Skocz do zawartości


tablety.pl
Zdjęcie
- - - - -

Zablokowany menadżer zadań i rejestr




  • Zaloguj się, aby dodać odpowiedź
7 odpowiedzi w tym temacie

#1 ixe

ixe

    Second Rank

  • Użytkownicy +
  • 107 postów
  • Płeć:Mężczyzna
  • Lokalizacja:Żary

Napisano 02 09 2011 - 17:39

Witam serdecznie.Mam bardzo duży problem:mój synek ściągał przez torenta assasina i chyba pobrał jakieś świństwo,zablokował mi się menadżer zadań oraz rejestr.Jak klikam prawym klikiem myszki na jakąś ikonę na pulpicie startuje mi się instalator NERO.Po zalogowaniu wyskakuje mi okienko :"Exception Processing Message c0000012 Parameters 75b3bf7c 4 75b3bf7c 75b3bf7c". Próbowałem uruchomić tryb awaryjny ale też jest zablokowany.Wydaje mi się że to bardzo poważny problem. Oto log z combofixa ComboFix 11-09-01.03 - iro 2011-09-02 16:28:40.4.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1250.48.1045.18.1023.519 [GMT 2:00]
Uruchomiony z: C:\Documents and Settings\iro\Pulpit\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}


((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))


C:\Documents and Settings\iro\Dane aplikacji\PriceGong
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\1.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\a.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\b.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\c.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\d.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\e.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\f.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\g.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\h.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\i.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\J.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\k.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\l.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\m.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\mru.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\n.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\o.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\p.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\q.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\r.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\s.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\t.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\u.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\v.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\w.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\x.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\y.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\z.xml

---- Poprzednie uruchomienie -------

C:\0w.com
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\1.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\a.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\b.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\c.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\d.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\e.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\f.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\g.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\h.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\i.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\J.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\k.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\l.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\m.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\mru.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\n.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\o.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\p.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\q.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\r.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\s.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\t.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\u.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\v.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\w.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\x.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\y.xml
C:\Documents and Settings\iro\Dane aplikacji\PriceGong\Data\z.xml
C:\WINDOWS\system32\kamsoft.exe
C:\WINDOWS\system32\mfc100deu.dll
D:\0w.com
J:\0w.com


((((((((((((((((((((((((((((((((((((((( Sterowniki/Usługi )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ABP470N5
-------\Service_abp470n5
-------\Legacy_ABP470N5
-------\Service_abp470n5


((((((((((((((((((((((((( Pliki utworzone od 2011-08-02 do 2011-09-02 )))))))))))))))))))))))))))))))


2011-09-01 19:45:34 . 2011-09-01 19:45:36 -------- d--h--w- C:\WINDOWS\system32\GroupPolicy
2011-09-01 19:29:45 . 2011-09-01 19:29:57 -------- d-----w- C:\Program Files\trend micro
2011-09-01 19:29:41 . 2011-09-01 19:30:06 -------- d-----w- C:\rsit
2011-08-30 12:47:22 . 2011-08-30 12:47:22 232512 ----a-w- C:\WINDOWS\system32\drivers\dtsoftbus01.sys
2011-08-30 10:18:57 . 2011-08-31 18:52:03 -------- d-----w- C:\Program Files\DAEMON Tools Lite
2011-08-30 08:36:13 . 2011-08-30 08:53:50 -------- d-----w- C:\Documents and Settings\iro\Ustawienia lokalne\Dane aplikacji\Ubisoft Game Launcher
2011-08-30 08:29:42 . 2011-08-30 08:29:42 -------- d-----w- C:\Documents and Settings\iro\Dane aplikacji\Ubisoft
2011-08-30 08:29:42 . 2011-08-30 08:29:42 -------- d-----w- C:\Documents and Settings\All Users\Dane aplikacji\Ubisoft
2011-08-30 08:27:19 . 2011-08-30 10:10:45 -------- d-----w- C:\Program Files\Ubisoft
2011-08-28 09:37:18 . 2011-03-25 16:03:50 15592 ----a-w- C:\WINDOWS\system32\roboot.exe
2011-08-28 09:37:18 . 2011-03-25 02:55:54 286208 ----a-w- C:\WINDOWS\system32\binkw32.dll
2011-08-08 14:18:16 . 2009-03-18 15:35:40 26176 ---ha-w- C:\WINDOWS\system32\hamachi.sys
2011-08-07 11:31:05 . 2011-08-30 16:08:27 -------- d-----w- C:\Documents and Settings\iro\Ustawienia lokalne\Dane aplikacji\Nemex
2011-08-07 11:30:55 . 2011-08-07 11:30:55 -------- d-----w- C:\Documents and Settings\iro\Dane aplikacji\Mouse Recorder Pro
.


