muaddib utworzono 25 marca 2009 utworzono 25 marca 2009 proszę o pomoc w usunięciu wirusa confickter i rozwiązaniu problemu z brakiem stabilnej pracy systemu objawy są następujące: wyskakujące komunikaty programu antywirusowego NOD 32 migające okienka oraz znikające sterowniki z tabletu wacom i kart dźwiękowej do tego pasek startowy z systemu xp zmienia wygląd na win 95 do rozstrzygnięcia problemu przesyłam logi: HijackThis Logfile of Trend Micro HijackThis v2.0.2Scan saved at 20:45:12, on 2009-03-25Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Eset\nod32kui.exeC:\Program Files\Nero\Nero 7\InCD\NBHGui.exeC:\Program Files\Nero\Nero 7\InCD\InCD.exeC:\Program Files\HP\HP Software Update\HPWuSchd2.exeC:\Program Files\Java\jre6\bin\jusched.exeC:\WINDOWS\system32\RUNDLL32.EXEC:\Program Files\ASUS\GamerOSD\GamerOSD.exeC:\WINDOWS\RTHDCPL.EXEC:\WINDOWS\ATKKBService.exeC:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exeC:\Program Files\Gadu-Gadu\gg.exeC:\Program Files\ASUS\SmartDoctor\SmartDoctor.exeC:\Program Files\Nero\Nero 7\InCD\InCDsrv.exeC:\Program Files\Common Files\LightScribe\LSSrvc.exeC:\Program Files\HP\Digital Imaging\bin\hpqtra08.exeC:\Program Files\Eset\nod32krn.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\Tablet.exeC:\WINDOWS\system32\WTablet\TabUserW.exeC:\WINDOWS\system32\Tablet.exeC:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exeC:\WINDOWS\system32\wscntfy.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Opera\opera.exeC:\Program Files\OpenOffice.org 2.4\program\soffice.exeC:\Program Files\OpenOffice.org 2.4\program\soffice.BINC:\Program Files\HijackThis\HijackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.comR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.localR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = ŁączaO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dllO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dllO2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllO4 - HKLM\..\Run: [skyTel] SkyTel.EXEO4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICEO4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exeO4 - HKLM\..\Run: [securDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exeO4 - HKLM\..\Run: [inCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exeO4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exeO4 - HKLM\..\Run: [MP10_EnsureFileVer] C:\WINDOWS\inf\unregmp2.exe /EnsureFileVersionsO4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exeO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [nwiz] nwiz.exe /installO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInitO4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exeO4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXEO4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXEO4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hiddenO4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /trayO4 - HKCU\..\Run: [ASUS SmartDoctor] C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe /startO4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exeO4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exeO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dllO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exeO23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exeO23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exeO23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exeO23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exeO23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exeO23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exeO23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exeO23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exeO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exeO23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exeO23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe--End of file - 6486 bytes logi z ComboFix: ComboFix 09-03-23.01 - piotr 2009-03-25 20:48:46.2 - NTFSx86Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.2047.1466 [GMT 1:00]Uruchomiony z: d:\programy\ComboFix.exeAV: System Antywirusowy NOD32 2.51 *On-access scanning enabled* (Updated) * Utworzono nowy punkt przywracania.