Internet otwiera strony z opoznieniem 15-30 sekundowym googl

un7ouchab1e · 9 Kwiecień 2012 15:41

google chromi zawsze ladowalo odrazu, teraz cos jest nie tak i muli

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 15:30:01, on 2012-04-09

Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal


Running processes:

F:\WINDOWS\System32\smss.exe

F:\WINDOWS\system32\winlogon.exe

F:\WINDOWS\system32\services.exe

F:\WINDOWS\system32\lsass.exe

F:\WINDOWS\system32\svchost.exe

F:\WINDOWS\System32\svchost.exe

F:\WINDOWS\system32\svchost.exe

F:\WINDOWS\system32\spoolsv.exe

F:\Program Files\Java\jre6\bin\jqs.exe

F:\WINDOWS\system32\nvsvc32.exe

F:\WINDOWS\Explorer.EXE

F:\WINDOWS\system32\svchost.exe

F:\WINDOWS\system32\wscntfy.exe

F:\WINDOWS\system32\RunDLL32.exe

F:\WINDOWS\RTHDCPL.EXE

F:\Program Files\Common Files\Java\Java Update\jusched.exe

F:\Program Files\Real\RealPlayer\update\realsched.exe

F:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

F:\Program Files\Winamp\winampa.exe

F:\WINDOWS\system32\ctfmon.exe

F:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.111\GoogleCrashHandler.exe

F:\Program Files\Messenger\msmsgs.exe

F:\Program Files\SAGEM WiFi manager\WLANUTL.exe

F:\Program Files\Gadu-Gadu 10\gg.exe

F:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe

F:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.54\deploy\LoLLauncher.exe

F:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.134\deploy\LolClient.exe

F:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe

F:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe

F:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe

F:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.0.134\deploy\League of Legends.exe

F:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe

F:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe

F:\WINDOWS\system32\msiexec.exe

F:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe


R3 - URLSearchHook: Winamp Toolbar Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - F:\Program Files\Winamp Toolbar\winamptb.dll

O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - F:\Program Files\Winamp Toolbar\winamptb.dll

O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - F:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - F:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - F:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - F:\Program Files\Winamp Toolbar\winamptb.dll

O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - F:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login

O4 - HKLM\..\Run: [nwiz] F:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [SunJavaUpdateSched] "F:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [TkBellExe] "F:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot

O4 - HKLM\..\Run: [ISUSPM Startup] F:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKLM\..\Run: [ISUSScheduler] "F:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [WinampAgent] "F:\Program Files\Winamp\winampa.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [Google Update] "F:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [DAEMON Tools Lite] "F:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKCU\..\Run: [MSMSGS] "F:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [IPLA!] F:\Program Files\ipla\ipla.exe /autorun

O4 - HKCU\..\RunOnce: [WiseStubReboot] MSIEXEC /qb /I "F:\Program Files\Common Files\Wise Installation Wizard\WIS3F5C371F8EA24F259D3DD0B4526E3AEA_9_10_0513.MSI" TRANSFORMS="F:\Program Files\Common Files\Wise Installation Wizard\WIS3F5C371F8EA24F259D3DD0B4526E3AEA_9_10_0513.MST" WISE_SETUP_EXE_PATH="G:\Data\3rdparty\PhysX\PhysX_9.10.0513_SystemSoftware.exe"

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')

O4 - HKUS\S-1-5-21-507921405-329068152-725345543-1004\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Program sieciowy dla SAGEM Wi-Fi 11g USB adapter.lnk = %ProgramFiles%\SAGEM WiFi manager\WLANUTL.exe

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://F:\WINDOWS\system32\GPhotos.scr/200

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {EFAFA691-318D-410E-9682-F1C88150917E} (GameStarter Control) - http://www.sephiroth.co.kr/sephiroth/images/activex/sephiroth.cab

O22 - SharedTaskScheduler: Moduⓒⓒ wst?pnego ⓒⓒadowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - F:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Demon buforu kategorii skⓒⓒadnikow - {8C7461EF-2B13-11d2-BE35-3078302C2030} - F:\WINDOWS\system32\browseui.dll

O23 - Service: Google Updater Service (gusvc) - Google - F:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - F:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - F:\WINDOWS\system32\GameMon.des.exe (file missing)

O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\system32\nvsvc32.exe

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - F:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

O23 - Service: ServiceLayer - Nokia - F:\Program Files\PC Connectivity Solution\ServiceLayer.exe


--

End of file - 7179 bytes

bongoone · 9 Kwiecień 2012 16:03

Podaj logi OTL a nie HJ otl-gmer-rsit-dss-inne-instrukcje-t370405.html

Acorus · 9 Kwiecień 2012 16:05

Odinstaluj Winamp Toolbar,Babylon Toolbar .Pokaż logi z OTL otl-gmer-rsit-dss-inne-instrukcje-t370405.html

un7ouchab1e · 9 Kwiecień 2012 17:50

OTL logfile created on: 2012-04-09 19:45:46 - Run 1

OTL by OldTimer - Version 3.2.39.2 Folder = F:\Documents and Settings\Mateusz\Moje dokumenty\Downloads

Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.2180)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd


3,22 Gb Total Physical Memory | 2,34 Gb Available Physical Memory | 72,60% Memory free

5,06 Gb Paging File | 4,29 Gb Available in Paging File | 84,76% Paging File free

Paging file location(s): F:\pagefile.sys 2046 4092 [binary data]


%SystemDrive% = F: | %SystemRoot% = F:\WINDOWS | %ProgramFiles% = F:\Program Files

Drive C: | 232,88 Gb Total Space | 81,44 Gb Free Space | 34,97% Space Free | Partition Type: NTFS

Drive D: | 127,99 Gb Total Space | 127,91 Gb Free Space | 99,94% Space Free | Partition Type: NTFS

Drive F: | 104,89 Gb Total Space | 19,21 Gb Free Space | 18,32% Space Free | Partition Type: NTFS


Computer Name: MATI | User Name: Mateusz | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days


[color=#E56717]========== Processes (SafeList) ==========[/color]


PRC - [2012-04-09 19:45:17 | 000,593,920 | ---- | M] (OldTimer Tools) -- F:\Documents and Settings\Mateusz\Moje dokumenty\Downloads\OTL.exe

PRC - [2012-04-04 03:56:42 | 001,224,176 | ---- | M] (Google Inc.) -- F:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe

PRC - [2012-03-30 15:04:22 | 000,180,648 | ---- | M] (Google Inc.) -- F:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.111\GoogleCrashHandler.exe

PRC - [2012-02-25 22:20:51 | 000,740,216 | ---- | M] (BitTorrent, Inc.) -- F:\Program Files\uTorrent\uTorrent.exe

PRC - [2011-12-23 23:05:08 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- F:\Program Files\Real\RealPlayer\Update\realsched.exe

PRC - [2011-12-09 19:22:26 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- F:\Program Files\Winamp\winampa.exe

PRC - [2011-10-08 06:50:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- F:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

PRC - [2010-10-07 10:04:26 | 012,661,344 | ---- | M] (GG Network S.A.) -- F:\Program Files\Gadu-Gadu 10\gg.exe

PRC - [2007-01-16 14:42:20 | 000,950,272 | ---- | M] ( ) -- F:\Program Files\SAGEM WiFi manager\WLANUTL.EXE

PRC - [2004-08-04 00:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\explorer.exe



[color=#E56717]========== Modules (No Company Name) ==========[/color]


MOD - [2012-04-04 03:56:41 | 000,444,400 | ---- | M] () -- F:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\18.0.1025.151\ppgooglenaclpluginchrome.dll

MOD - [2012-04-04 03:56:39 | 003,915,248 | ---- | M] () -- F:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\18.0.1025.151\pdf.dll

MOD - [2012-04-04 03:55:14 | 000,122,880 | ---- | M] () -- F:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\18.0.1025.151\avutil-51.dll

MOD - [2012-04-04 03:55:12 | 000,220,672 | ---- | M] () -- F:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\18.0.1025.151\avformat-53.dll

MOD - [2012-04-04 03:55:11 | 001,747,456 | ---- | M] () -- F:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\18.0.1025.151\avcodec-53.dll

MOD - [2012-04-04 03:09:30 | 008,743,584 | ---- | M] () -- F:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\18.0.1025.151\gcswf32.dll

MOD - [2011-12-22 19:05:37 | 005,971,408 | ---- | M] () -- F:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

MOD - [2010-10-07 10:05:14 | 000,217,696 | ---- | M] () -- F:\Program Files\Gadu-Gadu 10\gglog.dll

MOD - [2010-10-07 10:05:14 | 000,123,488 | ---- | M] () -- F:\Program Files\Gadu-Gadu 10\ggipcradioproxy.dll

MOD - [2010-10-07 10:05:10 | 000,017,504 | ---- | M] () -- F:\Program Files\Gadu-Gadu 10\ggipc.dll

MOD - [2010-10-07 10:05:08 | 000,027,744 | ---- | M] () -- F:\Program Files\Gadu-Gadu 10\ggcrypto.dll

MOD - [2010-10-07 10:05:06 | 000,356,960 | ---- | M] () -- F:\Program Files\Gadu-Gadu 10\ggcommon.dll

MOD - [2010-08-06 21:01:42 | 002,404,352 | ---- | M] () -- F:\Program Files\Gadu-Gadu 10\QtCore4.dll

MOD - [2010-08-06 21:01:42 | 001,515,520 | ---- | M] () -- F:\Program Files\Gadu-Gadu 10\QtScript4.dll

