x-kom hosting

Prośba o sprawdzenie logów.

iwan59
utworzono
utworzono (edytowane)

Antywirus wykrył i (niby) usnął wirusa, ale wciąż jest coś nie tak. Po załadowaniu windowsa nie ma 'ekranu powitalnego' i nic się nie dzieje. Pomaga tylko przy włączaniu F8 i wybranie ostatniej sobrej konfiguracji, ale to marne rozwiązanie, bo komputer się zawiesz i pomaga tylko reset.

HijackThis

Logfile of Trend Micro HijackThis v2.0.2Scan saved at 15:25:43, on 2009-02-23Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Microsoft ActiveSync\wcescomm.exeC:\PROGRA~1\MICROS~2\rapimgr.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Common Files\LightScribe\LSSrvc.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\HPZipm12.exeC:\WINDOWS\system32\PnkBstrA.exeC:\WINDOWS\system32\svchost.exeE:\Program Files\Opera\opera.exeE:\Program Files\Trend Micro\HijackThis\HijackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://nasza-klasa.pl/R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = ŁączaO1 - Hosts file is located at: C:\WINDOWS\System32\drivers\etc\hostsO2 - BHO: SnagIt Toolbar Loader - {00c6482d-c502-44c8-8409-fce54ad9c208} - E:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dllO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dllO2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO2 - BHO: flashget urlcatch - {2f364306-aa45-47b5-9f9d-39a8b94e7ef7} - e:\Program Files\FlashGet\jccatch.dllO2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dllO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dllO2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllO2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - e:\Program Files\FlashGet\getflash.dllO3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - E:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dllO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartupO4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')O8 - Extra context menu item: &Download All with FlashGet - E:\Program Files\FlashGet\jc_all.htmO8 - Extra context menu item: &Download with FlashGet - E:\Program Files\FlashGet\jc_link.htmO8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200O8 - Extra context menu item: block frame with ad muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=0.4&pass=K5PN70AI&id=menu_ie_frameO8 - Extra context menu item: block image with ad muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=0.4&pass=K5PN70AI&id=menu_ie_imageO8 - Extra context menu item: block link with ad muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=0.4&pass=K5PN70AI&id=menu_ie_linkO8 - Extra context menu item: don't filter page with ad muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=0.4&pass=K5PN70AI&id=menu_ie_excludeO8 - Extra context menu item: Pobierz za pomocą Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htmO8 - Extra context menu item: report page to the ad muncher developers - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=0.4&pass=K5PN70AI&id=menu_ie_reportO9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - e:\Program Files\FlashGet\FlashGet.exeO9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - e:\Program Files\FlashGet\FlashGet.exeO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{BEB32B14-E89E-47CC-9A9C-C1DE79A4F20D}: NameServer = 217.30.129.149 217.30.137.200O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLLO23 - Service: Usługa inteligentnego transferu w tle (BITS) - Unknown owner - C:\WINDOWS\O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exeO23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exeO23 - Service: Microsoft security update service (msupdate) - Unknown owner - c:\windows\system32\msvcrtd.exe (file missing)O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exeO23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exeO23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exeO23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe--End of file - 6074 bytes