(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

2011-08-30 10:19:07 . 2010-09-12 14:01:47 443448 ----a-w- C:\WINDOWS\system32\drivers\sptd.sys
2011-07-06 09:42:42 . 2011-07-05 19:42:38 235 ----a-w- C:\WINDOWS\system32\nxEuUninstall.bat
2011-07-06 09:42:41 . 2011-07-05 19:42:38 446464 ----a-w- C:\WINDOWS\NEXON_EU_DownloaderUpdater.exe
2011-08-22 12:31:14 . 2011-05-10 19:56:16 134104 ----a-w- C:\Program Files\mozilla firefox\components\browsercomps.dll


------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.

[7] 2011-08-22 12:31:13 . 8AF1980AD5BD21364A960299015DBEDD . 924632 . . [6.0] . . C:\WINDOWS\ERDNT\cache\firefox.exe

((((((((((((((((((((((((((((( SnapShot@2011-08-12_07.44.40 )))))))))))))))))))))))))))))))))))))))))

+ 2011-09-02 14:36:30 . 2011-09-02 14:36:30 16384 C:\WINDOWS\Temp\Perflib_Perfdata_cc.dat
+ 2011-09-02 14:36:15 . 2011-09-02 14:36:15 16384 C:\WINDOWS\Temp\Perflib_Perfdata_124.dat
+ 2011-08-30 08:26:48 . 2009-09-04 15:44:40 69464 C:\WINDOWS\system32\XAPOFX1_3.dll
+ 2011-08-30 08:26:47 . 2008-10-27 08:04:14 70992 C:\WINDOWS\system32\XAPOFX1_2.dll
+ 2011-08-30 08:26:46 . 2008-07-31 08:41:52 68616 C:\WINDOWS\system32\XAPOFX1_1.dll
+ 2011-08-30 08:26:45 . 2008-05-30 12:17:30 65032 C:\WINDOWS\system32\XAPOFX1_0.dll
+ 2011-08-30 08:26:47 . 2009-03-16 12:18:32 22360 C:\WINDOWS\system32\X3DAudio1_6.dll
+ 2011-08-30 08:26:46 . 2008-10-27 08:04:16 23376 C:\WINDOWS\system32\X3DAudio1_5.dll
+ 2011-08-30 08:26:45 . 2008-05-30 12:17:00 25608 C:\WINDOWS\system32\X3DAudio1_4.dll
+ 2011-08-30 08:26:44 . 2008-03-05 14:00:06 25608 C:\WINDOWS\system32\X3DAudio1_3.dll
+ 2010-08-17 12:28:11 . 2007-10-22 01:37:16 17928 C:\WINDOWS\system32\X3DAudio1_2.dll
- 2001-08-17 21:30:22 . 2011-07-10 08:42:37 87346 C:\WINDOWS\system32\perfc009.dat
+ 2001-08-17 21:30:22 . 2011-09-02 14:08:48 87346 C:\WINDOWS\system32\perfc009.dat
+ 2001-10-26 17:30:02 . 2008-04-14 21:51:40 33280 C:\WINDOWS\system32\dllcache\rundll32.exe
+ 2009-10-30 16:47:37 . 2011-08-23 14:43:34 32768 C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat
- 2009-10-30 16:47:37 . 2011-05-27 11:31:32 32768 C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat
- 2009-10-30 16:47:37 . 2011-05-27 11:31:32 32768 C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Historia\History.IE5\index.dat
+ 2009-10-30 16:47:37 . 2011-08-23 14:43:34 32768 C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Historia\History.IE5\index.dat
+ 2010-09-15 12:47:14 . 2011-08-30 10:24:03 49152 C:\WINDOWS\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
- 2010-09-15 12:47:14 . 2011-03-25 22:13:05 49152 C:\WINDOWS\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2011-08-31 08:16:09 . 2011-08-31 08:16:09 12800 C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
- 2010-08-30 11:31:09 . 2010-08-30 11:31:09 12800 C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2011-08-31 08:16:09 . 2011-08-31 08:16:09 53248 C:\WINDOWS\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
- 2010-08-30 11:31:09 . 2010-08-30 11:31:09 53248 C:\WINDOWS\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2011-08-30 08:26:50 . 2009-09-04 15:44:40 515416 C:\WINDOWS\system32\XAudio2_5.dll
+ 2011-08-30 08:26:48 . 2009-03-16 12:18:32 517448 C:\WINDOWS\system32\XAudio2_4.dll
