x-kom hosting

Prośba o sprawdzenie loga

Cassis
utworzono
utworzono (edytowane)
Log do sprawdzenia
Logfile of random's system information tool 1.06 (written by random/random)
Run by Filip at 2009-08-15 18:16:51
Microsoft Windows XP Home Edition Dodatek Service Pack 3
System drive C: has 4 GB (19%) free of 20 GB
Total RAM: 1023 MB (41% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:17:10, on 2009-08-15
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Winamp\winampa.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nowe Gadu-Gadu\gg.exe
C:\Program Files\AutoConnect\AutoConnect.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Nowe Gadu-Gadu\spellchecker_gg.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\msword98.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\msword98.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\braviax.exe
C:\Documents and Settings\Filip\Pulpit\OTL.exe
C:\WINDOWS\system32\dumprep.exe
C:\WINDOWS\system32\dumprep.exe
C:\WINDOWS\system32\dumprep.exe
C:\WINDOWS\system32\dumprep.exe
C:\WINDOWS\system32\dumprep.exe
C:\WINDOWS\system32\dumprep.exe
C:\Documents and Settings\Filip\Pulpit\OTL.exe
C:\WINDOWS\system32\dumprep.exe
C:\WINDOWS\system32\dumprep.exe
C:\WINDOWS\system32\dumprep.exe
C:\WINDOWS\system32\dumprep.exe
C:\Documents and Settings\Filip\Pulpit\RSIT.exe
C:\Program Files\trend micro\Filip.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [msword98] C:\WINDOWS\system32\msword98.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Nowe Gadu-Gadu] "C:\Program Files\Nowe Gadu-Gadu\gg.exe"
O4 - HKCU\..\Run: [AutoConnect] C:\Program Files\AutoConnect\AutoConnect.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [ALLUpdate] "C:\Program Files\ALLPlayer\ALLUpdate.exe" "sleep"
O4 - HKCU\..\Run: [msword98] C:\Documents and Settings\Filip\msword98.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: ikowin32.exe
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: PHOTOfunSTUDIO -viewer-.lnk = C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe
O8 - Extra context menu item: &Ściągnij przy pomocy FlashGet'a - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: &Ściągnij wszystko przy pomocy FlashGet'a - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: Kolekcja wycinków HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Zaznaczanie HP Smart - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1227975366250
O17 - HKLM\System\CCS\Services\Tcpip\..\{2BFFAF57-82D8-4BF0-8031-7A57AF569677}: NameServer = 194.204.159.1 217.98.63.164
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Usługa Google Update (gupdate1c99468f4ea6462) (gupdate1c99468f4ea6462) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

--
End of file - 9441 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} - FlashGet Bar - C:\PROGRA~1\FlashGet\fgiebar.dll [2005-06-07 86016]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-10-07 13574144]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-10-07 86016]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-04-15 77824]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2008-08-04 36352]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-11-26 81000]
"Sony Ericsson PC Suite"=C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2007-06-13 528384]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2009-07-10 195072]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-10-10 39792]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2007-06-29 286720]
"WOOWATCH"=C:\PROGRA~1\NEOSTR~1\Watch.exe []
"WOOTASKBARICON"=C:\PROGRA~1\NEOSTR~1\GestMaj.exe TaskBarIcon.exe []
"AdslTaskBar"=stmctrl.dll,TaskBar []
"SpeedTouch USB Diagnostics"=C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe [2004-01-26 866816]
"msword98"=C:\WINDOWS\system32\msword98.exe [2009-08-15 26686]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"Nowe Gadu-Gadu"=C:\Program Files\Nowe Gadu-Gadu\gg.exe [2009-07-27 10719848]
"AutoConnect"=C:\Program Files\AutoConnect\AutoConnect.exe [2004-08-28 295424]
"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-04-08 251240]
"ALLUpdate"=C:\Program Files\ALLPlayer\ALLUpdate.exe [2009-06-04 869888]
"msword98"=C:\Documents and Settings\Filip\msword98.exe [2009-08-15 26686]

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
PHOTOfunSTUDIO -viewer-.lnk - C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe

C:\Documents and Settings\Filip\Menu Start\Programy\Autostart
ikowin32.exe
OpenOffice.org 3.0.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=95000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Winamp Remote\bin\Orb.exe"="C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb"
"C:\Program Files\Winamp Remote\bin\OrbTray.exe"="C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray"
"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"="C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
"E:\CoD4\iw3mp.exe"="E:\CoD4\iw3mp.exe:*:Enabled:Call of Duty® 4 - Modern Warfare"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Gry\bf1942.exe"="D:\Gry\bf1942.exe:*:Enabled:bf1942"
"C:\Program Files\Nowe Gadu-Gadu\gg.exe"="C:\Program Files\Nowe Gadu-Gadu\gg.exe:*:Enabled:Nowe Gadu-Gadu"
"C:\Program Files\FlashGet\flashget.exe"="C:\Program Files\FlashGet\flashget.exe:*:Enabled:Flashget"
"D:\[ PC Games ] - Age of Empires II(FULL)\empires2.exe"="D:\[ PC Games ] - Age of Empires II(FULL)\empires2.exe:*:Disabled:Age of Empires II"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"D:\BFH\BFHeroes.exe"="D:\BFH\BFHeroes.exe:*:Enabled:BFHeroes"
"D:\Gra\BFV\bfvietnam.exe"="D:\Gra\BFV\bfvietnam.exe:*:Enabled:bfvietnam"
"D:\Gra\BF2\BF2.exe"="D:\Gra\BF2\BF2.exe:*:Enabled:Battlefield 2"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1f98bbf0-bffc-11dd-8cdb-00804829b4d3}]
shell\AutoRun\command - H:\setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{962f8b35-ceae-11dd-8cfa-00804829b4d3}]
shell\Auto\command - RavMonE.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b463c203-be1c-11dd-a667-806d6172696f}]
shell\Play\command - "C:\Program Files\Winamp\winamp.exe" "%1"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c328412e-fa7f-11dd-a2c8-806d6172696f}]
shell\AutoRun\command - G:\LaunchBFII.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d04dbd57-5412-11de-a37a-000e50b10894}]
shell\AutoRun\command - H:\InstallTomTomHOME.exe


