martinesq

2.1.4 mam, a komp czysty bo po formacie, kodeki i wsyzstkoi zainstalowane

Nie wiem co by to miało zmienić, ale spróbowałem i wystąpił błąd : Nie można uzyskać dostepu do uslugi instalatora windows. moze sie to zdarzyc jesli system dziala w trybie awaryjnym lub jesli instalator windows nie jest poprawnie zainstalowany

Dzieńodbry, dzisiaj zrobiłem sobie formata, i kiedy zainstalowałem sobie ventrilo, wchodze do niego i łącze się na serwer, później przechodzę do opcji poustawiać sobie wszystko, i zacina mi sie ventrillo, komp przycina, nie pomaga zamknięcie procesu ventrillo.exe. Raz dzieję się to zaraz po uruchomieniu kiedy indziej później. Próbowałem sciągać z różnych źródeł i nic nie pomaga. Wtedy tylko kompa muszę zresetować

Pomóżcie mi, zainstalowałem CLEO MOD, i sunbuilder. Kiedy to zrobiłem moja gra przestała działać, singeplayer działa a jak próbuje przez multiplayera wbić to wywala taki błąd. Przeinstalowalem na nowo grę, do innego folderu, sampa przeinstalowałem sciągnąłem gre z innego zródła i dalej to samo. POMOCY http://img820.imageshack.us/img820/2785/zzzzzzzzzzzn.jpg Proszę o pomoc, próbowałem nawet z innego konta, całkowite reinstalacje. Chyba będe musiał formata zrobić;//

DeviceUpperFilters N/A DeviceLowerFilters N/A Log z usuwania: ========== OTL ========== Prefs.js: {AC57FCAF-E6FC-4BE9-ADC0-D00129C4C1E7}:1.0 removed from extensions.enabledItems OTL by OldTimer - Version 3.2.7.0 log created on 07062010_174230 Nowy log z OTL: OTL logfile created on: 2010-07-06 17:42:38 - Run 6 OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\zxcz\Moje dokumenty\Pobieranie Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1 024,00 Mb Total Physical Memory | 709,00 Mb Available Physical Memory | 69,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 89,00% Paging File free Paging file location(s): C:\pagefile.sys 1152 2304 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 74,52 Gb Total Space | 18,72 Gb Free Space | 25,12% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: JK-935C0E4A6427 Current User Name: zxcz Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2010-07-04 18:38:36 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\zxcz\Moje dokumenty\Pobieranie\OTL.exe PRC - [2010-06-15 07:13:18 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Documents and Settings\zxcz\Ustawienia lokalne\Dane aplikacji\Google\Update\1.2.183.29\GoogleCrashHandler.exe PRC - [2010-06-10 17:00:20 | 000,741,376 | ---- | M] (SoftSphere Technologies) -- C:\Program Files\DefenseWall\defensewall.exe PRC - [2010-03-19 15:26:42 | 000,163,840 | ---- | M] (SoftSphere Technologies) -- C:\WINDOWS\system32\defensewall_serv.exe PRC - [2010-01-26 18:00:40 | 001,661,448 | R--- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\Identity Protection\agent\Bin\AVGIDSUI.exe PRC - [2010-01-26 18:00:40 | 000,559,624 | R--- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\Identity Protection\agent\Bin\AVGIDSWatcher.exe PRC - [2010-01-26 18:00:38 | 000,596,488 | R--- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\Identity Protection\agent\Bin\AVGIDSMonitor.exe PRC - [2010-01-26 18:00:36 | 005,888,008 | R--- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\Identity Protection\agent\Bin\AVGIDSAgent.exe PRC - [2005-03-31 11:18:49 | 000,790,528 | ---- | M] (sms-express.com) -- C:\Program Files\Gadu-Gadu\gg.exe PRC - [2004-08-04 00:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2004-04-01 11:52:06 | 001,368,064 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe ========== Modules (SafeList) ========== MOD - [2010-07-04 18:38:36 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\zxcz\Moje dokumenty\Pobieranie\OTL.exe MOD - [2004-08-04 00:42:34 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll MOD - [2004-08-03 23:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx ========== Win32 Services (SafeList) ========== SRV - [2010-03-19 15:26:42 | 000,163,840 | ---- | M] (SoftSphere Technologies) [Auto | Running] -- C:\WINDOWS\system32\defensewall_serv.exe -- (defensewall_serv) SRV - [2010-01-26 18:00:40 | 000,559,624 | R--- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\Identity Protection\agent\Bin\AVGIDSWatcher.exe -- (AVGIDSWatcher) SRV - [2010-01-26 18:00:36 | 005,888,008 | R--- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\Identity Protection\agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent) SRV - [2010-01-26 13:41:08 | 000,652,800 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) ========== Driver Services (SafeList) ========== DRV - [2010-07-06 13:12:19 | 000,953,856 | ---- | M] (SoftSphere Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dwall.sys -- (dwall) DRV - [2010-06-15 22:11:05 | 000,278,984 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt) DRV - [2010-06-15 22:10:54 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt) DRV - [2010-03-30 20:04:53 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2010-01-26 18:01:38 | 000,122,376 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Program Files\AVG\Identity Protection\agent\driver\platform_XP\AVGIDSDriver.sys -- (AVGIDSDriver) DRV - [2010-01-26 18:01:38 | 000,026,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Program Files\AVG\Identity Protection\agent\driver\platform_XP\AVGIDSShim.sys -- (AVGIDSShim) DRV - [2010-01-26 18:01:38 | 000,025,096 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\AVGIDSEH.sys -- (AVGIDSErHr) DRV - [2010-01-26 18:01:36 | 000,030,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Program Files\AVG\Identity Protection\agent\driver\platform_XP\AVGIDSFilter.sys -- (AVGIDSFilter) DRV - [2010-01-21 15:53:16 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2009-12-30 12:30:56 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2009-12-30 12:30:48 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2009-12-30 12:30:48 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2009-12-30 12:25:12 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu) DRV - [2009-10-02 01:00:00 | 000,027,248 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavalys\EVEREST Corporate Edition\kerneld.wnt -- (EverestDriver) DRV - [2009-06-30 10:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot) DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008-05-03 05:46:00 | 006,554,496 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2006-04-22 03:44:39 | 000,008,064 | ---- | M] (Elaborate Bytes AG) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV - [2005-05-03 17:34:02 | 000,027,392 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL) DRV - [2004-09-10 04:05:36 | 000,005,969 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Program Files\Anti Trojan Elite\ATEPMON.sys -- (ATE_PROCMON) DRV - [2004-08-04 01:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2004-08-04 00:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM) DRV - [2004-08-03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C) DRV - [2004-08-03 23:03:36 | 000,088,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx) DRV - [2004-04-26 10:49:56 | 000,381,056 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt) DRV - [2003-09-25 18:00:00 | 000,174,530 | ---- | M] (OmniVision Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ov519vid.sys -- (ovt519) DRV - [2002-09-20 11:53:34 | 000,235,100 | ---- | M] (Analog Devices Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MidiSyn.sys -- (MidiSyn) DRV - [2002-07-27 19:01:06 | 000,005,306 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (TBPanel) DRV - [2002-07-27 19:01:06 | 000,005,306 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (Cardex) DRV - [2001-10-26 16:48:56 | 000,009,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NtApm.sys -- (NtApm) DRV - [2001-08-17 22:02:32 | 000,008,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hidgame.sys -- (hidgame) DRV - [2001-08-17 21:54:18 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb) DRV - [2001-08-17 21:54:18 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultthis.engineName: "" FF - prefs.js..browser.search.defaulturl: "" FF - prefs.js..browser.search.selectedEngine: "Allegro" FF - prefs.js..browser.startup.homepage: "http://www.google.pl" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..network.proxy.type: 0 FF - user.js..network.proxy.type: 0 FF - user.js..network.proxy.http: "" FF - user.js..network.proxy.http_port: 0 FF - user.js..network.proxy.ssl: "" FF - user.js..network.proxy.ssl_port: 0 FF - user.js..network.proxy.ftp: "" FF - user.js..network.proxy.ftp_port: 0 FF - user.js..network.proxy.gopher: "" FF - user.js..network.proxy.gopher_port: 0 FF - user.js..network.proxy.socks_version: 5 FF - user.js..network.proxy.socks: "" FF - user.js..network.proxy.socks_port: 0 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firetyfoxxxsadsasddytya\components [2010-06-28 17:12:37 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firetyfoxxxsadsasddytya\plugins [2010-07-06 14:40:58 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010-03-21 17:13:46 | 000,000,000 | ---D | M] [2010-02-19 14:58:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Extensions [2010-07-06 17:09:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions [2010-05-10 18:32:35 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010-03-13 18:21:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\illimitux@illimitux.net O1 HOSTS File: ([2010-07-06 15:06:32 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.) O4 - HKLM..\Run: [AVGIDS] C:\Program Files\AVG\Identity Protection\agent\bin\AVGIDSUI.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [DefenseWall] C:\Program Files\DefenseWall\DefenseWall.exe (SoftSphere Technologies) O4 - HKLM..\Run: [HitmanPro35] C:\Program Files\Hitman Pro 3.5\HitmanPro35.exe (SurfRight B.V.) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://active.macromedia.com/flash2/cabs/swflash.cab (Shockwave Flash Object) O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\zxcz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\zxcz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-02-18 23:12:22 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010-07-06 17:36:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\zxcz\Ustawienia lokalne\Dane aplikacji\DeviceRemover [2010-07-06 17:35:42 | 000,000,000 | ---D | C] -- C:\Program Files\Device Remover [2010-07-06 17:27:07 | 000,057,344 | ---- | C] ( ) -- C:\WINDOWS\System32\dwall_shell_1.dll [2010-07-06 17:27:00 | 000,163,840 | ---- | C] (SoftSphere Technologies) -- C:\WINDOWS\System32\4C334B44_defensewall_serv.exe [2010-07-06 17:26:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\zxcz\Dane aplikacji\DefenseWall HIPS [2010-07-06 17:14:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG IDS [2010-07-06 17:14:53 | 000,000,000 | ---D | C] -- C:\Program Files\AVG [2010-07-06 17:14:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Downloaded Installations [2010-07-06 17:13:14 | 000,102,400 | ---- | C] (SoftSphere Technologies) -- C:\WINDOWS\System32\dwall_ext.dll [2010-07-06 17:13:14 | 000,057,344 | ---- | C] (SoftSphere Technologies) -- C:\WINDOWS\System32\dwall_com.dll [2010-07-06 17:13:14 | 000,057,344 | ---- | C] ( ) -- C:\WINDOWS\System32\dwall_shell.dll [2010-07-06 17:13:14 | 000,053,248 | ---- | C] (SoftSphere Technologies) -- C:\WINDOWS\System32\dwall_lnk.dll [2010-07-06 17:13:14 | 000,049,152 | ---- | C] (SoftSphere Technologies) -- C:\WINDOWS\System32\dwall.dll [2010-07-06 17:13:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DefenseWall HIPS [2010-07-06 17:13:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\DefenseWall HIPS [2010-07-06 17:13:13 | 000,953,856 | ---- | C] (SoftSphere Technologies) -- C:\WINDOWS\System32\drivers\dwall.sys [2010-07-06 17:13:13 | 000,163,840 | ---- | C] (SoftSphere Technologies) -- C:\WINDOWS\System32\defensewall_serv.exe [2010-07-06 17:13:13 | 000,000,000 | ---D | C] -- C:\Program Files\DefenseWall [2010-07-06 17:12:42 | 000,000,000 | ---D | C] -- C:\Program Files\Hitman Pro 3.5 [2010-07-06 17:12:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Hitman Pro [2010-07-06 17:01:20 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack [2010-07-06 16:59:27 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2010-07-06 14:58:41 | 000,000,000 | RHSD | C] -- C:\cmdcons [2010-07-06 14:54:42 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2010-07-06 14:54:42 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2010-07-06 14:54:41 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2010-07-06 14:54:41 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2010-07-06 14:53:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2010-07-06 14:51:46 | 000,000,000 | ---D | C] -- C:\Qoobox [2010-07-06 14:29:46 | 000,000,000 | ---D | C] -- C:\_OTL [2010-07-06 11:03:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\zxcz\Moje dokumenty\GTA San Andreas User Files [2010-07-04 14:26:45 | 000,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\NtApm.sys [2010-07-03 10:49:50 | 000,000,000 | ---D | C] -- C:\Program Files\Anti Trojan Elite [2010-07-03 10:45:04 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2010-07-02 19:31:53 | 000,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies [2010-07-02 19:31:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\AGEIA [2010-07-02 19:31:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard [2010-06-22 18:56:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\zxcz\Moje dokumenty\KONAMI [2010-06-22 18:29:28 | 000,000,000 | ---D | C] -- C:\Program Files\KONAMI [2010-06-22 18:29:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\KONAMI [2010-06-21 21:11:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2010-06-20 19:25:06 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll [2010-06-20 19:25:06 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl [2010-06-20 19:25:05 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2010-06-20 19:25:05 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2010-06-20 19:25:05 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2010-06-19 21:23:37 | 000,000,000 | ---D | C] -- C:\Program Files\TVTool [2010-06-17 22:26:24 | 000,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidgame.sys [2010-06-16 15:57:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\zxcz\Moje dokumenty\THE SETTLERS - Rise of an Empire [2010-06-15 20:57:09 | 000,000,000 | ---D | C] -- C:\Program Files\Ubisoft [2010-06-15 20:55:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\DAEMON Tools Images [2010-06-15 19:27:27 | 000,000,000 | R--D | C] -- C:\MSOCache [2010-06-14 19:35:22 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite [2010-06-07 20:26:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\zxcz\Pulpit\bzzz [2010-06-06 21:50:04 | 000,000,000 | ---D | C] -- C:\Program Files\Turbine ========== Files - Modified Within 30 Days ========== [2010-07-06 17:27:25 | 000,016,968 | ---- | M] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys [2010-07-06 17:25:53 | 000,176,765 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2010-07-06 17:25:37 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job [2010-07-06 17:25:02 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-07-06 17:24:55 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-07-06 17:24:45 | 1073,315,840 | -HS- | M] () -- C:\hiberfil.sys [2010-07-06 17:24:44 | 000,000,000 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP [2010-07-06 17:18:42 | 006,029,312 | ---- | M] () -- C:\Documents and Settings\zxcz\ntuser.dat [2010-07-06 17:18:24 | 000,000,292 | -HS- | M] () -- C:\Documents and Settings\zxcz\ntuser.ini [2010-07-06 17:18:02 | 000,001,128 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-299502267-688789844-1060284298-1003UA.job [2010-07-06 17:12:42 | 000,001,665 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Hitman Pro 3.5.lnk [2010-07-06 16:46:29 | 000,056,637 | ---- | M] () -- C:\Documents and Settings\zxcz\Pulpit\bug.JPG [2010-07-06 15:07:01 | 000,000,258 | ---- | M] () -- C:\WINDOWS\system.ini [2010-07-06 15:06:32 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2010-07-06 14:58:50 | 000,000,281 | RHS- | M] () -- C:\boot.ini [2010-07-06 13:12:19 | 000,953,856 | ---- | M] (SoftSphere Technologies) -- C:\WINDOWS\System32\drivers\dwall.sys [2010-07-06 12:34:54 | 000,066,915 | ---- | M] () -- C:\Documents and Settings\zxcz\Pulpit\stats.JPG [2010-07-06 09:14:22 | 000,005,992 | ---- | M] () -- C:\Documents and Settings\zxcz\Pulpit\avatar.jpg [2010-07-06 09:06:35 | 000,189,461 | ---- | M] () -- C:\Documents and Settings\zxcz\Pulpit\download.JPG [2010-07-04 23:22:33 | 000,000,911 | ---- | M] () -- C:\WINDOWS\win.ini [2010-07-04 23:22:33 | 000,000,211 | ---- | M] () -- C:\Boot.bak [2010-07-04 19:35:37 | 000,020,480 | ---- | M] () -- C:\WINDOWS\System32\H@tKeysH@@k.DLL [2010-07-03 18:25:46 | 000,053,248 | ---- | M] (SoftSphere Technologies) -- C:\WINDOWS\System32\dwall_lnk.dll [2010-07-03 11:57:49 | 000,014,848 | ---- | M] () -- C:\WINDOWS\System32\BASSMOD.dll [2010-07-03 07:18:00 | 000,001,076 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-299502267-688789844-1060284298-1003Core.job [2010-07-01 21:15:28 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\zxcz\Pulpit\TVTool.lnk [2010-07-01 21:09:41 | 000,000,008 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat [2010-07-01 14:17:20 | 001,576,722 | -H-- | M] () -- C:\Documents and Settings\zxcz\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-06-28 18:05:57 | 000,057,344 | ---- | M] (SoftSphere Technologies) -- C:\WINDOWS\System32\dwall_com.dll [2010-06-26 13:20:13 | 000,163,840 | ---- | M] (SoftSphere Technologies) -- C:\WINDOWS\System32\4C334B44_defensewall_serv.exe [2010-06-22 21:15:12 | 000,019,456 | ---- | M] () -- C:\Documents and Settings\zxcz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-06-22 09:04:44 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-06-21 12:23:36 | 000,044,984 | ---- | M] () -- C:\Documents and Settings\zxcz\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2010-06-21 09:03:35 | 000,198,552 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-06-20 19:24:45 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll [2010-06-20 19:24:45 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2010-06-20 19:24:45 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2010-06-20 19:24:45 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2010-06-20 19:24:45 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl [2010-06-16 06:33:53 | 000,000,754 | ---- | M] () -- C:\WINDOWS\WORDPAD.INI [2010-06-15 22:12:17 | 000,001,938 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\THE SETTLERS - Narodziny Imperium.lnk [2010-06-15 22:11:05 | 000,278,984 | ---- | M] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2010-06-15 22:10:54 | 000,025,416 | ---- | M] () -- C:\WINDOWS\System32\drivers\lirsgt.sys ========== Files Created - No Company Name ========== [2010-07-06 17:13:14 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\dwall_wamp.dll [2010-07-06 17:13:14 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\dwall_excel.dll [2010-07-06 17:13:14 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\dwall_service.dll [2010-07-06 17:13:14 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\dwall_ldr.dll [2010-07-06 17:12:51 | 000,016,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys [2010-07-06 17:12:42 | 000,001,665 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Hitman Pro 3.5.lnk [2010-07-06 16:46:29 | 000,056,637 | ---- | C] () -- C:\Documents and Settings\zxcz\Pulpit\bug.JPG [2010-07-06 14:58:50 | 000,000,211 | ---- | C] () -- C:\Boot.bak [2010-07-06 14:58:47 | 000,262,400 | ---- | C] () -- C:\cmldr [2010-07-06 14:54:42 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe [2010-07-06 14:54:42 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe [2010-07-06 14:54:42 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2010-07-06 14:54:41 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2010-07-06 14:54:41 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2010-07-06 12:34:53 | 000,066,915 | ---- | C] () -- C:\Documents and Settings\zxcz\Pulpit\stats.JPG [2010-07-06 09:14:21 | 000,005,992 | ---- | C] () -- C:\Documents and Settings\zxcz\Pulpit\avatar.jpg [2010-07-06 09:06:34 | 000,189,461 | ---- | C] () -- C:\Documents and Settings\zxcz\Pulpit\download.JPG [2010-07-04 19:35:37 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\H@tKeysH@@k.DLL [2010-07-03 11:54:51 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll [2010-07-01 21:15:28 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\zxcz\Pulpit\TVTool.lnk [2010-06-20 11:07:23 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat [2010-06-15 22:12:17 | 000,001,938 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\THE SETTLERS - Narodziny Imperium.lnk [2010-06-15 22:11:04 | 000,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2010-06-15 22:10:54 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2010-06-06 17:42:25 | 000,000,025 | ---- | C] () -- C:\WINDOWS\libem.INI [2010-06-03 11:14:58 | 001,867,776 | ---- | C] () -- C:\WINDOWS\System32\python24.dll [2010-05-29 19:25:59 | 000,000,280 | ---- | C] () -- C:\WINDOWS\game.ini [2010-05-11 20:32:38 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll [2010-03-30 20:04:52 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2010-03-28 13:49:56 | 000,000,023 | -HS- | C] () -- C:\WINDOWS\System32\cedddcd9_d.dll [2010-03-14 19:07:54 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2010-03-06 20:02:14 | 001,867,776 | ---- | C] () -- C:\WINDOWS\python24.dll [2010-02-19 17:21:07 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2010-02-19 17:21:07 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2010-02-19 17:21:04 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2010-02-19 17:21:01 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2010-02-19 17:21:01 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2010-02-19 16:01:15 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2009-08-03 00:21:54 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll [2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2009-08-03 00:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2009-08-03 00:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2005-12-10 03:06:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2005-12-10 03:06:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2005-12-10 03:06:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2005-12-10 03:06:00 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll [2005-12-10 03:06:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2005-12-10 03:06:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2004-07-17 11:36:38 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys [2003-04-08 11:40:22 | 000,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI ========== Alternate Data Streams ========== @Alternate Data Stream - 286 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:6BE50C2B < End of report >

