OTL13-02-14.Txt

Ścina kompa, wolno pracuje, obciąża neta

Witajcie ponownie, żeby nie zakładać kolejnego tematu postanowiłem podpiąć się pod ten bo podobne objawy ma. Jak wiecie ostatnio były ataki na routery neostrady i oczywiście miałem takie szczęście, że i mnie najprawdopodobniej się to tyczyło gdyż miałem problemy z netem. Ale miałem pozmieniane hasła do routera itp więc chyba aż takich szkód mi nie narobili. Jednak coś dziwnie chodzi mój komputer ostatnio, jak skanuje go avastem nic nie wykrywa. Malwerem wykrywa 99 infekcji, które usuwam, potem adwcleaner i też usuń ale ten ostatni już w trybie awaryjnym bo w normalnym się zawiesza. Tu macie logi, możecie sprawdzić co jeszcze można zrobić? Na sam koniec log z OTL-a już po wszystkim z góry dzięki


OTL logfile created on: 2014-02-13 13:38:58 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\user\Moje dokumenty\Downloads
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1,96 Gb Total Physical Memory | 0,72 Gb Available Physical Memory | 36,83% Memory free
3,81 Gb Paging File | 2,65 Gb Available in Paging File | 69,57% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 300,10 Gb Total Space | 105,53 Gb Free Space | 35,17% Space Free | Partition Type: NTFS
Drive D: | 631,41 Gb Total Space | 146,40 Gb Free Space | 23,19% Space Free | Partition Type: NTFS

