 000,006,547 | ---- | M] () -- C:\Documents and Settings\dom\Dane aplikacji\Mozilla\Firefox\Profiles\1o1silgd.default\searchplugins\babylon.xml
 [2013-08-08 10:43:34 | 000,000,915 | ---- | M] () -- C:\Documents and Settings\dom\Dane aplikacji\Mozilla\Firefox\Profiles\1o1silgd.default\searchplugins\yahoo.xml
 [2013-11-05 23:18:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\Extensions
 [2013-11-05 23:18:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
 [2013-11-05 23:18:59 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 [2009-06-15 10:14:40 | 000,120,296 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npganymedenet.dll
 [2013-05-21 09:10:16 | 000,003,716 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
 [2012-01-12 18:29:11 | 000,002,310 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
 [2013-08-05 10:24:59 | 000,000,730 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\v9.xml
 
 [color=#E56717]========== Chrome ==========[/color]
 
 CHR - homepage: http://www.google.com
 
 O1 HOSTS File: ([2013-01-11 14:23:39 | 000,000,897 | RHS- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
 O1 - Hosts: 127.0.0.1 localhost
 O1 - Hosts: 212.59.241.155 google.pl
 O1 - Hosts: 212.59.241.155 http://www.google.pl
 O1 - Hosts: 212.59.241.155 v9.com
 O1 - Hosts: 212.59.241.155 http://www.v9.com
 O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com
 O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
 O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
 O2 - BHO: (no name) - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - No CLSID value found.
 O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\17.1.2.1\AVG Secure Search_toolbar.dll (AVG Secure Search)
 O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\17.1.2.1\AVG Secure Search_toolbar.dll (AVG Secure Search)
 O3 - HKU\S-1-5-21-823518204-1844823847-1417001333-1003\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
 O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
 O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
 O4 - HKLM..\Run: [Browsers Protector] C:\Program Files\Browsers Protector\regmon32.exe ()
 O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
 O4 - HKU\S-1-5-21-823518204-1844823847-1417001333-1003..\Run: [Uhefg] C:\Documents and Settings\dom\Dane aplikacji\Qiyru\moaq.exe ()
 O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found
 O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found
 O4 - HKU\S-1-5-19..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found
 O4 - HKU\S-1-5-20..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found
 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
 O7 - HKU\S-1-5-21-823518204-1844823847-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
 O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
 O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
 O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
 O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
 O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 87.204.204.204 62.233.233.233
 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{775CCC85-4084-4354-8231-705B356D8AD3}: DhcpNameServer = 87.204.204.204 62.233.233.233
 O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.1.2\ViProtocol.dll (AVG Secure Search)
 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
 O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
 O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
 O24 - Desktop WallPaper: C:\Documents and Settings\dom\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
 O24 - Desktop BackupWallPaper: C:\Documents and Settings\dom\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
 O32 - HKLM CDRom: AutoRun - 1
 O32 - AutoRun File - [2009-03-18 15:17:07 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
 O33 - MountPoints2\{0b20daec-94c8-11e0-819a-001966952923}\Shell - "" = AutoRun
 O33 - MountPoints2\{0b20daec-94c8-11e0-819a-001966952923}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
 O33 - MountPoints2\{5f00ed23-76d9-11df-bbe0-001966952923}\Shell - "" = AutoRun
 O33 - MountPoints2\{5f00ed23-76d9-11df-bbe0-001966952923}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
 O34 - HKLM BootExecute: (autocheck autochk *)
 O35 - HKLM\..comfile [open] -- "%1" %*
 O35 - HKLM\..exefile [open] -- "%1" %*
 O37 - HKLM\...com [@ = comfile] -- "%1" %*
 O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
 O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
 [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
 [2013-11-14 10:27:27 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\dom\Pulpit\OTL.exe
 [2013-11-14 09:21:05 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\dom\Recent
 [2013-11-05 23:18:48 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
 [2013-11-03 16:59:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dom\Pulpit\Ke_Ke-Takie_Rzeczy-PL-2013-EMPiK
 [2013-10-22 20:21:42 | 000,000,000 | ---D | C] -- C:\output
 [2012-04-20 22:26:14 | 006,950,552 | ---- | C] (Microsoft Corporation) -- C:\Program Files\Silverlight.exe
 [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
 [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
 [2013-11-14 10:27:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\dom\Pulpit\OTL.exe
 [2013-11-14 10:07:00 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
 [2013-11-14 09:37:05 | 000,001,030 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
 [2013-11-14 08:51:11 | 000,001,026 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
 [2013-11-14 08:51:10 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
 [2013-11-14 08:51:00 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
 [2013-11-10 18:20:56 | 000,003,727 | ---- | M] () -- C:\Program Files\Mozilla Firefoxavg-secure-search.xml
 [2013-11-10 18:20:26 | 000,037,664 | ---- | M] (AVG Technologies) -- C:\WINDOWS\System32\drivers\avgtpx86.sys
 [2013-11-03 16:57:20 | 073,271,459 | ---- | M] () -- C:\Documents and Settings\dom\Pulpit\Ke_Ke-Takie_Rzeczy-PL-2013-EMPiK.rar
 [2013-11-02 16:00:58 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
 [2013-10-27 07:54:17 | 000,391,448 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
 [2013-10-27 07:54:17 | 000,344,584 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
 [2013-10-27 07:54:17 | 000,067,132 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
 [2013-10-27 07:54:17 | 000,053,040 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
 [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
 [color=#E56717]========== Files Created - No Company Name ==========[/color]
 
