martinesq
-
Postów
95 -
Dołączył
-
Ostatnia wizyta
Odpowiedzi opublikowane przez martinesq
-
-
Nie wiem co by to miało zmienić, ale spróbowałem i wystąpił błąd :
Nie można uzyskać dostepu do uslugi instalatora windows. moze sie to zdarzyc jesli system dziala w trybie awaryjnym lub jesli instalator windows nie jest poprawnie zainstalowany
-
Dzieńodbry, dzisiaj zrobiłem sobie formata, i kiedy zainstalowałem sobie ventrilo, wchodze do niego i łącze się na serwer, później przechodzę do opcji poustawiać sobie wszystko, i zacina mi sie ventrillo, komp przycina, nie pomaga zamknięcie procesu ventrillo.exe. Raz dzieję się to zaraz po uruchomieniu kiedy indziej później. Próbowałem sciągać z różnych źródeł i nic nie pomaga. Wtedy tylko kompa muszę zresetować
-
Pomóżcie mi, zainstalowałem CLEO MOD, i sunbuilder. Kiedy to zrobiłem moja gra przestała działać, singeplayer działa a jak próbuje przez multiplayera wbić to wywala taki błąd. Przeinstalowalem na nowo grę, do innego folderu, sampa przeinstalowałem sciągnąłem gre z innego zródła i dalej to samo. POMOCY
http://img820.imageshack.us/img820/2785/zzzzzzzzzzzn.jpg
Proszę o pomoc, próbowałem nawet z innego konta, całkowite reinstalacje. Chyba będe musiał formata zrobić;//
-
DeviceUpperFilters N/A
DeviceLowerFilters N/A
Log z usuwania:
========== OTL ==========
Prefs.js: {AC57FCAF-E6FC-4BE9-ADC0-D00129C4C1E7}:1.0 removed from extensions.enabledItems
OTL by OldTimer - Version 3.2.7.0 log created on 07062010_174230
Nowy log z OTL:
OTL logfile created on: 2010-07-06 17:42:38 - Run 6
OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\zxcz\Moje dokumenty\Pobieranie
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
1 024,00 Mb Total Physical Memory | 709,00 Mb Available Physical Memory | 69,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 89,00% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 18,72 Gb Free Space | 25,12% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: JK-935C0E4A6427
Current User Name: zxcz
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010-07-04 18:38:36 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\zxcz\Moje dokumenty\Pobieranie\OTL.exe
PRC - [2010-06-15 07:13:18 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Documents and Settings\zxcz\Ustawienia lokalne\Dane aplikacji\Google\Update\1.2.183.29\GoogleCrashHandler.exe
PRC - [2010-06-10 17:00:20 | 000,741,376 | ---- | M] (SoftSphere Technologies) -- C:\Program Files\DefenseWall\defensewall.exe
PRC - [2010-03-19 15:26:42 | 000,163,840 | ---- | M] (SoftSphere Technologies) -- C:\WINDOWS\system32\defensewall_serv.exe
PRC - [2010-01-26 18:00:40 | 001,661,448 | R--- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\Identity Protection\agent\Bin\AVGIDSUI.exe
PRC - [2010-01-26 18:00:40 | 000,559,624 | R--- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\Identity Protection\agent\Bin\AVGIDSWatcher.exe
PRC - [2010-01-26 18:00:38 | 000,596,488 | R--- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\Identity Protection\agent\Bin\AVGIDSMonitor.exe
PRC - [2010-01-26 18:00:36 | 005,888,008 | R--- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\Identity Protection\agent\Bin\AVGIDSAgent.exe
PRC - [2005-03-31 11:18:49 | 000,790,528 | ---- | M] (sms-express.com) -- C:\Program Files\Gadu-Gadu\gg.exe
PRC - [2004-08-04 00:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004-04-01 11:52:06 | 001,368,064 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
========== Modules (SafeList) ==========
MOD - [2010-07-04 18:38:36 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\zxcz\Moje dokumenty\Pobieranie\OTL.exe
MOD - [2004-08-04 00:42:34 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2004-08-03 23:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - [2010-03-19 15:26:42 | 000,163,840 | ---- | M] (SoftSphere Technologies) [Auto | Running] -- C:\WINDOWS\system32\defensewall_serv.exe -- (defensewall_serv)
SRV - [2010-01-26 18:00:40 | 000,559,624 | R--- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\Identity Protection\agent\Bin\AVGIDSWatcher.exe -- (AVGIDSWatcher)
SRV - [2010-01-26 18:00:36 | 005,888,008 | R--- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\Identity Protection\agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010-01-26 13:41:08 | 000,652,800 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
========== Driver Services (SafeList) ==========
DRV - [2010-07-06 13:12:19 | 000,953,856 | ---- | M] (SoftSphere Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dwall.sys -- (dwall)
DRV - [2010-06-15 22:11:05 | 000,278,984 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2010-06-15 22:10:54 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010-03-30 20:04:53 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010-01-26 18:01:38 | 000,122,376 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Program Files\AVG\Identity Protection\agent\driver\platform_XP\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2010-01-26 18:01:38 | 000,026,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Program Files\AVG\Identity Protection\agent\driver\platform_XP\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2010-01-26 18:01:38 | 000,025,096 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\AVGIDSEH.sys -- (AVGIDSErHr)
DRV - [2010-01-26 18:01:36 | 000,030,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Program Files\AVG\Identity Protection\agent\driver\platform_XP\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2010-01-21 15:53:16 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009-12-30 12:30:56 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009-12-30 12:30:48 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009-12-30 12:30:48 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009-12-30 12:25:12 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2009-10-02 01:00:00 | 000,027,248 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavalys\EVEREST Corporate Edition\kerneld.wnt -- (EverestDriver)
DRV - [2009-06-30 10:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008-05-03 05:46:00 | 006,554,496 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2006-04-22 03:44:39 | 000,008,064 | ---- | M] (Elaborate Bytes AG) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2005-05-03 17:34:02 | 000,027,392 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2004-09-10 04:05:36 | 000,005,969 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Program Files\Anti Trojan Elite\ATEPMON.sys -- (ATE_PROCMON)
DRV - [2004-08-04 01:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2004-08-04 00:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM)
DRV - [2004-08-03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C)
DRV - [2004-08-03 23:03:36 | 000,088,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2004-04-26 10:49:56 | 000,381,056 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2003-09-25 18:00:00 | 000,174,530 | ---- | M] (OmniVision Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ov519vid.sys -- (ovt519)
DRV - [2002-09-20 11:53:34 | 000,235,100 | ---- | M] (Analog Devices Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MidiSyn.sys -- (MidiSyn)
DRV - [2002-07-27 19:01:06 | 000,005,306 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (TBPanel)
DRV - [2002-07-27 19:01:06 | 000,005,306 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (Cardex)
DRV - [2001-10-26 16:48:56 | 000,009,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NtApm.sys -- (NtApm)
DRV - [2001-08-17 22:02:32 | 000,008,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hidgame.sys -- (hidgame)
DRV - [2001-08-17 21:54:18 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2001-08-17 21:54:18 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: "Allegro"
FF - prefs.js..browser.startup.homepage: "http://www.google.pl"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..network.proxy.type: 0
FF - user.js..network.proxy.type: 0
FF - user.js..network.proxy.http: ""
FF - user.js..network.proxy.http_port: 0
FF - user.js..network.proxy.ssl: ""
FF - user.js..network.proxy.ssl_port: 0
FF - user.js..network.proxy.ftp: ""
FF - user.js..network.proxy.ftp_port: 0
FF - user.js..network.proxy.gopher: ""
FF - user.js..network.proxy.gopher_port: 0
FF - user.js..network.proxy.socks_version: 5
FF - user.js..network.proxy.socks: ""
FF - user.js..network.proxy.socks_port: 0
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firetyfoxxxsadsasddytya\components [2010-06-28 17:12:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firetyfoxxxsadsasddytya\plugins [2010-07-06 14:40:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010-03-21 17:13:46 | 000,000,000 | ---D | M]
[2010-02-19 14:58:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Extensions
[2010-07-06 17:09:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions
[2010-05-10 18:32:35 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010-03-13 18:21:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\illimitux@illimitux.net
O1 HOSTS File: ([2010-07-06 15:06:32 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.)
O4 - HKLM..\Run: [AVGIDS] C:\Program Files\AVG\Identity Protection\agent\bin\AVGIDSUI.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DefenseWall] C:\Program Files\DefenseWall\DefenseWall.exe (SoftSphere Technologies)
O4 - HKLM..\Run: [HitmanPro35] C:\Program Files\Hitman Pro 3.5\HitmanPro35.exe (SurfRight B.V.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://active.macromedia.com/flash2/cabs/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\zxcz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\zxcz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-02-18 23:12:22 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010-07-06 17:36:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\zxcz\Ustawienia lokalne\Dane aplikacji\DeviceRemover
[2010-07-06 17:35:42 | 000,000,000 | ---D | C] -- C:\Program Files\Device Remover
[2010-07-06 17:27:07 | 000,057,344 | ---- | C] ( ) -- C:\WINDOWS\System32\dwall_shell_1.dll
[2010-07-06 17:27:00 | 000,163,840 | ---- | C] (SoftSphere Technologies) -- C:\WINDOWS\System32\4C334B44_defensewall_serv.exe
[2010-07-06 17:26:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\zxcz\Dane aplikacji\DefenseWall HIPS
[2010-07-06 17:14:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG IDS
[2010-07-06 17:14:53 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2010-07-06 17:14:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Downloaded Installations
[2010-07-06 17:13:14 | 000,102,400 | ---- | C] (SoftSphere Technologies) -- C:\WINDOWS\System32\dwall_ext.dll
[2010-07-06 17:13:14 | 000,057,344 | ---- | C] (SoftSphere Technologies) -- C:\WINDOWS\System32\dwall_com.dll
[2010-07-06 17:13:14 | 000,057,344 | ---- | C] ( ) -- C:\WINDOWS\System32\dwall_shell.dll
[2010-07-06 17:13:14 | 000,053,248 | ---- | C] (SoftSphere Technologies) -- C:\WINDOWS\System32\dwall_lnk.dll
[2010-07-06 17:13:14 | 000,049,152 | ---- | C] (SoftSphere Technologies) -- C:\WINDOWS\System32\dwall.dll
[2010-07-06 17:13:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DefenseWall HIPS
[2010-07-06 17:13:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\DefenseWall HIPS
[2010-07-06 17:13:13 | 000,953,856 | ---- | C] (SoftSphere Technologies) -- C:\WINDOWS\System32\drivers\dwall.sys
[2010-07-06 17:13:13 | 000,163,840 | ---- | C] (SoftSphere Technologies) -- C:\WINDOWS\System32\defensewall_serv.exe
[2010-07-06 17:13:13 | 000,000,000 | ---D | C] -- C:\Program Files\DefenseWall
[2010-07-06 17:12:42 | 000,000,000 | ---D | C] -- C:\Program Files\Hitman Pro 3.5
[2010-07-06 17:12:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Hitman Pro
[2010-07-06 17:01:20 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2010-07-06 16:59:27 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010-07-06 14:58:41 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010-07-06 14:54:42 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010-07-06 14:54:42 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010-07-06 14:54:41 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010-07-06 14:54:41 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010-07-06 14:53:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010-07-06 14:51:46 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010-07-06 14:29:46 | 000,000,000 | ---D | C] -- C:\_OTL
[2010-07-06 11:03:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\zxcz\Moje dokumenty\GTA San Andreas User Files
[2010-07-04 14:26:45 | 000,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\NtApm.sys
[2010-07-03 10:49:50 | 000,000,000 | ---D | C] -- C:\Program Files\Anti Trojan Elite
[2010-07-03 10:45:04 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010-07-02 19:31:53 | 000,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies
[2010-07-02 19:31:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\AGEIA