+ 2011-08-30 08:26:47 . 2008-10-27 08:04:18 514384 C:\WINDOWS\system32\XAudio2_3.dll
+ 2011-08-30 08:26:46 . 2008-07-31 08:40:32 509448 C:\WINDOWS\system32\XAudio2_2.dll
+ 2011-08-30 08:26:45 . 2008-05-30 12:19:18 507400 C:\WINDOWS\system32\XAudio2_1.dll
+ 2011-08-30 08:26:44 . 2008-03-05 14:03:54 479752 C:\WINDOWS\system32\XAudio2_0.dll
+ 2011-08-30 08:26:50 . 2009-09-04 15:44:40 238936 C:\WINDOWS\system32\xactengine3_5.dll
+ 2011-08-30 08:26:47 . 2009-03-16 12:18:32 235352 C:\WINDOWS\system32\xactengine3_4.dll
+ 2011-08-30 08:26:46 . 2008-10-27 08:04:16 235856 C:\WINDOWS\system32\xactengine3_3.dll
+ 2011-08-30 08:26:46 . 2008-07-31 08:41:54 238088 C:\WINDOWS\system32\xactengine3_2.dll
+ 2011-08-30 08:26:45 . 2008-05-30 12:18:52 238088 C:\WINDOWS\system32\xactengine3_1.dll
+ 2011-08-30 08:26:44 . 2008-03-05 14:03:20 238088 C:\WINDOWS\system32\xactengine3_0.dll
+ 2011-08-30 08:26:43 . 2007-10-22 01:39:54 267272 C:\WINDOWS\system32\xactengine2_10.dll
+ 2001-10-26 16:15:16 . 2011-09-02 14:08:48 564792 C:\WINDOWS\system32\perfh015.dat
- 2001-10-26 16:15:16 . 2011-07-10 08:42:37 564792 C:\WINDOWS\system32\perfh015.dat
- 2001-08-17 21:30:24 . 2011-07-10 08:42:37 501822 C:\WINDOWS\system32\perfh009.dat
+ 2001-08-17 21:30:24 . 2011-09-02 14:08:48 501822 C:\WINDOWS\system32\perfh009.dat
- 2001-10-26 16:15:16 . 2011-07-10 08:42:37 109232 C:\WINDOWS\system32\perfc015.dat
+ 2001-10-26 16:15:16 . 2011-09-02 14:08:48 109232 C:\WINDOWS\system32\perfc015.dat
+ 2010-06-28 15:05:52 . 2010-04-12 15:29:26 214816 C:\WINDOWS\system32\javaw.exe
+ 2011-08-30 08:26:49 . 2009-09-04 15:29:34 235344 C:\WINDOWS\system32\d3dx11_42.dll
+ 2011-08-30 08:26:49 . 2009-09-04 15:29:34 453456 C:\WINDOWS\system32\d3dx10_42.dll
+ 2011-08-30 08:26:48 . 2009-03-09 13:27:22 453456 C:\WINDOWS\system32\d3dx10_41.dll
+ 2011-08-30 08:26:47 . 2008-10-15 04:22:52 452440 C:\WINDOWS\system32\d3dx10_40.dll
+ 2011-08-30 08:26:46 . 2008-07-10 09:01:00 467984 C:\WINDOWS\system32\d3dx10_39.dll
+ 2011-08-30 08:26:45 . 2008-05-30 12:11:46 467984 C:\WINDOWS\system32\d3dx10_38.dll
+ 2011-08-30 08:26:44 . 2008-02-05 21:07:36 462864 C:\WINDOWS\system32\d3dx10_37.dll
+ 2011-08-30 08:26:43 . 2007-10-02 07:56:34 444776 C:\WINDOWS\system32\d3dx10_36.dll
- 2010-08-30 11:31:09 . 2010-08-30 11:31:09 223232 C:\WINDOWS\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2011-08-31 08:16:08 . 2011-08-31 08:16:08 223232 C:\WINDOWS\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
- 2010-08-30 11:31:10 . 2010-08-30 11:31:10 178176 C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2011-08-31 08:16:10 . 2011-08-31 08:16:10 178176 C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2011-08-31 08:16:10 . 2011-08-31 08:16:10 364544 C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
- 2010-08-30 11:31:10 . 2010-08-30 11:31:10 364544 C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
- 2010-08-30 11:31:10 . 2010-08-30 11:31:10 159232 C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2011-08-31 08:16:09 . 2011-08-31 08:16:09 159232 C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2011-08-31 08:16:09 . 2011-08-31 08:16:09 145920 C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
