Problem z firefoxem

[Kahen]

Witam.

Ostatnio była ściągana aktualizacja przez Firefox'a i pojawił się problem. Gdy chce wejść na Google lub Facebook pojawia się albo angielska strona o aktualizacji albo przerwanie połączenia.

[politan]

Problemy związane z oprogramowaniem komputerowym zakładamy w dziale Programy. Temat przeniosłem.

[Gofer]

Firefox -> opcje -> opcje -> treść i tam w ramce 'języki' klikasz 'Wybierz...' i ustawiasz PL jako domyślny język.

Dodatkowo wchodź na portale przez domeny .pl

[Kahen]

Niestety nie działa. Dla ciekawości zainstalowałem Google Chrome i występuje ten sam problem.

[Gofer]

Hm. Google mówi oficjalnie o takim wyjściu:

Aby wyświetlić konto Google w innym języku, musisz zmienić język interfejsu Google:

1. Odwiedź stronę główną kont Google .
   
2. Kliknij ikonę koła zębatego u góry strony i wybierz z menu rozwijanego opcję Ustawienia wyszukiwania.
   
3. Pod nagłówkiem Język interfejsu w górnej części strony wybierz z menu rozwijanego odpowiedni język.
   
4. Kliknij przycisk ?Zapisz ustawienia? znajdujący się u góry strony.
   

Po zmianie języka interfejsu zamknij okno przeglądarki. Następnie otwórz przeglądarkę i odwiedź stronę https://www.google.com/accounts/ . Strona główna kont Google powinna zostać wyświetlona w wybranym języku.

Jeśli język interfejsu nie odpowiada wybranemu językowi, wyczyść pamięć podręczną przeglądarki i usuń pliki cookie, a następnie spróbuj ponownie ustawić język interfejsu. Pamiętaj, że usunięcie plików cookie spowoduje także usunięcie ustawień innych odwiedzonych witryn.

[Kahen]

Wyjaśnie. Nie chodzi mi o zmianę języka. Moim problemem jest to, że nie moge wejśc ani na Google ani na Facebook. Język coś mnie obchodzi.

[Sevard]

Problem z rozwiązywaniem adresów DNS lub jakiś szkodnik, ewentualnie ktoś się bawił plikiem hosts.

Na początek otwórz w przeglądarce tą stronę i napisz czy coś się otwiera (powinna się otworzyć polska strona główna Google).

[Gofer]

Mój błąd, zakręcony jestem ostatnio i zinterpretowałem 'angielska strona' jako 'Google i FB po angielsku', przepraszam

[Kahen]

@Gofer nie szkodzi

@Sevard otworzyła sie strona Google

[politan]

W takim wypadku ustaw ręcznie adresy DNS na swoim routerze lub w systemie (http://windows.microsoft.com/pl-pl/windows7/change-tcp-ip-settings).

Preferowany: 8.8.8.8
Alternatywny: 8.8.4.4

[Sevard]

@politan To nie musi pomóc. Zależy gdzie jest problem. Jeśli to zmodyfikowany plik hosts lub jakiś szkodni, to to nic nie da.

@Kahen Ściągnij i uruchom OTL. We wszystkich sekcjach zaznacz opcję Użyj filtrowania, do tego zaznacz opcje Infekcja LOP i Infekcja Purity i naciśnij przycisk Skanuj. Wygenerowane w ten sposób logi wrzuć na forum.

[Kahen]

OTL logfile created on: 2013-11-28 08:00:55 - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Admin\Downloads

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

4,00 Gb Total Physical Memory | 2,21 Gb Available Physical Memory | 55,39% Memory free

7,99 Gb Paging File | 5,78 Gb Available in Paging File | 72,35% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 104,33 Gb Total Space | 53,97 Gb Free Space | 51,73% Space Free | Partition Type: NTFS

Drive D: | 361,33 Gb Total Space | 103,78 Gb Free Space | 28,72% Space Free | Partition Type: NTFS

Unable to calculate disk information.

