Wirus about.Brontok.A.html

Roshti · 13 Marca 2013

Cześć, z tego co wyczytałem na necie, jest to wirus.

Często przez niego resetuje mi się komputer, sam włącza itp.

Załączam obrazek, wygląda to tak.

http://wrzuc.se/images/513fe74be54a3.jpg

Usunąć mogę, ale zawsze się pojawia od nowa. Wie ktoś od czego to jest? I jak to skasować raz na zawsze?

Fr3shMak3r · 14 Marca 2013

Wrzuć loga OTL .

http://www.mpcforum.pl/topic/679592-tutlogi-co-i-jak/

Roshti · 15 Marca 2013

Już skanuję, zaraz tutaj wrzucę.

OTL logfile created on: 2013-03-15 16:07:35 - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Sav\Favorites\Downloads

Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7601.17514)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 0,61 Gb Available Physical Memory | 20,31% Memory free

5,99 Gb Paging File | 1,91 Gb Available in Paging File | 31,92% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 319,28 Gb Total Space | 192,19 Gb Free Space | 60,19% Space Free | Partition Type: NTFS

Drive E: | 146,48 Gb Total Space | 132,75 Gb Free Space | 90,62% Space Free | Partition Type: NTFS

Computer Name: SAV-KOMPUTER | User Name: Sav | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013-03-15 16:07:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Sav\Favorites\Downloads\OTL.exe

PRC - [2013-03-06 15:48:41 | 003,494,992 | ---- | M] (Electronic Arts) -- C:\Program Files\Origin\Origin.exe

PRC - [2013-03-01 00:08:21 | 001,274,832 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe

PRC - [2013-02-17 14:35:01 | 000,213,384 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler.exe

PRC - [2013-02-17 14:18:04 | 000,224,096 | ---- | M] () -- C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe

PRC - [2013-02-14 21:19:42 | 023,068,536 | ---- | M] (Electronic Arts) -- C:\Program Files\Origin Games\FIFA 12\Game\fifa.exe

PRC - [2013-02-08 12:18:59 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2013-02-08 12:18:57 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe

PRC - [2013-02-08 12:18:48 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe

PRC - [2013-02-08 12:18:48 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe

PRC - [2013-02-08 12:18:44 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe

PRC - [2012-12-21 17:56:44 | 001,090,040 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe

PRC - [2012-12-19 09:49:34 | 000,732,648 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

PRC - [2012-12-19 09:49:22 | 000,179,176 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe

PRC - [2012-12-19 09:49:12 | 000,149,480 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe

PRC - [2012-07-27 23:12:38 | 000,044,417 | ---- | M] () -- C:\Users\Sav\AppData\Local\winlogon.exe

PRC - [2012-07-27 23:12:38 | 000,044,417 | ---- | M] () -- C:\Users\Sav\AppData\Local\services.exe

PRC - [2012-07-27 23:12:38 | 000,044,417 | ---- | M] () -- C:\Users\Sav\AppData\Local\lsass.exe

PRC - [2011-10-31 15:16:33 | 078,004,224 | R--- | M] (Sports Interactive) -- C:\Program Files\SEGA\Football Manager 2012\fm.exe

PRC - [2011-09-06 17:56:56 | 000,297,984 | ---- | M] (Electronic Arts Canada) -- C:\Program Files\Origin Games\FIFA 12\Game\fifasetup\fifaconfig.exe

PRC - [2011-09-06 17:08:08 | 000,120,112 | ---- | M] (Electronic Arts) -- C:\Program Files\Origin Games\FIFA 12\Game\Core\EACoreServer.exe

PRC - [2011-03-14 16:27:28 | 000,271,712 | ---- | M] () -- C:\ProgramData\DatacardService\HWDeviceService.exe

PRC - [2011-03-14 16:27:28 | 000,236,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe

PRC - [2009-09-27 16:48:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

PRC - [2009-09-17 12:55:06 | 000,663,552 | ---- | M] (Nokia) -- C:\Program Files\Nokia\PC Internet Access\NPCIA.exe

PRC - [2009-09-04 16:33:56 | 000,417,792 | ---- | M] () -- C:\Program Files\ASUS\GamerOSD\ATKFastUserSwitching.exe

PRC - [2009-07-27 11:13:28 | 000,061,440 | ---- | M] () -- C:\Windows\System32\ASDR.exe

PRC - [2009-07-14 02:14:28 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PING.EXE

PRC - [2009-05-06 10:41:48 | 000,060,928 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\Windows\System32\ATKFUSService.exe

========== Modules (No Company Name) ==========

MOD - [2013-03-07 19:17:17 | 000,473,600 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll

MOD - [2013-03-06 15:48:42 | 000,062,976 | ---- | M] () -- C:\Program Files\Origin\tufao.dll

MOD - [2013-03-01 00:08:19 | 000,459,728 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\25.0.1364.152\ppgooglenaclpluginchrome.dll

MOD - [2013-03-01 00:08:18 | 012,637,136 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\25.0.1364.152\PepperFlash\pepflashplayer.dll

MOD - [2013-03-01 00:08:16 | 004,050,896 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\25.0.1364.152\pdf.dll

MOD - [2013-03-01 00:07:25 | 000,596,944 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\25.0.1364.152\libglesv2.dll

MOD - [2013-03-01 00:07:24 | 000,124,368 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\25.0.1364.152\libegl.dll

MOD - [2013-03-01 00:07:21 | 001,552,848 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\25.0.1364.152\ffmpegsumo.dll

MOD - [2013-02-08 22:44:47 | 012,432,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3afcd5168c7a6cb02eab99d7fd71e102\System.Windows.Forms.ni.dll

MOD - [2013-02-08 22:44:26 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dbfe8642a8ed7b2b103ad28e0c96418a\System.Drawing.ni.dll

MOD - [2013-02-08 22:44:13 | 007,963,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9e0a3b9b9f457233a335d7fba8f95419\System.ni.dll

MOD - [2013-02-08 22:44:06 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62a0b3e4b40ec0e8c5cfaa0c8848e64a\mscorlib.ni.dll

MOD - [2012-12-21 17:57:44 | 000,276,984 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\phonon4.dll

MOD - [2012-12-21 17:57:44 | 000,093,176 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\qjson.dll

MOD - [2012-12-21 17:57:28 | 002,653,176 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtXmlPatterns4.dll

MOD - [2012-12-21 17:57:28 | 000,364,536 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtXml4.dll

MOD - [2012-12-21 17:57:26 | 011,166,712 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtWebKit4.dll

MOD - [2012-12-21 17:57:24 | 000,206,328 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtSql4.dll

MOD - [2012-12-21 17:57:22 | 001,347,064 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtScript4.dll

MOD - [2012-12-21 17:57:22 | 001,014,776 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtNetwork4.dll

MOD - [2012-12-21 17:57:22 | 000,720,888 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtOpenGL4.dll

