x-kom hosting

Kilka logów

simivar
utworzono
utworzono (edytowane)

Log z OTL.exe:

OTL.txt:

Log do sprawdzenia
OTL logfile created on: 2009-09-13 19:45:53 - Run 2

OTL by OldTimer - Version 3.0.11.0 Folder = C:\Documents and Settings\m4g\Pulpit

Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,17 Gb Available Physical Memory | 58,49% Memory free

3,84 Gb Paging File | 3,32 Gb Available in Paging File | 86,35% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 232,42 Gb Total Space | 211,43 Gb Free Space | 90,97% Space Free | Partition Type: NTFS

Drive D: | 233,33 Gb Total Space | 231,97 Gb Free Space | 99,42% Space Free | Partition Type: NTFS

Drive E: | 512,06 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: PRO-A179D7B

Current User Name: m4g

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: On

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

========== Processes (SafeList) ==========

PRC - [2008-04-14 19:21:16 | 01,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE

PRC - [2007-08-10 09:21:56 | 16,384,000 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE

PRC - [2009-08-11 01:50:12 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe

PRC - [2009-08-11 01:50:12 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe

PRC - [2008-01-09 09:23:00 | 00,155,716 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe

PRC - [2009-09-12 22:04:04 | 00,908,280 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe

PRC - [2009-08-31 18:07:34 | 11,391,592 | ---- | M] (GG Network S.A.) -- C:\Program Files\Nowe Gadu-Gadu\gg.exe

PRC - [2009-08-31 16:56:26 | 00,077,824 | ---- | M] () -- C:\Program Files\Nowe Gadu-Gadu\spellchecker_gg.exe

PRC - [2009-09-13 19:24:51 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\m4g\Pulpit\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2008-07-25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])

SRV - [2009-08-04 01:41:17 | 00,208,616 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe -- (AVP [Auto | Running])

SRV - [2008-07-25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])

SRV - [2008-07-29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])

SRV - [2008-04-14 19:20:44 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])

SRV - [2008-07-29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [unknown | Stopped])

SRV - [2009-08-11 01:50:12 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])

SRV - [2008-07-29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])

SRV - [2008-01-09 09:23:00 | 00,155,716 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe -- (NVSvc [Auto | Running])

SRV - [2007-11-06 22:22:26 | 00,092,792 | ---- | M] (CACE Technologies) -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd [On_Demand | Stopped])

SRV - [2007-06-15 16:55:00 | 00,300,544 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer [On_Demand | Stopped])

SRV - [2006-12-01 11:46:28 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

========== Driver Services (SafeList) ==========

DRV - [2007-09-25 16:59:46 | 00,015,152 | ---- | M] () -- C:\Program Files\MediaCoder\SysInfo.sys -- (CrystalSysInfo [On_Demand | Stopped])

DRV - [2008-04-13 18:36:05 | 00,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])

DRV - [2007-08-10 07:52:44 | 04,603,904 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])

DRV - [2007-07-29 04:51:10 | 00,048,896 | R--- | M] (JMicron Technology Corp.) -- C:\WINDOWS\system32\DRIVERS\jraid.sys -- (JRAID [boot | Running])

DRV - [2008-07-21 17:34:36 | 00,121,872 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1 [boot | Running])

DRV - [2009-08-04 01:41:17 | 00,033,808 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\drivers\klbg.sys -- (klbg [boot | Running])

DRV - [2008-03-13 18:02:46 | 00,026,640 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\DRIVERS\klfltdev.sys -- (KLFLTDEV [On_Demand | Running])

DRV - [2009-08-04 01:41:17 | 00,226,832 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\DRIVERS\klif.sys -- (KLIF [system | Running])

DRV - [2008-04-30 17:06:48 | 00,024,592 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\DRIVERS\klim5.sys -- (klim5 [On_Demand | Running])

DRV - [2008-04-13 20:53:09 | 00,040,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\NMnt.sys -- (nm [On_Demand | Stopped])

DRV - [2007-02-22 11:15:56 | 00,137,216 | ---- | M] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcd.sys -- (nmwcd [On_Demand | Stopped])

DRV - [2007-02-22 11:15:14 | 00,008,320 | ---- | M] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcdc.sys -- (nmwcdc [On_Demand | Stopped])

DRV - [2007-02-22 11:15:14 | 00,012,288 | ---- | M] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcdcj.sys -- (nmwcdcj [On_Demand | Stopped])

DRV - [2007-02-22 11:15:14 | 00,012,288 | ---- | M] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcdcm.sys -- (nmwcdcm [On_Demand | Stopped])

DRV - [2007-11-06 22:22:06 | 00,034,064 | ---- | M] (CACE Technologies) -- C:\WINDOWS\System32\drivers\npf.sys -- (NPF [On_Demand | Stopped])

DRV - [2008-01-09 09:23:00 | 07,434,336 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])

DRV - [2006-03-02 14:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])

DRV - [2007-07-12 05:49:16 | 00,096,384 | R--- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\DRIVERS\Rtnicxp.sys -- (RTL8023xp [On_Demand | Running])

DRV - [2008-04-13 18:39:16 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1614895754-179605362-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKU\S-1-5-21-1614895754-179605362-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

IE - HKU\S-1-5-21-1614895754-179605362-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

IE - HKU\S-1-5-21-1614895754-179605362-839522115-1004\S-1-5-21-1614895754-179605362-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {d95e614b-c28e-43af-a326-ca590e18abd6}:1.5

FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.6.2

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1

FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3

FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009-08-11 01:50:12 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009-09-02 16:00:22 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-09-12 22:04:09 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-09-12 22:04:09 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\THBExt [2009-08-04 01:33:12 | 00,000,000 | ---D | M]

[2009-08-04 01:17:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\m4g\Dane aplikacji\mozilla\Extensions

[2009-08-04 01:17:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\m4g\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}

[2009-09-12 20:04:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\m4g\Dane aplikacji\mozilla\Firefox\Profiles\yzkbnexk.default\extensions

[2009-09-02 21:39:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\m4g\Dane aplikacji\mozilla\Firefox\Profiles\yzkbnexk.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2009-08-20 02:03:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\m4g\Dane aplikacji\mozilla\Firefox\Profiles\yzkbnexk.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

[2009-08-24 01:17:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\m4g\Dane aplikacji\mozilla\Firefox\Profiles\yzkbnexk.default\extensions\{d95e614b-c28e-43af-a326-ca590e18abd6}

[2009-09-12 20:04:35 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions

[2009-09-12 22:04:03 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[2009-08-11 01:50:19 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}

[2009-09-12 22:04:02 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll

[2009-09-12 22:04:02 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll

[2009-08-11 01:50:12 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll

[2009-09-12 22:04:05 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll

[2009-02-27 12:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll

[2009-07-31 00:44:16 | 00,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml

[2009-07-31 00:44:16 | 00,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml

[2009-07-31 01:45:26 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml

[2009-07-31 00:44:16 | 00,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml

[2009-07-31 00:44:16 | 00,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml

[2009-07-31 00:44:16 | 00,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml

[2009-07-31 00:44:16 | 00,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: (742 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll (Kaspersky Lab)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)

O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\m4g\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)

O4 - HKLM..\Run: [36X Raid Configurer] C:\WINDOWS\System32\xRaidSetup.exe (JMicron Technology Corp.)

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe (Kaspersky Lab)

O4 - HKLM..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe ()

O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)

O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)

O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()

O4 - HKLM..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia)

O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)

O4 - HKU\.DEFAULT..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.)

O4 - HKU\S-1-5-18..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.)

O4 - HKU\S-1-5-21-1614895754-179605362-839522115-1004..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe ()

O4 - HKU\S-1-5-21-1614895754-179605362-839522115-1004..\Run: [iCQ] C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)

O4 - HKU\S-1-5-21-1614895754-179605362-839522115-1004..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-1614895754-179605362-839522115-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-1614895754-179605362-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36

O7 - HKU\S-1-5-21-1614895754-179605362-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]

O7 - HKU\S-1-5-21-1614895754-179605362-839522115-1004_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: Dodaj do listy blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm ()

O9 - Extra Button: Statystyki ochrony WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll (Kaspersky Lab)

O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)

O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)

O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)

O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)

O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)

O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\ipp - No CLSID value found

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp - No CLSID value found

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\mzvkbd3.dll (Kaspersky Lab)

O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\adialhk.dll (Kaspersky Lab)

O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\kloehk.dll (Kaspersky Lab)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\System32\klogon.dll (Kaspersky Lab)

O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home

O31 - SafeBoot: AlternateShell - cmd.exe

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009-08-04 00:59:33 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2009-08-27 23:15:18 | 00,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]

O32 - AutoRun File - [2009-08-27 23:15:19 | 00,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ]

O32 - AutoRun File - [2008-04-25 16:42:47 | 00,000,045 | R--- | M] () - E:\Autorun.inf -- [ CDFS ]

O33 - MountPoints2\{4a20c0c2-8090-11de-a82f-806d6172696f}\Shell - "" = AutoRun

O33 - MountPoints2\{4a20c0c2-8090-11de-a82f-806d6172696f}\Shell\AutoRun\command - "" = E:\start.exe -- [2008-04-22 15:45:23 | 00,016,384 | R--- | M] (Cisco Systems, Inc.)

O33 - MountPoints2\{74fd4700-81be-11de-a844-001c256ea48f}\Shell\AutoRun\command - "" = uo10sn.cmd

O33 - MountPoints2\{74fd4700-81be-11de-a844-001c256ea48f}\Shell\open\Command - "" = uo10sn.cmd

O33 - MountPoints2\{93c17afc-8a86-11de-a857-001c256ea48f}\Shell - "" = AutoRun

O34 - HKLM BootExecute: (autocheck) - File not found

O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)

O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[7 C:\WINDOWS\System32\*.tmp files]

[5 C:\WINDOWS\*.tmp files]

[2009-09-13 19:24:49 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\m4g\Pulpit\OTL.exe

[2009-09-13 17:52:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\m4g\Pulpit\phpBB SEO Ultimate SEO URL v060

[2009-09-13 17:51:46 | 00,453,027 | ---- | C] () -- C:\Documents and Settings\m4g\Pulpit\PhpBB_SEO_Ultimate_SEO_URL_v060.zip

[2009-09-12 22:42:10 | 00,375,071 | ---- | C] () -- C:\Documents and Settings\m4g\Pulpit\Ad_Management_v1.0.8_PL.zip

[2009-09-12 20:27:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\m4g\Pulpit\phpBB3

[2009-09-12 20:27:38 | 08,765,440 | ---- | C] () -- C:\Documents and Settings\m4g\Pulpit\phpBB-3.0.5.tar

[2009-09-12 20:27:26 | 01,499,821 | ---- | C] () -- C:\Documents and Settings\m4g\Pulpit\phpBB-3.0.5.tar.bz2

[2009-09-12 18:16:43 | 00,470,199 | ---- | C] () -- C:\Documents and Settings\m4g\Pulpit\MChat_1.2.12_pl.zip

[2009-09-11 21:01:54 | 00,008,335 | ---- | C] () -- C:\Documents and Settings\m4g\Pulpit\domenka.PNG