Silnet Runners

"Silent Runners.vbs", revision 59, http://www.silentrunners.org/Operating System: Windows XPOutput limited to non-default values, except where indicated by "{++}"Startup items buried in registry:---------------------------------HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}"H/PC Connection Agent" = ""C:\Program Files\Microsoft ActiveSync\wcescomm.exe"" [MS]HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}"NvCplDaemon" = "RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup" [MS]HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00c6482d-c502-44c8-8409-fce54ad9c208}\(Default) = (no title provided)  -> {HKLM...CLSID} = "SnagIt Toolbar Loader"				   \InProcServer32\(Default) = "E:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll" ["TechSmith Corporation"]{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided)  -> {HKLM...CLSID} = "Adobe PDF Reader Link Helper"				   \InProcServer32\(Default) = "C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"]{22BF413B-C6D2-4d91-82A9-A0F997BA588C}\(Default) = "Skype add-on (mastermind)"  -> {HKLM...CLSID} = "Skype add-on (mastermind)"				   \InProcServer32\(Default) = "C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll" ["Skype Technologies S.A."]{2f364306-aa45-47b5-9f9d-39a8b94e7ef7}\(Default) = "flashget urlcatch"  -> {HKLM...CLSID} = "FGCatchUrl"				   \InProcServer32\(Default) = "e:\Program Files\FlashGet\jccatch.dll" ["www.flashget.com"]{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)  -> {HKLM...CLSID} = "Java Plug-In SSV Helper"				   \InProcServer32\(Default) = "C:\Program Files\Java\jre6\bin\ssv.dll" ["Sun Microsystems, Inc."]{DBC80044-A445-435b-BC74-9C25C1C588A9}\(Default) = (no title provided)  -> {HKLM...CLSID} = "Java Plug-In 2 SSV Helper"				   \InProcServer32\(Default) = "C:\Program Files\Java\jre6\bin\jp2ssv.dll" ["Sun Microsystems, Inc."]{E7E6F031-17CE-4C07-BC86-EABFE594F69C}\(Default) = "JQSIEStartDetectorImpl"  -> {HKLM...CLSID} = "JQSIEStartDetectorImpl Class"				   \InProcServer32\(Default) = "C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll" ["Sun Microsystems, Inc."]{F156768E-81EF-470C-9057-481BA8380DBA}\(Default) = (no title provided)  -> {HKLM...CLSID} = "FlashGet GetFlash Class"				   \InProcServer32\(Default) = "e:\Program Files\FlashGet\getflash.dll" ["www.flashget.com"]HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\"WPDShServiceObj" = "{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"  -> {HKLM...CLSID} = "WPDShServiceObj Class"				   \InProcServer32\(Default) = "C:\WINDOWS\system32\WPDShServiceObj.dll" [MS]HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{0561EC90-CE54-4f0c-9C55-E226110A740C}\(Default) = "Haali Column Provider"  -> {HKLM...CLSID} = "Haali Column Provider"				   \InProcServer32\(Default) = "e:\Program Files\Haali\MatroskaSplitter\mmfinfo.dll" [null data]{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\(Default) = "OpenOffice.org Column Handler"  -> {HKLM...CLSID} = (no title provided)				   \InProcServer32\(Default) = ""C:\Program Files\OpenOffice.org 2.3\program\shlxthdl.dll"" ["Sun Microsystems, Inc."]{F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info"  -> {HKLM...CLSID} = "PDF Shell Extension"				   \InProcServer32\(Default) = "C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."]HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AQQFileTransfer\(Default) = "{10677009-C23C-4FC2-A62C-29323A2201F0}"  -> {HKLM...CLSID} = "AQQ File Transfer Shell Extension"				   \InProcServer32\(Default) = "e:\PROGRA~1\WapSter\WAPSTE~1\System\AQQSHE~1.DLL" [null data]QuickSFV Shell Extension\(Default) = "{906b0e6e-61ce-11d3-8ee2-0060080a7242}"  -> {HKLM...CLSID} = "QuickSFV Shell Extension"				   \InProcServer32\(Default) = "e:\Program Files\QuickSFV\QSFVShll.dll" ["Mercedes"]SnagItMainShellExt\(Default) = "{CF74B903-3389-469c-B3B6-0204D204FCBD}"  -> {HKLM...CLSID} = "SnagItShellExt Class"				   \InProcServer32\(Default) = "E:\Program Files\TechSmith\SnagIt 9\SnagItShellExt.dll" ["TechSmith Corporation"]WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"  -> {HKLM...CLSID} = "WinRAR"				   \InProcServer32\(Default) = "e:\Program Files\WinRAR\rarext.dll" [null data]HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\QuickSFV Shell Extension\(Default) = "{906b0e6e-61ce-11d3-8ee2-0060080a7242}"  -> {HKLM...CLSID} = "QuickSFV Shell Extension"				   \InProcServer32\(Default) = "e:\Program Files\QuickSFV\QSFVShll.dll" ["Mercedes"]SnagItMainShellExt\(Default) = "{CF74B903-3389-469c-B3B6-0204D204FCBD}"  -> {HKLM...CLSID} = "SnagItShellExt Class"				   \InProcServer32\(Default) = "E:\Program Files\TechSmith\SnagIt 9\SnagItShellExt.dll" ["TechSmith Corporation"]UltraISO\(Default) = "{AD392E40-428C-459F-961E-9B147782D099}"  -> {HKLM...CLSID} = "UIContextMenu Class"				   \InProcServer32\(Default) = "e:\Program Files\UltraISO\isoshell.dll" ["EZB Systems, Inc."]WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"  -> {HKLM...CLSID} = "WinRAR"				   \InProcServer32\(Default) = "e:\Program Files\WinRAR\rarext.dll" [null data]HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\IconLayout\(Default) = "{19F500E0-9964-11cf-B63D-08002B317C03}"  -> {HKLM...CLSID} = "Desktop Icon Layout"				   \InProcServer32\(Default) = "Layout.dll" ["Microsoft"]UltraISO\(Default) = "{AD392E40-428C-459F-961E-9B147782D099}"  -> {HKLM...CLSID} = "UIContextMenu Class"				   \InProcServer32\(Default) = "e:\Program Files\UltraISO\isoshell.dll" ["EZB Systems, Inc."]WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"  -> {HKLM...CLSID} = "WinRAR"				   \InProcServer32\(Default) = "e:\Program Files\WinRAR\rarext.dll" [null data]Group Policies {GPedit.msc branch and setting}:-----------------------------------------------Note: detected settings may not have any effect.HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\"ClearRecentDocsOnExit" = (REG_DWORD) dword:0x00000001{unrecognized setting}HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\"DisableRegistryTools" = (REG_DWORD) dword:0x00000000{User Configuration|Administrative Templates|System|Prevent access to registry editing tools}HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\"shutdownwithoutlogon" = (REG_DWORD) dword:0x00000001{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|Shutdown: Allow system to be shut down without having to log on}"undockwithoutlogon" = (REG_DWORD) dword:0x00000001{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|Devices: Allow undock without having to log on}"DisableRegistryTools" = (REG_DWORD) dword:0x00000000{unrecognized setting}Active Desktop and Wallpaper:-----------------------------Active Desktop may be disabled at this entry:HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellStateDisplayed if Active Desktop enabled and wallpaper not set by Group Policy:HKCU\Software\Microsoft\Internet Explorer\Desktop\General\"Wallpaper" = "C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp"Displayed if Active Desktop disabled