((((((((((((((((((((((((( Pliki utworzone od 2009-02-25 do 2009-03-25 ))))))))))))))))))))))))))))))).2009-03-19 15:33 . 2009-03-19 15:33 <DIR> d-------- c:\program files\Common Files\IPSPI2009-03-11 20:12 . 2009-03-11 20:12 <DIR> d-------- c:\documents and settings\piotr.ADHD-EF58F9B01A\Dane aplikacji\HDRsoft2009-03-11 20:07 . 2009-03-11 20:07 <DIR> d-------- c:\program files\PhotomatixPro32009-03-04 00:23 . 2009-03-04 00:23 <DIR> d-------- c:\program files\PITy2009-03-03 23:19 . 2006-09-11 12:45 1,161,088 -ra------ c:\windows\system32\drivers\nvnrm.sys2009-03-03 23:19 . 2006-09-11 10:06 356,352 --a------ c:\windows\system32\nvunrm.exe2009-03-03 23:19 . 2006-09-11 12:44 261,632 -ra------ c:\windows\system32\drivers\nvsnpu.sys2009-03-03 23:19 . 2006-09-11 12:43 201,728 -ra------ c:\windows\system32\fdco1.dll2009-03-03 23:19 . 2006-09-11 12:45 110,592 -ra------ c:\windows\system32\drivers\nvtcp.sys2009-03-03 23:19 . 2006-09-11 12:45 57,856 -ra------ c:\windows\system32\drivers\NVENETFD.sys2009-03-03 23:19 . 2006-09-11 10:06 35,840 -ra------ c:\windows\system32\nvconrm.dll2009-03-03 23:19 . 2006-09-11 12:45 19,968 -ra------ c:\windows\system32\drivers\nvnetbus.sys2009-03-03 23:19 . 2006-09-11 12:43 11,264 -ra------ c:\windows\system32\bdco1.dll2009-03-03 23:19 . 2006-09-11 09:14 3,903 --a------ c:\windows\system32\nvnrm.nvu2009-03-02 18:40 . 2009-03-02 18:40 <DIR> d-------- c:\windows\OPTIONS2009-03-02 18:39 . 2004-08-04 21:43 761,344 --------- c:\windows\system32\autorun.exe2009-03-02 18:10 . 2009-03-02 18:10 <DIR> d-------- c:\program files\Marvell2009-03-01 22:25 . 2009-03-01 22:24 12,288 --a------ c:\windows\system32\drivers\EIO64_xp.sys2009-03-01 22:16 . 2009-03-01 22:16 <DIR> d-------- c:\windows\nview2009-03-01 22:16 . 2009-02-05 10:54 453,152 --a------ c:\windows\system32\NVUNINST.EXE2009-03-01 22:16 . 2009-02-09 13:18 453,152 --a------ c:\windows\system32\nvudisp.exe2009-03-01 22:16 . 2009-03-25 19:29 210,919 --a------ c:\windows\system32\nvapps.xml2009-03-01 22:16 . 2009-02-09 13:18 18,795 --a------ c:\windows\system32\nvdisp.nvu2009-03-01 22:15 . 2009-03-01 22:15 <DIR> d-------- C:\NVIDIA2009-03-01 21:42 . 2009-03-01 22:19 18,794,528 --ahs---- c:\windows\system32\drivers\fidbox.dat2009-03-01 21:42 . 2009-03-01 22:19 224,456 --ahs---- c:\windows\system32\drivers\fidbox.idx2009-03-01 21:33 . 2009-03-01 21:33 <DIR> d-------- c:\documents and settings\piotr.ADHD-EF58F9B01A\Dane aplikacji\ArcaBit2009-03-01 20:31 . 2009-03-01 23:07 <DIR> d-------- c:\documents and settings\piotr.ADHD-EF58F9B01A\Dane aplikacji\ArcaMicroScan2009-03-01 20:09 . 2009-03-01 20:09 <DIR> d-------- c:\documents and settings\piotr.ADHD-EF58F9B01A\DoctorWeb2009-03-01 18:09 . 2005-05-03 03:43 69,632 --a------ c:\windows\ALCMTR.EXE2009-02-28 21:44 . 2009-02-28 21:44 <DIR> d-------- c:\program files\Common Files\DirectX2009-02-28 21:43 . 2008-11-18 12:18 348,160 --a------ c:\windows\system32\msvcr71.dll2009-02-28 17:54 . 2009-02-28 17:54 <DIR> d--hs---- C:\found.003.