[2010-07-02 19:31:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2010-06-22 18:56:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\zxcz\Moje dokumenty\KONAMI
[2010-06-22 18:29:28 | 000,000,000 | ---D | C] -- C:\Program Files\KONAMI
[2010-06-22 18:29:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\KONAMI
[2010-06-21 21:11:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2010-06-20 19:25:06 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010-06-20 19:25:06 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010-06-20 19:25:05 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010-06-20 19:25:05 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010-06-20 19:25:05 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010-06-19 21:23:37 | 000,000,000 | ---D | C] -- C:\Program Files\TVTool
[2010-06-17 22:26:24 | 000,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidgame.sys
[2010-06-16 15:57:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\zxcz\Moje dokumenty\THE SETTLERS - Rise of an Empire
[2010-06-15 20:57:09 | 000,000,000 | ---D | C] -- C:\Program Files\Ubisoft
[2010-06-15 20:55:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\DAEMON Tools Images
[2010-06-15 19:27:27 | 000,000,000 | R--D | C] -- C:\MSOCache
[2010-06-14 19:35:22 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2010-06-07 20:26:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\zxcz\Pulpit\bzzz
[2010-06-06 21:50:04 | 000,000,000 | ---D | C] -- C:\Program Files\Turbine
========== Files - Modified Within 30 Days ==========
[2010-07-06 17:27:25 | 000,016,968 | ---- | M] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2010-07-06 17:25:53 | 000,176,765 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010-07-06 17:25:37 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2010-07-06 17:25:02 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-07-06 17:24:55 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-07-06 17:24:45 | 1073,315,840 | -HS- | M] () -- C:\hiberfil.sys
[2010-07-06 17:24:44 | 000,000,000 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2010-07-06 17:18:42 | 006,029,312 | ---- | M] () -- C:\Documents and Settings\zxcz\ntuser.dat
[2010-07-06 17:18:24 | 000,000,292 | -HS- | M] () -- C:\Documents and Settings\zxcz\ntuser.ini
[2010-07-06 17:18:02 | 000,001,128 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-299502267-688789844-1060284298-1003UA.job
[2010-07-06 17:12:42 | 000,001,665 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Hitman Pro 3.5.lnk
[2010-07-06 16:46:29 | 000,056,637 | ---- | M] () -- C:\Documents and Settings\zxcz\Pulpit\bug.JPG
[2010-07-06 15:07:01 | 000,000,258 | ---- | M] () -- C:\WINDOWS\system.ini
[2010-07-06 15:06:32 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010-07-06 14:58:50 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010-07-06 13:12:19 | 000,953,856 | ---- | M] (SoftSphere Technologies) -- C:\WINDOWS\System32\drivers\dwall.sys
[2010-07-06 12:34:54 | 000,066,915 | ---- | M] () -- C:\Documents and Settings\zxcz\Pulpit\stats.JPG
[2010-07-06 09:14:22 | 000,005,992 | ---- | M] () -- C:\Documents and Settings\zxcz\Pulpit\avatar.jpg
[2010-07-06 09:06:35 | 000,189,461 | ---- | M] () -- C:\Documents and Settings\zxcz\Pulpit\download.JPG
[2010-07-04 23:22:33 | 000,000,911 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-07-04 23:22:33 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010-07-04 19:35:37 | 000,020,480 | ---- | M] () -- C:\WINDOWS\System32\H@tKeysH@@k.DLL
[2010-07-03 18:25:46 | 000,053,248 | ---- | M] (SoftSphere Technologies) -- C:\WINDOWS\System32\dwall_lnk.dll
[2010-07-03 11:57:49 | 000,014,848 | ---- | M] () -- C:\WINDOWS\System32\BASSMOD.dll
[2010-07-03 07:18:00 | 000,001,076 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-299502267-688789844-1060284298-1003Core.job
[2010-07-01 21:15:28 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\zxcz\Pulpit\TVTool.lnk
[2010-07-01 21:09:41 | 000,000,008 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
[2010-07-01 14:17:20 | 001,576,722 | -H-- | M] () -- C:\Documents and Settings\zxcz\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-06-28 18:05:57 | 000,057,344 | ---- | M] (SoftSphere Technologies) -- C:\WINDOWS\System32\dwall_com.dll
[2010-06-26 13:20:13 | 000,163,840 | ---- | M] (SoftSphere Technologies) -- C:\WINDOWS\System32\4C334B44_defensewall_serv.exe
[2010-06-22 21:15:12 | 000,019,456 | ---- | M] () -- C:\Documents and Settings\zxcz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-06-22 09:04:44 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-06-21 12:23:36 | 000,044,984 | ---- | M] () -- C:\Documents and Settings\zxcz\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-06-21 09:03:35 | 000,198,552 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-06-20 19:24:45 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010-06-20 19:24:45 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010-06-20 19:24:45 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010-06-20 19:24:45 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010-06-20 19:24:45 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010-06-16 06:33:53 | 000,000,754 | ---- | M] () -- C:\WINDOWS\WORDPAD.INI
[2010-06-15 22:12:17 | 000,001,938 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\THE SETTLERS - Narodziny Imperium.lnk
[2010-06-15 22:11:05 | 000,278,984 | ---- | M] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2010-06-15 22:10:54 | 000,025,416 | ---- | M] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
========== Files Created - No Company Name ==========
[2010-07-06 17:13:14 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\dwall_wamp.dll
[2010-07-06 17:13:14 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\dwall_excel.dll
[2010-07-06 17:13:14 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\dwall_service.dll
[2010-07-06 17:13:14 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\dwall_ldr.dll
[2010-07-06 17:12:51 | 000,016,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2010-07-06 17:12:42 | 000,001,665 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Hitman Pro 3.5.lnk
[2010-07-06 16:46:29 | 000,056,637 | ---- | C] () -- C:\Documents and Settings\zxcz\Pulpit\bug.JPG
[2010-07-06 14:58:50 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010-07-06 14:58:47 | 000,262,400 | ---- | C] () -- C:\cmldr
[2010-07-06 14:54:42 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010-07-06 14:54:42 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010-07-06 14:54:42 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010-07-06 14:54:41 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010-07-06 14:54:41 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010-07-06 12:34:53 | 000,066,915 | ---- | C] () -- C:\Documents and Settings\zxcz\Pulpit\stats.JPG
[2010-07-06 09:14:21 | 000,005,992 | ---- | C] () -- C:\Documents and Settings\zxcz\Pulpit\avatar.jpg
[2010-07-06 09:06:34 | 000,189,461 | ---- | C] () -- C:\Documents and Settings\zxcz\Pulpit\download.JPG
[2010-07-04 19:35:37 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\H@tKeysH@@k.DLL
[2010-07-03 11:54:51 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2010-07-01 21:15:28 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\zxcz\Pulpit\TVTool.lnk
[2010-06-20 11:07:23 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat
[2010-06-15 22:12:17 | 000,001,938 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\THE SETTLERS - Narodziny Imperium.lnk
[2010-06-15 22:11:04 | 000,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2010-06-15 22:10:54 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2010-06-06 17:42:25 | 000,000,025 | ---- | C] () -- C:\WINDOWS\libem.INI
[2010-06-03 11:14:58 | 001,867,776 | ---- | C] () -- C:\WINDOWS\System32\python24.dll
[2010-05-29 19:25:59 | 000,000,280 | ---- | C] () -- C:\WINDOWS\game.ini
[2010-05-11 20:32:38 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2010-03-30 20:04:52 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010-03-28 13:49:56 | 000,000,023 | -HS- | C] () -- C:\WINDOWS\System32\cedddcd9_d.dll
[2010-03-14 19:07:54 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2010-03-06 20:02:14 | 001,867,776 | ---- | C] () -- C:\WINDOWS\python24.dll
[2010-02-19 17:21:07 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010-02-19 17:21:07 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010-02-19 17:21:04 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2010-02-19 17:21:01 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010-02-19 17:21:01 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2010-02-19 16:01:15 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009-08-03 00:21:54 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2009-08-03 00:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2009-08-03 00:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2005-12-10 03:06:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2005-12-10 03:06:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2005-12-10 03:06:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2005-12-10 03:06:00 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2005-12-10 03:06:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2005-12-10 03:06:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2004-07-17 11:36:38 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2003-04-08 11:40:22 | 000,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
========== Alternate Data Streams ==========
@Alternate Data Stream - 286 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:6BE50C2B
< End of report >
-
pierwszy log
========== OTL ==========
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
Prefs.js: "XfireXO Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2304157&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl
Prefs.js: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.10.2 removed from extensions.enabledItems
Prefs.js: {DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}:1.0 removed from extensions.enabledItems
Prefs.js: DTToolbar@toolbarnet.com:1.1.2.0185 removed from extensions.enabledItems
Prefs.js: {AC57FCAF-E6FC-4BE9-ADC0-D00129C4C1E7}:1.0 removed from extensions.enabledItems
Prefs.js: {5e5ab302-7f65-44cd-8211-c1d4caaccea3}:2.6.0.15 removed from extensions.enabledItems
Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2304157&q=" removed from keyword.URL
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2670000A-7350-4f3c-8081-5663EE0C6C49}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2670000A-7350-4f3c-8081-5663EE0C6C49}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:rmparite.nt deleted successfully.
Service catchme stopped successfully!
Service catchme deleted successfully!
========== FILES ==========
C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components folder moved successfully.
C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\chrome folder moved successfully.
C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f} folder moved successfully.
C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}\META-INF folder moved successfully.
C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}\components folder moved successfully.
C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}\chrome folder moved successfully.
C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A} folder moved successfully.
C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}\searchplugin folder moved successfully.
C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}\META-INF folder moved successfully.
C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}\lib folder moved successfully.
C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}\defaults folder moved successfully.
C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}\components folder moved successfully.
C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}\chrome folder moved successfully.
C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3} folder moved successfully.
C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\DTToolbar@toolbarnet.com\components\Resources folder moved successfully.
C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\DTToolbar@toolbarnet.com\components folder moved successfully.
C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\DTToolbar@toolbarnet.com\chrome folder moved successfully.
C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\DTToolbar@toolbarnet.com folder moved successfully.
C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\searchplugins\askcom.xml moved successfully.
C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\searchplugins\conduit.xml moved successfully.
C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\searchplugins\daemon-search.xml moved successfully.
C:\WINDOWS\System32\xvidvfw.dll moved successfully.
C:\WINDOWS\System32\xvidcore.dll moved successfully.
C:\WINDOWS\System32\ac3acm.acm moved successfully.
