Log z notatnika program HijackThis

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 14:23:50, on 2011-02-05

Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\system32\RUNDLL32.EXE

C:\WINDOWS\Memdirt3.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Steam\steam.exe

C:\Documents and Settings\Arek\Menu Start\Programy\Autostart\nssvc32.exe

C:\Documents and Settings\Arek\Menu Start\Programy\Autostart\rundlll.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

c:\program files\steam\steamapps\reeestu\counter-strike\hl.exe

C:\Program Files\Steam\GameOverlayUI.exe

C:\Documents and Settings\Arek\Moje dokumenty\Pobieranie\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= … =CT2405280

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O4 - HKLM…\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM…\Run: [skyTel] SkyTel.EXE

O4 - HKLM…\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM…\Run: [nwiz] nwiz.exe /install

O4 - HKLM…\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM…\Run: [l33t] C:\WINDOWS\system\iexplore.exe

O4 - HKLM…\Run: [WinLogent3] C:\WINDOWS\Memdirt3.exe

O4 - HKLM…\Run: [sunJavaUpdateSched] “C:\Program Files\Common Files\Java\Java Update\jusched.exe”

O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU…\Run: [MSMSGS] “C:\Program Files\Messenger\msmsgs.exe” /background

O4 - HKCU…\Run: [ALLUpdate] “C:\Program Files\ALLPlayer\ALLUpdate.exe” “sleep”

O4 - HKCU…\Run: [GoD] “C:\Documents and Settings\Arek\Moje dokumenty\GoD\iGoD.exe”

O4 - HKCU…\Run: [PKTray] C:\Program Files\Przyspiesz Komputer\PKTray.exe

O4 - HKCU…\Run: [Gadu-Gadu 10] “C:\Program Files\Gadu-Gadu 10\gg.exe”

O4 - HKCU…\Run: [steam] “C:\Program Files\Steam\steam.exe” -silent

O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘USŁUGA LOKALNA’)

O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘USŁUGA SIECIOWA’)

O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘SYSTEM’)

O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘Default user’)

O4 - Startup: nssvc32.exe

O4 - Startup: rundlll.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

End of file - 4276 bytes

HJ za stary

podaj loga z otl i wklej na wklej.to

Ale o ile to mi Ping zmniejszy

o to że będę wiedział co masz nie tak (to jest niby nowsza wersja HJ)

OTL logfile created on: 2011-02-05 14:39:47 - Run 1

OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Arek\Moje dokumenty\Pobieranie

Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.2180)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 58,00% Memory free

2,00 Gb Paging File | 1,00 Gb Available in Paging File | 66,00% Paging File free

Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 48,83 Gb Total Space | 32,08 Gb Free Space | 65,69% Space Free | Partition Type: NTFS

Drive D: | 48,83 Gb Total Space | 44,54 Gb Free Space | 91,23% Space Free | Partition Type: NTFS

Drive E: | 51,39 Gb Total Space | 49,72 Gb Free Space | 96,76% Space Free | Partition Type: NTFS

Computer Name: AREK-9BRXPSGAD3 | User Name: Arek | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011-02-05 14:39:21 | 000,602,624 | ---- | M] (OldTimer Tools) – C:\Documents and Settings\Arek\Moje dokumenty\Pobieranie\OTL.exe

PRC - [2011-02-05 14:21:19 | 000,401,720 | ---- | M] (Trend Micro Inc.) – C:\Documents and Settings\Arek\Moje dokumenty\Pobieranie\HiJackThis.exe

PRC - [2011-01-18 13:38:52 | 000,086,077 | ---- | M] (Valve) – c:\Program Files\Steam\steamapps\reeestu\counter-strike\hl.exe

PRC - [2011-01-18 12:21:28 | 000,071,464 | ---- | M] (Valve Corporation) – C:\Program Files\Steam\GameOverlayUI.exe

PRC - [2011-01-16 16:34:52 | 001,242,448 | ---- | M] (Valve Corporation) – C:\Program Files\Steam\Steam.exe

PRC - [2011-01-03 19:18:42 | 000,606,208 | ---- | M] () – C:\WINDOWS\Memdirt3.exe

PRC - [2010-12-12 13:24:23 | 000,016,856 | ---- | M] (Mozilla Corporation) – C:\Program Files\Mozilla Firefox\plugin-container.exe

PRC - [2010-12-12 13:24:20 | 000,912,344 | ---- | M] (Mozilla Corporation) – C:\Program Files\Mozilla Firefox\firefox.exe