Computer Name: ADMIN-KOMPUTER | User Name: Admin | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found --

PRC - [2013-11-28 08:00:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Admin\Downloads\OTL.exe

PRC - [2013-11-22 18:54:47 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe

PRC - [2013-11-13 04:39:05 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

PRC - [2013-11-11 15:37:52 | 002,349,392 | ---- | M] (LogMeIn Inc.) -- D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe

PRC - [2013-11-11 09:14:46 | 002,420,248 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe

PRC - [2013-11-11 09:14:46 | 001,734,680 | ---- | M] (AVG Secure Search) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe

PRC - [2013-11-11 09:14:46 | 000,159,768 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\loggingserver.exe

PRC - [2013-11-09 08:20:37 | 004,033,088 | ---- | M] (GG Network S.A.) -- C:\Users\Admin\AppData\Local\GG\Application\gghub.exe

PRC - [2013-11-09 08:20:37 | 000,132,672 | ---- | M] (GG Network S.A.) -- C:\Users\Admin\AppData\Local\GG\Application\ggapp.exe

PRC - [2013-10-11 19:31:36 | 000,237,960 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe

PRC - [2013-10-09 17:20:43 | 001,862,536 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe

PRC - [2013-09-25 16:37:00 | 020,133,824 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe

PRC - [2013-05-17 22:44:41 | 000,047,392 | ---- | M] (Yontoo LLC) -- C:\Users\Admin\AppData\Roaming\Yontoo\YontooDesktop.exe

PRC - [2013-05-17 22:44:41 | 000,023,552 | ---- | M] (Microsoft) -- C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe

PRC - [2013-05-11 11:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

PRC - [2013-05-09 09:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe

PRC - [2013-05-09 09:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe

PRC - [2012-03-21 07:29:58 | 002,529,096 | ---- | M] (Desura Pty Ltd) -- D:\Program Files (x86)\Desura\desura.exe

PRC - [2011-07-20 12:37:54 | 000,206,336 | ---- | M] () -- C:\Program Files (x86)\Przyspiesz Komputer\PCSUService.exe

========== Modules (No Company Name) ==========

MOD - [2013-11-28 07:43:27 | 000,013,600 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\Yontoo\dat\Desktop.OS.Plugin.dll

MOD - [2013-11-28 07:43:11 | 000,128,512 | ---- | M] () -- C:\Users\Admin\AppData\Local\Temp\_MEI33762\_elementtree.pyd

MOD - [2013-11-28 07:43:11 | 000,098,816 | ---- | M] () -- C:\Users\Admin\AppData\Local\Temp\_MEI33762\win32api.pyd

MOD - [2013-11-28 07:43:11 | 000,044,032 | ---- | M] () -- C:\Users\Admin\AppData\Local\Temp\_MEI33762\_socket.pyd

MOD - [2013-11-28 07:43:11 | 000,022,528 | ---- | M] () -- C:\Users\Admin\AppData\Local\Temp\_MEI33762\win32ts.pyd

MOD - [2013-11-28 07:43:10 | 000,557,056 | ---- | M] () -- C:\Users\Admin\AppData\Local\Temp\_MEI33762\pysqlite2._sqlite.pyd

MOD - [2013-11-28 07:43:10 | 000,320,512 | ---- | M] () -- C:\Users\Admin\AppData\Local\Temp\_MEI33762\win32com.shell.shell.pyd

MOD - [2013-11-28 07:43:10 | 000,070,656 | ---- | M] () -- C:\Users\Admin\AppData\Local\Temp\_MEI33762\wx._html2.pyd

MOD - [2013-11-28 07:43:10 | 000,026,624 | ---- | M] () -- C:\Users\Admin\AppData\Local\Temp\_MEI33762\_multiprocessing.pyd

MOD - [2013-11-28 07:43:09 | 000,805,888 | ---- | M] () -- C:\Users\Admin\AppData\Local\Temp\_MEI33762\wx._gdi_.pyd

MOD - [2013-11-28 07:43:09 | 000,504,832 | ---- | M] () -- C:\Users\Admin\AppData\Local\Temp\_MEI33762\windows._cacheinvalidation.pyd

MOD - [2013-11-28 07:43:09 | 000,017,408 | ---- | M] () -- C:\Users\Admin\AppData\Local\Temp\_MEI33762\win32profile.pyd

MOD - [2013-11-28 07:43:09 | 000,011,264 | ---- | M] () -- C:\Users\Admin\AppData\Local\Temp\_MEI33762\win32crypt.pyd

MOD - [2013-11-28 07:43:08 | 001,175,040 | ---- | M] () -- C:\Users\Admin\AppData\Local\Temp\_MEI33762\wx._core_.pyd

MOD - [2013-11-28 07:43:08 | 000,735,232 | ---- | M] () -- C:\Users\Admin\AppData\Local\Temp\_MEI33762\wx._misc_.pyd

MOD - [2013-11-28 07:43:08 | 000,364,544 | ---- | M] () -- C:\Users\Admin\AppData\Local\Temp\_MEI33762\pythoncom27.dll

MOD - [2013-11-28 07:43:08 | 000,110,080 | ---- | M] () -- C:\Users\Admin\AppData\Local\Temp\_MEI33762\PyWinTypes27.dll