(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))).2009-03-25 19:29 --------- d-----w c:\documents and settings\piotr.ADHD-EF58F9B01A\Dane aplikacji\OpenOffice.org22009-03-25 18:29 --------- d-----w c:\documents and settings\piotr.ADHD-EF58F9B01A\Dane aplikacji\WTablet2009-03-25 18:14 --------- d-----w c:\documents and settings\LocalService.ZARZĄDZANIE NT.000\Dane aplikacji\WTablet2009-03-25 18:14 --------- d-----w c:\documents and settings\LocalService.ZARZĄDZANIE NT.000\Dane aplikacji\WTablet2009-03-25 18:14 --------- d-----w c:\documents and settings\LocalService.ZARZĄDZANIE NT.000\Dane aplikacji\WTablet2009-03-25 10:57 --------- d-----w c:\documents and settings\Aga\Dane aplikacji\WTablet2009-03-24 07:16 --------- d-----w c:\documents and settings\Motylek182\Dane aplikacji\WTablet2009-03-21 20:07 196,608 ----a-w c:\windows\system32\drivers\nAsmedia.bin2009-03-02 17:39 --------- d--h--w c:\program files\InstallShield Installation Information2009-03-01 21:17 --------- d-----w c:\program files\Common Files\Wise Installation Wizard2009-03-01 21:17 --------- d-----w c:\program files\AGEIA Technologies2009-03-01 17:09 --------- d-----w c:\program files\Realtek2009-03-01 15:39 --------- d-----w c:\documents and settings\piotr.ADHD-EF58F9B01A\Dane aplikacji\Hamachi2009-02-28 11:32 --------- d-----w c:\documents and settings\Motylek182\Dane aplikacji\OpenOffice.org22009-02-27 12:54 --------- d-----w c:\program files\Eset2009-02-22 13:00 --------- d-----w c:\documents and settings\Aga\Dane aplikacji\HP2009-02-18 21:05 --------- d-----w c:\program files\Java2009-02-08 13:49 --------- d-----w c:\program files\Dziobas Rar Player2009-01-25 14:39 --------- d-----w c:\program files\Tablet2009-01-16 17:24 70,936 ----a-w c:\windows\system32\PhysXLoader.dll2009-01-10 19:49 21,840 ----atw c:\windows\system32\SIntfNT.dll2009-01-10 19:49 17,212 ----atw c:\windows\system32\SIntf32.dll2009-01-10 19:49 12,067 ----atw c:\windows\system32\SIntf16.dll.((((((((((((((((((((((((((((( SnapShot@2009-03-05_12.07.45,75 ))))))))))))))))))))))))))))))))))))))))).- 2004-08-03 22:08:00 60,288 -c--a-w c:\windows\system32\dllcache\drmk.sys+ 2004-08-03 21:08:00 60,288 -c--a-w c:\windows\system32\dllcache\drmk.sys- 2004-08-03 22:15:22 140,928 -c--a-w c:\windows\system32\dllcache\ks.sys+ 2004-08-03 21:15:22 140,928 -c--a-w c:\windows\system32\dllcache\ks.sys- 2004-08-03 22:08:04 48,640 -c--a-w c:\windows\system32\dllcache\stream.sys+ 2004-08-03 21:08:04 48,640 -c--a-w c:\windows\system32\dllcache\stream.sys- 2004-08-03 22:08:00 60,288 ----a-w c:\windows\system32\drivers\drmk.sys+ 2004-08-03 21:08:00 60,288 ----a-w c:\windows\system32\drivers\drmk.sys- 2004-08-03 22:15:22 140,928 ----a-w c:\windows\system32\drivers\ks.sys+ 2004-08-03 21:15:22 140,928 ----a-w c:\windows\system32\drivers\ks.sys- 2004-08-03 22:08:04 48,640 ----a-w c:\windows\system32\drivers\stream.sys+ 2004-08-03 21:08:04 48,640 ----a-w c:\windows\system32\drivers\stream.sys- 2009-01-16 22:39:30 62,480 ----a-w c:\windows\system32\perfc009.dat+ 2009-03-16 21:20:45 62,344 ----a-w c:\windows\system32\perfc009.dat- 2009-01-16 22:39:30 79,408 ----a-w c:\windows\system32\perfc015.dat+ 2009-03-16 21:20:45 79,188 ----a-w c:\windows\system32\perfc015.dat- 2009-01-16 22:39:30 401,200 ----a-w c:\windows\system32\perfh009.dat+ 2009-03-16 21:20:45 401,064 ----a-w c:\windows\system32\perfh009.dat- 2009-01-16 22:39:30 458,022 ----a-w c:\windows\system32\perfh015.dat+ 2009-03-16 21:20:45 457,678 ----a-w c:\windows\system32\perfh015.dat.((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))..*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-04-19 484904]"Gadu-Gadu"="c:\program files\Gadu-Gadu\gg.exe" [2008-03-20 2127296]"ASUS SmartDoctor"="c:\program files\ASUS\SmartDoctor\SmartDoctor.exe" [2009-01-23 1171456][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"nod32kui"="c:\program files\Eset\nod32kui.exe" [2008-10-07 917504]"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]"SecurDisc"="c:\program files\Nero\Nero 7\InCD\NBHGui.exe" [2007-05-15 1628208]"InCD"="c:\program files\Nero\Nero 7\InCD\InCD.exe" [2007-05-15 