OTL by OldTimer - Version 3.2.7.0 log created on 07062010_165754
drugi log
OTL logfile created on: 2010-07-06 17:01:50 - Run 5
OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\zxcz\Moje dokumenty\Pobieranie
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
1 024,00 Mb Total Physical Memory | 656,00 Mb Available Physical Memory | 64,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 18,82 Gb Free Space | 25,26% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: JK-935C0E4A6427
Current User Name: zxcz
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010-07-04 18:38:36 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\zxcz\Moje dokumenty\Pobieranie\OTL.exe
PRC - [2010-06-27 14:43:38 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firetyfoxxxsadsasddytya\firefox.exe
PRC - [2010-06-15 07:13:18 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Documents and Settings\zxcz\Ustawienia lokalne\Dane aplikacji\Google\Update\1.2.183.29\GoogleCrashHandler.exe
PRC - [2004-08-04 00:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004-04-01 11:52:06 | 001,368,064 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
========== Modules (SafeList) ==========
MOD - [2010-07-04 18:38:36 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\zxcz\Moje dokumenty\Pobieranie\OTL.exe
MOD - [2009-09-14 12:45:36 | 000,929,792 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\NGSCM.dll
MOD - [2009-08-13 15:56:27 | 001,748,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll
MOD - [2009-07-12 02:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
MOD - [2009-07-12 02:09:20 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll
MOD - [2009-05-25 11:56:40 | 000,613,888 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
MOD - [2009-03-11 14:00:40 | 000,029,184 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_pol.NLR
MOD - [2008-08-25 08:23:04 | 000,573,440 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.NGR
MOD - [2004-08-04 00:42:34 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2004-08-03 23:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - [2010-01-26 13:41:08 | 000,652,800 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
========== Driver Services (SafeList) ==========
DRV - [2010-06-15 22:11:05 | 000,278,984 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2010-06-15 22:10:54 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010-03-30 20:04:53 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010-01-21 15:53:16 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009-12-30 12:30:56 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009-12-30 12:30:48 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009-12-30 12:30:48 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009-12-30 12:25:12 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2009-10-02 01:00:00 | 000,027,248 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavalys\EVEREST Corporate Edition\kerneld.wnt -- (EverestDriver)
DRV - [2009-06-30 10:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008-05-03 05:46:00 | 006,554,496 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2006-04-22 03:44:39 | 000,008,064 | ---- | M] (Elaborate Bytes AG) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2005-05-03 17:34:02 | 000,027,392 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2004-09-10 04:05:36 | 000,005,969 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Program Files\Anti Trojan Elite\ATEPMON.sys -- (ATE_PROCMON)
DRV - [2004-08-04 01:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2004-08-04 00:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM)
DRV - [2004-08-03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C)
DRV - [2004-08-03 23:03:36 | 000,088,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2004-04-26 10:49:56 | 000,381,056 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2003-09-25 18:00:00 | 000,174,530 | ---- | M] (OmniVision Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ov519vid.sys -- (ovt519)
DRV - [2002-09-20 11:53:34 | 000,235,100 | ---- | M] (Analog Devices Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MidiSyn.sys -- (MidiSyn)
DRV - [2002-07-27 19:01:06 | 000,005,306 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (TBPanel)
DRV - [2002-07-27 19:01:06 | 000,005,306 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (Cardex)
DRV - [2001-10-26 16:48:56 | 000,009,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NtApm.sys -- (NtApm)
DRV - [2001-08-17 22:02:32 | 000,008,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hidgame.sys -- (hidgame)
DRV - [2001-08-17 21:54:18 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2001-08-17 21:54:18 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" =
========== FireFox ==========
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: "Allegro"
FF - prefs.js..browser.startup.homepage: "http://www.google.pl"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.5.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {AC57FCAF-E6FC-4BE9-ADC0-D00129C4C1E7}:1.0
FF - prefs.js..network.proxy.type: 0
FF - user.js..network.proxy.type: 0
FF - user.js..network.proxy.http: ""
FF - user.js..network.proxy.http_port: 0
FF - user.js..network.proxy.ssl: ""
FF - user.js..network.proxy.ssl_port: 0
FF - user.js..network.proxy.ftp: ""
FF - user.js..network.proxy.ftp_port: 0
FF - user.js..network.proxy.gopher: ""
FF - user.js..network.proxy.gopher_port: 0
FF - user.js..network.proxy.socks_version: 5
FF - user.js..network.proxy.socks: ""
FF - user.js..network.proxy.socks_port: 0
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firetyfoxxxsadsasddytya\components [2010-06-28 17:12:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firetyfoxxxsadsasddytya\plugins [2010-07-06 14:40:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010-03-21 17:13:46 | 000,000,000 | ---D | M]
[2010-02-19 14:58:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Extensions
[2010-07-06 16:58:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions
[2010-05-09 13:14:12 | 000,000,000 | ---D | M] (Easy Youtube Video Downloader) -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}
[2010-05-10 18:32:35 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010-03-13 18:21:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\illimitux@illimitux.net
[2010-05-10 18:32:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\personas@christopher.beard
O1 HOSTS File: ([2010-07-06 15:06:32 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://active.macromedia.com/flash2/cabs/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\zxcz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\zxcz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-02-18 23:12:22 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010-07-06 17:01:20 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2010-07-06 16:59:27 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010-07-06 14:58:41 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010-07-06 14:54:42 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010-07-06 14:54:42 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010-07-06 14:54:41 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010-07-06 14:54:41 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010-07-06 14:53:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010-07-06 14:51:46 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010-07-06 14:29:46 | 000,000,000 | ---D | C] -- C:\_OTL
[2010-07-06 11:03:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\zxcz\Moje dokumenty\GTA San Andreas User Files
[2010-07-04 14:26:45 | 000,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\NtApm.sys
[2010-07-03 10:49:50 | 000,000,000 | ---D | C] -- C:\Program Files\Anti Trojan Elite
[2010-07-03 10:45:04 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010-07-02 19:31:53 | 000,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies
[2010-07-02 19:31:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\AGEIA
[2010-07-02 19:31:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2010-06-22 18:56:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\zxcz\Moje dokumenty\KONAMI
[2010-06-22 18:29:28 | 000,000,000 | ---D | C] -- C:\Program Files\KONAMI
[2010-06-22 18:29:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\KONAMI
[2010-06-21 21:11:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2010-06-20 19:25:06 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010-06-20 19:25:06 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010-06-20 19:25:05 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010-06-20 19:25:05 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010-06-20 19:25:05 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010-06-19 21:23:37 | 000,000,000 | ---D | C] -- C:\Program Files\TVTool
[2010-06-17 22:26:24 | 000,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidgame.sys
[2010-06-16 15:57:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\zxcz\Moje dokumenty\THE SETTLERS - Rise of an Empire
[2010-06-15 20:57:09 | 000,000,000 | ---D | C] -- C:\Program Files\Ubisoft
[2010-06-15 20:55:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\DAEMON Tools Images
[2010-06-15 19:27:27 | 000,000,000 | R--D | C] -- C:\MSOCache
[2010-06-14 19:35:22 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2010-06-07 20:26:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\zxcz\Pulpit\bzzz
[2010-06-06 21:50:04 | 000,000,000 | ---D | C] -- C:\Program Files\Turbine
[2010-06-06 17:44:03 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2010-06-06 17:42:33 | 000,000,000 | ---D | C] -- C:\Downloads
[2010-06-06 17:42:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\zxcz\Dane aplikacji\FlashGet
========== Files - Modified Within 30 Days ==========
[2010-07-06 16:55:51 | 000,176,765 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010-07-06 16:55:47 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2010-07-06 16:55:26 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-07-06 16:55:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-07-06 16:55:14 | 1073,315,840 | -HS- | M] () -- C:\hiberfil.sys
[2010-07-06 16:55:10 | 000,000,000 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2010-07-06 16:46:29 | 000,056,637 | ---- | M] () -- C:\Documents and Settings\zxcz\Pulpit\bug.JPG
[2010-07-06 16:18:03 | 000,001,128 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-299502267-688789844-1060284298-1003UA.job
[2010-07-06 15:07:01 | 000,000,258 | ---- | M] () -- C:\WINDOWS\system.ini
[2010-07-06 15:06:32 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010-07-06 15:05:15 | 006,029,312 | ---- | M] () -- C:\Documents and Settings\zxcz\ntuser.dat
[2010-07-06 15:05:15 | 000,000,292 | -HS- | M] () -- C:\Documents and Settings\zxcz\ntuser.ini
[2010-07-06 14:58:50 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010-07-06 12:34:54 | 000,066,915 | ---- | M] () -- C:\Documents and Settings\zxcz\Pulpit\stats.JPG
[2010-07-06 09:14:22 | 000,005,992 | ---- | M] () -- C:\Documents and Settings\zxcz\Pulpit\avatar.jpg
[2010-07-06 09:06:35 | 000,189,461 | ---- | M] () -- C:\Documents and Settings\zxcz\Pulpit\download.JPG
[2010-07-04 23:22:33 | 000,000,911 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-07-04 23:22:33 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010-07-04 19:35:37 | 000,020,480 | ---- | M] () -- C:\WINDOWS\System32\H@tKeysH@@k.DLL
[2010-07-03 11:57:49 | 000,014,848 | ---- | M] () -- C:\WINDOWS\System32\BASSMOD.dll
[2010-07-03 07:18:00 | 000,001,076 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-299502267-688789844-1060284298-1003Core.job
[2010-07-01 21:15:28 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\zxcz\Pulpit\TVTool.lnk
[2010-07-01 21:09:41 | 000,000,008 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
[2010-07-01 14:17:20 | 001,576,722 | -H-- | M] () -- C:\Documents and Settings\zxcz\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-06-22 21:15:12 | 000,019,456 | ---- | M] () -- C:\Documents and Settings\zxcz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-06-22 09:04:44 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-06-21 12:23:36 | 000,044,984 | ---- | M] () -- C:\Documents and Settings\zxcz\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-06-21 09:03:35 | 000,198,552 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-06-20 19:24:45 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010-06-20 19:24:45 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010-06-20 19:24:45 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010-06-20 19:24:45 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010-06-20 19:24:45 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010-06-16 06:33:53 | 000,000,754 | ---- | M] () -- C:\WINDOWS\WORDPAD.INI
[2010-06-15 22:12:17 | 000,001,938 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\THE SETTLERS - Narodziny Imperium.lnk
[2010-06-15 22:11:05 | 000,278,984 | ---- | M] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2010-06-15 22:10:54 | 000,025,416 | ---- | M] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2010-06-06 17:42:25 | 000,000,025 | ---- | M] () -- C:\WINDOWS\libem.INI
========== Files Created - No Company Name ==========
[2010-07-06 16:46:29 | 000,056,637 | ---- | C] () -- C:\Documents and Settings\zxcz\Pulpit\bug.JPG
[2010-07-06 14:58:50 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010-07-06 14:58:47 | 000,262,400 | ---- | C] () -- C:\cmldr
[2010-07-06 14:54:42 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010-07-06 14:54:42 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010-07-06 14:54:42 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010-07-06 14:54:41 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010-07-06 14:54:41 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010-07-06 12:34:53 | 000,066,915 | ---- | C] () -- C:\Documents and Settings\zxcz\Pulpit\stats.JPG
[2010-07-06 09:14:21 | 000,005,992 | ---- | C] () -- C:\Documents and Settings\zxcz\Pulpit\avatar.jpg