 [2013-11-03 16:31:09 | 073,271,459 | ---- | C] () -- C:\Documents and Settings\dom\Pulpit\Ke_Ke-Takie_Rzeczy-PL-2013-EMPiK.rar
 [2013-06-27 16:32:19 | 000,003,727 | ---- | C] () -- C:\Program Files\Mozilla Firefoxavg-secure-search.xml
 [2012-04-09 14:54:03 | 000,021,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTAIODAT.DAT
 [2011-05-03 00:33:40 | 000,002,516 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\KGyGaAvL.sys
 [2011-05-03 00:33:40 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\1E9963B8AD.sys
 [2010-10-21 12:12:59 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\Audio
 [2010-10-21 12:12:59 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\Analog Pad
 [2010-10-05 16:29:28 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\PKP_DLdw.DAT
 [2010-10-05 16:29:28 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\dom\Dane aplikacji\Audio Unit Effect
 [2010-10-05 16:28:16 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\PKP_DLdu.DAT
 [2009-03-21 21:28:34 | 000,065,024 | ---- | C] () -- C:\Documents and Settings\dom\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
 [color=#E56717]========== ZeroAccess Check ==========[/color]
 
 [2011-05-02 22:52:05 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
 [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
 [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
 [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 "" = %SystemRoot%\system32\shdocvw.dll -- [2008-04-15 00:50:48 | 001,499,136 | ---- | M] (Microsoft Corporation)
 "ThreadingModel" = Apartment
 
 [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
 "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2008-04-15 00:50:32 | 000,472,064 | ---- | M] (Microsoft Corporation)
 "ThreadingModel" = Free
 
 [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008-04-15 00:50:58 | 000,273,920 | ---- | M] (Microsoft Corporation)
 "ThreadingModel" = Both
 
 [color=#E56717]========== LOP Check ==========[/color]
 