and wallpaper not set by Group Policy:HKCU\Control Panel\Desktop\"Wallpaper" = "C:\Documents and Settings\iwan\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp"Windows Portable Device AutoPlay Handlers-----------------------------------------HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\MSPlayCDAudioOnArrival\"Provider" = "ALLPlayer""InvokeProgID" = "AllPlayerFile""InvokeVerb" = "play"HKLM\SOFTWARE\Classes\AllPlayerFile\shell\play\command\(Default) = ""E:\Program Files\ALLPlayer\ALLPlayer.exe" "%1"" ["ALLPlayer"]MSWPDShellNamespaceHandler\"Provider" = "@%SystemRoot%\System32\WPDShextRes.dll,-501""CLSID" = "{A55803CC-4D53-404c-8557-FD63DBA95D24}""InitCmdLine" = " "  -> {HKLM...CLSID} = "WPDShextAutoplay"				   \LocalServer32\(Default) = "C:\WINDOWS\system32\WPDShextAutoplay.exe" [MS]NeroAutoPlay2CDAudio\"Provider" = "Nero Express""InvokeProgID" = "Nero.AutoPlay2""InvokeVerb" = "HandleCDBurningOnArrival_CDAudio"HKLM\SOFTWARE\Classes\Nero.AutoPlay2\shell\HandleCDBurningOnArrival_CDAudio\command\(Default) = "e:\Program Files\Ahead\nero\nero.exe /w /New:AudioCD /Drive:%L" ["Ahead Software AG"]NeroAutoPlay2CopyCD\"Provider" = "Nero Express""InvokeProgID" = "Nero.AutoPlay2""InvokeVerb" = "PlayCDAudioOnArrival_CopyCD"HKLM\SOFTWARE\Classes\Nero.AutoPlay2\shell\PlayCDAudioOnArrival_CopyCD\command\(Default) = "e:\Program Files\Ahead\nero\nero.exe /w /Dialog:DiscCopy /Drive:%L" ["Ahead Software AG"]NeroAutoPlay2DataDisc\"Provider" = "Nero Express""InvokeProgID" = "Nero.AutoPlay2""InvokeVerb" = "HandleCDBurningOnArrival_DataDisc"HKLM\SOFTWARE\Classes\Nero.AutoPlay2\shell\HandleCDBurningOnArrival_DataDisc\command\(Default) = "e:\Program Files\Ahead\nero\nero.exe /w /New:ISODisc /Drive:%L" ["Ahead Software AG"]NeroAutoPlay2LaunchNeroStartSmart\"Provider" = "Nero StartSmart""InvokeProgID" = "Nero.AutoPlay2""InvokeVerb" = "HandleCDBurningOnArrival_LaunchNeroStartSmart"HKLM\SOFTWARE\Classes\Nero.AutoPlay2\shell\HandleCDBurningOnArrival_LaunchNeroStartSmart\command\(Default) = "e:\Program Files\Ahead\Nero StartSmart\NeroStartSmart.exe /AutoPlay /Drive:%L" ["Ahead Software AG"]NMMPlayCDAudioOnArrival\"Provider" = "Nokia Music Manager""InvokeProgID" = "NokiaMusicManager""InvokeVerb" = "NMMPlayCD"HKLM\SOFTWARE\Classes\NokiaMusicManager\shell\NMMPlayCD\command\(Default) = "E:\Program Files\Nokia\Nokia PC Suite 7\MusicManager.exe /playCD "%L"" ["Nokia"]NMMRipCDAudioOnArrival\"Provider" = "Nokia Music Manager""InvokeProgID" = "NokiaMusicManager""InvokeVerb" = "NMMRipCD"HKLM\SOFTWARE\Classes\NokiaMusicManager\shell\NMMRipCD\command\(Default) = "E:\Program Files\Nokia\Nokia PC Suite 7\MusicManager.exe /ripCD "%L"" ["Nokia"]Picasa2ImportPicturesOnArrival\"Provider" = "Picasa3""InvokeProgID" = "picasa2.autoplay""InvokeVerb" = "import"HKLM\SOFTWARE\Classes\picasa2.autoplay\shell\import\command\(Default) = "e:\Program Files\Google\Picasa3\Picasa3.exe "%1"" ["Google Inc."]TVPPlayDVDMovieOnArrival\"Provider" = "Total Video Player""InvokeProgID" = "totalplayer.dvd""InvokeVerb" = "open"HKLM\SOFTWARE\Classes\totalplayer.dvd\shell\open\command\(Default) = "E:\Program Files\Total Video Converter\tvp.exe -dvd %1" [empty string]WinampMTPHandler\"Provider" = "Winamp""ProgID" = "Shell.HWEventHandlerShellExecute""InitCmdLine" = "e:\Program Files\Winamp\winamp.exe"HKLM\SOFTWARE\Classes\Shell.HWEventHandlerShellExecute\CLSID\(Default) = "{FFB8655F-81B9-4fce-B89C-9A6BA76D13E7}"  -> {HKLM...CLSID} = "ShellExecute HW Event Handler"				   \LocalServer32\(Default) = "rundll32.exe shell32.dll,SHCreateLocalServerRunDll {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7}" [MS]WinampPlayMediaOnArrival\"Provider" = "Winamp""InvokeProgID" = "Winamp.File""InvokeVerb" = "Play"HKLM\SOFTWARE\Classes\Winamp.File\shell\Play\command\(Default) = ""e:\Program Files\Winamp\winamp.exe" "%1"" ["Nullsoft"]HKLM\SOFTWARE\Classes\Winamp.File\shell\Play\DropTarget\CLSID = "{46986115-84D6-459c-8F95-52DD653E532E}"  -> {HKLM...CLSID} = (no title provided)				   \LocalServer32\(Default) = ""e:\Program Files\Winamp\winamp.exe"" ["Nullsoft"]Winsock2 Service Provider DLLs:-------------------------------Namespace Service ProvidersHKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]Transport Service ProvidersHKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 21%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05Toolbars, Explorer Bars, Extensions:------------------------------------ToolbarsHKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\"{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3}" = (no title provided)  -> {HKLM...CLSID} = "SnagIt"				   \InProcServer32\(Default) = "E:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll" ["TechSmith Corporation"]Extensions (Tools menu items, main toolbar menu buttons)HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{77BF5300-1474-4EC7-9980-D32B190E9B07}\"ButtonText" = "Skype""CLSIDExtension" = "{77BF5300-1474-4EC7-9980-D32B190E9B07}"  -> {HKLM...CLSID} = "Skype add-on (button)"				   \InProcServer32\(Default) = "C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll" ["Skype Technologies S.A."]{D6E814A0-E0C5-11D4-8D29-0050BA6940E3}\"ButtonText" = "FlashGet""MenuText" = "FlashGet""Exec" = "e:\Program Files\FlashGet\FlashGet.exe" ["FlashGet.com"]{E2E2DD38-D088-4134-82B7-F2BA38496583}\"MenuText" = "@xpsp3res.dll,-20001""Exec" = "%windir%\Network Diagnostic\xpnetdiag.exe" [MS]Miscellaneous IE Hijack Points------------------------------HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\<<H>> "Tabs" = "C:\Documents and Settings\iwan\Dane aplikacji\MEGAUPLOADTOOLBAR\tabwelcome.html" [null data]Running Services (Display Name, Service Name, Path {Service DLL}):------------------------------------------------------------------Java Quick Starter, JavaQuickStarterService, ""C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"" ["Sun Microsystems, Inc."]LightScribeService Direct Disc Labeling Service, LightScribeService, ""C:\Program Files\Common Files\LightScribe\LSSrvc.exe"" ["Hewlett-Packard Company"]NVIDIA Display Driver Service, NVSvc, "C:\WINDOWS\system32\nvsvc32.exe" ["NVIDIA Corporation"]Pml Driver HPZ12, Pml Driver HPZ12, "C:\WINDOWS\system32\HPZipm12.exe" ["HP"]PnkBstrA, PnkBstrA, "C:\WINDOWS\system32\PnkBstrA.exe" [null data]Windows Driver Foundation - User-mode Driver Framework, WudfSvc, "C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup" {"C:\WINDOWS\System32\WUDFSvc.dll" [MS]}Print Monitors:---------------HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\LIDIL hpzll054\Driver = "hpzll054.dll" ["Hewlett-Packard Company"]---------- (launch time: 2009-02-23 15:26:58)<<H>>: Suspicious data at a browser hijack point.+ This report excludes default entries except where indicated.+ To see *everywhere* the script checks and *everything* it finds,  launch it from a command prompt or a shortcut with the -all parameter.+ The search for DESKTOP.INI DLL launch points on all local fixed drives  took 186 seconds.---------- (total run time: 225 seconds)

