x-kom hosting

Log Do sprawdzenia

Pierdyl
utworzono
utworzono

Witam! Mam taki problem że nie mam dzwięku w kompie, po restarcie komputera pojawiał mi się błąd z servises.exe i zaczynało się odliczanie 1 minuta do restartu komputera. Winamp się nie włącza pojawiają się błędy. Kupiłem nawet nową kartę graficzną ale problem pozostał. Na komputerze nadal nie ma dzwięku. Tu jest log.

Log do sprawdzenia
ComboFix 09-08-22.06 - Pierdyl 2009-08-23 11:42.10.2 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.3.1250.48.1045.18.3327.2910 [GMT 2:00]

Uruchomiony z: c:\documents and settings\Pierdyl\Pulpit\ComboFix.exe

AV: AVG Internet Security Network Edition *On-access scanning enabled* (Outdated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

.

((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\documents and settings\Pierdyl\Dane aplikacji\wiaserva.log

c:\documents and settings\Pierdyl\Menu Start\Programy\Autostart\ikowin32.exe

c:\documents and settings\Pierdyl\Pulpit\[Torrentsworld.net] - Video Copilot - Action movie essentials.torrent

c:\documents and settings\Pierdyl\Pulpit\[Torrentsworld.net] - Video Copilot - Action movie essentials.torrent

c:\program files\AskSearch\bin\DefaultSearch.dll

c:\windows\Fonts\img hearts.ttf

c:\windows\Fonts\img travel.ttf

c:\windows\Installer\90da4.msi

c:\windows\system32\drivers\872fc0f.sys

c:\windows\system32\drivers\d6540963.sys

c:\windows\system32\kr_done1

.

((((((((((((((((((((((((((((((((((((((( Sterowniki/Usługi )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Service_872fc0f

-------\Service_d6540963

((((((((((((((((((((((((( Pliki utworzone od 2009-07-23 do 2009-08-23 )))))))))))))))))))))))))))))))

.

2010-07-10 11:37 . 2010-07-10 11:37 -------- d-----w- c:\program files\ASIO4ALL v2

2010-07-10 11:37 . 2006-06-20 08:56 225280 ------w- c:\windows\system32\rewire.dll

2010-07-10 11:37 . 2009-03-30 16:38 -------- d-----w- c:\program files\Image-Line

2009-12-18 14:53 . 2009-12-18 14:53 -------- d-----w- c:\documents and settings\Pierdyl\Ustawienia lokalne\Dane aplikacji\Rockstar Games

2009-12-18 12:56 . 2009-12-18 12:56 -------- d-----w- c:\program files\MSBuild

2009-12-18 12:55 . 2009-12-18 12:57 -------- d-----w- c:\windows\system32\XPSViewer

2009-12-18 12:54 . 2009-12-18 12:54 -------- d-----w- c:\program files\Reference Assemblies

2009-12-18 12:54 . 2006-06-29 12:07 14048 ------w- c:\windows\system32\spmsg2.dll

2009-08-23 09:01 . 2003-10-14 08:58 376832 ----a-r- c:\windows\system32\Mam2Pan.exe

2009-08-23 09:01 . 2003-10-14 08:58 53248 ----a-r- c:\windows\system32\Mam2Asio.dll

2009-08-23 09:01 . 2008-04-14 17:21 23552 ----a-w- c:\windows\system32\wdmaud.drv

2009-08-23 09:01 . 2003-10-14 08:59 25648 ----a-r- c:\windows\system32\drivers\Mam2Wdm.sys

2009-08-23 09:01 . 2003-10-14 08:58 29968 ----a-r- c:\windows\system32\drivers\Mam2.sys

2009-08-23 09:01 . 2008-04-13 18:19 146048 ----a-w- c:\windows\system32\drivers\portcls.sys

2009-08-23 09:01 . 2008-04-13 17:45 60160 ----a-w- c:\windows\system32\drivers\drmk.sys

2009-08-23 09:01 . 2008-04-14 16:20 4096 ----a-w- c:\windows\system32\ksuser.dll

2009-08-23 09:01 . 2008-04-13 17:45 49408 ----a-w- c:\windows\system32\drivers\stream.sys

2009-08-14 22:07 . 2009-08-14 22:07 737280 ----a-w- c:\windows\iun6002.exe

2009-08-14 22:07 . 2009-08-14 22:07 -------- d-----w- c:\program files\Codec Pack - All In 1

2009-08-14 20:22 . 2009-08-14 20:22 -------- d-----w- c:\program files\MainConcept

2009-08-10 11:04 . 2009-08-10 11:04 -------- d-----w- c:\documents and settings\Pierdyl\Ustawienia lokalne\Dane aplikacji\ArcSoft

2009-08-10 11:04 . 2009-08-10 12:53 -------- d-----w- c:\documents and settings\Pierdyl\Dane aplikacji\ArcSoft

2009-08-10 11:04 . 2009-08-13 20:06 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\ArcSoft

2009-08-10 11:03 . 2006-11-10 13:05 18688 ----a-w- c:\windows\system32\drivers\afc.sys

2009-08-10 11:03 . 2005-04-27 14:36 245408 ----a-w- c:\windows\system32\unicows.dll

2009-08-10 11:03 . 2009-08-10 11:03 -------- d-----w- c:\program files\Common Files\ArcSoft

2009-08-10 11:03 . 2009-08-10 11:03 -------- d-----w- c:\program files\ArcSoft

.

(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-12-19 19:51 . 2008-12-19 19:50 107888 ------w- c:\windows\system32\CmdLineExt.dll

2009-08-23 09:21 . 2002-09-28 23:00 87166 ----a-w- c:\windows\system32\perfc015.dat

2009-08-23 09:21 . 2002-09-28 23:00 493860 ----a-w- c:\windows\system32\perfh015.dat

2009-08-23 09:18 . 2003-11-03 14:27 1 ----a-w- c:\documents and settings\Pierdyl\Dane aplikacji\OpenOffice.org\3\user\uno_packages\cache\stamp.sys

2009-08-22 12:05 . 2009-03-22 17:36 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Google Updater

2009-08-14 20:26 . 2006-06-02 12:09 -------- d-----w- c:\program files\ffdshow

2009-08-14 18:07 . 2009-05-12 18:24 -------- d-----w- c:\program files\HyperLobbyPro3

2009-08-13 19:45 . 2000-08-06 16:36 50312 ----a-w- c:\documents and settings\Pierdyl\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT

2009-08-11 11:06 . 2003-07-09 15:00 -------- d--h--w- c:\program files\InstallShield Installation Information

2009-06-16 14:40 . 2004-08-03 23:44 119808 ------w- c:\windows\system32\t2embed.dll

2009-06-16 14:40 . 2002-09-28 23:00 81920 ------w- c:\windows\system32\fontsub.dll

2009-06-03 19:11 . 2004-08-03 23:44 1294848 ------w- c:\windows\system32\quartz.dll

2009-06-02 16:11 . 2006-06-02 12:09 85504 ----a-w- c:\windows\system32\ff_vfw.dll

2009-05-26 11:20 . 2009-01-26 20:33 40160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2009-05-26 11:19 . 2009-01-26 20:33 19096 ----a-w- c:\windows\system32\drivers\mbam.sys

2006-06-01 08:49 . 2006-06-01 08:41 17665 ----a-w- c:\program files\uninstal.log

2003-11-03 15:07 . 2004-04-23 15:06 499712 ----a-w- c:\program files\msvcp71.dll

2003-11-03 15:07 . 2004-04-23 15:06 348160 ----a-w- c:\program files\msvcr71.dll

2003-05-30 07:22 . 2003-09-08 07:09 344064 ----a-r- c:\program files\msvcr70.dll

2002-01-05 01:40 . 2003-09-08 07:09 487424 ----a-w- c:\program files\msvcp70.dll

.

((((((((((((((((((((((((((((( SnapShot@2009-08-04_22.23.26 )))))))))))))))))))))))))))))))))))))))))

.