Computer Name: USER-139A1ECCB4 | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2014-02-13 13:38:53 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Moje dokumenty\Downloads\OTL.exe
PRC - [2014-02-03 13:35:51 | 003,767,096 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014-02-03 13:35:50 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014-02-02 00:42:39 | 000,866,632 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013-12-19 22:10:21 | 000,076,352 | ---- | M] (GG Network S.A.) -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\GG\Application\xulrunner\gghub.exe
PRC - [2013-12-19 22:10:20 | 004,047,424 | ---- | M] (GG Network S.A.) -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\GG\Application\gghub.exe
PRC - [2013-12-19 22:10:17 | 000,132,672 | ---- | M] (GG Network S.A.) -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\GG\Application\ggapp.exe
PRC - [2013-10-01 13:14:40 | 005,087,584 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013-05-16 15:44:05 | 001,012,000 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013-05-16 15:38:39 | 001,826,592 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013-05-02 11:29:07 | 000,181,664 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013-04-10 14:28:28 | 000,885,096 | ---- | M] () -- C:\Program Files\Ashampoo\Ashampoo WinOptimizer 10\LiveTunerService.exe
PRC - [2013-04-10 14:28:26 | 002,949,480 | ---- | M] (Ashampoo Development GmbH & Co. KG) -- C:\Program Files\Ashampoo\Ashampoo WinOptimizer 10\LiveTuner.exe
PRC - [2011-08-05 11:29:56 | 000,057,056 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Zune\ZuneBusEnum.exe
PRC - [2011-03-31 15:36:54 | 000,499,796 | ---- | M] (Atheros) -- C:\WINDOWS\system32\acs.exe
PRC - [2011-01-10 13:50:16 | 000,025,088 | ---- | M] () -- C:\Program Files\Dokan\DokanLibrary\mounter.exe
PRC - [2010-12-02 03:15:14 | 000,915,584 | R--- | M] () -- C:\Program Files\ASUS\AAHM\1.00.14\aaHMSvc.exe
PRC - [2010-11-03 10:30:14 | 000,918,144 | R--- | M] () -- C:\Program Files\ASUS\AXSP\1.00.13\atkexComSvc.exe
PRC - [2010-10-21 10:52:26 | 000,586,880 | R--- | M] () -- C:\Program Files\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
PRC - [2008-04-24 13:40:56 | 002,562,048 | ---- | M] (Aladdin Knowledge Systems Ltd.) -- C:\WINDOWS\system32\hasplms.exe
PRC - [2008-04-14 23:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2014-02-13 13:31:37 | 000,032,256 | ---- | M] () -- C:\Program Files\ASUS\AXSP\1.00.13\PEbiosinterface32.dll
MOD - [2014-02-13 08:37:26 | 002,180,096 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\14021300\algo.dll
MOD - [2014-02-02 00:42:37 | 000,399,688 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\32.0.1700.107\ppgooglenaclpluginchrome.dll
MOD - [2014-02-02 00:42:35 | 004,055,368 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\32.0.1700.107\pdf.dll
MOD - [2014-02-02 00:41:43 | 001,634,632 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll
MOD - [2013-12-19 22:10:22 | 003,006,528 | ---- | M] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\GG\Application\xulrunner\mozjs.dll
MOD - [2013-12-10 17:32:40 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013-11-22 02:19:58 | 016,237,448 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_152.dll
MOD - [2013-09-02 12:10:44 | 016,166,248 | ---- | M] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\GG\Application\FMSBWChecker\Adobe AIR\Versions\1.0\Resources\NPSWF32.dll
MOD - [2013-04-10 14:28:28 | 000,885,096 | ---- | M] () -- C:\Program Files\Ashampoo\Ashampoo WinOptimizer 10\LiveTunerService.exe
MOD - [2011-03-17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2011-01-10 13:50:16 | 000,025,088 | ---- | M] () -- C:\Program Files\Dokan\DokanLibrary\mounter.exe
MOD - [2010-12-02 03:15:14 | 000,915,584 | R--- | M] () -- C:\Program Files\ASUS\AAHM\1.00.14\aaHMSvc.exe
MOD - [2010-11-03 10:30:14 | 000,918,144 | R--- | M] () -- C:\Program Files\ASUS\AXSP\1.00.13\atkexComSvc.exe
MOD - [2010-10-21 10:52:26 | 000,586,880 | R--- | M] () -- C:\Program Files\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
MOD - [2010-06-29 03:58:46 | 000,104,448 | R--- | M] () -- C:\Program Files\ASUS\AXSP\1.00.13\ATKEX.dll
MOD - [2009-02-27 16:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files\Brother\BrUtilities\BrLogAPI.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - [2014-02-03 13:35:50 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013-11-22 02:19:59 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-10-01 13:14:40 | 005,087,584 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013-06-17 18:21:34 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013-05-16 15:38:39 | 001,826,592 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013-05-02 11:29:07 | 000,181,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013-04-10 14:28:28 | 000,885,096 | ---- | M] () [Auto | Running] -- C:\Program Files\Ashampoo\Ashampoo WinOptimizer 10\LiveTunerService.exe -- (WO_LiveService)
SRV - [2012-12-28 16:32:56 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012-11-09 12:21:16 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011-08-05 11:30:02 | 000,444,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV - [2011-08-05 11:30:02 | 000,268,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV - [2011-08-05 11:29:56 | 006,363,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV - [2011-08-05 11:29:56 | 000,057,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Zune\ZuneBusEnum.exe -- (ZuneBusEnum)
SRV - [2011-06-12 11:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2011-03-31 15:36:54 | 000,499,796 | ---- | M] (Atheros) [Auto | Running] -- C:\WINDOWS\system32\acs.exe -- (ACS)
SRV - [2011-03-31 15:36:52 | 000,360,529 | ---- | M] (wireless) [On_Demand | Stopped] -- C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\WPS\jswpsapi.exe -- (jswpsapi)
SRV - [2011-01-10 13:50:16 | 000,025,088 | ---- | M] () [Auto | Running] -- C:\Program Files\Dokan\DokanLibrary\mounter.exe -- (DokanMounter)
SRV - [2010-12-20 19:08:50 | 000,253,952 | ---- | M] () [Auto | Stopped] -- C:\Program Files\NetServer 2011 Plk\ZwAuServer.exe -- (ZwAuthServer)
SRV - [2010-12-02 03:15:14 | 000,915,584 | R--- | M] () [Auto | Running] -- C:\Program Files\ASUS\AAHM\1.00.14\aaHMSvc.exe -- (asHmComSvc)
SRV - [2010-11-03 10:30:14 | 000,918,144 | R--- | M] () [Auto | Running] -- C:\Program Files\ASUS\AXSP\1.00.13\atkexComSvc.exe -- (asComSvc)
SRV - [2010-10-21 10:52:26 | 000,586,880 | R--- | M] () [Auto | Running] -- C:\Program Files\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2010-01-25 08:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Stopped] -- C:\Program Files\Browny02\BrYNSvc.exe -- (BrYNSvc)
SRV - [2008-09-08 06:59:00 | 000,575,488 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008-04-24 13:40:56 | 002,562,048 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Auto | Running] -- C:\WINDOWS\system32\hasplms.exe -- (hasplms)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (Tosrfcom)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2014-02-06 01:35:01 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmonflt.sys -- (aswMonFlt)
DRV - [2014-02-03 13:35:53 | 000,775,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2014-02-03 13:35:53 | 000,410,784 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2014-02-03 13:35:53 | 000,057,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2014-02-03 13:35:53 | 000,054,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2013-12-23 15:11:09 | 000,180,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013-12-10 17:32:41 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013-02-25 06:27:48 | 000,128,672 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA)
DRV - [2012-12-28 18:10:09 | 000,022,016 | ---- | M] (Feitian Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rockey4.sys -- (ROCKEYNT)
DRV - [2012-08-29 21:30:53 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2012-08-21 10:13:14 | 000,018,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2012-05-10 14:05:36 | 000,021,624 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\Program Files\HWiNFO32\HWiNFO32.SYS -- (HWiNFO32)
DRV - [2011-12-21 13:47:50 | 000,027,744 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btnetBus.sys -- (btnetBUs)
DRV - [2011-07-28 19:06:06 | 001,763,584 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athuw.sys -- (AR9271)
DRV - [2011-03-31 15:36:52 | 000,058,208 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wsimd.sys -- (WSIMD)
DRV - [2011-03-31 15:36:52 | 000,057,440 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\jswscimd.sys -- (JSWSCIMD)
DRV - [2011-03-08 05:01:06 | 000,012,696 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\Ashampoo\Ashampoo WinOptimizer 10\LiveTunerProcessMonitor32.sys -- (LiveTunerPM)
DRV - [2011-02-24 03:30:52 | 000,308,200 | R--- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\asmtxhci.sys -- (asmtxhci)
DRV - [2011-02-24 03:30:52 | 000,100,328 | R--- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\asmthub3.sys -- (asmthub3)
DRV - [2011-01-14 08:06:40 | 000,277,352 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2011-01-10 13:50:18 | 000,091,904 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\dokan.sys -- (Dokan)
DRV - [2010-12-16 05:06:46 | 000,036,096 | R--- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbfilter.sys -- (usbfilter)
DRV - [2010-11-23 11:16:56 | 006,203,496 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2010-11-08 13:58:10 | 000,013,696 | ---- | M] (ASUSTek Computer Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\AiChargerPlus.sys -- (AiChargerPlus)
DRV - [2010-08-24 08:31:08 | 000,011,456 | R--- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO)
DRV - [2010-08-03 06:20:56 | 000,011,832 | R--- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsUpIO.sys -- (AsUpIO)
DRV - [2009-11-18 00:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009-11-18 00:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008-08-26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008-07-31 19:45:42 | 000,020,616 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\BtHidBus.sys -- (BtHidBus)
DRV - [2008-07-02 13:58:48 | 000,026,248 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\IvtBtBus.sys -- (IvtBtBUs)
DRV - [2008-03-18 16:09:16 | 000,350,720 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\aksfridge.sys -- (aksfridge)
DRV - [2008-02-11 16:55:04 | 000,586,240 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (Hardlock)
DRV - [2007-04-16 15:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2006-11-02 06:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: " URL " = http://www.bing.com/search?q={searchTerms} & FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: " URL " = http://www.bing.com/search?q={searchTerms} & FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: " ProxyEnable " = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2027: C:\Program Files\ACE Mega CoDecS Pack\SystemS\RealMedia\Browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1040: C:\Program Files\ACE Mega CoDecS Pack\SystemS\RealMedia\Browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.updaterss.com/SaveSenseLive Update;version=3: C:\Program Files\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.updaterss.com/SaveSenseLive Update;version=9: C:\Program Files\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-03 13:35:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013-06-17 18:21:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014-01-07 13:35:08 | 000,000,000 | ---D | M]