======File associations======

.scr - open - "C:\WINDOWS\system32\NOTEPAD.EXE" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2009-08-15 18:16:53 ----D---- C:\Program Files\trend micro
2009-08-15 18:16:51 ----D---- C:\rsit
2009-08-15 18:03:24 ----A---- C:\WINDOWS\system32\wisdstr.exe
2009-08-15 18:03:19 ----A---- C:\WINDOWS\system32\braviax.exe
2009-08-15 17:36:11 ----A---- C:\WINDOWS\system32\msword98.exe
2009-08-15 12:18:02 ----D---- C:\WINDOWS\system32\XPSViewer
2009-08-15 12:17:58 ----D---- C:\Program Files\MSBuild
2009-08-15 12:17:56 ----D---- C:\WINDOWS\system32\en-US
2009-08-15 12:17:50 ----D---- C:\Program Files\Reference Assemblies
2009-08-15 12:17:26 ----N---- C:\WINDOWS\system32\prntvpt.dll
2009-08-15 12:17:25 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2009-08-15 12:17:25 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2009-08-15 12:04:17 ----D---- C:\WINDOWS\system32\Lang
2009-08-15 00:39:22 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Wru
2009-08-15 00:35:50 ----A---- C:\WINDOWS\system32\GnucCOM.dll
2009-08-14 02:03:11 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2009-08-14 02:03:04 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2009-08-14 02:02:58 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2009-08-14 02:02:52 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2009-08-14 02:02:44 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2009-08-14 02:02:38 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2009-08-14 02:02:32 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2009-08-14 02:02:22 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2009-08-14 02:00:31 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2009-08-01 16:46:28 ----HDC---- C:\WINDOWS\$NtUninstallKB972260$
2009-07-17 02:02:30 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
2009-07-17 02:02:23 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-07-17 02:00:38 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$
2009-07-16 18:36:04 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2009-07-16 18:36:03 ----D---- C:\Program Files\DVDVideoSoft

======List of files/folders modified in the last 1 months======

2009-08-15 18:16:53 ----RD---- C:\Program Files
2009-08-15 18:05:11 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-08-15 18:05:05 ----D---- C:\WINDOWS\system32\drivers
2009-08-15 18:03:24 ----D---- C:\WINDOWS\system32
2009-08-15 17:49:36 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-08-15 17:48:22 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Spybot - Search & Destroy
2009-08-15 17:46:27 ----D---- C:\WINDOWS
2009-08-15 17:43:36 ----D---- C:\Program Files\Mozilla Firefox
2009-08-15 17:43:26 ----D---- C:\WINDOWS\Temp
2009-08-15 17:36:23 ----D---- C:\WINDOWS\system32\CatRoot2
2009-08-15 17:36:13 ----D---- C:\WINDOWS\Prefetch
2009-08-15 17:27:49 ----D---- C:\Program Files\AutoConnect
2009-08-15 17:27:38 ----SD---- C:\WINDOWS\Tasks
2009-08-15 14:22:49 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-08-15 13:49:29 ----RSD---- C:\WINDOWS\assembly
2009-08-15 13:46:26 ----D---- C:\WINDOWS\Microsoft.NET
2009-08-15 13:12:56 ----HD---- C:\WINDOWS\inf
2009-08-15 13:12:35 ----HD---- C:\Config.Msi
2009-08-15 12:21:59 ----SHD---- C:\WINDOWS\Installer
2009-08-15 12:21:07 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-08-15 12:20:52 ----D---- C:\WINDOWS\WinSxS
2009-08-15 12:17:55 ----RSD---- C:\WINDOWS\Fonts
2009-08-15 12:17:38 ----D---- C:\WINDOWS\system32\spool
2009-08-15 12:15:34 ----D---- C:\WINDOWS\system32\mui
2009-08-15 01:17:12 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Google Updater
2009-08-14 10:46:37 ----HD---- C:\WINDOWS\$hf_mig$
2009-08-14 02:03:08 ----A---- C:\WINDOWS\imsins.BAK
2009-08-14 02:02:34 ----D---- C:\Program Files\Outlook Express
2009-08-06 12:40:45 ----HD---- C:\Program Files\InstallShield Installation Information
2009-08-05 11:03:32 ----D---- C:\Program Files\FlashGet
2009-08-05 11:01:12 ----A---- C:\WINDOWS\system32\mswebdvd.dll
2009-08-05 04:20:09 ----D---- C:\Downloads
2009-08-01 13:06:29 ----D---- C:\Program Files\Nowe Gadu-Gadu
2009-07-30 02:49:14 ----A---- C:\WINDOWS\system32\MRT.exe
2009-07-18 18:05:06 ----A---- C:\WINDOWS\system32\shdocvw.dll
2009-07-18 18:05:06 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-07-17 21:04:02 ----A---- C:\WINDOWS\system32\atl.dll
2009-07-16 18:36:04 ----D---- C:\Program Files\Common Files
2009-07-16 15:21:34 ----D---- C:\WINDOWS\system32\DirectX

