Połączenie z serwerem zostało zresetowane (mozilla firefox)

Bezpieczeństwo systemów, usuwanie wirusów, dobieranie programów antywirusowych. Obowiązkowe logi w tym dziale: trzy z FRST + Gmer.

Połączenie z serwerem zostało zresetowane (mozilla firefox)

Postprzez tomlectric 04 Lis 2009, 21:54


Mam oto taki problem gdy chcę coś wrzucić na serwer to wyskakuje własnie oto taki komunikat dodam też ze dzieje się to we wszystkich przeglądarkach Firefox,Opera i IE niewiem jak sobie z tym poradzić :roll:

Połączenie zostało zresetowane

Połączenie z serwerem zostało zresetowane podczas wczytywania strony.

* Witryna może być tymczasowo niedostępna lub zbyt obciążona. Spróbuj ponownie za kilka minut.

* Jeśli nie można otworzyć żadnej strony, należy sprawdzić swoje połączenie sieciowe.

* Jeśli komputer użytkownika jest chroniony przez zaporę sieciową lub serwer proxy, należy sprawdzić, czy program Firefox jest uprawniony do łączenia się z Internetem.

Oto Log z Hijackthis

Kod: Zaznacz wszystko
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:56:29, on 2009-11-04
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe
C:\Program Files\PhotoScape\PhotoScape.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\SBCL\SBCL v1.1b.exe
C:\Program Files\Winamp\winamp.exe
C:\Documents and Settings\Tom.PC\Pulpit\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [Komunikator] C:\Program Files\Tlen.pl\tlen.exe
O4 - HKCU\..\Run: [SRS Audio Sandbox] "C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe" /hideme
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Skrót do SBCL v1.1b.lnk = C:\Program Files\SBCL\SBCL v1.1b.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\ton4gtqpcnfe.dll
O10 - Broken Internet access because of LSP provider 'c:\program files\contraviro\siglsp.dll' missing
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos-beta/OnlineScanner.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{119CD794-4958-4CCE-AB18-568F8C367C38}: NameServer =
O17 - HKLM\System\CS1\Services\Tcpip\..\{119CD794-4958-4CCE-AB18-568F8C367C38}: NameServer =
O17 - HKLM\System\CS2\Services\Tcpip\..\{119CD794-4958-4CCE-AB18-568F8C367C38}: NameServer =
O23 - Service: lxcc_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcccoms.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

End of file - 4262 bytes
Połączenie z serwerem zostało zresetowane (mozilla firefox)

Postprzez jarski185 04 Lis 2009, 22:04

co to za serwer? jak jakimis logami chcesz zafowac to przeczytaj zasady dzialu bezpieczenstwo
Połączenie z serwerem zostało zresetowane (mozilla firefox)

Postprzez tomlectric 04 Lis 2009, 22:09

Praktycznie na żaden serwer



Da się tylko uploadowac pliki malego rozmiaru ale gdzie sie chce wrzucić coś większego np plik 6mb to już nie da rady pisze Połączenie z serwerem zostało zresetowane
Połączenie z serwerem zostało zresetowane (mozilla firefox)

Postprzez jarski185 04 Lis 2009, 22:10

jaki masz intenet?
Połączenie z serwerem zostało zresetowane (mozilla firefox)

Postprzez tomlectric 04 Lis 2009, 22:11

Radiówka 512
Połączenie z serwerem zostało zresetowane (mozilla firefox)

Postprzez jarski185 04 Lis 2009, 22:14

no widzisz z radiowkami to tak bywa, jaka masz predkosc wysylania?
Połączenie z serwerem zostało zresetowane (mozilla firefox)

Postprzez tomlectric 04 Lis 2009, 22:22

jak to sprawdzić?

ale w sieci jest wszystko ok bo rozmawiałem z adminem sieci :) no i dzieje sie to tylko u mnie na kompie na innych kompach z tej samej sieci da sie Uploadowac pliki coś mi się zdaje ze mam jakiegos wira tylko jakiego juz skanowałem kilkoma skanerami i nic niewykryło
Połączenie z serwerem zostało zresetowane (mozilla firefox)

Postprzez jarski185 04 Lis 2009, 22:23

no w umowie najlepiej zobacz za jakie parametry placisz a potem sprobuj zrobic speedtest.net, popraw logi pod kontem dzialu bezpieczenstwo
Połączenie z serwerem zostało zresetowane (mozilla firefox)

Postprzez tomlectric 04 Lis 2009, 22:24

Nie mam umowy :P bo mam głowny nadajnik na dachu i mam za free neta

Dodano Dzisiaj, 21:28:
jarski185 napisał(a):popraw logi pod kontem dzialu bezpieczenstwo

O co dokładnie chodzi bo jestem ciemny w tych sprawach
Połączenie z serwerem zostało zresetowane (mozilla firefox)

Postprzez NieWiem 05 Lis 2009, 09:27

To znaczy, że powinieneś poczytać przyklejone :)

konkretnie to by się przydały logi z OTL
Połączenie z serwerem zostało zresetowane (mozilla firefox)