MOD - [2012-12-21 17:57:20 | 008,507,384 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtGui4.dll

MOD - [2012-12-21 17:57:20 | 000,520,696 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtMultimediaKit1.dll

MOD - [2012-12-21 17:57:18 | 002,481,144 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtDeclarative4.dll

MOD - [2012-12-21 17:57:18 | 002,354,168 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtCore4.dll

MOD - [2012-12-21 17:57:14 | 000,446,456 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll

MOD - [2012-12-21 17:57:10 | 000,207,352 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\Imageformats\qjpeg4.dll

MOD - [2012-12-21 17:57:10 | 000,035,832 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\Imageformats\qico4.dll

MOD - [2012-12-21 17:57:08 | 000,033,272 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\Imageformats\qgif4.dll

MOD - [2012-12-21 17:56:40 | 000,438,264 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\NService.dll

MOD - [2012-12-21 17:56:00 | 000,606,200 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\CommonUpdateChecker.dll

MOD - [2012-12-21 15:29:52 | 000,391,600 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\ssoengine.dll

MOD - [2012-12-21 15:29:52 | 000,059,280 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\securestorage.dll

MOD - [2012-12-21 15:29:14 | 000,110,080 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\mediaservice\dsengine.dll

MOD - [2012-07-27 23:12:38 | 000,044,417 | ---- | M] () -- C:\Users\Sav\AppData\Local\winlogon.exe

MOD - [2012-07-27 23:12:38 | 000,044,417 | ---- | M] () -- C:\Users\Sav\AppData\Local\services.exe

MOD - [2012-07-27 23:12:38 | 000,044,417 | ---- | M] () -- C:\Users\Sav\AppData\Local\lsass.exe

MOD - [2011-10-31 14:57:08 | 000,151,552 | ---- | M] () -- C:\Program Files\SEGA\Football Manager 2012\IntelLaptopGamingVista.dll

MOD - [2011-09-06 17:56:54 | 000,329,728 | ---- | M] () -- C:\Program Files\Origin Games\FIFA 12\Game\dlc\dlc_powdll\dlc\powdll\powdllzf.dll

MOD - [2011-09-06 17:56:52 | 000,415,232 | ---- | M] () -- C:\Program Files\Origin Games\FIFA 12\Game\dlc\dlc_FootballCompEng\dlc\FootballCompEng\FootballCompEngzf.dll

MOD - [2009-09-04 16:33:56 | 000,417,792 | ---- | M] () -- C:\Program Files\ASUS\GamerOSD\ATKFastUserSwitching.exe

MOD - [2009-04-16 16:31:14 | 004,210,688 | ---- | M] () -- C:\Program Files\Nokia\PC Internet Access\GraphicsResources.ngr

MOD - [2008-11-12 10:17:40 | 000,012,288 | ---- | M] () -- C:\Program Files\Nokia\PC Internet Access\TextResources_pol.nlr

========== Services (SafeList) ==========

SRV - [2013-02-17 14:18:04 | 000,224,096 | ---- | M] () [Auto | Stopped] -- C:\Program Files\T-Mobile\InternetManager_H\UpdateDog\ouc.exe -- (Internet Manager. RunOuc)

SRV - [2012-12-19 09:49:34 | 000,732,648 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)

SRV - [2011-03-14 16:27:28 | 000,271,712 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService.exe -- (HWDeviceService.exe)

SRV - [2009-09-27 16:48:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)

SRV - [2009-07-27 11:13:28 | 000,061,440 | ---- | M] () [Auto | Running] -- C:\Windows\System32\ASDR.exe -- (ASDR)

SRV - [2009-07-14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)

SRV - [2009-07-14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)

SRV - [2009-07-14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)

SRV - [2009-07-14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - [2009-05-06 10:41:48 | 000,060,928 | ---- | M] (ASUSTeK COMPUTER INC.) [Auto | Running] -- C:\Windows\System32\ATKFUSService.exe -- (ATKFUSService)

SRV - [2007-02-14 15:40:42 | 000,407,208 | ---- | M] (Cenega Poland) [Auto | Stopped] -- C:\Windows\System32\pr2aje8c.exe -- (pr2aje8c)

========== Driver Services (SafeList) ==========

DRV - [2013-02-17 14:18:05 | 000,181,760 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_juwwanecm.sys -- (huawei_wwanecm)

DRV - [2013-02-17 14:18:05 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)

DRV - [2013-02-17 14:18:05 | 000,090,368 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_jucdcacm.sys -- (huawei_cdcacm)

DRV - [2013-02-17 14:18:05 | 000,073,216 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator)

DRV - [2013-02-17 14:18:05 | 000,026,624 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_juextctrl.sys -- (huawei_ext_ctrl)

DRV - [2013-02-17 14:18:05 | 000,024,192 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tcpipBM.sys -- (tcpipBM)

DRV - [2013-02-17 14:18:05 | 000,013,184 | ---- | M] (Bytemobile, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\BMLoad.sys -- (BMLoad)

DRV - [2013-02-17 14:18:05 | 000,011,136 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)

DRV - [2013-02-09 12:44:56 | 000,014,336 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\EIO.sys -- (EIO)

DRV - [2013-02-08 12:19:04 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV - [2013-02-08 12:18:39 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)

DRV - [2013-02-08 12:18:39 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)

DRV - [2013-02-08 12:18:39 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)

DRV - [2013-02-08 12:18:39 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)

DRV - [2013-02-08 12:18:39 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)

DRV - [2013-02-08 12:18:39 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)

DRV - [2013-02-08 12:18:38 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)

DRV - [2013-02-08 12:18:38 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)

DRV - [2012-11-09 15:33:32 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)

DRV - [2012-11-09 15:33:32 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)

DRV - [2012-11-09 15:33:32 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)

DRV - [2012-11-09 15:33:32 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)

DRV - [2012-11-09 15:33:30 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)

DRV - [2012-11-09 15:33:30 | 000,018,560 | ---- | M] (Nokia) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)

DRV - [2012-10-17 13:53:46 | 000,019,072 | ---- | M] (Nokia) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)

DRV - [2010-01-27 03:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (npf)

DRV - [2009-09-28 00:12:21 | 009,509,832 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)

DRV - [2009-08-21 21:24:03 | 000,066,592 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)

DRV - [2009-07-14 00:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial)

DRV - [2009-02-17 18:22:14 | 000,030,976 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKDispLowFilter.sys -- (atkdisplf)

DRV - [2009-02-17 18:22:14 | 000,015,232 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\asusgsb.sys -- (asusgsb)

DRV - [2007-02-14 15:40:19 | 000,065,456 | ---- | M] (Cenega Poland) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pe3aje8c.sys -- (pe3aje8c)

DRV - [2007-02-14 15:39:55 | 000,052,152 | ---- | M] (Cenega Poland) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ps6aje8c.sys -- (ps6aje8c)