[2009-09-10 22:17:09 | 10,539,903 | ---- | C] () -- C:\Documents and Settings\m4g\Pulpit\a9980194_tpl.sql.bz2

[2009-09-10 20:03:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\m4g\Pulpit\thanks_mod_v124

[2009-09-10 19:43:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\m4g\Pulpit\Strona wrzesien

[2009-09-10 19:13:11 | 00,125,541 | ---- | C] () -- C:\Documents and Settings\m4g\Pulpit\thanks_mod_v124_pl.zip

[2009-09-09 19:13:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\m4g\Pulpit\backup

[2009-09-09 17:45:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\m4g\Pulpit\backup_forumnokia

[2009-09-09 13:55:33 | 00,153,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\triedit.dll

[2009-09-08 21:38:57 | 00,000,826 | ---- | C] () -- C:\Documents and Settings\m4g\Moje dokumenty\KIS8-CM-20110422-0648E196.KEY

[2009-09-08 20:55:28 | 09,222,553 | ---- | C] () -- C:\Documents and Settings\m4g\Pulpit\Strona wrzesien.rar

[2009-09-08 20:29:22 | 00,062,959 | ---- | C] () -- C:\Documents and Settings\m4g\Pulpit\helpmod-1.0.0-rc2.zip

[2009-09-08 19:12:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\m4g\Pulpit\helpmod

[2009-09-08 19:12:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\m4g\Pulpit\advanced quick reply

[2009-09-08 18:24:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\m4g\Pulpit\PPW_225

[2009-09-04 23:29:08 | 00,116,084 | ---- | C] () -- C:\Documents and Settings\m4g\Pulpit\1251570502_by_ShadyAtak.jpg

[2009-09-04 19:51:12 | 00,077,373 | ---- | C] () -- C:\Documents and Settings\m4g\Pulpit\PSD.jpg

[2009-09-04 19:44:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\m4g\Pulpit\Simivar

[2009-09-04 19:44:49 | 00,960,540 | ---- | C] () -- C:\Documents and Settings\m4g\Pulpit\Zlecenie.rar

[2009-09-04 18:13:22 | 00,000,254 | ---- | C] () -- C:\Documents and Settings\m4g\Pulpit\lol.php

[2009-09-03 21:56:44 | 00,003,230 | ---- | C] () -- C:\Documents and Settings\m4g\Pulpit\kompi.php

[2009-09-03 19:13:55 | 00,007,472 | ---- | C] () -- C:\Documents and Settings\m4g\Pulpit\kompilator2.php

[2009-09-03 19:13:55 | 00,005,531 | ---- | C] () -- C:\Documents and Settings\m4g\Pulpit\kompilator.php

[2009-09-02 14:20:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\m4g\Ustawienia lokalne\Dane aplikacji\cache

[2009-09-01 16:37:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\m4g\Pulpit\cstrike

[2009-08-30 01:43:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\m4g\Pulpit\może

[2009-08-30 01:42:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\m4g\Pulpit\na 100%

[2009-08-29 19:34:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\m4g\Pulpit\Deathrun Server Pack

[2009-08-29 14:35:30 | 00,033,344 | ---- | C] () -- C:\Documents and Settings\m4g\Pulpit\Deatnrun Manager v21.rar

[2009-08-28 19:25:49 | 00,011,630 | ---- | C] () -- C:\Documents and Settings\m4g\Pulpit\pozycjonowaniee.rtf

[2009-08-28 18:54:46 | 00,011,630 | ---- | C] () -- C:\Documents and Settings\m4g\Moje dokumenty\pozycjonowaniee.rtf

[2009-08-27 23:15:18 | 00,000,000 | RHSD | C] -- C:\autorun.inf

[2009-08-27 22:52:21 | 00,001,487 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\ICQ6.5.lnk

[2009-08-27 22:51:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\m4g\Dane aplikacji\ICQ

[2009-08-27 22:51:12 | 00,000,000 | ---D | C] -- C:\Program Files\ICQ6.5

[2009-08-26 19:45:11 | 00,000,717 | ---- | C] () -- C:\Documents and Settings\m4g\Pulpit\Al Dee's Rats.wpt

[2009-08-26 18:21:06 | 00,000,000 | ---D | C] -- C:\WINDOWS\osu!

[2009-08-26 18:21:06 | 00,000,000 | ---D | C] -- C:\Program Files\osu!

[2009-08-26 16:57:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\m4g\Pulpit\zTracker

[2009-08-26 16:44:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP

[2009-08-26 16:44:51 | 00,000,633 | ---- | C] () -- C:\Documents and Settings\m4g\Pulpit\TibiaBot NG.lnk

[2009-08-26 16:44:50 | 00,000,000 | ---D | C] -- C:\Program Files\TibiaBot NG

[2009-08-26 12:02:56 | 04,076,719 | ---- | C] () -- C:\Documents and Settings\m4g\Moje dokumenty\FileZilla_3.2.7.1_win32-setup.exe

[2009-08-26 02:25:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Windows Genuine Advantage

[2009-08-26 02:09:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\m4g\Ustawienia lokalne\Dane aplikacji\WMTools Downloaded Files

[2009-08-26 02:01:02 | 00,000,000 | R--D | C] -- C:\Documents and Settings\m4g\Moje dokumenty\Moje wideo

[2009-08-26 02:01:02 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje wideo

[2009-08-26 01:05:31 | 00,016,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll

[2009-08-26 01:05:17 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2

[2009-08-26 01:04:12 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf

[2009-08-26 01:04:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles

[2009-08-26 01:04:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF

[2009-08-25 01:11:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\m4g\Dane aplikacji\Broad Intelligence

[2009-08-25 01:10:40 | 00,000,710 | ---- | C] () -- C:\Documents and Settings\m4g\Pulpit\MediaCoder.lnk

[2009-08-25 01:09:37 | 00,000,000 | ---D | C] -- C:\Program Files\MediaCoder

[2009-08-23 16:44:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\m4g\Ustawienia lokalne\Dane aplikacji\TibiacastClient

[2009-08-23 16:43:44 | 00,000,000 | ---D | C] -- C:\Program Files\Tibiacast

[2009-08-23 14:12:56 | 00,000,000 | ---D | C] -- C:\wi_gfx

[2009-08-23 12:11:25 | 00,001,646 | ---- | C] () -- C:\Documents and Settings\m4g\Pulpit\CzasoWyłącznik 2.0 PL.lnk

[2009-08-23 12:11:24 | 00,000,000 | ---D | C] -- C:\Program Files\CzasoWyłącznik 2.0 PL

[2009-08-21 13:31:20 | 00,000,008 | ---- | C] () -- C:\Documents and Settings\m4g\Dane aplikacji\NMM-MetaData.db

[2009-08-21 13:30:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\m4g\Dane aplikacji\Nokia Multimedia Player

[2009-08-21 13:29:01 | 02,820,204 | ---- | C] () -- C:\Documents and Settings\m4g\Pulpit\CienkiZGK_-Ku_pami_ci_Magika_z_PFK.flv

[2009-08-21 13:28:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite

[2009-08-21 13:27:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\m4g\Dane aplikacji\Nokia

[2009-08-21 13:27:28 | 00,001,896 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nokia PC Suite.lnk

[2009-08-21 13:27:26 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\PCSuite

[2009-08-21 13:27:25 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Nokia

[2009-08-21 13:27:15 | 00,000,000 | ---D | C] -- C:\Program Files\DIFX

[2009-08-21 13:27:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\m4g\Dane aplikacji\PC Suite

[2009-08-21 13:27:07 | 00,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution

[2009-08-21 13:27:04 | 00,012,288 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcdcj.sys

[2009-08-21 13:27:03 | 00,012,288 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcdcm.sys

[2009-08-21 13:27:03 | 00,008,320 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcdc.sys

[2009-08-21 13:27:01 | 00,137,216 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcd.sys

[2009-08-21 13:27:01 | 00,065,536 | ---- | C] (Nokia) -- C:\WINDOWS\System32\nmwcdcocls.dll

[2009-08-21 13:27:00 | 00,090,624 | ---- | C] (Nokia) -- C:\WINDOWS\System32\nmwcdcls.dll

[2009-08-21 13:27:00 | 00,000,000 | ---D | C] -- C:\Program Files\Nokia

[2009-08-21 13:25:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations

[2009-08-21 13:22:56 | 01,089,883 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntprint.cat

[2009-08-21 02:09:57 | 00,000,000 | ---D | C] -- C:\909a5db8d717cf6049

[2009-08-21 02:09:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel

[2009-08-21 01:34:59 | 00,272,896 | ---- | C] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll

[2009-08-21 01:34:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\m4g\Moje dokumenty\FFOutput

[2009-08-21 01:34:47 | 00,000,851 | ---- | C] () -- C:\Documents and Settings\m4g\Pulpit\Format Factory.lnk

[2009-08-21 01:34:36 | 00,000,000 | ---D | C] -- C:\Program Files\FreeTime

[2009-08-21 01:31:47 | 00,000,000 | ---D | C] -- C:\OutputFolder

[2009-08-21 01:24:50 | 00,000,640 | ---- | C] () -- C:\Documents and Settings\m4g\Pulpit\ALLPlayer V4.1.lnk

[2009-08-21 01:24:49 | 00,892,928 | ---- | C] (Free Software Foundation) -- C:\WINDOWS\System32\iconv.dll

[2009-08-21 01:24:49 | 00,675,840 | ---- | C] () -- C:\WINDOWS\System32\ac3filter.ax

[2009-08-21 01:24:49 | 00,000,000 | ---D | C] -- C:\Program Files\ALLPlayer

[2009-08-20 23:07:11 | 00,000,000 | ---D | C] -- C:\Program Files\WinPcap

[2009-08-20 23:07:07 | 00,000,000 | ---D | C] -- C:\Program Files\Sector69

[2009-08-20 15:10:12 | 00,000,788 | ---- | C] () -- C:\Documents and Settings\m4g\Pulpit\Counter-Strike Source.lnk

[2009-08-18 21:02:17 | 00,001,580 | ---- | C] () -- C:\Documents and Settings\m4g\Pulpit\Half-Life 2 Lost Coast.lnk

[2009-08-18 21:02:17 | 00,001,580 | ---- | C] () -- C:\Documents and Settings\m4g\Pulpit\Half-Life 2 Deathmatch.lnk

[2009-08-18 17:02:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\m4g\Pulpit\Screeny

[2009-08-18 17:01:43 | 00,000,720 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Notepad++.lnk

[2009-08-18 17:01:43 | 00,000,000 | ---D | C] -- C:\Program Files\Notepad++

[2009-08-18 17:01:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\m4g\Dane aplikacji\Notepad++

[2009-08-18 16:56:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\m4g\Dane aplikacji\FileZilla

[2009-08-18 16:56:51 | 00,000,000 | ---D | C] -- C:\Program Files\FileZilla FTP Client

[2009-08-17 00:46:19 | 06,793,353 | ---- | C] () -- C:\Documents and Settings\m4g\Pulpit\ob son.mp4

[2009-08-17 00:45:50 | 05,649,559 | ---- | C] () -- C:\Documents and Settings\m4g\Pulpit\video.mp4