MOD - [2010-08-06 21:01:42 | 001,040,384 | ---- | M] () -- F:\Program Files\Gadu-Gadu 10\QtNetwork4.dll

MOD - [2010-08-06 21:01:42 | 000,389,120 | ---- | M] () -- F:\Program Files\Gadu-Gadu 10\QtXml4.dll

MOD - [2010-08-06 21:01:42 | 000,323,584 | ---- | M] () -- F:\Program Files\Gadu-Gadu 10\QtSvg4.dll

MOD - [2010-08-06 21:01:40 | 013,553,664 | ---- | M] () -- F:\Program Files\Gadu-Gadu 10\QtWebKit4.dll

MOD - [2010-08-06 21:01:38 | 008,818,688 | ---- | M] () -- F:\Program Files\Gadu-Gadu 10\QtGui4.dll

MOD - [2010-08-06 21:01:22 | 003,334,144 | ---- | M] () -- F:\Program Files\Gadu-Gadu 10\QtXmlPatterns4.dll

MOD - [2010-08-06 21:00:32 | 000,311,296 | ---- | M] () -- F:\Program Files\Gadu-Gadu 10\imageformats\qtiff4.dll

MOD - [2010-08-06 21:00:32 | 000,274,432 | ---- | M] () -- F:\Program Files\Gadu-Gadu 10\imageformats\qmng4.dll

MOD - [2010-08-06 21:00:32 | 000,143,360 | ---- | M] () -- F:\Program Files\Gadu-Gadu 10\imageformats\qjpeg4.dll

MOD - [2010-08-06 21:00:32 | 000,027,648 | ---- | M] () -- F:\Program Files\Gadu-Gadu 10\imageformats\qgif4.dll

MOD - [2010-08-06 21:00:32 | 000,018,944 | ---- | M] () -- F:\Program Files\Gadu-Gadu 10\imageformats\qsvg4.dll

MOD - [2010-03-19 09:33:38 | 000,059,904 | ---- | M] () -- F:\Program Files\Gadu-Gadu 10\zlib1.dll

MOD - [2007-01-16 14:52:18 | 000,212,992 | ---- | M] () -- F:\Program Files\SAGEM WiFi manager\dot1x_dll.dll

MOD - [2007-01-16 14:52:18 | 000,045,056 | ---- | M] () -- F:\Program Files\SAGEM WiFi manager\ZDWlan.dll

MOD - [2004-08-04 00:44:04 | 000,014,336 | ---- | M] () -- F:\WINDOWS\system32\msdmo.dll



[color=#E56717]========== Win32 Services (SafeList) ==========[/color]


SRV - [2012-01-04 14:32:36 | 000,718,888 | ---- | M] (Nokia) [On_Demand | Stopped] -- F:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)

SRV - [2011-10-08 06:50:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- F:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)

SRV - [2011-10-03 19:41:00 | 004,643,224 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- F:\WINDOWS\system32\GameMon.des -- (npggsvc)



[color=#E56717]========== Driver Services (SafeList) ==========[/color]


DRV - File not found [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\ZDPNDIS5.SYS -- (ZDPNDIS5)

DRV - File not found [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\ZDCndis5.SYS -- (ZDCndis5)

DRV - File not found [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\XDva391.sys -- (XDva391)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)

DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)

DRV - File not found [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5)

DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)

DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)

DRV - File not found [Kernel | On_Demand | Stopped] -- E:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)

DRV - File not found [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\drivers\EagleNT.sys -- (EagleNT)

DRV - File not found [Kernel | On_Demand | Stopped] -- F:\Program Files\SmileGate\Sephiroth Part II\Bin\GameGuard\dump_wmimmc.sys -- (dump_wmimmc)

DRV - File not found [Kernel | System | Stopped] -- -- (Changer)

DRV - [2011-12-22 21:22:20 | 000,239,168 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- F:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)

DRV - [2011-11-01 11:07:26 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)

DRV - [2011-11-01 11:07:26 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)

DRV - [2011-11-01 11:07:26 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)

DRV - [2011-11-01 11:07:24 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)

DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)

DRV - [2008-04-17 10:33:26 | 004,707,328 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)

DRV - [2007-01-16 14:52:20 | 000,017,664 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\ZDPSp50.sys -- (ZDPSp50)

DRV - [2007-01-10 11:14:34 | 000,450,560 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\WlanBZXP.sys -- (SG762_XP)

DRV - [2006-07-02 00:32:26 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- F:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)

DRV - [2004-12-31 08:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\npptNT2.sys -- (NPPTNT2)

DRV - [2001-10-26 20:03:24 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- F:\WINDOWS\system32\drivers\fsvga.sys -- (FsVga)



[color=#E56717]========== Standard Registry (SafeList) ==========[/color]