pierwszy log ========== OTL ========== HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully! HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully! Prefs.js: "XfireXO Customized Web Search" removed from browser.search.defaultthis.engineName Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2304157&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl Prefs.js: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.10.2 removed from extensions.enabledItems Prefs.js: {DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}:1.0 removed from extensions.enabledItems Prefs.js: DTToolbar@toolbarnet.com:1.1.2.0185 removed from extensions.enabledItems Prefs.js: {AC57FCAF-E6FC-4BE9-ADC0-D00129C4C1E7}:1.0 removed from extensions.enabledItems Prefs.js: {5e5ab302-7f65-44cd-8211-c1d4caaccea3}:2.6.0.15 removed from extensions.enabledItems Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2304157&q=" removed from keyword.URL Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2670000A-7350-4f3c-8081-5663EE0C6C49}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2670000A-7350-4f3c-8081-5663EE0C6C49}\ not found. Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:rmparite.nt deleted successfully. Service catchme stopped successfully! Service catchme deleted successfully! ========== FILES ========== C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components folder moved successfully. C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\chrome folder moved successfully. C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f} folder moved successfully. C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}\META-INF folder moved successfully. C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}\components folder moved successfully. C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}\chrome folder moved successfully. C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A} folder moved successfully. C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}\searchplugin folder moved successfully. C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}\META-INF folder moved successfully. C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}\lib folder moved successfully. C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}\defaults folder moved successfully. C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}\components folder moved successfully. C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}\chrome folder moved successfully. C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3} folder moved successfully. C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\DTToolbar@toolbarnet.com\components\Resources folder moved successfully. C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\DTToolbar@toolbarnet.com\components folder moved successfully. C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\DTToolbar@toolbarnet.com\chrome folder moved successfully. C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\DTToolbar@toolbarnet.com folder moved successfully. C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\searchplugins\askcom.xml moved successfully. C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\searchplugins\conduit.xml moved successfully. C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\searchplugins\daemon-search.xml moved successfully. C:\WINDOWS\System32\xvidvfw.dll moved successfully. C:\WINDOWS\System32\xvidcore.dll moved successfully. C:\WINDOWS\System32\ac3acm.acm moved successfully. OTL by OldTimer - Version 3.2.7.0 log created on 07062010_165754 drugi log OTL logfile created on: 2010-07-06 17:01:50 - Run 5 OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\zxcz\Moje dokumenty\Pobieranie Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1 024,00 Mb Total Physical Memory | 656,00 Mb Available Physical Memory | 64,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 88,00% Paging File free Paging file location(s): C:\pagefile.sys 1152 2304 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 74,52 Gb Total Space | 18,82 Gb Free Space | 25,26% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: JK-935C0E4A6427 Current User Name: zxcz Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2010-07-04 18:38:36 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\zxcz\Moje dokumenty\Pobieranie\OTL.exe PRC - [2010-06-27 14:43:38 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firetyfoxxxsadsasddytya\firefox.exe PRC - [2010-06-15 07:13:18 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Documents and Settings\zxcz\Ustawienia lokalne\Dane aplikacji\Google\Update\1.2.183.29\GoogleCrashHandler.exe PRC - [2004-08-04 00:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2004-04-01 11:52:06 | 001,368,064 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe ========== Modules (SafeList) ========== MOD - [2010-07-04 18:38:36 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\zxcz\Moje dokumenty\Pobieranie\OTL.exe MOD - [2009-09-14 12:45:36 | 000,929,792 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\NGSCM.dll MOD - [2009-08-13 15:56:27 | 001,748,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll MOD - [2009-07-12 02:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll MOD - [2009-07-12 02:09:20 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll MOD - [2009-05-25 11:56:40 | 000,613,888 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll MOD - [2009-03-11 14:00:40 | 000,029,184 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_pol.NLR MOD - [2008-08-25 08:23:04 | 000,573,440 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.NGR MOD - [2004-08-04 00:42:34 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll MOD - [2004-08-03 23:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx ========== Win32 Services (SafeList) ========== SRV - [2010-01-26 13:41:08 | 000,652,800 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) ========== Driver Services (SafeList) ========== DRV - [2010-06-15 22:11:05 | 000,278,984 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt) DRV - [2010-06-15 22:10:54 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt) DRV - [2010-03-30 20:04:53 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2010-01-21 15:53:16 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2009-12-30 12:30:56 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2009-12-30 12:30:48 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2009-12-30 12:30:48 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2009-12-30 12:25:12 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu) DRV - [2009-10-02 01:00:00 | 000,027,248 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavalys\EVEREST Corporate Edition\kerneld.wnt -- (EverestDriver) DRV - [2009-06-30 10:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot) DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008-05-03 05:46:00 | 006,554,496 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2006-04-22 03:44:39 | 000,008,064 | ---- | M] (Elaborate Bytes AG) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV - [2005-05-03 17:34:02 | 000,027,392 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL) DRV - [2004-09-10 04:05:36 | 000,005,969 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Program Files\Anti Trojan Elite\ATEPMON.sys -- (ATE_PROCMON) DRV - [2004-08-04 01:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2004-08-04 00:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM) DRV - [2004-08-03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C) DRV - [2004-08-03 23:03:36 | 000,088,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx) DRV - [2004-04-26 10:49:56 | 000,381,056 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt) DRV - [2003-09-25 18:00:00 | 000,174,530 | ---- | M] (OmniVision Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ov519vid.sys -- (ovt519) DRV - [2002-09-20 11:53:34 | 000,235,100 | ---- | M] (Analog Devices Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MidiSyn.sys -- (MidiSyn) DRV - [2002-07-27 19:01:06 | 000,005,306 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (TBPanel) DRV - [2002-07-27 19:01:06 | 000,005,306 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (Cardex) DRV - [2001-10-26 16:48:56 | 000,009,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NtApm.sys -- (NtApm) DRV - [2001-08-17 22:02:32 | 000,008,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hidgame.sys -- (hidgame) DRV - [2001-08-17 21:54:18 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb) DRV - [2001-08-17 21:54:18 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = ========== FireFox ========== FF - prefs.js..browser.search.defaultthis.engineName: "" FF - prefs.js..browser.search.defaulturl: "" FF - prefs.js..browser.search.selectedEngine: "Allegro" FF - prefs.js..browser.startup.homepage: "http://www.google.pl" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2 FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.5.3 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {AC57FCAF-E6FC-4BE9-ADC0-D00129C4C1E7}:1.0 FF - prefs.js..network.proxy.type: 0 FF - user.js..network.proxy.type: 0 FF - user.js..network.proxy.http: "" FF - user.js..network.proxy.http_port: 0 FF - user.js..network.proxy.ssl: "" FF - user.js..network.proxy.ssl_port: 0 FF - user.js..network.proxy.ftp: "" FF - user.js..network.proxy.ftp_port: 0 FF - user.js..network.proxy.gopher: "" FF - user.js..network.proxy.gopher_port: 0 FF - user.js..network.proxy.socks_version: 5 FF - user.js..network.proxy.socks: "" FF - user.js..network.proxy.socks_port: 0 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firetyfoxxxsadsasddytya\components [2010-06-28 17:12:37 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firetyfoxxxsadsasddytya\plugins [2010-07-06 14:40:58 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010-03-21 17:13:46 | 000,000,000 | ---D | M] [2010-02-19 14:58:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Extensions [2010-07-06 16:58:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions [2010-05-09 13:14:12 | 000,000,000 | ---D | M] (Easy Youtube Video Downloader) -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b} [2010-05-10 18:32:35 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010-03-13 18:21:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\illimitux@illimitux.net [2010-05-10 18:32:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\personas@christopher.beard O1 HOSTS File: ([2010-07-06 15:06:32 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://active.macromedia.com/flash2/cabs/swflash.cab (Shockwave Flash Object) O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\zxcz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\zxcz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-02-18 23:12:22 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010-07-06 17:01:20 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack [2010-07-06 16:59:27 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2010-07-06 14:58:41 | 000,000,000 | RHSD | C] -- C:\cmdcons [2010-07-06 14:54:42 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2010-07-06 14:54:42 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2010-07-06 14:54:41 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2010-07-06 14:54:41 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2010-07-06 14:53:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2010-07-06 14:51:46 | 000,000,000 | ---D | C] -- C:\Qoobox [2010-07-06 14:29:46 | 000,000,000 | ---D | C] -- C:\_OTL [2010-07-06 11:03:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\zxcz\Moje dokumenty\GTA San Andreas User Files [2010-07-04 14:26:45 | 000,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\NtApm.sys [2010-07-03 10:49:50 | 000,000,000 | ---D | C] -- C:\Program Files\Anti Trojan Elite [2010-07-03 10:45:04 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2010-07-02 19:31:53 | 000,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies [2010-07-02 19:31:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\AGEIA [2010-07-02 19:31:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard [2010-06-22 18:56:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\zxcz\Moje dokumenty\KONAMI [2010-06-22 18:29:28 | 000,000,000 | ---D | C] -- C:\Program Files\KONAMI [2010-06-22 18:29:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\KONAMI [2010-06-21 21:11:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2010-06-20 19:25:06 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll [2010-06-20 19:25:06 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl [2010-06-20 19:25:05 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2010-06-20 19:25:05 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2010-06-20 19:25:05 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2010-06-19 21:23:37 | 000,000,000 | ---D | C] -- C:\Program Files\TVTool [2010-06-17 22:26:24 | 000,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidgame.sys [2010-06-16 15:57:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\zxcz\Moje dokumenty\THE SETTLERS - Rise of an Empire [2010-06-15 20:57:09 | 000,000,000 | ---D | C] -- C:\Program Files\Ubisoft [2010-06-15 20:55:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\DAEMON Tools Images [2010-06-15 19:27:27 | 000,000,000 | R--D | C] -- C:\MSOCache [2010-06-14 19:35:22 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite [2010-06-07 20:26:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\zxcz\Pulpit\bzzz [2010-06-06 21:50:04 | 000,000,000 | ---D | C] -- C:\Program Files\Turbine [2010-06-06 17:44:03 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks [2010-06-06 17:42:33 | 000,000,000 | ---D | C] -- C:\Downloads [2010-06-06 17:42:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\zxcz\Dane aplikacji\FlashGet ========== Files - Modified Within 30 Days ========== [2010-07-06 16:55:51 | 000,176,765 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2010-07-06 16:55:47 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job [2010-07-06 16:55:26 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-07-06 16:55:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-07-06 16:55:14 | 1073,315,840 | -HS- | M] () -- C:\hiberfil.sys [2010-07-06 16:55:10 | 000,000,000 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP [2010-07-06 16:46:29 | 000,056,637 | ---- | M] () -- C:\Documents and Settings\zxcz\Pulpit\bug.JPG [2010-07-06 16:18:03 | 000,001,128 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-299502267-688789844-1060284298-1003UA.job [2010-07-06 15:07:01 | 000,000,258 | ---- | M] () -- C:\WINDOWS\system.ini [2010-07-06 15:06:32 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2010-07-06 15:05:15 | 006,029,312 | ---- | M] () -- C:\Documents and Settings\zxcz\ntuser.dat [2010-07-06 15:05:15 | 000,000,292 | -HS- | M] () -- C:\Documents and Settings\zxcz\ntuser.ini [2010-07-06 14:58:50 | 000,000,281 | RHS- | M] () -- C:\boot.ini [2010-07-06 12:34:54 | 000,066,915 | ---- | M] () -- C:\Documents and Settings\zxcz\Pulpit\stats.JPG [2010-07-06 09:14:22 | 000,005,992 | ---- | M] () -- C:\Documents and Settings\zxcz\Pulpit\avatar.jpg [2010-07-06 09:06:35 | 000,189,461 | ---- | M] () -- C:\Documents and Settings\zxcz\Pulpit\download.JPG [2010-07-04 23:22:33 | 000,000,911 | ---- | M] () -- C:\WINDOWS\win.ini [2010-07-04 23:22:33 | 000,000,211 | ---- | M] () -- C:\Boot.bak [2010-07-04 19:35:37 | 000,020,480 | ---- | M] () -- C:\WINDOWS\System32\H@tKeysH@@k.DLL [2010-07-03 11:57:49 | 000,014,848 | ---- | M] () -- C:\WINDOWS\System32\BASSMOD.dll [2010-07-03 07:18:00 | 000,001,076 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-299502267-688789844-1060284298-1003Core.job [2010-07-01 21:15:28 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\zxcz\Pulpit\TVTool.lnk [2010-07-01 21:09:41 | 000,000,008 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat [2010-07-01 14:17:20 | 001,576,722 | -H-- | M] () -- C:\Documents and Settings\zxcz\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-06-22 21:15:12 | 000,019,456 | ---- | M] () -- C:\Documents and Settings\zxcz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-06-22 09:04:44 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-06-21 12:23:36 | 000,044,984 | ---- | M] () -- C:\Documents and Settings\zxcz\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2010-06-21 09:03:35 | 000,198,552 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-06-20 19:24:45 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll [2010-06-20 19:24:45 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2010-06-20 19:24:45 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2010-06-20 19:24:45 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2010-06-20 19:24:45 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl [2010-06-16 06:33:53 | 000,000,754 | ---- | M] () -- C:\WINDOWS\WORDPAD.INI [2010-06-15 22:12:17 | 000,001,938 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\THE SETTLERS - Narodziny Imperium.lnk [2010-06-15 22:11:05 | 000,278,984 | ---- | M] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2010-06-15 22:10:54 | 000,025,416 | ---- | M] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2010-06-06 17:42:25 | 000,000,025 | ---- | M] () -- C:\WINDOWS\libem.INI ========== Files Created - No Company Name ========== [2010-07-06 16:46:29 | 000,056,637 | ---- | C] () -- C:\Documents and Settings\zxcz\Pulpit\bug.JPG [2010-07-06 14:58:50 | 000,000,211 | ---- | C] () -- C:\Boot.bak [2010-07-06 14:58:47 | 000,262,400 | ---- | C] () -- C:\cmldr [2010-07-06 14:54:42 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe [2010-07-06 14:54:42 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe [2010-07-06 14:54:42 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2010-07-06 14:54:41 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2010-07-06 14:54:41 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2010-07-06 12:34:53 | 000,066,915 | ---- | C] () -- C:\Documents and Settings\zxcz\Pulpit\stats.JPG [2010-07-06 09:14:21 | 000,005,992 | ---- | C] () -- C:\Documents and Settings\zxcz\Pulpit\avatar.jpg [2010-07-06 09:06:34 | 000,189,461 | ---- | C] () -- C:\Documents and Settings\zxcz\Pulpit\download.JPG [2010-07-04 19:35:37 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\H@tKeysH@@k.DLL [2010-07-03 11:54:51 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll [2010-07-01 21:15:28 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\zxcz\Pulpit\TVTool.lnk [2010-06-20 11:07:23 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat [2010-06-15 22:12:17 | 000,001,938 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\THE SETTLERS - Narodziny Imperium.lnk [2010-06-15 22:11:04 | 000,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2010-06-15 22:10:54 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2010-06-06 17:42:25 | 000,000,025 | ---- | C] () -- C:\WINDOWS\libem.INI [2010-06-03 11:14:58 | 001,867,776 | ---- | C] () -- C:\WINDOWS\System32\python24.dll [2010-05-29 19:25:59 | 000,000,280 | ---- | C] () -- C:\WINDOWS\game.ini [2010-05-11 20:32:38 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll [2010-03-30 20:04:52 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2010-03-28 13:49:56 | 000,000,023 | -HS- | C] () -- C:\WINDOWS\System32\cedddcd9_d.dll [2010-03-14 19:07:54 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2010-03-06 20:02:14 | 001,867,776 | ---- | C] () -- C:\WINDOWS\python24.dll [2010-02-19 17:21:07 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2010-02-19 17:21:07 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2010-02-19 17:21:04 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2010-02-19 17:21:01 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2010-02-19 17:21:01 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2010-02-19 16:01:15 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2009-08-03 00:21:54 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll [2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2009-08-03 00:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2009-08-03 00:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2005-12-10 03:06:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2005-12-10 03:06:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2005-12-10 03:06:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2005-12-10 03:06:00 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll [2005-12-10 03:06:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2005-12-10 03:06:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2004-07-17 11:36:38 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys [2003-04-08 11:40:22 | 000,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI ========== Alternate Data Streams ========== @Alternate Data Stream - 286 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:6BE50C2B < End of report >

