Pomoc w sprawdzeniu loga


(Jacek Herdzik) #1

witam, mam taki problem,że nie działają mi wyszukiwarki w tym google.pl, jestem zielony w tych tematach więc proszę o radę i sprawdzenie.

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 15:20:01, on 2012-02-06

Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.17106)

Boot mode: Normal

Running processes:

C:\windows\System32\smss.exe

C:\PROGRA~1\AVG\AVG2012\avgrsx.exe

C:\Program Files\AVG\AVG2012\avgcsrvx.exe

C:\windows\system32\winlogon.exe

C:\windows\system32\services.exe

C:\windows\system32\lsass.exe

C:\windows\system32\svchost.exe

C:\windows\System32\svchost.exe

C:\windows\Explorer.EXE

C:\windows\system32\spoolsv.exe

C:\windows\system32\VTTimer.exe

C:\windows\RTHDCPL.EXE

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\AVG\AVG2012\avgtray.exe

C:\Program Files\AVG Secure Search\vprot.exe

C:\windows\system32\ctfmon.exe

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

C:\Program Files\AVG\AVG2012\avgfws.exe

C:\Program Files\AVG\AVG2012\avgwdsvc.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe

C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe

C:\Program Files\AVG\AVG2012\avgnsx.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\Program Files\AVG\AVG2012\avgcsrvx.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\windows\system32\wscntfy.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.eu.microsoft.com/poland/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60747

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60747

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~1\ALLPLA~1\Iplex\IPLEXT~1.DLL

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll

O4 - HKLM..\Run: [VTTimer] VTTimer.exe

O4 - HKLM..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

O4 - HKLM..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"

O4 - HKLM..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"

O4 - HKCU..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe

O4 - HKCU..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO

O4 - HKCU..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKUS\S-1-5-18..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\S-1-5-18..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')

O4 - HKUS\S-1-5-18..\RunOnce: [adaware] reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f (User 'SYSTEM')

O4 - HKUS\S-1-5-18..\RunOnce: [adaware_XP] reg.exe delete "HKCU\Software\adaware" /f (User 'SYSTEM')

O4 - HKUS.DEFAULT..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - HKUS.DEFAULT..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')

O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000

O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL

O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\windows\system32\browseui.dll

O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\system32\browseui.dll

O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

O23 - Service: Zapora AVG (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgfws.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe

O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Usługa Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe

O23 - Service: vToolbarUpdater - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe

--

End of file - 9723 bytes


(bibut) #2

zrób log OTL instrukcja >>> otl-gmer-rsit-dss-inne-instrukcje-t370405.html


(Jacek Herdzik) #3

OTL logfile created on: 2012-02-06 16:45:12 - Run 1

OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\jacek\Moje dokumenty\Pobieranie

Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 7.0.5730.13)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

895,23 Mb Total Physical Memory | 422,03 Mb Available Physical Memory | 47,14% Memory free

2,12 Gb Paging File | 1,63 Gb Available in Paging File | 77,25% Paging File free

Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files

Drive C: | 48,83 Gb Total Space | 28,62 Gb Free Space | 58,62% Space Free | Partition Type: NTFS

Drive D: | 100,21 Gb Total Space | 68,62 Gb Free Space | 68,48% Space Free | Partition Type: NTFS

Computer Name: JACEK-8AB66A475 | User Name: jacek | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012-02-06 16:44:19 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\jacek\Moje dokumenty\Pobieranie\OTL.exe

PRC - 2012-02-05 12:34:50 | 000,939,872 | ---- | M -- C:\Program Files\AVG Secure Search\vprot.exe

PRC - 2012-02-05 12:34:50 | 000,909,152 | ---- | M -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe

PRC - [2012-01-24 17:24:26 | 002,416,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe

PRC - [2012-01-13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

PRC - [2011-11-28 01:19:04 | 001,229,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe

PRC - [2011-11-23 02:36:24 | 002,391,832 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgfws.exe

PRC - [2011-10-12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe

PRC - [2011-09-08 20:53:26 | 000,743,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe

PRC - [2011-08-15 06:21:40 | 000,337,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe

PRC - 2011-08-12 00:38:07 | 000,116,608 | ---- | M -- C:\Program Files\SUPERAntiSpyware\SASCore.exe

PRC - [2011-08-02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe

PRC - [2010-03-25 18:42:36 | 000,388,096 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

PRC - [2008-04-14 21:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2005-03-08 04:33:28 | 000,053,248 | R--- | M] (S3 Graphics, Inc.) -- C:\WINDOWS\system32\VTTimer.exe

========== Modules (No Company Name) ==========

MOD - 2012-02-05 12:34:50 | 000,939,872 | ---- | M -- C:\Program Files\AVG Secure Search\vprot.exe

MOD - 2012-02-05 12:34:50 | 000,909,152 | ---- | M -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe

MOD - 2012-02-05 12:34:49 | 001,811,296 | ---- | M -- C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)

SRV - 2012-02-05 12:34:50 | 000,909,152 | ---- | M [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe -- (vToolbarUpdater)