ComboFix nie reaguje na próbę włączenia.

Rsit:

info.txt

info.txt logfile of random's system information tool 1.05 2009-02-23 15:55:29======Uninstall list======-->MsiExec /X{DD1865F0-AD73-40FB-B23E-1822E02396FF}-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.infAd Muncher-->E:\Program Files\Ad Muncher\uninst.exeAdobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exeAdobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exeAdobe Reader 8 - Polish-->MsiExec.exe /I{AC76BA86-7AD7-1045-7B44-A81200000003}Adobe Shockwave Player-->C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.logALLPlayer V3.X-->"e:\Program Files\ALLPlayer\unins000.exe"Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}Audiosurf-->MsiExec.exe /I{6D316D67-DA52-4659-9C98-F479963534D6}Burnout Paradise The Ultimate Box-->MsiExec.exe /X{9A996B6A-846E-4A89-B9C4-17546B7BE49F}Cleanse Uninstaller Pro 2008  -->E:\Program Files\Zards software\Cleanse Uninstaller\uninst.exeCoreAVC Professional Edition (remove only)-->"e:\Program Files\CoreCodec\CoreAVC Professional Edition\CoreAVC Professional Edition-uninstall.exe"DFX for Winamp-->e:\Program Files\DFX\uninstall_Winamp.exeDriver Magician 3.4-->"C:\Program Files\Driver Magician\unins000.exe"EVEREST Ultimate Edition v4.50-->"E:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"Far Cry 2-->"C:\Program Files\InstallShield Installation Information\{F2835483-37F2-4123-B4FE-0E77D58447F2}\setup.exe" -runfromtemp -l0x0009 -removeonlyFlashGet 1.9.6.1073-->e:\Program Files\FlashGet\uninst.exeFootball Manager 2009-->"e:\Program Files\Sports Interactive\Football Manager 2009\Uninstall_Football Manager 2009\Uninstall Football Manager 2009.exe"Gadu-Gadu 7.7-->e:\Program Files\Gadu-Gadu\Setup.exeGetDiz 3.0-->E:\PROGRA~1\GetDiz\UNINST~1\UNWISE.EXE E:\PROGRA~1\GetDiz\UNINST~1\install.logGrand Theft Auto IV-->"C:\Program Files\InstallShield Installation Information\{579BA58C-F33D-4970-9953-B94B43768AC3}\setup.exe" -runfromtemp -l0x0009 -removeonlyGRID-->"C:\Program Files\InstallShield Installation Information\{5A0B7BA5-4682-4273-81C2-69B17E649103}\setup.exe" -runfromtemp -l0x0009 -removeonlyHaali Media Splitter-->"e:\Program Files\Haali\MatroskaSplitter\uninstall.exe"HijackThis 2.0.2-->"e:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstallHotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall  /qb+ REBOOTPROMPT=""HP Imaging Device Functions 7.0-->E:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.datHP Photosmart, Officejet and Deskjet 7.0.A-->E:\Program Files\HP\Digital Imaging\{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}\setup\hpzscr01.exe -datfile hposcr11.datHP Solution Center 7.0-->E:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.datIcon Restore 1.0-->C:\WINDOWS\unins000.exeIrfanView (remove only)-->e:\Program Files\IrfanView\iv_uninstall.exeJava 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}Java 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}K-Lite Codec Pack 3.7.0 Basic-->"e:\Program Files\K-Lite Codec Pack\unins000.exe"Last.fm 1.5.2.38918-->"e:\Program Files\Last.fm\unins000.exe"Megaupload Toolbar-->C:\Program Files\MegauploadToolbar\uninstall.exeMicrosoft .NET Framework 2.0 Service Pack 2 Language Pack - PLK-->MsiExec.exe /I{2AFF2951-86B1-3C53-B34D-B440F11E7D0A}Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - PLK-->MsiExec.exe /I{5A0DDC27-88E5-3CAD-BC3D-28FFD05CA6B9}Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}Microsoft .NET Framework 3.5 Language Pack SP1 - plk-->MsiExec.exe /I{9EFDFBA8-9174-3C61-8645-28376C5CA994}Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exeMicrosoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}Microsoft ActiveSync-->MsiExec.exe /I{99052DB7-9592-4522-A558-5417BBAD48EE}Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{59E4543A-D49D-4489-B445-473D763C79AF}Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe"Microsoft User-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWudf01005$\spuninst\spuninst.exe"Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}Mirror's Edge?-->MsiExec.exe /X{AEDBD563-24BB-4EE3-8366-A654DAC2D988}Mojo Master Winamp Visualizer for Winamp (remove only)-->"e:\Program Files\Winamp\uninst-vis_MojoMaster.dll.exe"Mozilla Thunderbird (2.0.0.19)-->E:\Program Files\Mozilla Thunderbird\uninstall\helper.exeMp3tag v2.41-->e:\Program Files\Mp3tag\Mp3tagUninstall.EXEMSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}NAPIPROJEKT 1.0.6.1-->"e:\Program Files\NAPI-PROJEKT\unins000.exe"Need for Speed? Undercover-->MsiExec.exe /X{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}Nero OEM-->e:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALLNokia Connectivity Cable Driver-->MsiExec.exe /X{15AC0C5D-A6FB-4CE2-8CD0-28179EEB5625}Nokia PC Suite-->C:\Documents and Settings\All Users\Dane aplikacji\Installations\{58FB2F9A-5F2D-40E8-82DF-4987E60AD8BD}\Nokia_PC_Suite_7_1_18_0_pol.exeNokia PC Suite-->MsiExec.exe /I{58FB2F9A-5F2D-40E8-82DF-4987E60AD8BD}NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUINVIDIA PhysX-->MsiExec.exe /X{DD1865F0-AD73-40FB-B23E-1822E02396FF}OCR Software by I.R.I.S 7.0-->E:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.datOpenAL-->"C:\Program Files\OpenAL\OalinstGridRelease.exe" /UOpenOffice.org 2.3-->MsiExec.exe /I{554F8595-ABAA-4FC7-B749-CF3260D687B6}Opera 9.60-->MsiExec.exe /X{D2F5287E-5F0E-447B-9157-B08AA4E2AC76}Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 ? PLK-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - plk\setup.exePakiet sterowników systemu Windows - Nokia Modem  (05/22/2008 3.8)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_6F90B0F4A73A2F780A1010B5D6CB5DDFB098181E\nokia_bluetooth.infPakiet sterowników systemu Windows - Nokia Modem  (05/22/2008 7.00.0.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_E68D50F7E25BFE399D47C864C3B52557346242A9\nokbtmdm.infPakiet sterowników systemu Windows - Nokia Modem  (10/27/2008 3.9)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_79486EC6AA0D1732FB17E5167077C07ECAE1B870\nokia_bluetooth.infPakiet sterowników systemu Windows - Nokia Modem  (10/27/2008 7.01.0.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_247189AEBF39EB69A7C75429610DFED2F2EDC1B6\nokbtmdm.infPakiet sterowników systemu Windows - Nokia pccsmcfd  (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.infPC Connectivity Solution-->MsiExec.exe /I{D848D140-41C3-4A53-86D8-E866A100B4CD}Pet Soccer-->E:\Program Files\Pet Soccer\uninstall Pet Soccer.exePicasa 3-->"e:\Program Files\Google\Picasa3\Uninstall.exe"Podręcznik dotyczący urządzeń z systemem Windows Mobile?-->C:\Program Files\Windows Mobile Device Handbook\Windows Mobile Device Handbook\Bin\DHUninstall.exePrince of Persia-->"C:\Program Files\InstallShield Installation Information\{7C11154F-3539-4CB5-979D-EF7913473E53}\setup.exe" -runfromtemp -l0x0009 -removeonlyPro Evolution Soccer 2009-->MsiExec.exe /X{A8DB611A-D80E-450D-85F6-3ACDD164BE31}PunkBuster Services-->C:\WINDOWS\system32\pbsvc.exe -uQuickSFV (Remove only)-->e:\Program Files\QuickSFV\QSFVUNST.EXE e:\Program Files\QuickSFV\Real Alternative 1.7.5-->"e:\Program Files\Real Alternative\unins000.exe"Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x15  -removeonlyRockstar Games Social Club-->"C:\Program Files\InstallShield Installation Information\{08B3869E-D282-424C-9AFC-870E04A4BA14}\setup.exe" -runfromtemp -l0x0009 -removeonlySafari-->MsiExec.exe /X{582D2A53-F426-4C5E-A2E6-43C1AB36B907}SAMSUNG CDMA Modem Driver Set-->C:\Program Files\SAMSUNG\SAMSUNG CDMA Modem\SSCDUninstall.exeSkaner on-line mks_vir-->C:\WINDOWS\system32\SkanerOnlineUninstall.exeSkype? 