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-11-26 26944]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-11-26 111184]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-11-26 50864]
R1 intelppm;Sterownik procesora Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-11-26 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-11-26 94032]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 alcan5wn;SpeedTouch USB ADSL PPP Networking Driver (NDISWAN); C:\WINDOWS\system32\DRIVERS\alcan5wn.sys [2003-12-08 53600]
R3 alcaudsl;SpeedTouch ADSL Modem ATM Transport; C:\WINDOWS\system32\DRIVERS\alcaudsl.sys [2003-12-08 70688]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-04-19 2317504]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-11-26 23152]
R3 HidUsb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-26 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-10-07 6133856]
R3 rtl8139;Sterownik NT karty Realtek RTL8139(A/B/C)-based PCI Fast Ethernet; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
R3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Sterownik Miniport rozszerzonego kontrolera hosta USB 2.0 Microsoft; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Koncentrator z obsługą USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-03-07 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-03-07 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-03-07 21568]
S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
S3 s115bus;Sony Ericsson Device 115 driver (WDM); C:\WINDOWS\system32\DRIVERS\s115bus.sys [2007-04-23 83208]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s115mdfl.sys [2007-04-23 15112]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s115mdm.sys [2007-04-23 108680]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s115mgmt.sys [2007-04-23 100488]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s115obex.sys [2007-04-23 98568]
S3 usbprint;Klasa PRINTER USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Sterownik skanera USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2009-02-06 109056]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-11-26 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-11-26 155160]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 hpqddsvc;Usługa HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-10-07 163908]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-06-27 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-07-13 189488]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2009-04-08 92008]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-11-26 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-11-26 352920]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate1c99468f4ea6462;Usługa Google Update (gupdate1c99468f4ea6462); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-21 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-29 183280]
S3 aspnet_state;„Usługa stanu ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2009-01-03 85096]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-05-02 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------


Log do sprawdzenia
info.txt logfile of random's system information tool 1.06 2009-08-15 18:17:13

======Uninstall list======

-->MsiExec.exe /I{9A346205-EA92-4406-B1AB-50379DA3F057}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6D12B99F-EAAA-49D8-8E2F-74FA7459CCB2}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Recommended Settings-->MsiExec.exe /I{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}
Adobe Color JA Extra Settings-->MsiExec.exe /I{D92B72E2-C854-4738-8ED6-4C3661CC17AE}
Adobe Color NA Extra Settings-->MsiExec.exe /I{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player 9 ActiveX-->MsiExec.exe /X{BB65C393-C76E-4F06-9B0C-2124AA8AF97B}
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3-->C:\Program Files\Common Files\Adobe\Installers\678cd98c8365a5647f9a2e539d120a8\Setup.exe
Adobe Photoshop CS3-->MsiExec.exe /I{78EFD06D-7583-42F1-9E77-671D8782EB70}
Adobe Reader 8.1.1-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81100000003}
Adobe Setup-->MsiExec.exe /I{CBF4DADD-974D-49C8-BC83-C6F31554001E}
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
Aktualizacja dla systemu Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla programu Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla programu Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB963027)-->"C:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB969897)-->"C:\WINDOWS\$NtUninstallKB969897$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB972260)-->"C:\WINDOWS\$NtUninstallKB972260$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Aktualizator Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
ALLPlayer V4.X-->"C:\Program Files\ALLPlayer\unins000.exe"
Apple Software Update-->MsiExec.exe /I{74EC78BC-B379-4E29-9006-8F161DCAABA6}
Archiwizator WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ArcSoft Software Suite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{497A1721-088F-41EF-8876-B43C9DA5528B}\Setup.exe" -l0x9
AutoCAD 2008 - Polski-->F:\AutoCAD2008\Setup\Setup.exe /P {5783F2D7-6001-0415-0002-0060B0CE6BBA} /M ACAD
AutoConnect v0.1.2.5-->C:\Program Files\AutoConnect\uninst.exe
Autodesk DWF Viewer 7-->MsiExec.exe /I{9A346205-EA92-4406-B1AB-50379DA3F057}
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Battlefield 1942-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}\setup.exe" -l0x9
Battlefield 2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}\setup.exe" -l0x15 -removeonly
Battlefield Heroes-->"D:\BFH\uninstaller.exe" "D:\BFH\Uninstall.xml"
Battlefield Vietnam-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E35B3C63-E958-4E31-A178-95D22024109A}\setup.exe" -l0x9
BurnAware Free 2.3.6-->"C:\Program Files\BurnAware Free\unins000.exe"
Call of Duty® 4 - Modern Warfare-->C:\Program Files\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x0409
easyHDR BASIC-->"C:\Program Files\easyHDR BASIC\uninstall.exe"
FlashGet 1.9.6.1073-->C:\Program Files\FlashGet\uninst.exe
FlashGet(JetCar)-->C:\PROGRA~1\FlashGet\UNWISE.EXE C:\PROGRA~1\FlashGet\INSTALL.LOG
FLV Player 2.0 (build 25)-->C:\Program Files\FLV Player\uninst.exe
Free YouTube to Mp3 Converter version 3.1-->"C:\Program Files\DVDVideoSoft\Free YouTube to Mp3 Converter\unins000.exe"
Gadu-Gadu 7.7-->C:\Program Files\Gadu-Gadu\Setup.exe
Google Earth-->MsiExec.exe /X{CC016F21-3970-11DE-B878-005056806466}
Google SketchUp 7-->MsiExec.exe /I{BEF106F8-2689-4530-925A-E1117836E8CD}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Customer Participation Program 9.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Deskjet All-In-One Software 9.0-->C:\Program Files\HP\Digital Imaging\{FA8A44D7-3E8A-4034-9C4F-088FA6B72BC4}\setup\hpzscr01.exe -datfile hposcr14.dat
HP Imaging Device Functions 9.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Essential 2.01-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Smart Web Printing-->MsiExec.exe /X{415CDA53-9100-476F-A7B2-476691E117C7}
HP Solution Center 9.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{AB40272D-92AB-4F30-B36B-22EDE16F8FE5}
HPSSupply-->MsiExec.exe /X{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}
ipla 1.1.2-->C:\Program Files\ipla\uninst.exe
Java 2 Runtime Environment, SE v1.4.0_03-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AC1E4C93-C1E7-11D6-9D10-00010240CE95}\Setup.exe" Anytext
Microsoft .NET Framework 2.0 — pakiet języka polskiego-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - PLK\install.exe
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (3.0.13)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6.0 Parser-->MsiExec.exe /I{AEB9948B-4FF2-47C9-990E-47014492A0FE}
Nowe Gadu-Gadu-->C:\Program Files\Nowe Gadu-Gadu\Uninstall.exe
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
OpenOffice.org 3.0-->MsiExec.exe /I{31BFEC6C-1F27-45B5-839C-BCBAE327993A}
PDF Settings-->MsiExec.exe /I{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}
PHOTOfunSTUDIO -viewer--->C:\Program Files\InstallShield Installation Information\{9A9DBEBC-C800-4776-A970-D76D6AA405B1}\setup.exe -runfromtemp -l0x0009 -z"Uninstall" -removeonly
Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"
PlayFLV-->"C:\Program Files\PlayFLV\uninstall.exe"
Poprawka dla systemu Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
PunkBuster for Battlefield Vietnam-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D07643A3-CE41-4286-8C78-EB9C83E76DDB}\setup.exe" -l0x9
PunkBuster Services-->C:\WINDOWS\system32\pbsvc.exe -u
QuickTime-->MsiExec.exe /I{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}
Real Alternative 1.9.0 Lite-->"C:\Program Files\Real Alternative\unins000.exe"
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE
Sony Ericsson Device Data-->MsiExec.exe /I{C92E7DF1-624A-4D95-A4C4-18CB491B44A4}
Sony Ericsson Drivers-->MsiExec.exe /I{C60BA916-9E44-4DA4-B11A-9E27B7624EF5}
Sony Ericsson PC Suite-->C:\WINDOWS\Installer\{D6BF6477-8369-489F-8DE6-3731F4B88560}\Setup.exe /uninstall
Sony Ericsson PC Suite-->MsiExec.exe /I{25BEC3AB-5CD4-481D-9143-215C1BBB189E}
SpeedTouch USB Software-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D41FAAA9-8048-4906-86B2-9AADEA1FA0B7}\setup.exe" /l0009 -Control_Panel
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Star Wars Battlefront II-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3D374523-CFDE-461A-827E-2A102E2AB365}\Setup.exe" -l0x9 -removeonly
TomTom HOME 2.6.2.1586-->C:\Program Files\TomTom HOME 2\Uninstall TomTom HOME.exe
TomTom HOME Visual Studio Merge Modules-->MsiExec.exe /I{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}
Tropico-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{818FB39B-1A57-4F1B-A54D-391C33D6C586}\setup.exe" -l0x15
Uninstall 1.0.0.1-->"C:\Program Files\Common Files\DVDVideoSoft\unins000.exe"
VideoLAN VLC media player 0.8.5-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"