[2010-07-06 09:06:34 | 000,189,461 | ---- | C] () -- C:\Documents and Settings\zxcz\Pulpit\download.JPG
[2010-07-04 19:35:37 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\H@tKeysH@@k.DLL
[2010-07-03 11:54:51 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2010-07-01 21:15:28 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\zxcz\Pulpit\TVTool.lnk
[2010-06-20 11:07:23 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat
[2010-06-15 22:12:17 | 000,001,938 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\THE SETTLERS - Narodziny Imperium.lnk
[2010-06-15 22:11:04 | 000,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2010-06-15 22:10:54 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2010-06-06 17:42:25 | 000,000,025 | ---- | C] () -- C:\WINDOWS\libem.INI
[2010-06-03 11:14:58 | 001,867,776 | ---- | C] () -- C:\WINDOWS\System32\python24.dll
[2010-05-29 19:25:59 | 000,000,280 | ---- | C] () -- C:\WINDOWS\game.ini
[2010-05-11 20:32:38 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2010-03-30 20:04:52 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010-03-28 13:49:56 | 000,000,023 | -HS- | C] () -- C:\WINDOWS\System32\cedddcd9_d.dll
[2010-03-14 19:07:54 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2010-03-06 20:02:14 | 001,867,776 | ---- | C] () -- C:\WINDOWS\python24.dll
[2010-02-19 17:21:07 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010-02-19 17:21:07 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010-02-19 17:21:04 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2010-02-19 17:21:01 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010-02-19 17:21:01 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2010-02-19 16:01:15 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009-08-03 00:21:54 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2009-08-03 00:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2009-08-03 00:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2005-12-10 03:06:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2005-12-10 03:06:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2005-12-10 03:06:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2005-12-10 03:06:00 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2005-12-10 03:06:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2005-12-10 03:06:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2004-07-17 11:36:38 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2003-04-08 11:40:22 | 000,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
========== Alternate Data Streams ==========
@Alternate Data Stream - 286 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:6BE50C2B
< End of report >
-
OTL logfile created on: 2010-07-06 16:34:30 - Run 4
OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\zxcz\Moje dokumenty\Pobieranie
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
1 024,00 Mb Total Physical Memory | 523,00 Mb Available Physical Memory | 51,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 18,85 Gb Free Space | 25,30% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: JK-935C0E4A6427
Current User Name: zxcz
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010-07-04 18:38:36 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\zxcz\Moje dokumenty\Pobieranie\OTL.exe
PRC - [2010-06-27 14:43:40 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firetyfoxxxsadsasddytya\plugin-container.exe
PRC - [2010-06-27 14:43:38 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firetyfoxxxsadsasddytya\firefox.exe
PRC - [2010-06-15 07:13:18 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Documents and Settings\zxcz\Ustawienia lokalne\Dane aplikacji\Google\Update\1.2.183.29\GoogleCrashHandler.exe
PRC - [2005-03-31 11:18:49 | 000,790,528 | ---- | M] (sms-express.com) -- C:\Program Files\Gadu-Gadu\gg.exe
PRC - [2004-08-04 00:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004-04-01 11:52:06 | 001,368,064 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
========== Modules (SafeList) ==========
MOD - [2010-07-04 18:38:36 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\zxcz\Moje dokumenty\Pobieranie\OTL.exe
MOD - [2004-08-04 00:42:34 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2004-08-03 23:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2000-07-07 18:42:56 | 000,032,768 | ---- | M] () -- C:\Program Files\Gadu-Gadu\ggwhook.dll
========== Win32 Services (SafeList) ==========
SRV - [2010-01-26 13:41:08 | 000,652,800 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme)
DRV - [2010-06-15 22:11:05 | 000,278,984 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2010-06-15 22:10:54 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010-03-30 20:04:53 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010-01-21 15:53:16 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009-12-30 12:30:56 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009-12-30 12:30:48 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009-12-30 12:30:48 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009-12-30 12:25:12 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2009-10-02 01:00:00 | 000,027,248 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavalys\EVEREST Corporate Edition\kerneld.wnt -- (EverestDriver)
DRV - [2009-06-30 10:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008-05-03 05:46:00 | 006,554,496 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2006-04-22 03:44:39 | 000,008,064 | ---- | M] (Elaborate Bytes AG) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2005-05-03 17:34:02 | 000,027,392 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2004-09-10 04:05:36 | 000,005,969 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Program Files\Anti Trojan Elite\ATEPMON.sys -- (ATE_PROCMON)
DRV - [2004-08-04 01:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2004-08-04 00:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM)
DRV - [2004-08-03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C)
DRV - [2004-08-03 23:03:36 | 000,088,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2004-04-26 10:49:56 | 000,381,056 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2003-09-25 18:00:00 | 000,174,530 | ---- | M] (OmniVision Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ov519vid.sys -- (ovt519)
DRV - [2002-09-20 11:53:34 | 000,235,100 | ---- | M] (Analog Devices Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MidiSyn.sys -- (MidiSyn)
DRV - [2002-07-27 19:01:06 | 000,005,306 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (TBPanel)
DRV - [2002-07-27 19:01:06 | 000,005,306 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (Cardex)
DRV - [2001-10-26 16:48:56 | 000,009,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NtApm.sys -- (NtApm)
DRV - [2001-08-17 22:02:32 | 000,008,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hidgame.sys -- (hidgame)
DRV - [2001-08-17 21:54:18 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2001-08-17 21:54:18 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.flashget.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = plimus.com,www.plimus.com,regnow.com,www.regnow.com,
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = socks=
========== FireFox ==========
FF - prefs.js..browser.search.defaultthis.engineName: "XfireXO Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2304157&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Allegro"
FF - prefs.js..browser.startup.homepage: "http://www.google.pl"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.5.3
FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.10.2
FF - prefs.js..extensions.enabledItems: {5e5ab302-7f65-44cd-8211-c1d4caaccea3}:2.6.0.15
FF - prefs.js..extensions.enabledItems: {DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}:1.0
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {AC57FCAF-E6FC-4BE9-ADC0-D00129C4C1E7}:1.0
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2304157&q="
FF - prefs.js..network.proxy.backup.ftp: ""
FF - prefs.js..network.proxy.backup.ftp_port: 0
FF - prefs.js..network.proxy.backup.gopher: ""
FF - prefs.js..network.proxy.backup.gopher_port: 0
FF - prefs.js..network.proxy.backup.socks: ""
FF - prefs.js..network.proxy.backup.socks_port: 0
FF - prefs.js..network.proxy.backup.ssl: ""
FF - prefs.js..network.proxy.backup.ssl_port: 0
FF - prefs.js..network.proxy.no_proxies_on: ""
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.type: 0
FF - user.js..network.proxy.type: 0
FF - user.js..network.proxy.http: ""
FF - user.js..network.proxy.http_port: 0
FF - user.js..network.proxy.ssl: ""
FF - user.js..network.proxy.ssl_port: 0
FF - user.js..network.proxy.ftp: ""
FF - user.js..network.proxy.ftp_port: 0
FF - user.js..network.proxy.gopher: ""
FF - user.js..network.proxy.gopher_port: 0
FF - user.js..network.proxy.socks_version: 5
FF - user.js..network.proxy.socks: ""
FF - user.js..network.proxy.socks_port: 0
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firetyfoxxxsadsasddytya\components [2010-06-28 17:12:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firetyfoxxxsadsasddytya\plugins [2010-07-06 14:40:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010-03-21 17:13:46 | 000,000,000 | ---D | M]
[2010-02-19 14:58:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Extensions
[2010-07-06 15:28:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions
[2010-03-28 19:47:34 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2010-05-30 15:42:46 | 000,000,000 | ---D | M] (XfireXO Toolbar) -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
[2010-05-09 13:14:12 | 000,000,000 | ---D | M] (Easy Youtube Video Downloader) -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}
[2010-05-10 18:32:35 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010-06-06 17:42:33 | 000,000,000 | ---D | M] (flashget3 Extension) -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}
[2010-06-14 19:35:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\DTToolbar@toolbarnet.com
[2010-03-13 18:21:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\illimitux@illimitux.net
[2010-05-10 18:32:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\personas@christopher.beard
[2010-05-26 15:18:50 | 000,002,333 | ---- | M] () -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\searchplugins\askcom.xml
[2010-04-21 12:06:36 | 000,000,917 | ---- | M] () -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\searchplugins\conduit.xml
[2010-03-30 20:05:09 | 000,002,055 | ---- | M] () -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\searchplugins\daemon-search.xml
O1 HOSTS File: ([2010-07-06 15:06:32 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll File not found
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://active.macromedia.com/flash2/cabs/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\zxcz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\zxcz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-02-18 23:12:22 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (rmparite.nt) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010-07-06 14:58:41 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010-07-06 14:54:42 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010-07-06 14:54:42 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010-07-06 14:54:41 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010-07-06 14:54:41 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010-07-06 14:53:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010-07-06 14:51:46 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010-07-06 14:29:46 | 000,000,000 | ---D | C] -- C:\_OTL
[2010-07-06 11:03:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\zxcz\Moje dokumenty\GTA San Andreas User Files
[2010-07-04 14:26:45 | 000,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\NtApm.sys
[2010-07-03 10:49:50 | 000,000,000 | ---D | C] -- C:\Program Files\Anti Trojan Elite
[2010-07-03 10:45:04 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010-07-02 19:31:53 | 000,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies
[2010-07-02 19:31:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\AGEIA
[2010-07-02 19:31:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2010-06-22 18:56:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\zxcz\Moje dokumenty\KONAMI
[2010-06-22 18:29:28 | 000,000,000 | ---D | C] -- C:\Program Files\KONAMI
[2010-06-22 18:29:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\KONAMI
[2010-06-21 21:11:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2010-06-20 19:25:06 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010-06-20 19:25:06 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010-06-20 19:25:05 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010-06-20 19:25:05 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010-06-20 19:25:05 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010-06-19 21:23:37 | 000,000,000 | ---D | C] -- C:\Program Files\TVTool
[2010-06-17 22:26:24 | 000,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidgame.sys
[2010-06-16 15:57:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\zxcz\Moje dokumenty\THE SETTLERS - Rise of an Empire
[2010-06-15 20:57:09 | 000,000,000 | ---D | C] -- C:\Program Files\Ubisoft
[2010-06-15 20:55:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\DAEMON Tools Images
[2010-06-15 19:27:27 | 000,000,000 | R--D | C] -- C:\MSOCache
[2010-06-14 19:35:22 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2010-06-07 20:26:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\zxcz\Pulpit\bzzz
[2010-06-06 21:50:04 | 000,000,000 | ---D | C] -- C:\Program Files\Turbine
[2010-06-06 17:44:03 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2010-06-06 17:42:33 | 000,000,000 | ---D | C] -- C:\Downloads
[2010-06-06 17:42:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\zxcz\Dane aplikacji\FlashGet
========== Files - Modified Within 30 Days ==========
[2010-07-06 16:18:03 | 000,001,128 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-299502267-688789844-1060284298-1003UA.job