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}Skype? for Pocket PC 2.2-->"C:\Program Files\Microsoft ActiveSync\Skype for Pocket PC\unins000.exe"SnagIt 9-->MsiExec.exe /I{ADDD6985-3A28-44D0-A1BA-FDD19A820491}SopCast 3.0.1-->e:\Program Files\SopCast\uninst.exeSpelling Dictionaries Support For Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003}SubEdit-Player-->"e:\Program Files\SubEdit-Player\unins000.exe"Total Commander (Remove or Repair)-->c:\totalcmd\tcuninst.exeTotal Video Converter 3.11-->"e:\Program Files\Total Video Converter\unins000.exe"UltraISO Premium V8.66-->"e:\Program Files\UltraISO\unins000.exe"Usb Game Pad-->C:\PROGRA~1\USBGAM~1\UNWISE.EXE C:\PROGRA~1\USBGAM~1\INSTALL.LOGVC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}VibrateGameDeviceDriver-->MsiExec.exe /I{DBB7F606-0C13-4182-AD7F-427A4773580E}Vimicro USB PC Camera (VC0305)-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8AD824A5-1CCC-4BB7-82C9-E6FB25CC0479}\setup.exe" -l0x9 WapSter AQQ-->e:\Program Files\WapSter\WapSter AQQ\uninstall.exeWinamp-->"e:\Program Files\Winamp\UninstWA.exe"Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAllWindows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"WinRAR archiver-->e:\Program Files\WinRAR\uninstall.exeWizFlow Professional Trial-->E:\PROGRA~1\WizFlow\UNWISE32.EXE E:\PROGRA~1\WizFlow\INSTALLP.LOGXML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"xp-AntiSpy 3.96-6-->e:\Program Files\xp-AntiSpy\Uninstall.exeYouTubeGet 4.9.7-->"E:\YouTubeGet\unins000.exe"Zuma for Pocket PC-->C:\Program Files\Astraware\Zuma for Pocket PC\uninst.exe=====HijackThis Backups=====O3 - Toolbar: Megaupload Toolbar - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLLO2 - BHO: Megaupload Toolbar - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLLO9 - Extra 'Tools' menuitem: Utwórz Ulubione dla urządzenia przenośnego... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dllO9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dllF2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\TEMP\init.exeR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.wyborcza.pl/0,0.html?p=007O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dllO23 - Service: Microsoft security update service (msupdate) - Unknown owner - c:\windows\system32\msvcrtd.exeO23 - Service: Usługa inteligentnego transferu w tle (BITS) - Unknown owner - C:\WINDOWS\O20 - Winlogon Notify: crypt - C:\WINDOWS\SYSTEM32\crypts.dllO23 - Service: Microsoft security update service (msupdate) - Unknown owner - c:\windows\system32\msvcrtd.exeO23 - Service: Microsoft security update service (msupdate) - Unknown owner - c:\windows\system32\msvcrtd.exeF2 - REG:system.ini: UserInit=C:\WINDOWS\SYSTEM32\Userinit.exe,C:\WINDOWS\TEMP\init.exeO23 - Service: Microsoft security update service (msupdate) - Unknown owner - c:\windows\system32\msvcrtd.exeO4 - Startup: DisabledO23 - Service: Microsoft security update service (msupdate) - Unknown owner - c:\windows\system32\msvcrtd.exeO23 - Service: Usługa inteligentnego transferu w tle (BITS) - Unknown owner - C:\WINDOWS\O2 - BHO: Skype Control Class - {9018F6A8-2495-45DF-9F16-C738F8F3C8FF} - C:\WINDOWS\system32\SkypeComm.dllO23 - Service: Microsoft security update service (msupdate) - Unknown owner - c:\windows\system32\msvcrtd.exeO23 - Service: Microsoft security update service (msupdate) - Unknown owner - c:\windows\system32\msvcrtd.exe (file missing)O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exeO23 - Service: Usługa inteligentnego transferu w tle (BITS) - Unknown owner - C:\WINDOWS\O23 - Service: Microsoft security update service (msupdate) - Unknown owner - c:\windows\system32\msvcrtd.exe (file missing)System event logComputer Name: KOMPUTEREvent Code: 10005Message: Model DCOM odebrał błąd ?%1084? podczas próby uruchomienia usługi StiSvc z argumentami ??w celu uruchomienia serwera:{A1F4E726-8CF1-11D1-BF92-0060081ED811}Record Number: 5Source Name: DCOMTime Written: 20090223134102.000000+060Event Type: błądUser: KOMPUTER\iwanComputer Name: KOMPUTEREvent Code: 10005Message: Model DCOM odebrał błąd ?%1084? podczas próby uruchomienia usługi EventSystem z argumentami ??w celu uruchomienia serwera:{1BE1F766-5536-11D1-B726-00C04FB926AF}Record Number: 4Source Name: DCOMTime Written: 20090223134034.000000+060Event Type: błądUser: ZARZĄDZANIE NT\SYSTEMComputer Name: KOMPUTEREvent Code: 1007Message: Komputer ma automatycznie skonfigurowany adres IP dla kartysieciowej o adresie 0019DBF38D8A. Używanym adresem IP jest 169.254.236.114.Record Number: 3Source Name: DhcpTime Written: 20090223134024.000000+060Event Type: ostrzeżenieUser: Computer Name: KOMPUTEREvent Code: 6005Message: Uruchomiono usługę Dziennik zdarzeń.Record Number: 2Source Name: EventLogTime Written: 20090223133923.000000+060Event Type: informacjeUser: Computer Name: KOMPUTEREvent Code: 6009Message: Microsoft ® Windows ® 5.01. 2600 Dodatek Service Pack 3 Multiprocessor Free.Record Number: 1Source Name: EventLogTime Written: 20090223133923.000000+060Event Type: informacjeUser: Application event logComputer Name: KOMPUTEREvent Code: 0Message: Record Number: 256Source Name: ServiceLayerTime Written: 20081013222026.000000+120Event Type: informacjeUser: Computer Name: KOMPUTEREvent Code: 4Message: The LightScribe Service started successfully.Record Number: 255Source Name: LightScribeServiceTime Written: 20081013222021.000000+120Event Type: informacjeUser: Computer Name: KOMPUTEREvent Code: 1800Message: Usługa Centrum zabezpieczeń systemu Windows została uruchomiona.Record Number: 254Source Name: SecurityCenterTime Written: 20081013202454.000000+120Event Type: informacjeUser: Computer Name: KOMPUTEREvent Code: 0Message: Record Number: 253Source Name: ServiceLayerTime Written: 20081013202453.000000+120Event Type: informacjeUser: Computer Name: KOMPUTEREvent Code: 4Message: The LightScribe Service started successfully.Record Number: 252Source Name: LightScribeServiceTime Written: 20081013202448.000000+120Event Type: informacjeUser: ======Environment variables======"ComSpec"=%SystemRoot%\system32\cmd.exe"Path"=C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem"windir"=%SystemRoot%"FP_NO_HOST_CHECK"=NO"OS"=Windows_NT"PROCESSOR_ARCHITECTURE"=x86"PROCESSOR_LEVEL"=6"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 6, GenuineIntel"PROCESSOR_REVISION"=1706"NUMBER_OF_PROCESSORS"=2"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH"TEMP"=%SystemRoot%\TEMP"TMP"=%SystemRoot%\TEMP"RGSCLauncher"=E:\Gry\Rockstar Games\Rockstar Games Social Club"RGSC"=E:\Gry\Rockstar Games\Rockstar Games Social Club\1_0_0_0-----------------EOF-----------------