======System event log======

Computer Name: NOWICKI
Event Code: 6009
Message: Microsoft ® Windows ® 5.01. 2600 Dodatek Service Pack 3 Multiprocessor Free.

Record Number: 13876
Source Name: EventLog
Time Written: 20090628221438.000000+120
Event Type: informacje
User:

Computer Name: NOWICKI
Event Code: 6006
Message: Zatrzymano usługę Dziennik zdarzeń.

Record Number: 13875
Source Name: EventLog
Time Written: 20090628202355.000000+120
Event Type: informacje
User:

Computer Name: NOWICKI
Event Code: 20159
Message: Połączenie z Jola ustanowione przez użytkownika CWvDAxc@neostrada.pl za pomocą urządzenia ISDN10-0 zostało rozłączone.

Record Number: 13874
Source Name: RemoteAccess
Time Written: 20090628202351.000000+120
Event Type: informacje
User:

Computer Name: NOWICKI
Event Code: 7036
Message: Usługa Usługa COM nagrywania dysków CD IMAPI weszła w stan zatrzymania.

Record Number: 13873
Source Name: Service Control Manager
Time Written: 20090628193131.000000+120
Event Type: informacje
User:

Computer Name: NOWICKI
Event Code: 20158
Message: Użytkownik CWvDAxc@neostrada.pl pomyślnie ustanowił połączenie z Jola za pomocą urządzenia ISDN10-0.

Record Number: 13872
Source Name: RemoteAccess
Time Written: 20090628193126.000000+120
Event Type: informacje
User:

=====Application event log=====

Computer Name: NOWICKI
Event Code: 0
Message:
Record Number: 1940
Source Name: gupdate1c99468f4ea6462
Time Written: 20090507113927.000000+120
Event Type: informacje
User:

Computer Name: NOWICKI
Event Code: 0
Message:
Record Number: 1939
Source Name: gupdate1c99468f4ea6462
Time Written: 20090507113857.000000+120
Event Type: informacje
User:

Computer Name: NOWICKI
Event Code: 11728
Message: Product: Google Update Helper -- Configuration completed successfully.

Record Number: 1938
Source Name: MsiInstaller
Time Written: 20090507113855.000000+120
Event Type: informacje
User: ZARZĄDZANIE NT\SYSTEM

Computer Name: NOWICKI
Event Code: 11729
Message: Product: Google Update Helper -- Configuration failed.

Record Number: 1937
Source Name: MsiInstaller
Time Written: 20090507113853.000000+120
Event Type: informacje
User: ZARZĄDZANIE NT\SYSTEM

Computer Name: NOWICKI
Event Code: 1000
Message: Liczniki wydajności dla usługi WmiApRpl (WmiApRpl) zostały pomyślnie załadowane.
Dane rekordu zawierają nowe wartości indeksu przypisane
do tej usługi.

