Kod: 73268 WKLEJTO.PL Darmowa wklejka, na zawsze!

1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13. 14. 15. 16. 17. 18. 19. 20. 21. 22. 23. 24. 25. 26. 27. 28. 29. 30. 31. 32. 33. 34. 35. 36. 37. 38. 39. 40. 41. 42. 43. 44. 45. 46. 47. 48. 49. 50. 51. 52. 53. 54. 55. 56. 57. 58. 59. 60. 61. 62. 63. 64. 65. 66. 67. 68. 69. 70. 71. 72. 73. 74. 75. 76. 77. 78. 79. 80. 81. 82. 83. 84. 85. 86. 87. 88. 89. 90. 91. 92. 93. 94. 95. 96. 97. 98. 99. 100. 101. 102. 103. 104. 105. 106. 107. 108. 109. 110. 111. 112. 113. 114. 115. 116. 117. 118. 119. 120. 121. 122. 123. 124. 125. 126. 127. 128. 129. 130. 131. 132. 133. 134. 135. 136. 137. 138. 139. 140. 141. 142. 143. 144. 145. 146. 147. 148. 149. 150. 151. 152. 153. 154. 155. 156. 157. 158. 159. 160. 161. 162. 163. 164. 165. 166. 167. 168. 169. 170. 171. 172. 173. 174. 175. 176. 177. 178. 179. 180. 181. 182. 183. 184. 185. 186. 187. 188. 189. 190. 191. 192. 193. 194. 195. 196.

DDS (Ver_10-03-17.01) - NTFSx86 Run by Bula at 13:11:50,12 on 2010-07-29 Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_15 Microsoft Windows 7 Ultimate 6.1.7600.0.1250.48.1033.18.3326.2381 [GMT 2:00] ============== Running Processes =============== C:\\Windows\\system32\\wininit.exe C:\\Windows\\system32\\lsm.exe C:\\Windows\\system32\\svchost.exe -k DcomLaunch C:\\Windows\\system32\\svchost.exe -k RPCSS C:\\Windows\\system32\\atiesrxx.exe C:\\Windows\\System32\\svchost.exe -k LocalServiceNetworkRestricted C:\\Windows\\System32\\svchost.exe -k LocalSystemNetworkRestricted C:\\Windows\\system32\\svchost.exe -k netsvcs C:\\Windows\\system32\\svchost.exe -k LocalService C:\\Windows\\system32\\atieclxx.exe C:\\Windows\\system32\\svchost.exe -k NetworkService C:\\Windows\\System32\\spoolsv.exe C:\\Windows\\system32\\svchost.exe -k LocalServiceNoNetwork C:\\Program Files\\Kaspersky Lab\\Kaspersky Internet Security 2010\\avp.exe C:\\Program Files\\Bonjour\\mDNSResponder.exe C:\\Windows\\System32\\svchost.exe -k WerSvcGroup C:\\Windows\\system32\\taskhost.exe C:\\Windows\\system32\\Dwm.exe C:\\Windows\\Explorer.EXE C:\\Program Files\\Kaspersky Lab\\Kaspersky Internet Security 2010\\avp.exe C:\\Program Files\\DAEMON Tools Lite\\DTLite.exe C:\\Windows\\system32\\SearchIndexer.exe C:\\Windows\\system32\\svchost.exe -k NetworkServiceNetworkRestricted C:\\Windows\\system32\\WUDFHost.exe C:\\Windows\\servicing\\TrustedInstaller.exe C:\\Program Files\\Windows Media Player\\wmpnetwk.exe C:\\Windows\\system32\\svchost.exe -k LocalServiceAndNoImpersonation C:\\Windows\\System32\\svchost.exe -k LocalServicePeerNet C:\\Windows\\System32\\svchost.exe -k secsvcs C:\\Windows\\system32\\wuauclt.exe C:\\Program Files\\Mozilla Firefox\\firefox.exe C:\\Program Files\\Kaspersky Lab\\Kaspersky Internet Security 2010\\klwtblfs.exe C:\\Program Files\\Mozilla Firefox\\plugin-container.exe C:\\Windows\\system32\\SearchProtocolHost.exe C:\\Windows\\system32\\SearchFilterHost.exe C:\\Windows\\system32\\AUDIODG.EXE C:\\Users\\Bula\\Downloads\\dds.scr C:\\Windows\\system32\\conhost.exe C:\\Windows\\system32\\wbem\\wmiprvse.exe ============== Pseudo HJT Report =============== uInternet Settings,ProxyOverride = *.local BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\\program files\\common files\\adobe\\acrobat\\activex\\AcroIEHelperShim.dll BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\\program files\\kaspersky lab\\kaspersky internet security 2010\\ievkbd.