OTL logfile created on: 2010-07-06 16:34:30 - Run 4 OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\zxcz\Moje dokumenty\Pobieranie Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1 024,00 Mb Total Physical Memory | 523,00 Mb Available Physical Memory | 51,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 84,00% Paging File free Paging file location(s): C:\pagefile.sys 1152 2304 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 74,52 Gb Total Space | 18,85 Gb Free Space | 25,30% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: JK-935C0E4A6427 Current User Name: zxcz Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2010-07-04 18:38:36 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\zxcz\Moje dokumenty\Pobieranie\OTL.exe PRC - [2010-06-27 14:43:40 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firetyfoxxxsadsasddytya\plugin-container.exe PRC - [2010-06-27 14:43:38 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firetyfoxxxsadsasddytya\firefox.exe PRC - [2010-06-15 07:13:18 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Documents and Settings\zxcz\Ustawienia lokalne\Dane aplikacji\Google\Update\1.2.183.29\GoogleCrashHandler.exe PRC - [2005-03-31 11:18:49 | 000,790,528 | ---- | M] (sms-express.com) -- C:\Program Files\Gadu-Gadu\gg.exe PRC - [2004-08-04 00:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2004-04-01 11:52:06 | 001,368,064 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe ========== Modules (SafeList) ========== MOD - [2010-07-04 18:38:36 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\zxcz\Moje dokumenty\Pobieranie\OTL.exe MOD - [2004-08-04 00:42:34 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll MOD - [2004-08-03 23:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2000-07-07 18:42:56 | 000,032,768 | ---- | M] () -- C:\Program Files\Gadu-Gadu\ggwhook.dll ========== Win32 Services (SafeList) ========== SRV - [2010-01-26 13:41:08 | 000,652,800 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme) DRV - [2010-06-15 22:11:05 | 000,278,984 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt) DRV - [2010-06-15 22:10:54 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt) DRV - [2010-03-30 20:04:53 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2010-01-21 15:53:16 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2009-12-30 12:30:56 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2009-12-30 12:30:48 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2009-12-30 12:30:48 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2009-12-30 12:25:12 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu) DRV - [2009-10-02 01:00:00 | 000,027,248 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavalys\EVEREST Corporate Edition\kerneld.wnt -- (EverestDriver) DRV - [2009-06-30 10:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot) DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008-05-03 05:46:00 | 006,554,496 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2006-04-22 03:44:39 | 000,008,064 | ---- | M] (Elaborate Bytes AG) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV - [2005-05-03 17:34:02 | 000,027,392 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL) DRV - [2004-09-10 04:05:36 | 000,005,969 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Program Files\Anti Trojan Elite\ATEPMON.sys -- (ATE_PROCMON) DRV - [2004-08-04 01:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2004-08-04 00:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM) DRV - [2004-08-03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C) DRV - [2004-08-03 23:03:36 | 000,088,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx) DRV - [2004-04-26 10:49:56 | 000,381,056 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt) DRV - [2003-09-25 18:00:00 | 000,174,530 | ---- | M] (OmniVision Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ov519vid.sys -- (ovt519) DRV - [2002-09-20 11:53:34 | 000,235,100 | ---- | M] (Analog Devices Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MidiSyn.sys -- (MidiSyn) DRV - [2002-07-27 19:01:06 | 000,005,306 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (TBPanel) DRV - [2002-07-27 19:01:06 | 000,005,306 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (Cardex) DRV - [2001-10-26 16:48:56 | 000,009,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NtApm.sys -- (NtApm) DRV - [2001-08-17 22:02:32 | 000,008,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hidgame.sys -- (hidgame) DRV - [2001-08-17 21:54:18 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb) DRV - [2001-08-17 21:54:18 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.flashget.com/ IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = plimus.com,www.plimus.com,regnow.com,www.regnow.com, IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = socks= ========== FireFox ========== FF - prefs.js..browser.search.defaultthis.engineName: "XfireXO Customized Web Search" FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2304157&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.selectedEngine: "Allegro" FF - prefs.js..browser.startup.homepage: "http://www.google.pl" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2 FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.5.3 FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.10.2 FF - prefs.js..extensions.enabledItems: {5e5ab302-7f65-44cd-8211-c1d4caaccea3}:2.6.0.15 FF - prefs.js..extensions.enabledItems: {DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}:1.0 FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {AC57FCAF-E6FC-4BE9-ADC0-D00129C4C1E7}:1.0 FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2304157&q=" FF - prefs.js..network.proxy.backup.ftp: "" FF - prefs.js..network.proxy.backup.ftp_port: 0 FF - prefs.js..network.proxy.backup.gopher: "" FF - prefs.js..network.proxy.backup.gopher_port: 0 FF - prefs.js..network.proxy.backup.socks: "" FF - prefs.js..network.proxy.backup.socks_port: 0 FF - prefs.js..network.proxy.backup.ssl: "" FF - prefs.js..network.proxy.backup.ssl_port: 0 FF - prefs.js..network.proxy.no_proxies_on: "" FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.type: 0 FF - user.js..network.proxy.type: 0 FF - user.js..network.proxy.http: "" FF - user.js..network.proxy.http_port: 0 FF - user.js..network.proxy.ssl: "" FF - user.js..network.proxy.ssl_port: 0 FF - user.js..network.proxy.ftp: "" FF - user.js..network.proxy.ftp_port: 0 FF - user.js..network.proxy.gopher: "" FF - user.js..network.proxy.gopher_port: 0 FF - user.js..network.proxy.socks_version: 5 FF - user.js..network.proxy.socks: "" FF - user.js..network.proxy.socks_port: 0 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firetyfoxxxsadsasddytya\components [2010-06-28 17:12:37 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firetyfoxxxsadsasddytya\plugins [2010-07-06 14:40:58 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010-03-21 17:13:46 | 000,000,000 | ---D | M] [2010-02-19 14:58:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Extensions [2010-07-06 15:28:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions [2010-03-28 19:47:34 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f} [2010-05-30 15:42:46 | 000,000,000 | ---D | M] (XfireXO Toolbar) -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3} [2010-05-09 13:14:12 | 000,000,000 | ---D | M] (Easy Youtube Video Downloader) -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b} [2010-05-10 18:32:35 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010-06-06 17:42:33 | 000,000,000 | ---D | M] (flashget3 Extension) -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A} [2010-06-14 19:35:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\DTToolbar@toolbarnet.com [2010-03-13 18:21:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\illimitux@illimitux.net [2010-05-10 18:32:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\personas@christopher.beard [2010-05-26 15:18:50 | 000,002,333 | ---- | M] () -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\searchplugins\askcom.xml [2010-04-21 12:06:36 | 000,000,917 | ---- | M] () -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\searchplugins\conduit.xml [2010-03-30 20:05:09 | 000,002,055 | ---- | M] () -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\searchplugins\daemon-search.xml O1 HOSTS File: ([2010-07-06 15:06:32 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll File not found O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll File not found O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://active.macromedia.com/flash2/cabs/swflash.cab (Shockwave Flash Object) O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\zxcz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\zxcz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-02-18 23:12:22 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (rmparite.nt) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010-07-06 14:58:41 | 000,000,000 | RHSD | C] -- C:\cmdcons [2010-07-06 14:54:42 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2010-07-06 14:54:42 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2010-07-06 14:54:41 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2010-07-06 14:54:41 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2010-07-06 14:53:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2010-07-06 14:51:46 | 000,000,000 | ---D | C] -- C:\Qoobox [2010-07-06 14:29:46 | 000,000,000 | ---D | C] -- C:\_OTL [2010-07-06 11:03:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\zxcz\Moje dokumenty\GTA San Andreas User Files [2010-07-04 14:26:45 | 000,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\NtApm.sys [2010-07-03 10:49:50 | 000,000,000 | ---D | C] -- C:\Program Files\Anti Trojan Elite [2010-07-03 10:45:04 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2010-07-02 19:31:53 | 000,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies [2010-07-02 19:31:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\AGEIA [2010-07-02 19:31:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard [2010-06-22 18:56:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\zxcz\Moje dokumenty\KONAMI [2010-06-22 18:29:28 | 000,000,000 | ---D | C] -- C:\Program Files\KONAMI [2010-06-22 18:29:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\KONAMI [2010-06-21 21:11:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2010-06-20 19:25:06 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll [2010-06-20 19:25:06 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl [2010-06-20 19:25:05 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2010-06-20 19:25:05 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2010-06-20 19:25:05 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2010-06-19 21:23:37 | 000,000,000 | ---D | C] -- C:\Program Files\TVTool [2010-06-17 22:26:24 | 000,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidgame.sys [2010-06-16 15:57:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\zxcz\Moje dokumenty\THE SETTLERS - Rise of an Empire [2010-06-15 20:57:09 | 000,000,000 | ---D | C] -- C:\Program Files\Ubisoft [2010-06-15 20:55:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\DAEMON Tools Images [2010-06-15 19:27:27 | 000,000,000 | R--D | C] -- C:\MSOCache [2010-06-14 19:35:22 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite [2010-06-07 20:26:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\zxcz\Pulpit\bzzz [2010-06-06 21:50:04 | 000,000,000 | ---D | C] -- C:\Program Files\Turbine [2010-06-06 17:44:03 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks [2010-06-06 17:42:33 | 000,000,000 | ---D | C] -- C:\Downloads [2010-06-06 17:42:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\zxcz\Dane aplikacji\FlashGet ========== Files - Modified Within 30 Days ========== [2010-07-06 16:18:03 | 000,001,128 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-299502267-688789844-1060284298-1003UA.job [2010-07-06 15:07:09 | 000,176,765 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2010-07-06 15:07:01 | 000,000,258 | ---- | M] () -- C:\WINDOWS\system.ini [2010-07-06 15:06:32 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2010-07-06 15:06:22 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job [2010-07-06 15:06:07 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-07-06 15:06:02 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-07-06 15:05:56 | 1073,315,840 | -HS- | M] () -- C:\hiberfil.sys [2010-07-06 15:05:15 | 006,029,312 | ---- | M] () -- C:\Documents and Settings\zxcz\ntuser.dat [2010-07-06 15:05:15 | 000,000,292 | -HS- | M] () -- C:\Documents and Settings\zxcz\ntuser.ini [2010-07-06 14:58:50 | 000,000,281 | RHS- | M] () -- C:\boot.ini [2010-07-06 12:34:54 | 000,066,915 | ---- | M] () -- C:\Documents and Settings\zxcz\Pulpit\stats.JPG [2010-07-06 09:14:22 | 000,005,992 | ---- | M] () -- C:\Documents and Settings\zxcz\Pulpit\avatar.jpg [2010-07-06 09:06:35 | 000,189,461 | ---- | M] () -- C:\Documents and Settings\zxcz\Pulpit\download.JPG [2010-07-04 23:22:33 | 000,000,911 | ---- | M] () -- C:\WINDOWS\win.ini [2010-07-04 23:22:33 | 000,000,211 | ---- | M] () -- C:\Boot.bak [2010-07-04 19:35:37 | 000,020,480 | ---- | M] () -- C:\WINDOWS\System32\H@tKeysH@@k.DLL [2010-07-03 11:57:49 | 000,014,848 | ---- | M] () -- C:\WINDOWS\System32\BASSMOD.dll [2010-07-03 07:18:00 | 000,001,076 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-299502267-688789844-1060284298-1003Core.job [2010-07-01 21:15:28 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\zxcz\Pulpit\TVTool.lnk [2010-07-01 21:09:41 | 000,000,008 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat [2010-07-01 14:17:20 | 001,576,722 | -H-- | M] () -- C:\Documents and Settings\zxcz\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-06-22 21:15:12 | 000,019,456 | ---- | M] () -- C:\Documents and Settings\zxcz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-06-22 09:04:44 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-06-21 12:23:36 | 000,044,984 | ---- | M] () -- C:\Documents and Settings\zxcz\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2010-06-21 09:03:35 | 000,198,552 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-06-20 19:24:45 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll [2010-06-20 19:24:45 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2010-06-20 19:24:45 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2010-06-20 19:24:45 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2010-06-20 19:24:45 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl [2010-06-20 11:54:51 | 000,000,484 | ---- | M] () -- C:\WINDOWS\System32\xvidvfw.dll [2010-06-20 11:54:51 | 000,000,484 | ---- | M] () -- C:\WINDOWS\System32\xvidcore.dll [2010-06-20 11:54:51 | 000,000,484 | ---- | M] () -- C:\WINDOWS\System32\ac3acm.acm [2010-06-16 08:29:42 | 000,000,000 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP [2010-06-16 06:33:53 | 000,000,754 | ---- | M] () -- C:\WINDOWS\WORDPAD.INI [2010-06-15 22:12:17 | 000,001,938 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\THE SETTLERS - Narodziny Imperium.lnk [2010-06-15 22:11:05 | 000,278,984 | ---- | M] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2010-06-15 22:10:54 | 000,025,416 | ---- | M] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2010-06-06 17:42:25 | 000,000,025 | ---- | M] () -- C:\WINDOWS\libem.INI ========== Files Created - No Company Name ========== [2010-07-06 14:58:50 | 000,000,211 | ---- | C] () -- C:\Boot.bak [2010-07-06 14:58:47 | 000,262,400 | ---- | C] () -- C:\cmldr [2010-07-06 14:54:42 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe [2010-07-06 14:54:42 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe [2010-07-06 14:54:42 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2010-07-06 14:54:41 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2010-07-06 14:54:41 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2010-07-06 12:34:53 | 000,066,915 | ---- | C] () -- C:\Documents and Settings\zxcz\Pulpit\stats.JPG [2010-07-06 09:14:21 | 000,005,992 | ---- | C] () -- C:\Documents and Settings\zxcz\Pulpit\avatar.jpg [2010-07-06 09:06:34 | 000,189,461 | ---- | C] () -- C:\Documents and Settings\zxcz\Pulpit\download.JPG [2010-07-04 19:35:37 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\H@tKeysH@@k.DLL [2010-07-03 11:54:51 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll [2010-07-01 21:15:28 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\zxcz\Pulpit\TVTool.lnk [2010-06-20 11:07:23 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat [2010-06-15 22:12:17 | 000,001,938 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\THE SETTLERS - Narodziny Imperium.lnk [2010-06-15 22:11:04 | 000,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2010-06-15 22:10:54 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2010-06-06 17:42:25 | 000,000,025 | ---- | C] () -- C:\WINDOWS\libem.INI [2010-06-03 11:14:58 | 001,867,776 | ---- | C] () -- C:\WINDOWS\System32\python24.dll [2010-05-29 19:25:59 | 000,000,280 | ---- | C] () -- C:\WINDOWS\game.ini [2010-05-11 20:32:38 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll [2010-03-28 13:49:56 | 000,000,023 | -HS- | C] () -- C:\WINDOWS\System32\cedddcd9_d.dll [2010-03-14 19:07:54 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2010-03-06 20:02:14 | 001,867,776 | ---- | C] () -- C:\WINDOWS\python24.dll [2010-02-19 17:21:07 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2010-02-19 17:21:07 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2010-02-19 17:21:05 | 000,000,484 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2010-02-19 17:21:05 | 000,000,484 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2010-02-19 17:21:04 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2010-02-19 17:21:01 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2010-02-19 17:21:01 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2010-02-19 16:01:15 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2009-08-03 00:21:54 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll [2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2009-08-03 00:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2009-08-03 00:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2005-12-10 03:06:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2005-12-10 03:06:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2005-12-10 03:06:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2005-12-10 03:06:00 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll [2005-12-10 03:06:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2005-12-10 03:06:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2004-07-17 11:36:38 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys [2003-04-08 11:40:22 | 000,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI ========== Alternate Data Streams ========== @Alternate Data Stream - 286 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:6BE50C2B < End of report >