 [2013-06-27 16:34:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG Secure Search
 [2012-01-12 18:29:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Babylon
 [2013-10-06 13:14:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BonanzaDealsLive
 [2012-12-03 21:47:42 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files
 [2013-08-08 07:49:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
 [2010-10-05 16:29:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\EnterNHelp
 [2013-08-07 10:42:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\eSafe
 [2010-11-12 11:47:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
 [2013-10-06 12:16:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData
 [2013-08-08 15:18:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Tarma Installer
 [2009-07-19 18:56:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Tlen.pl
 [2010-10-05 16:29:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ultima_T15
 [2010-04-13 22:29:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dom\Dane aplikacji\ASCON
 [2012-12-03 21:48:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dom\Dane aplikacji\AVG Secure Search
 [2012-01-12 18:29:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dom\Dane aplikacji\Babylon
 [2013-05-21 19:18:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dom\Dane aplikacji\BitTorrent
 [2012-10-18 18:22:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dom\Dane aplikacji\CGIS
 [2013-09-18 17:46:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dom\Dane aplikacji\eDownload
 [2013-08-05 10:22:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dom\Dane aplikacji\eIntaller
 [2012-09-13 14:49:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dom\Dane aplikacji\Fuleav
 [2010-12-13 21:52:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dom\Dane aplikacji\Gadu-Gadu 10
 [2010-07-22 16:06:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dom\Dane aplikacji\GanymedeNet
 [2013-05-28 14:25:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dom\Dane aplikacji\GG
 [2010-10-06 04:58:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dom\Dane aplikacji\Nikon
 [2012-03-05 21:33:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dom\Dane aplikacji\OpenOffice.org
 [2009-03-18 18:10:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dom\Dane aplikacji\OpenOffice.ux.pl
 [2013-10-22 20:26:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dom\Dane aplikacji\PhotoScape
 [2012-09-13 14:49:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dom\Dane aplikacji\Qiyru
 [2012-12-05 22:39:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dom\Dane aplikacji\Qoxaag
 [2009-03-18 15:25:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dom\Dane aplikacji\Thinstall
 [2013-08-08 15:16:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dom\Dane aplikacji\uTorrent
 
 [color=#E56717]========== Purity Check ==========[/color]
 
 
 < End of report >
 Extras:
 OTL Extras logfile created on: 2013-11-14 10:34:19 - Run 2
 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\dom\Pulpit
 Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
 Internet Explorer (Version = 7.0.5730.13)
 Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
 1,99 Gb Total Physical Memory | 1,22 Gb Available Physical Memory | 61,41% Memory free
 3,84 Gb Paging File | 3,24 Gb Available in Paging File | 84,28% Paging File free
 Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
 %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
 Drive C: | 19,53 Gb Total Space | 3,07 Gb Free Space | 15,71% Space Free | Partition Type: NTFS
 Drive D: | 27,49 Gb Total Space | 10,07 Gb Free Space | 36,63% Space Free | Partition Type: NTFS
 Drive E: | 27,49 Gb Total Space | 14,92 Gb Free Space | 54,26% Space Free | Partition Type: NTFS
 
 Computer Name: PC | User Name: dom | Logged in as Administrator.
 Boot Mode: Normal | Scan Mode: All users
 Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
 [color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
 [color=#E56717]========== File Associations ==========[/color]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
 .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
 .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
 
 [HKEY_USERS\S-1-5-21-823518204-1844823847-1417001333-1003\SOFTWARE\Classes\<extension>]
 .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
 [color=#E56717]========== Shell Spawning ==========[/color]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
 batfile [open] -- "%1" %*
 cmdfile [open] -- "%1" %*
 comfile [open] -- "%1" %*
 cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
 exefile [open] -- "%1" %*
 htmlfile [edit] -- Reg Error: Key error.
 http [open] -- Reg Error: Key error.
 https [open] -- Reg Error: Key error.
 InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
 piffile [open] -- "%1" %*
 regfile [merge] -- Reg Error: Key error.
 scrfile [config] -- "%1"
 scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
 scrfile [open] -- "%1" /S
 txtfile [edit] -- Reg Error: Key error.
 Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
 Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
 Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
 Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
 Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
 Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
 [color=#E56717]========== Security Center Settings ==========[/color]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 "FirstRunDisabled" = 1
 "UpdatesDisableNotify" = 0
 "AntiVirusDisableNotify" = 0
 "FirewallDisableNotify" = 0
 "AntiVirusOverride" = 0
 "FirewallOverride" = 0
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
 [color=#E56717]========== System Restore Settings ==========[/color]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
 "DisableSR" = 0
 
 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
 "Start" = 0
 
 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
 "Start" = 2
 
 [color=#E56717]========== Firewall Settings ==========[/color]
 
 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
 
 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 "1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
 "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
 "1034:TCP" = 1034:TCP:*:Enabled:Akamai NetSession Interface
 "5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface
 
 [color=#E56717]========== Authorized Applications List ==========[/color]
 
 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
 "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
 