- 2010-08-30 11:31:10 . 2010-08-30 11:31:10 145920 C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2011-08-31 08:16:09 . 2011-08-31 08:16:09 578560 C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-08-30 11:31:10 . 2010-08-30 11:31:10 578560 C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-08-31 08:16:08 . 2011-08-31 08:16:08 578560 C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-08-30 11:31:09 . 2010-08-30 11:31:09 578560 C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-08-30 11:31:08 . 2010-08-30 11:31:08 577536 C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-08-31 08:16:07 . 2011-08-31 08:16:07 577536 C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-08-30 11:31:08 . 2010-08-30 11:31:08 577536 C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-08-31 08:16:07 . 2011-08-31 08:16:07 577536 C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-08-30 11:31:08 . 2010-08-30 11:31:08 577024 C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-08-31 08:16:06 . 2011-08-31 08:16:06 577024 C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-08-30 11:31:07 . 2010-08-30 11:31:07 576000 C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-08-31 08:16:05 . 2011-08-31 08:16:05 576000 C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-08-31 08:16:05 . 2011-08-31 08:16:05 567296 C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-08-30 11:31:07 . 2010-08-30 11:31:07 567296 C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-08-31 08:16:05 . 2011-08-31 08:16:05 563712 C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-08-30 11:31:07 . 2010-08-30 11:31:07 563712 C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-08-31 08:16:09 . 2011-08-31 08:16:09 473600 C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
- 2010-08-30 11:31:09 . 2010-08-30 11:31:09 473600 C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2011-08-30 08:26:48 . 2009-03-09 13:27:22 4178264 C:\WINDOWS\system32\D3DX9_41.dll
+ 2011-08-30 08:26:46 . 2008-07-10 09:00:58 3851784 C:\WINDOWS\system32\D3DX9_39.dll
+ 2011-08-30 08:26:42 . 2007-10-12 13:14:00 3734536 C:\WINDOWS\system32\d3dx9_36.dll
+ 2011-08-30 08:26:49 . 2009-09-04 15:29:32 5501792 C:\WINDOWS\system32\d3dcsx_42.dll
+ 2011-08-30 08:26:48 . 2009-03-09 13:27:22 1846632 C:\WINDOWS\system32\D3DCompiler_41.dll
+ 2011-08-30 08:26:47 . 2008-10-15 04:22:52 2036576 C:\WINDOWS\system32\D3DCompiler_40.dll
+ 2011-08-30 08:26:46 . 2008-07-10 09:00:58 1493528 C:\WINDOWS\system32\D3DCompiler_39.dll
+ 2011-08-30 08:26:45 . 2008-05-30 12:11:46 1491992 C:\WINDOWS\system32\D3DCompiler_38.dll
+ 2011-08-30 08:26:44 . 2008-03-05 13:56:58 1420824 C:\WINDOWS\system32\D3DCompiler_37.dll
+ 2011-08-30 08:26:43 . 2007-10-12 13:14:00 1374232 C:\WINDOWS\system32\D3DCompiler_36.dll
- 2010-08-30 11:31:06 . 2010-08-30 11:31:07 2846720 C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-08-31 08:16:04 . 2011-08-31 08:16:04 2846720 C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-08-30 11:31:06 . 2010-08-30 11:31:06 2676224 C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-08-31 08:16:03 . 2011-08-31 08:16:03 2676224 C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-08-30 10:23:29 . 2011-08-30 10:23:29 20314624 C:\WINDOWS\Installer\336f9.msp