Postprzez tomlectric 05 Lis 2009, 16:28

Oto Log z OTl

Kod: Zaznacz wszystko
OTL logfile created on: 2009-11-05 15:26:04 - Run 1
OTL by OldTimer - Version     Folder = C:\Documents and Settings\Tom.PC\Pulpit
Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

959,48 Mb Total Physical Memory | 485,85 Mb Available Physical Memory | 50,64% Memory free
2,26 Gb Paging File | 1,88 Gb Available in Paging File | 83,08% Paging File free
Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 30,00 Gb Total Space | 4,47 Gb Free Space | 14,90% Space Free | Partition Type: NTFS
Drive D: | 39,06 Gb Total Space | 30,43 Gb Free Space | 77,92% Space Free | Partition Type: NTFS
Drive E: | 39,06 Gb Total Space | 13,32 Gb Free Space | 34,11% Space Free | Partition Type: NTFS
Drive F: | 44,54 Gb Total Space | 22,57 Gb Free Space | 50,68% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC
Current User Name: Tom
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2009-11-05 15:25:53 | 00,528,384 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tom.PC\Pulpit\OTL.exe
PRC - [2009-10-16 21:26:23 | 00,908,280 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-10-14 13:11:10 | 03,215,360 | ---- | M] (SRS Labs, Inc.) -- C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe
PRC - [2009-07-01 17:38:40 | 01,481,056 | ---- | M] (Nullsoft) -- C:\Program Files\Winamp\winamp.exe
PRC - [2009-01-26 15:31:16 | 02,144,088 | ---- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009-01-17 15:48:08 | 05,853,672 | ---- | M] (o2.pl Sp. z o.o.) -- C:\Program Files\Tlen.pl\tlen.exe
PRC - [2007-02-16 19:43:32 | 00,779,264 | ---- | M] () -- C:\Program Files\SBCL\SBCL v1.1b.exe
PRC - [2006-10-31 07:35:00 | 00,155,715 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2006-03-02 13:00:00 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005-01-28 12:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe

[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2009-11-05 15:25:53 | 00,528,384 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tom.PC\Pulpit\OTL.exe
MOD - [2008-06-19 13:20:08 | 00,017,408 | ---- | M] () -- C:\Program Files\Tlen.pl\hook.dll
MOD - [2006-05-03 21:53:54 | 00,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll
MOD - [2006-03-02 13:00:00 | 01,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2006-10-31 07:35:00 | 00,155,715 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2006-03-02 13:00:00 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc)
SRV - [2005-07-06 15:04:20 | 00,466,944 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\System32\lxcccoms.exe -- (lxcc_device)
SRV - [2005-01-28 12:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe -- (UMWdf)
SRV - [2004-08-03 23:44:02 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\irmon.dll -- (Irmon)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2009-07-15 19:28:55 | 00,047,360 | ---- | M] (VSO Software) -- C:\WINDOWS\system32\drivers\pcouffin.sys -- (pcouffin)
DRV - [2009-07-03 15:48:09 | 00,721,904 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009-07-02 18:12:29 | 00,016,608 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2009-04-28 21:20:06 | 00,044,944 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2008-12-11 10:24:20 | 04,959,232 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2007-07-26 08:25:12 | 00,039,808 | R--- | M] () -- C:\WINDOWS\system32\drivers\SRS_SSCFilter_i386.sys -- (SRS_SSCFilter)
DRV - [2006-11-27 15:33:54 | 00,019,968 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006-11-27 15:33:50 | 00,058,368 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006-10-31 07:35:00 | 03,964,256 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2006-10-18 15:31:38 | 00,105,472 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2006-07-24 15:05:00 | 00,005,632 | ---- | M] () -- C:\WINDOWS\system32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2006-07-01 22:32:26 | 00,043,520 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006-03-02 13:00:00 | 00,027,440 | ---- | M] () -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2006-03-02 13:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2005-10-31 22:44:39 | 00,010,880 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\Program Files\TGTSoft\StyleXP\StyleXPHelper.exe -- (STYLEXPHELPER)
DRV - [2005-01-07 16:07:18 | 00,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2001-08-17 20:49:10 | 00,026,624 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\system32\drivers\irstusb.sys -- (STIrUsb)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:
FF - prefs.js..extensions.enabledItems: fsonlinescanner@f-secure.com:1.01
FF - prefs.js..extensions.enabledItems: {3112ca9c-de6d-4884-a869-9855de68056c}:5.0.20090813W
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.7
FF - prefs.js..extensions.enabledItems: {3926fb20-4bea-11de-8a39-0800200c9a66}:3.5.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.4
FF - prefs.js..network.proxy.backup.ftp: ""
FF - prefs.js..network.proxy.backup.ftp_port: 8080
FF - prefs.js..network.proxy.backup.gopher: ""
FF - prefs.js..network.proxy.backup.gopher_port: 8080
FF - prefs.js..network.proxy.backup.socks: ""
FF - prefs.js..network.proxy.backup.socks_port: 8080
FF - prefs.js..network.proxy.backup.ssl: ""
FF - prefs.js..network.proxy.backup.ssl_port: 8080
FF - prefs.js..network.proxy.ftp: ""
FF - prefs.js..network.proxy.ftp_port: 80
FF - prefs.js..network.proxy.gopher: ""
FF - prefs.js..network.proxy.gopher_port: 80
FF - prefs.js..network.proxy.http: ""
FF - prefs.js..network.proxy.http_port: 80
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: ""
FF - prefs.js..network.proxy.socks_port: 80
FF - prefs.js..network.proxy.ssl: ""
FF - prefs.js..network.proxy.ssl_port: 80

