Skocz do zawartości

bryken

Stały użytkownik
 Pokaż profil  Zobacz aktywność

  • Liczba zawartości

    2429

  • Rejestracja

  • Ostatnia wizyta

 Typ zawartości 

Zawartość dodana przez bryken

  1. bryken

    Polityka i politycy

    bryken odpowiedział lspider → na temat → Ośla łączka

    Nie chce brzmiec jak ostatni lewak, ale jak na wykladzie z organizacji i zarzadzania wykladowca (skrajny prawicowiec by nie powiedziec faszysta) powiedzial, ze kosciol utrzymuje sie z "tacy" to myslalem ze padne, a kilka dni wczesniej Seneszynka wypowiadala sie ile to mld idzie na kosciol. Czemu tylko jeden kosciol dostaje pieniadze? Czemu tych pieniedzy nie dac na sluzbe zdrowia, czemu nie ma kontroli nad tymi "dotacjami"? Ciekawe co by sie stalo gdyby kazdy katolik musialby placic podatek za przynaleznosc do kosciola - ciekawe jaki wtedy procent katolikow bylby w Polsce. » Naciśnij, żeby pokazać/ukryć tekst oznaczony jako spoiler... « Tak glosowalem na SLD bo starzy pracuja w oswiacie i jakby nie patrzec oni mieli najlepszy program.
  2. bryken

    Forum Czy Heldesk Dla Dzieci ?

    bryken odpowiedział luki_pc → na temat → O forum

    jak nie pisze w ekstremalnym jak to podkrecil procka o 400mhz, jezeli pyta sie w dziale co kupic o nowego kompa, to czemu ma nie pisac?
  3. bryken

    Prawo Jazdy

    bryken odpowiedział berkut → na temat → Motoryzacja

    nie napisalem ze to zle. Przytoczylem tylko znana mi informacje :D
  4. bryken

    Nowy Wygląd Portalu

    bryken odpowiedział marco → na temat → O serwisie

    ale powinien byc pod kolor loga - przynajmniej moim zdaniem.
  5. bryken

    Prawo Jazdy

    bryken odpowiedział berkut → na temat → Motoryzacja

    jak stracisz prawko i robisz kolejny raz to masz przesrane totalnie typu: - witam to na czym dzisiaj nie zdajemy.
  6. bryken

    Nowy Wygląd Portalu

    bryken odpowiedział marco → na temat → O serwisie

    no jeszcze by sie przydalo zmienic ikonke w zakladce w firefoxie wiecie o co chodzi czy screena dac?
  7. bryken
    dfi nf2 byla takze najbardziej problematyczna mobo --> bardzo trudna do okielznania, user unfriendly :D A pisanie opinii ze dfi schodzi na psy bez testow itp poprostu zal. Na NF4 dawala duzo papu na memki :D Teraz moze rzeczywiscie jakiejs innowacji brakuje.
  8. bryken

    Mini Modernizacja Do 200 Zł

    bryken odpowiedział Nadrill → na temat → Co kupić?

    no to nie trup a przezytek :D lepiej pasuje. o ramach to ile mozna pisac? Procek http://allegro.pl/item327331931_megapromoc...ndsor_oem_.html pierwszy lepszy z brzegu mozesz sie zastanowic ale nie jestem pewny czy ma Cache L2 2 x 512MB wedlug aukcji ale i tak lepiej kupic uzywke boxa ktorej pozostalo 24miechy gwary i masz wiatraka :D do wyboru do koloru http://allegro.pl/48881_athlon_64_x2_am2.h...B521%5D%5B1%5D= nie trzeba miec konta na allegro starczy poprosic znajomego co ma konto poza tym najwyzszy czas je zalozyc a kingstony na elpidach dostaniesz wszedzie idziesz do sklepu chcialem kupic kingstony 667, tylko chcialbym sobie wybrac odpowiednie kosci i szukasz oznaczen elpida.
  9. bryken

    Mini Modernizacja Do 200 Zł

    bryken odpowiedział Nadrill → na temat → Co kupić?

    ja bym wymienial wszystko od razu po co bawic sie w ozywianie trupa? Te ceny co podali wczesniej przy sprzedazy to ceny minimalne za takie powinno pojsc od razu na allegro wiec dlugo nie czekasz. Ale jak musisz pchac sie w to, tylko i wylacznie dokup 2x1gb ramu elpidy 120zl, uzywanego x2 i mozesz pomyslec nad uzywana 8600gt wtedy poczujesz roznice. Jezeli nie masz tyle hajsu to zmieniajac grafe zyskasz najwiecej. Oczywiscie uzywane to z gwarancja przynajmniej na rok i full box.
  10. bryken

    X1950pro Vs. Xfx 7900 Gs

    bryken odpowiedział Portelsl → na temat → Co kupić?

    ktory ofermatyk ci takich informacji udzielil? Oczywiscie ze mozesz miec xp i viste. A bys ladnie zrobil kupujac takie gnioty w porownaniu do 9600gt
  11. bryken

    X1950pro Vs. Xfx 7900 Gs

    bryken odpowiedział Portelsl → na temat → Co kupić?

  12. bryken
    costi bardzo zdrowe podejscie ale czy dla normalnego pirata drogowego 200 ludzi biegnie oddawac krew?
  13. bryken

    Prawo Jazdy

    bryken odpowiedział berkut → na temat → Motoryzacja

    A to ciekawe bo ludzie co zdaja egzamin i uwala srednio 3razy w kato ida do dabrowy i zdaja za pierwszym razem (moj dobry kumpel tak mial i jest to dobrze znany fakt, juz nie wspominam ze 100razy lepiej robic jest w Tychach). Najechanie na linie to mozna od razu skonczyc egzam to samo jak auto zgasnie na lukum ale jak ktos mial farta to bardzo dobrze i tylko sie cieszyc, przyklad z glupim parkowaniem jak masz autko to i piec razy sobie poprawiasz i masz to w [gluteus maximus].
  14. bryken