[2009-08-16 19:02:28 | 00,001,838 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Tibia MULTI-IP Changer.lnk

[2009-08-16 19:02:25 | 00,000,000 | ---D | C] -- C:\Program Files\Asprate

[2009-08-08 01:03:09 | 00,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll

[2009-08-08 01:03:09 | 00,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini

[2009-08-08 01:03:08 | 00,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll

[2009-08-08 01:03:08 | 00,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll

[2009-08-08 01:03:07 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll

[2009-08-08 01:03:06 | 00,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll

[2009-08-08 01:03:06 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest

[2008-01-09 09:23:00 | 01,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll

[2008-01-09 09:23:00 | 01,482,752 | ---- | C] () -- C:\WINDOWS\System32\nview.dll

[2008-01-09 09:23:00 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll

[2008-01-09 09:23:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll

[2008-01-09 09:23:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll

[2007-11-06 22:19:28 | 00,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll

[2007-03-29 23:00:40 | 00,203,264 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll

[2006-03-02 14:00:00 | 00,000,507 | ---- | C] () -- C:\WINDOWS\win.ini

[2006-03-02 14:00:00 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini

========== Files - Modified Within 30 Days ==========

[7 C:\WINDOWS\System32\*.tmp files]

[5 C:\WINDOWS\*.tmp files]

[2009-09-13 19:45:12 | 00,426,016 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.dat

[2009-09-13 19:45:12 | 00,003,584 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.idx

[2009-09-13 19:24:51 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\m4g\Pulpit\OTL.exe

[2009-09-13 19:02:17 | 02,028,576 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat

[2009-09-13 19:02:16 | 00,017,976 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx

[2009-09-13 17:51:46 | 00,453,027 | ---- | M] () -- C:\Documents and Settings\m4g\Pulpit\PhpBB_SEO_Ultimate_SEO_URL_v060.zip

[2009-09-13 17:18:06 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2009-09-13 17:18:04 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2009-09-13 01:29:38 | 06,908,200 | -H-- | M] () -- C:\Documents and Settings\m4g\Ustawienia lokalne\Dane aplikacji\IconCache.db

[2009-09-12 22:42:10 | 00,375,071 | ---- | M] () -- C:\Documents and Settings\m4g\Pulpit\Ad_Management_v1.0.8_PL.zip

[2009-09-12 20:27:32 | 08,765,440 | ---- | M] () -- C:\Documents and Settings\m4g\Pulpit\phpBB-3.0.5.tar

[2009-09-12 20:27:32 | 01,499,821 | ---- | M] () -- C:\Documents and Settings\m4g\Pulpit\phpBB-3.0.5.tar.bz2

[2009-09-12 18:16:44 | 00,470,199 | ---- | M] () -- C:\Documents and Settings\m4g\Pulpit\MChat_1.2.12_pl.zip

[2009-09-11 21:01:54 | 00,008,335 | ---- | M] () -- C:\Documents and Settings\m4g\Pulpit\domenka.PNG

[2009-09-11 15:04:07 | 00,107,547 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat

[2009-09-11 15:04:07 | 00,095,259 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat

[2009-09-10 22:17:56 | 10,539,903 | ---- | M] () -- C:\Documents and Settings\m4g\Pulpit\a9980194_tpl.sql.bz2

[2009-09-10 19:42:27 | 09,222,553 | ---- | M] () -- C:\Documents and Settings\m4g\Pulpit\Strona wrzesien.rar

[2009-09-10 19:13:12 | 00,125,541 | ---- | M] () -- C:\Documents and Settings\m4g\Pulpit\thanks_mod_v124_pl.zip

[2009-09-09 14:38:46 | 00,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2009-09-08 21:38:59 | 00,000,826 | ---- | M] () -- C:\Documents and Settings\m4g\Moje dokumenty\KIS8-CM-20110422-0648E196.KEY

[2009-09-08 20:29:23 | 00,062,959 | ---- | M] () -- C:\Documents and Settings\m4g\Pulpit\helpmod-1.0.0-rc2.zip

[2009-09-07 15:48:40 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2009-09-05 12:30:12 | 00,000,254 | ---- | M] () -- C:\Documents and Settings\m4g\Pulpit\lol.php

[2009-09-04 23:29:09 | 00,116,084 | ---- | M] () -- C:\Documents and Settings\m4g\Pulpit\1251570502_by_ShadyAtak.jpg

[2009-09-04 22:38:38 | 00,007,472 | ---- | M] () -- C:\Documents and Settings\m4g\Pulpit\kompilator2.php

[2009-09-04 22:31:43 | 00,005,531 | ---- | M] () -- C:\Documents and Settings\m4g\Pulpit\kompilator.php

[2009-09-04 22:31:43 | 00,003,230 | ---- | M] () -- C:\Documents and Settings\m4g\Pulpit\kompi.php

[2009-09-04 19:44:49 | 00,960,540 | ---- | M] () -- C:\Documents and Settings\m4g\Pulpit\Zlecenie.rar

[2009-09-01 10:34:47 | 00,002,207 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Steam.lnk

[2009-08-29 14:35:31 | 00,033,344 | ---- | M] () -- C:\Documents and Settings\m4g\Pulpit\Deatnrun Manager v21.rar

[2009-08-28 23:38:20 | 24,689,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe

[2009-08-28 22:43:32 | 00,011,630 | ---- | M] () -- C:\Documents and Settings\m4g\Pulpit\pozycjonowaniee.rtf

[2009-08-28 19:25:46 | 00,011,630 | ---- | M] () -- C:\Documents and Settings\m4g\Moje dokumenty\pozycjonowaniee.rtf

[2009-08-27 22:52:21 | 00,001,487 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\ICQ6.5.lnk

[2009-08-26 19:45:12 | 00,000,717 | ---- | M] () -- C:\Documents and Settings\m4g\Pulpit\Al Dee's Rats.wpt

[2009-08-26 16:44:51 | 00,000,633 | ---- | M] () -- C:\Documents and Settings\m4g\Pulpit\TibiaBot NG.lnk

[2009-08-26 12:03:07 | 04,076,719 | ---- | M] () -- C:\Documents and Settings\m4g\Moje dokumenty\FileZilla_3.2.7.1_win32-setup.exe

[2009-08-26 02:01:05 | 00,005,632 | ---- | M] () -- C:\Documents and Settings\m4g\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009-08-26 01:13:53 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb

[2009-08-26 01:13:53 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb

[2009-08-26 01:05:22 | 00,000,507 | ---- | M] () -- C:\WINDOWS\win.ini

[2009-08-26 01:04:44 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx

[2009-08-26 01:04:12 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf

[2009-08-25 01:10:40 | 00,000,710 | ---- | M] () -- C:\Documents and Settings\m4g\Pulpit\MediaCoder.lnk

[2009-08-23 12:11:25 | 00,001,646 | ---- | M] () -- C:\Documents and Settings\m4g\Pulpit\CzasoWyłącznik 2.0 PL.lnk

[2009-08-22 21:12:14 | 00,013,496 | ---- | M] () -- C:\Documents and Settings\m4g\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT

[2009-08-21 13:31:20 | 00,000,008 | ---- | M] () -- C:\Documents and Settings\m4g\Dane aplikacji\NMM-MetaData.db

[2009-08-21 13:29:03 | 02,820,204 | ---- | M] () -- C:\Documents and Settings\m4g\Pulpit\CienkiZGK_-Ku_pami_ci_Magika_z_PFK.flv

[2009-08-21 13:27:28 | 00,001,896 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nokia PC Suite.lnk

[2009-08-21 13:20:49 | 00,099,848 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2009-08-21 02:13:06 | 01,042,454 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI

[2009-08-21 02:13:06 | 00,490,284 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat

[2009-08-21 02:13:06 | 00,432,356 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2009-08-21 02:13:06 | 00,083,660 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat

[2009-08-21 02:13:06 | 00,067,312 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2009-08-21 01:34:47 | 00,000,851 | ---- | M] () -- C:\Documents and Settings\m4g\Pulpit\Format Factory.lnk

[2009-08-21 01:24:50 | 00,000,640 | ---- | M] () -- C:\Documents and Settings\m4g\Pulpit\ALLPlayer V4.1.lnk

[2009-08-20 15:24:54 | 00,000,788 | ---- | M] () -- C:\Documents and Settings\m4g\Pulpit\Counter-Strike Source.lnk

[2009-08-18 21:02:17 | 00,001,580 | ---- | M] () -- C:\Documents and Settings\m4g\Pulpit\Half-Life 2 Lost Coast.lnk

[2009-08-18 21:02:17 | 00,001,580 | ---- | M] () -- C:\Documents and Settings\m4g\Pulpit\Half-Life 2 Deathmatch.lnk

[2009-08-18 17:01:44 | 00,000,720 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Notepad++.lnk

[2009-08-17 00:48:03 | 06,793,353 | ---- | M] () -- C:\Documents and Settings\m4g\Pulpit\ob son.mp4

[2009-08-17 00:47:38 | 05,649,559 | ---- | M] () -- C:\Documents and Settings\m4g\Pulpit\video.mp4

[2009-08-16 19:02:28 | 00,001,838 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Tibia MULTI-IP Changer.lnk

========== LOP Check ==========

[2009-08-26 16:44:56 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji

[2009-08-21 13:25:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations

[2009-09-05 20:38:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM

[2009-08-21 13:28:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite

[2009-08-26 21:01:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP

[2009-08-04 02:49:49 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Dane aplikacji

[2009-08-04 01:03:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji

[2009-08-27 22:51:31 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\m4g\Dane aplikacji

[2009-08-25 01:11:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\m4g\Dane aplikacji\Broad Intelligence

[2009-09-13 19:45:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\m4g\Dane aplikacji\FileZilla

[2009-09-06 19:35:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\m4g\Dane aplikacji\gtk-2.0

[2009-08-27 22:53:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\m4g\Dane aplikacji\ICQ

[2009-08-21 13:29:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\m4g\Dane aplikacji\Nokia

[2009-08-21 13:30:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\m4g\Dane aplikacji\Nokia Multimedia Player

[2009-08-18 17:01:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\m4g\Dane aplikacji\Notepad++

[2009-08-04 01:35:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\m4g\Dane aplikacji\Nowe Gadu-Gadu

[2009-08-04 12:52:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\m4g\Dane aplikacji\OpenFM

[2009-08-21 13:28:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\m4g\Dane aplikacji\PC Suite

[2009-08-08 22:10:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\m4g\Dane aplikacji\Remere's Map Editor

[2009-08-23 16:44:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\m4g\Dane aplikacji\Tibia

[2009-08-04 01:02:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji

[2006-03-02 14:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini

[2009-08-04 13:30:39 | 00,000,296 | ---- | M] () -- C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_IType_exe.job

[2009-09-13 17:18:06 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:E41EAF13

< End of report >

DDS.txt:

Log do sprawdzenia

DDS (Ver_09-07-30.01) - NTFSx86

Run by m4g at 19:47:36,67 on 2009-09-13

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_15

Microsoft Windows XP Home Edition 5.1.2600.3.1250.48.1045.18.2047.1143 [GMT 2:00]