[color=#E56717]========== Internet Explorer ==========[/color]


IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?AF=119998&babsrc=HP_ss&mntrId=3cbb7f5a0000000000000019700ae519

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689

IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searc---- | m] (microsoft corporation)

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



[color=#E56717]========== FireFox ==========[/color]


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: F:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: F:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: F:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: F:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: F:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.1.13: F:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.1.13: F:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.1.13: F:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.1.13: F:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.1.13: F:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: F:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: F:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)


FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: F:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-12-23 23:05:18 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\fe_9.0@nokia.com: F:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0 [2012-01-29 12:03:16 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\te_9.0@nokia.com: F:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0 [2012-01-29 12:03:15 | 000,000,000 | ---D | M]



[color=#E56717]========== Chrome ==========[/color]


CHR - default_search_provider: Search the web (Babylon) (Enabled)

CHR - default_search_provider: search_url = http://search.babylon.com/?q={searchTerms}&AF=119998&babsrc=SP_ss&mntrId=3cbb7f5a0000000000000019700ae519

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = F:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\18.0.1025.151\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = F:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\18.0.1025.151\pdf.dll

CHR - plugin: Shockwave Flash (Enabled) = F:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\18.0.1025.151\gcswf32.dll

CHR - plugin: Shockwave Flash (Enabled) = F:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = F:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll

CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = F:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

CHR - plugin: Microsoft\u00AE DRM (Enabled) = F:\Program Files\Windows Media Player\npdrmv2.dll

CHR - plugin: Microsoft\u00AE DRM (Enabled) = F:\Program Files\Windows Media Player\npwmsdrm.dll

CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = F:\Program Files\Windows Media Player\npdsplay.dll

CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = F:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = F:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = F:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll

CHR - plugin: RealPlayer Version Plugin (Enabled) = F:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll

CHR - plugin: Google Update (Enabled) = F:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.111\npGoogleUpdate3.dll

CHR - plugin: Picasa (Enabled) = F:\Program Files\Google\Picasa3\npPicasa3.dll

CHR - plugin: Silverlight Plug-In (Enabled) = F:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll

CHR - plugin: Pando Web Plugin (Enabled) = F:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

CHR - plugin: RealJukebox NS Plugin (Enabled) = F:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll

CHR - Extension: YouTube = F:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\

CHR - Extension: Szukaj w Google = F:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\

CHR - Extension: RealPlayer HTML5Video Downloader Extension = F:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\

CHR - Extension: Gmail = F:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\


O1 HOSTS File: ([2001-10-26 17:45:16 | 000,000,742 | ---- | M]) - F:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - F:\Documents and Settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)

O4 - HKLM..\Run: [Alcmtr] F:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [NvCplDaemon] F:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [NvMediaCenter] F:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [nwiz] F:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()

O4 - HKLM..\Run: [TkBellExe] F:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)

O4 - HKLM..\Run: [WinampAgent] F:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)

O4 - HKCU..\Run: [] File not found

O4 - HKCU..\Run: [DAEMON Tools Lite] F:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)

O4 - HKCU..\Run: [IPLA!] F:\Program Files\ipla\ipla.exe (Redefine Sp z o.o.)

O4 - HKCU..\Run: [uTorrent] F:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)

O4 - Startup: F:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Program sieciowy dla SAGEM Wi-Fi 11g USB adapter.lnk = F:\Program Files\SAGEM WiFi manager\WLANUTL.EXE ( )

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: Add to Google Photos Screensa&ver - F:\WINDOWS\System32\GPhotos.scr (Google Inc.)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: {EFAFA691-318D-410E-9682-F1C88150917E} http://www.sephiroth.co.kr/sephiroth/images/activex/sephiroth.cab (GameStarter Control)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 0.0.0.0

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0738346E-43CE-4127-9E14-1817733D19F8}: DhcpNameServer = 192.168.1.1 0.0.0.0

O20 - HKLM Winlogon: Shell - (Explorer.exe) - F:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (F:\WINDOWS\system32\userinit.exe) - F:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home

O24 - Desktop WallPaper: F:\WINDOWS\Web\Wallpaper\Idylla.bmp

O24 - Desktop BackupWallPaper: F:\WINDOWS\Web\Wallpaper\Idylla.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2011-12-22 18:32:47 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [NTFS]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*


NetSvcs: 6to4 - File not found

NetSvcs: Ias - File not found

NetSvcs: Iprip - File not found

NetSvcs: Irmon - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: WmdmPmSp - File not found



SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: sermouse.sys - Driver

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: vds - Service

SafeBootMin: vga.sys - Driver

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices


SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: sermouse.sys - Driver

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: vga.sys - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices


[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]


[2012-04-09 15:29:43 | 000,000,000 | ---D | C] -- F:\Program Files\Trend Micro

[2012-04-09 15:29:43 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Mateusz\Menu Start\Programy\HiJackThis