    Prawo Jazdy

    bryken odpowiedział berkut → na temat → Motoryzacja

    hmm popytaj kumpli gdzie robili kurs i kogo polecaja, jak dlugo zajelo im zrobienie kursu (wszystkie jazdy, teoria, czy pomimo tego ze nie wyjezdzili wszystich jazd dostali papierek i mogli isc sie zapisac na egzam) bo w niektorych osrodkach to i pol roku mozna robic.
  15. bryken

    Seriale

    bryken odpowiedział Jin* → na temat → Kultura

    o to sporo do nadrobienia dzieki bardzo. SGA 4x20 miazdzy :D kiedy kolejne odcinki ile trzeba czekac na kolejne sezony.
  16. bryken

    Seriale

    bryken odpowiedział Jin* → na temat → Kultura

    Moze mi ktos powiedziec w ktorym odcinku serialu Kyle XY bylo » Naciśnij, żeby pokazać/ukryć tekst oznaczony jako spoiler... « konczylo sie tak ze ta laska XX skoczyla z wodospadu, to bylo zaraz po tym jak Kyle odnalazl Adama i staral sie z nim skontaktowac a w miedzy czasie XX ukradla mu wiedze, bylo przed dluzsza przerwa. 10-15 odcinek sadze.
  17. bryken
    a mnie rapid wkurza bo nigdy nie moge nic pobrac, bo chyba na cala siec jedno ip i caly czas przekroczenie limitu.
  18. bryken

    Sesja....