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\\program files\\java\\jre6\\bin\\jp2ssv.dll BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - c:\\program files\\kaspersky lab\\kaspersky internet security 2010\\klwtbbho.dll uRun: [DAEMON Tools Lite] \"c:\\program files\\daemon tools lite\\DTLite.exe\" -autorun mRun: [AVP] \"c:\\program files\\kaspersky lab\\kaspersky internet security 2010\\avp.exe\" mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Dodaj do blokowanych banerów - c:\\program files\\kaspersky lab\\kaspersky internet security 2010\\ie_banner_deny.htm IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - c:\\program files\\kaspersky lab\\kaspersky internet security 2010\\klwtbbho.dll IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\\program files\\kaspersky lab\\kaspersky internet security 2010\\klwtbbho.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\\progra~1\\common~1\\skype\\SKYPE4~1.DLL Notify: klogon - c:\\windows\\system32\\klogon.dll AppInit_DLLs: c:\\progra~1\\kasper~1\\kasper~1\\mzvkbd3.dll,c:\\progra~1\\kasper~1\\kasper~1\\kloehk.dll ================= FIREFOX =================== FF - ProfilePath - c:\\users\\bula\\appdata\\roaming\\mozilla\\firefox\\profiles\\6nblbknq.default\\ FF - component: c:\\program files\\mozilla firefox\\extensions\\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\\components\\SkypeFfComponent.dll FF - component: c:\\program files\\mozilla firefox\\extensions\\linkfilter@kaspersky.ru\\components\\KavLinkFilter.dll FF - plugin: c:\\program files\\rayv\\rayv\\plugins\\nprayvplugin.dll FF - plugin: c:\\program files\\win7codecs\\rm\\browser\\plugins\\nppl3260.dll FF - plugin: c:\\program files\\win7codecs\\rm\\browser\\plugins\\nprpjplug.dll FF - HiddenExtension: Java Console: No Registry Reference - c:\\program files\\mozilla firefox\\extensions\\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- c:\\program files\\mozilla firefox\\greprefs\\all.js - pref(\"ui.use_native_colors\", true); c:\\program files\\mozilla firefox\\greprefs\\all.js - pref(\"ui.use_native_popup_windows\", false); c:\\program files\\mozilla firefox\\greprefs\\all.js - pref(\"browser.enable_click_image_resizing\", true); c:\\program files\\mozilla firefox\\greprefs\\all.js - pref(\"accessibility.browsewithcaret_shortcut.enabled\", true); c:\\program files\\mozilla firefox\\greprefs\\all.js - pref(\"javascript.options.mem.high_water_mark\", 32); c:\\program files\\mozilla firefox\\greprefs\\all.js - pref(\"javascript.options.mem.gc_frequency\", 1600); c:\\program files\\mozilla firefox\\greprefs\\all.js - pref(\"network.IDN.whitelist.lu\", true); c:\\program files\\mozilla firefox\\greprefs\\all.js - pref(\"network.IDN.whitelist.nu\", true); c:\\program files\\mozilla firefox\\greprefs\\all.js - pref(\"network.IDN.whitelist.nz\", true); c:\\program