DRV - [2005-05-17 13:48:21 | 000,050,176 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfdrv01.sys -- (sfdrv01)

DRV - [2005-05-16 14:23:38 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfsync02.sys -- (sfsync02)

DRV - [2005-05-16 14:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfhlp02.sys -- (sfhlp02)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"

FF - prefs.js..extensions.enabledItems: [email protected]:4.2.2

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Sav\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\T-Mobile\InternetManager_H\OCx32\addon [2013-02-17 14:18:09 | 000,000,000 | ---D | M]

[2013-02-09 14:54:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sav\AppData\Roaming\mozilla\Extensions

[2013-02-09 14:54:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sav\AppData\Roaming\mozilla\Firefox\Profiles\c4nb1yh2.default\extensions

[2013-02-08 23:23:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2013-02-17 14:18:09 | 000,000,000 | ---D | M] (Bytemobile Optimization Client) -- C:\PROGRAM FILES\T-MOBILE\INTERNETMANAGER_H\OCX32\ADDON

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},

CHR - homepage: http://www.google.pl/

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.152\PepperFlash\pepflashplayer.dll

CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.152\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.152\pdf.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll

CHR - plugin: Java Platform SE 7 U13 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll

CHR - plugin: Java Deployment Toolkit 7.0.130.20 (Enabled) = C:\Windows\system32\npDeployJava1.dll

CHR - Extension: Dokumenty Google = C:\Users\Sav\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\

CHR - Extension: Dysk Google = C:\Users\Sav\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\

CHR - Extension: YouTube = C:\Users\Sav\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\

CHR - Extension: Szukaj w Google = C:\Users\Sav\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\

CHR - Extension: AdBlock = C:\Users\Sav\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.61_0\

CHR - Extension: Gmail = C:\Users\Sav\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009-06-10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O4 - HKLM..\Run: [ASUSGamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe (ASUSTeK Computer Inc.)

O4 - HKLM..\Run: [VDownloader] C:\Program Files\VDownloader\VDownloader.exe (Vitzo)

O4 - HKCU..\Run: [] File not found

O4 - HKCU..\Run: [EADM] C:\Program Files\Origin\Origin.exe (Electronic Arts)

O4 - HKCU..\Run: [Facebook Update] C:\Users\Sav\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)

O4 - HKCU..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)

O4 - HKCU..\Run: [Tok-Cirrhatus] File not found

O4 - HKCU..\Run: [Tok-Cirrhatus-1695] C:\Users\Sav\AppData\Local\br4413on.exe ()

O4 - Startup: C:\Users\Sav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Empty.pif ()

O4 - Startup: C:\Users\Sav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk = C:\Users\Sav\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (Facebook)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O13 - gopher Prefix: missing

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5943DC63-A5F1-447B-A12B-0BC6BC19D1BA}: NameServer = 217.116.100.65 79.163.127.70

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{60DF24A7-B31D-4F0D-951F-08BCA75C02B5}: NameServer = 213.158.199.1 213.158.199.5

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O33 - MountPoints2\{45f24027-72ae-11e2-904d-6cf04971e109}\Shell - "" = AutoRun

O33 - MountPoints2\{45f24027-72ae-11e2-904d-6cf04971e109}\Shell\AutoRun\command - "" = G:\NokiaPCIA_Autorun.exe

O33 - MountPoints2\{8973f556-78ec-11e2-8c50-6cf04971e109}\Shell - "" = AutoRun

O33 - MountPoints2\{8973f556-78ec-11e2-8c50-6cf04971e109}\Shell\AutoRun\command - "" = G:\AutoRun.exe

O33 - MountPoints2\{8973f564-78ec-11e2-8c50-6cf04971e109}\Shell - "" = AutoRun

O33 - MountPoints2\{8973f564-78ec-11e2-8c50-6cf04971e109}\Shell\AutoRun\command - "" = G:\AutoRun.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013-03-15 00:00:00 | 000,000,000 | ---D | C] -- C:\Users\Sav\AppData\Local\Bron.tok-16-15

[2013-03-14 00:06:11 | 000,000,000 | ---D | C] -- C:\Users\Sav\AppData\Local\Bron.tok-16-14

[2013-03-13 00:00:01 | 000,000,000 | ---D | C] -- C:\Users\Sav\AppData\Local\Bron.tok-16-13

[2013-03-12 00:00:01 | 000,000,000 | ---D | C] -- C:\Users\Sav\AppData\Local\Bron.tok-16-12

[2013-03-11 20:46:44 | 000,604,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comctl32.ocx

[2013-03-11 20:46:44 | 000,000,000 | ---D | C] -- C:\Users\Sav\AppData\Roaming\TransEngPol4

[2013-03-11 20:46:44 | 000,000,000 | ---D | C] -- C:\Users\Sav\AppData\Roaming\TransAng3

[2013-03-11 20:46:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tłumacz i Słownik Języka Angielskiego 4

[2013-03-11 20:43:30 | 000,000,000 | ---D | C] -- C:\Program Files\TransEnPl4

[2013-03-11 13:45:08 | 000,000,000 | ---D | C] -- C:\Users\Sav\Desktop\TZAR

[2013-03-11 00:00:00 | 000,000,000 | ---D | C] -- C:\Users\Sav\AppData\Local\Bron.tok-16-11

[2013-03-10 21:00:24 | 000,000,000 | ---D | C] -- C:\Users\Sav\AppData\Roaming\VDownloader

[2013-03-10 21:00:03 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap

[2013-03-10 21:00:02 | 000,000,000 | ---D | C] -- C:\Users\Sav\AppData\Local\VDownloader

[2013-03-10 21:00:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VDownloader

[2013-03-10 20:59:58 | 000,000,000 | ---D | C] -- C:\Program Files\VDownloader

[2013-03-10 00:00:01 | 000,000,000 | ---D | C] -- C:\Users\Sav\AppData\Local\Bron.tok-16-10

[2013-03-09 16:23:45 | 000,000,000 | ---D | C] -- C:\Users\Sav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook

[2013-03-09 09:47:55 | 000,000,000 | ---D | C] -- C:\Users\Sav\AppData\Local\Bron.tok-16-9

[2013-03-08 00:00:00 | 000,000,000 | ---D | C] -- C:\Users\Sav\AppData\Local\Bron.tok-16-8

[2013-03-07 19:18:45 | 000,000,000 | ---D | C] -- C:\Users\Sav\AppData\Roaming\Mount&Blade Ogniem i Mieczem

[2013-03-07 19:14:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ogniem i Mieczem - Dzikie Pola

[2013-03-07 19:09:30 | 000,000,000 | ---D | C] -- C:\Program Files\Ogniem i Mieczem - Dzikie Pola

[2013-03-07 00:00:00 | 000,000,000 | ---D | C] -- C:\Users\Sav\AppData\Local\Bron.tok-16-7