+ 2009-08-23 09:48 . 2009-08-23 09:48 16384 c:\windows\Temp\Perflib_Perfdata_158.dat

- 2006-06-02 12:09 . 2007-07-28 07:56 60273 c:\windows\system32\pthreadGC2.dll

+ 2006-06-02 12:09 . 2008-06-08 21:58 60273 c:\windows\system32\pthreadGC2.dll

- 2002-09-28 23:00 . 2006-08-04 19:59 70066 c:\windows\system32\perfc009.dat

+ 2002-09-28 23:00 . 2009-08-23 09:21 70066 c:\windows\system32\perfc009.dat

+ 2005-10-14 09:56 . 2002-10-04 21:04 45056 c:\windows\system32\ogg.dll

+ 2005-10-14 09:56 . 2002-11-15 10:11 77824 c:\windows\system32\MMSwitch.dll

+ 2005-10-14 09:56 . 2002-11-18 13:02 40960 c:\windows\system32\MMAVILNG.exe

+ 2004-08-04 00:44 . 2008-04-14 16:21 23552 c:\windows\system32\dllcache\wdmaud.drv

+ 2004-08-03 23:08 . 2004-07-09 02:27 48512 c:\windows\system32\dllcache\stream.sys

+ 2003-07-09 15:00 . 2008-04-13 17:45 60160 c:\windows\system32\dllcache\drmk.sys

- 2003-07-09 15:01 . 2006-08-01 13:02 49152 c:\windows\system32\ChCfg.exe

+ 2003-07-09 15:01 . 2006-08-01 07:02 49152 c:\windows\system32\ChCfg.exe

+ 2003-07-09 15:00 . 2006-07-21 08:14 86016 c:\windows\SoundMan.exe

- 2003-07-09 15:00 . 2006-07-21 14:14 86016 c:\windows\SoundMan.exe

+ 2009-07-05 21:06 . 2009-07-05 21:06 22528 c:\windows\Installer\15d95eba.msi

- 2006-08-04 19:23 . 2005-05-03 16:43 69632 c:\windows\Alcmtr.exe

+ 2006-08-11 15:38 . 2005-05-03 10:43 69632 c:\windows\Alcmtr.exe

+ 2003-07-09 15:00 . 2002-12-11 22:14 4096 c:\windows\system32\dllcache\ksuser.dll

+ 2006-01-19 01:29 . 2006-01-19 01:29 8704 c:\windows\Installer\155e55a.msp

+ 2005-10-14 09:56 . 2005-12-30 18:10 761856 c:\windows\system32\xvidcore.dll

+ 2005-10-14 09:56 . 2004-02-10 09:15 344064 c:\windows\system32\xvid.dll

+ 2005-10-14 09:56 . 2002-10-04 21:04 921600 c:\windows\system32\VorbisEnc.dll

+ 2005-10-14 09:56 . 2002-10-04 21:04 188416 c:\windows\system32\vorbis.dll

+ 2005-10-14 09:56 . 2003-04-29 08:13 155136 c:\windows\system32\unrar.dll

+ 2003-07-09 15:00 . 2007-03-07 06:59 131072 c:\windows\system32\RTCOM\RtlCPAPI.dll

- 2003-07-09 15:00 . 2007-03-07 12:59 131072 c:\windows\system32\RTCOM\RtlCPAPI.dll

- 2003-07-09 15:00 . 2007-03-15 12:39 262144 c:\windows\system32\RTCOM\RTCOMDLL.dll

+ 2003-07-09 15:00 . 2007-03-15 06:39 262144 c:\windows\system32\RTCOM\RTCOMDLL.dll

+ 2002-09-28 23:00 . 2009-08-23 09:21 435920 c:\windows\system32\perfh009.dat

- 2002-09-28 23:00 . 2006-08-04 19:59 435920 c:\windows\system32\perfh009.dat

+ 2005-10-14 09:56 . 2002-10-06 16:42 237568 c:\windows\system32\OggDS.dll

+ 2004-03-16 08:58 . 2008-04-13 18:19 146048 c:\windows\system32\dllcache\portcls.sys

+ 2005-10-14 09:56 . 2005-11-23 03:00 778240 c:\windows\system32\DivXsm.exe

+ 2004-11-23 10:05 . 2004-11-23 10:05 394752 c:\windows\system32\DEMOMCDVD_32.DLL

+ 2006-10-31 09:10 . 2006-10-31 09:10 286208 c:\windows\Microsoft.NET\Framework\v3.0\Windows Workflow Foundation\PL\WF_Langpack_x86.msi

+ 2006-10-30 03:04 . 2006-10-30 03:04 557056 c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\vs_setup.msi

+ 2006-10-31 09:02 . 2006-10-31 09:02 475136 c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Polish Language Pack\vs_setup.msi

+ 2000-07-19 08:21 . 2000-07-19 08:21 331264 c:\windows\Installer\eee9793.msi

+ 2003-09-19 16:51 . 2003-09-19 16:51 216576 c:\windows\Installer\b46fbb.msi

+ 2000-08-05 18:11 . 2000-08-05 18:11 213504 c:\windows\Installer\863503.msi

+ 2006-07-27 14:27 . 2006-07-27 14:27 455680 c:\windows\Installer\70e80.msi

+ 2006-07-27 14:27 . 2006-07-27 14:27 335360 c:\windows\Installer\70e7a.msi

+ 2008-12-19 22:24 . 2008-12-19 22:24 827904 c:\windows\Installer\49c59b.msi

+ 2008-12-19 22:24 . 2008-12-19 22:24 850944 c:\windows\Installer\49c591.msi

+ 2005-05-11 17:26 . 2005-05-11 17:26 302592 c:\windows\Installer\48f9a7.msi

+ 2007-01-26 22:19 . 2007-01-26 22:19 432640 c:\windows\Installer\40f4de.msi

+ 2006-06-01 04:53 . 2006-06-01 04:53 370176 c:\windows\Installer\3f1b02c.msi

+ 2009-12-18 12:57 . 2009-12-18 12:57 407552 c:\windows\Installer\363fe5.msi

+ 2009-12-18 12:57 . 2009-12-18 12:57 672256 c:\windows\Installer\363fdf.msi

+ 2009-12-18 12:57 . 2009-12-18 12:57 117760 c:\windows\Installer\363fd9.msi

+ 2009-12-18 12:57 . 2009-12-18 12:57 408576 c:\windows\Installer\363fd3.msi

+ 2009-12-18 12:56 . 2009-12-18 12:56 454144 c:\windows\Installer\363fc7.msi

+ 2009-12-18 12:56 . 2009-12-18 12:56 472576 c:\windows\Installer\363fc1.msi

+ 2009-12-18 12:55 . 2009-12-18 12:55 525824 c:\windows\Installer\363fb5.msi

+ 2009-12-18 12:54 . 2009-12-18 12:54 867840 c:\windows\Installer\363faf.msi

+ 2003-07-09 16:26 . 2003-07-09 16:26 297472 c:\windows\Installer\280465.msi

+ 2003-12-11 14:47 . 2003-12-11 14:47 723968 c:\windows\Installer\1c9a7a0.msi

+ 2009-05-30 14:00 . 2009-05-30 14:00 618496 c:\windows\Installer\155e566.msi

+ 2003-07-09 14:50 . 2003-07-09 14:50 265216 c:\windows\Installer\11b77.msi

+ 2008-09-09 19:34 . 2008-09-09 19:34 431104 c:\windows\Installer\1083897.msi

+ 2006-08-06 20:23 . 2006-08-06 20:23 471552 c:\windows\Applian FLV Player\uninstall.exe

+ 2004-07-17 10:35 . 2004-07-17 10:35 1356288 c:\windows\system32\webfldrs.msi

+ 2003-07-09 16:38 . 2009-08-13 20:58 1482752 c:\windows\system32\FNTCACHE.DAT

+ 2003-07-09 15:00 . 2007-03-26 11:21 4395008 c:\windows\system32\drivers\RtkHDAud.sys