[2012-08-27 16:38:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Extensions
[2013-12-27 13:10:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\kh8uvkgr.default\extensions
[2013-12-27 13:10:56 | 000,000,000 | ---D | M] (SaveSense) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\kh8uvkgr.default\extensions\{8b337819-d1e8-48d3-8178-168ae8c99c36}
[2013-02-22 19:15:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\qbc06lpe.default-1351666813103\extensions
[2013-02-21 16:30:25 | 000,213,444 | ---- | M] () (No name found) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\kh8uvkgr.default\extensions\torntv@torntv.com.xpi
[2013-11-07 14:51:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\USER\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\KH8UVKGR.DEFAULT\EXTENSIONS\FFXTLBR@FUNMOODS.COM
[2013-06-17 18:21:35 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2003-01-13 15:08:06 | 000,499,712 | ---- | M] (Morgan Multimedia) -- C:\Program Files\mozilla firefox\plugins\npjp2.dll
[2012-10-30 22:27:27 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012-10-30 22:27:27 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2012-10-30 22:27:27 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2012-10-30 22:27:27 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2012-10-30 22:27:27 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-10-30 22:27:27 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms} & {google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient} & xssi=t & q={searchTerms} & {google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Widevine Content Decryption Module (Enabled) = C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\WidevineCDM\1.4.1.376\_platform_specific\win_x86\widevinecdmadapter.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Program Files\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\32.0.1700.107\pdf.dll
CHR - plugin: Morgan Multimedia JPEG2000 Netscape/Mozilla PlugIn (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npjp2.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Unity Player (Enabled) = C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\ACE Mega CoDecS Pack\SystemS\RealMedia\Browser\plugins\nprpjplug.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
CHR - plugin: Garmin Communicator Plug-In (Enabled) = C:\Program Files\Garmin GPS Plugin\npGarmin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U21 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_152.dll
CHR - plugin: Java Deployment Toolkit 7.0.210.11 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Google Wallet = C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\

O1 HOSTS File: ([2001-10-26 19:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [Ashampoo WinOptimizer Live-Tuner] C:\Program Files\Ashampoo\Ashampoo WinOptimizer 10\LiveTuner.exe (Ashampoo Development GmbH & Co. KG)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [Nvtmru] C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\TP-LINK Wireless Configuration Utility.lnk = C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E & ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Wyślij & do programu OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij & do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: & Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : & Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{467584D8-AC80-41A9-87D2-2AAF54A3B963}: NameServer = 192.168.1.1,194.204.159.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{95A25BD8-73BD-4894-9E26-970C97479B9B}: NameServer = 192.168.1.1,194.204.159.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012-08-27 18:53:03 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- " %1 " %*
O35 - HKLM\..exefile [open] -- " %1 " %*
O37 - HKLM\...com [@ = comfile] -- " %1 " %*
O37 - HKLM\...exe [@ = exefile] -- " %1 " %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2014-02-09 13:47:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Pulpit\l2
[2014-02-07 21:15:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Moje dokumenty\l2
[2014-02-07 20:06:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Pulpit\CS
[2014-02-07 16:33:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Pulpit\dsj
[2014-02-07 14:40:46 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014-01-18 13:24:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Moje dokumenty\lista

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2014-02-13 13:37:00 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2014-02-13 13:31:36 | 000,001,028 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014-02-13 13:31:34 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014-02-13 13:28:41 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014-02-13 13:16:00 | 000,000,916 | ---- | M] () -- C:\WINDOWS\tasks\SaveSenseLiveUpdateTaskMachineUA.job
[2014-02-13 13:09:00 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014-02-13 13:05:00 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014-02-13 02:51:38 | 000,009,952 | ---- | M] () -- C:\WINDOWS\System32\nvAppTimestamps
[2014-02-09 15:20:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System\ckjfjjku.ehb
[2014-02-09 14:12:16 | 000,001,345 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Lineage II.lnk
[2014-02-07 21:36:59 | 2655,406,104 | ---- | M] () -- C:\Documents and Settings\user\Moje dokumenty\l2.part2.rar
[2014-02-07 16:19:22 | 000,023,552 | ---- | M] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014-02-06 01:35:01 | 000,067,824 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmonflt.sys
[2014-02-04 23:33:00 | 000,001,631 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\4.xspf
[2014-02-04 09:08:26 | 000,001,819 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk
[2014-02-03 13:36:17 | 000,001,733 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk
[2014-02-03 13:35:53 | 000,775,952 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2014-02-03 13:35:53 | 000,410,784 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2014-02-03 13:35:53 | 000,270,240 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2014-02-03 13:35:53 | 000,057,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2014-02-03 13:35:53 | 000,054,832 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2014-02-03 13:35:53 | 000,043,152 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2014-01-17 13:56:36 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\VLC media player.lnk