[2013-03-06 00:08:50 | 000,000,000 | ---D | C] -- C:\Users\Sav\AppData\Local\Bron.tok-16-6

[2013-03-05 15:06:56 | 000,000,000 | ---D | C] -- C:\Users\Sav\AppData\Roaming\Nokia Suite

[2013-03-05 15:06:55 | 000,000,000 | ---D | C] -- C:\Users\Sav\AppData\Roaming\Nokia

[2013-03-05 00:00:00 | 000,000,000 | ---D | C] -- C:\Users\Sav\AppData\Local\Bron.tok-16-5

[2013-03-04 17:56:28 | 000,000,000 | ---D | C] -- C:\Users\Sav\AppData\Local\NokiaAccount

[2013-03-04 17:55:35 | 000,000,000 | ---D | C] -- C:\Users\Sav\AppData\Local\Nokia

[2013-03-04 17:54:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia

[2013-03-04 17:54:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Nokia

[2013-03-04 17:54:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nokia

[2013-03-04 17:53:50 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution

[2013-03-04 17:47:18 | 000,000,000 | ---D | C] -- C:\ProgramData\NokiaInstallerCache

[2013-03-04 17:40:42 | 000,000,000 | ---D | C] -- C:\Users\Sav\Desktop\Nokia

[2013-03-04 17:20:10 | 000,000,000 | ---D | C] -- C:\Users\Sav\AppData\Local\Bron.tok-16-4

[2013-03-03 00:00:00 | 000,000,000 | ---D | C] -- C:\Users\Sav\AppData\Local\Bron.tok-16-3

[2013-03-02 07:36:36 | 000,000,000 | ---D | C] -- C:\Users\Sav\AppData\Local\Bron.tok-16-2

[2013-03-01 00:00:15 | 000,000,000 | ---D | C] -- C:\Users\Sav\AppData\Local\Bron.tok-16-1

[2013-02-28 13:27:44 | 000,000,000 | ---D | C] -- C:\Users\Sav\AppData\Roaming\Ubisoft

[2013-02-28 00:01:20 | 000,000,000 | ---D | C] -- C:\Users\Sav\AppData\Local\Bron.tok-16-28

[2013-02-27 12:54:57 | 000,000,000 | ---D | C] -- C:\Users\Sav\AppData\Local\Bron.tok-16-27

[2013-02-26 14:06:34 | 000,000,000 | ---D | C] -- C:\Users\Sav\AppData\Local\Bron.tok-16-26

[2013-02-25 18:43:22 | 000,000,000 | ---D | C] -- C:\Users\Sav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Biznes Filmowy 2 0.7.7 Beta

[2013-02-25 18:41:51 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt

[2013-02-25 00:00:00 | 000,000,000 | ---D | C] -- C:\Users\Sav\AppData\Local\Bron.tok-16-25

[2013-02-24 17:58:28 | 000,000,000 | ---D | C] -- C:\Program Files\Sunflower

[2013-02-24 17:58:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anno 1602

[2013-02-24 00:00:01 | 000,000,000 | ---D | C] -- C:\Users\Sav\AppData\Local\Bron.tok-16-24

[2013-02-23 21:00:18 | 000,000,000 | ---D | C] -- C:\Users\Sav\Documents\Red Alert 3

[2013-02-23 20:44:42 | 000,000,000 | ---D | C] -- C:\Users\Sav\AppData\Roaming\Red Alert 3

[2013-02-23 20:23:02 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts

[2013-02-23 19:58:40 | 000,000,000 | ---D | C] -- C:\Users\Sav\Desktop\Cultures

[2013-02-23 12:00:31 | 000,000,000 | ---D | C] -- C:\Windows\Minidump

[2013-02-23 00:39:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MegaTrainer XL

[2013-02-23 00:39:41 | 000,000,000 | ---D | C] -- C:\Program Files\MegaDev

[2013-02-23 00:00:00 | 000,000,000 | ---D | C] -- C:\Users\Sav\AppData\Local\Bron.tok-16-23

[2013-02-22 19:16:57 | 000,000,000 | ---D | C] -- C:\Users\Sav\AppData\Local\Facebook

[2013-02-22 15:30:53 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft XNA

[2013-02-22 15:30:22 | 000,000,000 | ---D | C] -- C:\Users\Sav\Desktop\Terraria 1.1.2

[2013-02-22 00:00:01 | 000,000,000 | ---D | C] -- C:\Users\Sav\AppData\Local\Bron.tok-16-22

[2013-02-21 00:00:00 | 000,000,000 | ---D | C] -- C:\Users\Sav\AppData\Local\Bron.tok-16-21

[2013-02-20 21:03:11 | 000,000,000 | ---D | C] -- C:\Users\Sav\AppData\Local\Ok-SendMail-Bron-tok

[2013-02-20 21:01:20 | 000,000,000 | ---D | C] -- C:\Users\Sav\AppData\Local\Loc.Mail.Bron.Tok

[2013-02-20 20:55:17 | 000,000,000 | ---D | C] -- C:\Users\Sav\AppData\Local\Bron.tok-16-20

[2013-02-17 23:16:18 | 000,000,000 | ---D | C] -- C:\Users\Sav\AppData\Local\Diagnostics

[2013-02-17 14:18:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Manager

[2013-02-17 14:18:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Internet Manager

[2013-02-17 14:18:29 | 001,112,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WdfCoInstaller01007.dll

[2013-02-17 14:18:29 | 001,112,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfCoInstaller01007.dll

[2013-02-17 14:18:29 | 000,861,696 | ---- | C] (DiBcom SA) -- C:\Windows\System32\drivers\mod7700.sys

[2013-02-17 14:18:29 | 000,349,184 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbwwan.sys

[2013-02-17 14:18:29 | 000,194,816 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys

[2013-02-17 14:18:29 | 000,181,760 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_juwwanecm.sys

[2013-02-17 14:18:29 | 000,102,784 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_hwusbdev.sys

[2013-02-17 14:18:29 | 000,090,368 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcacm.sys

[2013-02-17 14:18:29 | 000,073,216 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jubusenum.sys

[2013-02-17 14:18:29 | 000,064,384 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcecm.sys

[2013-02-17 14:18:29 | 000,026,624 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_juextctrl.sys

[2013-02-17 14:18:29 | 000,025,856 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\Windows\System32\drivers\ewdcsc.sys

[2013-02-17 14:18:29 | 000,019,200 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_hwupgrade.sys

[2013-02-17 14:18:29 | 000,011,136 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_usbenumfilter.sys

[2013-02-17 14:18:13 | 000,000,000 | ---D | C] -- C:\Users\Sav\AppData\Roaming\T-Mobile

[2013-02-17 14:18:11 | 000,724,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bmutil.dll

[2013-02-17 14:18:11 | 000,480,384 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\System32\bmnet.dll

[2013-02-17 14:18:11 | 000,308,352 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\System32\bminstall.dll