Record Number: 1936
Source Name: LoadPerf
Time Written: 20090507112908.000000+120
Event Type: informacje
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=C:\Program Files\Common Files\ArcSoft\Bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Common Files\Teleca Shared;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 3, GenuineIntel
"PROCESSOR_REVISION"=0403
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\j2re1.4.0_03\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\j2re1.4.0_03\lib\ext\QTJava.zip

-----------------EOF-----------------

Mateusz J.
komentarz
komentarz

Pobierz i uruchom OTL i w oknie Custom Scans/Fixes wklej następujący skrypt:

:OTLPRC - C:\WINDOWS\explorer.exe (Microsoft Corporation):FilesC:\WINDOWS\system32\msword98.exeC:\WINDOWS\system32\braviax.exeC:\WINDOWS\system32\wisdstr.exe:Reg[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2][HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]"msword98"=-[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]"msword98"=-[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2][HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]"SuperHidden"=dword:00000001[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]"Hidden"=dword:00000001[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]"ShowSuperHidden"=dword:00000001[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]"CheckedValue"=dword:00000001[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]@="":Commands[emptytemp][start explorer][Reboot]

Kliknij w Run Fix i zacznie się usuwanie.

Po ponownym uruchomieniu się komputera pokaż log z usuwania - OTL.

Cassis
komentarz
komentarz

A możesz mi podać tego loga w innym programie bo nie wiem o co chodzi ale OTL mi się wiesza... :o

MarekM25
komentarz
komentarz (edytowane)

Pobierz Avenger. W polu Input script here wklej taki tekst:

Files to delete:C:\WINDOWS\system32\msword98.exeC:\WINDOWS\system32\braviax.exeC:\WINDOWS\system32\wisdstr.exe

Kliknij Execute. Komputer uruchomi się ponownie.

Następnie pokaż plik C:\avenger.txt

Otwórz notatnik tekstowy i wklej do niego poniższy tekst:

Windows Registry Editor Version 5.00[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]"msword98"=-[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]"msword98"=-[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]"SuperHidden"=dword:00000001[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]"Hidden"=dword:00000001[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]"ShowSuperHidden"=dword:00000001[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]"CheckedValue"=dword:00000001[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]@=""

Zapisz jako->Wybierz Wszystkie pliki->wpisz Fix.reg->Następnie kliknij na zapisany plik i uruchom komputer ponownie.

Gość
komentarz
komentarz

STOP tej zabawy!

Wklej log z ComboFixa.

.

Cassis
komentarz
komentarz

Nie wiem co jest grane ale nie odpala mi ComboFix :(

Gość
komentarz
komentarz

Spróbuj uruchomić ComboFixa w Trybie Awaryjnym i zmień jego nazwę na: Combo-Fix.exe , z kreseczką pomiędzy.

.

Cassis
komentarz
komentarz (edytowane)
Log do sprawdzenia
ComboFix 09-08-10.06 - Filip 2009-08-18 12:20.1.2 - NTFSx86 MINIMAL
Microsoft Windows XP Home Edition 5.1.2600.3.1250.48.1045.18.1023.826 [GMT 2:00]
Uruchomiony z: c:\documents and settings\Filip\Pulpit\Combo-Fix.exe
AV: avast! antivirus 4.8.1296 [VPS 090815-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !!
.

((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Filip\Dane aplikacji\wiaserva.log
c:\documents and settings\Filip\Menu Start\Programy\Autostart\ikowin32.exe
c:\documents and settings\Filip\oashdihasidhasuidhiasdhiashdiuasdhasd
c:\documents and settings\LocalService\oashdihasidhasuidhiasdhiashdiuasdhasd
c:\windows\braviax.exe
c:\windows\cru629.dat
c:\windows\system32\AutoRun.inf
c:\windows\system32\braviax.exe
c:\windows\system32\cru629.dat
c:\windows\system32\dllcache\figaro.sys
c:\windows\system32\Drivers\vfonljm.sys
c:\windows\system32\wisdstr.exe

c:\windows\system32\drivers\beep.sys . . . jest zainfekowany!!


.
((((((((((((((((((((((((( Pliki utworzone od 2009-07-18 do 2009-08-18 )))))))))))))))))))))))))))))))
.

2009-08-17 21:50 . 2009-08-17 21:51 -------- d-----w- c:\windows\LastGood
2009-08-16 17:58 . 2009-08-16 17:58 -------- d-----w- c:\documents and settings\Filip\Ustawienia lokalne\Dane aplikacji\ESET
2009-08-16 17:40 . 2009-08-16 17:40 -------- d-----w- c:\documents and settings\LocalService\Ustawienia lokalne\Dane aplikacji\ESET
2009-08-16 17:36 . 2009-08-16 17:36 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\ESET
2009-08-16 16:45 . 2009-08-16 16:45 -------- d-----w- C:\_OTL
2009-08-16 16:44 . 2009-08-16 17:35 619200 -c--a-w- c:\windows\system32\dllcache\ntfs.sys
2009-08-15 16:23 . 2009-08-16 17:33 142 ----a-w- c:\documents and settings\Filip\delself.bat
2009-08-15 16:16 . 2009-08-15 16:17 -------- d-----w- c:\program files\trend micro
2009-08-15 16:16 . 2009-08-15 16:17 -------- d-----w- C:\rsit
2009-08-15 10:18 . 2009-08-15 10:18 -------- d-----w- c:\windows\system32\XPSViewer
2009-08-15 10:17 . 2009-08-15 10:17 -------- d-----w- c:\program files\MSBuild
2009-08-15 10:17 . 2009-08-15 10:17 -------- d-----w- c:\program files\Reference Assemblies
2009-08-15 10:17 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-08-15 10:17 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-08-15 10:17 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-08-15 10:17 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-08-15 10:17 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-08-15 10:17 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2009-08-15 10:17 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-08-15 10:04 . 2009-08-15 10:04 -------- d-----w- c:\windows\system32\Lang
2009-08-14 22:39 . 2009-08-14 22:39 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Wru
2009-08-14 22:35 . 2004-06-22 19:06 1040384 ----a-w- c:\windows\system32\GnucCOM.dll
2009-08-13 22:22 . 2009-07-10 13:31 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2009-08-05 20:53 . 2009-08-05 20:53 16384 ----a-w- c:\program files\uik.dat
2009-08-05 20:53 . 2009-08-06 10:05 4 ----a-w- c:\program files\is.dat
2009-08-05 09:01 . 2009-08-05 09:01 205312 -c----w- c:\windows\system32\dllcache\mswebdvd.dll