    bryken odpowiedział temat → Ośla łączka

    ja chodzilem na wyklady tylko na te, ktore mnie interesowaly a nie bylo ich wiele w zeszlym semestrze tylko techniki komputerowe i elektronika, no bo przedmioty praktyczne typu logistyka to trzeba chodzic, a badziewia typu: podstawy technik pomiarowych, filozofia, ochrona srodowiska pozostawiam innym :D Ale w tym semestrze musimy chodzic na wszystkie wyklady no na wszystkich sprawdzaja obecnosc.
  19. bryken
    odinstalowane 8O teraz pytanko co zrobic zeby uniknac w przyszlosci tych badziewii to znaczy, ktory antywirus (avast) czy cos innego, firefoxa purepc do neta to podstawa.
  20. bryken
    swiezy log z combofix » Naciśnij, żeby pokazać/ukryć tekst oznaczony jako spoiler... « ComboFix 08-03-07.1 - Administrator 2008-03-07 22:50:29.3 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.135 [GMT 1:00] Running from: C:\My Downloads\ComboFix.exe WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\system\ . ((((((((((((((((((((((((( Files Created from 2008-02-07 to 2008-03-07 ))))))))))))))))))))))))))))))) . 2008-03-07 19:54 . 2008-03-07 19:55 <DIR> d-------- C:\Program Files\Java 2008-03-07 19:54 . 2008-03-07 19:54 <DIR> d-------- C:\Program Files\Common Files\Java 2008-03-07 19:39 . 2008-03-07 19:39 <DIR> d-------- C:\Program Files\CCleaner 2008-03-01 17:54 . 2008-03-01 17:54 <DIR> d-------- C:\Program Files\ESET 2008-03-01 17:54 . 2008-03-01 17:54 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\ESET 2008-02-27 23:01 . 2008-03-07 12:13 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2008-02-27 23:01 . 2008-02-27 23:01 1,409 --a------ C:\WINDOWS\QTFont.for 2008-02-24 19:51 . 2008-02-24 19:51 <DIR> d-------- C:\Program Files\VeryPDF PDF2Word v3.0 2008-02-24 19:51 . 2008-02-24 19:51 324 --a------ C:\WINDOWS\pdf2word.INI 2008-02-24 19:38 . 2008-02-24 19:41 <DIR> d-------- C:\Program Files\PDF Editor 2 2008-02-24 19:38 . 2008-02-24 19:38 74,752 --a------ C:\WINDOWS\cadkasdeinst01e.exe 2008-02-21 00:37 . 2008-02-21 00:37 <DIR> d-------- C:\Program Files\Foxit Software 2008-02-20 19:29 . 2008-02-20 19:30 <DIR> d-------- C:\Program Files\Angielski dla leniwych 2 2008-02-15 01:35 . 2008-02-15 01:35 <DIR> d-------- C:\Program Files\Prawo Jazdy 2006 2008-02-13 15:49 . 2008-02-13 15:49 <DIR> d-------- C:\Documents and Settings\Administrator\Dane aplikacji\Corel 2008-02-13 15:35 . 2008-02-13 15:35 <DIR> d-------- C:\Program Files\Common Files\Corel . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-03-07 19:21 --------- d-----w C:\Documents and Settings\Administrator\Dane aplikacji\foobar2000 2008-03-07 19:07 7,780 ----a-w C:\Documents and Settings\Administrator\FMCodec.dat 2008-03-07 16:20 --------- d-----w C:\Program Files\GDS Byte Counter 2008-03-07 11:13 --------- d-----w C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent 2008-02-13 14:36 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-02-13 14:35 --------- d-----w C:\Program Files\Common Files\InstallShield 2008-02-12 20:24 --------- d-----w C:\Program Files\Common Files\Adobe 2008-02-06 13:00 --------- d-----w C:\Program Files\Valve 2008-02-06 12:18 --------- d-----w C:\Program Files\Piraci Nowego Świata 2008-02-02 15:43 --------- d-----w C:\Program Files\Fma 2008-02-02 12:00 --------- d-----w C:\Documents and Settings\Administrator\Dane aplikacji\FMA 2008-02-01 18:40 --------- d-----w C:\Program Files\Usb to Serial Driver 1.12.28 2008-01-24 22:48 --------- d-----w C:\Documents and Settings\Administrator\Dane aplikacji\Sports Interactive 2008-01-24 21:58 --------- d--h--w C:\Program Files\Zero G Registry 2008-01-19 20:16 --------- d-----w C:\Program Files\PS2_HD_HANDINESS 2008-01-16 22:47 352,256 ----a-w C:\WINDOWS\eSellerateEngine.dll 2008-01-16 22:47 --------- d-----w C:\Program Files\Hot CPU Tester Pro 4 2008-01-16 08:43 --------- d-----w C:\Documents and Settings\Administrator\Dane aplikacji\OpenOffice.ux.pl2 2008-01-15 14:17 --------- d-----w C:\Documents and Settings\Administrator\Dane aplikacji\Skype 2008-01-14 18:23 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\ABBYY 2008-01-14 17:59 --------- d-----w C:\Program Files\ABBYY FineReader 9.0 2008-01-14 00:09 --------- d-----w C:\Program Files\MDT6 2008-01-13 22:08 --------- d-----w C:\Program Files\Common Files\Wextech Shared 2008-01-13 22:05 --------- d-----w C:\Program Files\Common Files\Autodesk Shared 2008-01-13 20:39 --------- d-----w C:\Program Files\Gadu-Gadu 2008-01-08 18:08 --------- d-----w C:\Program Files\Real Alternative 2008-01-08 18:07 --------- d-----w C:\Program Files\Common Files\Real 2008-01-07 13:22 --------- d-----w C:\Program Files\HD Tune 2007-05-02 14:15 16,384 --sha-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat 2007-05-02 14:15 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Historia\History.IE5\index.dat 2007-05-02 14:15 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Historia\History.IE5\MSHist012007050220070503\index.dat 2007-05-02 14:15 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 23:44 15360] "RMClock"="C:\My Downloads\rmclock_225_bin\RMClockLauncher.exe" [2007-04-03 21:01 61440] "Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2007-04-25 16:27 2101248] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RivaTunerStartupDaemon"="C:\Program Files\RivaTuner v2.0 Final Release\RivaTuner.exe" [2006-12-24 20:15 2576384] "OODefragTray"="C:\WINDOWS\system32\oodtray.exe" [2007-05-11 01:08 2512392] "WheelMouse"="C:\Program Files\A4Tech\Mouse\Amoumain.exe" [2006-02-17 10:14 