AV: Kaspersky Internet Security *On-access scanning enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}

FW: Kaspersky Internet Security *enabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\RUNDLL32.EXE

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\Java\jre6\bin\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

svchost.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Nowe Gadu-Gadu\gg.exe

C:\Program Files\Nowe Gadu-Gadu\spellchecker_gg.exe

C:\WINDOWS\system32\notepad.exe

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

C:\Documents and Settings\m4g\Pulpit\OTL.exe

C:\Documents and Settings\m4g\Pulpit\dds.pif

============== Pseudo HJT Report ===============

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky internet security 2009\ievkbd.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

BHO: IEPluginBHO Class: {f5cc7f02-6f4e-4462-b5b1-394a57fd3e0d} - c:\documents and settings\m4g\dane aplikacji\nowe gadu-gadu\_userdata\ggbho.1.dll

uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe

uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background

uRun: [ALLUpdate] "c:\program files\allplayer\ALLUpdate.exe" "sleep"

uRun: [iCQ] "c:\program files\icq6.5\ICQ.exe" silent

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [nwiz] nwiz.exe /install

mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit

mRun: [RTHDCPL] RTHDCPL.EXE

mRun: [Alcmtr] ALCMTR.EXE

mRun: [JMB36X IDE Setup] c:\windows\raidtool\xInsIDE.exe

mRun: [36X Raid Configurer] c:\windows\system32\xRaidSetup.exe boot

mRun: [AVP] "c:\program files\kaspersky lab\kaspersky internet security 2009\avp.exe"

mRun: [sunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [PCSuiteTrayApplication] c:\program files\nokia\nokia pc suite 6\LaunchApplication.exe -startup

dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE

dRun: [Nokia.PCSync] c:\program files\nokia\nokia pc suite 6\PcSync2.exe /NoDialog

IE: Dodaj do listy blokowanych banerów - c:\program files\kaspersky lab\kaspersky internet security 2009\ie_banner_deny.htm

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {E59EB121-F339-4851-A3BA-FE49C35617C2} - c:\program files\icq6.5\ICQ.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - {85E0B171-04FA-11D1-B7DA-00A0C90348D6} - c:\program files\kaspersky lab\kaspersky internet security 2009\SCIEPlgn.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

Notify: klogon - c:\windows\system32\klogon.dll

AppInit_DLLs: c:\progra~1\kasper~1\kasper~1\mzvkbd3.dll,c:\progra~1\kasper~1\kasper~1\adialhk.dll,c:\progra~1\kasper~1\kasper~1\kloehk.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\m4g\daneap~1\mozilla\firefox\profiles\yzkbnexk.default\

FF - plugin: c:\documents and settings\m4g\dane aplikacji\nowe gadu-gadu\_userdata\npgg.1.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----

FF - user.js: capability.policy.policynames - wurzelgfx

FF - user.js: capability.policy.wurzelgfx.sites - hxxp://s15.zieloneimperium.pl

FF - user.js: capability.policy.wurzelgfx.checkloaduri.enabled - allAccessc:\program files\mozilla firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("media.cache_size", 51200);

c:\program files\mozilla firefox\greprefs\all.js - pref("media.ogg.enabled", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("media.wave.enabled", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("media.autoplay.enabled", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");

c:\program files\mozilla firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);

c:\program files\mozilla firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.dpi", -1);

c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);

c:\program files\mozilla firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);

c:\program files\mozilla firefox\greprefs\all.js - pref("geo.enabled", true);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);

c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");

c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");

============= SERVICES / DRIVERS ===============

R0 kl1;Kl1;c:\windows\system32\drivers\kl1.sys [2008-7-21 121872]

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-1-29 33808]

R1 KLIF;Kaspersky Lab Driver;c:\windows\system32\drivers\klif.sys [2009-8-4 226832]

R2 AVP;Kaspersky Internet Security;c:\program files\kaspersky lab\kaspersky internet security 2009\avp.exe [2008-11-11 208616]

R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [2008-3-13 26640]

R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2008-4-30 24592]

S3 CrystalSysInfo;CrystalSysInfo;c:\program files\mediacoder\SysInfo.sys [2007-9-25 15152]

S3 FXDrv32;FXDrv32;\??\e:\fxdrv32.sys --> e:\FXDrv32.sys [?]

S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-11-6 34064]

=============== Created Last 30 ================

2009-09-13 19:47 <DIR> --d-h--- c:\windows\PIF

2009-09-09 13:55 153,088 -c------ c:\windows\system32\dllcache\triedit.dll

2009-08-27 23:15 <DIR> a-dshr-- C:\autorun.inf

2009-08-27 22:51 <DIR> --d----- c:\program files\ICQ6.5

2009-08-26 18:21 <DIR> --d----- c:\windows\osu!

2009-08-26 18:21 <DIR> --d----- c:\program files\osu!

2009-08-26 16:44 <DIR> --d----- c:\program files\TibiaBot NG

2009-08-26 01:05 <DIR> --d----- c:\program files\Windows Media Connect 2

2009-08-26 01:04 <DIR> --d----- c:\windows\system32\LogFiles

2009-08-25 01:11 <DIR> --d----- c:\docume~1\m4g\daneap~1\Broad Intelligence

2009-08-25 01:09 <DIR> --d----- c:\program files\MediaCoder

2009-08-23 16:43 <DIR> --d----- c:\program files\Tibiacast

2009-08-23 14:12 <DIR> --d----- C:\wi_gfx

2009-08-23 12:11 <DIR> --d----- c:\program files\CzasoWyłącznik 2.0 PL

2009-08-21 13:31 <DIR> --d----- c:\documents and settings\m4g\Phone Browser

2009-08-21 13:27 <DIR> --d----- c:\program files\common files\PCSuite

2009-08-21 13:27 <DIR> --d----- c:\program files\common files\Nokia

2009-08-21 13:27 <DIR> --d----- c:\program files\PC Connectivity Solution

2009-08-21 13:27 12,288 a------- c:\windows\system32\drivers\nmwcdcj.sys

2009-08-21 13:27 12,288 a------- c:\windows\system32\drivers\nmwcdcm.sys

2009-08-21 13:27 8,320 a------- c:\windows\system32\drivers\nmwcdc.sys

2009-08-21 13:27 137,216 a------- c:\windows\system32\drivers\nmwcd.sys

2009-08-21 13:27 65,536 a------- c:\windows\system32\nmwcdcocls.dll

2009-08-21 13:27 90,624 a------- c:\windows\system32\nmwcdcls.dll

2009-08-21 13:27 <DIR> --d----- c:\program files\Nokia

2009-08-21 13:22 1,089,883 -c------ c:\windows\system32\dllcache\ntprint.cat

2009-08-21 02:09 <DIR> --d----- C:\909a5db8d717cf6049

2009-08-21 02:09 <DIR> --d----- c:\windows\SxsCaPendDel

2009-08-21 01:34 <DIR> --d----- c:\program files\FreeTime

2009-08-21 01:31 <DIR> --d----- C:\OutputFolder

2009-08-21 01:24 892,928 a------- c:\windows\system32\iconv.dll

2009-08-21 01:24 675,840 a------- c:\windows\system32\ac3filter.ax

2009-08-21 01:24 <DIR> --d----- c:\program files\ALLPlayer

2009-08-20 23:07 <DIR> --d----- c:\program files\WinPcap

2009-08-20 23:07 <DIR> --d----- c:\program files\Sector69

2009-08-20 02:04 <DIR> --d----- c:\documents and settings\m4g\dwhelper

2009-08-16 19:02 <DIR> --d----- c:\program files\Asprate

==================== Find3M ====================

2009-09-13 19:47 442,400 a--sh--- c:\windows\system32\drivers\fidbox2.dat

2009-09-13 19:47 3,640 a--sh--- c:\windows\system32\drivers\fidbox2.idx

2009-09-13 19:02 2,028,576 a--sh--- c:\windows\system32\drivers\fidbox.dat

2009-09-13 19:02 17,976 a--sh--- c:\windows\system32\drivers\fidbox.idx

2009-09-11 15:04 107,547 a------- c:\windows\system32\drivers\klin.dat

2009-09-11 15:04 95,259 a------- c:\windows\system32\drivers\klick.dat

2009-08-21 02:13 490,284 a------- c:\windows\system32\perfh015.dat

2009-08-21 02:13 83,660 a------- c:\windows\system32\perfc015.dat

2009-08-11 01:50 411,368 a------- c:\windows\system32\deploytk.dll

2009-08-05 16:20 76,487 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat

2009-08-05 11:01 205,312 a------- c:\windows\system32\mswebdvd.dll

2009-08-04 01:41 33,808 a------- c:\windows\system32\drivers\klbg.sys

2009-08-04 01:12 315,392 a------- c:\windows\HideWin.exe

2009-08-04 00:57 21,856 a------- c:\windows\system32\emptyregdb.dat

2009-07-17 21:04 58,880 a------- c:\windows\system32\atl.dll

2009-07-13 23:43 286,208 a------- c:\windows\system32\wmpdxm.dll

2009-07-03 18:59 915,456 a------- c:\windows\system32\wininet.dll

2009-06-16 16:40 119,808 a------- c:\windows\system32\t2embed.dll

2009-06-16 16:40 81,920 a------- c:\windows\system32\fontsub.dll

============= FINISH: 19:48:04,60 ===============

Attach.txt:

Log do sprawdzenia

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-07-30.01)

Microsoft Windows XP Home Edition

Boot Device: \Device\HarddiskVolume1

Install Date: 2009-08-04 01:01:11

System Uptime: 2009-09-13 17:17:06 (2 hours ago)

Motherboard: Foxconn | | P35AX-S

Processor: Procesor Intel Pentium III Xeon | SOCKET775 M/B | 2535/267mhz

==== Disk Partitions =========================

A: is Removable

C: is FIXED (NTFS) - 232 GiB total, 211,426 GiB free.

D: is FIXED (NTFS) - 233 GiB total, 231,97 GiB free.

E: is CDROM (CDFS)

==== Disabled Device Manager Items =============

Class GUID: {36FC9E60-C465-11CF-8056-444553540000}

Description: Masowe urządzenie magazynujące USB

Device ID: USB\VID_058F&PID_6362\058F312D81B

Manufacturer: Zgodne urządzenie magazynujące USB

Name: Masowe urządzenie magazynujące USB

PNP Device ID: USB\VID_058F&PID_6362\058F312D81B

Service: USBSTOR

Class GUID: {4D36E96B-E325-11CE-BFC1-08002BE10318}

Description: Standardowa klawiatura 101/102 klawisze lub Microsoft Natural Keyboard PS/2

Device ID: ACPI\PNP0303\4&1400782C&0

Manufacturer: (Klawiatury standardowe)

Name: Standardowa klawiatura 101/102 klawisze lub Microsoft Natural Keyboard PS/2

PNP Device ID: ACPI\PNP0303\4&1400782C&0

Service: i8042prt

==== System Restore Points ===================

RP1: 2009-08-04 01:04:14 - Punkt kontrolny systemu

RP2: 2009-08-04 01:12:30 - Zainstalowane Realtek High Definition Audio Driver

RP3: 2009-08-04 01:12:50 - Installed Windows XP KB888111WXPSP2.