 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
 "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
 "C:\Program Files\BearShare\BearShare.exe" = C:\Program Files\BearShare\BearShare.exe:*:Disabled:BearShare
 "C:\Program Files\Tlen.pl\tlen.exe" = C:\Program Files\Tlen.pl\tlen.exe:*:Enabled:Komunikator Tlen.pl
 "C:\Team17\Worms2\frontend.exe" = C:\Team17\Worms2\frontend.exe:*:Enabled:Worms 2 Frontend
 "C:\Program Files\Google\Google Earth\plugin\geplugin.exe" = C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google)
 "D:\Programy\Gadu-Gadu 10\gg.exe" = D:\Programy\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.)
 "C:\Program Files\1ClickDownload\1ClickDownload.exe" = C:\Program Files\1ClickDownload\1ClickDownload.exe:*:Enabled:1ClickDownload
 "C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Disabled:Eksplorator Windows -- (Microsoft Corporation)
 "C:\bin\vray.exe" = C:\bin\vray.exe:*:Disabled:V-Ray Standalone
 "C:\Documents and Settings\dom\Dane aplikacji\Spotify\spotify.exe" = C:\Documents and Settings\dom\Dane aplikacji\Spotify\spotify.exe:*:Enabled:Spotify
 "C:\Documents and Settings\All Users\Dane aplikacji\eSafe\eGdpSvc.exe" = C:\Documents and Settings\All Users\Dane aplikacji\eSafe\eGdpSvc.exe:*:Enabled:WsysSvc -- (Wsys Co., Ltd.)
 
 
 [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
 "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
 "{237CD223-1B9D-47E8-A76C-E478B83CCEA2}" = File Uploader
 "{26A24AE4-039D-4CA4-87B4-2F83216032FF}" = Java(TM) 6 Update 32
 "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
 "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
 "{45F80C55-3EBB-41C6-8451-C0DAEF4FA9E0}" = OpenOffice.ux.pl 3.2
 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
 "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
 "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
 "{79361740-EAE3-11E2-9911-B8AC6F98CCE3}" = Google Earth Plug-in
 "{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
 "{A13D16C5-38A9-4D96-9647-59FCCAB12A85}" = Visual Basic for Applications (R) Core - English
 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
 "{AC76BA86-7AD7-1045-7B44-A81200000003}" = Adobe Reader 8 - Polish
 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
 "{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
 "{FB97C283-1F3C-42D4-AE01-ADC1DC12F774}" = Visual Basic for Applications (R) Core
 "Ad-Aware SE Personal" = Ad-Aware SE Personal
 "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
 "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
 "ALLPlayer V3.5.6.3_is1" = ALLPlayer V3.X
 "avast!" = avast! Antivirus
 "AVG Secure Search" = AVG Security Toolbar
 "Browsers Protector" = Browsers Protector
 "CCleaner" = CCleaner (remove only)
 "ffdshow_is1" = ffdshow [rev 3164] [2009-12-14]
 "Gadu-Gadu 10" = Gadu-Gadu 10
 "HDMI" = Intel(R) Graphics Media Accelerator Driver
 "KLiteCodecPack_is1" = K-Lite Mega Codec Pack 4.0.0
 "Mozilla Firefox 25.0 (x86 pl)" = Mozilla Firefox 25.0 (x86 pl)
 "MozillaMaintenanceService" = Mozilla Maintenance Service
 "Nero - Burning Rom!UninstallKey" = Nero OEM
 "Winamp" = Winamp
 "WinRAR archiver" = Archiwizator WinRAR
 "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
 "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
 
 [color=#E56717]========== Last 20 Event Log Errors ==========[/color]
 
 [ Antivirus Events ]
 Error - 2012-12-30 10:54:23 | Computer Name = PC | Source = avast! | ID = 33554522
 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
 C:\Documents and Settings\dom\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User
 Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\89T9X8BK\s.ytimg.com\videostats.sxx
 failed, 00000005.
 
 Error - 2012-12-30 10:54:25 | Computer Name = PC | Source = avast! | ID = 33554522
 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
 C:\Documents and Settings\dom\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User
 Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\89T9X8BK\s.ytimg.com\videostats.sxx
 failed, 00000005.
 
 Error - 2012-12-30 10:54:29 | Computer Name = PC | Source = avast! | ID = 33554522
 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
 C:\Documents and Settings\dom\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User
 Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\89T9X8BK\s.ytimg.com\videostats.sxx
 failed, 00000005.
 