[2012-04-07 20:22:57 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Mateusz\riotsGamesLogs

[2012-04-07 20:22:01 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Mateusz\Dane aplikacji\LolClient

[2012-04-07 18:44:51 | 000,000,000 | ---D | C] -- F:\Riot Games

[2012-04-07 18:44:51 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Menu Start\Programy\Riot Games

[2012-04-07 11:30:38 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Mateusz\Pulpit\llol

[2012-03-24 20:39:37 | 000,017,408 | ---- | C] (SCM Microsystems) -- F:\WINDOWS\System32\drivers\SCR111.sys

[2012-03-24 20:39:37 | 000,017,408 | ---- | C] (SCM Microsystems) -- F:\WINDOWS\System32\dllcache\scr111.sys

[2012-03-17 10:56:41 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Mateusz\Moje dokumenty\ArcaniA - Gothic 4

[2012-03-17 10:56:06 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Mateusz\Moje dokumenty\ArcaniA - AddOn

[2012-03-17 10:54:07 | 000,000,000 | -H-D | C] -- F:\WINDOWS\$MSI31Uninstall_KB893803v2$

[2012-03-17 10:53:50 | 000,527,192 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\XAudio2_7.dll

[2012-03-17 10:53:50 | 000,074,072 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\XAPOFX1_5.dll

[2012-03-17 10:53:49 | 000,239,960 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\xactengine3_7.dll

[2012-03-17 10:53:48 | 002,106,216 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\D3DCompiler_43.dll

[2012-03-17 10:53:47 | 001,998,168 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\D3DX9_43.dll

[2012-03-17 10:53:47 | 001,868,128 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\d3dcsx_43.dll

[2012-03-17 10:53:47 | 000,470,880 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\d3dx10_43.dll

[2012-03-17 10:53:47 | 000,248,672 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\d3dx11_43.dll

[2012-03-17 10:52:49 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Menu Start\Programy\ArcaniA - Upadek Setarrif

[2012-03-17 10:48:26 | 000,000,000 | ---D | C] -- F:\Program Files\Nordic Games

[6 F:\WINDOWS\System32\*.tmp files -> F:\WINDOWS\System32\*.tmp ->]

[4 F:\WINDOWS\*.tmp files -> F:\WINDOWS\*.tmp ->]


[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]


[2012-04-09 19:09:00 | 000,001,140 | ---- | M] () -- F:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-507921405-329068152-725345543-1003UA.job

[2012-04-09 15:29:57 | 000,002,447 | ---- | M] () -- F:\Documents and Settings\Mateusz\Pulpit\HiJackThis.lnk

[2012-04-09 15:09:00 | 000,001,088 | ---- | M] () -- F:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-507921405-329068152-725345543-1003Core.job

[2012-04-09 09:53:41 | 000,355,460 | ---- | M] () -- F:\WINDOWS\System32\perfh015.dat

[2012-04-09 09:53:41 | 000,311,604 | ---- | M] () -- F:\WINDOWS\System32\perfh009.dat

[2012-04-09 09:53:41 | 000,049,492 | ---- | M] () -- F:\WINDOWS\System32\perfc015.dat

[2012-04-09 09:53:41 | 000,039,992 | ---- | M] () -- F:\WINDOWS\System32\perfc009.dat

[2012-04-09 09:49:40 | 000,000,282 | ---- | M] () -- F:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-507921405-329068152-725345543-1003.job

[2012-04-09 09:49:37 | 000,002,206 | ---- | M] () -- F:\WINDOWS\System32\wpa.dbl

[2012-04-09 09:49:36 | 000,002,048 | --S- | M] () -- F:\WINDOWS\bootstat.dat

[2012-04-07 18:51:34 | 000,001,616 | ---- | M] () -- F:\Documents and Settings\All Users\Pulpit\Graj w League of Legends.lnk

[2012-04-05 23:17:09 | 000,193,358 | ---- | M] () -- F:\Documents and Settings\Mateusz\Pulpit\DSC_6593aaa.jpg

[2012-04-05 22:52:02 | 000,071,958 | ---- | M] () -- F:\Documents and Settings\Mateusz\Pulpit\DSC06521.JPG

[2012-04-04 12:46:00 | 000,000,290 | ---- | M] () -- F:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-507921405-329068152-725345543-1003.job

[2012-04-04 11:41:03 | 000,097,434 | ---- | M] () -- F:\Documents and Settings\Mateusz\Pulpit\0_0_0_1216434012_middle.jpg

[2012-03-30 14:55:23 | 000,240,251 | ---- | M] () -- F:\Documents and Settings\Mateusz\Pulpit\DSC_6522bbb.jpg