A gmer ci dać ?? bo tamte 2 logi były szybko a na ten jeszcze poczekasz pewnie długo http://www.virustotal.com/pl/analisis/48ec8eabefd51bc4a9e876a662a1fd3a83e3db3ef8559827986a315ebbd51866-1265154586 http://www.virustotal.com/pl/analisis/48ec8eabefd51bc4a9e876a662a1fd3a83e3db3ef8559827986a315ebbd51866-1265154586 http://www.virustotal.com/pl/analisis/48ec8eabefd51bc4a9e876a662a1fd3a83e3db3ef8559827986a315ebbd51866-1265154586 FlasGet nie używam juz odinstalowany

OTL ! OTL logfile created on: 2010-07-06 15:20:38 - Run 3 OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\zxcz\Moje dokumenty\Pobieranie Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1 024,00 Mb Total Physical Memory | 595,00 Mb Available Physical Memory | 58,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 87,00% Paging File free Paging file location(s): C:\pagefile.sys 1152 2304 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 74,52 Gb Total Space | 18,88 Gb Free Space | 25,33% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: JK-935C0E4A6427 Current User Name: zxcz Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2010-07-04 18:38:36 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\zxcz\Moje dokumenty\Pobieranie\OTL.exe PRC - [2010-06-27 14:43:38 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firetyfoxxxsadsasddytya\firefox.exe PRC - [2010-06-15 07:13:18 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Documents and Settings\zxcz\Ustawienia lokalne\Dane aplikacji\Google\Update\1.2.183.29\GoogleCrashHandler.exe PRC - [2005-03-31 11:18:49 | 000,790,528 | ---- | M] (sms-express.com) -- C:\Program Files\Gadu-Gadu\gg.exe PRC - [2004-08-04 00:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2004-04-01 11:52:06 | 001,368,064 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe ========== Modules (SafeList) ========== MOD - [2010-07-04 18:38:36 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\zxcz\Moje dokumenty\Pobieranie\OTL.exe MOD - [2004-08-04 00:42:34 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll MOD - [2004-08-03 23:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2000-07-07 18:42:56 | 000,032,768 | ---- | M] () -- C:\Program Files\Gadu-Gadu\ggwhook.dll ========== Win32 Services (SafeList) ========== SRV - [2010-01-26 13:41:08 | 000,652,800 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme) DRV - [2010-06-15 22:11:05 | 000,278,984 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt) DRV - [2010-06-15 22:10:54 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt) DRV - [2010-03-30 20:04:53 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2010-01-21 15:53:16 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2009-12-30 12:30:56 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2009-12-30 12:30:48 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2009-12-30 12:30:48 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2009-12-30 12:25:12 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu) DRV - [2009-10-02 01:00:00 | 000,027,248 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavalys\EVEREST Corporate Edition\kerneld.wnt -- (EverestDriver) DRV - [2009-06-30 10:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot) DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008-05-03 05:46:00 | 006,554,496 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2006-04-22 03:44:39 | 000,008,064 | ---- | M] (Elaborate Bytes AG) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV - [2005-05-03 17:34:02 | 000,027,392 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL) DRV - [2004-09-10 04:05:36 | 000,005,969 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Program Files\Anti Trojan Elite\ATEPMON.sys -- (ATE_PROCMON) DRV - [2004-08-04 01:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2004-08-04 00:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM) DRV - [2004-08-03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C) DRV - [2004-08-03 23:03:36 | 000,088,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx) DRV - [2004-04-26 10:49:56 | 000,381,056 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt) DRV - [2003-09-25 18:00:00 | 000,174,530 | ---- | M] (OmniVision Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ov519vid.sys -- (ovt519) DRV - [2002-09-20 11:53:34 | 000,235,100 | ---- | M] (Analog Devices Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MidiSyn.sys -- (MidiSyn) DRV - [2002-07-27 19:01:06 | 000,005,306 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (TBPanel) DRV - [2002-07-27 19:01:06 | 000,005,306 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (Cardex) DRV - [2001-10-26 16:48:56 | 000,009,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NtApm.sys -- (NtApm) DRV - [2001-08-17 22:02:32 | 000,008,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hidgame.sys -- (hidgame) DRV - [2001-08-17 21:54:18 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb) DRV - [2001-08-17 21:54:18 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.flashget.com/ IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = plimus.com,www.plimus.com,regnow.com,www.regnow.com, IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = socks= ========== FireFox ========== FF - prefs.js..browser.search.defaultthis.engineName: "XfireXO Customized Web Search" FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2304157&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.selectedEngine: "Allegro" FF - prefs.js..browser.startup.homepage: "http://www.google.pl" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2 FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.5.3 FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.10.2 FF - prefs.js..extensions.enabledItems: {5e5ab302-7f65-44cd-8211-c1d4caaccea3}:2.6.0.15 FF - prefs.js..extensions.enabledItems: {DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}:1.0 FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {AC57FCAF-E6FC-4BE9-ADC0-D00129C4C1E7}:1.0 FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2304157&q=" FF - prefs.js..network.proxy.backup.ftp: "" FF - prefs.js..network.proxy.backup.ftp_port: 0 FF - prefs.js..network.proxy.backup.gopher: "" FF - prefs.js..network.proxy.backup.gopher_port: 0 FF - prefs.js..network.proxy.backup.socks: "" FF - prefs.js..network.proxy.backup.socks_port: 0 FF - prefs.js..network.proxy.backup.ssl: "" FF - prefs.js..network.proxy.backup.ssl_port: 0 FF - prefs.js..network.proxy.no_proxies_on: "" FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.type: 0 FF - user.js..network.proxy.type: 0 FF - user.js..network.proxy.http: "" FF - user.js..network.proxy.http_port: 0 FF - user.js..network.proxy.ssl: "" FF - user.js..network.proxy.ssl_port: 0 FF - user.js..network.proxy.ftp: "" FF - user.js..network.proxy.ftp_port: 0 FF - user.js..network.proxy.gopher: "" FF - user.js..network.proxy.gopher_port: 0 FF - user.js..network.proxy.socks_version: 5 FF - user.js..network.proxy.socks: "" FF - user.js..network.proxy.socks_port: 0 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firetyfoxxxsadsasddytya\components [2010-06-28 17:12:37 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firetyfoxxxsadsasddytya\plugins [2010-07-06 14:40:58 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010-03-21 17:13:46 | 000,000,000 | ---D | M] [2010-02-19 14:58:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Extensions [2010-07-06 14:47:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions [2010-03-28 19:47:34 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f} [2010-05-30 15:42:46 | 000,000,000 | ---D | M] (XfireXO Toolbar) -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3} [2010-05-09 13:14:12 | 000,000,000 | ---D | M] (Easy Youtube Video Downloader) -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b} [2010-05-10 18:32:35 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010-06-06 17:42:33 | 000,000,000 | ---D | M] (flashget3 Extension) -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A} [2010-06-14 19:35:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\DTToolbar@toolbarnet.com [2010-03-13 18:21:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\illimitux@illimitux.net [2010-05-10 18:32:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\personas@christopher.beard [2010-05-26 15:18:50 | 000,002,333 | ---- | M] () -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\searchplugins\askcom.xml [2010-04-21 12:06:36 | 000,000,917 | ---- | M] () -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\searchplugins\conduit.xml [2010-03-30 20:05:09 | 000,002,055 | ---- | M] () -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\searchplugins\daemon-search.xml O1 HOSTS File: ([2010-07-06 15:06:32 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll File not found O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll File not found O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://active.macromedia.com/flash2/cabs/swflash.cab (Shockwave Flash Object) O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\zxcz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\zxcz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-02-18 23:12:22 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (rmparite.nt) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010-07-06 14:58:41 | 000,000,000 | RHSD | C] -- C:\cmdcons [2010-07-06 14:54:42 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2010-07-06 14:54:42 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2010-07-06 14:54:41 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2010-07-06 14:54:41 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2010-07-06 14:53:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2010-07-06 14:51:46 | 000,000,000 | ---D | C] -- C:\Qoobox [2010-07-06 14:29:46 | 000,000,000 | ---D | C] -- C:\_OTL [2010-07-06 11:03:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\zxcz\Moje dokumenty\GTA San Andreas User Files [2010-07-04 14:26:45 | 000,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\NtApm.sys [2010-07-03 10:49:50 | 000,000,000 | ---D | C] -- C:\Program Files\Anti Trojan Elite [2010-07-03 10:45:04 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2010-07-02 19:31:53 | 000,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies [2010-07-02 19:31:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\AGEIA [2010-07-02 19:31:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard [2010-06-22 18:56:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\zxcz\Moje dokumenty\KONAMI [2010-06-22 18:29:28 | 000,000,000 | ---D | C] -- C:\Program Files\KONAMI [2010-06-22 18:29:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\KONAMI [2010-06-21 21:11:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2010-06-20 19:25:06 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll [2010-06-20 19:25:06 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl [2010-06-20 19:25:05 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2010-06-20 19:25:05 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2010-06-20 19:25:05 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2010-06-19 21:23:37 | 000,000,000 | ---D | C] -- C:\Program Files\TVTool [2010-06-17 22:26:24 | 000,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidgame.sys [2010-06-16 15:57:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\zxcz\Moje dokumenty\THE SETTLERS - Rise of an Empire [2010-06-15 20:57:09 | 000,000,000 | ---D | C] -- C:\Program Files\Ubisoft [2010-06-15 20:55:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\DAEMON Tools Images [2010-06-15 19:27:27 | 000,000,000 | R--D | C] -- C:\MSOCache [2010-06-14 19:35:22 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite [2010-06-07 20:26:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\zxcz\Pulpit\bzzz [2010-06-06 21:50:04 | 000,000,000 | ---D | C] -- C:\Program Files\Turbine [2010-06-06 17:44:03 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks [2010-06-06 17:42:33 | 000,000,000 | ---D | C] -- C:\Downloads [2010-06-06 17:42:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\zxcz\Dane aplikacji\FlashGet ========== Files - Modified Within 30 Days ========== [2010-07-06 15:18:06 | 000,001,128 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-299502267-688789844-1060284298-1003UA.job [2010-07-06 15:07:09 | 000,176,765 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2010-07-06 15:07:01 | 000,000,258 | ---- | M] () -- C:\WINDOWS\system.ini [2010-07-06 15:06:32 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2010-07-06 15:06:22 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job [2010-07-06 15:06:07 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-07-06 15:06:02 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-07-06 15:05:56 | 1073,315,840 | -HS- | M] () -- C:\hiberfil.sys [2010-07-06 15:05:15 | 006,029,312 | ---- | M] () -- C:\Documents and Settings\zxcz\ntuser.dat [2010-07-06 15:05:15 | 000,000,292 | -HS- | M] () -- C:\Documents and Settings\zxcz\ntuser.ini [2010-07-06 14:58:50 | 000,000,281 | RHS- | M] () -- C:\boot.ini [2010-07-06 12:34:54 | 000,066,915 | ---- | M] () -- C:\Documents and Settings\zxcz\Pulpit\stats.JPG [2010-07-06 09:14:22 | 000,005,992 | ---- | M] () -- C:\Documents and Settings\zxcz\Pulpit\avatar.jpg [2010-07-06 09:06:35 | 000,189,461 | ---- | M] () -- C:\Documents and Settings\zxcz\Pulpit\download.JPG [2010-07-04 23:22:33 | 000,000,911 | ---- | M] () -- C:\WINDOWS\win.ini [2010-07-04 23:22:33 | 000,000,211 | ---- | M] () -- C:\Boot.bak [2010-07-04 19:35:37 | 000,020,480 | ---- | M] () -- C:\WINDOWS\System32\H@tKeysH@@k.DLL [2010-07-03 11:57:49 | 000,014,848 | ---- | M] () -- C:\WINDOWS\System32\BASSMOD.dll [2010-07-03 07:18:00 | 000,001,076 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-299502267-688789844-1060284298-1003Core.job [2010-07-01 21:15:28 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\zxcz\Pulpit\TVTool.lnk [2010-07-01 21:09:41 | 000,000,008 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat [2010-07-01 14:17:20 | 001,576,722 | -H-- | M] () -- C:\Documents and Settings\zxcz\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-06-22 21:15:12 | 000,019,456 | ---- | M] () -- C:\Documents and Settings\zxcz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-06-22 09:04:44 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-06-21 12:23:36 | 000,044,984 | ---- | M] () -- C:\Documents and Settings\zxcz\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2010-06-21 09:03:35 | 000,198,552 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-06-20 19:24:45 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll [2010-06-20 19:24:45 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2010-06-20 19:24:45 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2010-06-20 19:24:45 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2010-06-20 19:24:45 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl [2010-06-20 11:54:51 | 000,000,484 | ---- | M] () -- C:\WINDOWS\System32\xvidvfw.dll [2010-06-20 11:54:51 | 000,000,484 | ---- | M] () -- C:\WINDOWS\System32\xvidcore.dll [2010-06-20 11:54:51 | 000,000,484 | ---- | M] () -- C:\WINDOWS\System32\ac3acm.acm [2010-06-16 08:29:42 | 000,000,000 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP [2010-06-16 06:33:53 | 000,000,754 | ---- | M] () -- C:\WINDOWS\WORDPAD.INI [2010-06-15 22:12:17 | 000,001,938 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\THE SETTLERS - Narodziny Imperium.lnk [2010-06-15 22:11:05 | 000,278,984 | ---- | M] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2010-06-15 22:10:54 | 000,025,416 | ---- | M] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2010-06-06 17:42:25 | 000,000,025 | ---- | M] () -- C:\WINDOWS\libem.INI ========== Files Created - No Company Name ========== [2010-07-06 14:58:50 | 000,000,211 | ---- | C] () -- C:\Boot.bak [2010-07-06 14:58:47 | 000,262,400 | ---- | C] () -- C:\cmldr [2010-07-06 14:54:42 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe [2010-07-06 14:54:42 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe [2010-07-06 14:54:42 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2010-07-06 14:54:41 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2010-07-06 14:54:41 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2010-07-06 12:34:53 | 000,066,915 | ---- | C] () -- C:\Documents and Settings\zxcz\Pulpit\stats.JPG [2010-07-06 09:14:21 | 000,005,992 | ---- | C] () -- C:\Documents and Settings\zxcz\Pulpit\avatar.jpg [2010-07-06 09:06:34 | 000,189,461 | ---- | C] () -- C:\Documents and Settings\zxcz\Pulpit\download.JPG [2010-07-04 19:35:37 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\H@tKeysH@@k.DLL [2010-07-03 11:54:51 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll [2010-07-01 21:15:28 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\zxcz\Pulpit\TVTool.lnk [2010-06-20 11:07:23 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat [2010-06-15 22:12:17 | 000,001,938 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\THE SETTLERS - Narodziny Imperium.lnk [2010-06-15 22:11:04 | 000,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2010-06-15 22:10:54 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2010-06-06 17:42:25 | 000,000,025 | ---- | C] () -- C:\WINDOWS\libem.INI [2010-06-03 11:14:58 | 001,867,776 | ---- | C] () -- C:\WINDOWS\System32\python24.dll [2010-05-29 19:25:59 | 000,000,280 | ---- | C] () -- C:\WINDOWS\game.ini [2010-05-11 20:32:38 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll [2010-03-28 13:49:56 | 000,000,023 | -HS- | C] () -- C:\WINDOWS\System32\cedddcd9_d.dll [2010-03-14 19:07:54 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2010-03-06 20:02:14 | 001,867,776 | ---- | C] () -- C:\WINDOWS\python24.dll [2010-02-19 17:21:07 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2010-02-19 17:21:07 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2010-02-19 17:21:05 | 000,000,484 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2010-02-19 17:21:05 | 000,000,484 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2010-02-19 17:21:04 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2010-02-19 17:21:01 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2010-02-19 17:21:01 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2010-02-19 16:01:15 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2009-08-03 00:21:54 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll [2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2009-08-03 00:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2009-08-03 00:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2005-12-10 03:06:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2005-12-10 03:06:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2005-12-10 03:06:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2005-12-10 03:06:00 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll [2005-12-10 03:06:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2005-12-10 03:06:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2004-07-17 11:36:38 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys [2003-04-08 11:40:22 | 000,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI ========== Alternate Data Streams ========== @Alternate Data Stream - 286 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:6BE50C2B < End of report >