[2013-02-17 14:18:11 | 000,132,224 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\System32\bmdumpd.bin

[2013-02-17 14:18:11 | 000,024,192 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\System32\drivers\tcpipBM.sys

[2013-02-17 14:18:11 | 000,013,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sporder.dll

[2013-02-17 14:18:11 | 000,013,184 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\System32\drivers\BMLoad.sys

[2013-02-17 14:18:02 | 000,000,000 | ---D | C] -- C:\Program Files\T-Mobile

[2013-02-17 14:17:48 | 000,000,000 | ---D | C] -- C:\ProgramData\DatacardService

[2013-02-17 02:59:46 | 000,000,000 | ---D | C] -- C:\Users\Sav\Desktop\Muzyka

[2013-02-16 22:39:51 | 000,000,000 | ---D | C] -- C:\Users\Sav\AppData\Local\Ubisoft

[2013-02-16 22:33:56 | 000,000,000 | ---D | C] -- C:\Users\Sav\Documents\Atari

[2013-02-16 21:32:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Codemasters

[2013-02-16 21:32:23 | 000,000,000 | ---D | C] -- C:\Program Files\Codemasters

[2013-02-16 20:45:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Focus Home Interactive

[2013-02-16 20:29:41 | 000,000,000 | ---D | C] -- C:\Users\Sav\AppData\Local\Focus Home Interactive

[2013-02-16 20:29:28 | 000,000,000 | ---D | C] -- C:\Program Files\Focus Home Interactive

[2013-02-16 20:20:58 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll

[2013-02-16 20:20:58 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll

[2013-02-16 20:20:58 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll

[2013-02-16 20:19:58 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield

[2013-02-16 20:19:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft

[2013-02-16 20:07:03 | 000,078,784 | ---- | C] (Macrovision Corporation) -- C:\Windows\System32\ISUSPM.cpl

[2013-02-16 19:00:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pariah

[2013-02-16 18:57:11 | 000,000,000 | ---D | C] -- C:\Program Files\Pariah

[2013-02-16 18:03:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft

[2013-02-16 18:02:07 | 000,000,000 | ---D | C] -- C:\Program Files\Ubisoft

[2013-02-16 17:41:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atari

[2013-02-16 17:40:25 | 000,000,000 | ---D | C] -- C:\Users\Sav\AppData\Roaming\homebank

[2013-02-16 17:35:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HomeBank

[2013-02-16 17:35:11 | 000,000,000 | ---D | C] -- C:\Program Files\HomeBank

[2013-02-16 17:14:53 | 000,000,000 | ---D | C] -- C:\cda

[2013-02-16 00:51:00 | 000,000,000 | ---D | C] -- C:\Program Files\Biznes Filmowy 2

[2013-02-16 00:03:31 | 000,000,000 | ---D | C] -- C:\Users\Sav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tomiga

[2013-02-15 23:53:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Biznes Filmowy 2

[2013-02-15 22:47:03 | 000,000,000 | ---D | C] -- C:\Users\Sav\Documents\Test Drive Unlimited

[2013-02-15 22:46:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Test Drive Unlimited

[2013-02-15 21:56:12 | 000,000,000 | ---D | C] -- C:\Users\Sav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Atari

[2013-02-15 19:51:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\kED

[2013-02-15 19:51:20 | 000,000,000 | ---D | C] -- C:\Program Files\kED

[2013-02-15 16:29:57 | 000,000,000 | ---D | C] -- C:\Program Files\Atari

[2013-02-14 22:35:09 | 000,000,000 | ---D | C] -- C:\Users\Sav\AppData\Roaming\Media Player Classic

[2013-02-14 21:19:43 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core

[2013-02-14 21:16:14 | 000,000,000 | ---D | C] -- C:\Users\Sav\Documents\FIFA 12

[2013-02-14 21:14:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 12

[2013-02-14 20:12:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 13

[2013-02-14 19:58:19 | 000,000,000 | ---D | C] -- C:\Users\Sav\Desktop\FIFA 13

[2013-02-14 18:22:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack

[2013-02-14 18:22:43 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack

[2013-02-14 18:21:34 | 000,000,000 | ---D | C] -- C:\Users\Sav\AppData\Local\Programs

[2013-02-14 17:10:45 | 000,000,000 | ---D | C] -- C:\Users\Sav\Documents\FIFA 2004

[2013-02-14 16:47:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Phenomic

[2013-02-14 16:46:38 | 000,000,000 | ---D | C] -- C:\Users\Sav\AppData\Roaming\InstallShield

[2013-02-14 15:56:10 | 000,000,000 | ---D | C] -- C:\Users\Sav\Documents\Ascaron Entertainment

[2013-02-14 15:56:10 | 000,000,000 | ---D | C] -- C:\Users\Sav\AppData\Roaming\Ascaron Entertainment

[2013-02-14 15:27:47 | 000,000,000 | ---D | C] -- C:\Program Files\Mafia

[2013-02-14 15:16:02 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations

[1 C:\Users\Sav\*.tmp files -> C:\Users\Sav\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013-03-15 16:02:12 | 000,012,393 | ---- | M] () -- C:\Users\Sav\AppData\Local\Bron.tok.A16.em.bin

[2013-03-15 15:49:31 | 000,009,600 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2013-03-15 15:49:31 | 000,009,600 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2013-03-15 15:40:02 | 000,001,030 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2013-03-15 15:03:00 | 000,737,242 | ---- | M] () -- C:\Windows\System32\perfh015.dat

[2013-03-15 15:03:00 | 000,651,450 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2013-03-15 15:03:00 | 000,153,930 | ---- | M] () -- C:\Windows\System32\perfc015.dat

[2013-03-15 15:03:00 | 000,120,382 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2013-03-15 14:40:00 | 000,001,026 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2013-03-15 13:47:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2013-03-15 13:47:12 | 2412,371,968 | -HS- | M] () -- C:\hiberfil.sys

[2013-03-15 07:22:05 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1268817483-3824831058-1922237049-1000UA.job

[2013-03-14 19:21:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1268817483-3824831058-1922237049-1000Core.job

[2013-03-13 00:22:12 | 000,000,276 | ---- | M] () -- C:\Windows\tasks\DLL-files.com Fixer_UPDATES.job

[2013-03-12 00:54:25 | 000,266,592 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2013-03-11 20:46:44 | 000,604,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comctl32.ocx

[2013-03-11 20:46:44 | 000,001,015 | ---- | M] () -- C:\Users\Public\Desktop\Translator polsko-angielski 4.lnk

[2013-03-11 20:46:44 | 000,001,015 | ---- | M] () -- C:\Users\Public\Desktop\Translator angielsko-polski 4.lnk

[2013-03-11 20:46:44 | 000,001,009 | ---- | M] () -- C:\Users\Public\Desktop\Słownik polsko-angielski 4.lnk