[2010-07-06 15:07:09 | 000,176,765 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010-07-06 15:07:01 | 000,000,258 | ---- | M] () -- C:\WINDOWS\system.ini
[2010-07-06 15:06:32 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010-07-06 15:06:22 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2010-07-06 15:06:07 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-07-06 15:06:02 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-07-06 15:05:56 | 1073,315,840 | -HS- | M] () -- C:\hiberfil.sys
[2010-07-06 15:05:15 | 006,029,312 | ---- | M] () -- C:\Documents and Settings\zxcz\ntuser.dat
[2010-07-06 15:05:15 | 000,000,292 | -HS- | M] () -- C:\Documents and Settings\zxcz\ntuser.ini
[2010-07-06 14:58:50 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010-07-06 12:34:54 | 000,066,915 | ---- | M] () -- C:\Documents and Settings\zxcz\Pulpit\stats.JPG
[2010-07-06 09:14:22 | 000,005,992 | ---- | M] () -- C:\Documents and Settings\zxcz\Pulpit\avatar.jpg
[2010-07-06 09:06:35 | 000,189,461 | ---- | M] () -- C:\Documents and Settings\zxcz\Pulpit\download.JPG
[2010-07-04 23:22:33 | 000,000,911 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-07-04 23:22:33 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010-07-04 19:35:37 | 000,020,480 | ---- | M] () -- C:\WINDOWS\System32\H@tKeysH@@k.DLL
[2010-07-03 11:57:49 | 000,014,848 | ---- | M] () -- C:\WINDOWS\System32\BASSMOD.dll
[2010-07-03 07:18:00 | 000,001,076 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-299502267-688789844-1060284298-1003Core.job
[2010-07-01 21:15:28 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\zxcz\Pulpit\TVTool.lnk
[2010-07-01 21:09:41 | 000,000,008 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
[2010-07-01 14:17:20 | 001,576,722 | -H-- | M] () -- C:\Documents and Settings\zxcz\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-06-22 21:15:12 | 000,019,456 | ---- | M] () -- C:\Documents and Settings\zxcz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-06-22 09:04:44 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-06-21 12:23:36 | 000,044,984 | ---- | M] () -- C:\Documents and Settings\zxcz\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-06-21 09:03:35 | 000,198,552 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-06-20 19:24:45 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010-06-20 19:24:45 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010-06-20 19:24:45 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010-06-20 19:24:45 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010-06-20 19:24:45 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010-06-20 11:54:51 | 000,000,484 | ---- | M] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010-06-20 11:54:51 | 000,000,484 | ---- | M] () -- C:\WINDOWS\System32\xvidcore.dll
[2010-06-20 11:54:51 | 000,000,484 | ---- | M] () -- C:\WINDOWS\System32\ac3acm.acm
[2010-06-16 08:29:42 | 000,000,000 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2010-06-16 06:33:53 | 000,000,754 | ---- | M] () -- C:\WINDOWS\WORDPAD.INI
[2010-06-15 22:12:17 | 000,001,938 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\THE SETTLERS - Narodziny Imperium.lnk
[2010-06-15 22:11:05 | 000,278,984 | ---- | M] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2010-06-15 22:10:54 | 000,025,416 | ---- | M] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2010-06-06 17:42:25 | 000,000,025 | ---- | M] () -- C:\WINDOWS\libem.INI
========== Files Created - No Company Name ==========
[2010-07-06 14:58:50 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010-07-06 14:58:47 | 000,262,400 | ---- | C] () -- C:\cmldr
[2010-07-06 14:54:42 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010-07-06 14:54:42 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010-07-06 14:54:42 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010-07-06 14:54:41 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010-07-06 14:54:41 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010-07-06 12:34:53 | 000,066,915 | ---- | C] () -- C:\Documents and Settings\zxcz\Pulpit\stats.JPG
[2010-07-06 09:14:21 | 000,005,992 | ---- | C] () -- C:\Documents and Settings\zxcz\Pulpit\avatar.jpg
[2010-07-06 09:06:34 | 000,189,461 | ---- | C] () -- C:\Documents and Settings\zxcz\Pulpit\download.JPG
[2010-07-04 19:35:37 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\H@tKeysH@@k.DLL
[2010-07-03 11:54:51 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2010-07-01 21:15:28 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\zxcz\Pulpit\TVTool.lnk
[2010-06-20 11:07:23 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat
[2010-06-15 22:12:17 | 000,001,938 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\THE SETTLERS - Narodziny Imperium.lnk
[2010-06-15 22:11:04 | 000,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2010-06-15 22:10:54 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2010-06-06 17:42:25 | 000,000,025 | ---- | C] () -- C:\WINDOWS\libem.INI
[2010-06-03 11:14:58 | 001,867,776 | ---- | C] () -- C:\WINDOWS\System32\python24.dll
[2010-05-29 19:25:59 | 000,000,280 | ---- | C] () -- C:\WINDOWS\game.ini
[2010-05-11 20:32:38 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2010-03-28 13:49:56 | 000,000,023 | -HS- | C] () -- C:\WINDOWS\System32\cedddcd9_d.dll
[2010-03-14 19:07:54 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2010-03-06 20:02:14 | 001,867,776 | ---- | C] () -- C:\WINDOWS\python24.dll
[2010-02-19 17:21:07 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010-02-19 17:21:07 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010-02-19 17:21:05 | 000,000,484 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010-02-19 17:21:05 | 000,000,484 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010-02-19 17:21:04 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2010-02-19 17:21:01 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010-02-19 17:21:01 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2010-02-19 16:01:15 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009-08-03 00:21:54 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2009-08-03 00:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2009-08-03 00:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2005-12-10 03:06:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2005-12-10 03:06:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2005-12-10 03:06:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2005-12-10 03:06:00 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2005-12-10 03:06:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2005-12-10 03:06:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2004-07-17 11:36:38 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2003-04-08 11:40:22 | 000,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
========== Alternate Data Streams ==========
@Alternate Data Stream - 286 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:6BE50C2B
< End of report >
-
A gmer ci dać ?? bo tamte 2 logi były szybko a na ten jeszcze poczekasz pewnie długo
FlasGet nie używam juz odinstalowany
-
OTL ! OTL logfile created on: 2010-07-06 15:20:38 - Run 3
OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\zxcz\Moje dokumenty\Pobieranie
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
1 024,00 Mb Total Physical Memory | 595,00 Mb Available Physical Memory | 58,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 18,88 Gb Free Space | 25,33% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: JK-935C0E4A6427
Current User Name: zxcz
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010-07-04 18:38:36 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\zxcz\Moje dokumenty\Pobieranie\OTL.exe
PRC - [2010-06-27 14:43:38 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firetyfoxxxsadsasddytya\firefox.exe
PRC - [2010-06-15 07:13:18 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Documents and Settings\zxcz\Ustawienia lokalne\Dane aplikacji\Google\Update\1.2.183.29\GoogleCrashHandler.exe
PRC - [2005-03-31 11:18:49 | 000,790,528 | ---- | M] (sms-express.com) -- C:\Program Files\Gadu-Gadu\gg.exe
PRC - [2004-08-04 00:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004-04-01 11:52:06 | 001,368,064 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
========== Modules (SafeList) ==========
MOD - [2010-07-04 18:38:36 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\zxcz\Moje dokumenty\Pobieranie\OTL.exe
MOD - [2004-08-04 00:42:34 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2004-08-03 23:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2000-07-07 18:42:56 | 000,032,768 | ---- | M] () -- C:\Program Files\Gadu-Gadu\ggwhook.dll
========== Win32 Services (SafeList) ==========
SRV - [2010-01-26 13:41:08 | 000,652,800 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme)
DRV - [2010-06-15 22:11:05 | 000,278,984 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2010-06-15 22:10:54 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010-03-30 20:04:53 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010-01-21 15:53:16 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009-12-30 12:30:56 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009-12-30 12:30:48 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009-12-30 12:30:48 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009-12-30 12:25:12 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2009-10-02 01:00:00 | 000,027,248 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavalys\EVEREST Corporate Edition\kerneld.wnt -- (EverestDriver)
DRV - [2009-06-30 10:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008-05-03 05:46:00 | 006,554,496 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2006-04-22 03:44:39 | 000,008,064 | ---- | M] (Elaborate Bytes AG) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2005-05-03 17:34:02 | 000,027,392 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2004-09-10 04:05:36 | 000,005,969 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Program Files\Anti Trojan Elite\ATEPMON.sys -- (ATE_PROCMON)
DRV - [2004-08-04 01:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2004-08-04 00:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM)
DRV - [2004-08-03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C)
DRV - [2004-08-03 23:03:36 | 000,088,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2004-04-26 10:49:56 | 000,381,056 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2003-09-25 18:00:00 | 000,174,530 | ---- | M] (OmniVision Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ov519vid.sys -- (ovt519)
DRV - [2002-09-20 11:53:34 | 000,235,100 | ---- | M] (Analog Devices Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MidiSyn.sys -- (MidiSyn)
DRV - [2002-07-27 19:01:06 | 000,005,306 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (TBPanel)
DRV - [2002-07-27 19:01:06 | 000,005,306 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (Cardex)
DRV - [2001-10-26 16:48:56 | 000,009,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NtApm.sys -- (NtApm)
DRV - [2001-08-17 22:02:32 | 000,008,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hidgame.sys -- (hidgame)
DRV - [2001-08-17 21:54:18 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2001-08-17 21:54:18 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.flashget.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = plimus.com,www.plimus.com,regnow.com,www.regnow.com,
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = socks=
========== FireFox ==========
FF - prefs.js..browser.search.defaultthis.engineName: "XfireXO Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2304157&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Allegro"
FF - prefs.js..browser.startup.homepage: "http://www.google.pl"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.5.3
FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.10.2
FF - prefs.js..extensions.enabledItems: {5e5ab302-7f65-44cd-8211-c1d4caaccea3}:2.6.0.15
FF - prefs.js..extensions.enabledItems: {DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}:1.0
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {AC57FCAF-E6FC-4BE9-ADC0-D00129C4C1E7}:1.0
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2304157&q="
FF - prefs.js..network.proxy.backup.ftp: ""
FF - prefs.js..network.proxy.backup.ftp_port: 0
FF - prefs.js..network.proxy.backup.gopher: ""
FF - prefs.js..network.proxy.backup.gopher_port: 0
FF - prefs.js..network.proxy.backup.socks: ""
FF - prefs.js..network.proxy.backup.socks_port: 0
FF - prefs.js..network.proxy.backup.ssl: ""
FF - prefs.js..network.proxy.backup.ssl_port: 0
FF - prefs.js..network.proxy.no_proxies_on: ""
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.type: 0
FF - user.js..network.proxy.type: 0
FF - user.js..network.proxy.http: ""
FF - user.js..network.proxy.http_port: 0
FF - user.js..network.proxy.ssl: ""
FF - user.js..network.proxy.ssl_port: 0
FF - user.js..network.proxy.ftp: ""
FF - user.js..network.proxy.ftp_port: 0
FF - user.js..network.proxy.gopher: ""
FF - user.js..network.proxy.gopher_port: 0
FF - user.js..network.proxy.socks_version: 5
FF - user.js..network.proxy.socks: ""
FF - user.js..network.proxy.socks_port: 0
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firetyfoxxxsadsasddytya\components [2010-06-28 17:12:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firetyfoxxxsadsasddytya\plugins [2010-07-06 14:40:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010-03-21 17:13:46 | 000,000,000 | ---D | M]
[2010-02-19 14:58:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Extensions
[2010-07-06 14:47:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions
[2010-03-28 19:47:34 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2010-05-30 15:42:46 | 000,000,000 | ---D | M] (XfireXO Toolbar) -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
[2010-05-09 13:14:12 | 000,000,000 | ---D | M] (Easy Youtube Video Downloader) -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}