files\\mozilla firefox\\greprefs\\all.js - pref(\"network.IDN.whitelist.xn--mgbaam7a8h\", true); c:\\program files\\mozilla firefox\\greprefs\\all.js - pref(\"network.IDN.whitelist.xn--mgberp4a5d4ar\", true); c:\\program files\\mozilla firefox\\greprefs\\all.js - pref(\"network.IDN.whitelist.xn--p1ai\", true); c:\\program files\\mozilla firefox\\greprefs\\all.js - pref(\"network.IDN.whitelist.xn--mgbayh7gpa\", true); c:\\program files\\mozilla firefox\\greprefs\\all.js - pref(\"network.IDN.whitelist.tel\", true); c:\\program files\\mozilla firefox\\greprefs\\all.js - pref(\"network.auth.force-generic-ntlm\", false); c:\\program files\\mozilla firefox\\greprefs\\all.js - pref(\"network.proxy.type\", 5); c:\\program files\\mozilla firefox\\greprefs\\all.js - pref(\"network.buffer.cache.count\", 24); c:\\program files\\mozilla firefox\\greprefs\\all.js - pref(\"network.buffer.cache.size\", 4096); c:\\program files\\mozilla firefox\\greprefs\\all.js - pref(\"dom.ipc.plugins.timeoutSecs\", 45); c:\\program files\\mozilla firefox\\greprefs\\all.js - pref(\"svg.smil.enabled\", false); c:\\program files\\mozilla firefox\\greprefs\\all.js - pref(\"ui.trackpoint_hack.enabled\", -1); c:\\program files\\mozilla firefox\\greprefs\\all.js - pref(\"browser.formfill.debug\", false); c:\\program files\\mozilla firefox\\greprefs\\all.js - pref(\"browser.formfill.agedWeight\", 2); c:\\program files\\mozilla firefox\\greprefs\\all.js - pref(\"browser.formfill.bucketSize\", 1); c:\\program files\\mozilla firefox\\greprefs\\all.js - pref(\"browser.formfill.maxTimeGroupings\", 25); c:\\program files\\mozilla firefox\\greprefs\\all.js - pref(\"browser.formfill.timeGroupingSize\", 604800); c:\\program files\\mozilla firefox\\greprefs\\all.js - pref(\"browser.formfill.boundaryWeight\", 25); c:\\program files\\mozilla firefox\\greprefs\\all.js - pref(\"browser.formfill.prefixWeight\", 5); c:\\program files\\mozilla firefox\\greprefs\\all.js - pref(\"accelerometer.enabled\", true); c:\\program files\\mozilla firefox\\greprefs\\all.js - pref(\"html5.enable\", false); c:\\program files\\mozilla firefox\\greprefs\\security-prefs.js - pref(\"security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref\", true); c:\\program files\\mozilla firefox\\greprefs\\security-prefs.js - pref(\"security.ssl.renego_unrestricted_hosts\", \"\"); c:\\program files\\mozilla firefox\\greprefs\\security-prefs.js - pref(\"security.ssl.treat_unsafe_negotiation_as_broken\", false); c:\\program files\\mozilla firefox\\greprefs\\security-prefs.js - pref(\"security.ssl.require_safe_negotiation\", false); c:\\program files\\mozilla firefox\\greprefs\\security-prefs.js - pref(\"security.ssl3.rsa_seed_sha\", true); c:\\program files\\mozilla firefox\\defaults\\pref\\firefox-branding.js - pref(\"app.update.download.backgroundInterval\", 600); c:\\program files\\mozilla firefox\\defaults\\pref\\firefox-branding.js - pref(\"app.update.url.manual\", \"http://www.firefox.com\"); c:\\program files\\mozilla firefox\\defaults\\pref\\firefox-branding.js - pref(\"browser.search.param.yahoo-fr-ja\", \"mozff\"); c:\\program files\\mozilla