-- Migawka wyzerowana --

((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))


*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}"= "C:\Program Files\Softonic-Polska\prxtbSof0.dll" [2011-05-09 09:49:38 176936]

[HKEY_CLASSES_ROOT\clsid\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}]
2011-05-09 09:49:38 176936 ----a-w- C:\Program Files\Softonic-Polska\prxtbSof0.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}"= "C:\Program Files\Softonic-Polska\prxtbSof0.dll" [2011-05-09 09:49:38 176936]

[HKEY_CLASSES_ROOT\clsid\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{C86EB8A9-CCC2-4B6C-B75D-73576ED591BF}"= "C:\Program Files\Softonic-Polska\prxtbSof0.dll" [2011-05-09 09:49:38 176936]

[HKEY_CLASSES_ROOT\clsid\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-11-01 12:57:11 39408]
"ChomikBox"="C:\Program Files\ChomikBox\ChomikBox.exe" [2011-05-18 09:11:08 5541888]
"BitTorrent"="D:\Program Files\BitTorrent\BitTorrent.exe" [2011-04-09 16:45:13 478584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2009-06-10 07:28:50 13758464]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2008-04-14 21:51:12 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"= 1 (0x1)
"DisableRegistryTools"= 1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"= 1 (0x1)
"DisableRegistryTools"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-21 18:37:40 1001920 ----a-w- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-06-20 02:04:47 109488 ----a-w- C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2005-05-03 17:43:28 69632 ----a-w- C:\WINDOWS\Alcmtr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BabylonToolbar]
2010-11-07 09:22:00 360448 ----a-w- C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
2011-04-09 16:45:13 478584 ----a-w- D:\Program Files\BitTorrent\BitTorrent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
2010-04-28 16:46:30 323392 ----a-w- C:\Program Files\DNA\btdna.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ChomikBox]
2011-05-18 09:11:08 5541888 ----a-w- C:\Program Files\ChomikBox\chomikbox.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2008-04-14 21:51:12 15360 ----a-w- C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-08-02 07:33:30 4984640 ----a-w- C:\Program Files\DAEMON Tools Lite\DTLite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-05-31 13:31:33 205808 ----atw- C:\Documents and Settings\iro\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
2005-01-19 09:39:16 286720 ----a-w- C:\Program Files\Logitech\Video\LogiTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX]
2005-01-19 09:05:48 221184 ----a-w- C:\WINDOWS\system32\LVCOMSX.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2009-06-10 07:28:50 13758464 ----a-w- C:\WINDOWS\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2009-06-10 07:28:50 86016 ----a-w- C:\WINDOWS\system32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2009-06-10 07:29:34 1657376 ----a-w- C:\WINDOWS\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp]
2011-08-30 10:24:10 2007 ----a-w- C:\Program Files\Przyspiesz Komputer\PCSpeedUp.lnk