.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-18 09:11 . 2009-02-15 21:29 -------- d-----w- c:\program files\ipla
2009-08-17 21:49 . 2009-02-21 21:09 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Google Updater
2009-08-17 21:49 . 2008-11-30 10:56 -------- d-----w- c:\program files\AutoConnect
2009-08-16 17:32 . 2004-08-04 12:00 619200 ----a-w- c:\windows\system32\drivers\ntfs.sys
2009-08-15 16:03 . 2008-11-29 14:38 49640 ----a-w- c:\documents and settings\Filip\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
2009-08-15 15:49 . 2008-11-30 15:58 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-08-15 15:48 . 2008-11-30 15:58 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Spybot - Search & Destroy
2009-08-15 10:21 . 2004-08-04 12:00 83880 ----a-w- c:\windows\system32\perfc015.dat
2009-08-15 10:21 . 2004-08-04 12:00 490628 ----a-w- c:\windows\system32\perfh015.dat
2009-08-06 10:40 . 2008-11-29 14:31 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-08-05 10:30 . 2009-05-07 10:22 1 ----a-w- c:\documents and settings\Filip\Dane aplikacji\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-08-05 09:03 . 2008-11-29 15:32 -------- d-----w- c:\program files\FlashGet
2009-08-05 09:01 . 2004-08-04 12:00 205312 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-01 11:06 . 2009-02-14 12:01 -------- d-----w- c:\program files\Nowe Gadu-Gadu
2009-07-17 19:04 . 2004-08-04 12:00 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-17 13:26 . 2009-02-14 10:29 760 ----a-w- c:\windows\eReg.dat
2009-07-16 16:36 . 2009-07-16 16:36 -------- d-----w- c:\program files\Common Files\DVDVideoSoft
2009-07-16 16:36 . 2009-07-16 16:36 -------- d-----w- c:\program files\DVDVideoSoft
2009-07-13 19:27 . 2009-07-13 19:27 -------- d-----w- c:\program files\directx
2009-07-13 19:25 . 2008-11-29 14:31 -------- d-----w- c:\program files\Common Files\InstallShield
2009-07-13 18:29 . 2009-06-26 23:16 139016 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-07-13 18:29 . 2009-06-26 23:16 189488 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-07-12 10:21 . 2004-08-04 12:00 233472 ----a-w- c:\windows\system32\wmpdxm.dll
2009-06-26 23:16 . 2009-06-26 23:16 139152 ----a-w- c:\documents and settings\Filip\Dane aplikacji\PnkBstrK.sys
2009-06-26 23:16 . 2009-06-26 23:16 139152 ----a-w- c:\documents and settings\Filip\Dane aplikacji\PnkBstrK.sys
2009-06-26 23:16 . 2009-06-26 23:16 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-06-26 23:16 . 2009-06-26 23:16 794408 ----a-w- c:\windows\system32\pbsvc.exe
2009-06-26 16:51 . 2004-08-04 12:00 669184 ----a-w- c:\windows\system32\wininet.dll
2009-06-26 16:51 . 2004-08-04 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll
2009-06-25 14:36 . 2009-06-26 22:30 1291640 ----a-w- c:\documents and settings\Filip\Dane aplikacji\Mozilla\Firefox\Profiles\a7nwxdvf.default\extensions\battlefieldheroespatcher@ea.com\platform\WINNT_x86-msvc\plugins\BFHUpdater.exe
2009-06-25 14:36 . 2009-06-26 22:30 729088 ----a-w- c:\documents and settings\Filip\Dane aplikacji\Mozilla\Firefox\Profiles\a7nwxdvf.default\extensions\battlefieldheroespatcher@ea.com\platform\WINNT_x86-msvc\plugins\npBFHUpdater.dll
2009-06-25 10:51 . 2009-06-25 10:51 -------- d-----w- c:\program files\BurnAware Free
2009-06-20 19:22 . 2009-06-20 19:22 -------- d-----w- c:\program files\ALLPlayer
2009-06-20 19:22 . 2009-06-20 19:22 -------- d-----w- c:\program files\NAPI-PROJEKT
2009-06-20 19:21 . 2009-06-20 19:21 130048 ----a-w- c:\windows\system32\xvidvfw.dll
2009-06-20 19:21 . 2009-06-20 19:21 258048 ----a-w- c:\windows\system32\libFLAC.dll
2009-06-20 19:21 . 2009-06-20 19:21 892928 ----a-w- c:\windows\system32\iconv.dll