SRV - [2012-01-13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2011-11-23 02:36:24 | 002,391,832 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgfws.exe -- (avgfws)

SRV - [2011-10-12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)

SRV - 2011-08-12 00:38:07 | 000,116,608 | ---- | M [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)

SRV - [2011-08-02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)

SRV - [2010-10-26 16:05:24 | 000,155,344 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion)

========== Driver Services (SafeList) ==========

DRV - [2011-12-10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)

DRV - [2011-10-07 06:23:48 | 000,230,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)

DRV - [2011-10-04 06:21:42 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)

DRV - [2011-09-13 06:30:10 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\windows\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)

DRV - [2011-08-08 06:08:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)

DRV - [2011-07-22 17:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)

DRV - [2011-07-12 22:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)

DRV - [2011-07-11 01:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)

DRV - [2011-07-11 01:14:28 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)

DRV - [2011-07-11 01:14:28 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)

DRV - [2011-07-11 01:14:26 | 000,134,608 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)

DRV - [2011-05-23 01:03:20 | 000,030,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwfd)

DRV - [2011-05-23 01:03:20 | 000,030,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwdx)

DRV - [2011-02-11 15:46:18 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\seehcri.sys -- (seehcri)

DRV - [2011-02-11 15:36:39 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)

DRV - [2011-02-11 15:36:39 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)

DRV - [2008-05-02 07:48:55 | 000,062,208 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\windows\System32\drivers\si3112.sys -- (Si3112)

DRV - [2006-11-03 23:45:48 | 000,178,913 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\V0260Vid.sys -- (V0260VID)

DRV - [2006-09-11 21:27:00 | 004,381,184 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)

DRV - [2005-10-15 05:19:56 | 000,792,576 | R--- | M] (S3 Graphics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\S3G700m.sys -- (S3G700)

DRV - [2005-03-14 06:01:38 | 000,041,984 | ---- | M] (DeviceGuys, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\DGIVECP.SYS -- (DgiVecp)

DRV - 2004-08-13 03:56:20 | 000,005,810 | R--- | M [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)

DRV - 2002-07-17 07:53:02 | 000,016,877 | ---- | M [Kernel | System | Running] -- C:\windows\System32\drivers\Aspi32.sys -- (ASPI32)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.eu.microsoft.com/poland/

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Web Search"

FF - prefs.js..browser.search.defaultenginename: "Web Search"

FF - prefs.js..browser.search.defaultthis.engineName: "uTorrentBar Customized Web Search"

FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&SearchSource=3&q={searchTerms}"

FF - prefs.js..browser.search.order.1: "Ask.com"

FF - prefs.js..browser.search.selectedEngine: "Google "

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "http://www.onet.pl/"

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0

FF - prefs.js..keyword.URL: "http://isearch.avg.com/search?cid=%7B65a818d4-afda-46d2-9c4b-550509844fed%7D&mid=11ac7d8c7ef147d18e5ed153d4dc5fd2-5d1f9d7851b3430bb16e43db1fa851a3b6549fb7&ds=AVG&v=10.0.0.7〈=pl&pr=pr&d=2012-02-05%2012%3A34%3A52&sap=ku&q="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: C:\Program Files\Ganymede\Plugins\npganymedenet.dll ( )

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\jacek\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012-02-05 12:35:01 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\avg@toolbar: C:\Documents and Settings\All Users\Dane aplikacji\AVG Secure Search\10.0.0.7\ [2012-02-05 12:34:57 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\Components: C:\Program Files\Mozilla Firefox\components [2012-02-04 13:04:39 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-02-04 12:08:12 | 000,000,000 | ---D | M]

[2012-02-05 11:20:37 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\jacek\Dane aplikacji\Mozilla\Extensions

[2012-02-05 21:05:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\jacek\Dane aplikacji\Mozilla\Firefox\Profiles\v619ptjp.default\extensions

[2012-01-25 22:04:25 | 000,000,000 | ---D | M] (VshareComplete - Speed up your search with your personal search suggestions tool) -- C:\Documents and Settings\jacek\Dane aplikacji\Mozilla\Firefox\Profiles\v619ptjp.default\extensions{4ac04d99-3f4b-4ec5-bd2d-216d59822f8a}

[2011-11-02 20:46:42 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Documents and Settings\jacek\Dane aplikacji\Mozilla\Firefox\Profiles\v619ptjp.default\extensions{99079a25-328f-4bd4-be04-00955acaa0a7}

[2012-01-27 18:48:14 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Documents and Settings\jacek\Dane aplikacji\Mozilla\Firefox\Profiles\v619ptjp.default\extensions{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}

[2011-06-13 14:24:06 | 000,000,000 | ---D | M] (free-downloads.net Community Toolbar) -- C:\Documents and Settings\jacek\Dane aplikacji\Mozilla\Firefox\Profiles\v619ptjp.default\extensions{ecdee021-0d17-467f-a1ff-c7a115230949}(2)