RP4: 2009-08-04 01:14:53 - Zainstalowane REALTEK GbE & FE Ethernet PCI NIC Driver

RP5: 2009-08-04 01:15:50 - Installed JMB36X Raid Configurer

RP6: 2009-08-04 01:21:53 - Zainstalowano Windows Installer KB893803v2.

RP7: 2009-08-04 01:22:07 - Removed MSXML 6.0 Parser

RP8: 2009-08-04 01:32:44 - Zainstalowany Kaspersky Internet Security 2009.

RP9: 2009-08-04 01:39:44 - Configured JMB36X Raid Configurer

RP10: 2009-08-04 12:45:02 - Operacja przywracania

RP11: 2009-08-04 12:48:41 - Operacja przywracania

RP12: 2009-08-04 13:04:04 - Removed Microsoft IntelliType Pro 6.2

RP13: 2009-08-04 13:59:31 - Removed Microsoft IntelliType Pro 7.0

RP14: 2009-08-04 14:59:17 - Installed Steam

RP15: 2009-08-05 03:13:27 - Software Distribution Service 3.0

RP16: 2009-08-05 13:30:36 - Software Distribution Service 3.0

RP17: 2009-08-05 14:30:41 - Software Distribution Service 3.0

RP18: 2009-08-05 16:09:21 - Software Distribution Service 3.0

RP19: 2009-08-05 21:05:09 - Software Distribution Service 3.0

RP20: 2009-08-06 02:49:12 - Installed %1 %2.

RP21: 2009-08-06 02:49:15 - Zainstalowane sterowniki drukarek: Microsoft XPS Document Write

RP22: 2009-08-06 02:51:42 - Installed %1 %2.

RP23: 2009-08-07 16:31:53 - Punkt kontrolny systemu

RP24: 2009-08-08 22:10:26 - Installed Remere's Map Editor

RP25: 2009-08-10 18:48:49 - Punkt kontrolny systemu

RP26: 2009-08-11 01:50:06 - Installed Java 6 Update 15

RP27: 2009-08-12 00:27:23 - Installed Adobe Reader 9.1.

RP28: 2009-08-12 16:00:13 - Software Distribution Service 3.0

RP29: 2009-08-13 18:13:58 - Punkt kontrolny systemu

RP30: 2009-08-14 20:38:25 - Punkt kontrolny systemu

RP31: 2009-08-16 16:39:07 - Punkt kontrolny systemu

RP32: 2009-08-17 21:13:17 - Punkt kontrolny systemu

RP33: 2009-08-20 16:56:23 - Punkt kontrolny systemu

RP34: 2009-08-21 02:07:13 - Software Distribution Service 3.0

RP35: 2009-08-21 13:21:09 - Zainstalowane sterowniki drukarek: Microsoft XPS Document Write

RP36: 2009-08-21 13:40:20 - Software Distribution Service 3.0

RP37: 2009-08-23 12:31:33 - Punkt kontrolny systemu

RP38: 2009-08-23 16:43:41 - Installed Tibiacast

RP39: 2009-08-25 02:04:00 - Punkt kontrolny systemu

RP40: 2009-08-26 01:01:46 - Installed Windows Media Player 11

RP41: 2009-08-26 01:03:35 - Software Distribution Service 3.0

RP42: 2009-08-26 02:34:53 - Software Distribution Service 3.0

RP43: 2009-08-26 16:00:13 - Software Distribution Service 3.0

RP44: 2009-08-27 20:43:47 - Punkt kontrolny systemu

RP45: 2009-08-29 02:31:10 - Software Distribution Service 3.0

RP46: 2009-08-30 14:27:53 - Punkt kontrolny systemu

RP47: 2009-08-31 18:01:29 - Punkt kontrolny systemu

RP48: 2009-09-01 18:11:28 - Punkt kontrolny systemu

RP49: 2009-09-02 16:00:13 - Software Distribution Service 3.0

RP50: 2009-09-03 17:03:50 - Punkt kontrolny systemu

RP51: 2009-09-05 11:12:28 - Punkt kontrolny systemu

RP52: 2009-09-06 11:45:02 - Punkt kontrolny systemu

RP53: 2009-09-07 17:38:51 - Punkt kontrolny systemu

RP54: 2009-09-08 20:53:11 - Punkt kontrolny systemu

RP55: 2009-09-09 14:38:22 - Software Distribution Service 3.0

RP56: 2009-09-10 16:21:37 - Punkt kontrolny systemu

RP57: 2009-09-12 21:34:07 - Punkt kontrolny systemu

RP58: 2009-09-12 22:00:10 - PORADY_MAGA

RP59: 2009-09-13 19:02:02 - Installed Router

==== Installed Programs ======================

7-Zip 4.65

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Reader 9.1

Aktualizacja dla systemu Windows Internet Explorer 8 (KB972636)

Aktualizacja dla systemu Windows XP (KB951978)

Aktualizacja dla systemu Windows XP (KB955839)

Aktualizacja dla systemu Windows XP (KB967715)

Aktualizacja dla systemu Windows XP (KB973815)

Aktualizacja zabezpieczeń dla programu Windows Media Player (KB952069)

Aktualizacja zabezpieczeń dla programu Windows Media Player (KB968816)

Aktualizacja zabezpieczeń dla programu Windows Media Player (KB973540)

Aktualizacja zabezpieczeń dla programu Windows Media Player 11 (KB954154)

Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB971961)

Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB972260)

Aktualizacja zabezpieczeń dla systemu Windows XP (KB923561)

Aktualizacja zabezpieczeń dla systemu Windows XP (KB923789)

Aktualizacja zabezpieczeń dla systemu Windows XP (KB938464-v2)

Aktualizacja zabezpieczeń dla systemu Windows XP (KB946648)

Aktualizacja zabezpieczeń dla systemu Windows XP (KB950762)

Aktualizacja zabezpieczeń dla systemu Windows XP (KB950974)

Aktualizacja zabezpieczeń dla systemu Windows XP (KB951066)

Aktualizacja zabezpieczeń dla systemu Windows XP (KB951376-v2)

Aktualizacja zabezpieczeń dla systemu Windows XP (KB951748)

Aktualizacja zabezpieczeń dla systemu Windows XP (KB952004)

Aktualizacja zabezpieczeń dla systemu Windows XP (KB952954)

Aktualizacja zabezpieczeń dla systemu Windows XP (KB954459)

Aktualizacja zabezpieczeń dla systemu Windows XP (KB954600)

Aktualizacja zabezpieczeń dla systemu Windows XP (KB955069)

Aktualizacja zabezpieczeń dla systemu Windows XP (KB956572)

Aktualizacja zabezpieczeń dla systemu Windows XP (KB956744)

Aktualizacja zabezpieczeń dla systemu Windows XP (KB956802)

Aktualizacja zabezpieczeń dla systemu Windows XP (KB956803)

Aktualizacja zabezpieczeń dla systemu Windows XP (KB956844)

Aktualizacja zabezpieczeń dla systemu Windows XP (KB957097)

Aktualizacja zabezpieczeń dla systemu Windows XP (KB958644)

Aktualizacja zabezpieczeń dla systemu Windows XP (KB958687)

Aktualizacja zabezpieczeń dla systemu Windows XP (KB959426)

Aktualizacja zabezpieczeń dla systemu Windows XP (KB960225)

Aktualizacja zabezpieczeń dla systemu Windows XP (KB960803)

Aktualizacja zabezpieczeń dla systemu Windows XP (KB960859)

Aktualizacja zabezpieczeń dla systemu Windows XP (KB961371)

Aktualizacja zabezpieczeń dla systemu Windows XP (KB961501)

Aktualizacja zabezpieczeń dla systemu Windows XP (KB968537)

Aktualizacja zabezpieczeń dla systemu Windows XP (KB970238)

Aktualizacja zabezpieczeń dla systemu Windows XP (KB971557)

Aktualizacja zabezpieczeń dla systemu Windows XP (KB971633)

Aktualizacja zabezpieczeń dla systemu Windows XP (KB971657)

Aktualizacja zabezpieczeń dla systemu Windows XP (KB972260)

Aktualizacja zabezpieczeń dla systemu Windows XP (KB973346)

Aktualizacja zabezpieczeń dla systemu Windows XP (KB973354)

Aktualizacja zabezpieczeń dla systemu Windows XP (KB973507)

Aktualizacja zabezpieczeń dla systemu Windows XP (KB973869)

Aktualizacja zabezpieczeń dla Windows XP (KB941569)

ALLPlayer V4.X

Condition Zero

Counter-Strike

Counter-Strike: Source

CzasoWyłącznik 2.0 PL

FileZilla Client 3.2.7.1

FormatFactory 2.10

GIMP 2.6.6

Half-Life 2: Deathmatch

Half-Life 2: Lost Coast

High Definition Audio Driver Package - KB888111

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows XP (KB954550-v5)

ICQ6.5

Java 6 Update 15

JMB36X Raid Configurer

K-Lite Codec Pack 5.0.5 (Full)

Kaspersky Internet Security 2009

MediaCoder 0.7.1.4493

Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - PLK

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - PLK

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 Language Pack - plk

Microsoft .NET Framework 3.5 SP1

Microsoft Application Error Reporting

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 Redistributable

Mozilla Firefox (3.5.3)

MSXML 6 Service Pack 2 (KB954459)

Nokia Connectivity Cable Driver

Nokia PC Suite

Notepad++

Nowe Gadu-Gadu

NVIDIA Drivers

Pakiet językowy programu Microsoft .NET Framework 3.5 — PLK

Pakiet sterowników systemu Windows - Nokia (WUDFRd) WPD (06/01/2007 6.84.33.0)

Pakiet sterowników systemu Windows - Nokia Modem (02/15/2007 3.1)

Pakiet sterowników systemu Windows - Nokia Modem (05/24/2007 6.84.0.1)

PC Connectivity Solution

Poprawka dla programu Windows Media Player 11 (KB939683)

Poprawka dla systemu Windows XP (KB952287)

Poprawka dla systemu Windows XP (KB961118)

Poprawka dla systemu Windows XP (KB970653-v3)