2009-06-20 19:21 . 2009-06-20 19:21 75264 ----a-w- c:\windows\system32\MACDec.dll
2009-06-20 19:20 . 2009-06-20 19:20 1291776 ----a-w- c:\windows\system32\quartzXP.dll
2009-06-20 19:20 . 2009-06-20 19:20 108032 ----a-w- c:\windows\system32\avi.dll
2009-06-20 19:20 . 2009-06-20 19:20 246784 ----a-w- c:\windows\system32\dxr.dll
2009-06-20 19:20 . 2009-06-20 19:20 141312 ----a-w- c:\windows\system32\mp4.dll
2009-06-20 19:20 . 2009-06-20 19:20 148480 ----a-w- c:\windows\system32\mkx.dll
2009-06-20 19:20 . 2009-06-20 19:20 159744 ----a-w- c:\windows\system32\mmfinfo.dll
2009-06-20 19:20 . 2009-06-20 19:20 120832 ----a-w- c:\windows\system32\ogm.dll
2009-06-20 19:20 . 2009-06-20 19:20 163840 ----a-w- c:\windows\system32\ts.dll
2009-06-20 19:20 . 2009-06-20 19:20 79360 ----a-w- c:\windows\system32\mkzlib.dll
2009-06-20 19:20 . 2009-06-20 19:20 23552 ----a-w- c:\windows\system32\mkunicode.dll
2009-06-20 19:19 . 2009-06-20 19:19 1416015 ----a-w- c:\windows\system32\ffmpegmt.dll
2009-06-20 19:19 . 2009-06-20 19:19 557469 ----a-w- c:\windows\system32\libmplayer.dll
2009-06-20 19:19 . 2009-06-20 19:19 146098 ----a-w- c:\windows\system32\libmpeg2_ff.dll
2009-06-20 19:19 . 2009-06-20 19:19 4471092 ----a-w- c:\windows\system32\libavcodec.dll
2009-06-20 19:19 . 2009-06-20 19:19 98304 ----a-w- c:\windows\system32\ff_wmv9.dll
2009-06-20 19:19 . 2009-06-20 19:19 113152 ----a-w- c:\windows\system32\ff_unrar.dll
2009-06-20 19:19 . 2009-06-20 19:19 183296 ----a-w- c:\windows\system32\ff_samplerate.dll
2009-06-20 19:18 . 2009-06-20 19:18 178688 ----a-w- c:\windows\system32\ff_libmad.dll
2009-06-20 19:18 . 2009-06-20 19:18 486400 ----a-w- c:\windows\system32\ff_libfaad2.dll
2009-06-20 19:18 . 2009-06-20 19:18 257024 ----a-w- c:\windows\system32\ff_libdts.dll
2009-06-20 19:18 . 2009-06-20 19:18 142848 ----a-w- c:\windows\system32\ff_liba52.dll
2009-06-20 19:18 . 2009-06-20 19:18 2041363 ----a-w- c:\windows\system32\x264vfw.dll
2009-06-20 19:18 . 2009-06-20 19:18 237568 ----a-w- c:\windows\system32\OggDS.dll
2009-06-20 19:18 . 2009-06-20 19:18 921600 ----a-w- c:\windows\system32\vorbisenc.dll
2009-06-20 19:18 . 2009-06-20 19:18 188416 ----a-w- c:\windows\system32\vorbis.dll
2009-06-20 19:18 . 2009-06-20 19:18 45056 ----a-w- c:\windows\system32\ogg.dll
2009-06-20 19:18 . 2009-06-20 19:18 1415680 ----a-w- c:\windows\system32\WMV9VCM.dll
2009-06-20 19:18 . 2009-06-20 19:18 245760 ----a-w- c:\windows\system32\mplvpx.dll
2009-06-20 19:18 . 2009-06-20 19:18 9216 ----a-w- c:\windows\system32\cpuinf32.dll
2009-06-20 19:17 . 2009-03-17 22:50 -------- d-----w- c:\program files\Real Alternative
2009-06-20 19:17 . 2009-06-20 19:17 524288 ----a-w- c:\windows\system32\DivXsm.exe
2009-06-20 19:17 . 2009-06-20 19:17 69632 ----a-w- c:\windows\system32\divxconfig.exe
2009-06-16 14:40 . 2004-08-04 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-16 14:40 . 2004-08-04 12:00 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-15 10:45 . 2004-08-04 12:00 78336 ----a-w- c:\windows\system32\telnet.exe
2009-06-10 14:15 . 2004-08-04 12:00 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-06-10 07:22 . 2008-11-29 13:32 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-06-10 06:16 . 2004-08-04 12:00 132096 ----a-w- c:\windows\system32\wkssvc.dll
2009-06-03 19:11 . 2004-08-04 12:00 1294848 ----a-w- c:\windows\system32\quartz.dll
2009-05-28 09:23 . 2009-05-28 09:23 42088 ----a-w- c:\documents and settings\Filip\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll
2009-05-28 08:34 . 2009-05-28 08:34 11264 ----a-w- c:\documents and settings\Filip\Dane aplikacji\Nowe Gadu-Gadu\_userdata\npgg.1.dll
.