- 2003-07-09 15:00 . 2007-03-26 17:21 4395008 c:\windows\system32\drivers\RtkHDAud.sys

- 2003-07-09 15:00 . 2007-03-16 13:06 1822720 c:\windows\SkyTel.exe

+ 2003-07-09 15:00 . 2007-03-16 07:06 1822720 c:\windows\SkyTel.exe

+ 2008-09-09 12:33 . 2004-07-17 10:35 1356288 c:\windows\ServicePackFiles\i386\webfldrs.msi

- 2003-07-09 15:00 . 2007-01-16 08:39 1191936 c:\windows\RtlUpd.exe

+ 2003-07-09 15:00 . 2007-01-16 02:39 1191936 c:\windows\RtlUpd.exe

- 2003-07-09 15:00 . 2007-03-23 17:19 9715200 c:\windows\RTLCPL.exe

+ 2003-07-09 15:00 . 2007-03-23 11:19 9715200 c:\windows\RTLCPL.exe

+ 2006-10-31 09:10 . 2006-10-31 09:10 1424896 c:\windows\Microsoft.NET\Framework\v3.0\WPF\pl\wpflangpack.msi

+ 2006-07-26 05:13 . 2006-07-26 05:13 2723840 c:\windows\Microsoft.NET\Framework\v3.0\Windows Workflow Foundation\WF_3.0_x86.msi

+ 2009-12-18 12:54 . 2009-12-18 12:54 8044544 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\wcf.msi

+ 2009-12-18 12:57 . 2009-12-18 12:57 1130496 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation Language Pack - PLK\langpack.msi

+ 2009-12-18 12:57 . 2009-12-18 12:57 2082816 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - PLK\langpack.msi

+ 2007-05-25 11:08 . 2007-05-25 11:08 9609728 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp

- 2003-07-09 15:00 . 2006-10-11 15:42 2157568 c:\windows\MicCal.exe

+ 2003-07-09 15:00 . 2006-10-11 09:42 2157568 c:\windows\MicCal.exe

+ 2007-02-21 14:10 . 2007-02-21 14:10 9778688 c:\windows\Installer\f0a653.msi

+ 2007-02-21 14:08 . 2007-02-21 14:08 1383424 c:\windows\Installer\f09841.msi

+ 2006-05-22 14:34 . 2006-05-22 14:34 1013248 c:\windows\Installer\e5fc93e.msi

+ 2000-08-25 20:16 . 2000-08-25 20:16 3044864 c:\windows\Installer\e3dc78.msi

+ 2006-05-22 12:47 . 2006-05-22 12:47 1401344 c:\windows\Installer\dfd610e.msi

+ 2003-11-28 12:27 . 2003-11-28 12:27 6695936 c:\windows\Installer\da8563b.msi

+ 2006-06-02 11:21 . 2006-06-02 11:21 8992256 c:\windows\Installer\a0b072.msi

+ 2006-06-02 11:20 . 2006-06-02 11:20 1549312 c:\windows\Installer\a0b06e.msi

+ 2009-08-14 20:22 . 2009-08-14 20:22 1616896 c:\windows\Installer\65d9c.msi

+ 2000-09-09 04:43 . 2000-09-09 04:43 2109440 c:\windows\Installer\3ec591e.msi

+ 2003-12-09 06:12 . 2003-12-09 06:12 3443712 c:\windows\Installer\3998507.msi

+ 2009-12-18 12:57 . 2009-12-18 12:57 1115648 c:\windows\Installer\363fcd.msi

+ 2009-12-18 12:55 . 2009-12-18 12:55 1142784 c:\windows\Installer\363fbb.msi

+ 2007-02-10 19:39 . 2007-02-10 19:39 1499648 c:\windows\Installer\31c44.msi

+ 2006-03-07 22:15 . 2006-03-07 22:15 1100288 c:\windows\Installer\27bf3e7.msi

+ 2000-08-06 16:30 . 2000-08-06 16:30 2346496 c:\windows\Installer\250c9.msi

+ 2000-08-06 16:29 . 2000-08-06 16:29 1718272 c:\windows\Installer\250bb.msi

+ 2000-08-06 16:29 . 2000-08-06 16:29 1758720 c:\windows\Installer\250b5.msi

+ 2000-08-06 16:29 . 2000-08-06 16:29 1716736 c:\windows\Installer\250af.msi

+ 2000-08-06 16:29 . 2000-08-06 16:29 1954304 c:\windows\Installer\250a9.msi

+ 2000-08-06 16:28 . 2000-08-06 16:28 1826816 c:\windows\Installer\250a3.msi

+ 2000-08-06 16:28 . 2000-08-06 16:28 1726976 c:\windows\Installer\2509d.msi

+ 2000-08-06 16:28 . 2000-08-06 16:28 1730048 c:\windows\Installer\25097.msi

+ 2000-08-06 16:28 . 2000-08-06 16:28 1720832 c:\windows\Installer\25091.msi

+ 2000-08-06 16:28 . 2000-08-06 16:28 1761792 c:\windows\Installer\2508b.msi

+ 2000-08-06 16:27 . 2000-08-06 16:27 1735680 c:\windows\Installer\25085.msi

+ 2000-08-06 16:27 . 2000-08-06 16:27 1744384 c:\windows\Installer\2507f.msi

+ 2000-08-06 16:27 . 2000-08-06 16:27 1842688 c:\windows\Installer\25079.msi

+ 2000-08-06 16:27 . 2000-08-06 16:27 2159104 c:\windows\Installer\25072.msi

+ 2000-08-06 16:26 . 2000-08-06 16:26 1715712 c:\windows\Installer\2506c.msi

+ 2000-08-06 16:26 . 2000-08-06 16:26 1728000 c:\windows\Installer\25065.msi

+ 2000-08-06 16:26 . 2000-08-06 16:26 1718272 c:\windows\Installer\2505f.msi

+ 2000-08-06 16:26 . 2000-08-06 16:26 1761792 c:\windows\Installer\25059.msi

+ 2000-08-06 16:26 . 2000-08-06 16:26 1753088 c:\windows\Installer\25053.msi

+ 2000-08-06 16:25 . 2000-08-06 16:25 1720832 c:\windows\Installer\2504d.msi

+ 2000-08-06 16:25 . 2000-08-06 16:25 2595840 c:\windows\Installer\25047.msi

+ 2000-08-06 16:24 . 2000-08-06 16:24 1826304 c:\windows\Installer\25041.msi

+ 2000-08-06 16:24 . 2000-08-06 16:24 1716736 c:\windows\Installer\2503b.msi

+ 2000-08-06 16:24 . 2000-08-06 16:24 1886208 c:\windows\Installer\25035.msi

+ 2000-08-06 16:23 . 2000-08-06 16:23 1774592 c:\windows\Installer\2502e.msi

+ 2003-12-11 15:33 . 2003-12-11 15:33 1598976 c:\windows\Installer\1f3a8cd.msi

+ 2009-05-30 14:02 . 2009-05-30 14:02 1472000 c:\windows\Installer\155e57e.msi

+ 2009-05-30 14:01 . 2009-05-30 14:01 4669952 c:\windows\Installer\155e578.msi

+ 2009-05-30 14:01 . 2009-05-30 14:01 3094016 c:\windows\Installer\155e571.msi

+ 2009-05-30 14:00 . 2009-05-30 14:00 3862016 c:\windows\Installer\155e560.msi

+ 2006-06-01 04:53 . 2006-06-01 04:53 1941504 c:\windows\Downloaded Installations\{CF4BB2B6-19F4-488A-8DE4-39EF20850E2D}\AlgolithAESetup.msi