2011-10-30 18:27:51 | 000,000,000 | ---D | M -- C:\Documents and Settings\jacek\Dane aplikacji\Mozilla\Firefox\Profiles\v619ptjp.default\extensions\cacaoweb@cacaoweb.org

[2011-12-17 10:05:02 | 000,000,000 | ---D | M] (Iplex to ALLPlayer) -- C:\Documents and Settings\jacek\Dane aplikacji\Mozilla\Firefox\Profiles\v619ptjp.default\extensions\IplextoALL@ALLPlayer.org

2011-06-12 20:23:23 | 000,002,567 | ---- | M -- C:\Documents and Settings\jacek\Dane aplikacji\Mozilla\Firefox\Profiles\v619ptjp.default\searchplugins\askcom.xml

2012-01-11 11:47:26 | 000,000,925 | ---- | M -- C:\Documents and Settings\jacek\Dane aplikacji\Mozilla\Firefox\Profiles\v619ptjp.default\searchplugins\conduit.xml

2011-12-17 10:04:54 | 000,000,346 | ---- | M -- C:\Documents and Settings\jacek\Dane aplikacji\Mozilla\Firefox\Profiles\v619ptjp.default\searchplugins\Gazeta.xml

2011-10-29 19:53:13 | 000,002,207 | ---- | M -- C:\Documents and Settings\jacek\Dane aplikacji\Mozilla\Firefox\Profiles\v619ptjp.default\searchplugins\MyStart Search.xml

2011-11-02 20:30:44 | 000,002,520 | ---- | M -- C:\Documents and Settings\jacek\Dane aplikacji\Mozilla\Firefox\Profiles\v619ptjp.default\searchplugins\SearchResults.xml

2012-01-25 23:12:33 | 000,000,792 | ---- | M -- C:\Documents and Settings\jacek\Dane aplikacji\Mozilla\Firefox\Profiles\v619ptjp.default\searchplugins\startsear.xml

2011-06-13 13:44:01 | 000,001,583 | ---- | M -- C:\Documents and Settings\jacek\Dane aplikacji\Mozilla\Firefox\Profiles\v619ptjp.default\searchplugins\web-search.xml

2011-11-24 18:05:08 | 000,001,390 | ---- | M -- C:\Documents and Settings\jacek\Dane aplikacji\Mozilla\Firefox\Profiles\v619ptjp.default\searchplugins\yahoo-zugo.xml

[2012-02-04 13:05:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2012-01-28 15:56:36 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

2012-01-20 21:05:31 | 000,000,000 | ---D | M -- C:\Program Files\Mozilla Firefox\extensions\quickstores@quickstores.de

[2012-02-05 12:34:57 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\DANE APLIKACJI\AVG SECURE SEARCH\10.0.0.7

() (No name found) -- C:\DOCUMENTS AND SETTINGS\JACEK\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\V619PTJP.DEFAULT\EXTENSIONS\IPLEXTOALL@ALLPLAYER.ORG.XPI

() (No name found) -- C:\DOCUMENTS AND SETTINGS\JACEK\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\V619PTJP.DEFAULT\EXTENSIONS\SMARTERWIKI@WIKIATIC.COM.XPI

[2012-02-05 12:35:01 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG2012\FIREFOX4

[2012-02-04 13:04:37 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2012-02-04 12:13:06 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

2010-11-24 11:12:30 | 000,120,296 | ---- | M -- C:\Program Files\mozilla firefox\plugins\npganymedenet.dll

2011-10-03 10:14:54 | 000,083,456 | ---- | M -- C:\Program Files\mozilla firefox\plugins\npvsharetvplg.dll

2011-11-11 15:45:42 | 000,002,105 | ---- | M -- C:\Program Files\mozilla firefox\searchplugins\adawaretb.xml

2011-10-02 11:27:59 | 000,002,767 | ---- | M -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml

2012-02-05 12:34:48 | 000,003,747 | ---- | M -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml

2011-10-29 19:52:54 | 000,002,288 | ---- | M -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml

2007-07-26 12:05:16 | 000,001,329 | ---- | M -- C:\Program Files\mozilla firefox\searchplugins\crawlersrch.xml

2011-10-02 11:27:59 | 000,001,406 | ---- | M -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml

2011-10-02 11:27:59 | 000,000,917 | ---- | M -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml

2011-10-02 11:27:59 | 000,000,858 | ---- | M -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml

2011-11-02 20:30:44 | 000,002,520 | ---- | M -- C:\Program Files\mozilla firefox\searchplugins\SearchResults.xml

2012-01-15 12:53:03 | 000,002,415 | ---- | M -- C:\Program Files\mozilla firefox\searchplugins\v9.xml

2011-10-02 11:27:59 | 000,001,183 | ---- | M -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml

2011-10-02 11:27:59 | 000,001,683 | ---- | M -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

========== Chrome ==========

CHR - Extension: No name found = C:\Documents and Settings\jacek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.4.1_0\

O1 HOSTS File: ([2012-02-04 15:54:26 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll ()

O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)

O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)

O3 - HKLM..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll ()

O3 - HKCU..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.