163840] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-09-17 01:07 8491008] "D-Link AirPlus G"="C:\Program Files\D-Link\AirPlus G\AirGCFG.exe" [2005-11-23 15:04 1544192] "ANIWZCS2Service"="C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2005-10-19 18:19 49152] "GDS Byte Counter"="C:\Program Files\GDS Byte Counter\gbc.exe" [2005-09-14 17:01 241664] "CorelDRAW Graphics Suite 11b"="D:\Corel\Corel Graphics 12\Languages\EN\Programs\Registration.exe" [2003-11-25 13:39 729088] "egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2007-11-23 21:51 1410304] "WinFast Schedule"="C:\Program Files\WinFast\WFDTV\WFWIZ.exe" [2007-07-27 17:09 409600] "WinFastDTV"="C:\Program Files\WinFast\WFDTV\DTVSchdl.exe" [2007-08-10 15:28 90112] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-03 23:44 15360] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "nltide3"="cmd.exe" [2004-08-03 23:44 395776 C:\WINDOWS\system32\cmd.exe] "TSClientMSIUninstaller"="cmd.exe" [2004-08-03 23:44 395776 C:\WINDOWS\system32\cmd.exe] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoSMHelp"= 1 (0x1) [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoSMHelp"= 1 (0x1) [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Speed Launch.lnk] path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount] --a------ 2007-08-24 13:44 4608 C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter2.0] --------- 2005-07-19 11:36 933888 C:\Program Files\Brother\ControlCenter2\brctrcen.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] --a------ 2004-08-03 23:44 15360 C:\WINDOWS\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools] --a------ 2005-12-10 15:57 133016 C:\Program Files\DAEMON Tools\daemon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Flashget] C:\Program Files\FlashGet\FlashGet.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] --a------ 2001-07-09 09:50 155648 C:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] --a------ 2007-09-17 01:07 8491008 C:\WINDOWS\system32\NvCpl.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] --a------ 2007-09-17 01:07 81920 C:\WINDOWS\system32\NvMcTray.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVMixerTray] --a------ 2004-12-20 16:12 131072 C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] --a------ 2007-09-17 01:07 1626112 C:\WINDOWS\system32\nwiz.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector] --a------ 2007-06-16 00:15 366400 C:\Program Files\Picasa2\PicasaMediaDetector.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PicasaNet] C:\Documents and Settings\Administrator\Pulpit\Hello\Hello.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a------ 2007-11-07 01:39 98304 C:\Program Files\QuickTime\qttask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetDefPrt] --------- 2005-01-26 17:02 49152 C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] -ra------ 2007-08-06 11:43 23165736 C:\Program Files\Skype\Phone\Skype.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr] -ra------ 2006-03-30 15:45 313472 C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "D:\\utorrent\\utorrent.exe"= "D:\\Painkiller Overdose\\Bin\\Overdose.exe"= "D:\\Painkiller Overdose\\Bin\\OverdoseEditor.exe"= "D:\\Painkiller Overdose\\Bin\\OverdoseServer.exe"= "C:\\Program Files\\uTorrent\\uTorrent.exe"= "C:\\Program Files\\Skype\\Phone\\Skype.exe"= "D:\\footbal manager 2008\\fm.exe"= R1 BIOS;BIOS;C:\WINDOWS\system32\drivers\BIOS.sys [2005-03-16 07:23] R1 epfwtdir;epfwtdir;C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2007-11-23 21:52] R2 ABBYY.Licensing.FineReader.Professional.9.0;Usługa licencjonowania programu ABBYY FineReader 9.0;"C:\Program Files\ABBYY FineReader 9.0\NetworkLicenseServer.exe" -service [] R3 BrScnUsb;Brother USB Still Image driver;C:\WINDOWS\system32\Drivers\BrScnUsb.sys [2004-10-15 11:50] R3 RTCore32;RTCore32;C:\My Downloads\rmclock_225_bin\RTCore32.sys [2005-05-25 09:39] R3 WFIOCTL;WFIOCTL;C:\Program Files\WinFast\WFDTV\WFIOCTL.SYS [2005-01-06 15:55] S3 SER120;OTI Serial port driver;C:\WINDOWS\system32\DRIVERS\SER120.sys [2005-03-22 10:03] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6b0b4217-2669-11dc-a13e-9993201023aa}] \Shell\AutoRun\command - K:\setupSNK.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{90003724-b58f-11dc-b987-000ae66a93fd}] \Shell\Auto\command - I:\activexdebugger32.exe f \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL activexdebugger32.exe f \Shell\explore\Command - I:\activexdebugger32.exe f \Shell\open\Command - I:\activexdebugger32.exe f [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{99cd6db0-cf6f-11dc-b9bb-001b111299fb}] \Shell\Auto\command - J:\activexdebugger32.exe f \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL activexdebugger32.exe f \Shell\explore\Command - J:\activexdebugger32.exe f \Shell\open\Command - J:\activexdebugger32.exe f [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d9d67f97-a066-11dc-b94a-000ae66a93fd}] \Shell\AutoRun\command - J:\setupSNK.exe . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-03-07 22:51:52 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2008-03-07 22:52:25 ComboFix2.txt 2008-03-07 21:46:56 skan z malwarbytes » Naciśnij, żeby pokazać/ukryć tekst oznaczony jako spoiler... « Malwarebytes' Anti-Malware 1.07 Database version: 465 Scan type: Quick Scan Objects scanned: 27517 Time elapsed: 3 minute(s), 33 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) chyba prosciej mi bylo zainstalowac swiezego windwosa:D
  21. bryken