MOD - [2013-11-28 07:43:08 | 000,108,544 | ---- | M] () -- C:\Users\Admin\AppData\Local\Temp\_MEI33762\win32security.pyd

MOD - [2013-11-28 07:43:08 | 000,087,040 | ---- | M] () -- C:\Users\Admin\AppData\Local\Temp\_MEI33762\_ctypes.pyd

MOD - [2013-11-28 07:43:07 | 001,153,024 | ---- | M] () -- C:\Users\Admin\AppData\Local\Temp\_MEI33762\_ssl.pyd

MOD - [2013-11-28 07:43:07 | 000,811,008 | ---- | M] () -- C:\Users\Admin\AppData\Local\Temp\_MEI33762\wx._windows_.pyd

MOD - [2013-11-28 07:43:07 | 000,711,680 | ---- | M] () -- C:\Users\Admin\AppData\Local\Temp\_MEI33762\_hashlib.pyd

MOD - [2013-11-28 07:43:07 | 000,122,368 | ---- | M] () -- C:\Users\Admin\AppData\Local\Temp\_MEI33762\wx._wizard.pyd

MOD - [2013-11-28 07:43:07 | 000,119,808 | ---- | M] () -- C:\Users\Admin\AppData\Local\Temp\_MEI33762\win32file.pyd

MOD - [2013-11-28 07:43:07 | 000,038,912 | ---- | M] () -- C:\Users\Admin\AppData\Local\Temp\_MEI33762\win32inet.pyd

MOD - [2013-11-28 07:43:07 | 000,035,840 | ---- | M] () -- C:\Users\Admin\AppData\Local\Temp\_MEI33762\win32process.pyd

MOD - [2013-11-28 07:43:07 | 000,025,600 | ---- | M] () -- C:\Users\Admin\AppData\Local\Temp\_MEI33762\win32pdh.pyd

MOD - [2013-11-28 07:43:06 | 001,062,400 | ---- | M] () -- C:\Users\Admin\AppData\Local\Temp\_MEI33762\wx._controls_.pyd

MOD - [2013-11-28 07:43:06 | 000,686,080 | ---- | M] () -- C:\Users\Admin\AppData\Local\Temp\_MEI33762\unicodedata.pyd

MOD - [2013-11-28 07:43:06 | 000,127,488 | ---- | M] () -- C:\Users\Admin\AppData\Local\Temp\_MEI33762\pyexpat.pyd

MOD - [2013-11-28 07:43:06 | 000,018,432 | ---- | M] () -- C:\Users\Admin\AppData\Local\Temp\_MEI33762\win32event.pyd

MOD - [2013-11-28 07:43:06 | 000,010,240 | ---- | M] () -- C:\Users\Admin\AppData\Local\Temp\_MEI33762\select.pyd

MOD - [2013-11-13 04:39:45 | 003,363,952 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

MOD - [2013-11-11 09:14:47 | 000,519,704 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\log4cplusU.dll

MOD - [2013-11-11 09:14:47 | 000,142,360 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.2\SiteSafety.dll

MOD - [2013-11-11 09:14:46 | 002,420,248 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe

MOD - [2013-11-09 08:20:37 | 002,999,808 | ---- | M] () -- C:\Users\Admin\AppData\Local\GG\Application\xulrunner\mozjs.dll

MOD - [2013-10-09 17:20:43 | 016,233,864 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll

MOD - [2013-01-24 12:25:02 | 001,044,480 | ---- | M] () -- c:\progra~2\websea~1\sprote~1.dll

MOD - [2013-01-24 12:16:54 | 001,050,112 | ---- | M] () -- c:\progra~2\contin~1\sprote~1.dll

MOD - [2012-03-21 07:29:56 | 014,289,408 | ---- | M] () -- D:\Program Files (x86)\Desura\bin\wxmsw290u_vc_desura.dll

MOD - [2011-07-13 16:53:33 | 012,432,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3afcd5168c7a6cb02eab99d7fd71e102\System.Windows.Forms.ni.dll

MOD - [2011-07-13 16:49:28 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dbfe8642a8ed7b2b103ad28e0c96418a\System.Drawing.ni.dll

MOD - [2011-07-13 16:49:14 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\461d3b6b3f43e6fbe6c897d5936e17e4\System.Xml.ni.dll

MOD - [2011-07-13 16:49:12 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bc09ad2d49d8535371845cd7532f9271\System.Configuration.ni.dll

MOD - [2011-07-13 16:49:11 | 007,963,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9e0a3b9b9f457233a335d7fba8f95419\System.ni.dll