log combofix: ComboFix 10-07-05.03 - zxcz 2010-07-06 15:00:16.1.1 - x86 Microsoft Windows XP Professional 5.1.2600.2.1250.48.1045.18.1024.785 [GMT 2:00] Uruchomiony z: c:\documents and settings\zxcz\Moje dokumenty\Pobieranie\ComboFix.exe Użyto następujących komend :: c:\documents and settings\zxcz\Moje dokumenty\Pobieranie\CFScript.txt . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\All Users\announce.exe c:\documents and settings\zxcz\Dane aplikacji\BITS c:\documents and settings\zxcz\Dane aplikacji\BITS\BITS.ini c:\documents and settings\zxcz\Dane aplikacji\BITS\DHTTable.dat c:\documents and settings\zxcz\Dane aplikacji\BITS\ProxyList.ini c:\documents and settings\zxcz\Dane aplikacji\FlashGetBHO c:\documents and settings\zxcz\Dane aplikacji\FlashGetBHO\FlashGetBHO3.dll c:\documents and settings\zxcz\Dane aplikacji\FlashGetBHO\FlashGetHook.dll c:\documents and settings\zxcz\Dane aplikacji\FlashGetBHO\GetAllUrl.htm c:\documents and settings\zxcz\Dane aplikacji\FlashGetBHO\GetUrl.htm c:\program files\FlashGet Network c:\program files\FlashGet Network\FlashGet 3\dat\Appsetting.cfg c:\program files\FlashGet Network\FlashGet 3\dat\FlashGet3db.bak c:\program files\FlashGet Network\FlashGet 3\dat\FlashGet3db.db c:\program files\FlashGet Network\FlashGet 3\P2PCfg.ini c:\program files\FlashGet Network\FlashGet 3\perf.ini c:\program files\FlashGet Network\FlashGet 3\pstat.dat c:\program files\FlashGet Network\FlashGet 3\pup.dat c:\windows\system32\dxva2.dll c:\windows\system32\evr.dll c:\windows\system32\evrprop.dll c:\windows\system32\libFLAC.dll c:\windows\system32\mkunicode.dll c:\windows\system32\mkzlib.dll c:\windows\system32\sknc.dll Zainfekowana kopia c:\windows\system32\ws2_32.dll została znaleziona. Problem naprawiono Plik odzyskano z - c:\system volume information\_restore{1386A8C2-E0B7-49EF-8B15-E3C31D4E1E48}\RP144\A0252191.dll . ((((((((((((((((((((((((((((((((((((((( Sterowniki/Usługi ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_AVPsys ((((((((((((((((((((((((( Pliki utworzone od 2010-06-06 do 2010-07-06 ))))))))))))))))))))))))))))))) . 2010-07-06 12:29 . 2010-07-06 12:29 -------- d-----w- C:\_OTL 2010-07-04 17:35 . 2010-07-04 17:35 20480 ----a-w- c:\windows\system32\H@tKeysH@@k.DLL 2010-07-04 12:26 . 2001-10-26 14:48 9600 ----a-w- c:\windows\system32\drivers\NtApm.sys 2010-07-03 08:49 . 2010-07-03 09:57 -------- d-----w- c:\program files\Anti Trojan Elite 2010-07-03 08:45 . 2010-07-03 08:45 -------- d-----w- c:\program files\Trend Micro 2010-07-02 17:31 . 2010-07-02 17:32 -------- d-----w- c:\program files\AGEIA Technologies 2010-07-02 17:31 . 2010-07-02 17:31 -------- d-----w- c:\windows\system32\AGEIA 2010-07-02 17:31 . 2010-07-02 17:31 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard 2010-06-22 16:29 . 2010-06-22 16:29 -------- d-----w- c:\program files\KONAMI 2010-06-22 16:29 . 2010-06-22 16:29 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\KONAMI 2010-06-21 19:11 . 2010-07-05 07:23 -------- d---a-w- c:\documents and settings\All Users\Dane aplikacji\TEMP 2010-06-20 17:25 . 2010-06-20 17:24 411368 ----a-w- c:\windows\system32\deployJava1.dll 2010-06-20 09:07 . 2010-07-01 19:09 8 ----a-w- c:\windows\system32\nvModes.dat 2010-06-19 19:23 . 2010-07-01 19:15 -------- d-----w- c:\program files\TVTool 2010-06-17 20:26 . 2001-08-17 20:02 8576 ----a-w- c:\windows\system32\drivers\hidgame.sys 2010-06-15 20:11 . 2010-06-15 20:11 278984 ----a-w- c:\windows\system32\drivers\atksgt.sys 2010-06-15 20:10 . 2010-06-15 20:10 25416 ----a-w- c:\windows\system32\drivers\lirsgt.sys 2010-06-15 18:57 . 2010-06-15 18:57 -------- d-----w- c:\program files\Ubisoft 2010-06-15 17:27 . 2010-06-15 17:27 -------- d-----r- C:\MSOCache 2010-06-14 17:35 . 2010-06-14 17:35 -------- d-----w- c:\program files\DAEMON Tools Lite 2010-06-06 19:50 . 2010-06-06 19:50 -------- d-----w- c:\program files\Turbine 2010-06-06 15:44 . 2010-06-06 15:44 -------- d-----w- c:\program files\Pando Networks 2010-06-06 15:42 . 2010-06-16 13:52 -------- d-----w- C:\Downloads 2010-06-06 15:42 . 2010-06-06 15:42 -------- d-----w- c:\documents and settings\zxcz\Dane aplikacji\FlashGet . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-07-06 12:44 . 2010-05-30 13:42 -------- d-----w- c:\program files\XfireXO 2010-07-06 12:41 . 2010-06-03 18:20 -------- d-----w- c:\program files\Google 2010-07-06 12:41 . 2010-06-03 15:23 -------- d-----w- c:\program files\MoorHunt 2010-07-06 12:41 . 2010-05-17 16:18 -------- d-----w- c:\program files\Steam 2010-07-03 08:45 . 2010-07-03 08:45 388096 ----a-r- c:\documents and settings\zxcz\Dane aplikacji\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2010-07-01 13:51 . 2010-02-22 17:26 -------- d-----w- c:\documents and settings\zxcz\Dane aplikacji\Gadu-Gadu 10 2010-06-27 12:44 . 2010-03-13 07:07 -------- d-----w- c:\program files\Mozilla Firetyfoxxxsadsasddytya 2010-06-25 18:35 . 2010-02-19 18:26 -------- d-----w- c:\documents and settings\zxcz\Dane aplikacji\Skype 2010-06-25 18:34 . 2010-02-19 18:29 -------- d-----w- c:\documents and settings\zxcz\Dane aplikacji\skypePM 2010-06-25 18:33 . 2010-03-14 15:20 -------- d-----r- c:\program files\Skype 2010-06-21 10:23 . 2010-02-19 18:45 44984 ----a-w- c:\documents and settings\zxcz\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT 2010-06-20 17:25 . 2010-06-20 17:25 503808 ----a-w- c:\documents and settings\zxcz\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-29fd4d21-n\msvcp71.dll 2010-06-20 17:25 . 2010-06-20 17:25 499712 ----a-w- c:\documents and settings\zxcz\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-29fd4d21-n\jmc.dll 2010-06-20 17:25 . 2010-06-20 17:25 348160 ----a-w- c:\documents and settings\zxcz\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-29fd4d21-n\msvcr71.dll 2010-06-20 17:25 . 2010-06-20 17:25 61440 ----a-w- c:\documents and settings\zxcz\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-7d9755ba-n\decora-sse.dll 2010-06-20 17:25 . 2010-06-20 17:25 12800 ----a-w- c:\documents and settings\zxcz\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-7d9755ba-n\decora-d3d.dll 2010-06-20 09:54 . 2010-02-19 15:21 484 ----a-w- c:\windows\system32\xvidvfw.dll 2010-06-20 09:54 . 2010-02-19 15:21 484 ----a-w- c:\windows\system32\xvidcore.dll 2010-06-20 09:54 . 2010-04-11 17:32 -------- d-----w- c:\program files\ALLPlayer 2010-06-15 18:57 . 2010-02-19 14:21 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-06-15 18:27 . 2010-06-03 09:39 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Microsoft Help 2010-06-15 18:00 . 2010-06-03 09:40 -------- d-----w- c:\program files\Microsoft Visual Studio 8 2010-06-03 14:32 . 2010-02-27 18:16 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\OpenFM 2010-06-03 09:46 . 2010-06-03 09:40 -------- d-----w- c:\program files\Common Files\Merge Modules 2010-06-02 17:35 . 2010-05-18 15:01 -------- d-----w- c:\documents and settings\zxcz\Dane aplikacji\mIRC 2010-06-02 17:33 . 2010-05-18 15:01 -------- d-----w- c:\program files\mIRC 2010-05-30 13:47 . 2010-05-30 13:42 -------- d-----w- c:\program files\Xfire 2010-05-30 13:47 . 2010-05-30 13:42 -------- d-----w- c:\documents and settings\zxcz\Dane aplikacji\Xfire 2010-05-30 13:42 . 2010-05-30 13:42 -------- d-----w- c:\program files\Conduit 2010-05-29 17:00 . 2010-05-29 17:00 -------- d-----w- c:\program files\Activision 2010-05-29 16:49 . 2010-05-29 16:47 -------- d-----w- c:\program files\Common Files\Adobe 2010-05-29 12:34 . 2010-03-01 17:00 -------- d-----w- c:\program files\Remere's Map Editor 2010-05-28 14:04 . 2010-03-12 20:13 -------- d-----w- c:\program files\Gadu-Gadu 10 2010-05-23 11:28 . 2010-02-19 14:14 -------- d-----w- c:\documents and settings\zxcz\Dane aplikacji\PC Suite 2010-05-23 11:26 . 2010-04-11 17:32 -------- d-----w- c:\program files\NAPI-PROJEKT 2010-05-19 18:00 . 2010-02-19 18:34 -------- d-----w- c:\program files\VGA USB Camera 2010-05-19 18:00 . 2010-05-19 18:00 -------- d-----w- c:\program files\directx 2010-05-11 18:32 . 2010-05-11 18:32 41872 ----a-w- c:\windows\system32\xfcodec.dll 2010-05-11 15:18 . 2010-05-11 15:18 -------- d-----w- c:\documents and settings\zxcz\Dane aplikacji\Hide IP NG 2010-05-11 15:18 . 2010-05-11 15:18 -------- d-----w- c:\program files\Hide IP NG 2010-05-11 15:18 . 2010-05-11 15:18 -------- d-----w- c:\documents and settings\zxcz\Dane aplikacji\Delete Cookie 2010-05-10 15:51 . 2010-04-30 13:59 -------- d-----w- c:\program files\ChomikBox 2010-05-10 15:45 . 2010-05-10 15:45 -------- d-----w- c:\program files\Ashampoo 2010-05-10 15:17 . 2010-05-08 13:56 -------- d-----w- c:\program files\Boilsoft ASF Converter 2010-05-10 15:15 . 2010-03-13 07:40 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Alwil Software 2010-05-10 15:13 . 2010-04-11 17:32 -------- d-----w- c:\program files\ALLConverter 2010-05-08 13:56 . 2010-04-21 19:39 -------- d-----w- c:\documents and settings\zxcz\Dane aplikacji\DivX 2010-04-21 19:40 . 2010-04-21 19:40 57344 ----a-w- c:\documents and settings\All Users\Dane aplikacji\DivX\RunAsUser\RUNASUSERPROCESS.dll 2010-04-21 19:39 . 2010-04-21 19:39 56766 ----a-w- c:\documents and settings\All Users\Dane aplikacji\DivX\DivXPlusShortcuts\Uninstaller.exe 2010-04-21 19:39 . 2010-04-21 19:39 56978 ----a-w- c:\documents and settings\All Users\Dane aplikacji\DivX\WebPlayer\Uninstaller.exe 2010-04-21 19:39 . 2010-04-21 19:39 53600 ----a-w- c:\documents and settings\All Users\Dane aplikacji\DivX\Update\Uninstaller.exe 2010-04-21 19:39 . 2010-04-21 19:39 57679 ----a-w- c:\documents and settings\All Users\Dane aplikacji\DivX\Player\Uninstaller.exe 2010-04-21 19:38 . 2010-04-21 19:38 84040 ----a-w- c:\documents and settings\All Users\Dane aplikacji\DivX\TransferWizard\Uninstaller.exe 2010-04-21 19:38 . 2010-04-21 19:38 57054 ----a-w- c:\documents and settings\All Users\Dane aplikacji\DivX\DSDesktopComponents\Uninstaller.exe 2010-04-21 19:38 . 2010-04-21 19:38 54166 ----a-w- c:\documents and settings\All Users\Dane aplikacji\DivX\DSAVCDecoder\Uninstaller.exe 2010-04-21 19:38 . 2010-04-21 19:38 57532 ----a-w- c:\documents and settings\All Users\Dane aplikacji\DivX\DSASPDecoder\Uninstaller.exe 2010-04-21 19:38 . 2010-04-21 19:38 56458 ----a-w- c:\documents and settings\All Users\Dane aplikacji\DivX\DivXDecoderShortcut\Uninstaller.exe 2010-04-21 19:38 . 2010-04-21 19:38 54174 ----a-w- c:\documents and settings\All Users\Dane aplikacji\DivX\DSAACDecoder\Uninstaller.exe 2010-04-21 19:38 . 2010-04-21 19:38 54153 ----a-w- c:\documents and settings\All Users\Dane aplikacji\DivX\DFXPlugin\Uninstaller.exe 2010-04-21 19:38 . 2010-04-21 19:38 54128 ----a-w- c:\documents and settings\All Users\Dane aplikacji\DivX\Converter\Uninstaller.exe 2010-04-21 19:37 . 2010-04-21 19:37 54629 ----a-w- c:\documents and settings\All Users\Dane aplikacji\DivX\TranscodeEngine\Uninstaller.exe 2010-04-21 19:37 . 2010-04-21 19:37 54101 ----a-w- c:\documents and settings\All Users\Dane aplikacji\DivX\MPEG2Plugin\Uninstaller.exe 2010-04-21 19:37 . 2010-04-21 19:37 57409 ----a-w- c:\documents and settings\All Users\Dane aplikacji\DivX\ControlPanel\Uninstaller.exe 2010-04-21 19:37 . 2010-04-21 19:37 52963 ----a-w- c:\documents and settings\All Users\Dane aplikacji\DivX\MSVC80CRTRedist\Uninstaller.exe 2010-04-21 19:37 . 2010-04-21 19:37 54073 ----a-w- c:\documents and settings\All Users\Dane aplikacji\DivX\Qt4.5\Uninstaller.exe 2010-04-21 19:37 . 2010-04-21 19:37 56969 ----a-w- c:\documents and settings\All Users\Dane aplikacji\DivX\ASPEncoder\Uninstaller.exe 2010-04-21 19:35 . 2010-04-21 19:35 144696 ----a-w- c:\documents and settings\All Users\Dane aplikacji\DivX\RunAsUser\RUNASUSERPROCESS.exe 2010-04-21 19:35 . 2010-04-21 19:39 754984 ----a-w- c:\documents and settings\All Users\Dane aplikacji\DivX\Setup\Resource.dll 2010-04-21 19:35 . 2010-04-21 19:39 1180952 ----a-w- c:\documents and settings\All Users\Dane aplikacji\DivX\Setup\DivXSetup.exe 2010-04-21 10:06 . 2010-05-30 13:42 101376 ------w- c:\documents and settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}\components\RadioWMPCore.dll 2010-04-21 10:06 . 2010-05-30 13:42 52224 ------w- c:\documents and settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}\components\FFExternalAlert.dll 2010-04-16 11:22 . 2001-10-26 14:15 80642 ----a-w- c:\windows\system32\perfc015.dat 2010-04-16 11:22 . 2001-10-26 14:15 460446 ----a-w- c:\windows\system32\perfh015.dat 2010-04-13 13:48 . 2010-03-30 18:07 664 ----a-w- c:\windows\system32\d3d9caps.dat 2010-04-11 17:26 . 2010-04-11 17:26 249856 ------w- c:\windows\Setup1.exe 2010-04-11 17:26 . 2010-04-11 17:26 73216 ----a-w- c:\windows\ST6UNST.EXE 2010-03-28 11:49 . 2010-03-28 11:49 23 --sha-w- c:\windows\system32\cedddcd9_d.dll . ------- Sigcheck ------- [7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys [7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys [-] 2008-06-20 . 01D5EAAFF224415A7FF513E4C882BE30 . 360320 . . [5.1.2600.3394] . . c:\windows\system32\drivers\tcpip.sys [7] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys [-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\tcpip.sys [7] 2004-08-03 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\tcpip.sys [7] 2004-08-03 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748$\tcpip.sys . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Google Update"="c:\documents and settings\zxcz\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe" [2010-04-14 136176] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMAXPnP"="c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-04-01 1368064] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-03 13529088] "nwiz"="nwiz.exe" [2008-05-03 1630208] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-03 86016] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0rmparite.nt [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 nwprovau [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^HP Image Zone - szybkie uruchamianie.lnk] path=c:\documents and settings\All Users\Menu Start\Programy\Autostart\HP Image Zone - szybkie uruchamianie.lnk backup=c:\windows\pss\HP Image Zone - szybkie uruchamianie.lnkCommon Startup HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IPLA! [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer] c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ALLUpdate] 2010-06-20 09:54 484 ----a-w- c:\program files\ALLPlayer\ALLUpdate.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Anti Trojan Elite] 2010-07-03 09:57 864256 ----a-w- c:\program files\Anti Trojan Elite\TJEnder.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] 2004-08-03 22:44 15360 ----a-w- c:\windows\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] 2010-04-01 09:16 357696 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] 2010-04-12 22:46 1135912 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu 10] 2010-04-21 08:40 11985504 ----a-w- c:\program files\Gadu-Gadu 10\gg.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] 2010-04-14 14:08 136176 ----atw- c:\documents and settings\zxcz\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] 2004-08-03 22:44 1667584 ------w- c:\program files\Messenger\msmsgs.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2006-01-12 14:40 155648 ----a-w- c:\windows\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray] 2009-11-11 09:57 1451520 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] 2010-05-13 14:12 26192168 ----a-r- c:\program files\Skype\Phone\Skype.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedX] 2006-06-27 12:11 46718 ----a-w- c:\progra~1\MyPortal\Speed-X\SpeedX.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam] 2010-05-17 16:26 1238352 ----a-w- c:\program files\Steam\Steam.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2010-02-18 09:43 248040 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Gadu-Gadu\\gg.exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Program Files\\Steam\\Steam.exe"= "c:\\Program Files\\Steam\\steamapps\\common\\serious sam hd the first encounter\\Bin\\SamHD_Demo.exe"= "c:\\Program Files\\Steam\\steamapps\\common\\star trek online\\Star Trek Online.exe"= "c:\\Program Files\\Steam\\steamapps\\common\\serious sam hd the first encounter\\Bin\\SamHD.exe"= "c:\\Program Files\\Ubisoft\\THE SETTLERS - Narodziny Imperium\\base\\bin\\Settlers6.exe"= "c:\\Program Files\\Steam\\steamapps\\csxxcs999\\team fortress classic\\hl.exe"= "c:\\Program Files\\KONAMI\\Pro Evolution Soccer 2010\\pes2010.exe"= "c:\\Program Files\\KONAMI\\Pro Evolution Soccer 2010\\Ekstraklasa patch 2010.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\Steam\\steamapps\\csxxcs999\\counter-strike\\hl.exe"= "c:\\Program Files\\Steam\\steamapps\\common\\mass effect 2 demo\\MassEffect2Launcher.exe"= "c:\\Program Files\\Steam\\steamapps\\common\\mass effect 2 demo\\docs\\EA Help\\Electronic_Arts_Technical_Support.htm"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009 R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2010-03-13 28552] S3 ATE_PROCMON;ATE_PROCMON;c:\program files\Anti Trojan Elite\ATEPMON.sys [2010-07-03 5969] S3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files\Lavalys\EVEREST Corporate Edition\kerneld.wnt [2010-02-19 27248] S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2010-02-19 137344] S3 NtApm;Sterownik interfejsu NT Apm/Legacy;c:\windows\system32\drivers\NtApm.sys [2010-07-04 9600] S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2010-03-30 691696] . Zawartość folderu 'Zaplanowane zadania' 2010-07-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-299502267-688789844-1060284298-1003Core.job - c:\documents and settings\zxcz\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2010-04-14 14:08] 2010-07-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-299502267-688789844-1060284298-1003UA.job - c:\documents and settings\zxcz\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2010-04-14 14:08] 2010-04-25 c:\windows\Tasks\Install_NSS.job - c:\program files\DivX\Symantec\scstubinstaller.exe [2010-03-08 18:00] 2010-07-06 c:\windows\Tasks\WGASetup.job - c:\windows\system32\KB905474\wgasetup.exe [2010-03-31 20:18] . . ------- Skan uzupełniający ------- . uStart Page = hxxp://google.flashget.com/ uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyServer = socks= uInternet Settings,ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com, IE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: ????3?? - c:\documents and settings\zxcz\Dane aplikacji\FlashGetBHO\GetUrl.htm IE: ????3?????? - c:\documents and settings\zxcz\Dane aplikacji\FlashGetBHO\GetAllUrl.htm TCP: {E6E023A1-BB31-49B3-915C-B1289A4EB0A5} = 88.208.105.1 FF - ProfilePath - c:\documents and settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2304157&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - Allegro FF - prefs.js: browser.startup.homepage - hxxp://www.google.pl FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2304157&q= FF - prefs.js: network.proxy.type - 0 FF - component: c:\documents and settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll FF - component: c:\documents and settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}\components\FFExternalAlert.dll FF - component: c:\documents and settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}\components\RadioWMPCore.dll FF - component: c:\documents and settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}\components\FlashGetXPI.dll FF - component: c:\documents and settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll FF - plugin: c:\documents and settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\npgg.2.dll FF - plugin: c:\documents and settings\zxcz\Ustawienia lokalne\Dane aplikacji\Google\Update\1.2.183.29\npGoogleOneClick8.dll FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll ---- FIREFOX - SPOSÓB POSTĘPOWANIA ---- FF - user.js: network.proxy.type - 0 FF - user.js: network.proxy.http - FF - user.js: network.proxy.http_port - 0 FF - user.js: network.proxy.ssl - FF - user.js: network.proxy.ssl_port - 0 FF - user.js: network.proxy.ftp - FF - user.js: network.proxy.ftp_port - 0 FF - user.js: network.proxy.gopher - FF - user.js: network.proxy.gopher_port - 0 FF - user.js: network.proxy.socks_version - 5 FF - user.js: network.proxy.socks - FF - user.js: network.proxy.socks_port - 0 c:\program files\Mozilla Firetyfoxxxsadsasddytya\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files\Mozilla Firetyfoxxxsadsasddytya\greprefs\all.js - pref("network.IDN.whitelist.lu", true); c:\program files\Mozilla Firetyfoxxxsadsasddytya\greprefs\all.js - pref("network.IDN.whitelist.nu", true); c:\program files\Mozilla Firetyfoxxxsadsasddytya\greprefs\all.js - pref("network.IDN.whitelist.nz", true); c:\program files\Mozilla Firetyfoxxxsadsasddytya\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\program files\Mozilla Firetyfoxxxsadsasddytya\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true); c:\program files\Mozilla Firetyfoxxxsadsasddytya\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true); c:\program files\Mozilla Firetyfoxxxsadsasddytya\greprefs\all.js - pref("network.IDN.whitelist.tel", true); c:\program files\Mozilla Firetyfoxxxsadsasddytya\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files\Mozilla Firetyfoxxxsadsasddytya\greprefs\all.js - pref("network.proxy.type", 5); c:\program files\Mozilla Firetyfoxxxsadsasddytya\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45); c:\program files\Mozilla Firetyfoxxxsadsasddytya\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files\Mozilla Firetyfoxxxsadsasddytya\greprefs\all.js - pref("accelerometer.enabled", true); c:\program files\Mozilla Firetyfoxxxsadsasddytya\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true); c:\program files\Mozilla Firetyfoxxxsadsasddytya\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program files\Mozilla Firetyfoxxxsadsasddytya\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program files\Mozilla Firetyfoxxxsadsasddytya\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\program files\Mozilla Firetyfoxxxsadsasddytya\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firetyfoxxxsadsasddytya\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firetyfoxxxsadsasddytya\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program files\Mozilla Firetyfoxxxsadsasddytya\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true); c:\program files\Mozilla Firetyfoxxxsadsasddytya\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true); c:\program files\Mozilla Firetyfoxxxsadsasddytya\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true); c:\program files\Mozilla Firetyfoxxxsadsasddytya\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true); c:\program files\Mozilla Firetyfoxxxsadsasddytya\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false); . - - - - USUNIĘTO PUSTE WPISY - - - - WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) MSConfigStartUp-FlashGet 3 - c:\program files\FlashGet Network\FlashGet 3\FlashGet3.exe MSConfigStartUp-HotbarSA - c:\program files\Hotbar\bin\11.0.175.0\HotbarSA.exe AddRemove-Adobe AIR - c:\program files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe AddRemove-Microsoft .NET Framework 2.0 - c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe AddRemove-NSS - c:\program files\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\2.7.0.52\InstStub.exe AddRemove-RegSupreme Pro_is1 - c:\program files\RegSupreme Pro\unins000.exe AddRemove-Tibia Auto - c:\program files\Tibia Auto\uninstall.exe AddRemove-Tibia_is1 - c:\program files\Tibia857\unins000.exe AddRemove-TMIPC - c:\program files\Asprate\Tibia Multi IP Changer\UNinstaller.exe AddRemove-{A1062847-0846-427A-92A1-BB8251A91E91} - c:\program files\HP\Digital Imaging\{A1062847-0846-427A-92A1-BB8251A91E91}\setup\hpzscr01.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-07-06 15:07 Windows 5.1.2600 Dodatek Service Pack 2 NTFS skanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ... skanowanie pomyślnie ukończone ukryte pliki: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ASFWHide] "ImagePath"="\??\c:\docume~1\zxcz\USTAWI~1\Temp\ASFWHide" [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EverestDriver] "ImagePath"="\??\c:\program files\Lavalys\EVEREST Corporate Edition\kerneld.wnt" . --------------------- ZABLOKOWANE KLUCZE REJESTRU --------------------- [HKEY_USERS\S-1-5-21-299502267-688789844-1060284298-1003\Software\Microsoft\Internet Explorer\MenuExt\使用快车3下载] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) @="c:\\Documents and Settings\\zxcz\\Dane aplikacji\\FlashGetBHO\\GetUrl.htm" "contexts"=dword:00000022 [HKEY_USERS\S-1-5-21-299502267-688789844-1060284298-1003\Software\Microsoft\Internet Explorer\MenuExt\使用快车3下载全部链接] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) @="c:\\Documents and Settings\\zxcz\\Dane aplikacji\\FlashGetBHO\\GetAllUrl.htm" "contexts"=dword:000000f3 . --------------------- Pliki DLL ładowane pod uruchomionymi procesami --------------------- - - - - - - - > 'explorer.exe'(1376) c:\windows\system32\msi.dll c:\program files\Gadu-Gadu\ggwhook.dll c:\windows\system32\WPDShServiceObj.dll c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_pol.nlr c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll c:\windows\system32\browselc.dll c:\program files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll . ------------------------ Pozostałe uruchomione procesy ------------------------ . c:\program files\Java\jre6\bin\jqs.exe c:\windows\system32\nvsvc32.exe c:\windows\system32\wscntfy.exe c:\windows\system32\RUNDLL32.EXE c:\documents and settings\zxcz\Ustawienia lokalne\Dane aplikacji\Google\Update\1.2.183.29\GoogleCrashHandler.exe c:\program files\Gadu-Gadu\gg.exe . ************************************************************************** . Czas ukończenia: 2010-07-06 15:18:28 - komputer został uruchomiony ponownie ComboFix-quarantined-files.txt 2010-07-06 13:18 Przed: 20 365 758 464 bajtów wolnych Po: 20 247 302 144 bajtów wolnych WindowsXP-KB310994-SP2-Pro-BootDisk-PLK.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn - - End Of File - - A84F914BDEE28A6B9DD4BDCE6A8D71DC