[2010-05-10 18:32:35 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010-06-06 17:42:33 | 000,000,000 | ---D | M] (flashget3 Extension) -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}
[2010-06-14 19:35:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\DTToolbar@toolbarnet.com
[2010-03-13 18:21:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\illimitux@illimitux.net
[2010-05-10 18:32:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\personas@christopher.beard
[2010-05-26 15:18:50 | 000,002,333 | ---- | M] () -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\searchplugins\askcom.xml
[2010-04-21 12:06:36 | 000,000,917 | ---- | M] () -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\searchplugins\conduit.xml
[2010-03-30 20:05:09 | 000,002,055 | ---- | M] () -- C:\Documents and Settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\searchplugins\daemon-search.xml
O1 HOSTS File: ([2010-07-06 15:06:32 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll File not found
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://active.macromedia.com/flash2/cabs/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\zxcz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\zxcz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-02-18 23:12:22 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (rmparite.nt) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010-07-06 14:58:41 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010-07-06 14:54:42 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010-07-06 14:54:42 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010-07-06 14:54:41 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010-07-06 14:54:41 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010-07-06 14:53:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010-07-06 14:51:46 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010-07-06 14:29:46 | 000,000,000 | ---D | C] -- C:\_OTL
[2010-07-06 11:03:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\zxcz\Moje dokumenty\GTA San Andreas User Files
[2010-07-04 14:26:45 | 000,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\NtApm.sys
[2010-07-03 10:49:50 | 000,000,000 | ---D | C] -- C:\Program Files\Anti Trojan Elite
[2010-07-03 10:45:04 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010-07-02 19:31:53 | 000,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies
[2010-07-02 19:31:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\AGEIA
[2010-07-02 19:31:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2010-06-22 18:56:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\zxcz\Moje dokumenty\KONAMI
[2010-06-22 18:29:28 | 000,000,000 | ---D | C] -- C:\Program Files\KONAMI
[2010-06-22 18:29:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\KONAMI
[2010-06-21 21:11:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2010-06-20 19:25:06 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010-06-20 19:25:06 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010-06-20 19:25:05 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010-06-20 19:25:05 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010-06-20 19:25:05 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010-06-19 21:23:37 | 000,000,000 | ---D | C] -- C:\Program Files\TVTool
[2010-06-17 22:26:24 | 000,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidgame.sys
[2010-06-16 15:57:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\zxcz\Moje dokumenty\THE SETTLERS - Rise of an Empire
[2010-06-15 20:57:09 | 000,000,000 | ---D | C] -- C:\Program Files\Ubisoft
[2010-06-15 20:55:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\DAEMON Tools Images
[2010-06-15 19:27:27 | 000,000,000 | R--D | C] -- C:\MSOCache
[2010-06-14 19:35:22 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2010-06-07 20:26:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\zxcz\Pulpit\bzzz
[2010-06-06 21:50:04 | 000,000,000 | ---D | C] -- C:\Program Files\Turbine
[2010-06-06 17:44:03 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2010-06-06 17:42:33 | 000,000,000 | ---D | C] -- C:\Downloads
[2010-06-06 17:42:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\zxcz\Dane aplikacji\FlashGet
========== Files - Modified Within 30 Days ==========
[2010-07-06 15:18:06 | 000,001,128 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-299502267-688789844-1060284298-1003UA.job
[2010-07-06 15:07:09 | 000,176,765 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010-07-06 15:07:01 | 000,000,258 | ---- | M] () -- C:\WINDOWS\system.ini
[2010-07-06 15:06:32 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010-07-06 15:06:22 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2010-07-06 15:06:07 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-07-06 15:06:02 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-07-06 15:05:56 | 1073,315,840 | -HS- | M] () -- C:\hiberfil.sys
[2010-07-06 15:05:15 | 006,029,312 | ---- | M] () -- C:\Documents and Settings\zxcz\ntuser.dat
[2010-07-06 15:05:15 | 000,000,292 | -HS- | M] () -- C:\Documents and Settings\zxcz\ntuser.ini
[2010-07-06 14:58:50 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010-07-06 12:34:54 | 000,066,915 | ---- | M] () -- C:\Documents and Settings\zxcz\Pulpit\stats.JPG
[2010-07-06 09:14:22 | 000,005,992 | ---- | M] () -- C:\Documents and Settings\zxcz\Pulpit\avatar.jpg
[2010-07-06 09:06:35 | 000,189,461 | ---- | M] () -- C:\Documents and Settings\zxcz\Pulpit\download.JPG
[2010-07-04 23:22:33 | 000,000,911 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-07-04 23:22:33 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010-07-04 19:35:37 | 000,020,480 | ---- | M] () -- C:\WINDOWS\System32\H@tKeysH@@k.DLL
[2010-07-03 11:57:49 | 000,014,848 | ---- | M] () -- C:\WINDOWS\System32\BASSMOD.dll
[2010-07-03 07:18:00 | 000,001,076 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-299502267-688789844-1060284298-1003Core.job
[2010-07-01 21:15:28 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\zxcz\Pulpit\TVTool.lnk
[2010-07-01 21:09:41 | 000,000,008 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
[2010-07-01 14:17:20 | 001,576,722 | -H-- | M] () -- C:\Documents and Settings\zxcz\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-06-22 21:15:12 | 000,019,456 | ---- | M] () -- C:\Documents and Settings\zxcz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-06-22 09:04:44 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-06-21 12:23:36 | 000,044,984 | ---- | M] () -- C:\Documents and Settings\zxcz\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-06-21 09:03:35 | 000,198,552 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-06-20 19:24:45 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010-06-20 19:24:45 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010-06-20 19:24:45 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010-06-20 19:24:45 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010-06-20 19:24:45 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010-06-20 11:54:51 | 000,000,484 | ---- | M] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010-06-20 11:54:51 | 000,000,484 | ---- | M] () -- C:\WINDOWS\System32\xvidcore.dll
[2010-06-20 11:54:51 | 000,000,484 | ---- | M] () -- C:\WINDOWS\System32\ac3acm.acm
[2010-06-16 08:29:42 | 000,000,000 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2010-06-16 06:33:53 | 000,000,754 | ---- | M] () -- C:\WINDOWS\WORDPAD.INI
[2010-06-15 22:12:17 | 000,001,938 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\THE SETTLERS - Narodziny Imperium.lnk
[2010-06-15 22:11:05 | 000,278,984 | ---- | M] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2010-06-15 22:10:54 | 000,025,416 | ---- | M] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2010-06-06 17:42:25 | 000,000,025 | ---- | M] () -- C:\WINDOWS\libem.INI
========== Files Created - No Company Name ==========
[2010-07-06 14:58:50 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010-07-06 14:58:47 | 000,262,400 | ---- | C] () -- C:\cmldr
[2010-07-06 14:54:42 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010-07-06 14:54:42 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010-07-06 14:54:42 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010-07-06 14:54:41 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010-07-06 14:54:41 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010-07-06 12:34:53 | 000,066,915 | ---- | C] () -- C:\Documents and Settings\zxcz\Pulpit\stats.JPG
[2010-07-06 09:14:21 | 000,005,992 | ---- | C] () -- C:\Documents and Settings\zxcz\Pulpit\avatar.jpg
[2010-07-06 09:06:34 | 000,189,461 | ---- | C] () -- C:\Documents and Settings\zxcz\Pulpit\download.JPG
[2010-07-04 19:35:37 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\H@tKeysH@@k.DLL
[2010-07-03 11:54:51 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2010-07-01 21:15:28 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\zxcz\Pulpit\TVTool.lnk
[2010-06-20 11:07:23 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat
[2010-06-15 22:12:17 | 000,001,938 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\THE SETTLERS - Narodziny Imperium.lnk
[2010-06-15 22:11:04 | 000,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2010-06-15 22:10:54 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2010-06-06 17:42:25 | 000,000,025 | ---- | C] () -- C:\WINDOWS\libem.INI
[2010-06-03 11:14:58 | 001,867,776 | ---- | C] () -- C:\WINDOWS\System32\python24.dll
[2010-05-29 19:25:59 | 000,000,280 | ---- | C] () -- C:\WINDOWS\game.ini
[2010-05-11 20:32:38 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2010-03-28 13:49:56 | 000,000,023 | -HS- | C] () -- C:\WINDOWS\System32\cedddcd9_d.dll
[2010-03-14 19:07:54 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2010-03-06 20:02:14 | 001,867,776 | ---- | C] () -- C:\WINDOWS\python24.dll
[2010-02-19 17:21:07 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010-02-19 17:21:07 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010-02-19 17:21:05 | 000,000,484 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010-02-19 17:21:05 | 000,000,484 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010-02-19 17:21:04 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2010-02-19 17:21:01 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010-02-19 17:21:01 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2010-02-19 16:01:15 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009-08-03 00:21:54 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2009-08-03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2009-08-03 00:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2009-08-03 00:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2005-12-10 03:06:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2005-12-10 03:06:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2005-12-10 03:06:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2005-12-10 03:06:00 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2005-12-10 03:06:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2005-12-10 03:06:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2004-07-17 11:36:38 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2003-04-08 11:40:22 | 000,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
========== Alternate Data Streams ==========
@Alternate Data Stream - 286 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:6BE50C2B
< End of report >
-
log combofix:
ComboFix 10-07-05.03 - zxcz 2010-07-06 15:00:16.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.2.1250.48.1045.18.1024.785 [GMT 2:00]
Uruchomiony z: c:\documents and settings\zxcz\Moje dokumenty\Pobieranie\ComboFix.exe
Użyto następujących komend :: c:\documents and settings\zxcz\Moje dokumenty\Pobieranie\CFScript.txt
.
((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users\announce.exe
c:\documents and settings\zxcz\Dane aplikacji\BITS
c:\documents and settings\zxcz\Dane aplikacji\BITS\BITS.ini
c:\documents and settings\zxcz\Dane aplikacji\BITS\DHTTable.dat
c:\documents and settings\zxcz\Dane aplikacji\BITS\ProxyList.ini
c:\documents and settings\zxcz\Dane aplikacji\FlashGetBHO
c:\documents and settings\zxcz\Dane aplikacji\FlashGetBHO\FlashGetBHO3.dll
c:\documents and settings\zxcz\Dane aplikacji\FlashGetBHO\FlashGetHook.dll
c:\documents and settings\zxcz\Dane aplikacji\FlashGetBHO\GetAllUrl.htm
c:\documents and settings\zxcz\Dane aplikacji\FlashGetBHO\GetUrl.htm
c:\program files\FlashGet Network
c:\program files\FlashGet Network\FlashGet 3\dat\Appsetting.cfg
c:\program files\FlashGet Network\FlashGet 3\dat\FlashGet3db.bak
c:\program files\FlashGet Network\FlashGet 3\dat\FlashGet3db.db
c:\program files\FlashGet Network\FlashGet 3\P2PCfg.ini
c:\program files\FlashGet Network\FlashGet 3\perf.ini
c:\program files\FlashGet Network\FlashGet 3\pstat.dat
c:\program files\FlashGet Network\FlashGet 3\pup.dat
c:\windows\system32\dxva2.dll
c:\windows\system32\evr.dll
c:\windows\system32\evrprop.dll
c:\windows\system32\libFLAC.dll
c:\windows\system32\mkunicode.dll
c:\windows\system32\mkzlib.dll
c:\windows\system32\sknc.dll
Zainfekowana kopia c:\windows\system32\ws2_32.dll została znaleziona. Problem naprawiono
Plik odzyskano z - c:\system volume information\_restore{1386A8C2-E0B7-49EF-8B15-E3C31D4E1E48}\RP144\A0252191.dll
.
((((((((((((((((((((((((((((((((((((((( Sterowniki/Usługi )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_AVPsys
((((((((((((((((((((((((( Pliki utworzone od 2010-06-06 do 2010-07-06 )))))))))))))))))))))))))))))))
.
2010-07-06 12:29 . 2010-07-06 12:29 -------- d-----w- C:\_OTL
2010-07-04 17:35 . 2010-07-04 17:35 20480 ----a-w- c:\windows\system32\H@tKeysH@@k.DLL
2010-07-04 12:26 . 2001-10-26 14:48 9600 ----a-w- c:\windows\system32\drivers\NtApm.sys
2010-07-03 08:49 . 2010-07-03 09:57 -------- d-----w- c:\program files\Anti Trojan Elite
2010-07-03 08:45 . 2010-07-03 08:45 -------- d-----w- c:\program files\Trend Micro
2010-07-02 17:31 . 2010-07-02 17:32 -------- d-----w- c:\program files\AGEIA Technologies
2010-07-02 17:31 . 2010-07-02 17:31 -------- d-----w- c:\windows\system32\AGEIA