PRC - [2010-11-03 21:49:47 | 000,212,079 | ---- | M] () – C:\Documents and Settings\Arek\Menu Start\Programy\Autostart\nssvc32.exe

PRC - [2010-09-04 16:17:55 | 000,626,993 | ---- | M] () – C:\Documents and Settings\Arek\Menu Start\Programy\Autostart\rundlll.exe

PRC - [2004-08-03 23:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\explorer.exe

========== Modules (SafeList) ==========

MOD - [2011-02-05 14:39:21 | 000,602,624 | ---- | M] (OldTimer Tools) – C:\Documents and Settings\Arek\Moje dokumenty\Pobieranie\OTL.exe

MOD - [2004-08-03 23:42:34 | 001,050,624 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] – -- (HidServ)

SRV - [2010-09-13 16:28:38 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] – C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe – (FLEXnet Licensing Service)

========== Driver Services (SafeList) ==========

DRV - [2008-12-26 11:56:04 | 000,017,792 | ---- | M] (Avnex) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\vcsvad.sys – (VCSVADHWSer) Avnex Virtual Audio Device (WDM)

DRV - [2007-11-08 22:52:00 | 006,866,368 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\nv4_mini.sys – (nv)

DRV - [2007-03-06 05:27:32 | 000,019,968 | R— | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\nvnetbus.sys – (nvnetbus)

DRV - [2007-03-06 05:27:28 | 000,058,752 | R— | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\NVENETFD.sys – (NVENETFD)

DRV - [2007-02-16 01:50:32 | 000,012,032 | R— | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\nvsmu.sys – (nvsmu)

DRV - [2006-11-03 02:32:30 | 004,394,496 | R— | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\RtkHDAud.Sys – (IntcAzAudAddService) Service for Realtek HD Audio (WDM)

DRV - [2005-01-07 16:07:18 | 000,138,752 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\Hdaudbus.sys – (HDAudBus)

DRV - [2004-08-03 22:03:36 | 000,088,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] – C:\WINDOWS\system32\drivers\nwlnkipx.sys – (NwlnkIpx)

DRV - [2001-08-17 21:54:18 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] – C:\WINDOWS\system32\drivers\nwlnknb.sys – (NwlnkNb)

DRV - [2001-08-17 21:54:18 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] – C:\WINDOWS\system32\drivers\nwlnkspx.sys – (NwlnkSpx)

DRV - [2001-08-17 21:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\irsir.sys – (irsir)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= … =CT2405280

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyOverride” = *.local

========== FireFox ==========

FF - prefs.js…browser.search.defaultengine: “Ask.com

FF - prefs.js…browser.search.defaultenginename: “Ask.com

FF - prefs.js…browser.search.defaultthis.engineName: “Softonic-Eng7 Customized Web Search”

FF - prefs.js…browser.search.defaulturl: “http://search.conduit.com/ResultsExt.aspx?ctid=CT2405280&SearchSource=3&q={searchTerms}

FF - prefs.js…browser.search.order.1: “Ask.com

FF - prefs.js…browser.search.selectedEngine: “Google”

FF - prefs.js…browser.search.useDBForOrder: true

FF - prefs.js…browser.startup.homepage: “http://www.google.pl/

FF - prefs.js…extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\Components: C:\Program Files\Mozilla Firefox\components [2011-01-16 11:28:43 | 000,000,000 | —D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-01-16 11:28:43 | 000,000,000 | —D | M]

[2010-05-15 13:44:19 | 000,000,000 | —D | M] (No name found) – C:\Documents and Settings\Arek\Dane aplikacji\Mozilla\Extensions

[2010-11-20 13:57:03 | 000,000,000 | —D | M] (No name found) – C:\Documents and Settings\Arek\Dane aplikacji\Mozilla\Firefox\Profiles\0vnuddzf.default\extensions

[2010-09-27 19:11:32 | 000,002,557 | ---- | M] () – C:\Documents and Settings\Arek\Dane aplikacji\Mozilla\Firefox\Profiles\0vnuddzf.default\searchplugins\askcom.xml

[2010-06-08 10:28:50 | 000,000,929 | ---- | M] () – C:\Documents and Settings\Arek\Dane aplikacji\Mozilla\Firefox\Profiles\0vnuddzf.default\searchplugins\conduit.xml

[2011-02-04 16:06:25 | 000,000,000 | —D | M] (No name found) – C:\Program Files\Mozilla Firefox\extensions

[2011-01-15 19:24:32 | 000,000,000 | —D | M] (Java Console) – C:\Program Files\Mozilla Firefox\extensions{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

[2010-08-09 16:17:46 | 000,873,888 | ---- | M] (ParallelGraphics) – C:\Program Files\Mozilla Firefox\plugins\npCortona.dll

[2011-01-15 19:24:14 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) – C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

[2010-10-09 15:51:47 | 000,002,767 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml

[2010-10-09 15:51:47 | 000,001,406 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml

[2010-10-09 15:51:47 | 000,000,917 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml

[2010-10-09 15:51:47 | 000,000,858 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml

[2010-10-09 15:51:47 | 000,001,183 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml

[2010-10-09 15:51:47 | 000,001,683 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2001-10-26 15:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O3 - HKCU…\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.