log

Logfile of random's system information tool 1.05 (written by random/random)Run by iwan at 2009-02-23 15:55:27Microsoft Windows XP Professional Dodatek Service Pack 3System drive C: has 6 GB (36%) free of 16 GBTotal RAM: 2047 MB (79% free)Logfile of Trend Micro HijackThis v2.0.2Scan saved at 15:55:28, on 2009-02-23Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Microsoft ActiveSync\wcescomm.exeC:\PROGRA~1\MICROS~2\rapimgr.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Common Files\LightScribe\LSSrvc.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\HPZipm12.exeC:\WINDOWS\system32\PnkBstrA.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\explorer.exeE:\Program Files\Opera\opera.exeC:\Documents and Settings\iwan\Pulpit\Nowy folder (2)\RSIT.exeE:\Program Files\Trend Micro\HijackThis\iwan.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://nasza-klasa.pl/R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = ŁączaO2 - BHO: SnagIt Toolbar Loader - {00c6482d-c502-44c8-8409-fce54ad9c208} - E:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dllO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dllO2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO2 - BHO: flashget urlcatch - {2f364306-aa45-47b5-9f9d-39a8b94e7ef7} - e:\Program Files\FlashGet\jccatch.dllO2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dllO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dllO2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllO2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - e:\Program Files\FlashGet\getflash.dllO3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - E:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dllO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartupO4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')O8 - Extra context menu item: &Download All with FlashGet - E:\Program Files\FlashGet\jc_all.htmO8 - Extra context menu item: &Download with FlashGet - E:\Program Files\FlashGet\jc_link.htmO8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200O8 - Extra context menu item: block frame with ad muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=0.4&pass=K5PN70AI&id=menu_ie_frameO8 - Extra context menu item: block image with ad muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=0.4&pass=K5PN70AI&id=menu_ie_imageO8 - Extra context menu item: block link with ad muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=0.4&pass=K5PN70AI&id=menu_ie_linkO8 - Extra context menu item: don't filter page with ad muncher - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=0.4&pass=K5PN70AI&id=menu_ie_excludeO8 - Extra context menu item: Pobierz za pomocą Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htmO8 - Extra context menu item: report page to the ad muncher developers - http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=0.4&pass=K5PN70AI&id=menu_ie_reportO9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - e:\Program Files\FlashGet\FlashGet.exeO9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - e:\Program Files\FlashGet\FlashGet.exeO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{BEB32B14-E89E-47CC-9A9C-C1DE79A4F20D}: NameServer = 217.30.129.149 217.30.137.200O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLLO23 - Service: Usługa inteligentnego transferu w tle (BITS) - Unknown owner - C:\WINDOWS\O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exeO23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exeO23 - Service: Microsoft security update service (msupdate) - Unknown owner - c:\windows\system32\msvcrtd.exe (file missing)O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exeO23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exeO23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exeO23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe--End of file - 6062 bytes======Registry dump======[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00c6482d-c502-44c8-8409-fce54ad9c208}]SnagIt Toolbar Loader - E:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll [2008-09-22 66888][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-11-07 1088296][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2f364306-aa45-47b5-9f9d-39a8b94e7ef7}]FGCatchUrl - e:\Program Files\FlashGet\jccatch.dll [2007-08-06 94308][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-01-20 320920][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-01-20 34816][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-01-20 73728][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F156768E-81EF-470C-9057-481BA8380DBA}]FlashGet GetFlash Class - e:\Program Files\FlashGet\getflash.dll [2007-05-18 163840][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - SnagIt - E:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll [2008-09-22 161096][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-02-09 13680640][HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]"dontdisplaylastusername"=0"legalnoticecaption"="legalnoticetext"="shutdownwithoutlogon"=1"undockwithoutlogon"=1[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]"NoDriveTypeAutoRun"=91000000[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019""%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000""E:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="E:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe""E:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="E:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe""E:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="E:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe""E:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="E:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe""E:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="E:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe""E:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="E:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe""E:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="E:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe""E:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="E:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe""E:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="E:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe""E:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="E:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe""E:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="E:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe""E:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="E:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe""C:\Program Files\Winamp Remote\bin\Orb.exe"="C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb""C:\Program Files\Winamp Remote\bin\OrbTray.exe"="C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray""C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"="C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client""E:\Program Files\WapSter\WapSter AQQ\AQQ.exe"="E:\Program Files\WapSter\WapSter AQQ\AQQ.exe:*:Enabled:AQQ""E:\Program Files\FlashGet\flashget.exe"="E:\Program Files\FlashGet\flashget.exe:*:Enabled:Flashget""E:\Program Files\uTorrent\uTorrent.exe"="E:\Program Files\uTorrent\uTorrent.exe:*:Enabled:?Torrent""E:\Gry\Pro Evolution Soccer 2008\PES2008.exe"="E:\Gry\Pro Evolution Soccer 2008\PES2008.exe:*:Enabled:Pro Evolution Soccer 2008""E:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe"="E:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009""E:\Program Files\SopCast\adv\SopAdver.exe"="E:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver""E:\Program Files\SopCast\SopCast.exe"="E:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application""E:\Gry\Ubisoft\Gearbox Software\Brothers in Arms - Hell's Highway\Binaries\biahh.exe"="E:\Gry\Ubisoft\Gearbox Software\Brothers in Arms - Hell's Highway\Binaries\biahh.exe:*:Disabled:biahh""E:\Gry\Ubisoft\Far Cry 2\bin\FarCry2.exe"="E:\Gry\Ubisoft\Far Cry 2\bin\FarCry2.exe:*:Enabled:Far Cry 2""E:\Gry\Ubisoft\Far Cry 2\bin\FC2Launcher.exe"="E:\Gry\Ubisoft\Far Cry 2\bin\FC2Launcher.exe:*:Enabled:Far Cry 2 Updater""E:\Gry\Ubisoft\Far Cry 2\bin\FC2Editor.exe"="E:\Gry\Ubisoft\Far Cry 2\bin\FC2Editor.exe:*:Enabled:Editor""C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA""C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB""E:\Gry\Codemasters\DiRT\DiRT.exe"="E:\Gry\Codemasters\DiRT\DiRT.exe:*:Disabled:DiRT