 Error - 2012-12-30 10:54:34 | Computer Name = PC | Source = avast! | ID = 33554522
 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
 C:\Documents and Settings\dom\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User
 Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\89T9X8BK\s.ytimg.com\videostats.sxx
 failed, 00000005.
 
 Error - 2012-12-30 10:54:50 | Computer Name = PC | Source = avast! | ID = 33554522
 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
 C:\Documents and Settings\dom\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User
 Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\89T9X8BK\s.ytimg.com\videostats.sxx
 failed, 00000005.
 
 Error - 2012-12-30 10:54:54 | Computer Name = PC | Source = avast! | ID = 33554522
 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
 C:\Documents and Settings\dom\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User
 Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\89T9X8BK\s.ytimg.com\videostats.sxx
 failed, 00000005.
 
 Error - 2012-12-30 10:54:57 | Computer Name = PC | Source = avast! | ID = 33554522
 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
 C:\Documents and Settings\dom\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User
 Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\89T9X8BK\s.ytimg.com\videostats.sxx
 failed, 00000005.
 
 Error - 2012-12-30 10:57:31 | Computer Name = PC | Source = avast! | ID = 33554522
 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
 C:\Documents and Settings\dom\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User
 Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\89T9X8BK\s.ytimg.com\soundData.sxx
 failed, 00000005.
 
 Error - 2013-07-26 07:19:45 | Computer Name = PC | Source = avast! | ID = 33554522
 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
 C:\Documents and Settings\dom\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\1o1silgd.default\Cache\7\16\78A58d01
 failed, 0000A413.
 
 Error - 2013-08-03 09:26:30 | Computer Name = PC | Source = avast! | ID = 33554522
 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
 http://s10008.chomikuj.pl/File.aspx?e=Gz619GLaqGOVFFVeXD0oyjvOA2ElLhp-G5D8ZYW3eALUHxb_sxACENMxqGJBtyUBihpCGQQz0IGijHU6ChEhWit42fwzRJqXtnT1ivn3i8-VEbksz_euBDdMVvpR6EeES7vP2bbQKS9GH6ITYPrZUIMkyfCokPJC3U3q5-TM5gA&pv=2
 failed, 0000001E.
 
 [ Application Events ]
 Error - 2013-09-18 12:48:47 | Computer Name = PC | Source = Application Hang | ID = 1002
 Description = Aplikacja zawieszająca firefox.exe, wersja 24.0.0.5001, moduł zawieszenia
 hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.
 
 Error - 2013-09-19 11:57:51 | Computer Name = PC | Source = Application Hang | ID = 1002
 Description = Aplikacja zawieszająca firefox.exe, wersja 24.0.0.5001, moduł zawieszenia
 hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.
 
 Error - 2013-10-06 08:14:56 | Computer Name = PC | Source = MsiInstaller | ID = 11316
 Description = Product: Google Update Helper -- Error 1316. A network error occurred
 while attempting to read from the file: C:\Program Files\BonanzaDealsLive\Update\1.3.23.0\GoogleUpdateHelper.msi
 
 Error - 2013-10-11 08:56:31 | Computer Name = PC | Source = Application Hang | ID = 1002
 Description = Aplikacja zawieszająca nero.exe, wersja 6.3.1.11, moduł zawieszenia
 hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.
 
 
 < End of report >

 
	

 ) Dziękuję serdecznie. Tylko przy instalowaniu javy na końcu wystąpił jakiś error- niestety nie zdążyłem przeczytać co było tam napisane... Ale wszystko raczej działa bez problemu. Swoją drogą nie wiem co za ludzie wrzucają do plików tego typu robaki.... Jeszcze raz serdecznie dziękuję za pomoc!!!!
) Dziękuję serdecznie. Tylko przy instalowaniu javy na końcu wystąpił jakiś error- niestety nie zdążyłem przeczytać co było tam napisane... Ale wszystko raczej działa bez problemu. Swoją drogą nie wiem co za ludzie wrzucają do plików tego typu robaki.... Jeszcze raz serdecznie dziękuję za pomoc!!!!