O4 - HKLM…\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)

O4 - HKLM…\Run: [l33t] C:\WINDOWS\system\iexplore.exe ()

O4 - HKLM…\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)

O4 - HKLM…\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)

O4 - HKLM…\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()

O4 - HKLM…\Run: [skyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)

O4 - HKLM…\Run: [WinLogent3] C:\WINDOWS\Memdirt3.exe ()

O4 - HKCU…\Run: [ALLUpdate] File not found

O4 - HKCU…\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)

O4 - HKCU…\Run: [GoD] File not found

O4 - HKCU…\Run: [PKTray] File not found

O4 - HKCU…\Run: [steam] C:\Program Files\Steam\steam.exe (Valve Corporation)

O4 - Startup: C:\Documents and Settings\Arek\Menu Start\Programy\Autostart\nssvc32.exe ()

O4 - Startup: C:\Documents and Settings\Arek\Menu Start\Programy\Autostart\rundlll.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)

O15 - HKCU…Trusted Domains: ([]msn in Mój komputer)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_23)

O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_23)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_23)

O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)

O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\Arek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Arek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp

O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2010-05-15 12:37:06 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT – [NTFS]

O33 - MountPoints2{2a8e8292-df85-11df-ac58-001966ec99a1}\Shell - “” = AutoRun

O33 - MountPoints2{2a8e8292-df85-11df-ac58-001966ec99a1}\Shell\AutoRun\command - “” = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

O33 - MountPoints2{8a0da6ce-f017-11df-ac8b-001966ec99a1}\Shell - “” = AutoRun

O33 - MountPoints2{8a0da6ce-f017-11df-ac8b-001966ec99a1}\Shell\AutoRun\command - “” = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

O33 - MountPoints2{ac824ee3-1691-11e0-acea-001966ec99a1}\Shell - “” = AutoRun

O33 - MountPoints2{ac824ee3-1691-11e0-acea-001966ec99a1}\Shell\AutoRun\command - “” = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM…comfile [open] – “%1” %*

O35 - HKLM…exefile [open] – “%1” %*

O37 - HKLM…com [@ = comfile] – “%1” %*

O37 - HKLM…exe [@ = exefile] – “%1” %*

========== Files/Folders - Created Within 30 Days ==========

[2011-02-01 18:34:54 | 000,000,000 | —D | C] – C:\Documents and Settings\Arek\Pulpit\Mapy na serwer

[2011-01-22 21:02:51 | 000,000,000 | —D | C] – C:\Documents and Settings\All Users\Menu Start\Programy\Total Commander

[2011-01-22 20:56:38 | 000,000,000 | —D | C] – C:\Documents and Settings\Arek\Moje dokumenty\Pobieranie

[2011-01-16 16:34:17 | 000,000,000 | —D | C] – C:\Documents and Settings\All Users\Menu Start\Programy\Steam

[2011-01-16 16:34:16 | 000,000,000 | —D | C] – C:\Program Files\Steam

[2011-01-16 11:28:42 | 000,000,000 | —D | C] – C:\Program Files\Common Files\ParallelGraphics

[2011-01-15 19:24:50 | 000,000,000 | —D | C] – C:\Program Files\Common Files\Java

[2011-01-15 19:24:30 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) – C:\WINDOWS\System32\javaws.exe

[2011-01-15 19:24:30 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) – C:\WINDOWS\System32\javaw.exe

[2011-01-15 19:24:30 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) – C:\WINDOWS\System32\java.exe

[2011-01-15 19:24:30 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) – C:\WINDOWS\System32\javacpl.cpl

[2011-01-15 19:24:10 | 000,000,000 | —D | C] – C:\Program Files\Java

[2011-01-13 16:58:21 | 000,000,000 | —D | C] – C:\Program Files\Gadu-Gadu 10

[2011-01-11 17:38:28 | 000,000,000 | —D | C] – C:\Program Files\Gadu-Gadu

[2011-01-08 19:40:12 | 000,000,000 | —D | C] – C:\Documents and Settings\Arek\Dane aplikacji\RegistryKeys