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-03-17 19:53:36 499712 ----a-w- C:\Program Files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2008-04-10 15:52:10 16861184 ----a-w- C:\WINDOWS\RTHDCPL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2010-04-20 11:14:54 26192680 ----a-r- C:\Program Files\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
2007-06-13 07:16:02 598016 ----a-r- C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2009-11-01 12:57:11 39408 ----a-w- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"NAUpdate"=2 (0x2)
"xmlprov"=3 (0x3)
"WZCSVC"=2 (0x2)
"wuauserv"=2 (0x2)
"wscsvc"=2 (0x2)
"WPFFontCache_v0400"=3 (0x3)
"WmiApSrv"=3 (0x3)
"Wmi"=3 (0x3)
"WmdmPmSN"=3 (0x3)
"winmgmt"=2 (0x2)
"WebClient"=2 (0x2)
"W32Time"=2 (0x2)
"VSS"=3 (0x3)
"UserAccess7"=2 (0x2)
"UPS"=3 (0x3)
"upnphost"=3 (0x3)
"TunngleService"=2 (0x2)
"TrkWks"=2 (0x2)
"TlntSvr"=3 (0x3)
"Themes"=2 (0x2)
"TermService"=3 (0x3)
"TapiSrv"=3 (0x3)
"SysmonLog"=3 (0x3)
"SwPrv"=3 (0x3)
"stisvc"=2 (0x2)
"SSDPSRV"=3 (0x3)
"srservice"=2 (0x2)
"Spooler"=2 (0x2)
"ShellHWDetection"=2 (0x2)
"SharedAccess"=2 (0x2)
"SENS"=2 (0x2)
"seclogon"=2 (0x2)
"Schedule"=2 (0x2)
"SCardSvr"=3 (0x3)
"SamSs"=2 (0x2)
"RSVP"=3 (0x3)
"RemoteRegistry"=2 (0x2)
"RDSessMgr"=3 (0x3)
"RasMan"=3 (0x3)
"RasAuto"=3 (0x3)
"ProtectedStorage"=2 (0x2)
"PolicyAgent"=2 (0x2)
"PlugPlay"=2 (0x2)
"NVSvc"=2 (0x2)
"NtmsSvc"=3 (0x3)
"NtLmSsp"=3 (0x3)
"Nla"=3 (0x3)
"Netman"=3 (0x3)
"Netlogon"=3 (0x3)
"napagent"=3 (0x3)
"MSIServer"=3 (0x3)
"MSDTC"=3 (0x3)
"mnmsrvc"=3 (0x3)
"LmHosts"=2 (0x2)
"lanmanworkstation"=2 (0x2)
"lanmanserver"=2 (0x2)
"JavaQuickStarterService"=2 (0x2)
"ImapiService"=3 (0x3)
"idsvc"=3 (0x3)
"HTTPFilter"=3 (0x3)
"hkmsvc"=3 (0x3)
"helpsvc"=2 (0x2)
"Hamachi2Svc"=2 (0x2)
"gusvc"=3 (0x3)
"gupdatem"=3 (0x3)
"gupdate"=2 (0x2)
"FontCache3.0.0.0"=3 (0x3)
"FastUserSwitchingCompatibility"=3 (0x3)
"EventSystem"=3 (0x3)
"Eventlog"=2 (0x2)
"ERSvc"=2 (0x2)
"EapHost"=3 (0x3)
"Dot3svc"=3 (0x3)
"Dnscache"=2 (0x2)
"dmserver"=2 (0x2)
"dmadmin"=3 (0x3)
"Dhcp"=2 (0x2)
"CryptSvc"=2 (0x2)
"COMSysApp"=3 (0x3)
"clr_optimization_v4.0.30319_32"=2 (0x2)
"ClipSrv"=3 (0x3)
"cisvc"=3 (0x3)
"Browser"=2 (0x2)
"BITS"=3 (0x3)
"AudioSrv"=2 (0x2)
"aspnet_state"=3 (0x3)
"AppMgmt"=3 (0x3)
"Akamai"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"UacDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\DNA\\btdna.exe"=
"d:\Program Files\Subagames\ACE Online\Launcher.atm"= d:\Program Files\Subagames\ACE Online\Launcher.atm:Enabled:GameExe2
"C:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"d:\Program Files\Subagames\ACE Online\Res-Voip\SCVoIP.exe"= d:\Program Files\Subagames\ACE Online\Res-Voip\SCVoIP.exe:Enabled:GameVoIP
"D:\\Program Files\\BitTorrent\\BitTorrent.exe"=
"D:\ireczek\Zumina\launcher.zun"= D:\ireczek\Zumina\launcher.zun:Enabled:GameExe2
"C:\Documents and Settings\iro\Pulpit\launcher.zun"= C:\Documents and Settings\iro\Pulpit\launcher.zun:Enabled:GameExe2
"D:\\Program Files\\Free Download Manager\\fdmwi.exe"=
"C:\\Program Files\\TALKON\\TalkOnMain.exe"=
"C:\\Documents and Settings\\iro\\Ustawienia lokalne\\Dane aplikacji\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"C:\\Documents and Settings\\All Users\\Dane aplikacji\\NexonEU\\NGM\\NGM.exe"=
"C:\\Program Files\\Tunngle\\TnglCtrl.exe"=
"C:\\Program Files\\Tunngle\\Tunngle.exe"=
"D:\\Program Files\\Tunngle\\TnglCtrl.exe"=
"D:\\Program Files\\Tunngle\\Tunngle.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"D:\\Program Files\\DGN\\FallenGears\\Launcher.atm"=
"C:\\Program Files\\Google\\Update\\GoogleUpdate.exe"=
"C:\\Program Files\\ChomikBox\\ChomikBox.exe"=
"C:\\Program Files\\BabylonToolbar\\BabylonToolbar\\1.4.19.19\\BabylonToolbarsrv.exe"=
"C:\\Documents and Settings\\iro\\Moje dokumenty\\Pobieranie\\SweetImSetup.exe"=
"C:\\Program Files\\Skype\\Toolbars\\Shared\\SkypeNames2.exe"=
"D:\\Program Files\\DGN\\FallenGears\\ACEonline.atm"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"C:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"C:\\Program Files\\DAEMON Tools Lite\\DTLite.exe"=
"D:\\Program Files\\DGN\\FallenGears\\FallenGears.exe"=
"C:\\Program Files\\Microsoft Silverlight\\sllauncher.exe"=
"C:\\Program Files\\TeamSpeak 3 Client\\ts3client_win32.exe"=
"D:\\DAMIANNAAA\\Assassin's Creed II\\AssassinsCreedIIGame.exe"=
"D:\\DAMIANNAAA\\Assassin's Creed II\\AssassinsCreedII.exe"=
"D:\\DAMIANNAAA\\Assassin's Creed II\\UPlayBrowser.exe"=
"C:\\Documents and Settings\\iro\\Ustawienia lokalne\\Dane aplikacji\\Google\\Update\\GoogleUpdate.exe"=