O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()

O4 - HKLM..\Run: [VTTimer] C:\windows\System32\VTTimer.exe (S3 Graphics, Inc.)

O4 - HKCU..\Run: [ccleaner] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)

O4 - HKCU..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = FF 00 00 00 [binary data]

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Nowa wartość #1 = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1

O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)

O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)

O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)

O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_05)

O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 80.48.254.129 80.50.50.50

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces{1F0B841F-A6E8-4707-88D0-368B1E848B40}: DhcpNameServer = 80.48.254.129 80.50.50.50

O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll ()

O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O20 - Winlogon\Notify!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)

O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - File not found

O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\jacek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\jacek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp

O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)

O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - 2007-08-18 14:23:53 | 000,000,000 | ---- | M - C:\AUTOEXEC.BAT -- [NTFS]

O34 - HKLM BootExecute: (autocheck autochk *)

O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)

O35 - HKLM..comfile [open] -- "%1" %*

O35 - HKLM..exefile [open] -- "%1" %*

O37 - HKLM...com [@ = ComFile] -- "%1" %*

O37 - HKLM...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found

NetSvcs: HidServ - File not found

NetSvcs: Ias - File not found

NetSvcs: Iprip - File not found

NetSvcs: Irmon - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: WmdmPmSp - File not found

MsConfig - Services: "SharedAccess"

MsConfig - StartUpReg: Creative WebCam Tray - hkey= - key= - C:\Program Files\Creative\Shared Files\CamTray.exe (Creative Technology Ltd)

MsConfig - StartUpReg: GrooveMonitor - hkey= - key= - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)

MsConfig - StartUpReg: S3Trayp - hkey= - key= - File not found

MsConfig - StartUpReg: Samsung Common SM - hkey= - key= - C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe (Samsung Electronics.)

MsConfig - StartUpReg: Sony Ericsson PC Companion - hkey= - key= - C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson)

MsConfig - State: "system.ini" - 0

MsConfig - State: "win.ini" - 0

MsConfig - State: "bootini" - 0

MsConfig - State: "services" - 2

MsConfig - State: "startup" - 2

SafeBootMin: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: sermouse.sys - Driver

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: vga.sys - Driver

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: sermouse.sys - Driver

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: vga.sys - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

========== Files/Folders - Created Within 30 Days ==========

[2012-02-06 14:55:11 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\jacek\Recent

[2012-02-05 22:50:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jacek\Menu Start\Programy\HiJackThis

[2012-02-05 21:20:53 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro

[2012-02-05 21:18:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jacek\Dane aplikacji\Lavasoft

[2012-02-05 18:56:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jacek\Ustawienia lokalne\Dane aplikacji\Temp

[2012-02-05 16:36:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jacek\Dane aplikacji\SUPERAntiSpyware.com

[2012-02-05 16:36:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\SUPERAntiSpyware.com

[2012-02-05 16:36:17 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware

[2012-02-05 12:35:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\AVG 2012

[2012-02-05 12:34:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jacek\Dane aplikacji\AVG Secure Search

[2012-02-05 12:34:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG Secure Search

[2012-02-05 12:34:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search

[2012-02-05 12:34:49 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search

[2012-02-05 12:32:59 | 000,000,000 | ---D | C] -- C:\windows\System32\drivers\AVG

[2012-02-05 12:31:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jacek\Dane aplikacji\Google

[2012-02-05 12:05:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jacek\Moje dokumenty\Pobieranie

[2012-02-05 11:00:21 | 000,000,000 | ---D | C] -- C:\Program Files\ToniArts

[2012-02-05 11:00:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\EasyCleaner

[2012-02-05 10:07:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jacek\Menu Start\Programy\jv16 PowerTools 2011

[2012-02-05 10:07:46 | 000,000,000 | ---D | C] -- C:\Program Files\jv16 PowerTools 2011

[2012-02-04 21:18:57 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy

[2012-02-04 20:50:40 | 000,000,000 | ---D | C] -- C:\Program Files\Registry Clean Expert

[2012-02-04 18:56:34 | 000,000,000 | ---D | C] -- C:\Program Files\Data Design Interactive

[2012-02-04 16:44:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP

[2012-02-04 16:33:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes' Anti-Malware

[2012-02-04 16:33:12 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys

[2012-02-04 16:33:12 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2012-02-04 16:20:40 | 000,000,000 | -HSD | C] -- C:\RECYCLER

[2012-02-04 12:13:18 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\System32\javaws.exe

[2012-02-04 12:13:18 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\System32\javaw.exe

[2012-02-04 12:13:18 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\System32\java.exe

[2012-02-04 12:08:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR

[2012-02-04 12:07:37 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe

[2012-02-04 11:43:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared

[2012-01-28 15:56:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jacek\Dane aplikacji\Skype

[2012-01-28 15:56:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Skype

[2012-01-28 15:56:05 | 000,000,000 | R--D | C] -- C:\Program Files\Skype

[2012-01-28 15:55:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Skype

[2012-01-28 14:14:53 | 000,000,000 | ---D | C] -- C:\Program Files\Eusing Free Registry Cleaner