+ 2003-07-09 15:00 . 2006-05-04 08:26 2808832 c:\windows\alcwzrd.exe

- 2003-07-09 15:00 . 2006-05-04 14:26 2808832 c:\windows\alcwzrd.exe

- 2003-07-09 15:00 . 2007-03-21 12:49 16126464 c:\windows\RTHDCPL.exe

+ 2003-07-09 15:00 . 2007-03-21 06:49 16126464 c:\windows\RTHDCPL.exe

+ 2006-10-21 04:58 . 2006-10-21 04:58 11390464 c:\windows\Microsoft.NET\Framework\v3.0\WPF\wpf.msi

+ 2005-09-23 05:48 . 2005-09-23 05:48 24863744 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\netfx.msi

+ 2003-10-02 20:30 . 2003-10-02 20:30 31099392 c:\windows\Installer\d66f4c.msi

+ 2000-07-23 07:54 . 2000-07-23 07:54 16405504 c:\windows\Installer\bc9cd88.msi

+ 2009-01-30 12:00 . 2009-01-30 12:00 15256576 c:\windows\Installer\87cd88.msp

+ 2007-01-26 22:20 . 2007-01-26 22:20 19210240 c:\windows\Installer\40f525.msp

+ 2006-07-16 06:54 . 2006-07-16 06:54 23847424 c:\windows\Installer\22475f4.msi

+ 2009-05-30 13:59 . 2009-05-30 13:59 14827520 c:\windows\Installer\155e559.msi

+ 2006-03-03 14:40 . 2006-03-03 14:40 105034240 c:\windows\Installer\f176a.msi

.

-- Migawka wyzerowana --

.

((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane

REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "c:\program files\Winamp Toolbar\winamptb.dll" [2009-02-19 1262888]

[HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}]

[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1]

[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]

[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2006-02-22 4608]

"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-19 39408]

"Google Update"="c:\documents and settings\Pierdyl\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe" [2006-04-14 133104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SpeedTouch USB Diagnostics"="c:\program files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-01-26 866816]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2003-12-11 136600]

"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2000-08-28 1235736]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-15 13680640]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-01-15 86016]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]

"WOOWATCH"="c:\progra~1\NEOSTR~1\Watch.exe" [2003-10-16 20480]

"WOOTASKBARICON"="c:\progra~1\NEOSTR~1\TaskbarIcon.exe" [2003-10-16 53248]

"WooCnxMon"="c:\progra~1\NEOSTR~1\CnxMon.exe" [2003-10-16 24576]

"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2006-06-21 198160]

"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2009-07-10 195072]

"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2009-01-15 1657376]

"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-03-21 16126464]

"Mam2Pan"="Mam2Pan.Exe" - c:\windows\system32\Mam2Pan.exe [2003-10-14 376832]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]

2000-08-28 07:52 10520 ------w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Gamma Loader.lnk]

path=c:\documents and settings\All Users\Menu Start\Programy\Autostart\Adobe Gamma Loader.lnk

backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Pierdyl^Menu Start^Programy^Autostart^Adobe Gamma.lnk]

path=c:\documents and settings\Pierdyl\Menu Start\Programy\Autostart\Adobe Gamma.lnk

backup=c:\windows\pss\Adobe Gamma.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Pierdyl^Menu Start^Programy^Autostart^OpenOffice.org 3.0.lnk]

path=c:\documents and settings\Pierdyl\Menu Start\Programy\Autostart\OpenOffice.org 3.0.lnk

backup=c:\windows\pss\OpenOffice.org 3.0.lnkStartup

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Java\\j2re1.4.0_03\\bin\\javaw.exe"=

"d:\\GRY\\Supreme Commander FA\\Supreme Commander - Forged Alliance\\bin\\ForgedAlliance.exe"=

"d:\\PROGRAMY\\uTorrent.exe"=

"d:\\GRY\\S.T.A.L.K.E.R. - Clear Sky\\bin\\xrEngine.exe"=

"d:\\GRY\\S.T.A.L.K.E.R. - Clear Sky\\bin\\dedicated\\xrEngine.exe"=

"d:\\Games\\NORMAL\\Dead Space\\Dead Space.exe"=

"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\WINDOWS\\system32\\wbem\\wmiapsrv.exe"=

"c:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"=

"d:\\GRY\\Grand Theft Auto IV\\LaunchGTAIV.exe"=

"d:\\GRY\\Grand Theft Auto IV\\GTAIV.exe"=

R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2000-08-28 12936]

R0 mv61xx;mv61xx;c:\windows\system32\drivers\mv61xx.sys [2007-02-13 143360]

R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2000-08-28 97928]

R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2000-08-28 76040]

R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2000-08-28 875288]

R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2000-08-28 231704]

R2 PStrip;PStrip;c:\windows\system32\drivers\pstrip.sys [2007-07-15 27992]

R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\atl01_xp.sys [2003-07-09 38656]

R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [2003-10-31 33792]

R3 mam2_01;Service for Maya44 MKII 1;c:\windows\system32\drivers\Mam2Wdm.sys [2009-08-23 25648]

R3 mam2_aa;Service for Maya44 MKII Audio Driver (EWDM);c:\windows\system32\drivers\Mam2.sys [2009-08-23 29968]

S2 gupdate1c9ab159ef0bb6;Usługa Google Update (gupdate1c9ab159ef0bb6);c:\program files\Google\Update\GoogleUpdate.exe [2009-03-22 133104]

S2 Kmm4xNT;Kmm4xNT;c:\windows\system32\drivers\KMM4XNT.SYS [2003-09-23 95484]

S3 Ndisprot;ArcNet NDIS Protocol Driver;c:\windows\system32\drivers\ndisprot.sys [2003-11-11 27904]

S3 WinRing0_1_0_1;WinRing0_1_0_1;\??\c:\docume~1\Pierdyl\USTAWI~1\Temp\Rar$EX00.344\WinRing0.sys --> c:\docume~1\Pierdyl\USTAWI~1\Temp\Rar$EX00.344\WinRing0.sys [?]

.

Zawartość folderu 'Zaplanowane zadania'

2009-08-18 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2009-08-23 c:\windows\Tasks\Google Software Updater.job

- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-02-19 17:36]

2009-08-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-22 17:38]

2009-08-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-22 17:38]

2009-08-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-115176313-839522115-1003Core.job

- c:\documents and settings\Pierdyl\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2006-04-14 13:11]

2009-08-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-115176313-839522115-1003UA.job

- c:\documents and settings\Pierdyl\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2006-04-14 13:11]

.

.

------- Skan uzupełniający -------

.

uSearch Page = hxxp://www.google.com

uStart Page = hxxp://www.ask.com/?o=13166&l=dis

uDefault_Search_URL = hxxp://www.google.com/ie

uSearch Bar = hxxp://www.google.com/ie

mDefault_Search_URL = hxxp://www.google.com/ie

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

mSearchAssistant = hxxp://www.google.com/ie

IE: &Winamp Search - c:\documents and settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html

IE: { - c:\program files\Messenger\msmsgs.exe

FF - ProfilePath - c:\documents and settings\Pierdyl\Dane aplikacji\Mozilla\Firefox\Profiles\d5k2xrtr.default\

FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query=

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - http:/google.pl

FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13165&gct=&gc=1&q=

FF - component: c:\documents and settings\Pierdyl\Dane aplikacji\Mozilla\Firefox\Profiles\d5k2xrtr.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll

FF - component: c:\program files\DAEMON Tools Toolbar\FirefoxDTT\components\DTToolbarFF.dll

FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll

FF - plugin: c:\documents and settings\Pierdyl\Ustawienia lokalne\Dane aplikacji\Google\Update\1.2.183.7\npGoogleOneClick8.dll

FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll

FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\NPZoneSB.dll

.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-08-23 11:49

Windows 5.1.2600 Dodatek Service Pack 3 NTFS

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ...

skanowanie pomyślnie ukończone

ukryte pliki: 0

**************************************************************************

.