1. All processes killed ========== FILES ========== Unable to replace file: C:\WINDOWS\system32\ws2_32.dll with C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll without a reboot. C:\Program Files\Common Files\userInit.dll moved successfully. C:\Program Files\Common Files\logonInit.dll moved successfully. C:\WINDOWS\System32\secustat.dat moved successfully. C:\WINDOWS\System32\secushr.dat moved successfully. C:\autorun.inf moved successfully. ========== REGISTRY ========== Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LogonInit\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\rtyuoo deleted successfully. ========== COMMANDS ========== [EMPTYFLASH] User: All Users User: Default User ->Flash cache emptied: 0 bytes User: LocalService User: NetworkService User: zxcz ->Flash cache emptied: 22180 bytes Total Flash Files Cleaned = 0,00 mb [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: zxcz ->Temp folder emptied: 196858975 bytes ->Temporary Internet Files folder emptied: 80762 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 95552997 bytes ->Google Chrome cache emptied: 8404069 bytes ->Flash cache emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 2134112 bytes %systemroot%\System32 .tmp files removed: 2596 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 18600760 bytes RecycleBin emptied: 3027880240 bytes Total Files Cleaned = 3 194,00 mb OTL by OldTimer - Version 3.2.7.0 log created on 07062010_142946 Files\Folders moved on Reboot... Registry entries deleted on Reboot... 2. zrobione