    Wojsko wojsko wojsko

    bryken odpowiedział Puffy → na temat → Ośla łączka

    unikasz sposobem awizo czy wspanialym sposobem "oczysz" sie w prywatnej szkole.
  22. bryken
    Wszystko zrobilem jak kazales: log z combofix » Naciśnij, żeby pokazać/ukryć tekst oznaczony jako spoiler... « ComboFix 08-03-07.1 - Administrator 2008-03-07 19:56:56.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.164 [GMT 1:00] Running from: C:\My Downloads\ComboFix.exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\Cfx32.lic C:\WINDOWS\system32\cfx32.ocx C:\WINDOWS\system32\Dvbpws.dll C:\WINDOWS\system32\system\ . ((((((((((((((((((((((((( Files Created from 2008-02-07 to 2008-03-07 ))))))))))))))))))))))))))))))) . 2008-03-07 19:54 . 2008-03-07 19:55 <DIR> d-------- C:\Program Files\Java 2008-03-07 19:54 . 2008-03-07 19:54 <DIR> d-------- C:\Program Files\Common Files\Java 2008-03-07 19:39 . 2008-03-07 19:39 <DIR> d-------- C:\Program Files\CCleaner 2008-03-01 17:54 . 2008-03-01 17:54 <DIR> d-------- C:\Program Files\ESET 2008-03-01 17:54 . 2008-03-01 17:54 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\ESET 2008-02-27 23:01 . 2008-03-07 12:13 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2008-02-27 23:01 . 2008-02-27 23:01 1,409 --a------ C:\WINDOWS\QTFont.for 2008-02-24 19:51 . 2008-02-24 19:51 <DIR> d-------- C:\Program Files\VeryPDF PDF2Word v3.0 2008-02-24 19:51 . 2008-02-24 19:51 324 --a------ C:\WINDOWS\pdf2word.INI 2008-02-24 19:38 . 2008-02-24 19:41 <DIR> d-------- C:\Program Files\PDF Editor 2 2008-02-24 19:38 . 2008-02-24 19:38 74,752 --a------ C:\WINDOWS\cadkasdeinst01e.exe 2008-02-21 00:37 . 2008-02-21 00:37 <DIR> d-------- C:\Program Files\Foxit Software 2008-02-20 19:29 . 2008-02-20 19:30 <DIR> d-------- C:\Program Files\Angielski dla leniwych 2 2008-02-15 01:35 . 2008-02-15 01:35 <DIR> d-------- C:\Program Files\Prawo Jazdy 2006 2008-02-13 15:49 . 2008-02-13 15:49 <DIR> d-------- C:\Documents and Settings\Administrator\Dane aplikacji\Corel 2008-02-13 15:35 . 2008-02-13 15:35 <DIR> d-------- C:\Program Files\Common Files\Corel . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-03-07 18:04 --------- d-----w C:\Documents and Settings\Administrator\Dane aplikacji\foobar2000 2008-03-07 16:20 --------- d-----w C:\Program Files\GDS Byte Counter 2008-03-07 11:13 --------- d-----w C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent 2008-02-13 14:36 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-02-13 14:35 --------- d-----w C:\Program Files\Common Files\InstallShield 2008-02-12 20:24 --------- d-----w C:\Program Files\Common Files\Adobe 2008-02-06 13:00 --------- d-----w C:\Program Files\Valve 2008-02-06 12:18 --------- d-----w C:\Program Files\Piraci Nowego Świata 2008-02-02 15:43 --------- d-----w C:\Program Files\Fma 2008-02-02 12:00 --------- d-----w C:\Documents and Settings\Administrator\Dane aplikacji\FMA 2008-02-01 18:40 --------- d-----w C:\Program Files\Usb to Serial Driver 1.12.28 2008-01-24 22:48 --------- d-----w C:\Documents and Settings\Administrator\Dane aplikacji\Sports Interactive 2008-01-24 21:58 --------- d--h--w C:\Program Files\Zero G Registry 2008-01-19 20:16 --------- d-----w C:\Program Files\PS2_HD_HANDINESS 2008-01-16 22:47 352,256 ----a-w C:\WINDOWS\eSellerateEngine.dll 2008-01-16 22:47 --------- d-----w C:\Program Files\Hot CPU Tester Pro 4 2008-01-16 08:43 --------- d-----w C:\Documents and Settings\Administrator\Dane aplikacji\OpenOffice.ux.pl2 2008-01-15 14:17 --------- d-----w C:\Documents and Settings\Administrator\Dane aplikacji\Skype 2008-01-14 18:23 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\ABBYY 2008-01-14 17:59 --------- d-----w C:\Program Files\ABBYY FineReader 9.0 2008-01-14 00:09 --------- d-----w C:\Program Files\MDT6 2008-01-13 22:08 --------- d-----w C:\Program Files\Common Files\Wextech Shared 2008-01-13 22:05 --------- d-----w C:\Program Files\Common Files\Autodesk Shared 2008-01-13 20:39 --------- d-----w C:\Program Files\Gadu-Gadu 2008-01-08 18:08 --------- d-----w C:\Program Files\Real Alternative 2008-01-08 18:07 --------- d-----w C:\Program Files\Common Files\Real 2008-01-07 13:22 --------- d-----w C:\Program Files\HD Tune 2007-08-26 09:41 7,780 ----a-w C:\Documents and Settings\Administrator\FMCodec.dat 2007-05-02 14:15 16,384 --sha-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat 2007-05-02 14:15 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Historia\History.IE5\index.dat 2007-05-02 14:15 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Historia\History.IE5\MSHist012007050220070503\index.dat 2007-05-02 14:15 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 23:44 15360] "RMClock"="C:\My Downloads\rmclock_225_bin\RMClockLauncher.exe" [2007-04-03 21:01 61440] "Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2007-04-25 16:27 2101248] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RivaTunerStartupDaemon"="C:\Program Files\RivaTuner v2.0 Final Release\RivaTuner.exe" [2006-12-24 20:15 2576384] "OODefragTray"="C:\WINDOWS\system32\oodtray.exe" [2007-05-11 01:08 2512392] "WheelMouse"="C:\Program Files\A4Tech\Mouse\Amoumain.exe" [2006-02-17 10:14 163840] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-09-17 01:07 8491008] "D-Link AirPlus G"="C:\Program Files\D-Link\AirPlus G\AirGCFG.exe" [2005-11-23 15:04 1544192] "ANIWZCS2Service"="C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2005-10-19 18:19 49152] "GDS Byte Counter"="C:\Program Files\GDS Byte Counter\gbc.exe" [2005-09-14 17:01 241664] "CorelDRAW Graphics Suite 11b"="D:\Corel\Corel Graphics 12\Languages\EN\Programs\Registration.exe" [2003-11-25 13:39 729088] "egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2007-11-23 21:51 1410304] "WinFast Schedule"="C:\Program Files\WinFast\WFDTV\WFWIZ.exe" [2007-07-27 17:09 409600] "WinFastDTV"="C:\Program Files\WinFast\WFDTV\DTVSchdl.exe" [2007-08-10 15:28 90112] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-03 23:44 15360] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "nltide3"="cmd.exe" [2004-08-03 23:44 395776 C:\WINDOWS\system32\cmd.exe] "TSClientMSIUninstaller"="cmd.exe" [2004-08-03 23:44 395776 C:\WINDOWS\system32\cmd.exe] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoSMHelp"= 1 (0x1) [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoSMHelp"= 1 (0x1) [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Speed Launch.lnk] path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount] --a------ 2007-08-24 13:44 4608 C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter2.0] --------- 2005-07-19 11:36 933888 C:\Program Files\Brother\ControlCenter2\brctrcen.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] --a------ 2004-08-03 23:44 15360 C:\WINDOWS\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools] --a------ 2005-12-10 15:57 133016 C:\Program Files\DAEMON Tools\daemon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Flashget] C:\Program Files\FlashGet\FlashGet.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] --a------ 2001-07-09 09:50 155648 C:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] --a------ 2007-09-17 01:07 8491008 C:\WINDOWS\system32\NvCpl.