2010-07-02 17:31 . 2010-07-02 17:31 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-06-22 16:29 . 2010-06-22 16:29 -------- d-----w- c:\program files\KONAMI
2010-06-22 16:29 . 2010-06-22 16:29 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\KONAMI
2010-06-21 19:11 . 2010-07-05 07:23 -------- d---a-w- c:\documents and settings\All Users\Dane aplikacji\TEMP
2010-06-20 17:25 . 2010-06-20 17:24 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-06-20 09:07 . 2010-07-01 19:09 8 ----a-w- c:\windows\system32\nvModes.dat
2010-06-19 19:23 . 2010-07-01 19:15 -------- d-----w- c:\program files\TVTool
2010-06-17 20:26 . 2001-08-17 20:02 8576 ----a-w- c:\windows\system32\drivers\hidgame.sys
2010-06-15 20:11 . 2010-06-15 20:11 278984 ----a-w- c:\windows\system32\drivers\atksgt.sys
2010-06-15 20:10 . 2010-06-15 20:10 25416 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2010-06-15 18:57 . 2010-06-15 18:57 -------- d-----w- c:\program files\Ubisoft
2010-06-15 17:27 . 2010-06-15 17:27 -------- d-----r- C:\MSOCache
2010-06-14 17:35 . 2010-06-14 17:35 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-06-06 19:50 . 2010-06-06 19:50 -------- d-----w- c:\program files\Turbine
2010-06-06 15:44 . 2010-06-06 15:44 -------- d-----w- c:\program files\Pando Networks
2010-06-06 15:42 . 2010-06-16 13:52 -------- d-----w- C:\Downloads
2010-06-06 15:42 . 2010-06-06 15:42 -------- d-----w- c:\documents and settings\zxcz\Dane aplikacji\FlashGet
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-06 12:44 . 2010-05-30 13:42 -------- d-----w- c:\program files\XfireXO
2010-07-06 12:41 . 2010-06-03 18:20 -------- d-----w- c:\program files\Google
2010-07-06 12:41 . 2010-06-03 15:23 -------- d-----w- c:\program files\MoorHunt
2010-07-06 12:41 . 2010-05-17 16:18 -------- d-----w- c:\program files\Steam
2010-07-03 08:45 . 2010-07-03 08:45 388096 ----a-r- c:\documents and settings\zxcz\Dane aplikacji\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-07-01 13:51 . 2010-02-22 17:26 -------- d-----w- c:\documents and settings\zxcz\Dane aplikacji\Gadu-Gadu 10
2010-06-27 12:44 . 2010-03-13 07:07 -------- d-----w- c:\program files\Mozilla Firetyfoxxxsadsasddytya
2010-06-25 18:35 . 2010-02-19 18:26 -------- d-----w- c:\documents and settings\zxcz\Dane aplikacji\Skype
2010-06-25 18:34 . 2010-02-19 18:29 -------- d-----w- c:\documents and settings\zxcz\Dane aplikacji\skypePM
2010-06-25 18:33 . 2010-03-14 15:20 -------- d-----r- c:\program files\Skype
2010-06-21 10:23 . 2010-02-19 18:45 44984 ----a-w- c:\documents and settings\zxcz\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
2010-06-20 17:25 . 2010-06-20 17:25 503808 ----a-w- c:\documents and settings\zxcz\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-29fd4d21-n\msvcp71.dll
2010-06-20 17:25 . 2010-06-20 17:25 499712 ----a-w- c:\documents and settings\zxcz\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-29fd4d21-n\jmc.dll
2010-06-20 17:25 . 2010-06-20 17:25 348160 ----a-w- c:\documents and settings\zxcz\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-29fd4d21-n\msvcr71.dll
2010-06-20 17:25 . 2010-06-20 17:25 61440 ----a-w- c:\documents and settings\zxcz\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-7d9755ba-n\decora-sse.dll
2010-06-20 17:25 . 2010-06-20 17:25 12800 ----a-w- c:\documents and settings\zxcz\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-7d9755ba-n\decora-d3d.dll
2010-06-20 09:54 . 2010-02-19 15:21 484 ----a-w- c:\windows\system32\xvidvfw.dll
2010-06-20 09:54 . 2010-02-19 15:21 484 ----a-w- c:\windows\system32\xvidcore.dll
2010-06-20 09:54 . 2010-04-11 17:32 -------- d-----w- c:\program files\ALLPlayer
2010-06-15 18:57 . 2010-02-19 14:21 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-06-15 18:27 . 2010-06-03 09:39 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Microsoft Help
2010-06-15 18:00 . 2010-06-03 09:40 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2010-06-03 14:32 . 2010-02-27 18:16 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\OpenFM
2010-06-03 09:46 . 2010-06-03 09:40 -------- d-----w- c:\program files\Common Files\Merge Modules
2010-06-02 17:35 . 2010-05-18 15:01 -------- d-----w- c:\documents and settings\zxcz\Dane aplikacji\mIRC
2010-06-02 17:33 . 2010-05-18 15:01 -------- d-----w- c:\program files\mIRC
2010-05-30 13:47 . 2010-05-30 13:42 -------- d-----w- c:\program files\Xfire
2010-05-30 13:47 . 2010-05-30 13:42 -------- d-----w- c:\documents and settings\zxcz\Dane aplikacji\Xfire
2010-05-30 13:42 . 2010-05-30 13:42 -------- d-----w- c:\program files\Conduit
2010-05-29 17:00 . 2010-05-29 17:00 -------- d-----w- c:\program files\Activision
2010-05-29 16:49 . 2010-05-29 16:47 -------- d-----w- c:\program files\Common Files\Adobe
2010-05-29 12:34 . 2010-03-01 17:00 -------- d-----w- c:\program files\Remere's Map Editor
2010-05-28 14:04 . 2010-03-12 20:13 -------- d-----w- c:\program files\Gadu-Gadu 10
2010-05-23 11:28 . 2010-02-19 14:14 -------- d-----w- c:\documents and settings\zxcz\Dane aplikacji\PC Suite
2010-05-23 11:26 . 2010-04-11 17:32 -------- d-----w- c:\program files\NAPI-PROJEKT
2010-05-19 18:00 . 2010-02-19 18:34 -------- d-----w- c:\program files\VGA USB Camera
2010-05-19 18:00 . 2010-05-19 18:00 -------- d-----w- c:\program files\directx
2010-05-11 18:32 . 2010-05-11 18:32 41872 ----a-w- c:\windows\system32\xfcodec.dll
2010-05-11 15:18 . 2010-05-11 15:18 -------- d-----w- c:\documents and settings\zxcz\Dane aplikacji\Hide IP NG
2010-05-11 15:18 . 2010-05-11 15:18 -------- d-----w- c:\program files\Hide IP NG
2010-05-11 15:18 . 2010-05-11 15:18 -------- d-----w- c:\documents and settings\zxcz\Dane aplikacji\Delete Cookie
2010-05-10 15:51 . 2010-04-30 13:59 -------- d-----w- c:\program files\ChomikBox
2010-05-10 15:45 . 2010-05-10 15:45 -------- d-----w- c:\program files\Ashampoo
2010-05-10 15:17 . 2010-05-08 13:56 -------- d-----w- c:\program files\Boilsoft ASF Converter
2010-05-10 15:15 . 2010-03-13 07:40 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Alwil Software
2010-05-10 15:13 . 2010-04-11 17:32 -------- d-----w- c:\program files\ALLConverter
2010-05-08 13:56 . 2010-04-21 19:39 -------- d-----w- c:\documents and settings\zxcz\Dane aplikacji\DivX
2010-04-21 19:40 . 2010-04-21 19:40 57344 ----a-w- c:\documents and settings\All Users\Dane aplikacji\DivX\RunAsUser\RUNASUSERPROCESS.dll
2010-04-21 19:39 . 2010-04-21 19:39 56766 ----a-w- c:\documents and settings\All Users\Dane aplikacji\DivX\DivXPlusShortcuts\Uninstaller.exe
2010-04-21 19:39 . 2010-04-21 19:39 56978 ----a-w- c:\documents and settings\All Users\Dane aplikacji\DivX\WebPlayer\Uninstaller.exe
2010-04-21 19:39 . 2010-04-21 19:39 53600 ----a-w- c:\documents and settings\All Users\Dane aplikacji\DivX\Update\Uninstaller.exe
2010-04-21 19:39 . 2010-04-21 19:39 57679 ----a-w- c:\documents and settings\All Users\Dane aplikacji\DivX\Player\Uninstaller.exe
2010-04-21 19:38 . 2010-04-21 19:38 84040 ----a-w- c:\documents and settings\All Users\Dane aplikacji\DivX\TransferWizard\Uninstaller.exe
2010-04-21 19:38 . 2010-04-21 19:38 57054 ----a-w- c:\documents and settings\All Users\Dane aplikacji\DivX\DSDesktopComponents\Uninstaller.exe
2010-04-21 19:38 . 2010-04-21 19:38 54166 ----a-w- c:\documents and settings\All Users\Dane aplikacji\DivX\DSAVCDecoder\Uninstaller.exe
2010-04-21 19:38 . 2010-04-21 19:38 57532 ----a-w- c:\documents and settings\All Users\Dane aplikacji\DivX\DSASPDecoder\Uninstaller.exe
2010-04-21 19:38 . 2010-04-21 19:38 56458 ----a-w- c:\documents and settings\All Users\Dane aplikacji\DivX\DivXDecoderShortcut\Uninstaller.exe
2010-04-21 19:38 . 2010-04-21 19:38 54174 ----a-w- c:\documents and settings\All Users\Dane aplikacji\DivX\DSAACDecoder\Uninstaller.exe
2010-04-21 19:38 . 2010-04-21 19:38 54153 ----a-w- c:\documents and settings\All Users\Dane aplikacji\DivX\DFXPlugin\Uninstaller.exe
2010-04-21 19:38 . 2010-04-21 19:38 54128 ----a-w- c:\documents and settings\All Users\Dane aplikacji\DivX\Converter\Uninstaller.exe
2010-04-21 19:37 . 2010-04-21 19:37 54629 ----a-w- c:\documents and settings\All Users\Dane aplikacji\DivX\TranscodeEngine\Uninstaller.exe
2010-04-21 19:37 . 2010-04-21 19:37 54101 ----a-w- c:\documents and settings\All Users\Dane aplikacji\DivX\MPEG2Plugin\Uninstaller.exe
2010-04-21 19:37 . 2010-04-21 19:37 57409 ----a-w- c:\documents and settings\All Users\Dane aplikacji\DivX\ControlPanel\Uninstaller.exe
2010-04-21 19:37 . 2010-04-21 19:37 52963 ----a-w- c:\documents and settings\All Users\Dane aplikacji\DivX\MSVC80CRTRedist\Uninstaller.exe
2010-04-21 19:37 . 2010-04-21 19:37 54073 ----a-w- c:\documents and settings\All Users\Dane aplikacji\DivX\Qt4.5\Uninstaller.exe
2010-04-21 19:37 . 2010-04-21 19:37 56969 ----a-w- c:\documents and settings\All Users\Dane aplikacji\DivX\ASPEncoder\Uninstaller.exe
2010-04-21 19:35 . 2010-04-21 19:35 144696 ----a-w- c:\documents and settings\All Users\Dane aplikacji\DivX\RunAsUser\RUNASUSERPROCESS.exe
2010-04-21 19:35 . 2010-04-21 19:39 754984 ----a-w- c:\documents and settings\All Users\Dane aplikacji\DivX\Setup\Resource.dll
2010-04-21 19:35 . 2010-04-21 19:39 1180952 ----a-w- c:\documents and settings\All Users\Dane aplikacji\DivX\Setup\DivXSetup.exe
2010-04-21 10:06 . 2010-05-30 13:42 101376 ------w- c:\documents and settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}\components\RadioWMPCore.dll
2010-04-21 10:06 . 2010-05-30 13:42 52224 ------w- c:\documents and settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}\components\FFExternalAlert.dll
2010-04-16 11:22 . 2001-10-26 14:15 80642 ----a-w- c:\windows\system32\perfc015.dat
2010-04-16 11:22 . 2001-10-26 14:15 460446 ----a-w- c:\windows\system32\perfh015.dat
2010-04-13 13:48 . 2010-03-30 18:07 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-04-11 17:26 . 2010-04-11 17:26 249856 ------w- c:\windows\Setup1.exe
2010-04-11 17:26 . 2010-04-11 17:26 73216 ----a-w- c:\windows\ST6UNST.EXE
2010-03-28 11:49 . 2010-03-28 11:49 23 --sha-w- c:\windows\system32\cedddcd9_d.dll
.
------- Sigcheck -------
[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[-] 2008-06-20 . 01D5EAAFF224415A7FF513E4C882BE30 . 360320 . . [5.1.2600.3394] . . c:\windows\system32\drivers\tcpip.sys
[7] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\tcpip.sys
[7] 2004-08-03 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\tcpip.sys
[7] 2004-08-03 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\documents and settings\zxcz\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe" [2010-04-14 136176]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-04-01 1368064]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-03 13529088]
"nwiz"="nwiz.exe" [2008-05-03 1630208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-03 86016]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0rmparite.nt
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^HP Image Zone - szybkie uruchamianie.lnk]
path=c:\documents and settings\All Users\Menu Start\Programy\Autostart\HP Image Zone - szybkie uruchamianie.lnk
backup=c:\windows\pss\HP Image Zone - szybkie uruchamianie.lnkCommon Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IPLA!
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ALLUpdate]
2010-06-20 09:54 484 ----a-w- c:\program files\ALLPlayer\ALLUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Anti Trojan Elite]
2010-07-03 09:57 864256 ----a-w- c:\program files\Anti Trojan Elite\TJEnder.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2004-08-03 22:44 15360 ----a-w- c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2010-04-01 09:16 357696 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-04-12 22:46 1135912 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu 10]
2010-04-21 08:40 11985504 ----a-w- c:\program files\Gadu-Gadu 10\gg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-04-14 14:08 136176 ----atw- c:\documents and settings\zxcz\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2004-08-03 22:44 1667584 ------w- c:\program files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 14:40 155648 ----a-w- c:\windows\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2009-11-11 09:57 1451520 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2010-05-13 14:12 26192168 ----a-r- c:\program files\Skype\Phone\Skype.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedX]
2006-06-27 12:11 46718 ----a-w- c:\progra~1\MyPortal\Speed-X\SpeedX.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2010-05-17 16:26 1238352 ----a-w- c:\program files\Steam\Steam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-02-18 09:43 248040 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Gadu-Gadu\\gg.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\serious sam hd the first encounter\\Bin\\SamHD_Demo.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\star trek online\\Star Trek Online.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\serious sam hd the first encounter\\Bin\\SamHD.exe"=
"c:\\Program Files\\Ubisoft\\THE SETTLERS - Narodziny Imperium\\base\\bin\\Settlers6.exe"=
"c:\\Program Files\\Steam\\steamapps\\csxxcs999\\team fortress classic\\hl.exe"=
"c:\\Program Files\\KONAMI\\Pro Evolution Soccer 2010\\pes2010.exe"=
"c:\\Program Files\\KONAMI\\Pro Evolution Soccer 2010\\Ekstraklasa patch 2010.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Steam\\steamapps\\csxxcs999\\counter-strike\\hl.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\mass effect 2 demo\\MassEffect2Launcher.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\mass effect 2 demo\\docs\\EA Help\\Electronic_Arts_Technical_Support.htm"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2010-03-13 28552]
S3 ATE_PROCMON;ATE_PROCMON;c:\program files\Anti Trojan Elite\ATEPMON.sys [2010-07-03 5969]
S3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files\Lavalys\EVEREST Corporate Edition\kerneld.wnt [2010-02-19 27248]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2010-02-19 137344]
S3 NtApm;Sterownik interfejsu NT Apm/Legacy;c:\windows\system32\drivers\NtApm.sys [2010-07-04 9600]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2010-03-30 691696]
.