[2004-11-24 20:25:52 | 000,335,872 | ---- | C] ( ) – C:\WINDOWS\System32\drvc.dll

[3 C:\WINDOWS*.tmp files -> C:\WINDOWS*.tmp ->]

[2 C:\WINDOWS\System32*.tmp files -> C:\WINDOWS\System32*.tmp ->]

========== Files - Modified Within 30 Days ==========

[2011-02-05 13:55:47 | 000,355,486 | ---- | M] () – C:\WINDOWS\System32\perfh015.dat

[2011-02-05 13:55:47 | 000,311,604 | ---- | M] () – C:\WINDOWS\System32\perfh009.dat

[2011-02-05 13:55:47 | 000,049,492 | ---- | M] () – C:\WINDOWS\System32\perfc015.dat

[2011-02-05 13:55:47 | 000,039,992 | ---- | M] () – C:\WINDOWS\System32\perfc009.dat

[2011-02-05 13:53:42 | 000,000,260 | ---- | M] () – C:\WINDOWS\tasks\WGASetup.job

[2011-02-05 13:51:30 | 000,002,048 | --S- | M] () – C:\WINDOWS\bootstat.dat

[2011-02-04 15:59:05 | 000,002,206 | ---- | M] () – C:\WINDOWS\System32\wpa.dbl

[2011-01-30 18:34:20 | 000,006,144 | ---- | M] () – C:\Documents and Settings\Arek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011-01-22 21:02:52 | 000,000,555 | ---- | M] () – C:\Documents and Settings\Arek\Pulpit\Total Commander.lnk

[2011-01-18 12:30:03 | 000,000,075 | ---- | M] () – C:\Documents and Settings\Arek\Pulpit\Counter-Strike.url

[2011-01-18 12:25:01 | 000,000,664 | ---- | M] () – C:\Documents and Settings\All Users\Pulpit\Steam.lnk

[2011-01-15 19:24:14 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) – C:\WINDOWS\System32\deployJava1.dll

[2011-01-15 19:24:14 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) – C:\WINDOWS\System32\javaws.exe

[2011-01-15 19:24:14 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) – C:\WINDOWS\System32\javaw.exe

[2011-01-15 19:24:14 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) – C:\WINDOWS\System32\java.exe

[2011-01-15 19:24:14 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) – C:\WINDOWS\System32\javacpl.cpl

[2011-01-15 17:51:17 | 000,006,792 | ---- | M] () – C:\Documents and Settings\Arek\Pulpit\takem.jpg

[2011-01-15 15:46:54 | 000,044,431 | ---- | M] () – C:\Documents and Settings\Arek\Pulpit\take !.png

[2011-01-14 19:00:56 | 000,063,731 | ---- | M] () – C:\Documents and Settings\Arek\Pulpit\take_my_heart_but_please_don_t_break_it.htm

[2011-01-14 18:57:05 | 000,002,739 | ---- | M] () – C:\Documents and Settings\Arek\Pulpit\images.jpeg

[2011-01-13 16:59:20 | 000,000,762 | ---- | M] () – C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk

[3 C:\WINDOWS*.tmp files -> C:\WINDOWS*.tmp ->]

[2 C:\WINDOWS\System32*.tmp files -> C:\WINDOWS\System32*.tmp ->]

========== Files Created - No Company Name ==========

[2011-01-22 21:02:52 | 000,000,555 | ---- | C] () – C:\Documents and Settings\Arek\Pulpit\Total Commander.lnk

[2011-01-18 12:30:03 | 000,000,075 | ---- | C] () – C:\Documents and Settings\Arek\Pulpit\Counter-Strike.url

[2011-01-16 16:34:17 | 000,000,664 | ---- | C] () – C:\Documents and Settings\All Users\Pulpit\Steam.lnk

[2011-01-15 17:51:16 | 000,006,792 | ---- | C] () – C:\Documents and Settings\Arek\Pulpit\takem.jpg

[2011-01-15 15:46:53 | 000,044,431 | ---- | C] () – C:\Documents and Settings\Arek\Pulpit\take !.png

[2011-01-14 19:00:55 | 000,063,731 | ---- | C] () – C:\Documents and Settings\Arek\Pulpit\take_my_heart_but_please_don_t_break_it.htm

[2011-01-14 18:57:04 | 000,002,739 | ---- | C] () – C:\Documents and Settings\Arek\Pulpit\images.jpeg