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2009-07-08 10:50:18 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.4\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-11-02 20:51:45 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.4\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-11-02 19:02:50 | 00,000,000 | ---D | M]

[2009-07-02 18:17:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom.PC\Dane aplikacji\Mozilla\Extensions
[2009-07-02 18:17:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom.PC\Dane aplikacji\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009-11-04 21:32:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom.PC\Dane aplikacji\Mozilla\Firefox\Profiles\q9xmazyc.default\extensions
[2009-09-12 15:49:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom.PC\Dane aplikacji\Mozilla\Firefox\Profiles\q9xmazyc.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009-09-12 15:44:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom.PC\Dane aplikacji\Mozilla\Firefox\Profiles\q9xmazyc.default\extensions\{3926fb20-4bea-11de-8a39-0800200c9a66}
[2009-11-03 19:00:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom.PC\Dane aplikacji\Mozilla\Firefox\Profiles\q9xmazyc.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2009-11-02 18:57:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom.PC\Dane aplikacji\Mozilla\Firefox\Profiles\q9xmazyc.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}(2)
[2009-11-04 21:26:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom.PC\Dane aplikacji\Mozilla\Firefox\Profiles\q9xmazyc.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2009-11-04 21:32:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom.PC\Dane aplikacji\Mozilla\Firefox\Profiles\q9xmazyc.default\extensions\fsonlinescanner@f-secure.com
[2009-09-06 23:26:47 | 00,002,399 | ---- | M] () -- C:\Documents and Settings\Tom.PC\Dane aplikacji\Mozilla\Firefox\Profiles\q9xmazyc.default\searchplugins\daemon-search.xml
[2009-11-04 21:32:18 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009-11-02 17:09:03 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009-11-02 19:02:00 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
[2009-10-16 21:26:23 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2009-10-16 21:26:23 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2009-11-02 10:08:59 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
[2009-10-16 21:26:23 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2003-05-15 09:01:48 | 00,133,376 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2009-07-08 10:50:09 | 00,144,960 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
[2009-07-08 10:50:29 | 00,008,192 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
[2009-07-08 10:50:06 | 00,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
[2009-10-16 19:45:02 | 00,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2009-10-16 19:45:02 | 00,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2009-10-16 19:45:02 | 00,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2009-10-16 19:45:02 | 00,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2009-10-16 19:45:02 | 00,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2009-10-16 19:45:02 | 00,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2009-10-16 19:45:02 | 00,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: (742 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts:       localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - No CLSID value found.
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKCU..\Run: [Komunikator] C:\Program Files\Tlen.pl\tlen.exe (o2.pl Sp. z o.o.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKCU..\Run: [SRS Audio Sandbox] C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe (SRS Labs, Inc.)
O4 - Startup: C:\Documents and Settings\Tom.PC\Menu Start\Programy\Autostart\Skrót do SBCL v1.1b.lnk = C:\Program Files\SBCL\SBCL v1.1b.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe ()
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\ton4gtqpcnfe.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Contraviro\siglsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Contraviro\siglsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\System32\ton4gtqpcnfe.dll ()
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos-beta/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-06 02:23:35 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{00ae226c-8733-11de-988e-00241d164a8d}\Shell\AutoRun\command - "" = H:\w9hw8.exe -- File not found
O33 - MountPoints2\{00ae226c-8733-11de-988e-00241d164a8d}\Shell\open\Command - "" = H:\w9hw8.exe -- File not found
O33 - MountPoints2\{07f14b12-67e1-11de-984a-00241d164a8d}\Shell - "" = AutoRun
O33 - MountPoints2\{07f14b12-67e1-11de-984a-00241d164a8d}\Shell\AutoRun\command - "" = J:\Autorun.exe -- File not found
O33 - MountPoints2\{6a68454c-7914-11de-9873-00241d164a8d}\Shell\AutoRun\command - "" = H:\w9hw8.exe -- File not found
O33 - MountPoints2\{6a68454c-7914-11de-9873-00241d164a8d}\Shell\open\Command - "" = H:\w9hw8.exe -- File not found
O33 - MountPoints2\{70eb9108-a386-11de-98c1-00241d164a8d}\Shell\AutoRun\command - "" = H:\w9hw8.exe -- File not found
O33 - MountPoints2\{70eb9108-a386-11de-98c1-00241d164a8d}\Shell\open\Command - "" = H:\w9hw8.exe -- File not found
O33 - MountPoints2\{ee5d1d00-c215-11de-98ff-00241d164a8d}\Shell\AutoRun\command - "" = H:\vb0hsoay.exe -- File not found
O33 - MountPoints2\{ee5d1d00-c215-11de-98ff-00241d164a8d}\Shell\open\Command - "" = H:\vb0hsoay.exe -- File not found
O34 - HKLM BootExecute: (autocheck) -  File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) -  File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2009-11-05 15:25:48 | 00,528,384 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Tom.PC\Pulpit\OTL.exe
[2009-11-04 23:55:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Tom.PC\Pulpit\Originals
[2009-11-04 21:53:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\F-Secure
[2009-11-04 21:26:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Tom.PC\Dane aplikacji\QuickScan
[2009-11-04 20:41:16 | 00,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Tom.PC\Pulpit\HiJackThis.exe
[2009-11-03 22:30:19 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2009-11-03 22:30:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Spybot - Search & Destroy
[2009-11-03 21:21:15 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Tom.PC\Recent
[2009-11-03 21:19:12 | 03,310,608 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\Tom.PC\Pulpit\ccsetup225.exe
[2009-11-02 19:35:00 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009-11-02 19:34:58 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009-11-02 19:29:29 | 04,045,528 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Documents and Settings\Tom.PC\Pulpit\mbam-setup.exe
[2009-11-02 19:03:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Tom.PC\WINDOWS
[2009-11-02 17:01:16 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009-11-02 10:09:11 | 00,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2009-11-02 10:07:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Tom.PC\Dane aplikacji\Sun
[2009-11-02 09:38:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Tom.PC\Dane aplikacji\TeamViewer
[2009-11-02 09:38:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Tom.PC\temp
[2009-11-02 09:36:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Tom.PC\Pulpit\Nowy folder (2)
[2009-11-02 00:57:08 | 00,303,616 | ---- | C] (InstallShield Software Corporation) -- C:\WINDOWS\IsUninst.exe
[2009-11-01 15:44:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Kaspersky Lab
[2009-10-28 20:43:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Tom.PC\Pulpit\Adam Polo Remix Pack
[2009-10-27 20:34:36 | 00,093,360 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2009-10-27 20:30:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Lavasoft
[2009-10-20 16:46:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Tom.PC\Pulpit\Adam Polo - Number remixpack
[2009-10-20 13:51:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Tom.PC\Pulpit\Seek Records
[2009-10-19 19:54:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Tom.PC\Ustawienia lokalne\Dane aplikacji\Adobe
[2009-10-19 19:48:50 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2009-10-19 19:48:48 | 00,000,000 | ---D | C] -- C:\Program Files\Adobe
[2009-10-19 19:47:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\Cache
[2009-10-13 20:43:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Tom.PC\Pulpit\(A) DJ Jose - Hecitate (Acapella) remix pack
[2009-10-12 13:24:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Tom.PC\Pulpit\Fidget_House_Grooves_DEMO
[2009-10-06 16:51:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\BDOSCAN8
[2009-09-04 21:55:50 | 00,809,984 | ---- | C] (Marcin Pawel Sadowski) -- C:\Program Files\zegar.3.8.179.scr
[2009-07-15 19:28:55 | 00,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Tom.PC\Dane aplikacji\pcouffin.sys
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2009-11-05 15:25:53 | 00,528,384 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tom.PC\Pulpit\OTL.exe
[2009-11-05 15:00:18 | 07,231,186 | ---- | M] () -- C:\Documents and Settings\Tom.PC\Pulpit\Bass.wmv
[2009-11-05 14:57:54 | 00,280,606 | ---- | M] () -- C:\Documents and Settings\Tom.PC\Pulpit\bigBassKleph2.jpg
[2009-11-05 14:57:52 | 05,242,880 | ---- | M] () -- C:\Documents and Settings\Tom.PC\ntuser.dat
[2009-11-05 14:57:35 | 00,094,720 | ---- | M] () -- C:\Documents and Settings\Tom.PC\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-11-05 14:49:59 | 10,802,283 | ---- | M] () -- C:\Documents and Settings\Tom.PC\Pulpit\Bass Kleph - Spend My Money (Tom Wonder Remix).mp3
[2009-11-05 14:48:17 | 00,245,788 | ---- | M] () -- C:\Documents and Settings\Tom.PC\Pulpit\Kleph.rns
[2009-11-05 14:47:17 | 47,628,088 | ---- | M] () -- C:\Documents and Settings\Tom.PC\Pulpit\Bass Kleph - Spend My Money (Tom Wonder Remix).wav
[2009-11-05 14:32:44 | 47,628,088 | ---- | M] () -- C:\Documents and Settings\Tom.PC\Pulpit\oi.wav
[2009-11-05 12:56:35 | 00,229,722 | ---- | M] () -- C:\Documents and Settings\Tom.PC\Pulpit\4 - String - Take My away.rns
[2009-11-05 12:17:19 | 23,814,088 | ---- | M] () -- C:\Documents and Settings\Tom.PC\Pulpit\p.wav
[2009-11-05 12:14:43 | 23,814,088 | ---- | M] () -- C:\Documents and Settings\Tom.PC\Pulpit\i.wav
[2009-11-05 11:32:29 | 00,081,496 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009-11-05 11:32:26 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009-11-05 11:32:24 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009-11-05 11:31:26 | 00,000,188 | -HS- | M] () -- C:\Documents and Settings\Tom.PC\ntuser.ini
[2009-11-05 11:31:14 | 00,000,528 | ---- | M] () -- C:\WINDOWS\win.ini
[2009-11-05 11:31:14 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009-11-05 11:31:14 | 00,000,211 | -HS- | M] () -- C:\boot.ini
[2009-11-05 01:01:58 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009-11-05 00:53:58 | 00,232,412 | ---- | M] () -- C:\Documents and Settings\Tom.PC\Pulpit\Fuck Jack.rns
[2009-11-05 00:50:54 | 20,506,588 | ---- | M] () -- C:\Documents and Settings\Tom.PC\Pulpit\uy.wav
[2009-11-05 00:45:49 | 20,506,588 | ---- | M] () -- C:\Documents and Settings\Tom.PC\Pulpit\ooo.wav
[2009-11-05 00:22:30 | 09,907,267 | ---- | M] () -- C:\Documents and Settings\Tom.PC\Pulpit\09 drop it like its hot(fidget mix).mp3
[2009-11-05 00:16:49 | 00,128,786 | ---- | M] () -- C:\Documents and Settings\Tom.PC\Pulpit\polo.rns
[2009-11-05 00:08:12 | 12,828,056 | ---- | M] () -- C:\Documents and Settings\Tom.PC\Pulpit\Hoaxx - We Got Disco (Shab Ruffcut Mix).mp3
[2009-11-04 23:56:10 | 00,139,137 | ---- | M] () -- C:\Documents and Settings\Tom.PC\Pulpit\jjj.jpg
[2009-11-04 23:55:53 | 00,126,016 | ---- | M] () -- C:\Documents and Settings\Tom.PC\Pulpit\jj.jpg
[2009-11-04 23:21:14 | 00,228,792 | ---- | M] () -- C:\Documents and Settings\Tom.PC\Pulpit\IMG_0976_800x600.jpg
[2009-11-04 23:13:54 | 00,229,752 | ---- | M] () -- C:\Documents and Settings\Tom.PC\Pulpit\rgrg.jpg
[2009-11-04 20:43:27 | 00,250,033 | ---- | M] () -- C:\Documents and Settings\Tom.PC\Pulpit\capture1.jpg
[2009-11-04 20:41:19 | 00,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Tom.PC\Pulpit\HiJackThis.exe
[2009-11-04 19:53:13 | 10,584,088 | ---- | M] () -- C:\Documents and Settings\Tom.PC\Pulpit\g.wav
[2009-11-04 19:52:03 | 10,584,088 | ---- | M] () -- C:\Documents and Settings\Tom.PC\Pulpit\r.wav
[2009-11-04 18:38:00 | 10,584,088 | ---- | M] () -- C:\Documents and Settings\Tom.PC\Pulpit\polo.wav
[2009-11-04 13:32:21 | 15,636,150 | ---- | M] () -- C:\Documents and Settings\Tom.PC\Pulpit\Wesley Gauthier - Failing To Rise (Original Mix) 4clubbers.pl.mp3
[2009-11-04 13:19:06 | 00,026,549 | ---- | M] () -- C:\Documents and Settings\Tom.PC\Pulpit\1058521150_l.jpg
[2009-11-04 11:32:40 | 86,459,450 | ---- | M] () -- C:\Documents and Settings\Tom.PC\Pulpit\165-Ewa.part1.rar
[2009-11-04 00:08:04 | 00,135,558 | ---- | M] () -- C:\Documents and Settings\Tom.PC\Pulpit\test 2gg.rns
[2009-11-03 23:11:00 | 00,763,990 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009-11-03 23:11:00 | 00,355,830 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2009-11-03 23:11:00 | 00,311,740 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009-11-03 23:11:00 | 00,049,712 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2009-11-03 23:11:00 | 00,040,128 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009-11-03 21:19:33 | 03,310,608 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\Tom.PC\Pulpit\ccsetup225.exe
[2009-11-03 20:34:00 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009-11-03 14:30:58 | 00,106,364 | ---- | M] () -- C:\Documents and Settings\Tom.PC\Pulpit\1.rns
[2009-11-03 09:36:59 | 00,036,864 | -H-- | M] () -- C:\Documents and Settings\Tom.PC\Pulpit\photothumb.db
[2009-11-02 19:35:02 | 00,000,703 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\Malwarebytes' Anti-Malware.lnk
[2009-11-02 19:31:59 | 04,352,754 | ---- | M] () -- C:\Documents and Settings\Tom.PC\Pulpit\DJ Sara C & Tom Wonder - Dirty House Music (Original Mix).mp3
[2009-11-02 19:30:21 | 04,045,528 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Documents and Settings\Tom.PC\Pulpit\mbam-setup.exe
[2009-11-02 16:12:51 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009-11-02 15:42:18 | 00,186,374 | ---- | M] () -- C:\Documents and Settings\Tom.PC\Pulpit\hhh.rns
[2009-11-02 10:08:57 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2009-11-02 01:18:03 | 00,066,155 | ---- | M] () -- C:\Documents and Settings\Tom.PC\Pulpit\ththth'.jpg
[2009-11-01 20:44:46 | 00,158,982 | ---- | M] () -- C:\Documents and Settings\Tom.PC\Pulpit\yjyj.rns
[2009-10-30 16:37:28 | 00,001,609 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\Mozilla Firefox.lnk
[2009-10-27 20:34:33 | 00,093,360 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2009-10-25 23:04:32 | 00,306,910 | ---- | M] () -- C:\Documents and Settings\Tom.PC\Pulpit\yyy.rns
[2009-10-23 13:47:29 | 00,095,094 | ---- | M] () -- C:\Documents and Settings\Tom.PC\Pulpit\Dj Jose.rns
[2009-10-19 19:54:35 | 00,356,008 | ---- | M] () -- C:\Documents and Settings\Tom.PC\Pulpit\Tom Wonder - Entangled Sound (Original mix) RIP.rns
[2009-10-19 19:25:00 | 00,068,142 | ---- | M] () -- C:\Documents and Settings\Tom.PC\Pulpit\UMOWA DIGITAL_LICENCJA WYLACZNA_SEEKRecords.pdf
[2009-10-18 19:30:07 | 00,000,656 | ---- | M] () -- C:\Documents and Settings\Tom.PC\Pulpit\Komunikator Tlen.pl.lnk
[2009-10-14 13:10:31 | 00,034,308 | ---- | M] () -- C:\WINDOWS\System32\BASSMOD.dll
[2009-10-14 13:10:16 | 00,001,749 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\SRS Audio Sandbox.lnk
[2009-10-13 09:56:11 | 00,204,282 | ---- | M] () -- C:\Documents and Settings\Tom.PC\Pulpit\123.rns
[2009-10-11 22:36:05 | 00,336,764 | ---- | M] () -- C:\Documents and Settings\Tom.PC\Pulpit\sara C.rns
[2009-10-10 16:42:16 | 03,699,550 | ---- | M] () -- C:\Documents and Settings\Tom.PC\Pulpit\Tom Wonder - Entangled Sound (remix Pack).rar
[2009-10-07 10:53:18 | 67,360,923 | ---- | M] () -- C:\Documents and Settings\Tom.PC\Pulpit\ElectroDrums.zip
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2009-11-05 14:58:14 | 07,231,186 | ---- | C] () -- C:\Documents and Settings\Tom.PC\Pulpit\Bass.wmv
[2009-11-05 14:57:52 | 00,280,606 | ---- | C] () -- C:\Documents and Settings\Tom.PC\Pulpit\bigBassKleph2.jpg
[2009-11-05 14:49:41 | 10,802,283 | ---- | C] () -- C:\Documents and Settings\Tom.PC\Pulpit\Bass Kleph - Spend My Money (Tom Wonder Remix).mp3
[2009-11-05 14:46:39 | 47,628,088 | ---- | C] () -- C:\Documents and Settings\Tom.PC\Pulpit\Bass Kleph - Spend My Money (Tom Wonder Remix).wav
[2009-11-05 14:32:14 | 47,628,088 | ---- | C] () -- C:\Documents and Settings\Tom.PC\Pulpit\oi.wav
[2009-11-05 12:16:57 | 23,814,088 | ---- | C] () -- C:\Documents and Settings\Tom.PC\Pulpit\p.wav
[2009-11-05 12:14:32 | 23,814,088 | ---- | C] () -- C:\Documents and Settings\Tom.PC\Pulpit\i.wav
[2009-11-05 01:00:44 | 00,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2009-11-05 00:50:47 | 20,506,588 | ---- | C] () -- C:\Documents and Settings\Tom.PC\Pulpit\uy.wav
[2009-11-05 00:45:41 | 20,506,588 | ---- | C] () -- C:\Documents and Settings\Tom.PC\Pulpit\ooo.wav
[2009-11-05 00:20:56 | 09,907,267 | ---- | C] () -- C:\Documents and Settings\Tom.PC\Pulpit\09 drop it like its hot(fidget mix).mp3
[2009-11-05 00:03:34 | 12,828,056 | ---- | C] () -- C:\Documents and Settings\Tom.PC\Pulpit\Hoaxx - We Got Disco (Shab Ruffcut Mix).mp3
[2009-11-04 23:56:10 | 00,139,137 | ---- | C] () -- C:\Documents and Settings\Tom.PC\Pulpit\jjj.jpg
[2009-11-04 23:54:52 | 00,126,016 | ---- | C] () -- C:\Documents and Settings\Tom.PC\Pulpit\jj.jpg
[2009-11-04 23:21:14 | 00,228,792 | ---- | C] () -- C:\Documents and Settings\Tom.PC\Pulpit\IMG_0976_800x600.jpg
[2009-11-04 23:13:54 | 00,229,752 | ---- | C] () -- C:\Documents and Settings\Tom.PC\Pulpit\rgrg.jpg
[2009-11-04 20:42:06 | 00,250,033 | ---- | C] () -- C:\Documents and Settings\Tom.PC\Pulpit\capture1.jpg
[2009-11-04 19:53:11 | 10,584,088 | ---- | C] () -- C:\Documents and Settings\Tom.PC\Pulpit\g.wav
[2009-11-04 19:52:00 | 10,584,088 | ---- | C] () -- C:\Documents and Settings\Tom.PC\Pulpit\r.wav
[2009-11-04 18:37:57 | 10,584,088 | ---- | C] () -- C:\Documents and Settings\Tom.PC\Pulpit\polo.wav
[2009-11-04 15:06:26 | 00,128,786 | ---- | C] () -- C:\Documents and Settings\Tom.PC\Pulpit\polo.rns
[2009-11-04 13:28:07 | 15,636,150 | ---- | C] () -- C:\Documents and Settings\Tom.PC\Pulpit\Wesley Gauthier - Failing To Rise (Original Mix) 4clubbers.pl.mp3
[2009-11-04 13:19:06 | 00,026,549 | ---- | C] () -- C:\Documents and Settings\Tom.PC\Pulpit\1058521150_l.jpg
[2009-11-04 11:20:07 | 86,459,450 | ---- | C] () -- C:\Documents and Settings\Tom.PC\Pulpit\165-Ewa.part1.rar
[2009-11-04 00:06:10 | 00,135,558 | ---- | C] () -- C:\Documents and Settings\Tom.PC\Pulpit\test 2gg.rns
[2009-11-02 19:35:02 | 00,000,703 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\Malwarebytes' Anti-Malware.lnk
[2009-11-02 19:31:35 | 04,352,754 | ---- | C] () -- C:\Documents and Settings\Tom.PC\Pulpit\DJ Sara C & Tom Wonder - Dirty House Music (Original Mix).mp3
[2009-11-02 15:59:50 | 05,242,880 | ---- | C] () -- C:\Documents and Settings\Tom.PC\ntuser.dat
[2009-11-02 15:42:15 | 00,186,374 | ---- | C] () -- C:\Documents and Settings\Tom.PC\Pulpit\hhh.rns
[2009-11-02 01:16:49 | 00,066,155 | ---- | C] () -- C:\Documents and Settings\Tom.PC\Pulpit\ththth'.jpg
[2009-10-27 20:35:13 | 00,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009-10-19 19:25:00 | 00,068,142 | ---- | C] () -- C:\Documents and Settings\Tom.PC\Pulpit\UMOWA DIGITAL_LICENCJA WYLACZNA_SEEKRecords.pdf
[2009-10-17 21:24:32 | 00,232,412 | ---- | C] () -- C:\Documents and Settings\Tom.PC\Pulpit\Fuck Jack.rns
[2009-10-17 19:54:06 | 00,306,910 | ---- | C] () -- C:\Documents and Settings\Tom.PC\Pulpit\yyy.rns
[2009-10-14 13:10:16 | 00,001,749 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Pulpit\SRS Audio Sandbox.lnk
[2009-10-14 12:48:20 | 00,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2009-10-13 20:57:05 | 00,095,094 | ---- | C] () -- C:\Documents and Settings\Tom.PC\Pulpit\Dj Jose.rns
[2009-10-12 17:21:34 | 00,000,656 | ---- | C] () -- C:\Documents and Settings\Tom.PC\Pulpit\Komunikator Tlen.pl.lnk
[2009-10-12 10:37:57 | 00,204,282 | ---- | C] () -- C:\Documents and Settings\Tom.PC\Pulpit\123.rns
[2009-10-11 22:19:05 | 00,336,764 | ---- | C] () -- C:\Documents and Settings\Tom.PC\Pulpit\sara C.rns
[2009-10-10 16:41:37 | 03,699,550 | ---- | C] () -- C:\Documents and Settings\Tom.PC\Pulpit\Tom Wonder - Entangled Sound (remix Pack).rar
[2009-10-09 23:42:35 | 00,158,982 | ---- | C] () -- C:\Documents and Settings\Tom.PC\Pulpit\yjyj.rns
[2009-10-07 10:43:01 | 67,360,923 | ---- | C] () -- C:\Documents and Settings\Tom.PC\Pulpit\ElectroDrums.zip
[2009-10-03 10:16:19 | 00,290,816 | RHS- | C] () -- C:\WINDOWS\System32\ton4gtqpcnfe.dll
[2009-10-02 23:38:20 | 00,047,360 | R--- | C] () -- C:\WINDOWS\System32\drivers\Surroundhp_kern_i386.sys
[2009-10-02 23:38:20 | 00,047,104 | R--- | C] () -- C:\WINDOWS\System32\drivers\tshd4_kern_i386.sys
[2009-10-02 23:38:20 | 00,042,112 | R--- | C] () -- C:\WINDOWS\System32\drivers\csiidecoder_kern_i386.sys
[2009-10-02 23:38:20 | 00,039,808 | R--- | C] () -- C:\WINDOWS\System32\drivers\SRS_SSCFilter_i386.sys
[2009-09-12 20:30:33 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxccvs.dll
[2009-09-12 20:30:29 | 00,135,168 | ---- | C] () -- C:\WINDOWS\System32\lxccjswr.dll
[2009-09-12 20:30:29 | 00,098,304 | ---- | C] () -- C:\WINDOWS\System32\lxccinsr.dll
[2009-09-12 20:30:29 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\lxcccur.dll
[2009-08-06 16:28:31 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\LauncherAccess.dt
[2009-08-06 16:26:24 | 00,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2009-07-15 19:28:58 | 00,000,033 | ---- | C] () -- C:\Documents and Settings\Tom.PC\Dane aplikacji\pcouffin.log
[2009-07-15 19:28:55 | 00,087,608 | ---- | C] () -- C:\Documents and Settings\Tom.PC\Dane aplikacji\inst.exe
[2009-07-15 19:28:55 | 00,007,887 | ---- | C] () -- C:\Documents and Settings\Tom.PC\Dane aplikacji\pcouffin.cat
[2009-07-15 19:28:55 | 00,001,144 | ---- | C] () -- C:\Documents and Settings\Tom.PC\Dane aplikacji\pcouffin.inf
[2009-07-08 14:20:19 | 07,439,704 | -H-- | C] () -- C:\Documents and Settings\Tom.PC\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2009-07-06 21:43:40 | 00,000,012 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\plugins.lib
[2009-07-03 15:48:09 | 00,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009-07-03 09:00:08 | 00,002,347 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2009-07-03 00:56:10 | 00,000,086 | -HS- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\desktop.ini
[2009-07-02 18:18:20 | 00,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009-07-02 18:18:20 | 00,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009-07-02 18:18:19 | 00,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009-07-02 18:18:19 | 00,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009-07-02 18:18:18 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009-07-02 18:18:17 | 00,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009-07-02 18:18:17 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009-07-02 17:50:00 | 00,016,504 | ---- | C] () -- C:\Documents and Settings\Tom.PC\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2009-07-02 17:34:57 | 00,094,720 | ---- | C] () -- C:\Documents and Settings\Tom.PC\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-07-02 17:34:17 | 00,000,086 | -HS- | C] () -- C:\Documents and Settings\Tom.PC\Dane aplikacji\desktop.ini
[2009-06-09 20:09:15 | 00,310,747 | ---- | C] () -- C:\Program Files\SBCLL.rar
[2009-06-06 02:30:30 | 00,000,101 | ---- | C] () -- C:\Program Files\Pokaż pulpit.scf
[2009-01-05 14:44:10 | 00,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2008-07-06 09:11:06 | 00,002,045 | -H-- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\whlb32g.dll
[2006-10-31 07:35:00 | 01,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006-10-31 07:35:00 | 01,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006-10-31 07:35:00 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006-10-31 07:35:00 | 00,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006-10-31 07:35:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006-10-31 07:35:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006-10-31 07:35:00 | 00,196,608 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006-03-02 13:00:00 | 00,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2006-03-02 13:00:00 | 00,000,528 | ---- | C] () -- C:\WINDOWS\win.ini
[2006-03-02 13:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 164 bytes -> C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\TEMP:1940DBE8
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\TEMP:848A8D00
< End of report >
Posty: 6
Dołączenie: 04 Lis 2009, 21:47

Połączenie z serwerem zostało zresetowane (mozilla firefox)

Postprzez NieWiem 05 Lis 2009, 16:40

  • Przeczytaj uważnie instrukcję programu ComboFix, po czym wyłącz swój program antywirusowy, firewall i inne programy, które mogą zakłócać nawet pobieranie ComboFixa twierdząc, że jest wirusem. Nie jest! Spokojnie go ściągnij i zapisz na pulpicie.
  • Pobierz:
  • Pozamykaj wszystkie otwarte okna, komunikatory, programy. ComboFixowi nie powinno sie przeszkadzać.
  • Uruchom program z dwukliku (VISTA: prawoklik i 'uruchom jako administrator').
  • Pozwól mu spokojnie działać, nie klikaj ani nie stukaj w klawiaturę - to może spwodować zawieszenie się komputera.
  • Zalecane jest też instalowanie konsoli odzyskiwania, jeśli ComboFix o nią poprosi. Dzięki niej można odrolować zmiany w przypadku pomyłki narzędzia.
  • Jeśli będzie potrzeba - zgódź się na restart.
  • Kiedy program skończy, wytworzy loga (będzie on także w pliku C:\ComboFix.txt), którego wklej w odpowiedzi, pamiętając o tagach [code] lub na http://www.wklej.org.