1057328]"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152]"MP10_EnsureFileVer"="c:\windows\inf\unregmp2.exe" [2004-08-03 208896]"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-10 136600]"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-02-09 13680640]"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-02-09 86016]"ASUSGamerOSD"="c:\program files\ASUS\GamerOSD\GamerOSD.exe" [2008-12-22 380928]"SkyTel"="SkyTel.EXE" [2006-05-16 c:\windows\SkyTel.exe]"nwiz"="nwiz.exe" [2009-02-09 c:\windows\system32\nwiz.exe]"RTHDCPL"="RTHDCPL.EXE" [2006-10-30 c:\windows\RTHDCPL.exe][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]c:\documents and settings\piotr.ADHD-EF58F9B01A\Menu Start\Programy\Autostart\OpenOffice.org 2.4.lnk - c:\program files\OpenOffice.org 2.4\program\quickstart.exe [2008-01-21 393216]c:\documents and settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 288472][HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]"vidc.asv2"= asusasv2.dll"vidc.DIV3"= DivXc32.dll"vidc.DIV4"= DivXc32f.dll"msacm.divxa32"= DivXa32.acm"vidc.DVX4"= DivX4.dll[HKEY_LOCAL_MACHINE\software\microsoft\security center]"AntiVirusDisableNotify"=dword:00000001"UpdatesDisableNotify"=dword:00000001[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]"EnableFirewall"= 0 (0x0)[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"d:\\Program Files\\DC++\\DCPlusPlus.exe"="f:\\Programy\\Gry\\Assassin's Creed\\AssassinsCreed_Dx9.exe"="f:\\Programy\\Gry\\Assassin's Creed\\AssassinsCreed_Dx10.exe"="f:\\Programy\\Gry\\Assassin's Creed\\AssassinsCreed_Launcher.exe"="c:\\Program Files\\Microsoft Games\\Rise Of Legends\\legends.exe"="c:\\Program Files\\Bonjour\\mDNSResponder.exe"="c:\\WINDOWS\\system32\\sessmgr.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=R0 d346bus;d346bus;c:\windows\system32\drivers\d346bus.sys [2008-10-07 156800]R0 d346prt;d346prt;c:\windows\system32\drivers\d346prt.sys [2008-10-07 5248]S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2009-01-20 18688]S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2009-01-20 8320][HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]"c:\program files\Common Files\LightScribe\LSRunOnce.exe"..------- Skan uzupełniający -------.uStart Page = hxxp://www.google.pl/mStart Page = hxxp://www.yahoo.comuInternet Settings,ProxyOverride = *.localLSP: c:\windows\system32\imon.dll.**************************************************************************catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2009-03-25 20:49:28Windows 5.1.2600 Dodatek Service Pack 2 NTFSskanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ... skanowanie pomyślnie ukończoneukryte pliki: 0**************************************************************************.--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------[HKEY_USERS\S-1-5-21-299502267-746137067-839522115-1003\Software\SecuROM\License information*]"datasecu"=hex:5b,8c,86,a5,b4,7c,6b,d7,52,7b,c1,b9,e3,75,86,18,e0,d1,7d,44,ca, 2e,a7,36,14,7a,fd,c1,f0,55,4f,9d,d6,05,4f,13,cc,9b,ce,d2,2f,7d,3f,ee,e4,82,\"rkeysecu"=hex:e8,d5,8f,50,f0,5c,62,e5,4a,3c,33,56,89,11,47,a9.--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------- - - - - - - > 'lsass.exe'(808)c:\windows\system32\imon.dllc:\program files\Eset\pr_imon.dll.Czas ukończenia: 2009-03-25 20:50:07ComboFix-quarantined-files.txt 2009-03-25 19:50:06ComboFix2.txt 2009-03-05 11:08:08Przed: 11 068 264 448 bajtów wolnychPo: 11,067,736,064 bajtów wolnychWindowsXP-KB310994-SP2-Pro-BootDisk-PLK.exe[boot loader]timeout=2default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS[operating systems]c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdconsmulti(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /usepmtimer /noexecute=optin200 --- E O F --- 2008-10-19 15:29:25
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.