MOD - [2011-07-13 16:49:01 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62a0b3e4b40ec0e8c5cfaa0c8848e64a\mscorlib.ni.dll

MOD - [2010-11-05 02:58:14 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll

MOD - [2010-11-05 02:58:11 | 005,251,072 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll

MOD - [2010-11-05 02:58:10 | 000,114,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll

MOD - [2010-11-05 02:58:09 | 000,385,024 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll

MOD - [2010-11-05 02:58:07 | 003,190,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll

MOD - [2010-11-05 02:58:04 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll

MOD - [2009-07-14 18:55:04 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll

========== Services (SafeList) ==========

SRV:64bit: - [2013-09-06 18:32:06 | 000,288,776 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe -- (McComponentHostService)

SRV:64bit: - [2013-05-09 09:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)

SRV:64bit: - [2012-06-28 08:53:00 | 004,941,768 | ---- | M] (SafeNet Inc.) [Auto | Running] -- C:\Windows\SysNative\hasplms.exe -- (hasplms)

SRV:64bit: - [2011-05-25 04:03:38 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)

SRV:64bit: - [2011-05-24 22:18:38 | 000,365,568 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)

SRV:64bit: - [2010-04-06 15:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)

SRV:64bit: - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - [2013-11-27 09:33:31 | 000,148,976 | ---- | M] (BonanzaDeals) [On_Demand | Stopped] -- C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe -- (bonanzadealslivem)

SRV - [2013-11-27 09:33:31 | 000,148,976 | ---- | M] (BonanzaDeals) [Auto | Stopped] -- C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe -- (bonanzadealslive)

SRV - [2013-11-22 18:54:47 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)

SRV - [2013-11-16 13:27:29 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2013-11-11 15:37:48 | 002,756,944 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)

SRV - [2013-11-11 09:14:46 | 001,734,680 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe -- (vToolbarUpdater17.1.2)

SRV - [2013-10-09 17:20:43 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2013-09-20 13:49:33 | 000,476,936 | ---- | M] (BitRaider, LLC) [On_Demand | Stopped] -- C:\ProgramData\BitRaider\BRSptSvc.exe -- (BRSptSvc)

SRV - [2013-08-28 22:47:18 | 000,563,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)

SRV - [2013-05-11 11:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2013-02-28 17:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2012-03-21 07:30:00 | 000,131,912 | ---- | M] (Desura Pty Ltd) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Desura\desura_service.exe -- (Desura Install Service)

SRV - [2011-07-20 12:37:54 | 000,206,336 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Przyspiesz Komputer\PCSUService.exe -- (PCSUService)

SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013-11-11 09:14:47 | 000,046,368 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)

DRV:64bit: - [2013-08-14 19:33:07 | 001,030,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)

DRV:64bit: - [2013-08-14 19:33:07 | 000,378,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)

DRV:64bit: - [2013-08-14 19:33:07 | 000,189,936 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)

DRV:64bit: - [2013-05-09 09:59:07 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)

DRV:64bit: - [2013-05-09 09:59:07 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)

DRV:64bit: - [2013-05-09 09:59:07 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)

DRV:64bit: - [2013-05-09 09:59:06 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)

DRV:64bit: - [2013-05-09 09:59:06 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)

DRV:64bit: - [2013-05-07 20:02:16 | 000,088,480 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)

DRV:64bit: - [2013-05-07 20:02:15 | 000,046,400 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)

DRV:64bit: - [2012-06-28 08:51:36 | 000,139,592 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aksfridge.sys -- (aksfridge)

DRV:64bit: - [2012-02-15 23:24:38 | 000,099,384 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)

DRV:64bit: - [2011-12-02 15:13:12 | 000,279,616 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)

DRV:64bit: - [2011-11-22 14:14:54 | 000,078,208 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aksdf.sys -- (aksdf)

DRV:64bit: - [2011-09-28 15:31:30 | 000,321,536 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hardlock.sys -- (hardlock)

DRV:64bit: - [2011-05-25 05:26:56 | 009,359,872 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)

DRV:64bit: - [2011-05-25 03:25:42 | 000,309,760 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)

DRV:64bit: - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2011-01-13 12:58:30 | 000,413,800 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2011-01-10 17:16:08 | 000,021,104 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)

DRV:64bit: - [2010-11-20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010-11-20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2010-05-25 04:07:58 | 000,253,728 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)

DRV:64bit: - [2010-02-18 08:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)

DRV:64bit: - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009-07-14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009-07-14 01:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)

DRV:64bit: - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009-03-27 00:23:54 | 000,019,432 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz132_x64.sys -- (cpuz132)

DRV:64bit: - [2009-03-18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)