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] --a------ 2007-09-17 01:07 81920 C:\WINDOWS\system32\NvMcTray.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVMixerTray] --a------ 2004-12-20 16:12 131072 C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] --a------ 2007-09-17 01:07 1626112 C:\WINDOWS\system32\nwiz.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector] --a------ 2007-06-16 00:15 366400 C:\Program Files\Picasa2\PicasaMediaDetector.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PicasaNet] C:\Documents and Settings\Administrator\Pulpit\Hello\Hello.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a------ 2007-11-07 01:39 98304 C:\Program Files\QuickTime\qttask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetDefPrt] --------- 2005-01-26 17:02 49152 C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] -ra------ 2007-08-06 11:43 23165736 C:\Program Files\Skype\Phone\Skype.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr] -ra------ 2006-03-30 15:45 313472 C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "D:\\utorrent\\utorrent.exe"= "D:\\Painkiller Overdose\\Bin\\Overdose.exe"= "D:\\Painkiller Overdose\\Bin\\OverdoseEditor.exe"= "D:\\Painkiller Overdose\\Bin\\OverdoseServer.exe"= "C:\\Program Files\\uTorrent\\uTorrent.exe"= "C:\\Program Files\\Skype\\Phone\\Skype.exe"= "D:\\footbal manager 2008\\fm.exe"= R1 BIOS;BIOS;C:\WINDOWS\system32\drivers\BIOS.sys [2005-03-16 07:23] R1 epfwtdir;epfwtdir;C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2007-11-23 21:52] R2 ABBYY.Licensing.FineReader.Professional.9.0;Usługa licencjonowania programu ABBYY FineReader 9.0;"C:\Program Files\ABBYY FineReader 9.0\NetworkLicenseServer.exe" -service [] R3 BrScnUsb;Brother USB Still Image driver;C:\WINDOWS\system32\Drivers\BrScnUsb.sys [2004-10-15 11:50] R3 RTCore32;RTCore32;C:\My Downloads\rmclock_225_bin\RTCore32.sys [2005-05-25 09:39] R3 WFIOCTL;WFIOCTL;C:\Program Files\WinFast\WFDTV\WFIOCTL.SYS [2005-01-06 15:55] S3 SER120;OTI Serial port driver;C:\WINDOWS\system32\DRIVERS\SER120.sys [2005-03-22 10:03] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6b0b4217-2669-11dc-a13e-9993201023aa}] \Shell\AutoRun\command - K:\setupSNK.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{90003724-b58f-11dc-b987-000ae66a93fd}] \Shell\Auto\command - I:\activexdebugger32.exe f \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL activexdebugger32.exe f \Shell\explore\Command - I:\activexdebugger32.exe f \Shell\open\Command - I:\activexdebugger32.exe f [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{99cd6db0-cf6f-11dc-b9bb-001b111299fb}] \Shell\Auto\command - J:\activexdebugger32.exe f \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL activexdebugger32.exe f \Shell\explore\Command - J:\activexdebugger32.exe f \Shell\open\Command - J:\activexdebugger32.exe f [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d9d67f97-a066-11dc-b94a-000ae66a93fd}] \Shell\AutoRun\command - J:\setupSNK.exe . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-03-07 19:58:49 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2008-03-07 19:59:27 ComboFix-quarantined-files.txt 2008-03-07 18:59:25 dzieki bardzo za pomoc. Pingi wrocily Rychlost připojení k internetu: 1,043 Mbit/s Rychlost stahování dat: 133,5 kByte/s Rychlost odezvy (ping): min 31,848 ms max 32,733 ms Ø 32,272 ms
  23. bryken
    Log z hijack http://wklej.org/id/e35ae8a4a2 ewentualnie tutaj » Naciśnij, żeby pokazać/ukryć tekst oznaczony jako spoiler... « Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:07:21, on 2008-03-07 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\brsvc01a.exe C:\WINDOWS\system32\brss01a.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\ABBYY FineReader 9.0\NetworkLicenseServer.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\oodag.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\WINDOWS\system32\UAService.exe C:\WINDOWS\system32\oodtray.exe C:\Program Files\A4Tech\Mouse\Amoumain.exe C:\Program Files\D-Link\AirPlus G\AirGCFG.exe C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe C:\Program Files\GDS Byte Counter\gbc.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\WinFast\WFDTV\WFWIZ.exe C:\Program Files\WinFast\WFDTV\DTVSchdl.exe C:\WINDOWS\system32\ctfmon.exe C:\My Downloads\rmclock_225_bin\RMClock.exe C:\Program Files\foobar2000\foobar2000.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\Program Files\uTorrent\uTorrent.exe C:\My Downloads\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.bearshare.com/pl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "C:\Program Files\RivaTuner v2.0 Final Release\RivaTuner.exe" /S O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe O4 - HKLM\..\Run: [GDS Byte Counter] C:\Program Files\GDS Byte Counter\gbc.exe O4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] D:\Corel\Corel Graphics 12\Languages\EN\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=031408 serial=DR12WCD-0124438-cdp lang=EN O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe O4 - HKLM\..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [RMClock] "C:\My Downloads\rmclock_225_bin\RMClockLauncher.exe" O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-19\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-19\..\RunOnce: [nltide2] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-19\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-20\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Share in Hello - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:\Documents and Settings\Administrator\Pulpit\Hello\PicasaCapture.dll (file missing) O9 - Extra 'Tools' menuitem: Share in H&ello - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:\Documents and Settings\Administrator\Pulpit\Hello\PicasaCapture.dll (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: {1F831FAC-42FC-11D4-95A6-0080AD30DCE1} (InstaFred) - file:///C:/Program%20Files/AutoCAD%20LT%202002%20Plk/InstFred.ocx O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (AcDcToday) - file:///C:/Program%20Files/AutoCAD%20LT%202002%20Plk/AcDcToday.ocx O16 - DPF: {AE56372C-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - file:///C:/Program%20Files/AutoCAD%20LT%202002%20Plk/InstBanr.ocx O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview Control) - file:///C:/Program%20Files/AutoCAD%20LT%202002%20Plk/AcPreview.ocx O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Usługa licencjonowania programu ABBYY FineReader 9.0 (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files\ABBYY FineReader 9.0\NetworkLicenseServer.exe O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: SecuROM User Access Service (UserAccess) - Unknown owner - C:\WINDOWS\system32\UAService.exe -- End of file - 8535 bytes Log z silent runners http://wklej.org/id/a3bb9bd9ef » Naciśnij, żeby pokazać/ukryć tekst oznaczony jako spoiler... « "Silent Runners.vbs", revision 56, http://www.silentrunners.org/ Operating System: Windows XP SP2 Output limited to non-default values, except where indicated by "{++}" Startup items buried in registry: --------------------------------- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++} "ctfmon.exe" = "C:\WINDOWS\system32\ctfmon.exe" [MS] "RMClock" = ""C:\My Downloads\rmclock_225_bin\RMClockLauncher.exe"" ["RightMark Gathering, iXBT.com"] "Gadu-Gadu" = ""C:\Program Files\Gadu-Gadu\gg.exe" /tray" ["Gadu-Gadu S.A."] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++} "KernelFaultCheck" = "C:\WINDOWS\system32\dumprep 0 -k" "RivaTunerStartupDaemon" = ""C:\Program Files\RivaTuner v2.0 Final Release\RivaTuner.exe" /S" [empty string] "OODefragTray" = "C:\WINDOWS\system32\oodtray.exe" ["O&O Software GmbH"] "WheelMouse" = "C:\Program Files\A4Tech\Mouse\Amoumain.exe" ["A4Tech Co., Ltd."] "NvCplDaemon" = "RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup" [MS] "D-Link AirPlus G" = "C:\Program Files\D-Link\AirPlus G\AirGCFG.exe" ["D-Link"] "ANIWZCS2Service" = "C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" ["Alpha Networks Inc."] "GDS Byte Counter" = "C:\Program Files\GDS Byte Counter\gbc.exe" ["GD Software"] "CorelDRAW Graphics Suite 11b" = "D:\Corel\Corel Graphics 12\Languages\EN\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=031408 serial=DR12WCD-0124438-cdp lang=EN" ["Corel Corporation"] "egui" = ""C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice" ["ESET"] "WinFast Schedule" = "C:\Program Files\WinFast\WFDTV\WFWIZ.exe" ["Leadtek Research Inc."] "WinFastDTV" = "C:\Program Files\WinFast\WFDTV\DTVSchdl.exe" ["Leadtek Research Inc."] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided) -> {HKLM...CLSID} = "Adobe PDF Reader Link Helper" \InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"] {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}\(Default) = (no title provided) -> {HKLM...CLSID} = "Megaupload Toolbar" \InProcServer32\(Default) = "C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL" ["MEGAUPLOAD "] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided) -> {HKLM...CLSID} = "SSVHelper Class" \InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll" ["Sun Microsystems, Inc."] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ "{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Rozszerzenie CPL kadrowania wyświetlania" -> {HKLM...CLSID} = "Rozszerzenie CPL kadrowania wyświetlania" \InProcServer32\(Default) = "deskpan.dll" [file not found] "{EFA24E62-B078-11d0-89E4-00C04FC9E26E}" = "History Band" -> {HKLM...CLSID} = "History Band" \InProcServer32\(Default) = "C:\WINDOWS\system32\shdocvw.dll" [MS] "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data] "{A70C977A-BF00-412C-90B7-034C51DA2439}" = "NvCpl DesktopContext Class" -> {HKLM...CLSID} = "DesktopContext Class" \InProcServer32\(Default) = "C:\WINDOWS\system32\nvcpl.dll" ["NVIDIA Corporation"] "{1CDB2949-8F65-4355-8456-263E7C208A5D}" = "Desktop Explorer" -> {HKLM...CLSID} = "Desktop Explorer" \InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"] "{1E9B04FB-F9E5-4718-997B-B8DA88302A47}" = "Desktop Explorer Menu" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"] "{1E9B04FB-F9E5-4718-997B-B8DA88302A48}" = "nView Desktop Context Menu" -> {HKLM...CLSID} = "nView Desktop Context Menu" \InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"] "{00020D75-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Desktop Icon Handler" -> {HKLM...CLSID} = "Microsoft Office Outlook" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL" [MS] "{0006F045-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Custom Icon Handler" -> {HKLM...CLSID} = "Rozszerzenie ikon plików programu Outlook" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL" [MS] "{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\Program Files\Microsoft Office\OFFICE11\msohev.dll" [MS] "{B327765E-D724-4347-8B16-78AE18552FC3}" = "NeroDigitalIconHandler" -> {HKLM...CLSID} = "NeroDigitalIconHandler Class" \InProcServer32\(Default) = "C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll" ["Nero AG"] "{7F1CF152-04F8-453A-B34C-E609530A9DC8}" = "NeroDigitalPropSheetHandler" -> {HKLM...CLSID} = "NeroDigitalPropSheetHandler Class" \InProcServer32\(Default) = "C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll" ["Nero AG"] "{AD392E40-428C-459F-961E-9B147782D099}" = "UltraISO" -> {HKLM...CLSID} = "UIContextMenu Class" \InProcServer32\(Default) = "C:\Program Files\UltraISO\isoshell.dll" ["EZB Systems, Inc."] "{FFB699E0-306A-11d3-8BD1-00104B6F7516}" = "Play on my TV helper" -> {HKLM...CLSID} = "NVIDIA CPL Extension" \InProcServer32\(Default) = "C:\WINDOWS\system32\nvcpl.dll" ["NVIDIA Corporation"] "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" = "OpenOffice.org Column Handler" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = ""D:\openoffice\program\shlxthdl.dll"" ["Sun Microsystems, Inc."] "{087B3AE3-E237-4467-B8DB-5A38AB959AC9}" = "OpenOffice.org Infotip Handler" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = ""D:\openoffice\program\shlxthdl.dll"" ["Sun Microsystems, Inc."] "{63542C48-9552-494A-84F7-73AA6A7C99C1}" = "OpenOffice.org Property Sheet Handler" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = ""D:\openoffice\program\shlxthdl.dll"" ["Sun Microsystems, Inc."] "{3B092F0C-7696-40E3-A80F-68D74DA84210}" = "OpenOffice.org Thumbnail Viewer" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = ""D:\openoffice\program\shlxthdl.dll"" ["Sun Microsystems, Inc."] "{59A3380E-5305-4cea-BD99-4F2FF510C91F}" = "FineReader9ContextMenu" -> {HKLM...CLSID} = "FineReader9.FRContextMenu.1" \InProcServer32\(Default) = "C:\Program Files\ABBYY FineReader 9.0\FRIntegration.dll" ["ABBYY Software Ltd"] "{B089FE88-FB52-11D3-BDF1-0050DA34150D}" = "Eset Smart Security - Context Menu Shell Extension" -> {HKLM...CLSID} = "Eset Smart Security - Context Menu Shell Extension" \InProcServer32\(Default) = "C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll" ["ESET"] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Aedebug\ <<!>> "Debugger" = "C:\Program Files\Borland\Delphi7\Bin\bordbg70.exe -aeargs %ld %ld" [file not found] HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\ <<!>> "BootExecute" = "autocheck autochk *"|"OODBS" ["O&O Software GmbH"] HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\ <<!