[2012-01-27 19:15:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\CCleaner

[2012-01-27 19:15:29 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner

[2012-01-27 18:48:06 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit

[2012-01-27 18:42:20 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent

[2012-01-27 18:16:15 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group

[2012-01-27 15:38:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jacek\Dane aplikacji\AVG

[2012-01-27 15:26:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jacek\Dane aplikacji\AVG2012

[2012-01-27 15:25:29 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files

[2012-01-27 15:23:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG2012

[2012-01-27 15:22:36 | 000,000,000 | ---D | C] -- C:\Program Files\AVG

[2012-01-27 15:03:21 | 000,000,000 | ---D | C] -- C:\Program Files\SkanerOnline

[2012-01-27 14:49:27 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar

[2012-01-27 14:49:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton

[2012-01-27 14:49:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NortonInstaller

[2012-01-25 22:04:17 | 000,000,000 | ---D | C] -- C:\Program Files\VshareComplete

[2012-01-25 22:04:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jacek\Dane aplikacji\VshareComplete

[2012-01-20 21:05:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jacek\Dane aplikacji\QuickStoresToolbar

[2012-01-19 22:24:12 | 000,000,000 | ---D | C] -- C:\windows\System32\XPSViewer

[2012-01-19 22:24:05 | 000,000,000 | ---D | C] -- C:\windows\System32\en-US

[2012-01-19 22:23:58 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies

[2012-01-19 22:23:29 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xpssvcs.dll

[2012-01-19 22:23:29 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\xpssvcs.dll

[2012-01-19 22:23:29 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\printfilterpipelinesvc.exe

[2012-01-19 22:23:29 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\xpsshhdr.dll

[2012-01-19 22:23:29 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\prntvpt.dll

[2012-01-19 22:23:29 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\filterpipelineprintproc.dll

[2012-01-18 19:25:56 | 000,196,608 | ---- | C] (internet-support foehr.com) -- C:\windows\System32\pdfcmnnt.dll

[2012-01-18 19:25:56 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MSMAPI32.OCX

[2012-01-18 19:25:55 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MSMPIDE.DLL

[2012-01-18 19:25:55 | 000,000,000 | ---D | C] -- C:\Program Files\PDFCreator

[2012-01-18 19:21:58 | 000,000,000 | R-SD | C] -- C:\windows\assembly

[2012-01-18 19:21:27 | 000,000,000 | ---D | C] -- C:\windows\Microsoft.NET

[2012-01-18 18:57:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Pet Racer

[2012-01-18 18:56:03 | 000,000,000 | ---D | C] -- C:\Program Files\Pet Racer

[2012-01-16 18:17:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jacek\Dane aplikacji\ArcaVirMicroScan

[2012-01-16 15:44:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\BitDefender

[2012-01-15 21:49:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\Adobe

[2012-01-15 20:53:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\CPA_VA

[2012-01-15 18:29:57 | 000,000,000 | ---D | C] -- C:\windows\System32\xircom

[2012-01-15 18:29:57 | 000,000,000 | ---D | C] -- C:\Program Files\xerox

[2012-01-15 18:29:57 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage

[2012-01-15 17:14:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jacek\Dane aplikacji\thecleaner

[2012-01-15 13:26:37 | 000,101,720 | ---- | C] (Sunbelt Software) -- C:\windows\System32\drivers\SBREDrv.sys

[2012-01-15 13:22:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Lavasoft

[2012-01-15 12:55:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Spybot - Search & Destroy

[2012-01-15 11:11:57 | 000,000,000 | ---D | C] -- C:\windows\ERUNT

[2012-01-14 23:39:05 | 000,000,000 | R--D | C] -- C:\Documents and Settings\jacek\Menu Start\Programy\Narzędzia administracyjne

[2012-01-14 23:35:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\McAfee

[2012-01-11 19:56:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Nero

[2012-01-11 19:56:26 | 003,051,520 | ---- | C] (Nero AG) -- C:\windows\UNNeroVision.exe

[2012-01-11 19:56:07 | 000,106,496 | ---- | C] (Pegasus Software) -- C:\windows\System32\TwnLib20.dll

[2012-01-11 19:56:07 | 000,038,912 | ---- | C] (Pegasus Imaging Corp.) -- C:\windows\System32\picn20.dll

[2012-01-11 19:56:04 | 000,000,000 | ---D | C] -- C:\Program Files\Ahead

[2012-01-11 19:35:01 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msxml3a.dll

[2012-01-11 19:34:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Ahead

[2012-01-11 18:57:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero

========== Files - Modified Within 30 Days ==========

2012-02-06 16:30:02 | 000,001,034 | ---- | M -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job

2012-02-06 15:37:27 | 088,314,941 | ---- | M -- C:\windows\System32\drivers\AVG\incavi.avm

2012-02-06 15:19:34 | 000,002,449 | ---- | M -- C:\Documents and Settings\jacek\Pulpit\HiJackThis.lnk