firefox\\defaults\\pref\\firefox.js - pref(\"extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name\", \"chrome://browser/locale/browser.properties\"); c:\\program files\\mozilla firefox\\defaults\\pref\\firefox.js - pref(\"extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description\", \"chrome://browser/locale/browser.properties\"); c:\\program files\\mozilla firefox\\defaults\\pref\\firefox.js - pref(\"xpinstall.whitelist.add\", \"addons.mozilla.org\"); c:\\program files\\mozilla firefox\\defaults\\pref\\firefox.js - pref(\"xpinstall.whitelist.add.36\", \"getpersonas.com\"); c:\\program files\\mozilla firefox\\defaults\\pref\\firefox.js - pref(\"lightweightThemes.update.enabled\", true); c:\\program files\\mozilla firefox\\defaults\\pref\\firefox.js - pref(\"browser.allTabs.previews\", false); c:\\program files\\mozilla firefox\\defaults\\pref\\firefox.js - pref(\"plugins.hide_infobar_for_outdated_plugin\", false); c:\\program files\\mozilla firefox\\defaults\\pref\\firefox.js - pref(\"plugins.update.notifyUser\", false); c:\\program files\\mozilla firefox\\defaults\\pref\\firefox.js - pref(\"toolbar.customization.usesheet\", false); c:\\program files\\mozilla firefox\\defaults\\pref\\firefox.js - pref(\"dom.ipc.plugins.enabled.nptest.dll\", true); c:\\program files\\mozilla firefox\\defaults\\pref\\firefox.js - pref(\"dom.ipc.plugins.enabled.npswf32.dll\", true); c:\\program files\\mozilla firefox\\defaults\\pref\\firefox.js - pref(\"dom.ipc.plugins.enabled.npctrl.dll\", true); c:\\program files\\mozilla firefox\\defaults\\pref\\firefox.js - pref(\"dom.ipc.plugins.enabled.npqtplugin.dll\", true); c:\\program files\\mozilla firefox\\defaults\\pref\\firefox.js - pref(\"dom.ipc.plugins.enabled\", false); c:\\program files\\mozilla firefox\\defaults\\pref\\firefox.js - pref(\"browser.taskbar.previews.enable\", false); c:\\program files\\mozilla firefox\\defaults\\pref\\firefox.js - pref(\"browser.taskbar.previews.max\", 20); c:\\program files\\mozilla firefox\\defaults\\pref\\firefox.js - pref(\"browser.taskbar.previews.cachetime\", 20); ============= SERVICES / DRIVERS =============== R0 klbg;Kaspersky Lab Boot Guard Driver;c:\\windows\\system32\\drivers\\klbg.sys [2009-10-14 36880] R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\\windows\\system32\\drivers\\klim6.sys [2009-9-14 21520] R1 vwififlt;Virtual WiFi Filter Driver;c:\\windows\\system32\\drivers\\vwififlt.sys [2009-7-14 48128] R2 AMD External Events Utility;AMD External Events Utility;c:\\windows\\system32\\atiesrxx.exe [2009-8-18 176128] R2 AVP;Kaspersky Internet Security;c:\\program files\\kaspersky lab\\kaspersky internet security 2010\\avp.exe [2009-10-20 340456] R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\\windows\\system32\\drivers\\klmouflt.sys [2009-10-2 19472] R3 rt61x86;RT61 Extensible Wireless Driver;c:\\windows\\system32\\drivers\\netr61.sys [2010-4-7 376160] R3 RTL8167;Realtek 8167 NT Driver;c:\\windows\\system32\\drivers\\Rt86win7.sys [2009-3-1 139776] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\\windows\\system32\\drivers\\vwifimp.sys [2009-7-14 14336] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorsvw.exe [2010-3-18 130384] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\\windows\\system32\\drivers\\b57nd60x.sys [2009-7-14 229888] S3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;c:\\windows\\system32\\wat\\WatAdminSvc.exe [2010-6-1 1343400] =============== Created Last 30 ================ 2010-07-28 09:16:23 273452190 ----a-w- c:\\windows\\MEMORY.DMP 2010-07-24 22:19:08 0 d-----w- c:\\program files\\URUSoft 2010-07-06 09:05:00 0 d-----w- c:\\programdata\\SimCity Societies ==================== Find3M ==================== 2010-07-26 21:46:24 697658 ----a-w- c:\\windows\\system32\\perfh015.dat 2010-07-26 21:46:24 134768 ----a-w- c:\\windows\\system32\\perfc015.dat 2010-06-13 19:29:12 409088 ----a-w- c:\\windows\\system32\\systemcpl.dll 2010-06-13 19:29:12 13824 ----a-w- c:\\windows\\system32\\slwga.dll 2010-06-13 19:29:11 811520 ----a-w- c:\\windows\\system32\\user32.dll 2010-06-02 14:45:16 97549 ----a-w- c:\\windows\\system32\\drivers\\klick.dat 2010-06-02 14:45:16 113933 ----a-w- c:\\windows\\system32\\drivers\\klin.dat 2010-05-27 07:24:13 34304 ----a-w- c:\\windows\\system32\\atmlib.dll 2010-05-27 03:49:37 293888 ----a-w- c:\\windows\\system32\\atmfd.dll 2010-05-21 12:14:28 221568 ------w- c:\\windows\\system32\\MpSigStub.exe 2010-05-21 05:18:06 977920 ----a-w- c:\\windows\\system32\\wininet.dll 2010-05-09 09:14:55 641536 ----a-w- c:\\windows\\system32\\CPFilters.dll 2010-05-09 09:14:50 417792 ----a-w- c:\\windows\\system32\\msdri.dll 2010-05-01 14:49:25 2326528 ----a-w- c:\\windows\\system32\\win32k.sys 2010-03-21 13:47:35 38710 ----a-w- c:\\windows\\inf\\perflib\\0415\\perfd.dat 2010-03-21 13:47:35 38710 ----a-w- c:\\windows\\inf\\perflib\\0415\\perfc.dat 2010-03-21 13:47:35 337158 ----a-w- c:\\windows\\inf\\perflib\\0415\\perfi.dat 2010-03-21 13:47:35 337158 ----a-w- c:\\windows\\inf\\perflib\\0415\\perfh.dat 2009-07-14 04:56:42 31548 ----a-w- c:\\windows\\inf\\perflib\\0409\\perfd.dat 2009-07-14 04:56:42 31548 ----a-w- c:\\windows\\inf\\perflib\\0409\\perfc.dat 2009-07-14 04:56:42 291294 ----a-w- c:\\windows\\inf\\perflib\\0409\\perfi.dat 2009-07-14 04:56:42 291294 ----a-w- c:\\windows\\inf\\perflib\\0409\\perfh.dat 2009-07-14 04:41:57 174 --sha-w- c:\\program files\\desktop.ini 2009-07-14 00:34:40 291294 ----a-w- c:\\windows\\inf\\perflib\\0000\\perfi.dat 2009-07-14 00:34:40 291294 ----a-w- c:\\windows\\inf\\perflib\\0000\\perfh.dat 2009-07-14 00:34:38 31548 ----a-w- c:\\windows\\inf\\perflib\\0000\\perfd.dat 2009-07-14 00:34:38 31548 ----a-w- c:\\windows\\inf\\perflib\\0000\\perfc.dat 2009-06-10 21:26:35 9633792 --sha-r- c:\\windows\\fonts\\StaticCache.dat 2010-03-21 18:19:14 245760 --sha-w- c:\\windows\\serviceprofiles\\networkservice\\appdata\\roaming\\microsoft\\windows\\ietldcache\\index.dat 2010-04-09 15:08:06 245760 --sha-w- c:\\windows\\system32\\config\\systemprofile\\appdata\\roaming\\microsoft\\windows\\ietldcache\\index.dat 2009-07-14 01:14:45 396800 --sha-w- c:\\windows\\winsxs\\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\\WinMail.exe ============= FINISH: 13:12:29,50 ===============

Nowy Komentarz:

Komentarze: