GriX Napisano Listopad 27, 2009 Zgłoś Share Napisano Listopad 27, 2009 Witam! Któregoś dnia włączam kompa i pojawia się ten błąd: Jak to się ma do sprzętu, to ja nie wiem. Przenoszę do programów. - Sevard Link do komentarza Udostępnij na innych stronach More sharing options...
Sevard Napisano Listopad 27, 2009 Zgłoś Share Napisano Listopad 27, 2009 Jakiego masz antywirusa? Link do komentarza Udostępnij na innych stronach More sharing options...
GriX Napisano Listopad 27, 2009 Autor Zgłoś Share Napisano Listopad 27, 2009 McAfee Link do komentarza Udostępnij na innych stronach More sharing options...
Sevard Napisano Listopad 27, 2009 Zgłoś Share Napisano Listopad 27, 2009 Zrób skan programem Malwarebytes' Anti-Malware i wklej log z jego działalności na forum. Poza tym wklej logi z programu RSIT. Najprawdopodobniej wirus, lub pomyłka McAffe. Link do komentarza Udostępnij na innych stronach More sharing options...
GriX Napisano Listopad 27, 2009 Autor Zgłoś Share Napisano Listopad 27, 2009 RSIT info.txt logfile of random's system information tool 1.06 2009-11-27 22:12:04 ======Uninstall list====== -->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL -->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL -->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL -->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL -->C:\WINDOWS\UNNeroVision.exe /UNINSTALL -->C:\WINDOWS\UNRecode.exe /UNINSTALL -->f:\Program Files\Ubisoft\Ghost Recon Advanced Warfighter\unins000.exe -l0x09 -->MsiExec /X{DD1865F0-AD73-40FB-B23E-1822E02396FF} -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf ?Torrent-->"f:\Program Files\uTorrent\uninstall.exe" Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95} Adobe Asset Services CS3-->MsiExec.exe /I{6D12B99F-EAAA-49D8-8E2F-74FA7459CCB2} Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394} Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23} Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C} Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C} Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E} Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9} Adobe Color EU Recommended Settings-->MsiExec.exe /I{BD087F50-46B2-43E4-BD73-5DB3DC20B47C} Adobe Color JA Extra Settings-->MsiExec.exe /I{D92B72E2-C854-4738-8ED6-4C3661CC17AE} Adobe Color NA Extra Settings-->MsiExec.exe /I{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871} Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D} Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD} Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2} Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B} Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245} Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078} Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C} Adobe Photoshop CS3-->C:\Program Files\Common Files\Adobe\Installers\678cd98c8365a5647f9a2e539d120a8\Setup.exe Adobe Photoshop CS3-->MsiExec.exe /I{78EFD06D-7583-42F1-9E77-671D8782EB70} Adobe Reader 9.2 - Polish-->MsiExec.exe /I{AC76BA86-7AD7-1045-7B44-A92000000001} Adobe Setup-->MsiExec.exe /I{CBF4DADD-974D-49C8-BC83-C6F31554001E} Adobe Shockwave Player 11.5-->"C:\windows\system32\Adobe\Shockwave 11\uninstaller.exe" Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183} Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312} Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8} Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5} Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6} Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923} Age of Empires III-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97} AIMP2-->f:\Program Files\AIMP2\Uninstall.exe Airline Tycoon-->E:\Airline Tycoon\dinstall.exe Aktualizacja dla systemu Windows Internet Explorer 8 (KB972636)-->"C:\windows\ie8updates\KB972636-IE8\spuninst\spuninst.exe" Aktualizacja dla systemu Windows Internet Explorer 8 (KB976749)-->"C:\windows\ie8updates\KB976749-IE8\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB898461)-->"C:\windows\$NtUninstallKB898461$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB951978)-->"C:\windows\$NtUninstallKB951978$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB955839)-->"C:\windows\$NtUninstallKB955839$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB967715)-->"C:\windows\$NtUninstallKB967715$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB968389)-->"C:\windows\$NtUninstallKB968389$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB973687)-->"C:\windows\$NtUninstallKB973687$\spuninst\spuninst.exe" Aktualizacja dla systemu Windows XP (KB973815)-->"C:\windows\$NtUninstallKB973815$\spuninst\spuninst.exe" Aktualizacja krytyczna dla programu Windows Media Player 11 (KB959772)-->"C:\windows\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla programu Windows Media Encoder (KB954156)-->"C:\windows\$NtUninstallKB954156_WM9L$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla programu Windows Media Player (KB952069)-->"C:\windows\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla programu Windows Media Player (KB954155)-->"C:\windows\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla programu Windows Media Player (KB968816)-->"C:\windows\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla programu Windows Media Player (KB973540)-->"C:\windows\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla programu Windows Media Player 11 (KB936782)-->"C:\windows\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla programu Windows Media Player 11 (KB954154)-->"C:\windows\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB971961)-->"C:\windows\ie8updates\KB971961-IE8\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB972260)-->"C:\windows\ie8updates\KB972260-IE8\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB974455)-->"C:\windows\ie8updates\KB974455-IE8\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB923561)-->"C:\windows\$NtUninstallKB923561$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB938464-v2)-->"C:\windows\$NtUninstallKB938464-v2$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB946648)-->"C:\windows\$NtUninstallKB946648$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB950760)-->"C:\windows\$NtUninstallKB950760$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB950762)-->"C:\windows\$NtUninstallKB950762$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB950974)-->"C:\windows\$NtUninstallKB950974$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB951066)-->"C:\windows\$NtUninstallKB951066$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB951376-v2)-->"C:\windows\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB951748)-->"C:\windows\$NtUninstallKB951748$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB952004)-->"C:\windows\$NtUninstallKB952004$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB952954)-->"C:\windows\$NtUninstallKB952954$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB954459)-->"C:\windows\$NtUninstallKB954459$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB954600)-->"C:\windows\$NtUninstallKB954600$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB955069)-->"C:\windows\$NtUninstallKB955069$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB956572)-->"C:\windows\$NtUninstallKB956572$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB956744)-->"C:\windows\$NtUninstallKB956744$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB956802)-->"C:\windows\$NtUninstallKB956802$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB956803)-->"C:\windows\$NtUninstallKB956803$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB956844)-->"C:\windows\$NtUninstallKB956844$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB957097)-->"C:\windows\$NtUninstallKB957097$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB958644)-->"C:\windows\$NtUninstallKB958644$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB958687)-->"C:\windows\$NtUninstallKB958687$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB958869)-->"C:\windows\$NtUninstallKB958869$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB959426)-->"C:\windows\$NtUninstallKB959426$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB960225)-->"C:\windows\$NtUninstallKB960225$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB960803)-->"C:\windows\$NtUninstallKB960803$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB960859)-->"C:\windows\$NtUninstallKB960859$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB961371)-->"C:\windows\$NtUninstallKB961371$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB961373)-->"C:\windows\$NtUninstallKB961373$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB961501)-->"C:\windows\$NtUninstallKB961501$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB968537)-->"C:\windows\$NtUninstallKB968537$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB969059)-->"C:\windows\$NtUninstallKB969059$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB969897)-->"C:\windows\$NtUninstallKB969897$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB969898)-->"C:\windows\$NtUninstallKB969898$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB969947)-->"C:\windows\$NtUninstallKB969947$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB970238)-->"C:\windows\$NtUninstallKB970238$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB971486)-->"C:\windows\$NtUninstallKB971486$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB971557)-->"C:\windows\$NtUninstallKB971557$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB971633)-->"C:\windows\$NtUninstallKB971633$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB971657)-->"C:\windows\$NtUninstallKB971657$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB972260)-->"C:\windows\$NtUninstallKB972260$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB973346)-->"C:\windows\$NtUninstallKB973346$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB973354)-->"C:\windows\$NtUninstallKB973354$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB973507)-->"C:\windows\$NtUninstallKB973507$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB973525)-->"C:\windows\$NtUninstallKB973525$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB973869)-->"C:\windows\$NtUninstallKB973869$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB974112)-->"C:\windows\$NtUninstallKB974112$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB974571)-->"C:\windows\$NtUninstallKB974571$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB975025)-->"C:\windows\$NtUninstallKB975025$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB975467)-->"C:\windows\$NtUninstallKB975467$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla Windows XP (KB941569)-->"C:\windows\$NtUninstallKB941569$\spuninst\spuninst.exe" AlienGUIse Theme Manager-->F:\PROGRA~1\ALIENG~1\thememgr.exe /uninstallwise Angels vs Devils-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{584204D4-9FF9-42FD-B3F7-51A9302947BB}\setup.exe" ArcaTools-->MsiExec.exe /I{40C7900A-CAA1-4493-9AEF-F6D2965E62C8} Archiwizator WinRAR-->f:\Program Files\WinRAR\uninstall.exe ASRock WiFi-802.11g-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8B3F4499-32E6-470D-8586-E6C03420F889}\Setup.exe" -l0x15 REMOVE Assassin's Creed-->C:\Program Files\InstallShield Installation Information\{8CFA9151-6404-409A-AF22-4632D04582FD}\setup.exe -runfromtemp -l0x0015 -removeonly ASUS iTracker2-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{DA84ED22-44A8-423B-A245-9822B405B430} ATI AVIVO Codecs-->MsiExec.exe /I{8875D660-8BFA-33FB-665D-EFC4DA0AC86B} ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0 ATI Display Driver-->rundll32 C:\windows\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean AusLogics Disk Defrag-->"f:\Program Files\Auslogics\AusLogics Disk Defrag\unins000.exe" AviScreen Classic Version 1.3-->"f:\Program Files\bobyte\AviScreen classic\unins000.exe" Belt Generator 2.2-->"f:\Program Files\Belt Generator\unins000.exe" Bluesoleil3.2.2.8 Release 070421-->MsiExec.exe /X{85B73D1A-EEEA-4F95-BA6F-7A8EC31D94F6} Call of Duty(R) - World at War(TM) 1.1 Patch-->C:\Program Files\InstallShield Installation Information\{AFAE2B15-89A0-4215-A030-F7B5B478886B}\setup.exe -runfromtemp -l0x0409 Call of Duty(R) - World at War(TM)-->C:\Program Files\InstallShield Installation Information\{D80A6A73-E58A-4673-AFF5-F12D7110661F}\setup.exe -runfromtemp -l0x0415 Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch-->C:\Program Files\InstallShield Installation Information\{931C37FC-594D-43A9-B10F-A2F2B1F03498}\setup.exe -runfromtemp -l0x0409 Call of Duty(R) 4 - Modern Warfare(TM)-->C:\Program Files\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x0415 Call of Duty: Modern Warfare 2 - Multiplayer-->"F:\Program Files\Steam\steam.exe" steam://uninstall/10190 Call of Duty: Modern Warfare 2-->"F:\Program Files\Steam\steam.exe" steam://uninstall/10180 Canon iP2200-->C:\WINDOWS\system32\CNMCP74.exe "-PRINTERNAMECanon iP2200" "-HELPERDLLC:\Documents and Settings\All Users\Dane aplikacji\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP2200 Installer\Inst2\cnmis.dll" "-RCDLLcnmi0415.dll" Catalyst Control Center - Branding-->MsiExec.exe /I{4893A35F-0A23-48EC-8E74-24969244D6F2} Catalyst Control Center - Branding-->MsiExec.exe /I{A961C6FD-C583-45F6-A0A4-5E4376C29E41} DAEMON Tools Toolbar-->C:\Program Files\DAEMON Tools Toolbar\uninst.exe Dark Sector-->"f:\Program Files\Dark Sector\Dark Sector\unins000.exe" Dealio Toolbar 3.4-->MsiExec.exe /X{6105648C-0C3C-481D-8C11-1F4952D6FB53} Devil May Cry 4-->C:\Program Files\InstallShield Installation Information\{D4E5A687-797D-44B1-8F96-4FD7A24166A9}\setup.exe -runfromtemp -l0x0015 -removeonly EA Download Manager-->f:\Program Files\Electronic Arts\EADM\Uninstall.exe eMule-->"f:\Program Files\eMule\Uninstall.exe" English Translator XT-->MsiExec.exe /X{59B196D7-0955-4689-907E-0105361E6D7A} EVEREST Home Edition v2.20-->"f:\Program Files\Everest Home Edition\EVEREST Home Edition\unins000.exe" FIFA 10-->MsiExec.exe /X{11202615-E557-4ECF-9B86-F59C81E52909} Fraps (remove only)-->"f:\Fraps\uninstall.exe" Free Mp3 Wma Converter V 1.8.0-->"f:\Program Files\Free Audio Pack\unins000.exe" FUEL-->C:\Program Files\InstallShield Installation Information\{F51FF206-2273-4B3E-A90A-4752AE288C12}\setup.exe -runfromtemp -l0x0009 -removeonly FUJIFILM USB Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5490882C-6961-11D5-BAE5-00E0188E010B}\Setup.exe" GameSpy Arcade-->F:\PROGRA~1\GAMESP~1\UNWISE.EXE F:\PROGRA~1\GAMESP~1\INSTALL.LOG GIMP 2.6.3-->"f:\Program Files\GIMP-2.0\setup\unins000.exe" Gothic II-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2965C062-FBC0-4505-9EB8-4497252BB41F}\setup.exe" -l0x15 -removeonly GPGNet-->MsiExec.exe /I{C194D333-B84A-4BB7-B35E-060732D98DC4} Grand Theft Auto IV - Łatka polonizacyjna v0.94-->"f:\Program Files\Rockstar Games\Grand Theft Auto IV\Spolszczenie\Deinstalator.exe" Grand Theft Auto IV-->"C:\Program Files\InstallShield Installation Information\{579BA58C-F33D-4970-9953-B94B43768AC3}\setup.exe" -runfromtemp -l0x0009 -removeonly GTA San Andreas-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}\SETUP.EXE" -l0x9 -removeonly High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe" HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" Hotfix for Microsoft Visual C++ 2008 Express Edition with SP1 - ENU (KB945282)-->C:\windows\system32\msiexec.exe /package {D8087907-E255-3A41-A46D-D0F798709C71} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft Visual C++ 2008 Express Edition with SP1 - ENU (KB946040)-->C:\windows\system32\msiexec.exe /package {D8087907-E255-3A41-A46D-D0F798709C71} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft Visual C++ 2008 Express Edition with SP1 - ENU (KB946308)-->C:\windows\system32\msiexec.exe /package {D8087907-E255-3A41-A46D-D0F798709C71} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft Visual C++ 2008 Express Edition with SP1 - ENU (KB947540)-->C:\windows\system32\msiexec.exe /package {D8087907-E255-3A41-A46D-D0F798709C71} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft Visual C++ 2008 Express Edition with SP1 - ENU (KB947789)-->C:\windows\system32\msiexec.exe /package {D8087907-E255-3A41-A46D-D0F798709C71} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft Visual C++ 2008 Express Edition with SP1 - ENU (KB948127)-->C:\windows\system32\msiexec.exe /package {D8087907-E255-3A41-A46D-D0F798709C71} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\windows\$NtUninstallKB929399$\spuninst\spuninst.exe" Imperial Glory-->"C:\windows\Imperial Glory\uninstall.exe" "/U:f:\Program Files\Pyro Studios\Imperial Glory\Uninstall\uninstall.xml" Inkscape 0.46-->f:\Program Files\Inkscape\Uninstall.exe Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216012FF} jv16 PowerTools 2009-->"f:\Program Files\jv16 PowerTools 2009\unins000.exe" LightScribe System Software 1.12.29.2-->MsiExec.exe /X{CF8C077A-B467-4C43-8DB5-3A9B94FF9681} McAfee SecurityCenter-->C:\Program Files\McAfee\MSC\mcuninst.exe Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - PLK-->MsiExec.exe /I{036FD544-AED6-3F33-856D-A2292D0CF471} Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - PLK-->MsiExec.exe /I{7C77393F-8237-3825-A88A-AFAF3C69C072} Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} Microsoft .NET Framework 3.5 Language Pack - plk-->MsiExec.exe /I{F31E509D-3597-324E-83CF-0C160B2320F0} Microsoft .NET Framework 3.5 SP1-->C:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Games for Windows - LIVE -->MsiExec.exe /X{4D243BA7-9AC4-46D1-90E5-EEB88974F501} Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{05B49229-22A2-4F88-842A-BBC2EBE1CCF6} Microsoft Office FrontPage 2003-->MsiExec.exe /I{90170415-6000-11D3-8CFE-0150048383C9} Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110415-6000-11D3-8CFE-0150048383C9} Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2008 Management Objects-->MsiExec.exe /I{F5E87B12-3C27-452F-8E78-21D42164FD83} Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c} Microsoft Visual C++ 2008 Express Edition with SP1 - ENU-->C:\Program Files\Microsoft Visual Studio 9.0\Microsoft Visual C++ 2008 Express Edition with SP1 - ENU\setup.exe Microsoft Visual C++ 2008 Express Edition with SP1 - ENU-->MsiExec.exe /X{D8087907-E255-3A41-A46D-D0F798709C71} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729-->MsiExec.exe /X{3C3D696B-0DB7-3C6D-A356-3DB8CE541918} Microsoft Windows Media Video 9 VCM-->RunDll32 advpack.dll,LaunchINFSection C:\windows\INF\wmv9vcm.inf, Uninstall Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries-->MsiExec.exe /X{842FAF7C-50EF-4463-9B8F-6222E1384D7D} Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu-->MsiExec.exe /X{5BE1E709-30E4-3D6D-A708-96CE8D5E5E8D} Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32-->MsiExec.exe /X{044F9133-B8D7-4d11-BF39-803FA20F5C8B} Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13} Mozilla Firefox (3.5.3)-->F:\Program Files\Mozilla Firefox\uninstall\helper.exe Mozilla Thunderbird (2.0.0.23)-->f:\Program Files\Mozilla Thunderbird\uninstall\helper.exe MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} MSXML 6.0 Parser (KB925673)-->MsiExec.exe /I{FE9126DB-5F84-495A-BB46-3C724F1C2D08} MWSnap 3-->"f:\Program Files\MWSnap\uninstall.exe" NAP Web Plugin-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{61DD0571-8ADC-4F89-B75C-0465AC9DCABB}\setup.exe" -l0x15 Narzędzie Software Uninstall Utility firmy ATI-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe Need For Speed Pro Street-->"f:\Program Files\Team JPN\Need For Speed Pro Street\unins000.exe" Need for Speed? Carbon-->F:\Program Files\Electronic Arts\Need for Speed Carbon\EAUninstall.exe Need for Speed? Most Wanted-->f:\Program Files\EA GAMES\Need for Speed Most Wanted\EAUninstall.exe Nero 7 Essentials-->MsiExec.exe /X{7BAA9BA8-0761-42EF-842A-23FAA5321045} neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B} Nowe Gadu-Gadu-->f:\Program Files\Gadu-Gadu\Uninstall.exe OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U Pakiet językowy programu Microsoft .NET Framework 3.5 ? PLK-->C:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - plk\setup.exe PC TWIN SHOCK-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E246D3C0-C001-4B38-9C1C-0C9283BAD19A}\setup.exe" -l0x9 PDF Settings-->MsiExec.exe /I{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9} Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe" Pivot Stickfigure Animator-->MsiExec.exe /I{BEAD39CD-901D-4267-8B8B-EAA83CB4B70D} Polanie II-->F:\PROGRA~1\REALIT~1\POLANI~1\UNWISE.EXE /U F:\PROGRA~1\REALIT~1\POLANI~1\INSTALL.LOG Poprawka dla programu Windows Media Player 11 (KB939683)-->"C:\windows\$NtUninstallKB939683$\spuninst\spuninst.exe" Poprawka dla systemu Windows XP (KB942288-v3)-->"C:\windows\$NtUninstallKB942288-v3$\spuninst\spuninst.exe" Poprawka dla systemu Windows XP (KB952287)-->"C:\windows\$NtUninstallKB952287$\spuninst\spuninst.exe" Poprawka dla systemu Windows XP (KB961118)-->"C:\windows\$NtUninstallKB961118$\spuninst\spuninst.exe" Poprawka dla systemu Windows XP (KB970653-v3)-->"C:\windows\$NtUninstallKB970653-v3$\spuninst\spuninst.exe" Poprawka dla systemu Windows XP (KB976098-v2)-->"C:\windows\$NtUninstallKB976098-v2$\spuninst\spuninst.exe" PunkBuster Services-->C:\windows\system32\pbsvc.exe -u Puzzle Quest-->"f:\Program Files\Puzzle Quest\unins000.exe" Quake 4(TM)-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{152B782A-05F3-48EC-9AAC-4D3EB68D9E20} REALTEK GbE & FE Ethernet PCI-E NIC Driver-->C:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\Setup.exe -runfromtemp -l0x0015 -removeonly Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x15 -removeonly Rockstar Games Social Club-->"C:\Program Files\InstallShield Installation Information\{08B3869E-D282-424C-9AFC-870E04A4BA14}\setup.exe" -runfromtemp -l0x0009 -removeonly Search Settings 1.2-->MsiExec.exe /X{D0C73318-7B4A-4D16-A0C4-3B83F075EA88} SlimDX Redistributable (March 2009)-->MsiExec.exe /X{D5395E5F-4D45-4665-8F00-234FA33678AF} Spybot - Search & Destroy-->"f:\Program Files\Spybot - Search & Destroy\unins000.exe" SQL Server System CLR Types-->MsiExec.exe /I{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490} Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3} Supreme Commander-->C:\Program Files\InstallShield Installation Information\{25A1E6A4-2DBD-4AC0-8650-8EA9A45B183D}\setup.exe -runfromtemp -l0x0015 -removeonly TeamSpeak 2 RC2-->"f:\Program Files\Teamspeak2_RC2\unins000.exe" The KMPlayer 2.9.3.1430-->f:\Program Files\The KMPlayer\uninst.exe The Sims? 3-->"C:\Program Files\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\Sims3Setup.exe" -runfromtemp -l0x0015 -removeonly Titan Quest-->"C:\Program Files\InstallShield Installation Information\{1ECB9828-38A7-424F-9280-730F11EBBB96}\setup.exe" Total Commander (Remove or Repair)-->f:\totalcmd\tcuninst.exe TVUPlayer 2.4.7.2-->f:\Program Files\TVUPlayer\uninst.exe Two Worlds 1.6-->"f:\Program Files\Two Worlds\unins000.exe" Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" Video DVD Maker v3.20.0.49-->"f:\Program Files\Video DVD Maker\Uninstall.exe" "f:\Program Files\Video DVD Maker\install.log" -u Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27} Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT="" Wiedźmin-->"C:\Program Files\InstallShield Installation Information\{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}\setup.exe" -runfromtemp -l0x0015 -removeonly Windows Internet Explorer 8-->"C:\windows\ie8\spuninst\spuninst.exe" Windows Media Encoder 9 Series-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} Windows Media Encoder 9 Series-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840} Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" Xfire (remove only)-->"f:\Program Files\Xfire\uninst.exe" XML Paper Specification Shared Components Language Pack 1.0-->"C:\windows\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe" ======System event log====== Computer Name: KONRAD Event Code: 7023 Message: Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący błąd: Nie można odnaleźć określonego modułu. Record Number: 59531 Source Name: Service Control Manager Time Written: 20091120203100.000000+060 Event Type: błąd User: Computer Name: KONRAD Event Code: 7036 Message: Usługa Zarządzanie aplikacjami weszła w stan zatrzymania. Record Number: 59530 Source Name: Service Control Manager Time Written: 20091120203100.000000+060 Event Type: informacje User: Computer Name: KONRAD Event Code: 7035 Message: Do usługi Zarządzanie aplikacjami został pomyślnie wysłany kod sterowania uruchom. Record Number: 59529 Source Name: Service Control Manager Time Written: 20091120203100.000000+060 Event Type: informacje User: KONRAD\GriX Computer Name: KONRAD Event Code: 7023 Message: Usługa Zarządzanie aplikacjami zakończyła działanie; wystąpił następujący błąd: Nie można odnaleźć określonego modułu. Record Number: 59528 Source Name: Service Control Manager Time Written: 20091120203100.000000+060 Event Type: błąd User: Computer Name: KONRAD Event Code: 7036 Message: Usługa Zarządzanie aplikacjami weszła w stan zatrzymania. Record Number: 59527 Source Name: Service Control Manager Time Written: 20091120203100.000000+060 Event Type: informacje User: =====Application event log===== Computer Name: KONRAD Event Code: 1035 Message: Instalator Windows ponownie skonfigurował produkt. Nazwa produktu: Catalyst Control Center Graphics Light. Wersja produktu: 2009.0925.1707.28889. Język produktu: 1033. Stan powodzenia lub błędu ponownego konfigurowania: 0. Record Number: 2750 Source Name: MsiInstaller Time Written: 20091119193535.000000+060 Event Type: informacje User: KONRAD\GriX Computer Name: KONRAD Event Code: 11728 Message: Product: Catalyst Control Center Graphics Light -- Configuration completed successfully. Record Number: 2749 Source Name: MsiInstaller Time Written: 20091119193535.000000+060 Event Type: informacje User: KONRAD\GriX Computer Name: KONRAD Event Code: 1040 Message: Rozpoczynanie transakcji Instalatora Windows: C:\Documents and Settings\GriX\Pulpit\ati8661_winxp\CCC\Graphics-Light\ccc-graphics-Light.msi. Identyfikator procesu klienta: 2328. Record Number: 2748 Source Name: MsiInstaller Time Written: 20091119193534.000000+060 Event Type: informacje User: KONRAD\GriX Computer Name: KONRAD Event Code: 1042 Message: Kończenie transakcji Instalatora Windows: C:\Documents and Settings\GriX\Pulpit\ati8661_winxp\CCC\Core-Implementation\ccc-core-implementation.msi. Identyfikator procesu klienta: 3056. Record Number: 2747 Source Name: MsiInstaller Time Written: 20091119193534.000000+060 Event Type: informacje User: ZARZĄDZANIE NT\SYSTEM Computer Name: KONRAD Event Code: 1035 Message: Instalator Windows ponownie skonfigurował produkt. Nazwa produktu: Catalyst Control Center Core Implementation. Wersja produktu: 2009.0925.1707.28889. Język produktu: 1033. Stan powodzenia lub błędu ponownego konfigurowania: 0. Record Number: 2746 Source Name: MsiInstaller Time Written: 20091119193534.000000+060 Event Type: informacje User: KONRAD\GriX ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;F:\Program Files\ArcaBit\Common "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 6, GenuineIntel "PROCESSOR_REVISION"=1706 "NUMBER_OF_PROCESSORS"=2 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "RGSCLauncher"=f:\Program Files\Rockstar Games\Rockstar Games Social Club "RGSC"=f:\Program Files\Rockstar Games\Rockstar Games Social Club\1_0_0_0 "VS90COMNTOOLS"=C:\Program Files\Microsoft Visual Studio 9.0\Common7\Tools\ -----------------EOF----------------- Logfile of random's system information tool 1.06 (written by random/random) Run by GriX at 2009-11-27 22:10:47 Microsoft Windows XP Home Edition Dodatek Service Pack 3 System drive C: has 26 GB (26%) free of 100 GB Total RAM: 2047 MB (64% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:12:02, on 2009-11-27 Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\windows\System32\smss.exe C:\windows\system32\winlogon.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\Ati2evxx.exe C:\windows\system32\svchost.exe C:\windows\System32\svchost.exe C:\windows\system32\svchost.exe C:\windows\system32\Ati2evxx.exe C:\windows\system32\spoolsv.exe f:\Program Files\AlienGUIse\wbload.exe C:\WINDOWS\ATKKBService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\windows\Explorer.EXE C:\Program Files\McAfee\SiteAdvisor\McSACore.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe C:\PROGRA~1\McAfee\VirusScan\mcshield.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\McAfee\MPF\MPFSrv.exe C:\Program Files\McAfee\MSK\MskSrver.exe C:\windows\system32\PnkBstrA.exe c:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\windows\system32\PnkBstrB.exe C:\windows\RTHDCPL.EXE C:\windows\System32\snmp.exe C:\windows\system32\svchost.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\windows\system32\ctfmon.exe C:\Program Files\ASRock WiFi-802.11g\RtWLan.exe C:\PROGRA~1\McAfee\VirusScan\mcsysmon.exe F:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\GriX\Pulpit\RSIT.exe C:\Program Files\trend micro\GriX.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - (no file) O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\GriX\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - (no file) O3 - Toolbar: &Tłumaczenie - {0D704FAD-66E9-4F0A-BFED-4F665770DDB3} - F:\Program Files\English Translator\English Translator XT\InternetTranslator.dll O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "F:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKCU\..\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe O4 - HKCU\..\Run: [SpybotSD TeaTimer] f:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [iTracker2] e:\Program Files\ASUS\iTracker2iTracker.exe /start O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Shadow Ops_ Red Mercury Registration.lnk = C:\Documents and Settings\GriX\Ustawienia lokalne\Temp\{FA283402-F3C2-4988-ABA3-DE935490C8BE}\{021CB753-D388-4C3B-8E40-554E226F54F2}\ATR1.EXE O4 - Startup: smgr32.exe O4 - Global Startup: ASRock WiFi-802.11g.lnk = ? O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Compare Prices with &Dealio - C:\Documents and Settings\GriX\Dane aplikacji\Dealio\kb127\res\DealioSearch.html O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://F:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {B46B0919-62BA-4D99-A5C4-916B57A6805C} - F:\Program Files\English Translator\English Translator XT\InternetTranslator.dll O9 - Extra 'Tools' menuitem: @F:\Program Files\English Translator\English Translator XT\InternetTranslator.dll,-103 - {B46B0919-62BA-4D99-A5C4-916B57A6805C} - F:\Program Files\English Translator\English Translator XT\InternetTranslator.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\windows\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\windows\system32\shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} (Java Plug-in 1.6.0_15) - O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll O20 - AppInit_DLLs: C:\WINDOWS\system32\wbsys.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VirusScan\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VirusScan\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VirusScan\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\windows\system32\PnkBstrB.exe O23 - Service: Start BT in service - Unknown owner - F:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe -- End of file - 10177 bytes ======Scheduled tasks folder====== C:\windows\tasks\McDefragTask.job C:\windows\tasks\McQcTask.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}] McAfee Phishing Filter - c:\PROGRA~1\mcafee\msk\mskapbho.dll [2009-10-02 246800] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - F:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6A87B991-A31F-4130-AE72-6D0C294BF082}] DealioBHO Class [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}] scriptproxy - C:\Program Files\McAfee\VirusScan\scriptsn.dll [2009-11-04 62784] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}] McAfee SiteAdvisor BHO - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll [2009-01-29 145424] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}] IEPluginBHO Class - C:\Documents and Settings\GriX\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll [2009-07-14 42088] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - [] {0D704FAD-66E9-4F0A-BFED-4F665770DDB3} - &Tłumaczenie - F:\Program Files\English Translator\English Translator XT\InternetTranslator.dll [2007-02-16 356352] {32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-10-30 1019336] {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll [2009-01-29 145424] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"=C:\windows\RTHDCPL.EXE [2007-11-22 16858112] "NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136] "REGSHAVE"=C:\Program Files\REGSHAVE\REGSHAVE.EXE [2002-02-04 53248] "Adobe Reader Speed Launcher"=F:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288] "KernelFaultCheck"=C:\windows\system32\dumprep 0 -k [] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280] "mcagent_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2009-10-29 1218008] "McENUI"=C:\PROGRA~1\McAfee\MHN\McENUI.exe [2009-07-07 1176808] "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-10-06 98304] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\windows\system32\ctfmon.exe [2008-04-14 15360] "SpybotSD TeaTimer"=f:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] "LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-01-24 2289664] "iTracker2"=e:\Program Files\ASUS\iTracker2iTracker.exe /start [] C:\Documents and Settings\All Users\Menu Start\Programy\Autostart ASRock WiFi-802.11g.lnk - C:\Program Files\ASRock WiFi-802.11g\RtWLan.exe C:\Documents and Settings\GriX\Menu Start\Programy\Autostart Shadow Ops_ Red Mercury Registration.lnk - C:\Documents and Settings\GriX\Ustawienia lokalne\Temp\{FA283402-F3C2-4988-ABA3-DE935490C8BE}\{021CB753-D388-4C3B-8E40-554E226F54F2}\ATR1.EXE smgr32.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="C:\WINDOWS\system32\wbsys.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\windows\system32\Ati2evxx.dll [2009-10-07 155648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WB] f:\Program Files\AlienGUIse\fastload.dll [2001-12-20 24576] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\windows\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=323 "NoDriveAutoRun"=67108863 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveAutoRun"= "NoDriveTypeAutoRun"= "NoDrives"= "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "F:\Program Files\Gadu-Gadu\gg.exe"="F:\Program Files\Gadu-Gadu\gg.exe:*:Enabled:Nowe Gadu-Gadu" "F:\Program Files\Electronic Arts\EADM\Core.exe"="F:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager" "F:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="F:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:iw3mp" "F:\Program Files\Age of Empires III\Age of Empires III\age3.exe"="F:\Program Files\Age of Empires III\Age of Empires III\age3.exe:*:Enabled:Age of Empires 3" "F:\Program Files\Metin2_PL\metin2.bin"="F:\Program Files\Metin2_PL\metin2.bin:*:Enabled:metin2" "C:\Documents and Settings\GriX\Pulpit\Left 4 Deat\Left 4 Dead\left4dead.exe"="C:\Documents and Settings\GriX\Pulpit\Left 4 Deat\Left 4 Dead\left4dead.exe:*:Enabled:left4dead" "C:\Documents and Settings\GriX\Moje dokumenty\Left 4 Deat\Left 4 Dead\left4dead.exe"="C:\Documents and Settings\GriX\Moje dokumenty\Left 4 Deat\Left 4 Dead\left4dead.exe:*:Enabled:left4dead" "C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server" "F:\Program Files\Enigma Software Productions\Angels vs Devils\AngelsvsDevils.exe"="F:\Program Files\Enigma Software Productions\Angels vs Devils\AngelsvsDevils.exe:*:Enabled:AngelsvsDevils" "F:\Program Files\GameSpy Arcade\Aphex.exe"="F:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade" "F:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="F:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil" "F:\Program Files\TVUPlayer\TVUPlayer.exe"="F:\Program Files\TVUPlayer\TVUPlayer.exe:*:Enabled:TVUPlayer Component" "C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA" "C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB" "F:\Program Files\Codemasters\FUEL\FUEL.exe"="F:\Program Files\Codemasters\FUEL\FUEL.exe:*:Enabled:FUEL" "F:\Program Files\uTorrent\utorrent.exe"="F:\Program Files\uTorrent\utorrent.exe:*:Enabled:?Torrent" "C:\Documents and Settings\GriX\Pulpit\PES 09\PES09-snaketop.net.By.PIONO\pes2009.exe"="C:\Documents and Settings\GriX\Pulpit\PES 09\PES09-snaketop.net.By.PIONO\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009" "C:\Documents and Settings\GriX\Moje dokumenty\PES 09\PES09-snaketop.net.By.PIONO\pes2009.exe"="C:\Documents and Settings\GriX\Moje dokumenty\PES 09\PES09-snaketop.net.By.PIONO\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009" "F:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe"="F:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV" "F:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe"="F:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV" "F:\Program Files\Steam\Steam.exe"="F:\Program Files\Steam\Steam.exe:*:Enabled:Steam" "F:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe"="F:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe:*:Enabled:Call of Duty: Modern Warfare 2 - Multiplayer" "F:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe"="F:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe:*:Enabled:Call of Duty: Modern Warfare 2" "C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe"="C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{04767daa-f6dd-11dd-aa48-0019668ad66a}] shell\AutoRun\command - C:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn ======List of files/folders created in the last 1 months====== 2009-11-27 22:10:48 ----D---- C:\Program Files\trend micro 2009-11-27 22:10:47 ----D---- C:\rsit 2009-11-27 18:33:11 ----A---- C:\windows\UPGRADE.TXT 2009-11-27 17:42:05 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\ATI 2009-11-27 17:34:07 ----A---- C:\windows\system32\Oemdspif.dll 2009-11-27 17:34:07 ----A---- C:\windows\system32\ativcoxx.dll 2009-11-27 17:34:07 ----A---- C:\windows\system32\atitvo32.dll 2009-11-27 17:34:07 ----A---- C:\windows\system32\atipdlxx.dll 2009-11-27 17:34:07 ----A---- C:\windows\system32\atiok3x2.dll 2009-11-27 17:34:05 ----A---- C:\windows\system32\atioglxx.dll 2009-11-27 17:34:05 ----A---- C:\windows\system32\ATIODE.exe 2009-11-27 17:34:05 ----A---- C:\windows\system32\ATIODCLI.exe 2009-11-27 17:34:05 ----A---- C:\windows\system32\atimpc32.dll 2009-11-27 17:34:05 ----A---- C:\windows\system32\atikvmag.dll 2009-11-27 17:34:05 ----A---- C:\windows\system32\amdpcom32.dll 2009-11-27 17:34:04 ----A---- C:\windows\system32\atiiiexx.dll 2009-11-27 17:34:04 ----A---- C:\windows\system32\ATIDEMGX.dll 2009-11-27 17:34:04 ----A---- C:\windows\system32\ATIDDC.DLL 2009-11-27 17:34:04 ----A---- C:\windows\system32\aticalrt.dll 2009-11-27 17:34:04 ----A---- C:\windows\system32\aticaldd.dll 2009-11-27 17:34:04 ----A---- C:\windows\system32\aticalcl.dll 2009-11-27 17:34:04 ----A---- C:\windows\system32\atibtmon.exe 2009-11-27 17:34:04 ----A---- C:\windows\system32\atiadlxx.dll 2009-11-27 17:34:02 ----A---- C:\windows\system32\Ati2mdxx.exe 2009-11-27 17:34:02 ----A---- C:\windows\system32\ati2evxx.exe 2009-11-27 17:34:02 ----A---- C:\windows\system32\ati2evxx.dll 2009-11-27 17:34:02 ----A---- C:\windows\system32\ati2edxx.dll 2009-11-27 16:59:30 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\SiteAdvisor 2009-11-27 16:59:19 ----D---- C:\Program Files\SiteAdvisor 2009-11-27 16:56:07 ----D---- C:\Program Files\Common Files\McAfee 2009-11-27 16:56:06 ----D---- C:\Program Files\McAfee.com 2009-11-27 16:55:57 ----D---- C:\Program Files\McAfee 2009-11-27 16:26:45 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\McAfee 2009-11-25 21:12:15 ----A---- C:\windows\system32\inf.exe 2009-11-25 18:05:38 ----A---- C:\windows\Eurobattle.net Installer Setup Log.txt 2009-11-25 07:08:03 ----HDC---- C:\windows\$NtUninstallKB976098-v2$ 2009-11-25 07:07:57 ----HDC---- C:\windows\$NtUninstallKB973687$ 2009-11-23 19:34:59 ----A---- C:\windows\system32\javaws.exe 2009-11-23 19:34:59 ----A---- C:\windows\system32\javaw.exe 2009-11-23 19:34:59 ----A---- C:\windows\system32\java.exe 2009-11-20 21:43:13 ----D---- C:\Program Files\ATI 2009-11-20 21:13:42 ----A---- C:\windows\Radeon Omega Drivers v4.8.442 Uninstall Log.txt 2009-11-19 16:57:54 ----D---- C:\Documents and Settings\GriX\Dane aplikacji\Download Manager 2009-11-19 16:44:19 ----D---- C:\Documents and Settings\GriX\Dane aplikacji\atitray 2009-11-19 16:39:22 ----A---- C:\windows\Radeon Omega Drivers v4.8.442 Uninstall.exe 2009-11-12 08:32:45 ----HDC---- C:\windows\$NtUninstallKB969947$ 2009-11-10 22:07:48 ----A---- C:\windows\system32\PnkBstrB.exe 2009-11-06 03:14:42 ----A---- C:\windows\system32\xfcodec.dll 2009-11-04 22:12:27 ----N---- C:\windows\system32\spmsg.dll 2009-11-02 16:35:08 ----A---- C:\Documents and Settings\GriX\Dane aplikacji\XTDocSettings.ini 2009-10-31 17:58:31 ----A---- C:\windows\system32\CmdLineExt.dll ======List of files/folders modified in the last 1 months====== 2009-11-27 22:10:48 ----RD---- C:\Program Files 2009-11-27 21:28:03 ----D---- C:\windows\system32\CatRoot2 2009-11-27 21:11:50 ----D---- C:\windows\Temp 2009-11-27 21:10:40 ----D---- C:\WINDOWS 2009-11-27 20:01:01 ----A---- C:\windows\SchedLgU.Txt 2009-11-27 18:52:59 ----RSHDC---- C:\windows\system32\dllcache 2009-11-27 18:52:55 ----D---- C:\windows\system32\drivers 2009-11-27 18:52:55 ----D---- C:\windows\system32 2009-11-27 18:52:49 ----D---- C:\windows\system32\ReinstallBackups 2009-11-27 18:27:11 ----D---- C:\windows\Prefetch 2009-11-27 17:42:43 ----HD---- C:\windows\inf 2009-11-27 17:40:00 ----SHD---- C:\Config.Msi 2009-11-27 17:39:59 ----RSD---- C:\windows\assembly 2009-11-27 17:39:51 ----D---- C:\windows\WinSxS 2009-11-27 17:39:41 ----SHD---- C:\windows\Installer 2009-11-27 17:34:36 ----D---- C:\Program Files\ATI Technologies 2009-11-27 17:30:47 ----A---- C:\windows\wininit.ini 2009-11-27 16:58:12 ----D---- C:\windows\system32\CatRoot 2009-11-27 16:56:18 ----SD---- C:\windows\Tasks 2009-11-27 16:56:07 ----D---- C:\Program Files\Common Files 2009-11-27 16:37:30 ----A---- C:\windows\NeroDigital.ini 2009-11-27 15:40:37 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files 2009-11-26 21:57:00 ----D---- C:\windows\system32\DirectX 2009-11-26 21:41:14 ----D---- C:\Program Files\Common Files\Wise Installation Wizard 2009-11-25 15:37:08 ----SHD---- C:\System Volume Information 2009-11-25 14:36:07 ----HD---- C:\Program Files\InstallShield Installation Information 2009-11-25 07:08:05 ----A---- C:\windows\imsins.BAK 2009-11-25 07:07:47 ----HD---- C:\windows\$hf_mig$ 2009-11-25 06:56:41 ----D---- C:\windows\system32\config 2009-11-23 19:34:52 ----D---- C:\Program Files\Java 2009-11-22 14:14:54 ----D---- C:\Documents and Settings\GriX\Dane aplikacji\Xfire 2009-11-20 21:44:02 ----DC---- C:\windows\system32\DRVSTORE 2009-11-20 19:46:37 ----D---- C:\windows\system32\wbem 2009-11-20 19:46:36 ----D---- C:\windows\Registration 2009-11-19 19:12:07 ----D---- C:\windows\Minidump 2009-11-16 20:38:45 ----D---- C:\temp 2009-11-06 15:27:43 ----D---- C:\Documents and Settings\GriX\Dane aplikacji\teamspeak2 2009-11-05 18:36:21 ----A---- C:\windows\system32\MRT.exe 2009-11-04 22:12:26 ----D---- C:\windows\ie8updates 2009-11-01 11:57:03 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite 2009-10-31 19:01:03 ----A---- C:\windows\system32\PerfStringBackup.INI 2009-10-30 06:52:50 ----D---- C:\windows\Help 2009-10-28 16:07:15 ----N---- C:\windows\system32\tzchange.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 asuskbnt;Enhanced Display Driver Helper Service; C:\windows\system32\drivers\atkkbnt.sys [2008-07-03 11136] R1 intelppm;Sterownik procesora Intel; C:\windows\system32\DRIVERS\intelppm.sys [2008-04-14 40448] R1 mfehidk;McAfee Inc. mfehidk; C:\windows\system32\drivers\mfehidk.sys [2009-11-04 214664] R1 MPFP;MPFP; C:\windows\System32\Drivers\Mpfp.sys [2009-07-16 120136] R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.5.0; C:\windows\system32\DRIVERS\AegisP.sys [2009-02-09 21035] R2 atksgt;atksgt; C:\windows\system32\DRIVERS\atksgt.sys [2009-02-09 278984] R2 EIO_XP;EIO_XP; \??\C:\windows\system32\drivers\EIO_XP.sys [] R2 irda;Protokół IrDA; C:\windows\system32\DRIVERS\irda.sys [2008-04-14 88192] R2 lirsgt;lirsgt; C:\windows\system32\DRIVERS\lirsgt.sys [2009-02-09 25416] R3 asusgsb;ASUS Virtual Video Capture Device Driver; C:\windows\system32\drivers\asusgsb.sys [2008-07-03 12416] R3 ati2mtag;ati2mtag; C:\windows\system32\DRIVERS\ati2mtag.sys [2009-10-07 4486656] R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\windows\system32\drivers\AtiHdmi.sys [2009-02-26 99856] R3 BlueletAudio;Bluetooth Audio Service; C:\windows\system32\DRIVERS\blueletaudio.sys [2007-03-05 34576] R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\windows\system32\DRIVERS\BlueletSCOAudio.sys [2007-03-05 27792] R3 BT;Bluetooth PAN Network Adapter; C:\windows\system32\DRIVERS\btnetdrv.sys [2007-03-05 18320] R3 HDAudBus;Sterownik magistrali Microsoft UAA dla High Definition Audio; C:\windows\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 hidusb;Sterownik Microsoft klasy HID; C:\windows\system32\DRIVERS\hidusb.sys [2008-04-14 10368] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RtkHDAud.sys [2007-11-27 4630016] R3 irsir;Sterownik portu szeregowego podczerwieni Microsoft; C:\windows\system32\DRIVERS\irsir.sys [2001-08-17 18688] R3 mfeavfk;McAfee Inc. mfeavfk; C:\windows\system32\drivers\mfeavfk.sys [2009-11-04 79816] R3 mfebopk;McAfee Inc. mfebopk; C:\windows\system32\drivers\mfebopk.sys [2009-11-04 35272] R3 mfesmfk;McAfee Inc. mfesmfk; C:\windows\system32\drivers\mfesmfk.sys [2009-11-04 40552] R3 mouhid;Sterownik myszy HID; C:\windows\system32\DRIVERS\mouhid.sys [2004-08-04 12160] R3 Rasirda;WAN Miniport (IrDA); C:\windows\system32\DRIVERS\rasirda.sys [2001-08-17 19584] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\windows\System32\Drivers\RootMdm.sys [2004-08-04 5888] R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\windows\system32\DRIVERS\Rtenicxp.sys [2008-01-03 105856] R3 usbehci;Sterownik Miniport rozszerzonego kontrolera hosta USB 2.0 Microsoft; C:\windows\system32\DRIVERS\usbehci.sys [2008-04-14 30208] R3 usbhub;Koncentrator z obsługą USB2; C:\windows\system32\DRIVERS\usbhub.sys [2008-04-14 59520] R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\windows\system32\DRIVERS\usbuhci.sys [2008-04-14 20608] R3 VComm;Virtual Serial port driver; C:\windows\system32\DRIVERS\VComm.sys [2007-03-05 34448] R3 VcommMgr;Bluetooth VComm Manager Service; C:\windows\System32\Drivers\VcommMgr.sys [2007-03-05 44304] R3 Video3D;ASUS Video3D Service; C:\windows\System32\Drivers\Video3D32.sys [2008-07-03 10752] S3 afe7r7ie;afe7r7ie; C:\windows\system32\drivers\afe7r7ie.sys [] S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\windows\System32\Drivers\btcusb.sys [2007-03-05 39184] S3 CCDECODE;Dekoder napisów; C:\windows\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024] S3 mferkdk;McAfee Inc. mferkdk; C:\windows\system32\drivers\mferkdk.sys [2009-11-04 34248] S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\windows\system32\drivers\MSTEE.sys [2008-04-14 5504] S3 NABTSFEC;Koder-dekoder NABTS/FEC VBI; C:\windows\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248] S3 NdisIP;Połączenie TV/wideo firmy Microsoft; C:\windows\system32\DRIVERS\NdisIP.sys [2008-04-14 10880] S3 SLIP;BDA Slip De-Framer; C:\windows\system32\DRIVERS\SLIP.sys [2008-04-14 11136] S3 STIrUsb;Klucz szyfrujący SigmaTel USB-IrDA; C:\windows\system32\DRIVERS\irstusb.sys [2001-08-17 26624] S3 streamip;BDA IPSink; C:\windows\system32\DRIVERS\StreamIP.sys [2008-04-14 15232] S3 usbprint;Klasa PRINTER USB Microsoft; C:\windows\system32\DRIVERS\usbprint.sys [2008-04-14 25856] S3 usbscan;Sterownik skanera USB; C:\windows\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 USBSTOR;Sterownik magazynu masowego USB; C:\windows\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368] S3 WpdUsb;WpdUsb; C:\windows\system32\DRIVERS\wpdusb.sys [2006-10-18 38528] S3 WSTCODEC;Kodery-dekodery teletekstu w standardzie światowym; C:\windows\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\windows\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 IntelIde;IntelIde; C:\windows\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Ati HotKey Poller;Ati HotKey Poller; C:\windows\system32\Ati2evxx.exe [2009-10-07 602112] R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2008-07-03 262144] R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376] R2 Irmon;Monitor podczerwieni; C:\windows\system32\svchost.exe [2008-04-14 14336] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-01-24 73728] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [2009-01-23 203280] R2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2009-10-29 865832] R2 McNASvc;McAfee Network Agent; c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe [2009-07-07 2482848] R2 McProxy;McAfee Proxy Service; c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [2009-07-08 359952] R2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VirusScan\mcshield.exe [2009-11-04 144704] R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120] R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2009-10-27 895696] R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\McAfee\MSK\MskSrver.exe [2009-10-02 26640] R2 PnkBstrA;PnkBstrA; C:\windows\system32\PnkBstrA.exe [2009-03-03 75064] R2 PnkBstrB;PnkBstrB; C:\windows\system32\PnkBstrB.exe [2009-11-20 215104] R2 SNMP;Usługa SNMP; C:\windows\System32\snmp.exe [2008-04-14 32768] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\windows\system32\svchost.exe [2008-04-14 14336] R3 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VirusScan\mcsysmon.exe [2009-11-04 606736] S3 aspnet_state;Usuga stanu ASP.NET; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-05-23 654848] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 idsvc;Windows CardSpace; C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 LPDSVC;Serwer wydruku TCP/IP; C:\windows\system32\tcpsvcs.exe [2004-08-04 19456] S3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VirusScan\mcods.exe [2009-10-28 365072] S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-11-28 800040] S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 SNMPTRAP;Usługa SNMP Trap; C:\windows\System32\snmptrap.exe [2008-04-14 8704] S3 Start BT in service;Start BT in service; F:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [2007-04-21 52080] S3 WMPNetworkSvc;Usługa udostępniania w sieci programu Windows Media Player; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-12-01 918016] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- Malwarebytes' Anti-Malware Malwarebytes' Anti-Malware 1.41 Wersja bazy definicji: 3245 Windows 5.1.2600 Dodatek Service Pack 3 2009-11-27 22:29:56 mbam-log-2009-11-27 (22-29-56).txt Typ skanowania: Szybkie skanowanie Przeskanowane obiekty: 105364 Upłynęło: 5 minute(s), 25 second(s) Zainfekowane procesy w pamięci: 0 Zainfekowane moduły pamięci: 0 Zainfekowane klucze rejestru: 0 Zainfekowane wartości rejestru: 0 Zainfekowane pliki rejestru: 2 Zainfekowane foldery: 0 Zainfekowane pliki: 2 Zainfekowane procesy w pamięci: (Nie wykryto groźnych plików) Zainfekowane moduły pamięci: (Nie wykryto groźnych plików) Zainfekowane klucze rejestru: (Nie wykryto groźnych plików) Zainfekowane wartości rejestru: (Nie wykryto groźnych plików) Zainfekowane pliki rejestru: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Zainfekowane foldery: (Nie wykryto groźnych plików) Zainfekowane pliki: C:\Documents and Settings\GriX\Menu Start\Programy\Autostart\smgr32.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\inf.exe (Trojan.Agent) -> Quarantined and deleted successfully. Link do komentarza Udostępnij na innych stronach More sharing options...
Sevard Napisano Listopad 27, 2009 Zgłoś Share Napisano Listopad 27, 2009 No to wirus. Otwórz notatnik, wklej do niego to co poniżej Windows Registry Editor Version 5.00 [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{04767daa-f6dd-11dd-aa48-0019668ad66a}] zapisz to jako fix.reg i uruchom. Poza tym logi wyglądają na czyste (to co było usunął Malwarebytes'). Link do komentarza Udostępnij na innych stronach More sharing options...
GriX Napisano Listopad 28, 2009 Autor Zgłoś Share Napisano Listopad 28, 2009 I już po wszystkim? Dobra już działa, wielkie dzięki. Link do komentarza Udostępnij na innych stronach More sharing options...
Sevard Napisano Listopad 28, 2009 Zgłoś Share Napisano Listopad 28, 2009 Najprawdopodobniej po wszystkim. W logach nic nie widać, pytanie, czy Ty nie widzisz jeszcze czegoś podejrzanego? Jeśli nie to najprawdopodobniej po problemie, ale dla pewności możesz jeszcze przeskanować kompa skanerem Dr.Web CureIt! czy czymś podobnym. Link do komentarza Udostępnij na innych stronach More sharing options...
GriX Napisano Listopad 30, 2009 Autor Zgłoś Share Napisano Listopad 30, 2009 Teraz komputer strasznie wolno chodzi, dam logi, może znowu jakiś wirus: Logfile of random's system information tool 1.06 (written by random/random) Run by GriX at 2009-11-30 20:06:44 Microsoft Windows XP Home Edition Dodatek Service Pack 3 System drive C: has 26 GB (26%) free of 100 GB Total RAM: 2047 MB (69% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:06:52, on 2009-11-30 Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\windows\System32\smss.exe C:\windows\system32\winlogon.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\Ati2evxx.exe C:\windows\system32\svchost.exe C:\windows\system32\svchost.exe e:\Program Files\Panda Security\Panda Internet Security 2010\TPSrv.exe C:\windows\system32\svchost.exe C:\windows\system32\Ati2evxx.exe C:\windows\system32\spoolsv.exe C:\WINDOWS\ATKKBService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\windows\system32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE e:\Program Files\Panda Security\Panda Internet Security 2010\PsCtrls.exe e:\Program Files\Panda Security\Panda Internet Security 2010\PavFnSvr.exe C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe C:\windows\system32\PnkBstrA.exe C:\windows\system32\PnkBstrB.exe e:\program files\panda security\panda internet security 2010\firewall\PSHOST.EXE e:\Program Files\Panda Security\Panda Internet Security 2010\PsImSvc.exe e:\Program Files\Panda Security\Panda Internet Security 2010\PskSvc.exe C:\windows\System32\snmp.exe C:\windows\system32\svchost.exe f:\Program Files\AlienGUIse\wbload.exe e:\Program Files\Panda Security\Panda Internet Security 2010\pavsrv51.exe e:\Program Files\Panda Security\Panda Internet Security 2010\AVENGINE.EXE C:\windows\Explorer.EXE C:\windows\RTHDCPL.EXE C:\Program Files\Java\jre6\bin\jusched.exe C:\windows\system32\ctfmon.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\ASRock WiFi-802.11g\RtWLan.exe C:\windows\System32\svchost.exe e:\Program Files\Panda Security\Panda Internet Security 2010\PavBckPT.exe F:\Program Files\Mozilla Firefox\firefox.exe e:\Program Files\Panda Security\Panda Internet Security 2010\WebProxy.exe C:\windows\system32\wscntfy.exe C:\Documents and Settings\GriX\Pulpit\RSIT.exe C:\Program Files\trend micro\GriX.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza R3 - URLSearchHook: _URLHandler - {6E6624DD-AB4A-45E9-B9B7-393CB62C45ED} - f:\PROGRA~1\X-Backup\Xbackup.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - (no file) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - (no file) O2 - BHO: (no name) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - (no file) O2 - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - (no file) O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\GriX\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - (no file) O3 - Toolbar: &Tłumaczenie - {0D704FAD-66E9-4F0A-BFED-4F665770DDB3} - F:\Program Files\English Translator\English Translator XT\InternetTranslator.dll O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "F:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "f:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [APVXDWIN] "e:\Program Files\Panda Security\Panda Internet Security 2010\APVXDWIN.EXE" /s O4 - HKLM\..\Run: [SCANINICIO] "e:\Program Files\Panda Security\Panda Internet Security 2010\Inicio.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe O4 - HKCU\..\Run: [SpybotSD TeaTimer] f:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [iTracker2] e:\Program Files\ASUS\iTracker2iTracker.exe /start O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Shadow Ops_ Red Mercury Registration.lnk = C:\Documents and Settings\GriX\Ustawienia lokalne\Temp\{FA283402-F3C2-4988-ABA3-DE935490C8BE}\{021CB753-D388-4C3B-8E40-554E226F54F2}\ATR1.EXE O4 - Global Startup: ASRock WiFi-802.11g.lnk = ? O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Compare Prices with &Dealio - C:\Documents and Settings\GriX\Dane aplikacji\Dealio\kb127\res\DealioSearch.html O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://F:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {B46B0919-62BA-4D99-A5C4-916B57A6805C} - F:\Program Files\English Translator\English Translator XT\InternetTranslator.dll O9 - Extra 'Tools' menuitem: @F:\Program Files\English Translator\English Translator XT\InternetTranslator.dll,-103 - {B46B0919-62BA-4D99-A5C4-916B57A6805C} - F:\Program Files\English Translator\English Translator XT\InternetTranslator.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\windows\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\windows\system32\shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} (Java Plug-in 1.6.0_15) - O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: Panda Software Controller - Panda Security, S.L. - e:\Program Files\Panda Security\Panda Internet Security 2010\PsCtrls.exe O23 - Service: Panda Function Service (PAVFNSVR) - Panda Security, S.L. - e:\Program Files\Panda Security\Panda Internet Security 2010\PavFnSvr.exe O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Security, S.L. - C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - e:\Program Files\Panda Security\Panda Internet Security 2010\pavsrv51.exe O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\windows\system32\PnkBstrB.exe O23 - Service: Panda Host Service (PSHost) - Panda Security International - e:\program files\panda security\panda internet security 2010\firewall\PSHOST.EXE O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - e:\Program Files\Panda Security\Panda Internet Security 2010\PsImSvc.exe O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - e:\Program Files\Panda Security\Panda Internet Security 2010\PskSvc.exe O23 - Service: Start BT in service - Unknown owner - F:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - e:\Program Files\Panda Security\Panda Internet Security 2010\TPSrv.exe -- End of file - 10811 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - F:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6A87B991-A31F-4130-AE72-6D0C294BF082}] DealioBHO Class [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}] IEPluginBHO Class - C:\Documents and Settings\GriX\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll [2009-07-14 42088] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - [] {0D704FAD-66E9-4F0A-BFED-4F665770DDB3} - &Tłumaczenie - F:\Program Files\English Translator\English Translator XT\InternetTranslator.dll [2007-02-16 356352] {32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-10-30 1019336] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"=C:\windows\RTHDCPL.EXE [2007-11-22 16858112] "NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136] "REGSHAVE"=C:\Program Files\REGSHAVE\REGSHAVE.EXE [2002-02-04 53248] "Adobe Reader Speed Launcher"=F:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280] "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-10-06 98304] "Malwarebytes Anti-Malware (reboot)"=f:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080] "KernelFaultCheck"=C:\windows\system32\dumprep 0 -k [] "APVXDWIN"=e:\Program Files\Panda Security\Panda Internet Security 2010\APVXDWIN.EXE [2009-06-05 574720] "SCANINICIO"=e:\Program Files\Panda Security\Panda Internet Security 2010\Inicio.exe [2009-04-21 56064] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\windows\system32\ctfmon.exe [2008-04-14 15360] "SpybotSD TeaTimer"=f:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] "LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-01-24 2289664] "iTracker2"=e:\Program Files\ASUS\iTracker2iTracker.exe /start [] C:\Documents and Settings\All Users\Menu Start\Programy\Autostart ASRock WiFi-802.11g.lnk - C:\Program Files\ASRock WiFi-802.11g\RtWLan.exe C:\Documents and Settings\GriX\Menu Start\Programy\Autostart Shadow Ops_ Red Mercury Registration.lnk - C:\Documents and Settings\GriX\Ustawienia lokalne\Temp\{FA283402-F3C2-4988-ABA3-DE935490C8BE}\{021CB753-D388-4C3B-8E40-554E226F54F2}\ATR1.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\windows\system32\Ati2evxx.dll [2009-10-07 155648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avldr] C:\windows\system32\avldr.dll [2008-03-18 58672] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WB] f:\Program Files\AlienGUIse\fastload.dll [2001-12-20 24576] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\windows\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=323 "NoDriveAutoRun"=67108863 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveAutoRun"= "NoDriveTypeAutoRun"= "NoDrives"= "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "F:\Program Files\Gadu-Gadu\gg.exe"="F:\Program Files\Gadu-Gadu\gg.exe:*:Enabled:Nowe Gadu-Gadu" "F:\Program Files\Electronic Arts\EADM\Core.exe"="F:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager" "F:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="F:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:iw3mp" "F:\Program Files\Age of Empires III\Age of Empires III\age3.exe"="F:\Program Files\Age of Empires III\Age of Empires III\age3.exe:*:Enabled:Age of Empires 3" "F:\Program Files\Metin2_PL\metin2.bin"="F:\Program Files\Metin2_PL\metin2.bin:*:Enabled:metin2" "C:\Documents and Settings\GriX\Pulpit\Left 4 Deat\Left 4 Dead\left4dead.exe"="C:\Documents and Settings\GriX\Pulpit\Left 4 Deat\Left 4 Dead\left4dead.exe:*:Enabled:left4dead" "C:\Documents and Settings\GriX\Moje dokumenty\Left 4 Deat\Left 4 Dead\left4dead.exe"="C:\Documents and Settings\GriX\Moje dokumenty\Left 4 Deat\Left 4 Dead\left4dead.exe:*:Enabled:left4dead" "C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server" "F:\Program Files\Enigma Software Productions\Angels vs Devils\AngelsvsDevils.exe"="F:\Program Files\Enigma Software Productions\Angels vs Devils\AngelsvsDevils.exe:*:Enabled:AngelsvsDevils" "F:\Program Files\GameSpy Arcade\Aphex.exe"="F:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade" "F:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="F:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil" "F:\Program Files\TVUPlayer\TVUPlayer.exe"="F:\Program Files\TVUPlayer\TVUPlayer.exe:*:Enabled:TVUPlayer Component" "C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA" "C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB" "F:\Program Files\Codemasters\FUEL\FUEL.exe"="F:\Program Files\Codemasters\FUEL\FUEL.exe:*:Enabled:FUEL" "F:\Program Files\uTorrent\utorrent.exe"="F:\Program Files\uTorrent\utorrent.exe:*:Enabled:?Torrent" "C:\Documents and Settings\GriX\Pulpit\PES 09\PES09-snaketop.net.By.PIONO\pes2009.exe"="C:\Documents and Settings\GriX\Pulpit\PES 09\PES09-snaketop.net.By.PIONO\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009" "C:\Documents and Settings\GriX\Moje dokumenty\PES 09\PES09-snaketop.net.By.PIONO\pes2009.exe"="C:\Documents and Settings\GriX\Moje dokumenty\PES 09\PES09-snaketop.net.By.PIONO\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009" "F:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe"="F:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV" "F:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe"="F:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV" "F:\Program Files\Steam\Steam.exe"="F:\Program Files\Steam\Steam.exe:*:Enabled:Steam" "F:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe"="F:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe:*:Enabled:Call of Duty: Modern Warfare 2 - Multiplayer" "F:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe"="F:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe:*:Enabled:Call of Duty: Modern Warfare 2" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" ======List of files/folders created in the last 3 months====== 2009-11-30 19:22:11 ----A---- C:\windows\zip.exe 2009-11-30 19:22:11 ----A---- C:\windows\SWXCACLS.exe 2009-11-30 19:22:11 ----A---- C:\windows\SWSC.exe 2009-11-30 19:22:11 ----A---- C:\windows\SWREG.exe 2009-11-30 19:22:11 ----A---- C:\windows\sed.exe 2009-11-30 19:22:11 ----A---- C:\windows\NIRCMD.exe 2009-11-30 19:22:11 ----A---- C:\windows\MBR.exe 2009-11-30 19:22:11 ----A---- C:\windows\grep.exe 2009-11-30 19:19:21 ----SD---- C:\ComboFix 2009-11-30 19:18:51 ----D---- C:\Qoobox 2009-11-30 15:47:19 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Backup 2009-11-30 15:47:13 ----D---- C:\Program Files\Panda Security 2009-11-30 15:47:06 ----A---- C:\windows\system32\HHActiveX.dll 2009-11-30 15:47:03 ----A---- C:\windows\system32\TpUtil.dll 2009-11-30 15:47:03 ----A---- C:\windows\system32\SYSTOOLS.DLL 2009-11-30 15:47:03 ----A---- C:\windows\system32\PavLspHook.dll 2009-11-30 15:47:03 ----A---- C:\windows\system32\pavipc.dll 2009-11-30 15:47:02 ----A---- C:\windows\system32\PavSHook.dll 2009-11-30 15:47:00 ----D---- C:\windows\system32\PAV 2009-11-30 15:47:00 ----A---- C:\windows\system32\avldr.dll 2009-11-30 15:46:59 ----D---- C:\Documents and Settings\GriX\Dane aplikacji\Panda Security 2009-11-30 15:46:59 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Panda Security 2009-11-30 15:40:15 ----D---- C:\Program Files\Common Files\Panda Security 2009-11-29 20:22:49 ----A---- C:\Documents and Settings\GriX\Dane aplikacji\XTDocSettings.ini 2009-11-28 11:50:31 ----D---- C:\Documents and Settings\GriX\Dane aplikacji\RD Technologies 2009-11-28 11:50:31 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\RD Technologies 2009-11-27 22:10:48 ----D---- C:\Program Files\trend micro 2009-11-27 22:10:47 ----D---- C:\rsit 2009-11-27 18:33:11 ----A---- C:\windows\UPGRADE.TXT 2009-11-27 17:42:05 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\ATI 2009-11-27 17:34:07 ----A---- C:\windows\system32\Oemdspif.dll 2009-11-27 17:34:07 ----A---- C:\windows\system32\ativcoxx.dll 2009-11-27 17:34:07 ----A---- C:\windows\system32\atitvo32.dll 2009-11-27 17:34:07 ----A---- C:\windows\system32\atipdlxx.dll 2009-11-27 17:34:07 ----A---- C:\windows\system32\atiok3x2.dll 2009-11-27 17:34:05 ----A---- C:\windows\system32\atioglxx.dll 2009-11-27 17:34:05 ----A---- C:\windows\system32\ATIODE.exe 2009-11-27 17:34:05 ----A---- C:\windows\system32\ATIODCLI.exe 2009-11-27 17:34:05 ----A---- C:\windows\system32\atimpc32.dll 2009-11-27 17:34:05 ----A---- C:\windows\system32\atikvmag.dll 2009-11-27 17:34:05 ----A---- C:\windows\system32\amdpcom32.dll 2009-11-27 17:34:04 ----A---- C:\windows\system32\atiiiexx.dll 2009-11-27 17:34:04 ----A---- C:\windows\system32\ATIDEMGX.dll 2009-11-27 17:34:04 ----A---- C:\windows\system32\ATIDDC.DLL 2009-11-27 17:34:04 ----A---- C:\windows\system32\aticalrt.dll 2009-11-27 17:34:04 ----A---- C:\windows\system32\aticaldd.dll 2009-11-27 17:34:04 ----A---- C:\windows\system32\aticalcl.dll 2009-11-27 17:34:04 ----A---- C:\windows\system32\atibtmon.exe 2009-11-27 17:34:04 ----A---- C:\windows\system32\atiadlxx.dll 2009-11-27 17:34:02 ----A---- C:\windows\system32\Ati2mdxx.exe 2009-11-27 17:34:02 ----A---- C:\windows\system32\ati2evxx.exe 2009-11-27 17:34:02 ----A---- C:\windows\system32\ati2evxx.dll 2009-11-27 17:34:02 ----A---- C:\windows\system32\ati2edxx.dll 2009-11-27 16:59:30 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\SiteAdvisor 2009-11-27 16:59:19 ----D---- C:\Program Files\SiteAdvisor 2009-11-27 16:26:45 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\McAfee 2009-11-25 18:05:38 ----A---- C:\windows\Eurobattle.net Installer Setup Log.txt 2009-11-25 07:08:03 ----HDC---- C:\windows\$NtUninstallKB976098-v2$ 2009-11-25 07:07:57 ----HDC---- C:\windows\$NtUninstallKB973687$ 2009-11-23 19:34:59 ----A---- C:\windows\system32\javaws.exe 2009-11-23 19:34:59 ----A---- C:\windows\system32\javaw.exe 2009-11-23 19:34:59 ----A---- C:\windows\system32\java.exe 2009-11-20 21:43:13 ----D---- C:\Program Files\ATI 2009-11-20 21:13:42 ----A---- C:\windows\Radeon Omega Drivers v4.8.442 Uninstall Log.txt 2009-11-19 16:57:54 ----D---- C:\Documents and Settings\GriX\Dane aplikacji\Download Manager 2009-11-19 16:44:19 ----D---- C:\Documents and Settings\GriX\Dane aplikacji\atitray 2009-11-19 16:39:22 ----A---- C:\windows\Radeon Omega Drivers v4.8.442 Uninstall.exe 2009-11-12 08:32:45 ----HDC---- C:\windows\$NtUninstallKB969947$ 2009-11-10 22:07:48 ----A---- C:\windows\system32\PnkBstrB.exe 2009-11-06 03:14:42 ----A---- C:\windows\system32\xfcodec.dll 2009-11-04 22:12:27 ----N---- C:\windows\system32\spmsg.dll 2009-10-31 17:58:31 ----A---- C:\windows\system32\CmdLineExt.dll 2009-10-27 19:28:27 ----D---- C:\Documents and Settings\GriX\Dane aplikacji\Summer Athletics 2009 2009-10-20 20:09:44 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\TVU Networks 2009-10-15 20:53:51 ----HDC---- C:\windows\$NtUninstallKB958869$ 2009-10-15 20:52:04 ----HDC---- C:\windows\$NtUninstallKB969059$ 2009-10-15 20:52:01 ----HDC---- C:\windows\$NtUninstallKB954155_WM9$ 2009-10-15 20:51:58 ----HDC---- C:\windows\$NtUninstallKB974112$ 2009-10-15 20:51:55 ----HDC---- C:\windows\$NtUninstallKB975025$ 2009-10-15 20:51:52 ----HDC---- C:\windows\$NtUninstallKB974571$ 2009-10-15 20:51:45 ----HDC---- C:\windows\$NtUninstallKB971486$ 2009-10-15 20:51:39 ----HDC---- C:\windows\$NtUninstallKB973525$ 2009-10-15 20:51:32 ----HDC---- C:\windows\$NtUninstallKB975467$ 2009-10-09 14:18:14 ----D---- C:\Documents and Settings\GriX\Dane aplikacji\Dark Sector 2009-09-22 15:16:24 ----A---- C:\windows\system32\XAudio2_5.dll 2009-09-22 15:16:23 ----A---- C:\windows\system32\xactengine3_5.dll 2009-09-22 15:16:23 ----A---- C:\windows\system32\D3DCompiler_42.dll 2009-09-22 15:16:22 ----A---- C:\windows\system32\d3dx11_42.dll 2009-09-22 15:16:22 ----A---- C:\windows\system32\d3dx10_42.dll 2009-09-22 15:16:22 ----A---- C:\windows\system32\d3dcsx_42.dll 2009-09-22 15:16:21 ----A---- C:\windows\system32\D3DX9_42.dll 2009-09-17 17:04:16 ----D---- C:\Program Files\Konami 2009-09-09 20:51:12 ----HDC---- C:\windows\$NtUninstallKB968816_WM9$ 2009-09-09 20:51:09 ----HDC---- C:\windows\$NtUninstallKB956844$ 2009-09-02 14:34:00 ----D---- C:\Documents and Settings\GriX\Dane aplikacji\FUEL 2009-08-31 08:12:35 ----D---- C:\Documents and Settings\GriX\Dane aplikacji\Disney Interactive Studios 2009-08-31 08:08:56 ----A---- C:\windows\disney.ini 2009-08-31 08:08:52 ----A---- C:\windows\disneysy.ini ======List of files/folders modified in the last 3 months====== 2009-11-30 20:06:47 ----D---- C:\windows\Prefetch 2009-11-30 20:04:47 ----D---- C:\windows\Temp 2009-11-30 19:57:16 ----D---- C:\temp 2009-11-30 19:56:26 ----D---- C:\windows\system32\drivers 2009-11-30 19:56:26 ----D---- C:\WINDOWS 2009-11-30 19:53:58 ----D---- C:\windows\system32\CatRoot2 2009-11-30 19:53:48 ----D---- C:\windows\system32 2009-11-30 19:22:20 ----A---- C:\windows\SchedLgU.Txt 2009-11-30 17:13:23 ----A---- C:\windows\NeroDigital.ini 2009-11-30 15:55:33 ----A---- C:\windows\system32\PerfStringBackup.INI 2009-11-30 15:53:49 ----A---- C:\windows\win.ini 2009-11-30 15:51:31 ----D---- C:\Program Files\Common Files 2009-11-30 15:51:22 ----RD---- C:\Program Files 2009-11-30 15:48:41 ----HD---- C:\windows\inf 2009-11-30 15:47:13 ----SHD---- C:\windows\Installer 2009-11-30 15:47:12 ----SHD---- C:\Config.Msi 2009-11-30 15:46:59 ----HD---- C:\Program Files\InstallShield Installation Information 2009-11-30 15:21:45 ----SD---- C:\windows\Tasks 2009-11-30 14:07:37 ----D---- C:\Documents and Settings\GriX\Dane aplikacji\Xfire 2009-11-29 21:32:52 ----D---- C:\windows\system32\config 2009-11-29 15:15:56 ----D---- C:\windows\Minidump 2009-11-28 19:36:12 ----AD---- C:\Documents and Settings\All Users\Dane aplikacji\TEMP 2009-11-28 15:49:36 ----A---- C:\windows\wininit.ini 2009-11-28 10:49:15 ----D---- C:\windows\system32\DirectX 2009-11-28 10:49:04 ----RSD---- C:\windows\assembly 2009-11-27 18:52:59 ----RSHDC---- C:\windows\system32\dllcache 2009-11-27 18:52:49 ----D---- C:\windows\system32\ReinstallBackups 2009-11-27 17:39:51 ----D---- C:\windows\WinSxS 2009-11-27 17:34:36 ----D---- C:\Program Files\ATI Technologies 2009-11-27 16:58:12 ----D---- C:\windows\system32\CatRoot 2009-11-27 15:40:37 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files 2009-11-26 21:41:14 ----D---- C:\Program Files\Common Files\Wise Installation Wizard 2009-11-25 15:37:08 ----SHD---- C:\System Volume Information 2009-11-25 07:08:05 ----A---- C:\windows\imsins.BAK 2009-11-25 07:07:47 ----HD---- C:\windows\$hf_mig$ 2009-11-23 19:34:52 ----D---- C:\Program Files\Java 2009-11-20 21:44:02 ----DC---- C:\windows\system32\DRVSTORE 2009-11-20 19:46:37 ----D---- C:\windows\system32\wbem 2009-11-20 19:46:36 ----D---- C:\windows\Registration 2009-11-14 01:47:57 ----A---- C:\windows\PEV.exe 2009-11-06 15:27:43 ----D---- C:\Documents and Settings\GriX\Dane aplikacji\teamspeak2 2009-11-05 18:36:21 ----A---- C:\windows\system32\MRT.exe 2009-11-04 22:12:26 ----D---- C:\windows\ie8updates 2009-11-01 11:57:03 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite 2009-10-30 06:52:50 ----D---- C:\windows\Help 2009-10-28 16:07:15 ----N---- C:\windows\system32\tzchange.exe 2009-10-22 10:18:25 ----A---- C:\windows\system32\mshtml.dll 2009-10-21 13:30:44 ----D---- C:\Documents and Settings\GriX\Dane aplikacji\gtk-2.0 2009-10-17 07:17:56 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Adobe 2009-10-16 20:59:10 ----D---- C:\Program Files\Common Files\Adobe 2009-10-16 08:36:18 ----D---- C:\windows\Microsoft.NET 2009-10-15 20:54:06 ----D---- C:\Program Files\Internet Explorer 2009-10-11 04:17:27 ----A---- C:\windows\system32\deploytk.dll 2009-10-09 14:16:42 ----D---- C:\Program Files\AGEIA Technologies 2009-10-07 07:50:02 ----A---- C:\windows\system32\ati2dvag.dll 2009-10-07 07:21:08 ----A---- C:\windows\system32\ati3duag.dll 2009-10-07 07:05:40 ----A---- C:\windows\system32\ativvaxx.dll 2009-10-07 06:35:22 ----A---- C:\windows\system32\ati2cqag.dll 2009-09-27 16:41:15 ----SD---- C:\Documents and Settings\GriX\Dane aplikacji\Microsoft 2009-09-18 18:12:28 ----SD---- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft 2009-09-15 16:37:24 ----A---- C:\windows\system32\winsock.dll 2009-09-11 15:19:43 ----A---- C:\windows\system32\msv1_0.dll 2009-09-11 13:28:35 ----D---- C:\windows\security 2009-09-11 13:11:42 ----D---- C:\windows\network diagnostic 2009-09-08 13:22:14 ----A---- C:\windows\wincmd.ini 2009-09-04 22:05:35 ----A---- C:\windows\system32\msasn1.dll 2009-09-04 17:44:40 ----A---- C:\windows\system32\XAPOFX1_3.dll 2009-09-03 20:30:18 ----D---- C:\Documents and Settings\GriX\Dane aplikacji\uTorrent 2009-09-01 20:42:43 ----D---- C:\windows\system32\Restore ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 APPFLT;App Filter Plugin; \??\C:\windows\system32\Drivers\APPFLT.SYS [] R1 asuskbnt;Enhanced Display Driver Helper Service; C:\windows\system32\drivers\atkkbnt.sys [2008-07-03 11136] R1 DSAFLT;DSA Filter Plugin; \??\C:\windows\system32\Drivers\DSAFLT.SYS [] R1 FNETMON;NetMon Filter Plugin; \??\C:\windows\system32\Drivers\fnetmon.SYS [] R1 IDSFLT;Ids Filter Plugin; \??\C:\windows\system32\Drivers\IDSFLT.SYS [] R1 intelppm;Sterownik procesora Intel; C:\windows\system32\DRIVERS\intelppm.sys [2008-04-14 40448] R1 NETFLTDI;Panda Net Driver [TDI Layer]; \??\C:\windows\system32\Drivers\NETFLTDI.SYS [] R1 ShldDrv;Panda File Shield Driver; C:\windows\System32\DRIVERS\ShlDrv51.sys [2008-03-04 41144] R1 WNMFLT;Wifi Monitor Filter Plugin; \??\C:\windows\system32\Drivers\WNMFLT.SYS [] R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.5.0; C:\windows\system32\DRIVERS\AegisP.sys [2009-02-09 21035] R2 atksgt;atksgt; C:\windows\system32\DRIVERS\atksgt.sys [2009-02-09 278984] R2 EIO_XP;EIO_XP; \??\C:\windows\system32\drivers\EIO_XP.sys [] R2 irda;Protokół IrDA; C:\windows\system32\DRIVERS\irda.sys [2008-04-14 88192] R2 lirsgt;lirsgt; C:\windows\system32\DRIVERS\lirsgt.sys [2009-02-09 25416] R2 PAVDRV;pavdrv; C:\windows\system32\DRIVERS\pavdrv51.sys [2008-04-28 84024] R2 PavProc;Panda Process Protection Driver; \??\C:\windows\system32\DRIVERS\PavProc.sys [] R3 asusgsb;ASUS Virtual Video Capture Device Driver; C:\windows\system32\drivers\asusgsb.sys [2008-07-03 12416] R3 ati2mtag;ati2mtag; C:\windows\system32\DRIVERS\ati2mtag.sys [2009-10-07 4486656] R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\windows\system32\drivers\AtiHdmi.sys [2009-02-26 99856] R3 AvFlt;Antivirus Filter Driver; C:\windows\system32\drivers\av5flt.sys [] R3 BlueletAudio;Bluetooth Audio Service; C:\windows\system32\DRIVERS\blueletaudio.sys [2007-03-05 34576] R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\windows\system32\DRIVERS\BlueletSCOAudio.sys [2007-03-05 27792] R3 BT;Bluetooth PAN Network Adapter; C:\windows\system32\DRIVERS\btnetdrv.sys [2007-03-05 18320] R3 ComFiltr;Panda Anti-Dialer; \??\C:\windows\system32\DRIVERS\COMFiltr.sys [] R3 HDAudBus;Sterownik magistrali Microsoft UAA dla High Definition Audio; C:\windows\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 hidusb;Sterownik Microsoft klasy HID; C:\windows\system32\DRIVERS\hidusb.sys [2008-04-14 10368] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RtkHDAud.sys [2007-11-27 4630016] R3 irsir;Sterownik portu szeregowego podczerwieni Microsoft; C:\windows\system32\DRIVERS\irsir.sys [2001-08-17 18688] R3 mouhid;Sterownik myszy HID; C:\windows\system32\DRIVERS\mouhid.sys [2004-08-04 12160] R3 NETIMFLT01060034;PANDA NDIS IM Filter Miniport v1.6.0.34; C:\windows\system32\DRIVERS\neti1634.sys [2008-06-26 197888] R3 PavSRK.sys;PavSRK.sys; \??\C:\windows\system32\PavSRK.sys [] R3 PavTPK.sys;PavTPK.sys; \??\C:\windows\system32\PavTPK.sys [] R3 Rasirda;WAN Miniport (IrDA); C:\windows\system32\DRIVERS\rasirda.sys [2001-08-17 19584] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\windows\System32\Drivers\RootMdm.sys [2004-08-04 5888] R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\windows\system32\DRIVERS\Rtenicxp.sys [2008-01-03 105856] R3 usbehci;Sterownik Miniport rozszerzonego kontrolera hosta USB 2.0 Microsoft; C:\windows\system32\DRIVERS\usbehci.sys [2008-04-14 30208] R3 usbhub;Koncentrator z obsługą USB2; C:\windows\system32\DRIVERS\usbhub.sys [2008-04-14 59520] R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\windows\system32\DRIVERS\usbuhci.sys [2008-04-14 20608] R3 VComm;Virtual Serial port driver; C:\windows\system32\DRIVERS\VComm.sys [2007-03-05 34448] R3 VcommMgr;Bluetooth VComm Manager Service; C:\windows\System32\Drivers\VcommMgr.sys [2007-03-05 44304] R3 Video3D;ASUS Video3D Service; C:\windows\System32\Drivers\Video3D32.sys [2008-07-03 10752] S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\windows\System32\Drivers\btcusb.sys [2007-03-05 39184] S3 CCDECODE;Dekoder napisów; C:\windows\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024] S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\windows\system32\drivers\MSTEE.sys [2008-04-14 5504] S3 NABTSFEC;Koder-dekoder NABTS/FEC VBI; C:\windows\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248] S3 NdisIP;Połączenie TV/wideo firmy Microsoft; C:\windows\system32\DRIVERS\NdisIP.sys [2008-04-14 10880] S3 SLIP;BDA Slip De-Framer; C:\windows\system32\DRIVERS\SLIP.sys [2008-04-14 11136] S3 STIrUsb;Klucz szyfrujący SigmaTel USB-IrDA; C:\windows\system32\DRIVERS\irstusb.sys [2001-08-17 26624] S3 streamip;BDA IPSink; C:\windows\system32\DRIVERS\StreamIP.sys [2008-04-14 15232] S3 usbprint;Klasa PRINTER USB Microsoft; C:\windows\system32\DRIVERS\usbprint.sys [2008-04-14 25856] S3 usbscan;Sterownik skanera USB; C:\windows\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 USBSTOR;Sterownik magazynu masowego USB; C:\windows\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368] S3 WpdUsb;WpdUsb; C:\windows\system32\DRIVERS\wpdusb.sys [2006-10-18 38528] S3 WSTCODEC;Kodery-dekodery teletekstu w standardzie światowym; C:\windows\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\windows\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 IntelIde;IntelIde; C:\windows\system32\drivers\IntelIde.sys [] S4 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2009-11-01 691696] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Ati HotKey Poller;Ati HotKey Poller; C:\windows\system32\Ati2evxx.exe [2009-10-07 602112] R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2008-07-03 262144] R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376] R2 Gwmsrv;Panda Goodware Cache Manager; C:\windows\system32\svchost -k Panda [] R2 Irmon;Monitor podczerwieni; C:\windows\system32\svchost.exe [2008-04-14 14336] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-01-24 73728] R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120] R2 Panda Software Controller;Panda Software Controller; e:\Program Files\Panda Security\Panda Internet Security 2010\PsCtrls.exe [2009-06-01 173312] R2 PAVFNSVR;Panda Function Service; e:\Program Files\Panda Security\Panda Internet Security 2010\PavFnSvr.exe [2009-04-28 169216] R2 PavPrSrv;Panda Process Protection Service; C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe [2008-02-04 62768] R2 PAVSRV;Panda On-Access Anti-Malware Service; e:\Program Files\Panda Security\Panda Internet Security 2010\pavsrv51.exe [2009-05-28 290048] R2 PnkBstrA;PnkBstrA; C:\windows\system32\PnkBstrA.exe [2009-03-03 75064] R2 PnkBstrB;PnkBstrB; C:\windows\system32\PnkBstrB.exe [2009-11-20 215104] R2 PSHost;Panda Host Service; e:\program files\panda security\panda internet security 2010\firewall\PSHOST.EXE [2009-04-08 226560] R2 PSIMSVC;Panda IManager Service; e:\Program Files\Panda Security\Panda Internet Security 2010\PsImSvc.exe [2008-06-19 108288] R2 PskSvcRetail;Panda PSK service; e:\Program Files\Panda Security\Panda Internet Security 2010\PskSvc.exe [2008-06-25 28928] R2 SNMP;Usługa SNMP; C:\windows\System32\snmp.exe [2008-04-14 32768] R2 TPSrv;Panda TPSrv; e:\Program Files\Panda Security\Panda Internet Security 2010\TPSrv.exe [2009-04-17 157440] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\windows\system32\svchost.exe [2008-04-14 14336] S3 aspnet_state;Usuga stanu ASP.NET; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-05-23 654848] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 idsvc;Windows CardSpace; C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 LPDSVC;Serwer wydruku TCP/IP; C:\windows\system32\tcpsvcs.exe [2004-08-04 19456] S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-11-28 800040] S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 SNMPTRAP;Usługa SNMP Trap; C:\windows\System32\snmptrap.exe [2008-04-14 8704] S3 Start BT in service;Start BT in service; F:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [2007-04-21 52080] S3 WMPNetworkSvc;Usługa udostępniania w sieci programu Windows Media Player; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-12-01 918016] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- Link do komentarza Udostępnij na innych stronach More sharing options...
Sevard Napisano Listopad 30, 2009 Zgłoś Share Napisano Listopad 30, 2009 Skoro już użyłeś Combofixa, to wklej log, który wygenerował. Przed instalacją Pandy też tak wolno działał? Przeskanuj kompa za pomocą DrWeb CureIt! oraz Malwarebytes' Anti-Malware, z tego drugiego wklej loga. Link do komentarza Udostępnij na innych stronach More sharing options...
GriX Napisano Grudzień 1, 2009 Autor Zgłoś Share Napisano Grudzień 1, 2009 ComboFix 09-12-01.01 - GriX 2009-12-01 18:15.1.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1250.48.1045.18.2047.1489 [GMT 1:00] Uruchomiony z: c:\documents and settings\GriX\Pulpit\ComboFix.exe AV: Panda Internet Security 2010 *On-access scanning disabled* (Updated) {4570FB70-5C9E-47E9-B16C-A3A6A06C4BF0} FW: Panda Personal Firewall 2010 *disabled* {7B090DC0-8905-4BAF-8040-FD98A41C8FB8} UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !! . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\twain_32.dll . ((((((((((((((((((((((((( Pliki utworzone od 2009-11-01 do 2009-12-01 ))))))))))))))))))))))))))))))) . 2009-11-30 14:53 . 2009-12-01 16:24 13880 ----a-w- c:\windows\system32\drivers\COMFiltr.sys 2009-11-30 14:48 . 2009-11-30 14:48 262 ----a-w- c:\windows\system32\PavCPL.dat 2009-11-30 14:48 . 2009-11-30 14:48 -------- d-----w- c:\documents and settings\GriX\Ustawienia lokalne\Dane aplikacji\Panda Security 2009-11-30 14:46 . 2009-11-30 14:46 -------- d-----w- c:\documents and settings\GriX\Dane aplikacji\Panda Security 2009-11-30 14:46 . 2009-11-30 14:46 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Panda Security 2009-11-30 14:40 . 2008-06-19 16:24 28544 ----a-w- c:\windows\system32\drivers\pavboot.sys 2009-11-30 14:40 . 2009-11-30 14:40 -------- d-----w- c:\program files\Common Files\Panda Security 2009-11-30 14:40 . 2009-06-02 12:12 177416 ----a-w- c:\windows\system32\drivers\PavProc.sys 2009-11-30 14:40 . 2008-03-04 14:59 41144 ----a-w- c:\windows\system32\drivers\ShlDrv51.sys 2009-11-28 14:11 . 2009-11-28 14:11 -------- d-----w- c:\documents and settings\GriX\DoctorWeb 2009-11-28 10:50 . 2009-11-28 10:50 -------- d-----w- c:\documents and settings\GriX\Dane aplikacji\RD Technologies 2009-11-28 10:50 . 2009-11-28 10:50 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\RD Technologies 2009-11-28 08:06 . 2009-11-28 08:06 163 ----a-w- c:\documents and settings\GriX\fix.reg 2009-11-27 21:12 . 2009-09-10 13:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-11-27 21:12 . 2009-09-10 13:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-11-27 21:10 . 2009-11-30 19:06 -------- d-----w- c:\program files\trend micro 2009-11-27 21:10 . 2009-11-27 21:12 -------- d-----w- C:\rsit 2009-11-27 16:42 . 2009-11-27 16:42 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\ATI 2009-11-27 16:03 . 2009-11-27 16:03 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache 2009-11-27 16:00 . 2009-11-27 16:00 -------- d-----w- c:\documents and settings\LocalService\Dane aplikacji\SACore 2009-11-27 15:59 . 2009-11-27 15:59 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\SiteAdvisor 2009-11-27 15:59 . 2009-11-27 15:59 -------- d-----w- c:\program files\SiteAdvisor 2009-11-27 15:26 . 2009-11-30 14:51 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\McAfee 2009-11-25 14:34 . 2009-11-25 14:34 -------- d--h--we c:\documents and settings\All Users\AVP9 2009-11-25 13:53 . 2009-11-25 13:53 -------- d-----w- c:\documents and settings\GriX\Ustawienia lokalne\Dane aplikacji\CAPCOM 2009-11-23 19:07 . 2009-10-16 14:50 2520888 ----a-w- c:\documents and settings\GriX\Dane aplikacji\Mozilla\Firefox\Profiles\ory7kj0p.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll 2009-11-23 19:07 . 2007-05-17 12:58 143360 ----a-w- c:\documents and settings\GriX\Dane aplikacji\Mozilla\Firefox\Profiles\ory7kj0p.default\extensions\firefox@tvunetworks.com\plugins\libexpatw.dll 2009-11-23 19:07 . 2006-10-18 16:32 499712 ----a-w- c:\documents and settings\GriX\Dane aplikacji\Mozilla\Firefox\Profiles\ory7kj0p.default\extensions\firefox@tvunetworks.com\plugins\msvcp71.dll 2009-11-23 19:07 . 2006-10-16 17:44 196608 ----a-w- c:\documents and settings\GriX\Dane aplikacji\Mozilla\Firefox\Profiles\ory7kj0p.default\extensions\firefox@tvunetworks.com\plugins\ssleay32.dll 2009-11-23 19:07 . 2006-10-16 17:44 1028096 ----a-w- c:\documents and settings\GriX\Dane aplikacji\Mozilla\Firefox\Profiles\ory7kj0p.default\extensions\firefox@tvunetworks.com\plugins\libeay32.dll 2009-11-23 19:07 . 2008-03-04 17:52 286720 ----a-w- c:\documents and settings\GriX\Dane aplikacji\Mozilla\Firefox\Profiles\ory7kj0p.default\extensions\firefox@tvunetworks.com\plugins\libcurl.dll 2009-11-23 19:07 . 2007-10-31 08:39 59904 ----a-w- c:\documents and settings\GriX\Dane aplikacji\Mozilla\Firefox\Profiles\ory7kj0p.default\extensions\firefox@tvunetworks.com\plugins\zlib1.dll 2009-11-23 19:07 . 2006-10-18 16:32 348160 ----a-w- c:\documents and settings\GriX\Dane aplikacji\Mozilla\Firefox\Profiles\ory7kj0p.default\extensions\firefox@tvunetworks.com\plugins\msvcr71.dll 2009-11-23 18:34 . 2009-11-23 18:34 152576 ----a-w- c:\documents and settings\GriX\Dane aplikacji\Sun\Java\jre1.6.0_17\lzma.dll 2009-11-23 18:33 . 2009-11-23 18:33 79488 ----a-w- c:\documents and settings\GriX\Dane aplikacji\Sun\Java\jre1.6.0_17\gtapi.dll 2009-11-22 14:00 . 2009-07-30 10:15 14336 ----a-w- c:\windows\system32\drivers\EIO_XP.sys 2009-11-22 13:58 . 2009-11-22 13:57 14336 ----a-w- c:\windows\system32\drivers\EIO64_xp.sys 2009-11-20 20:43 . 2009-11-20 20:43 10134 ----a-r- c:\documents and settings\GriX\Dane aplikacji\Microsoft\Installer\{97720E04-A8F4-F2C3-2755-3352B2F6C840}\ARPPRODUCTICON.exe 2009-11-20 20:43 . 2009-11-20 20:43 -------- d-----w- c:\program files\ATI 2009-11-20 18:46 . 2009-11-20 18:46 -------- d-----w- c:\windows\system32\wbem\Repository 2009-11-19 15:57 . 2009-11-27 16:28 -------- d-----w- c:\documents and settings\GriX\Dane aplikacji\Download Manager 2009-11-19 15:44 . 2009-11-19 15:44 -------- d-----w- c:\documents and settings\GriX\Dane aplikacji\atitray 2009-11-19 15:39 . 2009-11-19 15:39 472576 ----a-w- c:\windows\Radeon Omega Drivers v4.8.442 Uninstall.exe 2009-11-10 21:07 . 2009-11-20 20:11 215104 ----a-w- c:\windows\system32\PnkBstrB.exe 2009-11-06 02:14 . 2009-11-06 02:14 41872 ----a-w- c:\windows\system32\xfcodec.dll 2009-11-05 18:32 . 2009-11-05 18:32 23 --sha-w- c:\windows\system32\edacded0.dat . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-12-01 17:01 . 2009-11-30 14:47 218140 ----a-w- c:\windows\system32\drivers\APPFCONT.DAT.bck 2009-12-01 17:01 . 2009-11-30 14:47 218140 ----a-w- c:\windows\system32\drivers\APPFCONT.DAT 2009-12-01 16:25 . 2009-11-30 14:47 1132 ----a-w- c:\windows\system32\drivers\APPFLTR.CFG.bck 2009-12-01 16:25 . 2009-11-30 14:47 1132 ----a-w- c:\windows\system32\drivers\APPFLTR.CFG 2009-11-30 14:55 . 2004-08-04 12:00 98498 ----a-w- c:\windows\system32\perfc015.dat 2009-11-30 14:55 . 2004-08-04 12:00 532620 ----a-w- c:\windows\system32\perfh015.dat 2009-11-30 14:47 . 2009-11-30 14:47 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Backup 2009-11-30 14:47 . 2009-11-30 14:47 -------- d-----w- c:\program files\Panda Security 2009-11-30 14:46 . 2009-02-09 18:02 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-11-30 13:07 . 2009-08-26 07:11 -------- d-----w- c:\documents and settings\GriX\Dane aplikacji\Xfire 2009-11-29 20:32 . 2009-02-09 18:24 66736 ----a-w- c:\documents and settings\GriX\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT 2009-11-28 18:36 . 2009-04-22 18:35 -------- d---a-w- c:\documents and settings\All Users\Dane aplikacji\TEMP 2009-11-27 16:34 . 2009-02-09 18:17 -------- d-----w- c:\program files\ATI Technologies 2009-11-27 14:40 . 2009-03-30 14:23 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files 2009-11-26 20:41 . 2009-02-10 15:04 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard 2009-11-23 18:34 . 2009-02-09 19:32 -------- d-----w- c:\program files\Java 2009-11-20 19:38 . 2009-06-04 17:39 1324 ----a-w- c:\windows\system32\d3d9caps.dat 2009-11-18 21:29 . 2009-03-03 15:07 138576 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2009-11-15 15:52 . 2009-08-15 21:16 1688384 ----a-w- c:\documents and settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat 2009-11-06 14:27 . 2009-02-10 16:51 -------- d-----w- c:\documents and settings\GriX\Dane aplikacji\teamspeak2 2009-11-01 10:57 . 2009-03-10 16:54 691696 ----a-w- c:\windows\system32\drivers\sptd.sys 2009-11-01 10:57 . 2009-05-05 16:35 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\DAEMON Tools Lite 2009-10-31 16:58 . 2009-10-31 16:58 107888 ----a-w- c:\windows\system32\CmdLineExt.dll 2009-10-30 11:10 . 2009-10-30 11:10 1183176 ----a-w- c:\documents and settings\GriX\Dane aplikacji\Mozilla\Firefox\Profiles\ory7kj0p.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll 2009-10-27 18:28 . 2009-10-27 18:28 -------- d-----w- c:\documents and settings\GriX\Dane aplikacji\Summer Athletics 2009 2009-10-21 12:30 . 2009-02-12 19:01 -------- d-----w- c:\documents and settings\GriX\Dane aplikacji\gtk-2.0 2009-10-20 19:09 . 2009-10-20 19:09 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\TVU Networks 2009-10-16 19:59 . 2009-02-16 13:53 -------- d-----w- c:\program files\Common Files\Adobe 2009-10-13 15:43 . 2009-10-09 13:18 -------- d-----w- c:\documents and settings\GriX\Dane aplikacji\Dark Sector 2009-10-11 03:17 . 2009-02-09 19:32 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-10-09 13:16 . 2009-02-10 15:04 -------- d-----w- c:\program files\AGEIA Technologies 2009-10-07 07:30 . 2008-06-24 14:52 4486656 ----a-w- c:\windows\system32\drivers\ati2mtag.sys 2009-10-07 06:51 . 2009-11-27 16:34 446464 ----a-w- c:\windows\system32\ATIDEMGX.dll 2009-10-07 06:50 . 2008-06-24 14:10 299520 ----a-w- c:\windows\system32\ati2dvag.dll 2009-10-07 06:33 . 2009-11-27 16:34 204800 ----a-w- c:\windows\system32\atipdlxx.dll 2009-10-07 06:32 . 2009-11-27 16:34 155648 ----a-w- c:\windows\system32\Oemdspif.dll 2009-10-07 06:32 . 2009-11-27 16:34 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe 2009-10-07 06:32 . 2009-11-27 16:34 43520 ----a-w- c:\windows\system32\ati2edxx.dll 2009-10-07 06:32 . 2009-11-27 16:34 155648 ----a-w- c:\windows\system32\ati2evxx.dll 2009-10-07 06:31 . 2009-11-27 16:34 602112 ----a-w- c:\windows\system32\ati2evxx.exe 2009-10-07 06:29 . 2009-11-27 16:34 53248 ----a-w- c:\windows\system32\ATIDDC.DLL 2009-10-07 06:21 . 2008-06-24 13:48 3506496 ----a-w- c:\windows\system32\ati3duag.dll 2009-10-07 06:05 . 2008-06-24 13:36 2096384 ----a-w- c:\windows\system32\ativvaxx.dll 2009-10-07 06:05 . 2009-11-27 16:34 12644352 ----a-w- c:\windows\system32\atioglxx.dll 2009-10-07 06:05 . 2009-11-27 16:34 887724 ----a-w- c:\windows\system32\ativva6x.dat 2009-10-07 06:05 . 2009-11-27 16:34 3 ----a-w- c:\windows\system32\ativva5x.dat 2009-10-07 05:54 . 2009-11-27 16:34 311296 ----a-w- c:\windows\system32\atiiiexx.dll 2009-10-07 05:48 . 2009-11-27 16:34 65024 ----a-w- c:\windows\system32\atimpc32.dll 2009-10-07 05:48 . 2009-11-27 16:34 65024 ----a-w- c:\windows\system32\amdpcom32.dll 2009-10-07 05:44 . 2009-11-27 16:34 561152 ----a-w- c:\windows\system32\atikvmag.dll 2009-10-07 05:42 . 