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2014-02-09 15:20:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System\ckjfjjku.ehb
[2014-02-09 14:12:16 | 000,001,345 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Lineage II.lnk
[2014-02-07 21:29:22 | 2655,406,104 | ---- | C] () -- C:\Documents and Settings\user\Moje dokumenty\l2.part2.rar
[2014-02-07 16:32:55 | 001,705,550 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\dsj.rar
[2014-02-04 23:32:57 | 000,001,631 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\4.xspf
[2013-12-28 13:10:07 | 000,000,031 | ---- | C] () -- C:\Documents and Settings\user\Dane aplikacji\WB.CFG
[2013-11-25 02:25:35 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013-11-07 19:12:47 | 000,000,025 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2013-10-30 07:26:48 | 000,296,978 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat
[2013-07-04 16:48:46 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2013-03-24 09:38:41 | 000,180,248 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013-03-24 09:38:41 | 000,049,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013-02-03 16:26:17 | 000,019,280 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\CAEManager.lcs
[2013-02-03 16:26:17 | 000,001,764 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\SEE_5008.ini
[2013-02-03 16:26:17 | 000,001,764 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\SEE_5006.ini
[2013-02-03 16:26:17 | 000,001,764 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\SEE_5005.ini
[2013-02-03 16:26:17 | 000,001,764 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\SEE_5004.ini
[2013-02-03 16:26:17 | 000,001,764 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\SEE_5002.ini
[2013-02-03 16:26:17 | 000,001,764 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\SEE_5001.ini
[2013-02-03 16:26:17 | 000,001,764 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\SEE_1100.ini
[2013-02-03 16:26:17 | 000,001,764 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\SEE_1010.ini
[2013-02-03 16:26:17 | 000,001,764 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\SEE_1001.ini
[2013-02-03 16:26:17 | 000,001,764 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\SEE_1000.ini
[2013-01-02 14:37:17 | 000,000,404 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2013-01-02 14:37:01 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\BRIDF10A.DAT
[2012-12-29 14:32:58 | 000,262,216 | ---- | C] () -- C:\WINDOWS\System32\IPTests.dll
[2012-12-29 14:32:38 | 000,422,000 | ---- | C] () -- C:\WINDOWS\System32\wgapi.dll
[2012-12-28 16:33:51 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\Ry4CoInst.dll
[2012-12-22 15:39:52 | 000,540,048 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2012-10-08 17:20:07 | 000,000,077 | ---- | C] () -- C:\Documents and Settings\user\Dane aplikacji\AVSDVDPlayer.m3u
[2012-10-08 17:00:00 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2012-08-30 03:31:59 | 000,000,761 | ---- | C] () -- C:\WINDOWS\m3jp2k.ini
[2012-08-30 03:31:59 | 000,000,714 | ---- | C] () -- C:\WINDOWS\m3jpeg.ini
[2012-08-30 03:31:59 | 000,000,702 | ---- | C] () -- C:\WINDOWS\mmtvmj.ini
[2012-08-30 03:31:55 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2012-08-30 03:31:54 | 000,152,064 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2012-08-30 03:31:49 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2012-08-27 20:40:52 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012-08-27 20:39:52 | 000,281,336 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-08-27 20:35:36 | 002,289,288 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2012-08-27 20:35:36 | 001,098,236 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2012-08-27 20:35:36 | 001,098,236 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2012-08-27 20:35:36 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2012-08-27 20:24:09 | 000,011,832 | R--- | C] () -- C:\WINDOWS\System32\drivers\AsUpIO.sys
[2012-08-27 20:23:01 | 000,011,456 | R--- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys
[2012-08-27 20:22:59 | 000,011,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp64.sys
[2012-08-27 20:22:59 | 000,010,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp32.sys
[2012-08-27 19:08:10 | 000,081,936 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2012-08-27 19:03:21 | 000,027,710 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2012-08-27 19:02:55 | 000,032,768 | R--- | C] () -- C:\WINDOWS\DAODx.exe
[2012-08-27 19:02:33 | 000,001,769 | ---- | C] () -- C:\WINDOWS\Language_trs.ini
[2012-08-27 19:02:29 | 000,023,674 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2012-08-27 19:02:29 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2012-08-27 19:00:15 | 000,023,552 | ---- | C] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-08-27 18:54:22 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012-08-27 18:50:42 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2012-08-27 19:04:24 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
" " = %SystemRoot%\system32\shdocvw.dll -- [2008-04-14 23:50:48 | 001,499,136 | ---- | M] (Microsoft Corporation)
" ThreadingModel " = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
" " = C:\WINDOWS\system32\wbem\fastprox.dll -- [2008-04-14 23:50:32 | 000,472,064 | ---- | M] (Microsoft Corporation)
" ThreadingModel " = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
" " = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008-04-14 23:50:58 | 000,273,920 | ---- | M] (Microsoft Corporation)
" ThreadingModel " = Both

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 95 bytes - & gt; C:\Documents and Settings\All Users\Dane aplikacji\TEMP:D57FAB99

& lt; End of report & gt;


Download file - link to post