DRV - [2013-09-20 14:08:13 | 000,075,048 | ---- | M] (BitRaider) [File_System | On_Demand | Stopped] -- C:\ProgramData\BitRaider\BRDriver64.sys -- (BRDriver64)

DRV - [2010-11-01 06:08:46 | 000,014,544 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- D:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys -- (WinRing0_1_2_0)

DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

DRV - [2007-11-07 10:42:28 | 000,104,912 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys -- (ISODrive)

DRV - [2006-07-24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Stopped] -- C:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2412}

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2412}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=0&systemid=412&sr=0&q={searchTerms}

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://websearch.lookforithere.info/?pid=806&r=2013/05/16&hid=1426795148&lg=EN&cc=PL&unqvl=14

IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2412}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2412}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=0&systemid=412&sr=0&q={searchTerms}

IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.lookforithere.info/?l=1&q={searchTerms}&pid=806&r=2013/05/16&hid=1426795148&lg=EN&cc=PL&unqvl=14

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://websearch.lookforithere.info/?pid=806&r=2013/05/16&hid=1426795148&lg=EN&cc=PL&unqvl=14

IE - HKCU\..\SearchScopes,DefaultScope = {BB74DE59-BC4C-4172-9AC4-73315F71CFFE}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKCU\..\SearchScopes\{3B0C2ADA-8475-4996-8E43-1D5DB79A7B18}: "URL" = http://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}

IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={75C126DD-15E7-4D41-8A55-BE6479E6A5C8}&mid=77e56b92068347d08afacd26235a77b2-704b1ad85d2ea5e5846e851c9f44d82ed59c29d4〈=pl&ds=ac011&pr=sa&d=2012-10-07 15:17:02&v=15.2.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}

IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2412}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=0&systemid=412&sr=0&q={searchTerms}

IE - HKCU\..\SearchScopes\{9F9D116C-E98C-418b-BED4-8587B1AD8719}: "URL" = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV

IE - HKCU\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.lookforithere.info/?l=1&q={searchTerms}&pid=806&r=2013/05/16&hid=1426795148&lg=EN&cc=PL&unqvl=14

IE - HKCU\..\SearchScopes\{D77E5AF6-F571-44a8-B2A9-0D641C697ACC}: "URL" = http://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()

FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.2\\npsitesafety.dll ()

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)

FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKLM\Software\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=3: C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll (BonanzaDeals)

FF - HKLM\Software\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=9: C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll (BonanzaDeals)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-08-14 15:20:27 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\17.1.2.1 [2013-11-11 09:15:04 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.1.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.1.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

[2011-11-29 20:19:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\Mozilla\Extensions

[2013-11-27 09:33:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\Mozilla\Profiles\jsg7wewt.Bartek\extensions

[2013-11-27 09:33:28 | 000,000,000 | ---D | M] (BonanzaDeals) -- C:\Users\Admin\AppData\Roaming\Mozilla\Profiles\jsg7wewt.Bartek\extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca}

[2013-11-26 10:17:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions

[2013-11-26 10:17:25 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - homepage:

CHR - Extension: No name found = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_1\

CHR - Extension: No name found = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1\

CHR - Extension: No name found = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\

CHR - Extension: No name found = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1\

CHR - Extension: No name found = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieadcoanfjloocmfafkebdnfefmohngj\3.5.0.0_1\

CHR - Extension: No name found = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\17.1.2.1_1\

CHR - Extension: No name found = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_1\

CHR - Extension: No name found = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

O2:64bit: - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2:64bit: - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~2\WIA6EB~1\Datamngr\x64\BROWSE~1.DLL (Bandoo Media, inc)

O2:64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\17.1.2.1\AVG Secure Search_toolbar.dll (AVG Secure Search)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O2 - BHO: (BonanzaDeals) - {fe063412-bea4-4d76-8ed3-183be6220d17} - C:\Program Files (x86)\BonanzaDeals\BonanzaDealsIE.dll (BonanzaDeals)

O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.

O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\17.1.2.1\AVG Secure Search_toolbar.dll (AVG Secure Search)

O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll ()

O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll ()

O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL Inc.)

O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.