[2011-01-13 16:59:20 | 000,000,762 | ---- | C] () – C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk

[2011-01-13 16:58:32 | 000,000,680 | ---- | C] () – C:\Documents and Settings\All Users\Menu Start\Programy\Gadu-Gadu 10.lnk

[2010-11-26 18:50:03 | 000,000,212 | ---- | C] () – C:\WINDOWS\l33td.ini

[2010-11-01 13:00:48 | 000,006,144 | ---- | C] () – C:\Documents and Settings\Arek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010-05-15 13:29:50 | 000,004,293 | ---- | C] () – C:\WINDOWS\ODBCINST.INI

[2010-05-15 12:59:20 | 000,004,450 | ---- | C] () – C:\WINDOWS\Ascd_tmp.ini

[2010-05-15 12:59:19 | 000,010,288 | ---- | C] () – C:\WINDOWS\System32\drivers\ASUSHWIO.SYS

[2008-07-05 12:14:48 | 000,456,192 | ---- | C] () – C:\WINDOWS\System32\libmplayer.dll

[2008-07-05 12:14:44 | 003,591,168 | ---- | C] () – C:\WINDOWS\System32\libavcodec.dll

[2008-07-05 12:13:16 | 000,708,096 | ---- | C] () – C:\WINDOWS\System32\ff_x264.dll

[2008-06-22 18:34:00 | 000,177,664 | ---- | C] () – C:\WINDOWS\System32\ff_theora.dll

[2008-06-13 12:39:38 | 000,023,552 | ---- | C] () – C:\WINDOWS\System32\ff_wmv9.dll

[2008-06-12 19:36:38 | 000,007,680 | ---- | C] () – C:\WINDOWS\System32\ff_vfw.dll

[2007-11-08 22:52:00 | 001,703,936 | ---- | C] () – C:\WINDOWS\System32\nvwdmcpl.dll

[2007-11-08 22:52:00 | 001,474,560 | ---- | C] () – C:\WINDOWS\System32\nview.dll

[2007-11-08 22:52:00 | 001,019,904 | ---- | C] () – C:\WINDOWS\System32\nvwimg.dll

[2007-11-08 22:52:00 | 000,466,944 | ---- | C] () – C:\WINDOWS\System32\nvshell.dll

[2007-11-08 22:52:00 | 000,286,720 | ---- | C] () – C:\WINDOWS\System32\nvnt4cpl.dll

[2004-10-03 18:50:54 | 000,129,024 | ---- | C] () – C:\WINDOWS\System32\ff_mpeg2enc.dll

[2002-09-20 18:04:04 | 000,163,185 | RHS- | C] () – C:\WINDOWS\System32\jamlja.dll

[2002-03-25 20:02:14 | 000,027,440 | ---- | C] () – C:\WINDOWS\System32\drivers\secdrv.sys

< End of report >

to jest log z tego otl

bibut , może byś z sensem wyjaśnił co ma zrobić zamiast pisać w tak beznadziejny sposób?

take ! , Poczytaj tu:

poradnik-uzywania-forum-zakladanie-edycja-tematu-t394978.html

zasady-wklejania-logow-forum-tytulowania-tematow-t253052.html

otl-gmer-rsit-dss-inne-instrukcje-t370405.html

Jak już się zapoznasz z tym co powyżej to przeskanuj system programem OTL i podaj linka do logów.

Jak masz to zrobić napisane jest pod linkami powyżej.

grasz w CS ??

Gram w CS i dalem wyzej ten log z otl

zastosuj się do posta @Cedar

w otl w białe okno wklej to:

kliknij wykonaj skrypt i zatwierdź restart

podaj loga z usuwania i nowy (pamiętaj aby wkleić je na np. wklej.org )

take ! ,

Rejestrując się na niniejszym forum zobowiązałeś się przestrzegać jego regulaminu. Niestety, w tym momencie łamiesz go nie tytułując poprawnie tematu. Proszę zapoznać się w pierwszej kolejności z regulaminem forum, a następnie z tym tematem. Po zapoznaniu się proszę poprawić tytuł tematu, używając przycisku zmien.gif

Ponadto proszę zapoznać się z tutejszymi zasadami wklejania logów: zasady-wklejania-logow-forum-t253052.html, a następnie dokonać stosownej korekty swoich logów.

w otl użyj opcji sprzątanie

ewentualnie użyj tego >> http://cs-guide.net/duzy-ping-zmniejsz-go/ lub tego >> http://www.wiaderko.com/cs-1.6/podstawy … ,1788.html

Miło mi że mogłem pomóc

OT - kosz.