2012-02-06 14:55:35 | 000,001,030 | ---- | M -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job

2012-02-06 14:55:01 | 000,002,048 | --S- | M -- C:\windows\bootstat.dat

2012-02-06 10:20:38 | 000,073,216 | ---- | M -- C:\Documents and Settings\jacek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2012-02-05 22:27:56 | 000,270,192 | ---- | M -- C:\windows\System32\FNTCACHE.DAT

2012-02-05 21:01:09 | 000,000,486 | ---- | M -- C:\windows\tasks\Ad-Aware Update (Weekly).job

2012-02-05 17:26:36 | 000,025,690 | ---- | M -- C:\windows\System32\drivers\AVG\iavichjg.avm

2012-02-05 16:36:24 | 000,001,700 | ---- | M -- C:\Documents and Settings\All Users\Pulpit\SUPERAntiSpyware Free Edition.lnk

2012-02-05 12:43:17 | 000,621,422 | ---- | M -- C:\windows\System32\drivers\AVG\iavifw.avm

2012-02-05 12:35:02 | 000,000,738 | ---- | M -- C:\Documents and Settings\All Users\Pulpit\AVG 2012.lnk

2012-02-05 10:08:09 | 000,000,022 | -HS- | M -- C:\windows\System5537 Data.Repository

2012-02-05 10:08:09 | 000,000,022 | -HS- | M -- C:\Documents and Settings\jacek\Dane aplikacji\Sys2662.Config.Repository.bin

2012-02-05 10:07:52 | 000,001,582 | ---- | M -- C:\Documents and Settings\jacek\Pulpit\jv16 PowerTools 2011.lnk

2012-02-04 16:38:29 | 004,718,592 | ---- | M -- C:\Documents and Settings\jacek\ntuser.bak

2012-02-04 16:33:16 | 000,000,808 | ---- | M -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk

2012-02-04 15:54:26 | 000,000,027 | ---- | M -- C:\windows\System32\drivers\etc\hosts

[2012-02-04 12:13:06 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\System32\javaws.exe

[2012-02-04 12:13:06 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\System32\javaw.exe

[2012-02-04 12:13:06 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\System32\java.exe

[2012-02-04 12:13:06 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\System32\javacpl.cpl

[2012-02-04 12:13:05 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\System32\deployJava1.dll

2012-02-04 12:08:12 | 000,001,740 | ---- | M -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader X.lnk

2012-01-29 14:13:56 | 000,002,267 | ---- | M -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk

2012-01-27 19:15:32 | 000,000,688 | ---- | M -- C:\Documents and Settings\All Users\Pulpit\CCleaner.lnk

2012-01-27 18:42:22 | 000,000,636 | ---- | M -- C:\Documents and Settings\All Users\Pulpit\µTorrent.lnk

2012-01-27 14:14:31 | 000,002,206 | ---- | M -- C:\windows\System32\wpa.dbl

2012-01-20 19:52:57 | 000,493,976 | ---- | M -- C:\windows\System32\perfh015.dat

2012-01-20 19:52:57 | 000,435,396 | ---- | M -- C:\windows\System32\perfh009.dat

2012-01-20 19:52:57 | 000,085,136 | ---- | M -- C:\windows\System32\perfc015.dat

2012-01-20 19:52:57 | 000,068,292 | ---- | M -- C:\windows\System32\perfc009.dat

2012-01-20 19:31:47 | 000,000,152 | ---- | M -- C:\Documents and Settings\jacek\default.pls

2012-01-20 18:43:29 | 000,000,116 | ---- | M -- C:\windows\NeroDigital.ini

2012-01-18 19:26:14 | 000,014,290 | ---- | M -- C:\Program Files\settings.dat

2012-01-16 17:51:37 | 000,097,206 | ---- | M -- C:\Documents and Settings\All Users\Dane aplikacji\bdinstall.bin

2012-01-16 16:11:44 | 000,081,984 | ---- | M -- C:\windows\System32\bdod.bin

[2012-01-15 13:26:37 | 000,101,720 | ---- | M] (Sunbelt Software) -- C:\windows\System32\drivers\SBREDrv.sys

2012-01-14 23:40:08 | 000,002,596 | ---- | M -- C:\windows\System32\CONFIG.NT

[2012-01-14 23:37:55 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl

2012-01-11 19:38:59 | 000,000,151 | ---- | M -- C:\windows\PhotoSnapViewer.INI

========== Files Created - No Company Name ==========

2012-02-06 15:37:27 | 088,314,941 | ---- | C -- C:\windows\System32\drivers\AVG\incavi.avm

2012-02-05 22:50:02 | 000,002,449 | ---- | C -- C:\Documents and Settings\jacek\Pulpit\HiJackThis.lnk

2012-02-05 18:55:26 | 000,000,486 | ---- | C -- C:\windows\tasks\Ad-Aware Update (Weekly).job

2012-02-05 17:26:36 | 000,025,690 | ---- | C -- C:\windows\System32\drivers\AVG\iavichjg.avm

2012-02-05 16:36:24 | 000,001,700 | ---- | C -- C:\Documents and Settings\All Users\Pulpit\SUPERAntiSpyware Free Edition.lnk

2012-02-05 12:43:17 | 000,621,422 | ---- | C -- C:\windows\System32\drivers\AVG\iavifw.avm

2012-02-05 12:35:02 | 000,000,738 | ---- | C -- C:\Documents and Settings\All Users\Pulpit\AVG 2012.lnk

2012-02-05 10:08:09 | 000,000,022 | -HS- | C -- C:\windows\System5537 Data.Repository

2012-02-05 10:08:09 | 000,000,022 | -HS- | C -- C:\Documents and Settings\jacek\Dane aplikacji\Sys2662.Config.Repository.bin

2012-02-05 10:07:52 | 000,001,582 | ---- | C -- C:\Documents and Settings\jacek\Pulpit\jv16 PowerTools 2011.lnk

2012-02-04 16:33:16 | 000,000,808 | ---- | C -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk

2012-02-04 12:08:12 | 000,001,804 | ---- | C -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Reader X.lnk

2012-02-04 12:08:12 | 000,001,740 | ---- | C -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader X.lnk

2012-01-28 15:56:06 | 000,002,267 | ---- | C -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk

2012-01-27 19:15:32 | 000,000,688 | ---- | C -- C:\Documents and Settings\All Users\Pulpit\CCleaner.lnk

2012-01-27 19:15:17 | 000,001,034 | ---- | C -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job

2012-01-27 19:15:17 | 000,001,030 | ---- | C -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job

2012-01-27 18:42:22 | 000,000,636 | ---- | C -- C:\Documents and Settings\All Users\Pulpit\µTorrent.lnk

2012-01-18 19:26:14 | 000,014,290 | ---- | C -- C:\Program Files\settings.dat

2012-01-16 17:43:54 | 000,097,206 | ---- | C -- C:\Documents and Settings\All Users\Dane aplikacji\bdinstall.bin

2012-01-16 16:11:44 | 000,081,984 | ---- | C -- C:\windows\System32\bdod.bin

2012-01-15 11:31:53 | 000,032,768 | ---- | C -- C:\windows\System32\drivers\sp_rsdrv2.sys

2012-01-13 13:57:10 | 004,718,592 | ---- | C -- C:\Documents and Settings\jacek\ntuser.bak

2012-01-12 18:14:43 | 000,000,116 | ---- | C -- C:\windows\NeroDigital.ini

2012-01-11 19:56:27 | 000,156,471 | ---- | C -- C:\windows\UNNeroVision.cfg

2011-11-24 18:04:47 | 000,243,200 | ---- | C -- C:\windows\System32\xvidvfw.dll

2011-11-24 18:04:46 | 000,074,752 | ---- | C -- C:\windows\System32\ff_vfw.dll

2011-06-25 19:41:29 | 000,175,616 | ---- | C -- C:\windows\System32\unrar.dll

2011-06-09 19:45:49 | 000,010,240 | ---- | C -- C:\windows\System32\vidx16.dll

2011-03-06 15:48:57 | 000,000,151 | ---- | C -- C:\windows\PhotoSnapViewer.INI

2010-12-28 20:06:18 | 000,207,360 | ---- | C -- C:\windows\System32\evrprop.dll

2010-12-28 20:05:41 | 000,080,384 | ---- | C -- C:\windows\System32\mkzlib.dll

2010-12-28 20:05:40 | 000,024,576 | ---- | C -- C:\windows\System32\mkunicode.dll

2010-12-28 19:58:51 | 000,644,608 | ---- | C -- C:\windows\System32\xvidcore.dll

2010-12-28 19:58:51 | 000,258,048 | ---- | C -- C:\windows\System32\libFLAC.dll

2010-12-28 19:46:12 | 000,073,216 | ---- | C -- C:\Documents and Settings\jacek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2010-12-28 18:41:40 | 000,000,000 | ---- | C -- C:\windows\nsreg.dat

2010-12-28 18:02:21 | 000,004,293 | ---- | C -- C:\windows\ODBCINST.INI

2010-12-28 18:01:16 | 000,270,192 | ---- | C -- C:\windows\System32\FNTCACHE.DAT

2010-12-28 18:00:11 | 000,143,360 | R--- | C -- C:\windows\System32\RtlCPAPI.dll

2010-12-28 18:00:11 | 000,049,152 | R--- | C -- C:\windows\System32\ChCfg.exe

2010-12-28 17:47:13 | 002,796,544 | R--- | C -- C:\windows\System32\s3gcil_inv.dll

2010-12-28 17:47:11 | 001,979,392 | R--- | C -- C:\windows\System32\s3gcil_csr.dll

2010-12-28 17:45:47 | 000,016,791 | ---- | C -- C:\windows\Ascd_tmp.ini

2010-12-28 17:45:45 | 000,005,810 | R--- | C -- C:\windows\System32\drivers\ASACPI.sys

2010-12-28 17:45:32 | 000,005,824 | ---- | C -- C:\windows\System32\drivers\ASUSHWIO.SYS