[2013-03-11 20:46:44 | 000,001,009 | ---- | M] () -- C:\Users\Public\Desktop\Słownik angielsko-polski 4.lnk

[2013-03-10 21:04:40 | 005,356,598 | ---- | M] () -- C:\Users\Sav\Desktop\HuczuHucz - Awersja (ft. Dj Klasyk, prod. 2sty).mp3

[2013-03-10 21:00:01 | 000,001,843 | ---- | M] () -- C:\Users\Public\Desktop\VDownloader.lnk

[2013-03-09 16:23:54 | 000,001,322 | ---- | M] () -- C:\Users\Sav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk

[2013-03-07 19:17:53 | 000,001,979 | ---- | M] () -- C:\Users\Public\Desktop\Ogniem i Mieczem - Dzikie Pola.lnk

[2013-03-06 13:43:38 | 000,002,089 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk

[2013-03-04 17:54:39 | 000,002,007 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Suite.lnk

[2013-03-01 12:59:14 | 254,143,450 | ---- | M] () -- C:\Windows\MEMORY.DMP

[2013-02-25 18:43:23 | 000,002,042 | ---- | M] () -- C:\Users\Sav\Desktop\Biznes Filmowy 2 (v0.7.7 Beta).lnk

[2013-02-24 18:08:18 | 000,001,915 | ---- | M] () -- C:\Users\Public\Desktop\Anno 1602.lnk

[2013-02-23 20:39:41 | 000,001,949 | ---- | M] () -- C:\Users\Public\Desktop\Command & Conquer™ Red Alert™ 3.lnk

[2013-02-18 15:14:50 | 000,579,693 | ---- | M] () -- C:\Users\Sav\Documents\Bez_nazwy (2).wma

[2013-02-18 15:00:59 | 000,588,673 | ---- | M] () -- C:\Users\Sav\Documents\Bez_nazwy (3).wma

[2013-02-17 14:19:50 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_juextctrl_01007.Wdf

[2013-02-17 14:19:42 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf

[2013-02-17 14:18:51 | 000,001,203 | ---- | M] () -- C:\Users\Public\Desktop\Internet Manager.lnk

[2013-02-17 14:18:36 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_jubusenum_01007.Wdf

[2013-02-17 14:18:05 | 001,112,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WdfCoInstaller01007.dll

[2013-02-17 14:18:05 | 001,112,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfCoInstaller01007.dll

[2013-02-17 14:18:05 | 000,861,696 | ---- | M] (DiBcom SA) -- C:\Windows\System32\drivers\mod7700.sys

[2013-02-17 14:18:05 | 000,349,184 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbwwan.sys

[2013-02-17 14:18:05 | 000,194,816 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys

[2013-02-17 14:18:05 | 000,181,760 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_juwwanecm.sys

[2013-02-17 14:18:05 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_hwusbdev.sys

[2013-02-17 14:18:05 | 000,090,368 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcacm.sys

[2013-02-17 14:18:05 | 000,073,216 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jubusenum.sys

[2013-02-17 14:18:05 | 000,064,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcecm.sys

[2013-02-17 14:18:05 | 000,026,624 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_juextctrl.sys

[2013-02-17 14:18:05 | 000,025,856 | ---- | M] (Huawei Tech. Co., Ltd.) -- C:\Windows\System32\drivers\ewdcsc.sys

[2013-02-17 14:18:05 | 000,024,192 | ---- | M] (Bytemobile, Inc.) -- C:\Windows\System32\drivers\tcpipBM.sys

[2013-02-17 14:18:05 | 000,019,200 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_hwupgrade.sys

[2013-02-17 14:18:05 | 000,013,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sporder.dll

[2013-02-17 14:18:05 | 000,013,184 | ---- | M] (Bytemobile, Inc.) -- C:\Windows\System32\drivers\BMLoad.sys

[2013-02-17 14:18:05 | 000,011,136 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_usbenumfilter.sys

[2013-02-17 14:18:04 | 000,724,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bmutil.dll

[2013-02-17 14:18:04 | 000,480,384 | ---- | M] (Bytemobile, Inc.) -- C:\Windows\System32\bmnet.dll

[2013-02-17 14:18:04 | 000,308,352 | ---- | M] (Bytemobile, Inc.) -- C:\Windows\System32\bminstall.dll

[2013-02-17 14:18:03 | 000,132,224 | ---- | M] (Bytemobile, Inc.) -- C:\Windows\System32\bmdumpd.bin

[2013-02-17 02:54:06 | 000,002,894 | ---- | M] () -- C:\Users\Sav\Desktop\STRONA.html

[2013-02-17 00:17:43 | 000,000,256 | ---- | M] () -- C:\Users\Sav\untitled.xhb

[2013-02-17 00:17:43 | 000,000,218 | ---- | M] () -- C:\Users\Sav\.recently-used.xbel

[2013-02-16 21:37:17 | 000,002,155 | ---- | M] () -- C:\Users\Public\Desktop\Worms 4 Totalna Rozwałka.lnk

[2013-02-16 20:46:29 | 000,002,231 | ---- | M] () -- C:\Users\Public\Desktop\Cities XL 2011.lnk

[2013-02-16 19:00:30 | 000,001,924 | ---- | M] () -- C:\Users\Sav\Desktop\Play Pariah.lnk

[2013-02-16 17:35:13 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\HomeBank.lnk

[2013-02-14 15:22:34 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2013-02-14 15:22:34 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[1 C:\Users\Sav\*.tmp files -> C:\Users\Sav\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013-03-15 16:02:12 | 000,012,393 | ---- | C] () -- C:\Users\Sav\AppData\Local\Bron.tok.A16.em.bin

[2013-03-12 13:41:57 | 000,004,527 | ---- | C] () -- C:\Users\Sav\Desktop\32.png

[2013-03-12 13:41:57 | 000,002,662 | ---- | C] () -- C:\Users\Sav\Desktop\char.png

[2013-03-12 13:41:57 | 000,001,360 | ---- | C] () -- C:\Users\Sav\Desktop\33.png

[2013-03-11 20:46:44 | 000,001,015 | ---- | C] () -- C:\Users\Public\Desktop\Translator polsko-angielski 4.lnk

[2013-03-11 20:46:44 | 000,001,015 | ---- | C] () -- C:\Users\Public\Desktop\Translator angielsko-polski 4.lnk

[2013-03-11 20:46:44 | 000,001,009 | ---- | C] () -- C:\Users\Public\Desktop\Słownik polsko-angielski 4.lnk

[2013-03-11 20:46:44 | 000,001,009 | ---- | C] () -- C:\Users\Public\Desktop\Słownik angielsko-polski 4.lnk

[2013-03-10 21:04:32 | 005,356,598 | ---- | C] () -- C:\Users\Sav\Desktop\HuczuHucz - Awersja (ft. Dj Klasyk, prod. 2sty).mp3