[2012-03-28 10:23:29 | 000,106,475 | ---- | M] () -- F:\Documents and Settings\Mateusz\Pulpit\DSC_6529.JPG

[2012-03-25 23:36:32 | 000,042,496 | ---- | M] () -- F:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012-03-23 09:05:22 | 000,002,296 | ---- | M] () -- F:\Documents and Settings\Mateusz\Pulpit\Chrome.lnk

[2012-03-22 23:16:47 | 000,141,905 | ---- | M] () -- F:\Documents and Settings\Mateusz\Pulpit\DSC_6513bbb_copy.jpg

[2012-03-20 10:05:45 | 000,141,218 | ---- | M] () -- F:\Documents and Settings\Mateusz\Pulpit\DSC_6479aaa.jpg

[2012-03-19 15:11:25 | 000,090,088 | ---- | M] () -- F:\Documents and Settings\Mateusz\Pulpit\stock-photo-12580431-pink-roses-garden.jpg

[2012-03-17 10:52:49 | 000,000,993 | ---- | M] () -- F:\Documents and Settings\All Users\Pulpit\ArcaniA - Upadek Setarrif English Voice Polish Texts.lnk

[2012-03-17 10:52:49 | 000,000,987 | ---- | M] () -- F:\Documents and Settings\All Users\Pulpit\ArcaniA - Upadek Setarrif.lnk

[2012-03-15 11:36:18 | 000,070,796 | ---- | M] () -- F:\Documents and Settings\Mateusz\Pulpit\430555_286888094713069_149542128447667_678198_377716622_n.jpg

[2012-03-15 11:35:10 | 000,036,396 | ---- | M] () -- F:\Documents and Settings\Mateusz\Pulpit\432124_287127981355747_149542128447667_678691_544032536_n.jpg

[6 F:\WINDOWS\System32\*.tmp files -> F:\WINDOWS\System32\*.tmp ->]

[4 F:\WINDOWS\*.tmp files -> F:\WINDOWS\*.tmp ->]


[color=#E56717]========== Files Created - No Company Name ==========[/color]


[2012-04-09 15:29:43 | 000,002,447 | ---- | C] () -- F:\Documents and Settings\Mateusz\Pulpit\HiJackThis.lnk

[2012-04-07 18:51:34 | 000,001,616 | ---- | C] () -- F:\Documents and Settings\All Users\Pulpit\Graj w League of Legends.lnk

[2012-04-05 23:15:31 | 000,193,358 | ---- | C] () -- F:\Documents and Settings\Mateusz\Pulpit\DSC_6593aaa.jpg

[2012-04-05 22:52:02 | 000,071,958 | ---- | C] () -- F:\Documents and Settings\Mateusz\Pulpit\DSC06521.JPG

[2012-04-04 11:41:05 | 000,097,434 | ---- | C] () -- F:\Documents and Settings\Mateusz\Pulpit\0_0_0_1216434012_middle.jpg

[2012-03-30 14:54:24 | 000,240,251 | ---- | C] () -- F:\Documents and Settings\Mateusz\Pulpit\DSC_6522bbb.jpg

[2012-03-28 10:23:29 | 000,106,475 | ---- | C] () -- F:\Documents and Settings\Mateusz\Pulpit\DSC_6529.JPG

[2012-03-22 23:06:40 | 000,141,905 | ---- | C] () -- F:\Documents and Settings\Mateusz\Pulpit\DSC_6513bbb_copy.jpg

[2012-03-20 09:22:09 | 000,141,218 | ---- | C] () -- F:\Documents and Settings\Mateusz\Pulpit\DSC_6479aaa.jpg

[2012-03-19 15:11:27 | 000,090,088 | ---- | C] () -- F:\Documents and Settings\Mateusz\Pulpit\stock-photo-12580431-pink-roses-garden.jpg

[2012-03-17 10:52:49 | 000,000,993 | ---- | C] () -- F:\Documents and Settings\All Users\Pulpit\ArcaniA - Upadek Setarrif English Voice Polish Texts.lnk

[2012-03-17 10:52:49 | 000,000,987 | ---- | C] () -- F:\Documents and Settings\All Users\Pulpit\ArcaniA - Upadek Setarrif.lnk

[2012-03-15 11:36:20 | 000,070,796 | ---- | C] () -- F:\Documents and Settings\Mateusz\Pulpit\430555_286888094713069_149542128447667_678198_377716622_n.jpg

[2012-03-15 11:35:14 | 000,036,396 | ---- | C] () -- F:\Documents and Settings\Mateusz\Pulpit\432124_287127981355747_149542128447667_678691_544032536_n.jpg

[2012-01-21 10:31:08 | 000,175,616 | ---- | C] () -- F:\WINDOWS\System32\unrar.dll

[2012-01-21 10:31:07 | 000,650,752 | ---- | C] () -- F:\WINDOWS\System32\xvidcore.dll