2009-11-27 16:34 167936 ----a-w- c:\windows\system32\atiadlxx.dll 2009-10-07 05:41 . 2009-11-27 16:34 17408 ----a-w- c:\windows\system32\atitvo32.dll 2009-10-07 05:41 . 2009-11-27 16:34 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll 2009-10-07 05:35 . 2008-06-24 13:11 638976 ----a-w- c:\windows\system32\ati2cqag.dll 2009-10-07 05:34 . 2009-11-27 16:34 401408 ----a-w- c:\windows\system32\atiok3x2.dll 2009-10-07 04:36 . 2009-11-27 16:34 45056 ----a-w- c:\windows\system32\aticalrt.dll 2009-10-07 04:36 . 2009-11-27 16:34 45056 ----a-w- c:\windows\system32\aticalcl.dll 2009-10-07 04:34 . 2009-11-27 16:34 3489792 ----a-w- c:\windows\system32\aticaldd.dll 2009-10-05 15:32 . 2009-10-05 15:32 53248 ----a-r- c:\documents and settings\GriX\Dane aplikacji\Microsoft\Installer\{59B196D7-0955-4689-907E-0105361E6D7A}\NewShortcut3_F0D90DEADFA745EEA3669D687B60D393.exe 2009-10-05 15:32 . 2009-10-05 15:32 53248 ----a-r- c:\documents and settings\GriX\Dane aplikacji\Microsoft\Installer\{59B196D7-0955-4689-907E-0105361E6D7A}\NewShortcut1_F0D90DEADFA745EEA3669D687B60D393.exe 2009-10-05 15:32 . 2009-10-05 15:32 53248 ----a-r- c:\documents and settings\GriX\Dane aplikacji\Microsoft\Installer\{59B196D7-0955-4689-907E-0105361E6D7A}\ARPPRODUCTICON.exe 2009-09-15 15:37 . 2004-08-04 12:00 2864 ----a-w- c:\windows\system32\winsock.dll 2009-09-11 14:19 . 2004-08-04 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll 2009-09-04 21:05 . 2004-08-04 12:00 58880 ----a-w- c:\windows\system32\msasn1.dll 2009-09-04 16:44 . 2009-09-22 14:16 515416 ----a-w- c:\windows\system32\XAudio2_5.dll 2009-09-04 16:44 . 2009-09-22 14:16 238936 ----a-w- c:\windows\system32\xactengine3_5.dll 2009-09-04 16:44 . 2009-07-28 09:24 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll 2009-09-04 16:29 . 2009-09-22 14:16 453456 ----a-w- c:\windows\system32\d3dx10_42.dll 2009-09-04 16:29 . 2009-09-22 14:16 235344 ----a-w- c:\windows\system32\d3dx11_42.dll 2009-09-04 16:29 . 2009-09-22 14:16 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll 2009-09-04 16:29 . 2009-09-22 14:16 5501792 ----a-w- c:\windows\system32\d3dcsx_42.dll 2009-09-04 16:29 . 2009-09-22 14:16 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "iTracker2"="e:\program files\ASUS\iTracker2iTracker.exe " [X] "SpybotSD TeaTimer"="f:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] "LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-01-24 2289664] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" [X] "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136] "REGSHAVE"="c:\program files\REGSHAVE\REGSHAVE.EXE" [2002-02-04 53248] "Adobe Reader Speed Launcher"="f:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280] "Malwarebytes Anti-Malware (reboot)"="f:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080] "APVXDWIN"="e:\program files\Panda Security\Panda Internet Security 2010\APVXDWIN.EXE" [2009-06-05 574720] "SCANINICIO"="e:\program files\Panda Security\Panda Internet Security 2010\Inicio.exe" [2009-04-21 56064] "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-11-22 16858112] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\All Users\Menu Start\Programy\Autostart\ ASRock WiFi-802.11g.lnk - c:\program files\ASRock WiFi-802.11g\RtWLan.exe [2009-2-9 978944] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB] 2001-12-20 22:34 24576 ----a-w- f:\program files\AlienGUIse\fastload.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr] 2008-03-18 15:58 58672 ----a-w- c:\windows\system32\avldr.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\system32\wbsys.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail] @="Service" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "f:\\Program Files\\Gadu-Gadu\\gg.exe"= "f:\\Program Files\\Electronic Arts\\EADM\\Core.exe"= "f:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"= "f:\\Program Files\\Age of Empires III\\Age of Empires III\\age3.exe"= "f:\\Program Files\\Metin2_PL\\metin2.bin"= "c:\\Documents and Settings\\GriX\\Moje dokumenty\\Left 4 Deat\\Left 4 Dead\\left4dead.exe"= "c:\\WINDOWS\\system32\\dpnsvr.exe"= "f:\\Program Files\\Enigma Software Productions\\Angels vs Devils\\AngelsvsDevils.exe"= "f:\\Program Files\\GameSpy Arcade\\Aphex.exe"= "f:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"= "f:\\Program Files\\TVUPlayer\\TVUPlayer.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "f:\\Program Files\\Codemasters\\FUEL\\FUEL.exe"= "f:\\Program Files\\uTorrent\\utorrent.exe"= "f:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\LaunchGTAIV.exe"= "f:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\GTAIV.exe"= "f:\\Program Files\\Steam\\Steam.exe"= "f:\\Program Files\\Steam\\SteamApps\\common\\call of duty modern warfare 2\\iw4mp.exe"= "f:\\Program Files\\Steam\\SteamApps\\common\\call of duty modern warfare 2\\iw4sp.exe"= R0 pavboot;Panda boot driver;c:\windows\system32\drivers\pavboot.sys [2009-11-30 28544] R1 APPFLT;App Filter Plugin;c:\windows\system32\drivers\APPFLT.SYS [2009-11-30 73728] R1 DSAFLT;DSA Filter Plugin;c:\windows\system32\drivers\dsaflt.sys [2009-11-30 52992] R1 FNETMON;NetMon Filter Plugin;c:\windows\system32\drivers\fnetmon.sys [2009-11-30 22072] R1 IDSFLT;Ids Filter Plugin;c:\windows\system32\drivers\idsflt.sys [2009-11-30 193792] R1 NETFLTDI;Panda Net Driver [TDI Layer];c:\windows\system32\drivers\NETFLTDI.SYS [2009-11-30 15:47 158848] R1 ShldDrv;Panda File Shield Driver;c:\windows\system32\drivers\ShlDrv51.sys [2009-11-30 41144] R1 WNMFLT;Wifi Monitor Filter Plugin;c:\windows\system32\drivers\wnmflt.sys [2009-11-30 46720] R2 Gwmsrv;Panda Goodware Cache Manager;c:\windows\system32\svchost -k Panda --> c:\windows\system32\svchost -k Panda [?] R2 PavProc;Panda Process Protection Driver;c:\windows\system32\drivers\PavProc.sys [2009-11-30 177416] R2 PskSvcRetail;Panda PSK service;e:\program files\Panda Security\Panda Internet Security 2010\psksvc.exe [2009-11-30 28928] R3 AvFlt;Antivirus Filter Driver;c:\windows\system32\drivers\av5flt.sys --> c:\windows\system32\drivers\av5flt.sys [?] R3 ComFiltr;Panda Anti-Dialer;c:\windows\system32\drivers\COMFiltr.sys [2009-11-30 13880] R3 NETIMFLT01060034;PANDA NDIS IM Filter Miniport v1.6.0.34;c:\windows\system32\drivers\neti1634.sys [2009-11-30 197888] R3 PavSRK.sys;PavSRK.sys;\??\c:\windows\system32\PavSRK.sys --> c:\windows\system32\PavSRK.sys [?] R3 PavTPK.sys;PavTPK.sys;\??\c:\windows\system32\PavTPK.sys --> c:\windows\system32\PavTPK.sys [?] S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?] S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2009-03-10 691696] S3 Start BT in service;Start BT in service;f:\program files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [2007-04-21 52080] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] panda REG_MULTI_SZ Gwmsrv [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] "c:\program files\Common Files\LightScribe\LSRunOnce.exe" . . ------- Skan uzupełniający ------- . uInternet Settings,ProxyOverride = *.local IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Compare Prices with &Dealio - c:\documents and settings\GriX\Dane aplikacji\Dealio\kb127\res\DealioSearch.html IE: E&ksport do programu Microsoft Excel - f:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 IE: {{B46B0919-62BA-4D99-A5C4-916B57A6805C} - {B46B0919-62BA-4D99-A5C4-916B57A6805C} - f:\program files\English Translator\English Translator XT\InternetTranslator.dll DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} FF - ProfilePath - c:\documents and settings\GriX\Dane aplikacji\Mozilla\Firefox\Profiles\ory7kj0p.default\ FF - component: c:\documents and settings\GriX\Dane aplikacji\Mozilla\Firefox\Profiles\ory7kj0p.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll FF - plugin: c:\documents and settings\GriX\Dane aplikacji\Mozilla\Firefox\Profiles\ory7kj0p.default\extensions\battlefieldheroespatcher@ea.com\platform\WINNT_x86-msvc\plugins\npBFHUpdater.dll FF - plugin: c:\documents and settings\GriX\Dane aplikacji\Mozilla\Firefox\Profiles\ory7kj0p.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll FF - plugin: c:\documents and settings\GriX\Dane aplikacji\Nowe Gadu-Gadu\_userdata\npgg.1.dll FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll FF - plugin: f:\program files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll FF - plugin: f:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ . - - - - USUNIĘTO PUSTE WPISY - - - - SafeBoot-mcmscsvc SafeBoot-MCODS AddRemove-Steam App 10180 - f:\program files\Steam\steam.exe steam://uninstall/10180 AddRemove-Steam App 10190 - f:\program files\Steam\steam.exe steam://uninstall/10190 ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-12-01 18:19 Windows 5.1.2600 Dodatek Service Pack 3 NTFS skanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ... skanowanie pomyślnie ukończone ukryte pliki: 0 ************************************************************************** . --------------------- ZABLOKOWANE KLUCZE REJESTRU --------------------- [HKEY_USERS\S-1-5-21-2000478354-73586283-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID] @Denied: (Full) (LocalSystem) [HKEY_USERS\S-1-5-21-2000478354-73586283-725345543-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] "??"=hex:de,c2,49,ea,3d,5b,48,3d,cc,f3,42,36,24,7d,d6,d0,86,21,f6,19,72,49,50, b9,f4,4e,f2,de,19,6f,e8,69,ce,51,44,ad,6f,ea,7d,8b,03,b8,61,76,ce,e7,75,3f,\ "??"=hex:c3,b4,69,1f,28,7d,64,6f,bc,7a,7d,2b,ae,70,7a,d5 [HKEY_USERS\S-1-5-21-2000478354-73586283-725345543-1004\Software\SecuROM\License information*] "datasecu"=hex:e1,c2,99,32,b5,a8,96,6f,e6,89,7e,b4,ec,45,fb,0f,3b,8a,98,dd,8b, 09,26,47,83,64,3d,d3,ca,09,77,28,ba,81,5e,b7,12,2e,cb,64,20,ea,0e,be,2a,e4,\ "rkeysecu"=hex:7e,7f,53,c4,57,d8,d4,d4,ab,95,ba,11,6c,28,b8,2c . --------------------- Pliki DLL ładowane pod uruchomionymi procesami --------------------- - - - - - - - > 'winlogon.exe'(1316) c:\windows\system32\Ati2evxx.dll c:\windows\system32\avldr.dll f:\program files\AlienGUIse\fastload.dll . Czas ukończenia: 2009-12-01 18:21 ComboFix-quarantined-files.txt 2009-12-01 17:21 Przed: 27 300 319 232 bajtów wolnych Po: 27 990 040 576 bajtów wolnych - - End Of File - - 77F77C398A218E6DF12DE767F79855CD Link do komentarza Udostępnij na innych stronach More sharing options...
Sevard Napisano Grudzień 1, 2009 Zgłoś Share Napisano Grudzień 1, 2009 Log z Combofixa również jest czysty, ale usunął chyba za dużo. I ponawiam pytanie, czy system zwolnił przed, czy po instalacji Pandy? Link do komentarza Udostępnij na innych stronach More sharing options...
GriX Napisano Grudzień 2, 2009 Autor Zgłoś Share Napisano Grudzień 2, 2009 Przed Link do komentarza Udostępnij na innych stronach More sharing options...
Sevard Napisano Grudzień 2, 2009 Zgłoś Share Napisano Grudzień 2, 2009 Hm, trochę dziwne, bo nie widzę, żeby coś było tworzone, lub zmieniane w czasie pomiędzy usunięciem wirusa, a instalacją Pandy. Jeśli Malwarebytes' i Dr.Web nic nie wykryły, to nie wiem co jeszcze może to być od strony programowej. Uruchom jeszcze menedżer zadań i zobacz, czy coś nie zajmuje dużej ilości pamięci, lub czasu procesora. Link do komentarza Udostępnij na innych stronach More sharing options...