[2013-03-10 21:00:01 | 000,001,843 | ---- | C] () -- C:\Users\Public\Desktop\VDownloader.lnk

[2013-03-10 21:00:00 | 000,444,283 | ---- | C] () -- C:\Program Files\Common Files\WinPcapNmap.exe

[2013-03-07 19:17:53 | 000,001,979 | ---- | C] () -- C:\Users\Public\Desktop\Ogniem i Mieczem - Dzikie Pola.lnk

[2013-03-06 13:23:59 | 000,001,322 | ---- | C] () -- C:\Users\Sav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk

[2013-03-05 15:11:08 | 000,178,873 | ---- | C] () -- C:\Users\Sav\Desktop\146.jpg

[2013-03-04 17:54:39 | 000,002,007 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Suite.lnk

[2013-02-25 18:43:23 | 000,002,042 | ---- | C] () -- C:\Users\Sav\Desktop\Biznes Filmowy 2 (v0.7.7 Beta).lnk

[2013-02-24 18:08:18 | 000,001,915 | ---- | C] () -- C:\Users\Public\Desktop\Anno 1602.lnk

[2013-02-23 20:39:41 | 000,001,949 | ---- | C] () -- C:\Users\Public\Desktop\Command & Conquer™ Red Alert™ 3.lnk

[2013-02-23 12:00:26 | 254,143,450 | ---- | C] () -- C:\Windows\MEMORY.DMP

[2013-02-22 19:17:00 | 000,000,920 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1268817483-3824831058-1922237049-1000UA.job

[2013-02-22 19:16:59 | 000,000,898 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1268817483-3824831058-1922237049-1000Core.job

[2013-02-18 15:14:50 | 000,579,693 | ---- | C] () -- C:\Users\Sav\Documents\Bez_nazwy (2).wma

[2013-02-18 15:00:59 | 000,588,673 | ---- | C] () -- C:\Users\Sav\Documents\Bez_nazwy (3).wma

[2013-02-17 14:19:50 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_juextctrl_01007.Wdf

[2013-02-17 14:19:42 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf

[2013-02-17 14:18:51 | 000,001,203 | ---- | C] () -- C:\Users\Public\Desktop\Internet Manager.lnk

[2013-02-17 14:18:36 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_jubusenum_01007.Wdf

[2013-02-17 00:17:43 | 000,000,256 | ---- | C] () -- C:\Users\Sav\untitled.xhb

[2013-02-17 00:17:43 | 000,000,218 | ---- | C] () -- C:\Users\Sav\.recently-used.xbel

[2013-02-16 21:37:17 | 000,002,155 | ---- | C] () -- C:\Users\Public\Desktop\Worms 4 Totalna Rozwałka.lnk

[2013-02-16 20:46:29 | 000,002,231 | ---- | C] () -- C:\Users\Public\Desktop\Cities XL 2011.lnk

[2013-02-16 19:00:30 | 000,001,924 | ---- | C] () -- C:\Users\Sav\Desktop\Play Pariah.lnk

[2013-02-16 17:35:13 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\HomeBank.lnk

[2013-02-15 19:54:39 | 000,002,894 | ---- | C] () -- C:\Users\Sav\Desktop\STRONA.html

[2013-02-14 18:22:45 | 000,178,688 | ---- | C] () -- C:\Windows\System32\unrar.dll

[2013-02-14 15:22:34 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS

[2013-02-14 15:22:34 | 000,000,000 | RHS- | C] () -- C:\IO.SYS

[2013-02-09 16:45:37 | 000,728,858 | ---- | C] () -- C:\Windows\System32\unins000.exe

[2013-02-09 16:45:37 | 000,001,843 | ---- | C] () -- C:\Windows\System32\unins000.dat

[2013-02-09 12:44:19 | 000,053,248 | ---- | C] () -- C:\Windows\System32\asrussian.dll

[2013-02-09 12:44:19 | 000,053,248 | ---- | C] () -- C:\Windows\System32\askorean.dll

[2013-02-09 12:44:19 | 000,053,248 | ---- | C] () -- C:\Windows\System32\asjapan.dll

[2013-02-09 12:44:19 | 000,053,248 | ---- | C] () -- C:\Windows\System32\asgerman.dll

[2013-02-09 12:44:19 | 000,053,248 | ---- | C] () -- C:\Windows\System32\asfrench.dll

[2013-02-09 12:44:19 | 000,053,248 | ---- | C] () -- C:\Windows\System32\aseng.dll

[2013-02-09 12:44:19 | 000,053,248 | ---- | C] () -- C:\Windows\System32\ASCHT.dll

[2013-02-09 12:44:19 | 000,053,248 | ---- | C] () -- C:\Windows\System32\aschs.dll

[2013-02-09 12:44:18 | 000,761,856 | ---- | C] () -- C:\Windows\System32\xvidcore.dll

[2013-02-09 12:44:18 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll

[2013-02-09 12:38:27 | 000,126,878 | ---- | C] () -- C:\Windows\System32\drivers\NVCAP.SYS

[2013-02-08 12:19:10 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe

[2012-10-05 16:11:19 | 000,044,417 | ---- | C] () -- C:\Users\Sav\AppData\Local\winlogon.exe

[2012-10-05 16:11:19 | 000,044,417 | ---- | C] () -- C:\Users\Sav\AppData\Local\smss.exe

[2012-10-05 16:11:19 | 000,044,417 | ---- | C] () -- C:\Users\Sav\AppData\Local\services.exe

[2012-10-05 16:11:19 | 000,044,417 | ---- | C] () -- C:\Users\Sav\AppData\Local\lsass.exe

[2012-10-05 16:11:19 | 000,044,417 | ---- | C] () -- C:\Users\Sav\AppData\Local\inetinfo.exe

[2012-10-05 16:11:19 | 000,044,417 | ---- | C] () -- C:\Users\Sav\AppData\Local\csrss.exe

[2012-10-05 16:11:19 | 000,044,417 | ---- | C] () -- C:\Users\Sav\AppData\Local\br4413on.exe

[2002-10-22 16:51:40 | 000,319,488 | R--- | C] () -- C:\Users\Sav\AppData\Roaming\MafiaSetup.exe

========== ZeroAccess Check ==========

[2009-07-14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2013-02-08 12:18:49 | 012,872,192 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2013-02-08 12:18:59 | 000,606,208 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

========== LOP Check ==========

[2013-03-08 12:59:11 | 000,000,000 | ---D | M] -- C:\Users\Sav\AppData\Roaming\.minecraft

[2013-02-14 15:56:10 | 000,000,000 | ---D | M] -- C:\Users\Sav\AppData\Roaming\Ascaron Entertainment

[2013-02-09 00:22:16 | 000,000,000 | ---D | M] -- C:\Users\Sav\AppData\Roaming\dll-files.com