--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------

[HKEY_USERS\S-1-5-21-1614895754-115176313-839522115-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]

"??"=hex:f9,88,cd,21,9f,e7,3e,bf,57,ee,58,15,5f,3d,bf,e2,d5,79,0c,d3,3a,6c,65,

1e,b0,46,93,c8,02,a8,4a,dc,4b,14,43,67,f0,1b,15,bd,ca,84,2f,19,c5,39,25,ba,\

"??"=hex:70,38,3b,8c,39,45,1b,1c,3a,6c,68,2e,5d,3d,84,6c

[HKEY_USERS\S-1-5-21-1614895754-115176313-839522115-1003\Software\SecuROM\License information*]

"datasecu"=hex:49,a8,68,c0,0d,c6,57,af,c6,40,b5,a0,f5,61,2d,ef,9b,0b,99,b9,b9,

e5,0d,f5,c3,05,73,d0,a9,f8,f1,3b,fe,05,18,2d,20,4c,7c,42,a2,f9,64,90,c3,a7,\

"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\WINDOWS\\system32\\OLE32.DLL"

"cd042efbbd7f7af1647644e76e06692b"=hex:2e,e8,e1,00,eb,16,2b,de,68,bf,21,0e,91,

b9,08,da,e2,63,26,f1,3f,c8,ff,68,76,86,81,47,ad,31,34,ed,e2,63,26,f1,3f,c8,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\WINDOWS\\system32\\OLE32.DLL"

"bca643cdc5c2726b20d2ecedcc62c59b"=hex:6a,9c,d6,61,af,45,84,18,d7,3b,27,1c,49,

24,7b,e3,6a,9c,d6,61,af,45,84,18,40,15,6a,9c,3a,52,3c,e1,6a,9c,d6,61,af,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\WINDOWS\\system32\\OLE32.DLL"

"2c81e34222e8052573023a60d06dd016"=hex:25,da,ec,7e,55,20,c9,26,2d,c2,58,b0,da,

b9,24,c8,ff,7c,85,e0,43,d4,0e,fe,16,c9,ce,7a,bc,bc,bf,a8,ff,7c,85,e0,43,d4,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\WINDOWS\\system32\\OLE32.DLL"

"2582ae41fb52324423be06337561aa48"=hex:3e,1e,9e,e0,57,5a,93,61,d8,69,cf,ba,61,

a8,e9,aa,86,8c,21,01,be,91,eb,e7,91,2d,12,e7,51,33,33,11,86,8c,21,01,be,91,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\WINDOWS\\system32\\OLE32.DLL"

"caaeda5fd7a9ed7697d9686d4b818472"=hex:f5,1d,4d,73,a8,13,5c,05,01,11,13,60,37,

b2,3a,a3,f5,1d,4d,73,a8,13,5c,05,b4,f8,c0,bc,f2,f6,25,68,f5,1d,4d,73,a8,13,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\WINDOWS\\system32\\OLE32.DLL"

"a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:df,20,58,62,78,6b,cf,c8,0b,2b,bd,4e,65,

4d,85,d3,df,20,58,62,78,6b,cf,c8,4d,eb,36,17,0c,68,36,b1,df,20,58,62,78,6b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\WINDOWS\\system32\\OLE32.DLL"

"4d370831d2c43cd13623e232fed27b7b"=hex:fb,a7,78,e6,12,2f,9a,ea,14,2c,d8,1f,0d,

b9,ec,fb,fb,a7,78,e6,12,2f,9a,ea,6d,e7,5b,1d,17,92,5b,18,fb,a7,78,e6,12,2f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\WINDOWS\\system32\\OLE32.DLL"

"1d68fe701cdea33e477eb204b76f993d"=hex:83,6c,56,8b,a0,85,96,ab,0a,43,b1,0d,62,

30,f8,60,01,3a,48,fc,e8,04,4a,f1,0b,4c,c4,22,77,65,aa,98,01,3a,48,fc,e8,04,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\WINDOWS\\system32\\OLE32.DLL"

"1fac81b91d8e3c5aa4b0a51804d844a3"=hex:51,fa,6e,91,28,9e,14,cc,40,8c,06,cb,e5,

84,4d,35,f6,0f,4e,58,98,5b,89,c9,c5,5a,1b,3b,40,a8,82,c5,f6,0f,4e,58,98,5b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\WINDOWS\\system32\\OLE32.DLL"

"f5f62a6129303efb32fbe080bb27835b"=hex:3d,ce,ea,26,2d,45,aa,78,4d,42,3d,a6,79,

21,72,86,3d,ce,ea,26,2d,45,aa,78,14,26,43,4b,59,ba,d3,2d,3d,ce,ea,26,2d,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\WINDOWS\\system32\\OLE32.DLL"

"fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:2a,b7,cc,b5,b9,7f,41,e7,c2,4b,c4,23,eb,

a3,ee,a0,2a,b7,cc,b5,b9,7f,41,e7,42,21,2e,af,d4,f2,ff,21,2a,b7,cc,b5,b9,7f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\WINDOWS\\system32\\OLE32.DLL"

"8a8aec57dd6508a385616fbc86791ec2"=hex:6c,43,2d,1e,aa,22,2f,9c,a9,9c,26,f2,52,

8e,b6,61,6c,43,2d,1e,aa,22,2f,9c,f3,52,e6,7e,7f,cb,19,85,6c,43,2d,1e,aa,22,\

[HKEY_LOCAL_MACHINE\software\GenArts\Sapphire AE\Install-{4E41A485-04D4-CF7C-6CE3-27F7BEAE7048}\Data*]

@DACL=

"CTE_32 Name"="895283:{C3B8A1BC-8B18-94D5-AD04-2B3354994626}"

[HKEY_LOCAL_MACHINE\software\GenArts\Sapphire AE\Install-{EC3F6705-85EF-4FB1-4E30-80781324E273}\Data*]

@DACL=

"DefaultSettings"="99:{C6DDA450-F687-55DF-CA23-1A5083308C5D}"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\Current Version\{8AC25C6A-D4B3-FF2F-2A61-C75CA1DB6116}\Install*Loc\VxDs]

@DACL=

"CTE_32 Name"="2454987:{301564B2-67A6-1A66-9C4E-A1FE91DE9752}"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Install*Loc\xga-1-{2D03E2CD-10A4-7215-FD7C-8619F42029AA}\Version 1.1]

@DACL=

"dat"="806585365:{3720885C-9240-7EDC-D54A-F7510B4C2BD6}"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\z*\{{05FF8CB8-4942-FCF6-301D-6930181DE865}}]

@DACL=

"DefaultSettings"="2455008:{37C8840C-72FD-B1F6-4FC1-23A6EF5B6255}"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\{FF93A7D1-4DBF-3309-FB43-58464DF18852}*\Install*Loc\xga-1\dat]

@DACL=

"default"="516232579:{4923F408-F18F-199F-DEA5-0D19EA586BE4}"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows Install VBX*\Current*Version\Install*Loc\xga-1-{2D03E2CD-10A4-7215-FD7C-8619F42029AA}\Version 3.x]

@DACL=

"dat"="1767914624:{462458B6-8979-51D2-4251-DF2661CE6039}"

[HKEY_LOCAL_MACHINE\software\Microsoft\WinXGA*\Providers*\{D41D8CD9-8F00-B204-E980-0998ECF8427E}\Current*Set\xga-1\ver]

@DACL=

"KnownSvcs"="923714428:{30F351F5-F861-82D3-DA2F-101B711C5A1C}"

[HKEY_LOCAL_MACHINE\software\XBMga*\UUIDs\{5FABA3E6-C505-258B-9241-CD560A1EE864}\xga-1\Install*Loc]

@DACL=

"{19620715-0001-1211-574574-30001}"="234521256:{BCD676ED-F590-3A95-DFD3-113C94797376}"

[HKEY_LOCAL_MACHINE\software\xGenArts\Sapphire AE\DLL ver*\{A6D90D08-68DD-2B46-E2AC-5782669B2696}]

@DACL=

"CTE_32 Name"="9:{19C42D30-D844-8A07-12A4-E783E7D228F7}"

.