------- Sigcheck -------


[-] 2009-08-17 21:51 29184 C4000A48F953D36167A7DF84F98A2634 c:\windows\system32\dllcache\beep.sys

[7] 2004-08-04 12:00 574592 B78BE402C3F63DD55521F73876951CDD c:\windows\$NtServicePackUninstall$\ntfs.sys
[7] 2008-04-13 19:15 574976 78A08DD6A8D65E697C18E1DB01C5CDCA c:\windows\ServicePackFiles\i386\ntfs.sys
[-] 2009-08-16 17:35 619200 5D407322AA69AC6E7B17C81B48DEB327 c:\windows\system32\dllcache\ntfs.sys
[-] 2009-08-16 17:32 619200 5D407322AA69AC6E7B17C81B48DEB327 c:\windows\system32\drivers\ntfs.sys

c:\windows\system32\appmgmts.dll ... - brak elementu !!
c:\windows\system32\drivers\beep.sys ... - brak elementu !!
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"Nowe Gadu-Gadu"="c:\program files\Nowe Gadu-Gadu\gg.exe" [2009-07-27 10719848]
"AutoConnect"="c:\program files\AutoConnect\AutoConnect.exe" [2004-08-28 295424]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2009-04-08 251240]
"ALLUpdate"="c:\program files\ALLPlayer\ALLUpdate.exe" [2009-06-04 869888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-07 13574144]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-10-07 86016]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-08-03 36352]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2007-06-13 528384]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2009-07-10 195072]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 39792]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2007-06-29 286720]
"SpeedTouch USB Diagnostics"="c:\program files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-01-26 866816]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2008-10-07 1630208]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2005-04-15 77824]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Filip\Menu Start\Programy\Autostart\
OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2008-12-15 384000]

c:\documents and settings\All Users\Menu Start\Programy\Autostart\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]
PHOTOfunSTUDIO -viewer-.lnk - c:\program files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe [2009-1-10 40960]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"e:\\CoD4\\iw3mp.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Gry\\bf1942.exe"=
"c:\\Program Files\\Nowe Gadu-Gadu\\gg.exe"=
"c:\\Program Files\\FlashGet\\flashget.exe"=
"d:\\[ PC Games ] - Age of Empires II(FULL)\\empires2.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"d:\\BFH\\BFHeroes.exe"=
"d:\\Gra\\BFV\\bfvietnam.exe"=
"d:\\Gra\\BF2\\BF2.exe"=

S1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-11-30 111184]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-11-30 20560]
S2 gupdate1c99468f4ea6462;Usługa Google Update (gupdate1c99468f4ea6462);c:\program files\Google\Update\GoogleUpdate.exe [2009-02-21 133104]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [2009-04-08 92008]
S3 s115bus;Sony Ericsson Device 115 driver (WDM);c:\windows\system32\drivers\s115bus.sys [2008-12-20 83208]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;c:\windows\system32\drivers\s115mdfl.sys [2008-12-20 15112]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;c:\windows\system32\drivers\s115mdm.sys [2008-12-20 108680]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s115mgmt.sys [2008-12-20 100488]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;c:\windows\system32\drivers\s115obex.sys [2008-12-20 98568]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Zawartość folderu 'Zaplanowane zadania'

2009-04-16 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-06-03 12:42]

2009-08-17 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-12-20 23:32]

2009-08-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-21 21:11]

2009-08-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-21 21:11]
.
- - - - USUNIĘTO PUSTE WPISY - - - -

HKCU-Run-msword98 - c:\documents and settings\Filip\msword98.exe
HKLM-Run-WOOWATCH - c:\progra~1\NEOSTR~1\Watch.exe
HKLM-Run-WOOTASKBARICON - c:\progra~1\NEOSTR~1\GestMaj.exe
HKLM-Run-AdslTaskBar - stmctrl.dll


.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
uInternet Connection Wizard,ShellNext = iexplore
IE: &Ściągnij przy pomocy FlashGet'a - c:\program files\FlashGet\jc_link.htm
IE: &Ściągnij wszystko przy pomocy FlashGet'a - c:\program files\FlashGet\jc_all.htm
FF - ProfilePath - c:\documents and settings\Filip\Dane aplikacji\Mozilla\Firefox\Profiles\a7nwxdvf.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.wp.pl/
FF - component: c:\documents and settings\Filip\Dane aplikacji\Mozilla\Firefox\Profiles\a7nwxdvf.default\extensions\doudehou@gmail.com\components\statusbarEx.dll
FF - plugin: c:\documents and settings\Filip\Dane aplikacji\Mozilla\Firefox\Profiles\a7nwxdvf.default\extensions\battlefieldheroespatcher@ea.com\platform\WINNT_x86-msvc\plugins\npBFHUpdater.dll
FF - plugin: c:\documents and settings\Filip\Dane aplikacji\Nowe Gadu-Gadu\_userdata\npgg.1.dll
FF - plugin: c:\documents and settings\Filip\Dane aplikacji\Nowe Gadu-Gadu\_userdata\nppl3260.dll
FF - plugin: c:\documents and settings\Filip\Dane aplikacji\Nowe Gadu-Gadu\_userdata\nprpjplug.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\j2re1.4.0_03\bin\NPJava11.dll
FF - plugin: c:\program files\Java\j2re1.4.0_03\bin\NPJava12.dll
FF - plugin: c:\program files\Java\j2re1.4.0_03\bin\NPJava13.dll
FF - plugin: c:\program files\Java\j2re1.4.0_03\bin\NPJava32.dll
FF - plugin: c:\program files\Java\j2re1.4.0_03\bin\NPJPI140_03.dll
FF - plugin: c:\program files\Java\j2re1.4.0_03\bin\NPOJI610.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin8.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-18 12:28
Windows 5.1.2600 Dodatek Service Pack 3 NTFS

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ...

skanowanie pomyślnie ukończone
ukryte pliki: 0

**************************************************************************
.
Czas ukończenia: 2009-08-18 12:30
ComboFix-quarantined-files.txt 2009-08-18 10:30

Przed: 4 392 226 816 bajtów wolnych
Po: 4 428 591 104 bajtów wolnych

260 --- E O F --- 2009-08-17 21:51



Niestety wirusy dalej są. :(
Gość
komentarz
komentarz

1. Przeskanuj komputer programem ---> Dr. Web CureIt!.

Po szybkim skanowaniu wybierasz Pełne Skanowanie leczysz/usuwasz to co znajdzie.

Po skanowaniu wrzucasz nam raport.

.

Cassis
komentarz
komentarz

Dziękuje Panowie za poświęcenie czasu, niestety wczoraj wieczorem komputer zaczął żyć własnym życiem uniemożliwiając mi nawet połączenie się z internetem. Skończyło się formatowaniem. Jeśli macie jakieś wskazówki odnośnie bezpieczeństwa po sformatowaniu to z chęcią skorzystam.

Jeszcze raz Wielkie Dzięki.

Pozdrawiam Serdecznie

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.