2010-12-28 17:10:16 | 000,002,048 | --S- | C -- C:\windows\bootstat.dat

2010-12-28 17:09:34 | 000,050,105 | ---- | C -- C:\windows\activ.exe

2010-12-28 17:06:22 | 000,021,856 | ---- | C -- C:\windows\System32\emptyregdb.dat

2008-05-03 08:24:01 | 000,000,082 | ---- | C -- C:\windows\System32\oeminfo.ini

2008-04-14 22:16:20 | 000,001,804 | ---- | C -- C:\windows\System32\Dcache.bin

2006-12-31 07:57:08 | 000,004,569 | ---- | C -- C:\windows\System32\secupd.dat

2001-10-26 17:15:16 | 000,493,976 | ---- | C -- C:\windows\System32\perfh015.dat

2001-10-26 17:15:16 | 000,313,828 | ---- | C -- C:\windows\System32\perfi015.dat

2001-10-26 17:15:16 | 000,085,136 | ---- | C -- C:\windows\System32\perfc015.dat

2001-10-26 17:15:16 | 000,034,990 | ---- | C -- C:\windows\System32\perfd015.dat

2001-08-23 14:00:00 | 013,107,200 | ---- | C -- C:\windows\System32\oembios.bin

2001-08-23 14:00:00 | 000,004,463 | ---- | C -- C:\windows\System32\oembios.dat

2001-08-17 22:30:24 | 000,435,396 | ---- | C -- C:\windows\System32\perfh009.dat

2001-08-17 22:30:24 | 000,272,128 | ---- | C -- C:\windows\System32\perfi009.dat

2001-08-17 22:30:24 | 000,028,626 | ---- | C -- C:\windows\System32\perfd009.dat

2001-08-17 22:30:22 | 000,068,292 | ---- | C -- C:\windows\System32\perfc009.dat

2001-08-17 22:15:38 | 000,046,258 | ---- | C -- C:\windows\System32\mib.bin

2001-07-21 23:36:48 | 000,218,003 | ---- | C -- C:\windows\System32\dssec.dat

2001-07-21 23:36:04 | 000,673,088 | ---- | C -- C:\windows\System32\mlang.dat

2001-07-21 23:24:16 | 000,000,741 | ---- | C -- C:\windows\System32\noise.dat

========== Custom Scans ==========

< %systemdrive%*.* >

2007-08-18 14:23:53 | 000,000,000 | ---- | M -- C:\AUTOEXEC.BAT

2011-02-11 21:11:26 | 000,000,110 | -HS- | M -- C:\boot.ini

2001-07-21 23:13:54 | 000,004,952 | RHS- | M -- C:\Bootfont.bin

2004-08-03 23:00:14 | 000,262,400 | RHS- | M -- C:\cmldr

2007-08-18 14:23:53 | 000,000,000 | ---- | M -- C:\CONFIG.SYS

2007-08-18 14:23:53 | 000,000,000 | RHS- | M -- C:\IO.SYS

2007-08-18 14:23:53 | 000,000,000 | RHS- | M -- C:\MSDOS.SYS

2008-04-13 21:13:04 | 000,047,564 | RHS- | M -- C:\NTDETECT.COM

2008-04-13 23:02:00 | 000,251,152 | RHS- | M -- C:\ntldr

2012-02-06 14:54:59 | 1409,286,144 | -HS- | M -- C:\pagefile.sys

< MD5 for: AGP440.SYS >

2008-04-14 22:09:56 | 020,110,420 | ---- | M .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys

< MD5 for: ATAPI.SYS >

2008-04-14 22:09:56 | 020,110,420 | ---- | M .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys

[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys

[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: BEEP.SYS >

[2001-08-17 22:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\ERDNT\cache\beep.sys

[2001-08-17 22:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

< MD5 for: CDROM.SYS >

2008-04-14 22:09:56 | 020,110,420 | ---- | M .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys

[2008-04-13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: NDIS.SYS >

[2008-04-13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ERDNT\cache\ndis.sys

[2008-04-13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: USERINIT.EXE >

[2008-04-14 21:51:46 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=2A5B37D520508BE6570A3EA79695F5B5 -- C:\WINDOWS\ERDNT\cache\userinit.exe

[2008-04-14 21:51:46 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=2A5B37D520508BE6570A3EA79695F5B5 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >

[2008-04-14 21:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ERDNT\cache\winlogon.exe

[2008-04-14 21:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe

2012-01-13 14:53:20 | 000,182,856 | ---- | M MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

< >

< >

========== Alternate Data Streams ==========

@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:0B4227B4

< End of report >


(Agatonster) #4

jacek1208 ,

Proszę zapoznać się z tematem i poprawić tytuł na konkretny, mówiący o problemie. W celu dokonania zaleconej korekty proszę użyć przycisku Edytuj przy poście otwierającym ten temat.

Wklejanie logów na forum - przeczytaj i zastosuj się do Tematu

Zignorowanie zalecenia będzie skutkowało usunięciem tematu do Kosza.