--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------

- - - - - - - > 'winlogon.exe'(772)

c:\windows\system32\avgrsstx.dll

- - - - - - - > 'explorer.exe'(2344)

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Pozostałe uruchomione procesy ------------------------

.

c:\progra~1\AVG\AVG8\avgrsx.exe

c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\program files\Java\jre6\bin\jqs.exe

c:\windows\system32\nvsvc32.exe

c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

c:\windows\system32\wscntfy.exe

c:\windows\system32\rundll32.exe

c:\documents and settings\Pierdyl\Ustawienia lokalne\Dane aplikacji\Google\Update\1.2.183.7\GoogleCrashHandler.exe

c:\program files\Neostrada TP\NeostradaTP.exe

c:\program files\Neostrada TP\ComComp.exe

.

**************************************************************************

.

Czas ukończenia: 2009-08-23 11:53 - komputer został uruchomiony ponownie

ComboFix-quarantined-files.txt 2009-08-23 09:53

ComboFix2.txt 2009-08-04 22:26

ComboFix3.txt 2006-06-06 12:56

Przed: 14 568 673 280 bajtów wolnych

Po: 14 522 621 952 bajtów wolnych

480 --- E O F --- 2009-07-18 00:17

Gość
komentarz
komentarz

Wklej do Notatnika:

File::

c:\windows\system32\rewire.dll

c:\windows\Tasks\AppleSoftwareUpdate.job

c:\windows\Tasks\Google Software Updater.job

c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-115176313-839522115-1003Core. job

c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-115176313-839522115-1003UA.job

Driver::

gupdate1c9ab159ef0bb6

WinRing0_1_0_1

Registry::

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"=-

[-HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}]

[-HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1]

[-HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]

[-HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"AlcoholAutomount"=-

"MSMSGS"=-

"swg"=-

"Google Update"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SpeedTouch USB Diagnostics"=-

"SunJavaUpdateSched"=-

"NvCplDaemon"=-

"NvMediaCenter"=-

"QuickTime Task"=-

"TkBellExe"=-

d>>Plik>>Zapisz jako... >>> CFScript

Przeciągnij i upuść plik CFScript.txt na plik ComboFix.exe

-->cfscriptb5b4me3.gif

Ma się rozpocząć usuwanie. (i powstanie log).Daj ten log, który powstanie w trakcie usuwania.

Jeśli pójdzie dobrze, to: Po restarcie usuń ręcznie folder C:\Qoobox.

.

Pierdyl
komentarz
komentarz
Log do sprawdzenia
ComboFix 09-08-22.06 - Pierdyl 2009-08-23 17:25.11.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1250.48.1045.18.3327.2844 [GMT 2:00]
Uruchomiony z: c:\documents and settings\Pierdyl\Pulpit\ComboFix.exe
Użyto następujących komend :: c:\documents and settings\Pierdyl\Pulpit\CFScript.txt
AV: AVG Internet Security Network Edition *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

FILE ::
"c:\windows\system32\rewire.dll"
"c:\windows\Tasks\AppleSoftwareUpdate.job"
"c:\windows\Tasks\Google Software Updater.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-115176313-839522115-1003Core. job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-115176313-839522115-1003UA.job"
.

((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\rewire.dll
c:\windows\Tasks\AppleSoftwareUpdate.job
c:\windows\Tasks\Google Software Updater.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-115176313-839522115-1003UA.job

.
((((((((((((((((((((((((((((((((((((((( Sterowniki/Usługi )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_GUPDATE1C9AB159EF0BB6
-------\Legacy_WINRING0_1_0_1
-------\Service_gupdate1c9ab159ef0bb6
-------\Service_WinRing0_1_0_1


((((((((((((((((((((((((( Pliki utworzone od 2009-07-23 do 2009-08-23 )))))))))))))))))))))))))))))))
.

2010-07-10 11:37 . 2010-07-10 11:37 -------- d-----w- c:\program files\ASIO4ALL v2
2010-07-10 11:37 . 2009-03-30 16:38 -------- d-----w- c:\program files\Image-Line
2009-12-18 14:53 . 2009-12-18 14:53 -------- d-----w- c:\documents and settings\Pierdyl\Ustawienia lokalne\Dane aplikacji\Rockstar Games
2009-12-18 12:56 . 2009-12-18 12:56 -------- d-----w- c:\program files\MSBuild
2009-12-18 12:55 . 2009-12-18 12:57 -------- d-----w- c:\windows\system32\XPSViewer
2009-12-18 12:54 . 2009-12-18 12:54 -------- d-----w- c:\program files\Reference Assemblies
2009-12-18 12:54 . 2006-06-29 12:07 14048 ------w- c:\windows\system32\spmsg2.dll
2009-08-23 09:01 . 2003-10-14 08:58 376832 ----a-r- c:\windows\system32\Mam2Pan.exe
2009-08-23 09:01 . 2003-10-14 08:58 53248 ----a-r- c:\windows\system32\Mam2Asio.dll
2009-08-23 09:01 . 2008-04-14 17:21 23552 ----a-w- c:\windows\system32\wdmaud.drv
2009-08-23 09:01 . 2003-10-14 08:59 25648 ----a-r- c:\windows\system32\drivers\Mam2Wdm.sys
2009-08-23 09:01 . 2003-10-14 08:58 29968 ----a-r- c:\windows\system32\drivers\Mam2.sys
2009-08-23 09:01 . 2008-04-13 18:19 146048 ----a-w- c:\windows\system32\drivers\portcls.sys
2009-08-23 09:01 . 2008-04-13 17:45 60160 ----a-w- c:\windows\system32\drivers\drmk.sys
2009-08-23 09:01 . 2008-04-14 16:20 4096 ----a-w- c:\windows\system32\ksuser.dll
2009-08-23 09:01 . 2008-04-13 17:45 49408 ----a-w- c:\windows\system32\drivers\stream.sys
2009-08-14 22:07 . 2009-08-14 22:07 737280 ----a-w- c:\windows\iun6002.exe
2009-08-14 22:07 . 2009-08-14 22:07 -------- d-----w- c:\program files\Codec Pack - All In 1
2009-08-14 20:22 . 2009-08-14 20:22 -------- d-----w- c:\program files\MainConcept
2009-08-10 11:04 . 2009-08-10 11:04 -------- d-----w- c:\documents and settings\Pierdyl\Ustawienia lokalne\Dane aplikacji\ArcSoft
2009-08-10 11:04 . 2009-08-10 12:53 -------- d-----w- c:\documents and settings\Pierdyl\Dane aplikacji\ArcSoft
2009-08-10 11:04 . 2009-08-13 20:06 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\ArcSoft
2009-08-10 11:03 . 2006-11-10 13:05 18688 ----a-w- c:\windows\system32\drivers\afc.sys
2009-08-10 11:03 . 2005-04-27 14:36 245408 ----a-w- c:\windows\system32\unicows.dll
2009-08-10 11:03 . 2009-08-10 11:03 -------- d-----w- c:\program files\Common Files\ArcSoft
2009-08-10 11:03 . 2009-08-10 11:03 -------- d-----w- c:\program files\ArcSoft

.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-19 19:51 . 2008-12-19 19:50 107888 ------w- c:\windows\system32\CmdLineExt.dll
2009-08-23 15:31 . 2009-03-22 17:36 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Google Updater
2009-08-23 15:25 . 2003-07-09 15:12 -------- d-----w- c:\program files\Neostrada TP
2009-08-23 10:01 . 2003-12-11 15:40 -------- d-----w- c:\program files\Winamp
2009-08-14 20:26 . 2006-06-02 12:09 -------- d-----w- c:\program files\ffdshow
2009-08-14 18:07 . 2009-05-12 18:24 -------- d-----w- c:\program files\HyperLobbyPro3
2009-08-13 19:45 . 2000-08-06 16:36 50312 ----a-w- c:\documents and settings\Pierdyl\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
2009-08-11 11:06 . 2003-07-09 15:00 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-16 14:40 . 2004-08-03 23:44 119808 ------w- c:\windows\system32\t2embed.dll
2009-06-16 14:40 . 2002-09-28 23:00 81920 ------w- c:\windows\system32\fontsub.dll
2009-06-03 19:11 . 2004-08-03 23:44 1294848 ------w- c:\windows\system32\quartz.dll
2009-06-02 16:11 . 2006-06-02 12:09 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2009-05-26 11:20 . 2009-01-26 20:33 40160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-26 11:19 . 2009-01-26 20:33 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2006-06-01 08:49 . 2006-06-01 08:41 17665 ----a-w- c:\program files\uninstal.log
2003-11-03 15:07 . 2004-04-23 15:06 499712 ----a-w- c:\program files\msvcp71.dll
2003-11-03 15:07 . 2004-04-23 15:06 348160 ----a-w- c:\program files\msvcr71.dll
2003-05-30 07:22 . 2003-09-08 07:09 344064 ----a-r- c:\program files\msvcr70.dll
2002-01-05 01:40 . 2003-09-08 07:09 487424 ----a-w- c:\program files\msvcp70.dll
.

