Paul13Paul13 - logi

:Processes
killallprocesses

:OTL
SRV - File not found [Auto | Stopped] --  -- (StarWindServiceAE)
SRV - [2004-11-02 22:04:30 | 000,057,344 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxbuserv.exe -- (LXBUCustomerConnect)
DRV - [2010-06-09 18:52:57 | 000,005,477 | ---- | M] () [Kernel | Disabled | Running] -- C:\WINDOWS\system32\drivers\npimjn.sys -- (NdisFileServices32)
IE - HKU\S-1-5-21-1960408961-813497703-839522115-500\..\URLSearchHook: {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll (Conduit Ltd.)
FF - prefs.js..browser.startup.homepage: "http://www.daemon-search.com/startpage"
FF - prefs.js..browser.search.selectedEngine: "DAEMON Search"
FF - prefs.js..browser.startup.homepage: "http://www.daemon-search.com/startpage"
FF - prefs.js..browser.search.selectedEngine: "DAEMON Search"
[2010-05-21 20:07:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\39bvphr4.default\extensions\[email protected]
[2010-05-21 20:03:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\39bvphr4.default\extensions\[email protected]
[2009-04-02 19:49:22 | 000,002,236 | ---- | M] () -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\39bvphr4.default\searchplugins\askcom.xml
[2010-05-23 20:14:06 | 000,002,055 | ---- | M] () -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\39bvphr4.default\searchplugins\daemon-search.xml
O2 - BHO: (no name) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - No CLSID value found.
O2 - BHO: (Ask.com Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Ask.com Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1960408961-813497703-839522115-500\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-1960408961-813497703-839522115-500\..\Toolbar\WebBrowser: (Ask.com Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [apocalyps32] C:\WINDOWS\apocalyps32.exe (YKlQn06)
O4 - HKLM..\Run: [dll] C:\Documents and Settings\Administrator\Dane aplikacji\dll\svchost.exe (Microsoft)
O4 - HKLM..\Run: [LXBUCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBUtime.DLL ()
O4 - HKLM..\Run: [VVSN] C:\Program Files\VVSN\VVSN.exe (WhenU.com)
O4 - HKU\S-1-5-21-1960408961-813497703-839522115-500..\Run: [wsctf.exe]  File not found

:Files
C:\Documents and Settings\Administrator\Dane aplikacji\dll
C:\WINDOWS\apocalyps32.exe
C:\WINDOWS\system32\EXPLORER.EXE
C:\Program Files\VVSN
C:\WINDOWS\system32\wmdrtc32.dll
C:\WINDOWS\System32\wmdrtc32.dl_
C:\Program Files\free-downloads.net
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
C:\Program Files\Ask.com
C:\Program Files\DAEMON Tools Toolbar

:Reg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UxTuneUp]
"Start"=dword:00000003
[HKU\S-1-5-21-1960408961-813497703-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Main]
"Start Page"="http://google.pl"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Shell"="explorer.exe"
"Userinit"="C:\Windows\system32\userinit.exe,"
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2]

:Commands
[emptytemp]
[emptyflash]
[clearallrestorepoints]