Skan z SystemLook : SystemLook v1.0 by jpshortstuff (11.01.10) Log created at 08:52 on 06/07/2010 by zxcz (Administrator - Elevation successful) ========== filefind ========== Searching for "WS2_32.dll" C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll ------ 82944 bytes [13:37 19/02/2010] [23:44 03/08/2004] AB82237486B727DD7DAB36A76F38A3A2 C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\ws2_32.dll --a--- 82432 bytes [07:55 30/03/2010] [17:20 14/04/2008] C0AA2AB856680C44739B41E01F5BD4E9 C:\WINDOWS\system32\ws2_32.dll --a--- 83456 bytes [22:44 03/08/2004] [15:22 01/06/2010] 16C0372775B545DD17C20BCC055E7DA3 -=End Of File=-

W odpowiedzi dostałem : W takim razie czy mógłbyś mi podać te porty

Gdy już zdobędę hasło, wytłumaczysz mi co i jak z tym przekierowaniem portów?

1. Strona mikrotik, tak jakby strona polegająca na konfiguracji czegoś Jest 6 okienek : Winbox Winbox is the graphical configuration application for RouterOS. Download it, run it and connect to your router - all RouterOS functionality can be controlled with this application. Webbox webbox This is a web based configuration interface for RouterOS. Log in above to connect to this router - some of the most important RouterOS features can be controlled within this interface. Telnet Connect with telnet and you will have access to the command line interface of RouterOS, every function of RouterOS can be controlled with it. Graphs These graphs show you statistical information about your router's interfaces and the traffic that goes through them. Before you use Graphs, you have to configure them. Documentation We have written many tutorials, examples and manuals for RouterOS, all of which are available here on our homepage. If you get into trouble, you can always ask for technical support. i licencja 2. dokładnie ten http://tomcom.ca/catalog/images/RJ45.jpg 3. Z tego co wiem to leci to prostu do anteny na dachu, chociaż admin przy zakładaniu mi internetu mówił coś że w antenę jest wbudowany Router

Mam bezprzewodowy internet 5Gh, kabel od internetu idzie do anteny na dachu i później do nadajnika. Pisałem wiele razy w tej sprawie do admina, on mi mówi za każdym razem że zewnętrzny adres IP posiadam..

To ja dołączę się do tematu i podam moje serwery. [FFA]- 94.23.94.93:27016 [base Builder]- 94.23.94.93:27059 [DiabloMod]- 94.23.94.149:27055 [DeathRun]- 94.23.94.149:27047 [Zombie]- 91.200.35.180:27043 [surf]- 91.200.35.180:27051 [Aim/Awp]- 88.199.98.69:27018 Link do strony, można znaleźć odwiedzając mój profil

Nie jestem pewny co miałeś na myśli pisząc wynik.txt, dlatego wklejam screen konsoli : http://img191.imageshack.us/img191/9094/wynikea.jpg

Już się robi do 10 minut podam log http://wklej.org/id/360766/

Dziendobry, od jakiegoś czasu bawię się w takie rzeczy jak serwery www, serwery gier, ots tibia, stawiając je na własnym komputerze. Otóż, problem jest w tym miejscu że stawiam to przez XAMPa, i wszystko robiąc dobrze. Kiedy podaje komuś adres mojego ip, lub no-ip(bo mam zrobione) to strony, serwera nie szuka. Na localhost wszystko działa jak należy. Administrator mojej sieci zapewnia mnie na 100% że posiadam zewnętrzny adres IP, na różnych stronach na których można sprawdzić IP, to wygląda na zewnętrzne (88.208.106.140) Moje pytanie jest następujące. Dlaczego ludzie nie widzą mnie w sieci?! Skoro nawet sam administrator zapewnia mnie że posiadam zewnętrzny adres ip, i jestem na 100% pewny że wszystko robię prawidłowo. Posiadam internet z www.novos.pl

Dzień dobry, pisałem na innym forum, podaje link: hxxp://www.forum.tweaks.pl/LOG-Hijacks-t40001-pid-206364.html/page__gopid__206364#entry206364 Dodatkowo co jakiś czas rozłącza mi klawiature, wtyczki sprawne, próbowałem przełączać do innych gniazd to samo. Sądzę że to wina jakiegoś wirusa. I jeszcze gdy wyłączam komputer to gdy już jest przy czarnym ekranie i kursorze od myszki to się zacina i trzeba na listwie lub przycisku wyłączyć Logi: http://wklej.org/id/360261/ http://wklej.org/id/360263/ Proszę o szybką pomoc.