[2012-01-21 10:31:07 | 000,243,200 | ---- | C] () -- F:\WINDOWS\System32\xvidvfw.dll

[2012-01-21 10:31:06 | 000,079,360 | ---- | C] () -- F:\WINDOWS\System32\ff_vfw.dll

[2012-01-13 22:20:33 | 000,000,754 | ---- | C] () -- F:\WINDOWS\WORDPAD.INI

[2011-12-24 15:07:54 | 000,048,323 | ---- | C] () -- F:\WINDOWS\System32\uninst.exe

[2011-12-22 19:43:29 | 000,114,688 | ---- | C] () -- F:\WINDOWS\System32\WLANUTL.dll

[2011-12-22 19:25:42 | 000,004,293 | ---- | C] () -- F:\WINDOWS\ODBCINST.INI

[2011-12-22 19:23:00 | 000,102,232 | ---- | C] () -- F:\WINDOWS\System32\FNTCACHE.DAT

[2011-12-22 19:06:11 | 000,049,152 | R--- | C] () -- F:\WINDOWS\System32\ChCfg.exe

[2011-12-22 18:54:41 | 000,285,176 | ---- | C] () -- F:\WINDOWS\System32\nvdrsdb1.bin

[2011-12-22 18:54:41 | 000,285,176 | ---- | C] () -- F:\WINDOWS\System32\nvdrsdb0.bin

[2011-12-22 18:54:41 | 000,000,001 | ---- | C] () -- F:\WINDOWS\System32\nvdrssel.bin

[2011-12-22 18:53:27 | 002,130,002 | ---- | C] () -- F:\WINDOWS\System32\nvdata.data

[2011-12-22 18:39:11 | 000,042,496 | ---- | C] () -- F:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011-12-22 18:34:26 | 000,002,048 | --S- | C] () -- F:\WINDOWS\bootstat.dat

[2011-12-22 18:30:28 | 000,021,856 | ---- | C] () -- F:\WINDOWS\System32\emptyregdb.dat


[color=#E56717]========== LOP Check ==========[/color]


[2012-02-24 15:25:40 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dane aplikacji\Babylon

[2012-01-06 14:23:26 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dane aplikacji\Big Fish Games

[2011-12-22 21:22:07 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite

[2011-12-24 14:46:36 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10

[2012-02-24 16:41:48 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dane aplikacji\ipla

[2012-01-29 12:03:14 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dane aplikacji\Nokia

[2012-01-29 12:00:10 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dane aplikacji\NokiaInstallerCache

[2012-01-29 12:03:42 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dane aplikacji\PC Suite

[2012-04-09 19:43:15 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dane aplikacji\PMB Files

[2012-02-24 16:41:49 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dane aplikacji\RDRM

[2012-02-24 15:25:40 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Mateusz\Dane aplikacji\Babylon

[2011-12-24 16:35:33 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Mateusz\Dane aplikacji\DAEMON Tools Lite

[2011-12-29 11:35:32 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Mateusz\Dane aplikacji\Gadu-Gadu 10

[2012-04-09 09:50:00 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Mateusz\Dane aplikacji\ipla

[2012-04-07 20:22:01 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Mateusz\Dane aplikacji\LolClient

[2012-02-02 17:04:42 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Mateusz\Dane aplikacji\Maluch Racer 3

[2012-01-29 12:03:46 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Mateusz\Dane aplikacji\Nokia

[2011-12-28 14:19:22 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Mateusz\Dane aplikacji\OpenCandy

[2012-01-29 21:07:07 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Mateusz\Dane aplikacji\PC Suite

[2012-01-23 12:41:09 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Mateusz\Dane aplikacji\PhotoScape

[2012-02-24 15:26:03 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Mateusz\Dane aplikacji\SumatraPDF

[2012-04-09 19:49:00 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Mateusz\Dane aplikacji\uTorrent


[color=#E56717]========== Purity Check ==========[/color]




[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]

[2012-04-09 09:49:33 | 2145,386,496 | -HS- | M] () -- F:\pagefile.sys

[2011-12-24 18:50:51 | 1826,548,925 | ---- | M] () -- F:\Sephiroth_Full.exe

[2012-02-24 15:25:54 | 000,001,491 | ---- | M] () -- F:\user.js


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]

[2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- F:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys

[2004-08-04 01:54:52 | 018,789,127 | ---- | M] () .cab file -- F:\WINDOWS\ServicePackFiles\i386\sp2.cab:agp440.sys

[2004-08-04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- F:\WINDOWS\ServicePackFiles\i386\agp440.sys

[2004-08-04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- F:\WINDOWS\system32\drivers\agp440.sys


[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]

[2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- F:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys

[2004-08-04 01:54:52 | 018,789,127 | ---- | M] () .cab file -- F:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys

[2004-08-03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- F:\WINDOWS\ServicePackFiles\i386\atapi.sys

[2004-08-04 00:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- F:\WINDOWS\system32\drivers\atapi.sys


[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]

[2001-08-17 23:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- F:\WINDOWS\system32\dllcache\beep.sys

[2001-08-17 23:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- F:\WINDOWS\system32\drivers\beep.sys


[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]

[2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- F:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys

[2004-08-04 01:54:52 | 018,789,127 | ---- | M] () .cab file -- F:\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys

[2011-05-10 00:48:16 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- F:\WINDOWS\system32\dllcache\cdrom.sys

[2011-05-10 00:48:16 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- F:\WINDOWS\system32\drivers\cdrom.sys

[2004-08-03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- F:\WINDOWS\$NtUninstallKB952011$\cdrom.sys

[2004-08-03 23:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- F:\WINDOWS\ServicePackFiles\i386\cdrom.sys


[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]

[2004-08-04 00:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- F:\WINDOWS\ServicePackFiles\i386\ndis.sys

[2004-08-03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- F:\WINDOWS\system32\dllcache\ndis.sys

[2004-08-03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- F:\WINDOWS\system32\drivers\ndis.sys


[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]

[2004-08-04 01:44:30 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=BD768099B4C44AA631728CB74EB54396 -- F:\WINDOWS\ServicePackFiles\i386\userinit.exe

[2004-08-04 00:44:30 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=BD768099B4C44AA631728CB74EB54396 -- F:\WINDOWS\system32\dllcache\userinit.exe

[2004-08-04 00:44:30 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=BD768099B4C44AA631728CB74EB54396 -- F:\WINDOWS\system32\userinit.exe


[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]

[2004-08-04 01:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- F:\WINDOWS\ServicePackFiles\i386\winlogon.exe

[2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- F:\WINDOWS\system32\dllcache\winlogon.exe

[2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- F:\WINDOWS\system32\winlogon.exe


[color=#E56717]========== Files - Unicode (All) ==========[/color]

[2012-01-04 19:43:34 | 004,003,245 | ---- | M] ()(F:\Documents and Settings\Mateusz\Pulpit\ŁZY - PRZEPRASZAM CI? pobrano z ulub_pl.mp3) -- F:\Documents and Settings\Mateusz\Pulpit\ŁZY - PRZEPRASZAM CIĘ pobrano z ulub_pl.mp3

[2012-01-04 19:42:42 | 004,003,245 | ---- | C] ()(F:\Documents and Settings\Mateusz\Pulpit\ŁZY - PRZEPRASZAM CI? pobrano z ulub_pl.mp3) -- F:\Documents and Settings\Mateusz\Pulpit\ŁZY - PRZEPRASZAM CIĘ pobrano z ulub_pl.mp3

[2011-12-22 18:29:51 | 000,065,978 | ---- | C] ()(F:\WINDOWS\B?belki.bmp) -- F:\WINDOWS\Bąbelki.bmp

[2011-12-22 18:29:51 | 000,009,522 | ---- | C] ()(F:\WINDOWS\India?ski pled.bmp) -- F:\WINDOWS\Indiański pled.bmp

[2001-07-22 00:36:24 | 000,065,978 | ---- | M] ()(F:\WINDOWS\B?belki.bmp) -- F:\WINDOWS\Bąbelki.bmp

[2001-07-22 00:36:24 | 000,009,522 | ---- | M] ()(F:\WINDOWS\India?ski pled.bmp) -- F:\WINDOWS\Indiański pled.bmp

[2001-07-22 00:36:06 | 000,000,075 | ---- | M] ()(F:\WINDOWS\System32\Poka? kanały.scf) -- F:\WINDOWS\System32\Pokaż kanały.scf

[2001-07-22 00:36:06 | 000,000,075 | ---- | C] ()(F:\WINDOWS\System32\Poka? kanały.scf) -- F:\WINDOWS\System32\Pokaż kanały.scf

(F:\Documents and Settings\All Users\Menu Start\Programy\Narz?dzia administracyjne) -- F:\Documents and Settings\All Users\Menu Start\Programy\Narzędzia administracyjne


< End of report >

log OTL

Acorus · 9 Kwiecień 2012 18:02

Uruchom OTL i w okno (Własne opcje skanowania/Script)wklej:

Kliknij Wykonaj skrypt.W OTL użyj opcji Sprzątanie.Przeskanuj progr.Malwarebytes Anti-Malware

http://www.malwarebytes.org/products/malwarebytes_free

Przed skanowaniem wykonaj RĘCZNĄ AKTUALIZACJĘ BAZY SYGNATUR WIRUSÓW

Zainstaluj aktualizacje do programow wskazanych przez: http://screen317.spywareinfoforum.org/SecurityCheck.exe jako out of date.