>> text/xml\CLSID = "{807553E5-5146-11D5-A672-00B0D022E945}" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL" [MS] HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\ {7D4D6379-F301-4311-BEBA-E26EB0561882}\(Default) = "NeroDigitalExt.NeroDigitalColumnHandler" -> {HKLM...CLSID} = "NeroDigitalColumnHandler Class" \InProcServer32\(Default) = "C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll" ["Nero AG"] {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\(Default) = "OpenOffice.org Column Handler" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = ""D:\openoffice\program\shlxthdl.dll"" ["Sun Microsystems, Inc."] {F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info" -> {HKLM...CLSID} = "PDF Shell Extension" \InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."] HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\ Eset Smart Security - Context Menu Shell Extension\(Default) = "{B089FE88-FB52-11D3-BDF1-0050DA34150D}" -> {HKLM...CLSID} = "Eset Smart Security - Context Menu Shell Extension" \InProcServer32\(Default) = "C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll" ["ESET"] FineReader9ContextMenu\(Default) = "{59A3380E-5305-4cea-BD99-4F2FF510C91F}" -> {HKLM...CLSID} = "FineReader9.FRContextMenu.1" \InProcServer32\(Default) = "C:\Program Files\ABBYY FineReader 9.0\FRIntegration.dll" ["ABBYY Software Ltd"] WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data] HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\ UltraISO\(Default) = "{AD392E40-428C-459F-961E-9B147782D099}" -> {HKLM...CLSID} = "UIContextMenu Class" \InProcServer32\(Default) = "C:\Program Files\UltraISO\isoshell.dll" ["EZB Systems, Inc."] WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data] HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\ Eset Smart Security - Context Menu Shell Extension\(Default) = "{B089FE88-FB52-11D3-BDF1-0050DA34150D}" -> {HKLM...CLSID} = "Eset Smart Security - Context Menu Shell Extension" \InProcServer32\(Default) = "C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll" ["ESET"] UltraISO\(Default) = "{AD392E40-428C-459F-961E-9B147782D099}" -> {HKLM...CLSID} = "UIContextMenu Class" \InProcServer32\(Default) = "C:\Program Files\UltraISO\isoshell.dll" ["EZB Systems, Inc."] WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data] Default executables: -------------------- <<!>> HKLM\SOFTWARE\Classes\.scr\(Default) = "AutoCADScriptFile" <<!>> HKLM\SOFTWARE\Classes\AutoCADScriptFile\shell\open\command\(Default) = "C:\WINDOWS\NOTEPAD.EXE "%1"" [MS] Group Policies {GPedit.msc branch and setting}: ----------------------------------------------- Note: detected settings may not have any effect. HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\ "NoSMHelp" = (REG_DWORD) dword:0x00000001 {User Configuration|Administrative Templates|Start Menu and Taskbar| Remove Help menu from Start Menu} HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ "shutdownwithoutlogon" = (REG_DWORD) dword:0x00000001 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| Shutdown: Allow system to be shut down without having to log on} "undockwithoutlogon" = (REG_DWORD) dword:0x00000001 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| Devices: Allow undock without having to log on} Active Desktop and Wallpaper: ----------------------------- Active Desktop may be disabled at this entry: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState Startup items in "Administrator" & "All Users" startup folders: --------------------------------------------------------------- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart "Adobe Gamma Loader" -> shortcut to: "C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe" ["Adobe Systems, Inc."] Winsock2 Service Provider DLLs: ------------------------------- Namespace Service Providers HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++} 000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS] 000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS] 000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS] Transport Service Providers HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: %SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 25 %SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05 Toolbars, Explorer Bars, Extensions: ------------------------------------ Toolbars HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\ "{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}" -> {HKLM...CLSID} = "Megaupload Toolbar" \InProcServer32\(Default) = "C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL" ["MEGAUPLOAD "] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ "{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}" = (no title provided) -> {HKLM...CLSID} = "Megaupload Toolbar" \InProcServer32\(Default) = "C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL" ["MEGAUPLOAD "] Explorer Bars HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ HKLM\SOFTWARE\Classes\CLSID\{FF059E31-CC5A-4E2E-BF3B-96E929D65503}\(Default) = "&Badanie" Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar] InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL" [MS] Extensions (Tools menu items, main toolbar menu buttons) HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\ {08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ "MenuText" = "Sun Java Console" "CLSIDExtension" = "{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}" -> {HKCU...CLSID} = "Java Plug-in 1.6.0_03" \InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll" ["Sun Microsystems, Inc."] -> {HKLM...CLSID} = "Java Plug-in 1.6.0_03" \InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll" ["Sun Microsystems, Inc."] {92780B25-18CC-41C8-B9BE-3C9C571A8263}\ "ButtonText" = "Badanie" {B13B4423-2647-4CFC-A4B3-C7D56CB83487}\ "ButtonText" = "Share in Hello" "MenuText" = "Share in H&ello" "CLSIDExtension" = "{B13B4423-2647-4cfc-A4B3-C7D56CB83487}" -> {HKLM...CLSID} = "IECmdExecute Class" \InProcServer32\(Default) = "C:\Documents and Settings\Administrator\Pulpit\Hello\PicasaCapture.dll" [file not found] {E2E2DD38-D088-4134-82B7-F2BA38496583}\ "MenuText" = "@xpsp3res.dll,-20001" "Exec" = "%windir%\Network Diagnostic\xpnetdiag.exe" [MS] Miscellaneous IE Hijack Points ------------------------------ HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\ <<H>> "Tabs" = "C:\Documents and Settings\Administrator\Dane aplikacji\MEGAUPLOADTOOLBAR\tabwelcome.html" [null data] Running Services (Display Name, Service Name, Path {Service DLL}): ------------------------------------------------------------------ BrSplService, Brother XP spl Service, "C:\WINDOWS\system32\brsvc01a.exe" ["brother Industries Ltd"] Eset Service, ekrn, ""C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe"" ["ESET"] NVIDIA Display Driver Service, NVSvc, "C:\WINDOWS\system32\nvsvc32.exe" ["NVIDIA Corporation"] O&O Defrag, O&O Defrag, "C:\WINDOWS\system32\oodag.exe" ["O&O Software GmbH"] SecuROM User Access Service, UserAccess, "C:\WINDOWS\system32\UAService.exe" [null data] StarWind AE Service, StarWindServiceAE, "C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe" ["Rocket Division Software"] Ulead Burning Helper, UleadBurningHelper, "C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe" ["Ulead Systems, Inc."] Usługa licencjonowania programu ABBYY FineReader 9.0, ABBYY.Licensing.FineReader.Professional.9.0, ""C:\Program Files\ABBYY FineReader 9.0\NetworkLicenseServer.exe" -service" ["ABBYY (BIT Software)"] Windows User Mode Driver Framework, UMWdf, "C:\WINDOWS\system32\wdfmgr.exe" [MS] ---------- (launch time: 2008-03-07 11:11:16) <<!>>: Suspicious data at a malware launch point. <<H>>: Suspicious data at a browser hijack point. + This report excludes default entries except where indicated. + To see *everywhere* the script checks and *everything* it finds, launch it from a command prompt or a shortcut with the -all parameter. + The search for DESKTOP.INI DLL launch points on all local fixed drives took 113 seconds. ---------- (total run time: 234 seconds)
  24. bryken
    ale nad nim dziennikarze by sie tak nie litowali i wypisywali o nieszczesliwym wypadku.
  25. bryken
    napisales same ogolniki podaj konkrety.
×
×
  • Dodaj nową pozycję...