((((((((((((((((((((((((((((( SnapShot_2009-08-23_09.49.10 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-08-23 15:31 . 2009-08-23 15:31 16384 c:\windows\Temp\Perflib_Perfdata_744.dat
- 2002-09-28 23:00 . 2009-08-23 09:21 87166 c:\windows\system32\perfc015.dat
+ 2002-09-28 23:00 . 2006-08-23 14:42 87166 c:\windows\system32\perfc015.dat
- 2002-09-28 23:00 . 2009-08-23 09:21 70066 c:\windows\system32\perfc009.dat
+ 2002-09-28 23:00 . 2006-08-23 14:42 70066 c:\windows\system32\perfc009.dat
+ 2002-09-28 23:00 . 2006-08-23 14:42 493860 c:\windows\system32\perfh015.dat
- 2002-09-28 23:00 . 2009-08-23 09:21 493860 c:\windows\system32\perfh015.dat
- 2002-09-28 23:00 . 2009-08-23 09:21 435920 c:\windows\system32\perfh009.dat
+ 2002-09-28 23:00 . 2006-08-23 14:42 435920 c:\windows\system32\perfh009.dat
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2000-08-28 1235736]
"WOOWATCH"="c:\progra~1\NEOSTR~1\Watch.exe" [2003-10-16 20480]
"WOOTASKBARICON"="c:\progra~1\NEOSTR~1\TaskbarIcon.exe" [2003-10-16 53248]
"WooCnxMon"="c:\progra~1\NEOSTR~1\CnxMon.exe" [2003-10-16 24576]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2009-07-10 195072]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2007-05-14 35328]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2009-01-15 1657376]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-03-21 16126464]
"Mam2Pan"="Mam2Pan.Exe" - c:\windows\system32\Mam2Pan.exe [2003-10-14 376832]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2000-08-28 07:52 10520 ------w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Gamma Loader.lnk]
path=c:\documents and settings\All Users\Menu Start\Programy\Autostart\Adobe Gamma Loader.lnk
backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Pierdyl^Menu Start^Programy^Autostart^Adobe Gamma.lnk]
path=c:\documents and settings\Pierdyl\Menu Start\Programy\Autostart\Adobe Gamma.lnk
backup=c:\windows\pss\Adobe Gamma.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Pierdyl^Menu Start^Programy^Autostart^OpenOffice.org 3.0.lnk]
path=c:\documents and settings\Pierdyl\Menu Start\Programy\Autostart\OpenOffice.org 3.0.lnk
backup=c:\windows\pss\OpenOffice.org 3.0.lnkStartup

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Java\\j2re1.4.0_03\\bin\\javaw.exe"=
"d:\\GRY\\Supreme Commander FA\\Supreme Commander - Forged Alliance\\bin\\ForgedAlliance.exe"=
"d:\\PROGRAMY\\uTorrent.exe"=
"d:\\GRY\\S.T.A.L.K.E.R. - Clear Sky\\bin\\xrEngine.exe"=
"d:\\GRY\\S.T.A.L.K.E.R. - Clear Sky\\bin\\dedicated\\xrEngine.exe"=
"d:\\Games\\NORMAL\\Dead Space\\Dead Space.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\wbem\\wmiapsrv.exe"=
"c:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"d:\\GRY\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
"d:\\GRY\\Grand Theft Auto IV\\GTAIV.exe"=

R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2000-08-28 12936]
R0 mv61xx;mv61xx;c:\windows\system32\drivers\mv61xx.sys [2007-02-13 143360]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2000-08-28 97928]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2000-08-28 76040]
R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2000-08-28 875288]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2000-08-28 231704]
R2 PStrip;PStrip;c:\windows\system32\drivers\pstrip.sys [2007-07-15 27992]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\atl01_xp.sys [2003-07-09 38656]
R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [2003-10-31 33792]
R3 mam2_01;Service for Maya44 MKII 1;c:\windows\system32\drivers\Mam2Wdm.sys [2009-08-23 25648]
R3 mam2_aa;Service for Maya44 MKII Audio Driver (EWDM);c:\windows\system32\drivers\Mam2.sys [2009-08-23 29968]
S2 Kmm4xNT;Kmm4xNT;c:\windows\system32\drivers\KMM4XNT.SYS [2003-09-23 95484]
S3 Ndisprot;ArcNet NDIS Protocol Driver;c:\windows\system32\drivers\ndisprot.sys [2003-11-11 27904]
.
Zawartość folderu 'Zaplanowane zadania'

2009-08-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-115176313-839522115-1003Core.job
- c:\documents and settings\Pierdyl\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2006-04-14 13:11]
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.ask.com/?o=13166&l=dis
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: { - c:\program files\Messenger\msmsgs.exe
FF - ProfilePath - c:\documents and settings\Pierdyl\Dane aplikacji\Mozilla\Firefox\Profiles\d5k2xrtr.default\
FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - http:/google.pl
FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13165&gct=&gc=1&q=
FF - component: c:\documents and settings\Pierdyl\Dane aplikacji\Mozilla\Firefox\Profiles\d5k2xrtr.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll
FF - component: c:\program files\DAEMON Tools Toolbar\FirefoxDTT\components\DTToolbarFF.dll
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\documents and settings\Pierdyl\Ustawienia lokalne\Dane aplikacji\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPZoneSB.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-23 17:31
Windows 5.1.2600 Dodatek Service Pack 3 NTFS

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ...

skanowanie pomyślnie ukończone
ukryte pliki: 0

**************************************************************************
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------

[HKEY_USERS\S-1-5-21-1614895754-115176313-839522115-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:f9,88,cd,21,9f,e7,3e,bf,57,ee,58,15,5f,3d,bf,e2,d5,79,0c,d3,3a,6c,65,
1e,b0,46,93,c8,02,a8,4a,dc,4b,14,43,67,f0,1b,15,bd,ca,84,2f,19,c5,39,25,ba,\
"??"=hex:70,38,3b,8c,39,45,1b,1c,3a,6c,68,2e,5d,3d,84,6c