O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [20131121] C:\Program Files\AVAST Software\Avast\setup\emupdate\817ac5d7-1341-4b1c-830e-320f25c01a32.exe (AVAST Software)

O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [LogMeIn Hamachi Ui] D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)

O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe File not found

O4 - HKLM..\Run: [startCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()

O4 - HKCU..\Run: [Desura] D:\Program Files (x86)\Desura\desura.exe (Desura Pty Ltd)

O4 - HKCU..\Run: [GG] C:\Users\Admin\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)

O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)

O4 - HKCU..\Run: [Yontoo Desktop] C:\Users\Admin\AppData\Roaming\Yontoo\YontooDesktop.exe (Yontoo LLC)

O4 - Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Registration .LNK = File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1

O8:64bit: - Extra context menu item: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)

O8:64bit: - Extra context menu item: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)

O8:64bit: - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)

O8:64bit: - Extra context menu item: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)

O8:64bit: - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found

O8 - Extra context menu item: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)

O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)

O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)

O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)

O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)

O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)

O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)

O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)

O16 - DPF: {CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab (Java Plug-in 1.7.0_45)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B5FD5207-C4B8-420E-B450-12B6131AF6BF}: DhcpNameServer = 192.168.42.129

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F315767B-DF1A-4242-AE80-ADFB6CD010B5}: DhcpNameServer = 79.119.174.224 8.8.8.8

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.1.2\ViProtocol.dll (AVG Secure Search)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WIA6EB~1\Datamngr\x64\datamngr.dll) - C:\PROGRA~2\WIA6EB~1\Datamngr\x64\datamngr.dll (Bandoo Media, inc)

O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WIA6EB~1\Datamngr\x64\IEBHO.dll) - C:\PROGRA~2\WIA6EB~1\Datamngr\x64\IEBHO.dll (Bandoo Media, inc)

O20 - AppInit_DLLs: (c:\progra~2\wia6eb~1\datamngr\datamngr.dll) - c:\progra~2\wia6eb~1\datamngr\datamngr.dll (Bandoo Media, inc)

O20 - AppInit_DLLs: (c:\progra~2\wia6eb~1\datamngr\iebho.dll) - c:\progra~2\wia6eb~1\datamngr\iebho.dll (Bandoo Media, inc)

O20 - AppInit_DLLs: (c:\progra~2\contin~1\sprote~1.dll) - c:\progra~2\contin~1\sprote~1.dll ()

O20 - AppInit_DLLs: (c:\progra~2\websea~1\sprote~1.dll) - c:\progra~2\websea~1\sprote~1.dll ()

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\{3da48abd-1cea-11e1-a113-1c6f65be9e41}\Shell - "" = AutoRun

O33 - MountPoints2\{3da48abd-1cea-11e1-a113-1c6f65be9e41}\Shell\AutoRun\command - "" = F:\INSTALL.EXE

O33 - MountPoints2\{758eb01f-2c2d-11e2-8afc-1c6f65be9e41}\Shell - "" = AutoRun

O33 - MountPoints2\{758eb01f-2c2d-11e2-8afc-1c6f65be9e41}\Shell\AutoRun\command - "" = I:\setup.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013-11-27 09:37:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

[2013-11-27 09:34:15 | 000,000,000 | ---D | C] -- C:\Users\Admin\.android

[2013-11-27 09:34:12 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\cache

[2013-11-27 09:34:10 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\Mobogenie

[2013-11-27 09:34:10 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Mobogenie

[2013-11-27 09:33:33 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\0V1L2Z2Z1T1I1L1T

[2013-11-27 09:33:32 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\BonanzaDealsLive

[2013-11-27 09:33:32 | 000,000,000 | ---D | C] -- C:\ProgramData\BonanzaDealsLive

[2013-11-27 09:33:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BonanzaDealsLive

[2013-11-27 09:33:28 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BonanzaDeals

[2013-11-27 09:33:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BonanzaDeals

[2013-11-26 10:17:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox

[2013-11-20 22:15:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Booster 3

[2013-11-20 22:15:28 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit

[2013-11-20 17:59:55 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\Assassin's Creed IV Black Flag

[2013-11-19 18:03:44 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\1C

[2013-11-17 13:24:42 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\naild

[2013-11-17 13:19:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deep Silver

[2013-11-16 16:24:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus

[2013-11-13 16:50:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi

[2013-11-04 17:30:04 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Targem

[2013-11-03 15:03:43 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe

[2013-11-03 15:03:39 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe

[2013-11-03 15:03:39 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe

[2013-11-03 15:03:39 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

[2013-11-03 15:03:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java

[2013-11-03 14:58:59 | 000,000,000 | ---D | C] -- C:\Program Files\Java

[2013-11-02 18:22:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle

[2013-11-02 18:22:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java

[2013-11-02 18:22:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

[6 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013-11-28 07:49:14 | 000,014,560 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2013-11-28 07:49:14 | 000,014,560 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2013-11-28 07:43:01 | 000,001,042 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2013-11-28 07:42:59 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\BonanzaDealsLiveUpdateTaskMachineCore.job