Executable""E:\Gry\Codemasters\GRID\GRID.exe"="E:\Gry\Codemasters\GRID\GRID.exe:*:Enabled:GRID""C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager""C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager""C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application""E:\Program Files\Sports Interactive\Football Manager 2009\fm.exe"="E:\Program Files\Sports Interactive\Football Manager 2009\fm.exe:*:Enabled:Football Manager 2009""C:\Documents and Settings\iwan\Pulpit\MathCast089\MathCast.exe"="C:\Documents and Settings\iwan\Pulpit\MathCast089\MathCast.exe:*:Enabled:MathCast Equation Editor""E:\Gry\KONAMI\Pro Evolution Soccer 2009\pes2009.exe"="E:\Gry\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009""E:\Gry\Ubisoft\Prince of Persia\Prince of Persia.exe"="E:\Gry\Ubisoft\Prince of Persia\Prince of Persia.exe:*:Enabled:Prince of Persia Dx""E:\Gry\Ubisoft\Prince of Persia\PrinceOfPersia_Launcher.exe"="E:\Gry\Ubisoft\Prince of Persia\PrinceOfPersia_Launcher.exe:*:Enabled:Prince of Persia Update""E:\Gry\EA Games\Mirror's Edge\Binaries\MirrorsEdge.exe"="E:\Gry\EA Games\Mirror's Edge\Binaries\MirrorsEdge.exe:*:Enabled:Mirror's Edge?""E:\Gry\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe"="E:\Gry\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:*:Disabled:Grand Theft Auto IV""E:\Gry\Rockstar Games\Grand Theft Auto IV\GTAIV.exe"="E:\Gry\Rockstar Games\Grand Theft Auto IV\GTAIV.exe:*:Disabled:Grand Theft Auto IV""E:\Gry\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe"="E:\Gry\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Disabled:Rockstar Games Social Club""E:\Gry\Electronic Arts\Burnout Paradise The Ultimate Box\BurnoutLauncher.exe"="E:\Gry\Electronic Arts\Burnout Paradise The Ultimate Box\BurnoutLauncher.exe:*:Enabled:Burnout Paradise The Ultimate Box""E:\Gry\Electronic Arts\Burnout Paradise The Ultimate Box\BurnoutConfigTool.exe"="E:\Gry\Electronic Arts\Burnout Paradise The Ultimate Box\BurnoutConfigTool.exe:*:Enabled:Burnout Paradise The Ultimate Box""E:\Gry\Electronic Arts\Burnout Paradise The Ultimate Box\BurnoutParadise.exe"="E:\Gry\Electronic Arts\Burnout Paradise The Ultimate Box\BurnoutParadise.exe:*:Enabled:Burnout Paradise The Ultimate Box""C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath ""C:\WINDOWS\TEMP\init.exe"="C:\WINDOWS\TEMP\init.exe:*:Enabled:ENABLE"[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019""%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000""C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager""C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager""C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"======File associations======.ini - open - "E:\Program Files\GetDiz\GetDiz.exe" "%1"======List of files/folders created in the last 1 months======2009-02-23 15:55:27 ----D---- C:\rsit2009-02-23 15:52:29 ----D---- C:\WINDOWS\ERUNT2009-02-23 15:52:29 ----D---- C:\WINDOWS\ERDNT2009-02-23 15:52:29 ----D---- C:\ERDNT2009-02-23 15:52:26 ----D---- C:\!FixIEDef2009-02-23 15:23:10 ----A---- C:\combofix.exe2009-02-22 23:36:06 ----A---- C:\WINDOWS\system32\h323log.txt2009-02-22 22:57:05 ----SHD---- C:\WINDOWS\CSC2009-02-22 22:51:24 ----A---- C:\WINDOWS\system32\hccoin.dll2009-02-22 22:50:44 ----A---- C:\WINDOWS\system32\usbui.dll2009-02-22 13:32:29 ----A---- C:\WINDOWS\system32\CSVer.dll2009-02-22 13:27:09 ----D---- C:\Documents and Settings\iwan\Dane aplikacji\DivX2009-02-22 13:26:42 ----A---- C:\WINDOWS\system32\crypts.dll2009-02-22 13:25:26 ----D---- C:\Program Files\DivX2009-02-22 13:22:44 ----A---- C:\WINDOWS\system32\XCEEDZIP.DLL2009-02-22 13:22:44 ----A---- C:\WINDOWS\system32\XceedCry.dll2009-02-22 13:22:43 ----D---- C:\Program Files\Driver Magician2009-02-21 16:10:14 ----D---- C:\WINDOWS\nview2009-02-21 16:10:14 ----A---- C:\WINDOWS\system32\nvudisp.exe2009-02-21 16:09:42 ----A---- C:\WINDOWS\system32\NVUNINST.EXE2009-02-21 16:09:22 ----D---- C:\NVIDIA2009-02-15 15:22:09 ----A---- C:\WINDOWS\Burnout Paradise The Ultimate Box Patch Log.txt2009-02-15 15:14:03 ----A---- C:\WINDOWS\system32\d3dx10_40.dll2009-02-15 15:14:03 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll2009-02-15 15:14:02 ----A---- C:\WINDOWS\system32\XAudio2_3.dll2009-02-15 15:14:02 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll2009-02-15 15:14:02 ----A---- C:\WINDOWS\system32\xactengine3_3.dll2009-02-15 15:14:02 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll2009-02-15 15:14:02 ----A---- C:\WINDOWS\system32\D3DX9_40.dll2009-02-11 21:29:38 ----D---- C:\WINDOWS\system32\IOSUBSYS2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nwiz.exe2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvwssr.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvwss.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvwrszht.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvwrszhc.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvwrstr.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvwrsth.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvwrssv.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvwrssl.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvwrssk.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvwrsru.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvwrsptb.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvwrspt.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvwrspl.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvwrsno.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvwrsnl.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvwrsko.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvwrsja.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvwrsit.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvwrshu.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvwrshe.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvwrsfr.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvwrsfi.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvwrsesm.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvwrses.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvwrseng.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvwrsel.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvwrsde.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvwrsda.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvwrscs.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvwrsar.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvwimg.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvwdmcpl.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvwddi.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvvitvsr.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvvitvs.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvsvc32.exe2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvshell.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvrszht.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvrszhc.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvrstr.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvrsth.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvrssv.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvrssl.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvrssk.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvrsru.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvrsptb.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvrspt.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvrspl.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvrsno.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvrsnl.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvrsko.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvrsja.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvrsit.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvrshu.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvrshe.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvrsfr.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvrsfi.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvrsesm.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvrses.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvrseng.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvrsel.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvrsde.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvrsda.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvrscs.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvrsar.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvoglnt.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvmoblsr.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvmobls.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvmctray.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvmccssr.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvmccss.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvmccsrs.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvmccs.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nview.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvgamesr.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvgames.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvdspsch.exe2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvdispsr.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvdisps.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvcuvid.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvcuda.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvcpluir.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvcplui.exe2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvcpl.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvcolor.exe2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvcodins.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvcod.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvappbar.exe2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nvapi.dll2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\keystone.exe2009-02-01 18:26:15 ----D---- C:\WINDOWS\system32\Adobe2009-01-26 14:07:07 ----N---- C:\WINDOWS\system32\spmsgXP_2k3.dll2009-01-26 14:07:04 ----HDC---- C:\WINDOWS\$NtUninstallWdf01007$2009-01-25 17:25:15 ----D---- C:\Program Files\Common Files\PCSuite2009-01-25 17:25:14 ----D---- C:\Program Files\Common Files\Nokia2009-01-25 17:24:54 ----D---- C:\Program Files\PC Connectivity Solution2009-01-25 17:24:44 ----A---- C:\WINDOWS\system32\wdfcoinstaller01007.dll======List of files/folders modified in the last 1 months======2009-02-23 15:52:56 ----D---- C:\WINDOWS\Temp2009-02-23 15:52:29 ----D---- C:\WINDOWS2009-02-23 15:52:26 ----D---- C:\WINDOWS\system322009-02-23 15:41:02 ----A---- C:\WINDOWS\SchedLgU.Txt2009-02-23 15:17:27 ----A---- C:\WINDOWS\IE4 Error Log.txt2009-02-23 15:12:47 ----A---- C:\WINDOWS\ntbtlog.txt2009-02-23 14:59:55 ----D---- C:\Documents and Settings\iwan\Dane aplikacji\uTorrent2009-02-23 14:33:58 ----A---- C:\WINDOWS\NeroDigital.ini2009-02-23 13:51:32 ----D---- C:\Program Files\SkanerOnline2009-02-23 12:50:11 ----D---- C:\WINDOWS\system32\CatRoot22009-02-23 12:49:48 ----D---- C:\Documents and Settings\iwan\Dane aplikacji\Skype2009-02-23 12:27:07 ----D---- C:\Documents and Settings\iwan\Dane aplikacji\skypePM2009-02-22 23:41:58 ----D---- C:\WINDOWS\Prefetch2009-02-22 23:22:53 ----D---- C:\WINDOWS\system32\drivers2009-02-22 23:20:57 ----SHD---- C:\WINDOWS\Installer2009-02-22 23:20:57 ----HD---- C:\WINDOWS\inf2009-02-22 23:20:56 ----D---- C:\Documents and Settings\iwan\Dane aplikacji\MegauploadToolbar2009-02-22 23:20:56 ----D---- C:\Documents and Settings\iwan\Dane aplikacji\EmailNotifier2009-02-22 23:08:34 ----D---- C:\WINDOWS\network diagnostic2009-02-22 22:49:16 ----D---- C:\WINDOWS\system32\CatRoot2009-02-22 22:40:25 ----D---- C:\Documents and Settings\iwan\Dane aplikacji\OpenOffice.org22009-02-22 13:32:46 ----RSHDC---- C:\WINDOWS\system32\dllcache2009-02-22 13:26:24 ----RD---- C:\Program Files2009-02-22 13:25:34 ----HD---- C:\Config.Msi2009-02-22 13:24:21 ----D---- C:\tmp2009-02-21 16:11:00 ----D---- C:\Program Files\Common Files\Wise Installation Wizard2009-02-21 16:10:41 ----D---- C:\Program Files\AGEIA Technologies2009-02-21 16:10:18 ----D---- C:\WINDOWS\Help2009-02-15 15:14:04 ----D---- C:\WINDOWS\system32\DirectX2009-02-15 15:13:54 ----RSD---- C:\WINDOWS\assembly2009-02-14 16:00:09 ----D---- C:\Documents and Settings2009-02-13 15:43:23 ----D---- C:\Documents and Settings\iwan\Dane aplikacji\PC Suite2009-02-11 19:35:33 ----SD---- C:\Documents and Settings\iwan\Dane aplikacji\Microsoft2009-02-09 13:18:00 ----A---- C:\WINDOWS\system32\nv4_disp.dll2009-02-06 12:08:12 ----D---- C:\Documents and Settings\iwan\Dane aplikacji\Nokia2009-02-03 15:57:03 ----A---- C:\WINDOWS\unins000.exe2009-02-01 18:27:39 ----D---- C:\Documents and Settings\iwan\Dane aplikacji\Macromedia2009-02-01 18:27:39 ----D---- C:\Documents and Settings\iwan\Dane aplikacji\Adobe2009-02-01 18:27:38 ----D---- C:\WINDOWS\system32\Macromed2009-02-01 18:26:16 ----SD---- C:\WINDOWS\Downloaded Program Files2009-01-26 14:08:30 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI2009-01-25 17:25:26 ----DC---- C:\WINDOWS\system32\DRVSTORE2009-01-25 17:25:15 ----D---- C:\Program Files\Common Files2009-01-25 17:24:03 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Installations======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======R1 intelppm;Sterownik procesora Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448]R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\e:\Program Files\UltraISO\drivers\ISODrive.sys []R3 Arp1394;Protokół klienta 1394 ARP; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]R3 DynCal;Dynamic Calibration Service; C:\WINDOWS\system32\drivers\Dyncal.sys [2005-09-26 8576]R3 HDAudBus;Sterownik magistrali Microsoft UAA dla High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]R3 HidUsb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-06-22 4432384]R3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2005-11-10 12160]R3 NIC1394;Sterownik sieci 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-02-09 6307328]R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2007-04-14 94592]R3 usbehci;Sterownik Miniport rozszerzonego kontrolera hosta USB 2.0 Microsoft; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]R3 usbhub;Standardowy sterownik koncentratora USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]R3 ZSMC301b;Vimicro USB PC Camera (VC0305); C:\WINDOWS\System32\Drivers\usbVM31b.sys [2004-08-17 91263]S3 CCDECODE;Dekoder napisów; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]S3 DualCoreCenter;DualCoreCenter; \??\e:\Program Files\MSI\DualCoreCenter\NTGLM7X.sys []S3 GMSIPCI;GMSIPCI; \??\H:\INSTALL\GMSIPCI.SYS []S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-12 49664]S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-12 16496]S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-12 21568]S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]S3 NABTSFEC;Koder-dekoder NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]S3 NdisIP;Połączenie TV/wideo firmy Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-09-15 17664]S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-09-15 22016]S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]S3 RushTopDevice2;RushTopDevice2; \??\e:\Program Files\MSI\DualCoreCenter\RushTop.sys []S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2005-08-17 58352]S3 sscdmdfl;SAMSUNG CDMA Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2005-08-17 8272]S3 sscdmdm;SAMSUNG CDMA Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2005-08-17 93872]S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2008-09-15 8064]S3 usb_rndisx;Karta USB RNDIS; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-13 12800]S3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]S3 usbprint;Klasa PRINTER USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]S3 usbscan;Sterownik skanera USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2008-09-15 8064]S3 usbstor;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]S3 WSTCODEC;Kodery-dekodery teletekstu w standardzie światowym; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-01-20 152984]R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-02-17 73728]R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-02-09 163908]R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2008-11-23 66872]R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]S2 msupdate;Microsoft security update service; c:\windows\system32\msvcrtd.exe []S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-04 136120]S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544]S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]-----------------EOF-----------------

Mateusz J.
komentarz
komentarz

Proszę wykonać loga z ComboFix.

iwan59
komentarz
komentarz

Combofix nie reaguje. Ani w normalnym trybie, ani w trybie awaryjnym. Nie ma też żadnego błędu związanego z jego nieuruchomieniem.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.