Portal: The First Slice

REALTEK GbE & FE Ethernet PCI NIC Driver

Realtek High Definition Audio Driver

Remere's Map Editor

Steam

Tibia

Tibia MULTI-ip changer

TibiaBot NG 4.9.0

Tibiacast

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

WebFldrs XP

Windows Internet Explorer 8

Windows Media Format 11 runtime

Windows Media Player 11

Windows XP Service Pack 3

WinPcap 4.0.2

XML Paper Specification Shared Components Language Pack 1.0

XML Paper Specification Shared Components Pack 1.0

==== End Of File ===========================

GMER

Log do sprawdzenia
GMER 1.0.15.15077 [ch5no2tz.exe] - http://www.gmer.net

Rootkit scan 2009-09-13 20:42:46

Windows 5.1.2600 Dodatek Service Pack 3

---- System - GMER 1.0.15 ----

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwAdjustPrivilegesToken [0xB6BBB1DA]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwClose [0xB6BBB7AE]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwConnectPort [0xB6BBD1EA]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwCreateFile [0xB6BBCB9C]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwCreateKey [0xB6BBA950]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwCreateSymbolicLinkObject [0xB6BBEB7C]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwCreateThread [0xB6BBB5AE]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwDeleteKey [0xB6BBAD92]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwDeleteValueKey [0xB6BBAF92]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwDeviceIoControlFile [0xB6BBCEAC]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwDuplicateObject [0xB6BBF084]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwEnumerateKey [0xB6BBB0A8]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwEnumerateValueKey [0xB6BBB110]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwFsControlFile [0xB6BBCD5E]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwLoadDriver [0xB6BBE620]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwOpenFile [0xB6BBC9F8]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwOpenKey [0xB6BBAAB2]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwOpenProcess [0xB6BBB3B2]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwOpenSection [0xB6BBEBA6]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwOpenThread [0xB6BBB2FE]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwQueryKey [0xB6BBB178]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwQueryMultipleValueKey [0xB6BBAE7C]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwQueryValueKey [0xB6BBAC5A]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwQueueApcThread [0xB6BBE888]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwReplaceKey [0xB6BBA5D2]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwRequestWaitReplyPort [0xB6BBDA74]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwRestoreKey [0xB6BBA734]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwResumeThread [0xB6BBEF56]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwSaveKey [0xB6BBA3D0]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwSecureConnectPort [0xB6BBD08C]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwSetContextThread [0xB6BBB6AC]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwSetSecurityObject [0xB6BBE71A]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwSetSystemInformation [0xB6BBEBD0]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwSetValueKey [0xB6BBAB08]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwSuspendProcess [0xB6BBECB4]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwSuspendThread [0xB6BBEDE0]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwSystemDebugControl [0xB6BBE54C]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwTerminateProcess [0xB6BBB47E]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwWriteVirtualMemory [0xB6BBB4F0]

Code \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) FsRtlCheckLockForReadAccess

Code \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) IoIsOperationSynchronous

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!FsRtlCheckLockForReadAccess 804EAF84 5 Bytes JMP B6BD2626 \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab)

.text ntkrnlpa.exe!IoIsOperationSynchronous 804EF912 5 Bytes JMP B6BD29E0 \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab)

.text ntkrnlpa.exe!ZwCallbackReturn + 2C40 805044DC 4 Bytes JMP 7CB6BBD1

.text ntkrnlpa.exe!ZwCallbackReturn + 2E94 80504730 4 Bytes CALL CF14FDF0

.text ntkrnlpa.exe!ZwCallbackReturn + 2FB8 80504854 12 Bytes [b4, EC, BB, B6, E0, ED, BB, ...]

---- User code sections - GMER 1.0.15 ----

? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe[768] C:\WINDOWS\system32\kernel32.dll time/date stamp mismatch;

.text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe[768] USER32.dll!AlignRects + FFFA5598 7E362A78 4 Bytes [70, 11, 41, 6D] {JO 0x13; INC ECX; INSD }

? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe[1588] C:\WINDOWS\system32\kernel32.dll time/date stamp mismatch;

.text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe[1588] USER32.dll!AlignRects + FFFA5598 7E362A78 4 Bytes [70, 11, 41, 6D] {JO 0x13; INC ECX; INSD }

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT \SystemRoot\system32\DRIVERS\tcpip.sys[TDI.SYS!TdiRegisterDeviceObject] [bA1167B0] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)

IAT \SystemRoot\system32\DRIVERS\netbt.sys[TDI.SYS!TdiRegisterDeviceObject] [bA1167B0] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Tcpip \Device\Ip kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)

AttachedDevice \Driver\Tcpip \Device\Tcp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)

AttachedDevice \Driver\Tcpip \Device\Udp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)

AttachedDevice \Driver\Tcpip \Device\RawIp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)

AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- Processes - GMER 1.0.15 ----

Library C:\Documents (*** hidden *** ) @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe [1588] 0x05DE0000

---- EOF - GMER 1.0.15 ----

Log do sprawdzenia
GMER 1.0.15.15077 [ch5no2tz.exe] - http://www.gmer.net

Rootkit scan 2009-09-13 20:44:05

Windows 5.1.2600 Dodatek Service Pack 3

---- Services - GMER 1.0.15 ----

Service .NET CLR Data

Service .NET CLR Networking

Service .NET Data Provider for Oracle

Service .NET Data Provider for SqlServer

Service .NETFramework

Service [DISABLED] Abiosdsk

Service [DISABLED] abp480n5

Service C:\WINDOWS\system32\DRIVERS\ACPI.sys (Sterownik ACPI dla systemu NT/Microsoft Corporation) [bOOT] ACPI

Service (Sterownik kontrolera osadzonego interfejsu ACPI/Microsoft Corporation) [DISABLED] ACPIEC

Service [DISABLED] adpu160m

Service C:\WINDOWS\system32\drivers\aec.sys (Microsoft Acoustic Echo Canceller/Microsoft Corporation) [MANUAL] aec

Service C:\WINDOWS\System32\drivers\afd.sys (Ancillary Function Driver for WinSock/Microsoft Corporation) [sYSTEM] AFD

Service [DISABLED] Aha154x

Service [DISABLED] aic78u2

Service [DISABLED] aic78xx

Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] Alerter

Service C:\WINDOWS\System32\alg.exe (Application Layer Gateway Service/Microsoft Corporation) [MANUAL] ALG

Service [DISABLED] AliIde

Service [DISABLED] amsint

Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] AppMgmt

Service [DISABLED] asc

Service [DISABLED] asc3350p

Service [DISABLED] asc3550

Service ASP.NET

Service ASP.NET_2.0.50727

Service C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft ASP.NET State Server/Microsoft Corporation) [MANUAL] aspnet_state

Service C:\WINDOWS\system32\DRIVERS\asyncmac.sys (MS Remote Access serial network driver/Microsoft Corporation) [MANUAL] AsyncMac

Service C:\WINDOWS\system32\DRIVERS\atapi.sys (IDE/ATAPI Port Driver/Microsoft Corporation) [bOOT] atapi

Service [DISABLED] Atdisk

Service C:\WINDOWS\system32\DRIVERS\atmarpc.sys (IP/ATM Arp Client/Microsoft Corporation) [MANUAL] Atmarpc

Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] AudioSrv

Service C:\WINDOWS\system32\DRIVERS\audstub.sys (AudStub Driver/Microsoft Corporation) [MANUAL] audstub

Service C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe (Kaspersky Anti-Virus/Kaspersky Lab) [AUTO] AVP

Service BattC

Service (BEEP Driver/Microsoft Corporation) [sYSTEM] Beep

Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] BITS

Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] Browser

Service (CardBus/PCMCIA IDE Miniport Driver/Microsoft Corporation) [DISABLED] cbidf2k

Service [DISABLED] cd20xrnt

Service (CD-ROM Audio Filter Driver/Microsoft Corporation) [sYSTEM] Cdaudio

Service (CD-ROM File System Driver/Microsoft Corporation) [DISABLED] Cdfs

Service C:\WINDOWS\system32\DRIVERS\cdrom.sys (SCSI CD-ROM Driver/Microsoft Corporation) [sYSTEM] Cdrom

Service [sYSTEM] Changer

Service C:\WINDOWS\system32\cisvc.exe (Content Index service/Microsoft Corporation) [MANUAL] CiSvc

Service C:\WINDOWS\system32\clipsrv.exe (Windows NT DDE Server/Microsoft Corporation) [DISABLED] ClipSrv

Service C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (.NET Runtime Optimization Service/Microsoft Corporation) [MANUAL] clr_optimization_v2.0.50727_32

Service [DISABLED] CmdIde

Service C:\WINDOWS\system32\dllhost.exe (COM Surrogate/Microsoft Corporation) [MANUAL] COMSysApp

Service ContentFilter

Service ContentIndex

Service [DISABLED] Cpqarray

Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] CryptSvc

Service C:\Program Files\MediaCoder\SysInfo.sys [MANUAL] CrystalSysInfo

Service [DISABLED] dac2w2k

Service [DISABLED] dac960nt

Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] DcomLaunch

Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] Dhcp

Service C:\WINDOWS\system32\DRIVERS\disk.sys (PnP Disk Driver/Microsoft Corporation) [bOOT] Disk

Service C:\WINDOWS\System32\dmadmin.exe (Proces usługi Menedżera dysków logicznych/Microsoft Corp., Veritas Software) [MANUAL] dmadmin

Service C:\WINDOWS\System32\drivers\dmboot.sys (Sterownik uruchamiania Menedżera dysków NT/Microsoft Corp., Veritas Software) [DISABLED] dmboot

Service C:\WINDOWS\System32\drivers\dmio.sys (Sterownik We/Wy menedżera dysków NT/Microsoft Corp., Veritas Software) [DISABLED] dmio

Service C:\WINDOWS\System32\drivers\dmload.sys (NT Disk Manager Startup Driver/Microsoft Corp., Veritas Software.) [DISABLED] dmload

Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] dmserver

Service C:\WINDOWS\system32\drivers\DMusic.sys (Microsoft Kernel DLS Synthesizer/Microsoft Corporation) [MANUAL] DMusic

Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] Dnscache

Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] Dot3svc

Service [DISABLED] dpti2o

Service C:\WINDOWS\system32\drivers\drmkaud.sys (Microsoft Kernel DRM Audio Descrambler Filter/Microsoft Corporation) [MANUAL] drmkaud

Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] EapHost

Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] ERSvc

Service C:\WINDOWS\system32\services.exe (Usługi i aplikacja Kontroler/Microsoft Corporation) [AUTO] Eventlog

Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] EventSystem

Service (Fast FAT File System Driver/Microsoft Corporation) [DISABLED] Fastfat

Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] FastUserSwitchingCompatibility

Service C:\WINDOWS\system32\DRIVERS\fdc.sys (Floppy Disk Controller Driver/Microsoft Corporation) [MANUAL] Fdc

Service (Sterownik kryptografii FIPS/Microsoft Corporation) [sYSTEM] Fips

Service C:\WINDOWS\system32\DRIVERS\flpydisk.sys (Floppy Driver/Microsoft Corporation) [MANUAL] Flpydisk

Service C:\WINDOWS\system32\drivers\fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) [bOOT] FltMgr

Service c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (PresentationFontCache.exe/Microsoft Corporation) [MANUAL] FontCache3.0.0.0

Service (File System Recognizer Driver/Microsoft Corporation) [sYSTEM] Fs_Rec

Service C:\WINDOWS\system32\DRIVERS\ftdisk.sys (Sterownik dysku FT/Microsoft Corporation) [bOOT] Ftdisk

Service E:\FXDrv32.sys [MANUAL] FXDrv32

Service C:\WINDOWS\system32\DRIVERS\msgpc.sys (MS General Packet Classifier/Microsoft Corporation) [MANUAL] Gpc

Service C:\WINDOWS\system32\DRIVERS\HDAudBus.sys (High Definition Audio Bus Driver v1.0a/Windows ® Server 2003 DDK provider) [MANUAL] HDAudBus

Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] helpsvc

Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] HidServ

Service C:\WINDOWS\system32\DRIVERS\hidusb.sys (USB Miniport Driver for Input Devices/Microsoft Corporation) [MANUAL] hidusb

Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] hkmsvc

Service [DISABLED] hpn

Service C:\WINDOWS\System32\Drivers\HTTP.sys (HTTP Protocol Stack/Microsoft Corporation) [MANUAL] HTTP

Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] HTTPFilter

Service [sYSTEM] i2omgmt

Service [DISABLED] i2omp

Service C:\WINDOWS\system32\DRIVERS\i8042prt.sys (Sterownik portu i8042/Microsoft Corporation) [sYSTEM] i8042prt

Service C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Windows CardSpace/Microsoft Corporation) [MANUAL] idsvc

Service C:\WINDOWS\system32\DRIVERS\imapi.sys (IMAPI Kernel Driver/Microsoft Corporation) [sYSTEM] Imapi

Service C:\WINDOWS\system32\imapi.exe (Image Mastering API/Microsoft Corporation) [MANUAL] ImapiService

Service inetaccs

Service [DISABLED] ini910u

Service Inport

Service C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek® High Definition Audio Function Driver/Realtek Semiconductor Corp.) [MANUAL] IntcAzAudAddService

Service [DISABLED] IntelIde

Service C:\WINDOWS\system32\DRIVERS\intelppm.sys (Sterownik urządzenia procesora/Microsoft Corporation) [sYSTEM] intelppm

Service C:\WINDOWS\system32\drivers\ip6fw.sys (IPv6 Windows Firewall Driver/Microsoft Corporation) [MANUAL] Ip6Fw

Service C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys (IP FILTER DRIVER/Microsoft Corporation) [MANUAL] IpFilterDriver

Service C:\WINDOWS\system32\DRIVERS\ipinip.sys (IP in IP Encapsulation Driver/Microsoft Corporation) [MANUAL] IpInIp

Service C:\WINDOWS\system32\DRIVERS\ipnat.sys (IP Network Address Translator/Microsoft Corporation) [MANUAL] IpNat

Service C:\WINDOWS\system32\DRIVERS\ipsec.sys (IPSec Driver/Microsoft Corporation) [sYSTEM] IPSec

Service C:\WINDOWS\system32\DRIVERS\irenum.sys (Infra-Red Bus Enumerator/Microsoft Corporation) [MANUAL] IRENUM

Service ISAPISearch

Service C:\WINDOWS\system32\DRIVERS\isapnp.sys (Sterownik magistrali ISA PNP/Microsoft Corporation) [bOOT] isapnp

Service C:\Program Files\Java\jre6\bin\jqs.exe (Java Quick Starter Service/Sun Microsystems, Inc.) [AUTO] JavaQuickStarterService

Service C:\WINDOWS\system32\DRIVERS\jraid.sys (JMicron JMB36X RAID Driver/JMicron Technology Corp.) [bOOT] JRAID

Service C:\WINDOWS\system32\DRIVERS\kbdclass.sys (Sterownik klasy klawiatury/Microsoft Corporation) [sYSTEM] Kbdclass

Service C:\WINDOWS\system32\DRIVERS\kbdhid.sys (Sterownik filtru myszy HID/Microsoft Corporation) [sYSTEM] kbdhid

Service C:\WINDOWS\system32\drivers\kl1.sys (Kaspersky Unified Driver/Kaspersky Lab) [bOOT] kl1

Service C:\WINDOWS\system32\drivers\klbg.sys (KLBG Mini-Filter/Kaspersky Lab) [bOOT] klbg

Service C:\WINDOWS\system32\DRIVERS\klfltdev.sys (KLFLTDEV Pnp device filter/Kaspersky Lab) [MANUAL] KLFLTDEV

Service C:\WINDOWS\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) [sYSTEM] KLIF

Service C:\WINDOWS\system32\DRIVERS\klim5.sys (Kaspersky Lab Intermediate Network Driver/Kaspersky Lab) [MANUAL] klim5

Service C:\WINDOWS\system32\drivers\kmixer.sys (Kernel Mode Audio Mixer/Microsoft Corporation) [MANUAL] kmixer

Service (Kernel Security Support Provider Interface/Microsoft Corporation) [bOOT] KSecDD

Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] lanmanserver

Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] lanmanworkstation

Service [sYSTEM] lbrtfdc

Service ldap

Service LicenseService

Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] LmHosts

Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] Messenger

Service (Frame buffer simulator/Microsoft Corporation) [sYSTEM] mnmdd

Service C:\WINDOWS\system32\mnmsrvc.exe (Zdalne udostępnianie pulpitu NetMeeting/Microsoft Corporation) [MANUAL] mnmsrvc

Service (Sterownik modemu/Microsoft Corporation) [MANUAL] Modem

Service C:\WINDOWS\system32\DRIVERS\mouclass.sys (Sterownik klasy myszy/Microsoft Corporation) [sYSTEM] Mouclass

Service (Mount Manager/Microsoft Corporation) [bOOT] MountMgr

Service [DISABLED] mraid35x

Service C:\WINDOWS\system32\DRIVERS\mrxdav.sys (Windows NT WebDav Minirdr/Microsoft Corporation) [MANUAL] MRxDAV

Service C:\WINDOWS\system32\DRIVERS\mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation) [sYSTEM] MRxSmb

Service C:\WINDOWS\system32\msdtc.exe (MS DTC console program/Microsoft Corporation) [MANUAL] MSDTC

Service MSDTC Bridge 3.0.0.0

Service (Mailslot driver/Microsoft Corporation) [sYSTEM] Msfs

Service C:\WINDOWS\system32\msiexec.exe (Windows® installer/Microsoft Corporation) [MANUAL] MSIServer

Service C:\WINDOWS\system32\drivers\MSKSSRV.sys (MS KS Server/Microsoft Corporation) [MANUAL] MSKSSRV

Service C:\WINDOWS\system32\drivers\MSPCLOCK.sys (MS Proxy Clock/Microsoft Corporation) [MANUAL] MSPCLOCK

Service C:\WINDOWS\system32\drivers\MSPQM.sys (MS Proxy Quality Manager/Microsoft Corporation) [MANUAL] MSPQM

Service C:\WINDOWS\system32\DRIVERS\mssmbios.sys (System Management BIOS Driver/Microsoft Corporation) [MANUAL] mssmbios

Service (Multiple UNC Provider driver/Microsoft Corporation) [bOOT] Mup

Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] napagent

Service (NDIS 5.1 wrapper driver/Microsoft Corporation) [bOOT] NDIS

Service C:\WINDOWS\system32\DRIVERS\ndistapi.sys (NDIS 3.0 connection wrapper driver/Microsoft Corporation) [MANUAL] NdisTapi

Service C:\WINDOWS\system32\DRIVERS\ndisuio.sys (NDIS User mode I/O Driver/Microsoft Corporation) [MANUAL] Ndisuio

Service C:\WINDOWS\system32\DRIVERS\ndiswan.sys (MS PPP Framing Driver (Strong Encryption)/Microsoft Corporation) [MANUAL] NdisWan

Service (NDIS Proxy/Microsoft Corporation) [MANUAL] NDProxy

Service C:\WINDOWS\system32\DRIVERS\netbios.sys (NetBIOS interface driver/Microsoft Corporation) [sYSTEM] NetBIOS

Service C:\WINDOWS\system32\DRIVERS\netbt.sys (MBT Transport driver/Microsoft Corporation) [sYSTEM] NetBT

Service C:\WINDOWS\system32\netdde.exe (DDE sieci - komunikacja DDE/Microsoft Corporation) [DISABLED] NetDDE

Service C:\WINDOWS\system32\netdde.exe (DDE sieci - komunikacja DDE/Microsoft Corporation) [DISABLED] NetDDEdsdm

Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [MANUAL] Netlogon

Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] Netman

Service C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (SMSvcHost.exe/Microsoft Corporation) [DISABLED] NetTcpPortSharing

Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] Nla

Service C:\WINDOWS\system32\DRIVERS\NMnt.sys (Netmon NT Driver/Microsoft Corporation) [MANUAL] nm

Service C:\WINDOWS\system32\drivers\nmwcd.sys (Nokia USB Phone Bus Driver/Nokia) [MANUAL] nmwcd

Service C:\WINDOWS\system32\drivers\nmwcdc.sys (Nokia USB Phone Generic Client/Nokia) [MANUAL] nmwcdc

Service C:\WINDOWS\system32\drivers\nmwcdcj.sys (Nokia USB Phone Modem Client/Nokia) [MANUAL] nmwcdcj

Service C:\WINDOWS\system32\drivers\nmwcdcm.sys (Nokia USB Phone Modem Client/Nokia) [MANUAL] nmwcdcm

Service C:\WINDOWS\system32\drivers\npf.sys (npf.sys (NT5/6 x86) Kernel Driver/CACE Technologies) [MANUAL] NPF

Service (NPFS Driver/Microsoft Corporation) [sYSTEM] Npfs

Service (NT File System Driver/Microsoft Corporation) [DISABLED] Ntfs

Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [MANUAL] NtLmSsp

Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] NtmsSvc

Service (NULL Driver/Microsoft Corporation) [sYSTEM] Null

Service C:\WINDOWS\system32\DRIVERS\nv4_mini.sys (NVIDIA Compatible Windows 2000 Miniport Driver, Version 169.32 /NVIDIA Corporation) [MANUAL] nv

Service C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Driver Helper Service, Version 169.32/NVIDIA Corporation) [AUTO] NVSvc

Service C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys (NWLINK2 Traffic Filter Driver/Microsoft Corporation) [MANUAL] NwlnkFlt

Service C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys (NWLINK2 Forwarder Driver/Microsoft Corporation) [MANUAL] NwlnkFwd

Service C:\WINDOWS\system32\DRIVERS\parport.sys (Sterownik portu równoległego/Microsoft Corporation) [MANUAL] Parport

Service (Partition Manager/Microsoft Corporation) [bOOT] PartMgr

Service (VDM Parallel Driver/Microsoft Corporation) [AUTO] ParVdm

Service C:\WINDOWS\system32\DRIVERS\pci.sys (Licznik NT Plug and Play PCI/Microsoft Corporation) [bOOT] PCI

Service [sYSTEM] PCIDump

Service C:\WINDOWS\system32\DRIVERS\pciide.sys (Rodzajowy sterownik magistrali PCI IDE/Microsoft Corporation) [bOOT] PCIIde

Service (Sterownik magistrali PCMCIA/Microsoft Corporation) [DISABLED] Pcmcia

Service [MANUAL] PDCOMP

Service [MANUAL] PDFRAME

Service [MANUAL] PDRELI

Service [MANUAL] PDRFRAME

Service [DISABLED] perc2

Service [DISABLED] perc2hib

Service PerfDisk

Service PerfNet

Service PerfOS

Service PerfProc

Service C:\WINDOWS\system32\services.exe (Usługi i aplikacja Kontroler/Microsoft Corporation) [AUTO] PlugPlay

Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [AUTO] PolicyAgent

Service C:\WINDOWS\system32\DRIVERS\raspptp.sys (Peer-to-Peer Tunneling Protocol/Microsoft Corporation) [MANUAL] PptpMiniport

Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [AUTO] ProtectedStorage

Service C:\WINDOWS\system32\DRIVERS\psched.sys (MS QoS Packet Scheduler/Microsoft Corporation) [MANUAL] PSched