[2013-02-17 00:17:43 | 000,000,000 | ---D | M] -- C:\Users\Sav\AppData\Roaming\homebank

[2013-02-09 17:43:05 | 000,000,000 | ---D | M] -- C:\Users\Sav\AppData\Roaming\MotioninJoy

[2013-03-08 20:01:52 | 000,000,000 | ---D | M] -- C:\Users\Sav\AppData\Roaming\Mount&Blade Ogniem i Mieczem

[2013-03-05 15:06:55 | 000,000,000 | ---D | M] -- C:\Users\Sav\AppData\Roaming\Nokia

[2013-03-05 15:06:56 | 000,000,000 | ---D | M] -- C:\Users\Sav\AppData\Roaming\Nokia Suite

[2013-02-09 14:59:55 | 000,000,000 | ---D | M] -- C:\Users\Sav\AppData\Roaming\Origin

[2013-03-04 20:19:04 | 000,000,000 | ---D | M] -- C:\Users\Sav\AppData\Roaming\PC Suite

[2013-02-23 20:57:52 | 000,000,000 | ---D | M] -- C:\Users\Sav\AppData\Roaming\Red Alert 3

[2013-02-17 02:50:41 | 000,000,000 | ---D | M] -- C:\Users\Sav\AppData\Roaming\Sports Interactive

[2013-02-17 14:18:13 | 000,000,000 | ---D | M] -- C:\Users\Sav\AppData\Roaming\T-Mobile

[2013-02-14 14:22:40 | 000,000,000 | ---D | M] -- C:\Users\Sav\AppData\Roaming\temp

[2013-03-11 20:46:44 | 000,000,000 | ---D | M] -- C:\Users\Sav\AppData\Roaming\TransAng3

[2013-03-12 10:40:27 | 000,000,000 | ---D | M] -- C:\Users\Sav\AppData\Roaming\TransEngPol4

[2013-03-08 19:02:56 | 000,000,000 | ---D | M] -- C:\Users\Sav\AppData\Roaming\TS3Client

[2013-02-28 13:27:44 | 000,000,000 | ---D | M] -- C:\Users\Sav\AppData\Roaming\Ubisoft

[2013-03-10 21:00:33 | 000,000,000 | ---D | M] -- C:\Users\Sav\AppData\Roaming\VDownloader

========== Purity Check ==========

< End of report >

Fr3shMak3r · 15 Marca 2013

Uruchom OTL i w Oknie własne Opcje Skanowania :

:OTL
O4 - HKCU..\Run: []  File not found
O4 - HKCU..\Run: [Tok-Cirrhatus]  File not found
O4 - HKCU..\Run: [Tok-Cirrhatus-1695] C:\Users\Sav\AppData\Local\br4413on.exe ()
O4 - Startup: C:\Users\Sav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Empty.pif ()
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O33 - MountPoints2\{45f24027-72ae-11e2-904d-6cf04971e109}\Shell - "" = AutoRun
O33 - MountPoints2\{45f24027-72ae-11e2-904d-6cf04971e109}\Shell\AutoRun\command - "" = G:\NokiaPCIA_Autorun.exe
O33 - MountPoints2\{8973f556-78ec-11e2-8c50-6cf04971e109}\Shell - "" = AutoRun
O33 - MountPoints2\{8973f556-78ec-11e2-8c50-6cf04971e109}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{8973f564-78ec-11e2-8c50-6cf04971e109}\Shell - "" = AutoRun
O33 - MountPoints2\{8973f564-78ec-11e2-8c50-6cf04971e109}\Shell\AutoRun\command - "" = G:\AutoRun.exe

:Files
C:\Users\Sav\AppData\Local\Bron.tok-16-15
C:\Users\Sav\AppData\Local\Bron.tok-16-14
C:\Users\Sav\AppData\Local\Bron.tok-16-13
C:\Users\Sav\AppData\Local\Bron.tok-16-12
C:\Users\Sav\AppData\Local\Bron.tok-16-11
C:\Users\Sav\AppData\Local\Bron.tok-16-10
C:\Users\Sav\AppData\Local\Bron.tok-16-9
C:\Users\Sav\AppData\Local\Bron.tok-16-8
C:\Users\Sav\AppData\Local\Bron.tok-16-7
C:\Users\Sav\AppData\Local\Bron.tok-16-6
C:\Users\Sav\AppData\Local\Bron.tok-16-5
C:\Users\Sav\AppData\Local\Bron.tok-16-4
C:\Users\Sav\AppData\Local\Bron.tok-16-3
C:\Users\Sav\AppData\Local\Bron.tok-16-2
C:\Users\Sav\AppData\Local\Bron.tok-16-1
C:\Users\Sav\AppData\Local\Bron.tok-16-28
C:\Users\Sav\AppData\Local\Bron.tok-16-27
C:\Users\Sav\AppData\Local\Bron.tok-16-26
C:\Users\Sav\AppData\Local\Bron.tok-16-25
C:\Users\Sav\AppData\Local\Bron.tok-16-24
C:\Users\Sav\AppData\Local\Bron.tok-16-23
C:\Users\Sav\AppData\Local\Bron.tok-16-22
C:\Users\Sav\AppData\Local\Bron.tok-16-21
C:\Users\Sav\AppData\Local\Bron.tok-16-20
C:\Users\Sav\AppData\Local\Ok-SendMail-Bron-tok
C:\Users\Sav\AppData\Local\Loc.Mail.Bron.Tok
C:\Users\Sav\AppData\Local\Bron.tok.A16.em.bin

:Reg
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\TokCirrhatus]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2]

:Commands
[emptytemp]

I klik na wykonaj skrypt i pokazujesz raport z usuwania .

Zabrakło 2 loga Extras bo nie zaznaczyłeś opcji Skan rejestr dodatkowy na użyj filtrowania .

Roshti · 15 Marca 2013

Wrzuciłem to tam gdzie kazałeś, i mi zawiesiło, zgasił się obraz. I zresetowałem PC. To tak musi być? Bo jeśli tak to to powtórze.

Fr3shMak3r · 15 Marca 2013

Trzeba było poczekać na wykonanie skryptu ..

Zobacz w C:/OTL_ czy nie ma tam loga z usuwania .

Roshti · 15 Marca 2013

Nie ma.

Fr3shMak3r · 15 Marca 2013

To zrób nowy log .

Tylko nie zapomnij zaznaczyć Rejestr skan dodatkowy na użyj filtrowania .

Roshti · 15 Marca 2013

To tak.

Masz tutaj 1

OTL logfile created on: 2013-03-15 17:29:05 - Run 2

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Sav\Favorites\Downloads

Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7601.17514)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 1,51 Gb Available Physical Memory | 50,48% Memory free

5,99 Gb Paging File | 3,76 Gb Available in Paging File | 62,85% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 319,28 Gb Total Space | 193,06 Gb Free Space | 60,47% Space Free | Partition Type: NTFS