[HKEY_USERS\S-1-5-21-1614895754-115176313-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex:49,a8,68,c0,0d,c6,57,af,c6,40,b5,a0,f5,61,2d,ef,9b,0b,99,b9,b9,
e5,0d,f5,c3,05,73,d0,a9,f8,f1,3b,fe,05,18,2d,20,4c,7c,42,a2,f9,64,90,c3,a7,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"cd042efbbd7f7af1647644e76e06692b"=hex:2e,e8,e1,00,eb,16,2b,de,68,bf,21,0e,91,
b9,08,da,e2,63,26,f1,3f,c8,ff,68,76,86,81,47,ad,31,34,ed,e2,63,26,f1,3f,c8,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"bca643cdc5c2726b20d2ecedcc62c59b"=hex:6a,9c,d6,61,af,45,84,18,d7,3b,27,1c,49,
24,7b,e3,6a,9c,d6,61,af,45,84,18,40,15,6a,9c,3a,52,3c,e1,6a,9c,d6,61,af,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2c81e34222e8052573023a60d06dd016"=hex:25,da,ec,7e,55,20,c9,26,2d,c2,58,b0,da,
b9,24,c8,ff,7c,85,e0,43,d4,0e,fe,16,c9,ce,7a,bc,bc,bf,a8,ff,7c,85,e0,43,d4,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2582ae41fb52324423be06337561aa48"=hex:3e,1e,9e,e0,57,5a,93,61,d8,69,cf,ba,61,
a8,e9,aa,86,8c,21,01,be,91,eb,e7,91,2d,12,e7,51,33,33,11,86,8c,21,01,be,91,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"caaeda5fd7a9ed7697d9686d4b818472"=hex:f5,1d,4d,73,a8,13,5c,05,01,11,13,60,37,
b2,3a,a3,f5,1d,4d,73,a8,13,5c,05,b4,f8,c0,bc,f2,f6,25,68,f5,1d,4d,73,a8,13,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:df,20,58,62,78,6b,cf,c8,0b,2b,bd,4e,65,
4d,85,d3,df,20,58,62,78,6b,cf,c8,4d,eb,36,17,0c,68,36,b1,df,20,58,62,78,6b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"4d370831d2c43cd13623e232fed27b7b"=hex:fb,a7,78,e6,12,2f,9a,ea,14,2c,d8,1f,0d,
b9,ec,fb,fb,a7,78,e6,12,2f,9a,ea,6d,e7,5b,1d,17,92,5b,18,fb,a7,78,e6,12,2f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1d68fe701cdea33e477eb204b76f993d"=hex:83,6c,56,8b,a0,85,96,ab,0a,43,b1,0d,62,
30,f8,60,01,3a,48,fc,e8,04,4a,f1,0b,4c,c4,22,77,65,aa,98,01,3a,48,fc,e8,04,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1fac81b91d8e3c5aa4b0a51804d844a3"=hex:51,fa,6e,91,28,9e,14,cc,40,8c,06,cb,e5,
84,4d,35,f6,0f,4e,58,98,5b,89,c9,c5,5a,1b,3b,40,a8,82,c5,f6,0f,4e,58,98,5b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"f5f62a6129303efb32fbe080bb27835b"=hex:3d,ce,ea,26,2d,45,aa,78,4d,42,3d,a6,79,
21,72,86,3d,ce,ea,26,2d,45,aa,78,14,26,43,4b,59,ba,d3,2d,3d,ce,ea,26,2d,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:2a,b7,cc,b5,b9,7f,41,e7,c2,4b,c4,23,eb,
a3,ee,a0,2a,b7,cc,b5,b9,7f,41,e7,42,21,2e,af,d4,f2,ff,21,2a,b7,cc,b5,b9,7f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"8a8aec57dd6508a385616fbc86791ec2"=hex:6c,43,2d,1e,aa,22,2f,9c,a9,9c,26,f2,52,
8e,b6,61,6c,43,2d,1e,aa,22,2f,9c,f3,52,e6,7e,7f,cb,19,85,6c,43,2d,1e,aa,22,\

[HKEY_LOCAL_MACHINE\software\GenArts\Sapphire AE\Install-{4E41A485-04D4-CF7C-6CE3-27F7BEAE7048}\Data*]
@DACL=
"CTE_32 Name"="895283:{C3B8A1BC-8B18-94D5-AD04-2B3354994626}"

[HKEY_LOCAL_MACHINE\software\GenArts\Sapphire AE\Install-{EC3F6705-85EF-4FB1-4E30-80781324E273}\Data*]
@DACL=
"DefaultSettings"="99:{C6DDA450-F687-55DF-CA23-1A5083308C5D}"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\Current Version\{8AC25C6A-D4B3-FF2F-2A61-C75CA1DB6116}\Install*Loc\VxDs]
@DACL=
"CTE_32 Name"="2454987:{301564B2-67A6-1A66-9C4E-A1FE91DE9752}"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Install*Loc\xga-1-{2D03E2CD-10A4-7215-FD7C-8619F42029AA}\Version 1.1]
@DACL=
"dat"="806585365:{3720885C-9240-7EDC-D54A-F7510B4C2BD6}"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\z*\{{05FF8CB8-4942-FCF6-301D-6930181DE865}}]
@DACL=
"DefaultSettings"="2455008:{37C8840C-72FD-B1F6-4FC1-23A6EF5B6255}"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\{FF93A7D1-4DBF-3309-FB43-58464DF18852}*\Install*Loc\xga-1\dat]
@DACL=
"default"="516232579:{4923F408-F18F-199F-DEA5-0D19EA586BE4}"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows Install VBX*\Current*Version\Install*Loc\xga-1-{2D03E2CD-10A4-7215-FD7C-8619F42029AA}\Version 3.x]
@DACL=
"dat"="1767914624:{462458B6-8979-51D2-4251-DF2661CE6039}"

[HKEY_LOCAL_MACHINE\software\Microsoft\WinXGA*\Providers*\{D41D8CD9-8F00-B204-E980-0998ECF8427E}\Current*Set\xga-1\ver]
@DACL=
"KnownSvcs"="923714428:{30F351F5-F861-82D3-DA2F-101B711C5A1C}"

[HKEY_LOCAL_MACHINE\software\XBMga*\UUIDs\{5FABA3E6-C505-258B-9241-CD560A1EE864}\xga-1\Install*Loc]
@DACL=
"{19620715-0001-1211-574574-30001}"="234521256:{BCD676ED-F590-3A95-DFD3-113C94797376}"

[HKEY_LOCAL_MACHINE\software\xGenArts\Sapphire AE\DLL ver*\{A6D90D08-68DD-2B46-E2AC-5782669B2696}]
@DACL=
"CTE_32 Name"="9:{19C42D30-D844-8A07-12A4-E783E7D228F7}"
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------

- - - - - - - > 'winlogon.exe'(772)
c:\windows\system32\avgrsstx.dll

- - - - - - - > 'explorer.exe'(3516)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll

- - - - - - - > 'explorer.exe'(2664)
c:\progra~1\SPYBOT~1\SDHelper.dll
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c:\progra~1\AVG\AVG8\avgrsx.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\windows\system32\wscntfy.exe
c:\program files\Neostrada TP\NeostradaTP.exe
c:\program files\Neostrada TP\ComComp.exe
.
**************************************************************************
.
Czas ukończenia: 2009-08-23 17:35 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt 2009-08-23 15:35
ComboFix2.txt 2009-08-23 09:53
ComboFix3.txt 2009-08-04 22:26
ComboFix4.txt 2006-06-06 12:56

Przed: 14 501 642 240 bajtów wolnych
Po: 14 442 045 440 bajtów wolnych

318 --- E O F --- 2009-07-18 00:17
Gość
komentarz
komentarz

Log jest OK.

1. Zamknij robaczywe porty przy pomocy --> Windows Worms Doors Cleaner.

Ustaw znaczki na zielono, Netbios może być na żółto.

Po użyciu narzędzia wymagany jest restart komputera.!

2. Usuń szczątki ComboFixa programem OTC.

3. Z folderu "System Volume Information" usuniesz kopie "wirusów" poprzez chwilowe wyłączenie "Przywracania Systemu":

>Panel Sterowania>System>Przywracanie Systemu>>zaznacz w okienku przy "Wyłącz przywracanie na wszystkich dyskach">Zastosuj>OK.

Potem możesz powrócić do poprzedniego ustawienia (czyli usunąć zaznaczenie z okienka).

4. Użyj programu Malwarebytes.

Wciskamy Skanuj, wybieramy dyski do skanowania i Rozpoczynamy skanowanie, na końcu wciskamy Usuń zaznaczone jak będą i Ok.

Wrzuć wygenerowany raport po usuwaniu MBAMem.

.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.