Service C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies DirectParallel IO Library/Parallel Technologies, Inc.) [MANUAL] Ptilink

Service [DISABLED] ql1080

Service [DISABLED] Ql10wnt

Service [DISABLED] ql12160

Service [DISABLED] ql1240

Service [DISABLED] ql1280

Service C:\WINDOWS\system32\DRIVERS\rasacd.sys (RAS Automatic Connection Driver/Microsoft Corporation) [sYSTEM] RasAcd

Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] RasAuto

Service C:\WINDOWS\system32\DRIVERS\rasl2tp.sys (RAS L2TP mini-port/call-manager driver/Microsoft Corporation) [MANUAL] Rasl2tp

Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] RasMan

Service C:\WINDOWS\system32\DRIVERS\raspppoe.sys (RAS PPPoE mini-port/call-manager driver/Microsoft Corporation) [MANUAL] RasPppoe

Service C:\WINDOWS\system32\DRIVERS\raspti.sys (PTI DirectParallel® mini-port/call-manager driver/Microsoft Corporation) [MANUAL] Raspti

Service C:\WINDOWS\system32\DRIVERS\rdbss.sys (Redirected Drive Buffering SubSystem Driver/Microsoft Corporation) [sYSTEM] Rdbss

Service C:\WINDOWS\System32\DRIVERS\RDPCDD.sys (RDP Miniport/Microsoft Corporation) [sYSTEM] RDPCDD

Service RDPDD

Service RDPNP

Service (RDP Terminal Stack Driver (US/Canada Only, Not for Export)/Microsoft Corporation) [MANUAL] RDPWD

Service C:\WINDOWS\system32\sessmgr.exe (Menedżer sesji pomocy pulpitu zdalnego Microsoft®/Microsoft Corporation) [MANUAL] RDSessMgr

Service C:\WINDOWS\system32\DRIVERS\redbook.sys (Sterownik filtru audio Redbook/Microsoft Corporation) [sYSTEM] redbook

Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] RemoteAccess

Service C:\Program Files\WinPcap\rpcapd.exe (Remote Packet Capture Daemon/CACE Technologies) [MANUAL] rpcapd

Service C:\WINDOWS\system32\locator.exe (Rpc Locator/Microsoft Corporation) [MANUAL] RpcLocator

Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] RpcSs

Service C:\WINDOWS\system32\rsvp.exe (Microsoft RSVP/Microsoft Corporation) [MANUAL] RSVP

Service C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys (Realtek 10/100/1000 NDIS 5.1 Driver /Realtek Semiconductor Corporation ) [MANUAL] RTL8023xp

Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [AUTO] SamSs

Service C:\WINDOWS\System32\SCardSvr.exe (Smart Card Resource Management Server/Microsoft Corporation) [MANUAL] SCardSvr

Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] Schedule

Service C:\WINDOWS\system32\drivers\scsiport.sys (SCSI Port Driver/Microsoft Corporation) ScsiPort

Service C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision SECURITY Driver/Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [MANUAL] Secdrv

Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] seclogon

Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] SENS

Service C:\WINDOWS\system32\DRIVERS\serenum.sys (Serial Port Enumerator/Microsoft Corporation) [MANUAL] serenum

Service C:\WINDOWS\system32\DRIVERS\serial.sys (Sterownik urządzenia szeregowego/Microsoft Corporation) [sYSTEM] Serial

Service C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (ServiceLayer Module/Nokia.) [MANUAL] ServiceLayer

Service ServiceModelEndpoint 3.0.0.0

Service ServiceModelOperation 3.0.0.0

Service ServiceModelService 3.0.0.0

Service (SCSI Floppy Driver/Microsoft Corporation) [sYSTEM] Sfloppy

Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] SharedAccess

Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] ShellHWDetection

Service [DISABLED] Simbad

Service SMSvcHost 3.0.0.0

Service [DISABLED] Sparrow

Service C:\WINDOWS\system32\drivers\splitter.sys (Microsoft Kernel Audio Splitter/Microsoft Corporation) [MANUAL] splitter

Service C:\WINDOWS\system32\spoolsv.exe (Spooler SubSystem App/Microsoft Corporation) [AUTO] Spooler

Service C:\WINDOWS\system32\DRIVERS\sr.sys (Sterownik filtru systemu plików Przywracania systemu/Microsoft Corporation) [bOOT] sr

Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] srservice

Service C:\WINDOWS\system32\DRIVERS\srv.sys (Server driver/Microsoft Corporation) [MANUAL] Srv

Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] SSDPSRV

Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] stisvc

Service C:\WINDOWS\system32\DRIVERS\swenum.sys (Plug and Play Software Device Enumerator/Microsoft Corporation) [MANUAL] swenum

Service C:\WINDOWS\system32\drivers\swmidi.sys (Microsoft GS Wavetable Synthesizer/Microsoft Corporation) [MANUAL] swmidi

Service C:\WINDOWS\system32\dllhost.exe (COM Surrogate/Microsoft Corporation) [MANUAL] SwPrv

Service swwd

Service [DISABLED] symc810

Service [DISABLED] symc8xx

Service [DISABLED] sym_hi

Service [DISABLED] sym_u3

Service C:\WINDOWS\system32\drivers\sysaudio.sys (System Audio WDM Filter/Microsoft Corporation) [MANUAL] sysaudio

Service C:\WINDOWS\system32\smlogsvc.exe (Usługa dzienników wydajności i alertów/Microsoft Corporation) [MANUAL] SysmonLog

Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] TapiSrv

Service C:\WINDOWS\system32\DRIVERS\tcpip.sys (TCP/IP Protocol Driver/Microsoft Corporation) [sYSTEM] Tcpip

Service (Named Pipe Transport Driver/Microsoft Corporation) [MANUAL] TDPIPE

Service (TCP Transport Driver/Microsoft Corporation) [MANUAL] TDTCP

Service C:\WINDOWS\system32\DRIVERS\termdd.sys (Terminal Server Driver/Microsoft Corporation) [sYSTEM] TermDD

Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] TermService

Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] Themes

Service [DISABLED] TosIde

Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] TrkWks

Service TSDDD

Service (UDF File System Driver/Microsoft Corporation) [DISABLED] Udfs

Service [DISABLED] ultra

Service C:\WINDOWS\system32\DRIVERS\update.sys (Update Driver/Microsoft Corporation) [MANUAL] Update

Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] upnphost

Service C:\WINDOWS\System32\ups.exe (UPS Service/Microsoft Corporation) [MANUAL] UPS

Service C:\WINDOWS\system32\DRIVERS\usbccgp.sys (USB Common Class Generic Parent Driver/Microsoft Corporation) [MANUAL] usbccgp

Service C:\WINDOWS\system32\DRIVERS\usbehci.sys (EHCI eUSB Miniport Driver/Microsoft Corporation) [MANUAL] usbehci

Service C:\WINDOWS\system32\DRIVERS\usbhub.sys (Default Hub Driver for USB/Microsoft Corporation) [MANUAL] usbhub

Service C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS (USB Mass Storage Class Driver/Microsoft Corporation) [MANUAL] usbstor

Service C:\WINDOWS\system32\DRIVERS\usbuhci.sys (UHCI USB Miniport Driver/Microsoft Corporation) [MANUAL] usbuhci

Service C:\WINDOWS\System32\drivers\vga.sys (VGA/Super VGA Video Driver/Microsoft Corporation) [sYSTEM] VgaSave

Service [DISABLED] ViaIde

Service (Sterownik kopiowania woluminów w tle/Microsoft Corporation) [bOOT] VolSnap

Service C:\WINDOWS\System32\vssvc.exe (Usługa kopiowania woluminów w tle Microsoft®/Microsoft Corporation) [MANUAL] VSS

Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] W32Time

Service W3SVC

Service C:\WINDOWS\system32\DRIVERS\wanarp.sys (MS Remote Access and Routing ARP Driver/Microsoft Corporation) [MANUAL] Wanarp

Service [MANUAL] WDICA

Service C:\WINDOWS\system32\drivers\wdmaud.sys (MMSYSTEM Wave/Midi API mapper/Microsoft Corporation) [MANUAL] wdmaud

Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] WebClient

Service Windows Workflow Foundation 3.0.0.0

Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] winmgmt

Service [MANUAL] Winsock

Service WinSock2

Service WinTrust

Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] WmdmPmSN

Service Wmi

Service WmiApRpl

Service C:\WINDOWS\system32\wbem\wmiapsrv.exe (Usługa karty wydajności WMI/Microsoft Corporation) [MANUAL] WmiApSrv

Service C:\Program Files\Windows Media Player\WMPNetwk.exe (Usługa udostępniania w sieci programu Windows Media Player/Microsoft Corporation) [MANUAL] WMPNetworkSvc

Service (Winsock2 IFS Layer/Microsoft Corporation) [sYSTEM] WS2IFSL

Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] wscsvc

Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] wuauserv

Service C:\WINDOWS\system32\DRIVERS\WudfPf.sys (Windows Driver Foundation - User-mode Driver Framework Platform Driver/Microsoft Corporation) [MANUAL] WudfPf

Service C:\WINDOWS\system32\DRIVERS\wudfrd.sys (Windows Driver Foundation - User-mode Driver Framework Reflector/Microsoft Corporation) [MANUAL] WudfRd

Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] WudfSvc

Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] WZCSVC

Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] xmlprov

Service {BE3B3C66-7548-43DD-AD36-460968E24089}

---- EOF - GMER 1.0.15 ----

MarekM25
komentarz
komentarz

Uruchom OTL i w oknie Custom Scans/Fixes wklej następujący skrypt:

:OTLPRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)O32 - AutoRun File - [2009-08-27 23:15:18 | 00,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]O32 - AutoRun File - [2009-08-27 23:15:19 | 00,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ]O32 - AutoRun File - [2008-04-25 16:42:47 | 00,000,045 | R--- | M] () - E:\Autorun.inf -- [ CDFS ]:Reg[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2][HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]"SuperHidden"=dword:00000001[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]"Hidden"=dword:00000001[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]"ShowSuperHidden"=dword:00000001[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]"CheckedValue"=dword:00000001[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]@="":Commands[emptytemp][start explorer][Reboot]

Kliknij w Run Fix. Zatwierdź restart komputera.

simivar
komentarz
komentarz (edytowane)

Wpisałem, zaciął się na "Registery a mountpoints2" czy coś takiego. Kliknąłem na przycisk restart, i moje ikony dostały jakieś podświetlenie:

jkyf5y.png

w Gmerze wyskoczyło mi, iż istnieje zagrożenie ze strony rootkita.

MarekM25
komentarz
komentarz

Użyj narzędzia Flash DisInfector. Jeżeli posiadasz jakąś pamięć przenośną niech będzie w tym czasie podłączona. Niektóre antywirusy wykrywają te narzędzie jako wirusa, ale oczywiście Flash DisInfector nim nie jest.

Otwórz notatnik tekstowy i wklej do niego poniższy tekst: (bez frazy kod)

Windows Registry Editor Version 5.00[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2]

Zapisz jako->Wybierz Wszystkie pliki->wpisz Fix.reg->Następnie kliknij na zapisany plik i uruchom komputer ponownie.

A co do podświetlania to był już temat na forum w dziale win xp. Poszukaj dobrze;)

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.