[2013-11-28 07:42:57 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job

[2013-11-28 07:42:57 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job

[2013-11-28 07:40:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2013-11-28 07:40:13 | 3219,300,352 | -HS- | M] () -- C:\hiberfil.sys

[2013-11-27 22:38:24 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\BonanzaDealsLiveUpdateTaskMachineUA.job

[2013-11-27 22:36:28 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2013-11-27 22:20:01 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2013-11-27 09:37:56 | 000,002,261 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk

[2013-11-26 10:17:26 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2013-11-22 18:54:47 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe

[2013-11-22 18:54:27 | 000,291,944 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr

[2013-11-22 18:54:27 | 000,291,944 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe

[2013-11-20 22:15:30 | 000,000,857 | ---- | M] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk

[2013-11-20 22:15:30 | 000,000,845 | ---- | M] () -- C:\Users\Public\Desktop\Game Booster 3.lnk

[2013-11-20 17:32:54 | 001,692,112 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2013-11-20 17:32:54 | 000,747,552 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat

[2013-11-20 17:32:54 | 000,660,918 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2013-11-20 17:32:54 | 000,160,144 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat

[2013-11-20 17:32:54 | 000,125,108 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2013-11-20 17:15:34 | 000,189,248 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0

[2013-11-20 17:15:04 | 000,000,141 | ---- | M] () -- C:\Users\Admin\Desktop\Assassin's Creed IV Black Flag.url

[2013-11-19 17:54:28 | 000,000,972 | ---- | M] () -- C:\Users\Public\Desktop\Polskie Imperium.lnk

[2013-11-17 13:19:56 | 000,000,943 | ---- | M] () -- C:\Users\Public\Desktop\Nail'd.lnk

[2013-11-16 16:24:20 | 000,001,931 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk

[2013-11-16 16:24:20 | 000,001,931 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

[2013-11-11 09:15:05 | 000,003,727 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml

[2013-11-11 09:14:47 | 000,046,368 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys

[2013-11-07 15:23:10 | 000,179,023 | ---- | M] () -- C:\Users\Admin\Desktop\75663_zyrafa_chmury_niebo.jpg

[2013-11-03 15:03:34 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

[2013-11-03 15:03:32 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe

[2013-11-03 15:03:32 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe

[2013-11-03 15:03:32 | 000,174,504 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe

[2013-11-03 14:59:05 | 000,108,968 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll

[2013-11-03 14:59:02 | 000,312,744 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe

[2013-11-03 14:59:02 | 000,189,352 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe

[2013-11-03 14:59:01 | 000,189,352 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe

[2013-11-02 18:17:02 | 000,000,640 | RHS- | M] () -- C:\Users\Admin\ntuser.pol

[6 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013-11-27 09:37:56 | 000,002,261 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk

[2013-11-27 09:33:46 | 000,000,924 | ---- | C] () -- C:\Windows\tasks\BonanzaDealsLiveUpdateTaskMachineUA.job

[2013-11-27 09:33:45 | 000,000,920 | ---- | C] () -- C:\Windows\tasks\BonanzaDealsLiveUpdateTaskMachineCore.job

[2013-11-26 10:17:26 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

[2013-11-26 10:17:26 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2013-11-20 22:15:30 | 000,000,857 | ---- | C] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk

[2013-11-20 22:15:30 | 000,000,845 | ---- | C] () -- C:\Users\Public\Desktop\Game Booster 3.lnk

[2013-11-20 17:15:04 | 000,000,141 | ---- | C] () -- C:\Users\Admin\Desktop\Assassin's Creed IV Black Flag.url

[2013-11-19 17:54:28 | 000,000,972 | ---- | C] () -- C:\Users\Public\Desktop\Polskie Imperium.lnk

[2013-11-17 13:19:56 | 000,000,943 | ---- | C] () -- C:\Users\Public\Desktop\Nail'd.lnk

[2013-11-16 16:24:20 | 000,001,931 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk

[2013-11-07 15:23:08 | 000,179,023 | ---- | C] () -- C:\Users\Admin\Desktop\75663_zyrafa_chmury_niebo.jpg

[2013-11-02 17:39:35 | 000,000,640 | RHS- | C] () -- C:\Users\Admin\ntuser.pol

[2013-09-26 18:31:21 | 000,002,234 | ---- | C] () -- C:\Users\Admin\AppData\Local\recently-used.xbel

[2013-06-26 15:24:34 | 000,003,727 | ---- | C] () -- C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml

[2013-05-22 20:48:14 | 000,291,944 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe

[2013-05-22 20:48:13 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe

[2012-12-27 15:33:37 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe

[2012-09-25 14:06:56 | 000,000,093 | ---- | C] () -- C:\Users\Admin\AppData\Local\fusioncache.dat

[2012-08-09 08:40:32 | 000,065,576 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll

[2012-08-09 08:40:28 | 000,022,560 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll

[2012-07-31 11:10:04 | 000,000,879 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\gmic_sources.cimgz

[2012-06-19 13:02:17 | 003,123,272 | R--- | C] () -- C:\Windows\SysWow64\pbsvc.exe

[2011-12-02 15:16:27 | 000,122,884 | ---- | C] () -- C:\Windows\UnGins.exe

[2011-11-29 20:23:13 | 000,000,092 | ---- | C] () -- C:\Windows\mp3wavcon.ini

[2011-11-29 20:22:05 | 000,000,005 | ---- | C] () -- C:\Windows\SysWow64\SySmp3con.dat

[2011-11-29 20:22:02 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll

[2011-11-24 16:18:46 | 000,005,632 | ---- | C] () -- C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011-11-11 15:48:24 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt

========== ZeroAccess Check ==========

[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2010-11-20 14:27:25 | 014,174,208 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2010-11-20 13:21:19 | 012,872,192 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013-08-01 20:16:07 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\.minecraft

[2013-03-24 21:49:09 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\.mono

[2013-03-28 14:47:59 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\.techniclauncher

[2013-11-27 09:33:33 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\0V1L2Z2Z1T1I1L1T

[2013-08-24 19:33:16 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Audacity

[2013-01-16 18:28:20 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\BANDISOFT

[2012-03-03 14:38:22 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\BigHugeEngine

[2013-06-12 18:10:47 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Bioshock

[2013-02-09 10:51:32 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DAEMON Tools Lite

[2013-02-09 15:26:37 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Downloaded Installations

[2011-11-29 20:19:01 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\FreeCDRipper

[2012-01-27 18:25:35 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Gadu-Gadu 10

[2013-11-28 07:43:07 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\GG

[2012-02-19 19:18:09 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\GrabPro

[2012-01-22 15:15:54 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\gtk-2.0

[2012-07-10 12:15:55 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\LolClient

[2012-05-26 09:50:37 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\LolClient2

[2013-01-31 19:53:16 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Mumble

[2011-10-14 19:35:29 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\OpenCandy

[2012-06-06 13:47:11 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\OpenFM

[2013-07-25 08:07:35 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Orbit

[2013-08-16 07:21:34 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Origin

[2012-09-29 12:29:59 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Petroglyph

[2012-02-19 19:18:18 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\ProgSense

[2013-01-23 15:19:18 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Publish Providers

[2011-07-13 01:35:16 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\PunkBuster

[2011-11-11 15:56:30 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Samsung

[2013-01-23 19:44:54 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Sony

[2012-07-26 09:39:56 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Splashtop

[2013-07-03 17:07:15 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Techland

[2012-11-20 13:59:52 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Thunderbird

[2013-07-24 17:51:00 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\To the Moon - Freebird Games

[2012-12-26 13:33:51 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Tropico 3

[2011-12-01 17:09:34 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Ubisoft

[2013-04-07 17:10:25 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Unity

[2012-09-25 17:41:20 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\wargaming.net

[2013-11-28 07:43:28 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Yontoo

========== Purity Check ==========

< End of report >

Proszę cały raport

[politan]

@politan To nie musi pomóc. Zależy gdzie jest problem. Jeśli to zmodyfikowany plik hosts lub jakiś szkodni, to to nic nie da.

Nie musi, ale może. Tego typu problemy z DNS'ami są częste. Jednak jasne, nie można wykluczać innych ewentualności.

[Sevard]

Log z OTL wygląda czysto poza paroma zbędnymi programami (choć przydałby się jeszcze log extras.txt).

Spróbuj rozwiązania, które zaproponował politan. Jeśli to nie pomoże, to uruchom wiersz poleceń (wpisz cmd w pole wyszukiwania) i tam wpisz komendę:

ipconfig /flushdns

Poza tym przeskanuj system programem ADWCleaner. To powinno usunąć parę reklamowych programów.

[Kahen]

@Sevard zrobiłem jak napisałeś za wyjątkiem ustawienia adresów DNS. Póki co działa

[Kahen]

I znowu to samo. Wykorzystanie tych metod dało chwilowe rozwiązanie problemu. Ten sam problem zaczął się także na laptopie mamy.

[Sevard]

Czyli najpewniej problem z DNSami operatora. Zmień DNSy na inne (np. te, które zaproponował politan) i spróbuj ponownie.