Zawartość folderu 'Zaplanowane zadania'
2010-07-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-299502267-688789844-1060284298-1003Core.job
- c:\documents and settings\zxcz\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2010-04-14 14:08]
2010-07-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-299502267-688789844-1060284298-1003UA.job
- c:\documents and settings\zxcz\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2010-04-14 14:08]
2010-04-25 c:\windows\Tasks\Install_NSS.job
- c:\program files\DivX\Symantec\scstubinstaller.exe [2010-03-08 18:00]
2010-07-06 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2010-03-31 20:18]
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://google.flashget.com/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyServer = socks=
uInternet Settings,ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com,
IE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: ????3?? - c:\documents and settings\zxcz\Dane aplikacji\FlashGetBHO\GetUrl.htm
IE: ????3?????? - c:\documents and settings\zxcz\Dane aplikacji\FlashGetBHO\GetAllUrl.htm
TCP: {E6E023A1-BB31-49B3-915C-B1289A4EB0A5} = 88.208.105.1
FF - ProfilePath - c:\documents and settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2304157&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Allegro
FF - prefs.js: browser.startup.homepage - hxxp://www.google.pl
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2304157&q=
FF - prefs.js: network.proxy.type - 0
FF - component: c:\documents and settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll
FF - component: c:\documents and settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}\components\RadioWMPCore.dll
FF - component: c:\documents and settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}\components\FlashGetXPI.dll
FF - component: c:\documents and settings\zxcz\Dane aplikacji\Mozilla\Firefox\Profiles\e4fq7bly.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
FF - plugin: c:\documents and settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\npgg.2.dll
FF - plugin: c:\documents and settings\zxcz\Ustawienia lokalne\Dane aplikacji\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
---- FIREFOX - SPOSÓB POSTĘPOWANIA ----
FF - user.js: network.proxy.type - 0
FF - user.js: network.proxy.http -
FF - user.js: network.proxy.http_port - 0
FF - user.js: network.proxy.ssl -
FF - user.js: network.proxy.ssl_port - 0
FF - user.js: network.proxy.ftp -
FF - user.js: network.proxy.ftp_port - 0
FF - user.js: network.proxy.gopher -
FF - user.js: network.proxy.gopher_port - 0
FF - user.js: network.proxy.socks_version - 5
FF - user.js: network.proxy.socks -
FF - user.js: network.proxy.socks_port - 0
c:\program files\Mozilla Firetyfoxxxsadsasddytya\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firetyfoxxxsadsasddytya\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firetyfoxxxsadsasddytya\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firetyfoxxxsadsasddytya\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firetyfoxxxsadsasddytya\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firetyfoxxxsadsasddytya\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firetyfoxxxsadsasddytya\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firetyfoxxxsadsasddytya\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firetyfoxxxsadsasddytya\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firetyfoxxxsadsasddytya\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firetyfoxxxsadsasddytya\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firetyfoxxxsadsasddytya\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firetyfoxxxsadsasddytya\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firetyfoxxxsadsasddytya\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firetyfoxxxsadsasddytya\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firetyfoxxxsadsasddytya\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firetyfoxxxsadsasddytya\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firetyfoxxxsadsasddytya\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firetyfoxxxsadsasddytya\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firetyfoxxxsadsasddytya\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firetyfoxxxsadsasddytya\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firetyfoxxxsadsasddytya\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firetyfoxxxsadsasddytya\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firetyfoxxxsadsasddytya\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firetyfoxxxsadsasddytya\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - USUNIĘTO PUSTE WPISY - - - -
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
MSConfigStartUp-FlashGet 3 - c:\program files\FlashGet Network\FlashGet 3\FlashGet3.exe
MSConfigStartUp-HotbarSA - c:\program files\Hotbar\bin\11.0.175.0\HotbarSA.exe
AddRemove-Adobe AIR - c:\program files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe
AddRemove-Microsoft .NET Framework 2.0 - c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
AddRemove-NSS - c:\program files\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\2.7.0.52\InstStub.exe
AddRemove-RegSupreme Pro_is1 - c:\program files\RegSupreme Pro\unins000.exe
AddRemove-Tibia Auto - c:\program files\Tibia Auto\uninstall.exe
AddRemove-Tibia_is1 - c:\program files\Tibia857\unins000.exe
AddRemove-TMIPC - c:\program files\Asprate\Tibia Multi IP Changer\UNinstaller.exe
AddRemove-{A1062847-0846-427A-92A1-BB8251A91E91} - c:\program files\HP\Digital Imaging\{A1062847-0846-427A-92A1-BB8251A91E91}\setup\hpzscr01.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-06 15:07
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
skanowanie ukrytych procesów ...
skanowanie ukrytych wpisów autostartu ...
skanowanie ukrytych plików ...
skanowanie pomyślnie ukończone
ukryte pliki: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ASFWHide]
"ImagePath"="\??\c:\docume~1\zxcz\USTAWI~1\Temp\ASFWHide"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EverestDriver]
"ImagePath"="\??\c:\program files\Lavalys\EVEREST Corporate Edition\kerneld.wnt"
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
[HKEY_USERS\S-1-5-21-299502267-688789844-1060284298-1003\Software\Microsoft\Internet Explorer\MenuExt\使用快车3下载]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@="c:\\Documents and Settings\\zxcz\\Dane aplikacji\\FlashGetBHO\\GetUrl.htm"
"contexts"=dword:00000022
[HKEY_USERS\S-1-5-21-299502267-688789844-1060284298-1003\Software\Microsoft\Internet Explorer\MenuExt\使用快车3下载全部链接]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@="c:\\Documents and Settings\\zxcz\\Dane aplikacji\\FlashGetBHO\\GetAllUrl.htm"
"contexts"=dword:000000f3
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------
- - - - - - - > 'explorer.exe'(1376)
c:\windows\system32\msi.dll
c:\program files\Gadu-Gadu\ggwhook.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_pol.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\browselc.dll
c:\program files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\RUNDLL32.EXE
c:\documents and settings\zxcz\Ustawienia lokalne\Dane aplikacji\Google\Update\1.2.183.29\GoogleCrashHandler.exe
c:\program files\Gadu-Gadu\gg.exe
.
**************************************************************************
.
Czas ukończenia: 2010-07-06 15:18:28 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt 2010-07-06 13:18
Przed: 20 365 758 464 bajtów wolnych
Po: 20 247 302 144 bajtów wolnych
WindowsXP-KB310994-SP2-Pro-BootDisk-PLK.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
- - End Of File - - A84F914BDEE28A6B9DD4BDCE6A8D71DC
-
1.
All processes killed
========== FILES ==========
Unable to replace file: C:\WINDOWS\system32\ws2_32.dll with C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll without a reboot.
C:\Program Files\Common Files\userInit.dll moved successfully.
C:\Program Files\Common Files\logonInit.dll moved successfully.
C:\WINDOWS\System32\secustat.dat moved successfully.
C:\WINDOWS\System32\secushr.dat moved successfully.
C:\autorun.inf moved successfully.
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LogonInit\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\rtyuoo deleted successfully.
========== COMMANDS ==========
[EMPTYFLASH]
User: All Users
User: Default User
->Flash cache emptied: 0 bytes
User: LocalService
User: NetworkService
User: zxcz
->Flash cache emptied: 22180 bytes
Total Flash Files Cleaned = 0,00 mb
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: zxcz
->Temp folder emptied: 196858975 bytes
->Temporary Internet Files folder emptied: 80762 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 95552997 bytes
->Google Chrome cache emptied: 8404069 bytes
->Flash cache emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2134112 bytes
%systemroot%\System32 .tmp files removed: 2596 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 18600760 bytes
RecycleBin emptied: 3027880240 bytes
Total Files Cleaned = 3 194,00 mb
OTL by OldTimer - Version 3.2.7.0 log created on 07062010_142946
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
2. zrobione
-
Skan z SystemLook :
SystemLook v1.0 by jpshortstuff (11.01.10)
Log created at 08:52 on 06/07/2010 by zxcz (Administrator - Elevation successful)
========== filefind ==========
Searching for "WS2_32.dll"
C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll ------ 82944 bytes [13:37 19/02/2010] [23:44 03/08/2004] AB82237486B727DD7DAB36A76F38A3A2
C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\ws2_32.dll --a--- 82432 bytes [07:55 30/03/2010] [17:20 14/04/2008] C0AA2AB856680C44739B41E01F5BD4E9
C:\WINDOWS\system32\ws2_32.dll --a--- 83456 bytes [22:44 03/08/2004] [15:22 01/06/2010] 16C0372775B545DD17C20BCC055E7DA3
-=End Of File=-
-
W odpowiedzi dostałem :
Hasel do urzadzen 5G nie udostepniamy.Prosze podac porty do "odblokowania" , jesli jeszcze nie sa przekierowane na PC.
W takim razie czy mógłbyś mi podać te porty
-
Gdy już zdobędę hasło, wytłumaczysz mi co i jak z tym przekierowaniem portów?
-
1. Strona mikrotik, tak jakby strona polegająca na konfiguracji czegoś
Jest 6 okienek :Winbox
Winbox is the graphical configuration application for RouterOS. Download it, run it and connect to your router - all RouterOS functionality can be controlled with this application.
Webbox
webbox
This is a web based configuration interface for RouterOS. Log in above to connect to this router - some of the most important RouterOS features can be controlled within this interface.
Telnet
Connect with telnet and you will have access to the command line interface of RouterOS, every function of RouterOS can be controlled with it.
Graphs
These graphs show you statistical information about your router's interfaces and the traffic that goes through them. Before you use Graphs, you have to configure them.
Documentation
We have written many tutorials, examples and manuals for RouterOS, all of which are available here on our homepage. If you get into trouble, you can always ask for technical support.
i licencja
2. dokładnie ten http://tomcom.ca/catalog/images/RJ45.jpg
3. Z tego co wiem to leci to prostu do anteny na dachu, chociaż admin przy zakładaniu mi internetu mówił coś że w antenę jest wbudowany Router
-
Mam bezprzewodowy internet 5Gh, kabel od internetu idzie do anteny na dachu i później do nadajnika. Pisałem wiele razy w tej sprawie do admina, on mi mówi za każdym razem że zewnętrzny adres IP posiadam..
-
To ja dołączę się do tematu i podam moje serwery.
[FFA]- 94.23.94.93:27016
[base Builder]- 94.23.94.93:27059
[DiabloMod]- 94.23.94.149:27055
[DeathRun]- 94.23.94.149:27047
[Zombie]- 91.200.35.180:27043
[surf]- 91.200.35.180:27051
[Aim/Awp]- 88.199.98.69:27018
Link do strony, można znaleźć odwiedzając mój profil
-
Nie jestem pewny co miałeś na myśli pisząc wynik.txt, dlatego wklejam screen konsoli :
-
-
Dziendobry, od jakiegoś czasu bawię się w takie rzeczy jak serwery www, serwery gier, ots tibia, stawiając je na własnym komputerze. Otóż, problem jest w tym miejscu że stawiam to przez XAMPa, i wszystko robiąc dobrze. Kiedy podaje komuś adres mojego ip, lub no-ip(bo mam zrobione) to strony, serwera nie szuka. Na localhost wszystko działa jak należy. Administrator mojej sieci zapewnia mnie na 100% że posiadam zewnętrzny adres IP, na różnych stronach na których można sprawdzić IP, to wygląda na zewnętrzne (88.208.106.140) Moje pytanie jest następujące. Dlaczego ludzie nie widzą mnie w sieci?! Skoro nawet sam administrator zapewnia mnie że posiadam zewnętrzny adres ip, i jestem na 100% pewny że wszystko robię prawidłowo. Posiadam internet z www.novos.pl
-
Dzień dobry, pisałem na innym forum, podaje link: hxxp://www.forum.tweaks.pl/LOG-Hijacks-t40001-pid-206364.html/page__gopid__206364#entry206364
Dodatkowo co jakiś czas rozłącza mi klawiature, wtyczki sprawne, próbowałem przełączać do innych gniazd to samo. Sądzę że to wina jakiegoś wirusa.
I jeszcze gdy wyłączam komputer to gdy już jest przy czarnym ekranie i kursorze od myszki to się zacina i trzeba na listwie lub przycisku wyłączyć
Logi:
Proszę o szybką pomoc.
Jest 6 okienek :
Problem z Ventrillo
w Software
Opublikowano
2.1.4 mam, a komp czysty bo po formacie, kodeki i wsyzstkoi zainstalowane