R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\WINDOWS\system32\drivers\dtsoftbus01.sys [2011-08-30 14:47:22 232512]
R2 Akamai;Akamai NetSession Interface;C:\WINDOWS\System32\svchost.exe -k Akamai [2001-10-26 19:30:02 14336]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;D:\Program Files\Metin2_PL\hamachi-2.exe []
R2 ousbehci;OrangeWare USB Enhanced Host Controller Service;C:\WINDOWS\system32\drivers\ousbehci.sys [2009-10-31 23:56:16 44928]
R2 TunngleService;TunngleService;C:\Program Files\Tunngle\TnglCtrl.exe [2011-07-21 11:15:59 741624]
R3 ousb2hub;OrangeWare USB 2.0 Root Hub Support;C:\WINDOWS\system32\drivers\ousb2hub.sys [2009-10-31 23:56:16 55808]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 13:16:28 130384]
S2 gupdate;Usługa Google Update (gupdate);C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-06 09:56:45 213488]
S3 DIGIRPS;Sterownik Digi PortServer;C:\WINDOWS\system32\drivers\digirlpt.sys [2011-01-23 00:30:12 42560]
S3 EagleXNt;EagleXNt;\??\C:\WINDOWS\system32\drivers\EagleXNt.sys --> C:\WINDOWS\system32\drivers\EagleXNt.sys [?]
S3 FLASHSYS;FLASHSYS;C:\Program Files\MSI\Live Update 4\LU4\FlashSys.sys [2009-11-01 00:12:28 9216]
S3 gupdatem;Usługa Google Update (gupdatem);C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-06 09:56:45 213488]
S3 JRSKD24;JRSKD24;C:\WINDOWS\system32\JRSKD24.SYS [2011-03-10 22:38:11 37688]
S3 MsibiosDevice;MsibiosDevice;C:\Program Files\MSI\Live Update 4\LU4\msibios.sys [2009-11-01 00:12:28 18432]
S3 s115bus;Sony Ericsson Device 115 driver (WDM);C:\WINDOWS\system32\drivers\s115bus.sys [2009-11-24 16:33:01 83208]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;C:\WINDOWS\system32\drivers\s115mdfl.sys [2009-11-24 16:33:05 15112]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;C:\WINDOWS\system32\drivers\s115mdm.sys [2009-11-24 16:33:05 108680]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\drivers\s115mgmt.sys [2009-11-24 16:33:17 100488]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;C:\WINDOWS\system32\drivers\s115obex.sys [2009-11-24 16:33:13 98568]
S3 SG760_XP;SAGEM 802.11g XG760 1211 Driver;C:\WINDOWS\system32\drivers\WlanUZXP.sys [2005-05-12 16:24:48 260608]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 13:16:28 753504]
S4 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200;"C:\Program Files\Nero\Update\NASvc.exe" --> C:\Program Files\Nero\Update\NASvc.exe [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai

Zawartość folderu 'Zaplanowane zadania'

2011-09-02 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-06 07:56:45 . 2010-03-06 07:56:42]

2011-09-01 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-06 07:56:45 . 2010-03-06 07:56:42]

2011-09-01 C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-861567501-113007714-682003330-1003Core.job
- C:\Documents and Settings\iro\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2011-06-27 08:36:25 . 2011-05-31 13:31:33]

2011-09-01 C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-861567501-113007714-682003330-1003UA.job
- C:\Documents and Settings\iro\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2011-06-27 08:36:25 . 2011-05-31 13:31:33]


------- Skan uzupełniający -------

uStart Page = hxxp://home.sweetim.com
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
mStart Page =
uInternet Connection Wizard,ShellNext = iexplore
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Download All using 4shared Desktop - d:\Program Files\4shared Desktop\down_all.htm
IE: Funkcja Google Sidewiki - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: Pobierz plik wideo we Free Download Manager - file://d:\Program Files\Free Download Manager\dlfvideo.htm
IE: Pobierz w Free Download Manager - file://d:\Program Files\Free Download Manager\dllink.htm
IE: Pobierz wszystkie pliki w Free Download Manager - file://d:\Program Files\Free Download Manager\dlall.htm
IE: Pobierz zaznaczone w Free Download Manager - file://d:\Program Files\Free Download Manager\dlselected.htm
TCP: DhcpNameServer = 192.168.2.1
DPF: Microsoft XML Parser for Java - file://C:\WINDOWS\Java\classes\xmldso.cab
FF - ProfilePath - C:\Documents and Settings\iro\Dane aplikacji\Mozilla\Firefox\Profiles\7ebg71v3.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - SweetIM Search
FF - prefs.js: browser.startup.homepage - hxxp://home.sweetim.com
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=toolbar2&q=

- - - - USUNIĘTO PUSTE WPISY - - - -

MSConfigStartUp-avast5 - C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
MSConfigStartUp-Free Download Manager - D:\Program Files\Free Download Manager\fdm.exe
MSConfigStartUp-Gadu-Gadu 10 - C:\Program Files\Gadu-Gadu 10\gg.exe
MSConfigStartUp-kamsoft - C:\WINDOWS\system32\kamsoft.exe
MSConfigStartUp-KPeerNexonEU - C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe
MSConfigStartUp-LogitechVideoRepair - C:\Program Files\Logitech\Video\ISStart.exe
MSConfigStartUp-MSMSGS - C:\Program Files\Messenger\msmsgs.exe
MSConfigStartUp-NBAgent - C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe
MSConfigStartUp-Nowe Gadu-Gadu - d:\Program Files\Nowe Gadu-Gadu\gg.exe
MSConfigStartUp-RDReminder - C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
MSConfigStartUp-Steam - C:\Program Files\Steam\Steam.exe
AddRemove-Adobe Flash Player Plugin - C:\WINDOWS\system32\Macromed\Flash\FlashUtil10h_Plugin.exe
AddRemove-Akamai - C:\Program Files\Common Files\Akamai\uninstall.exe
AddRemove-BabylonToolbar - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\uninstall.exe
AddRemove-CCleaner - C:\Program Files\CCleaner\uninst.exe
AddRemove-Gadu-Gadu 10 - C:\Program Files\Gadu-Gadu 10\Uninstall.exe
AddRemove-Google Chrome - C:\Program Files\Google\Chrome\Application\13.0.782.218\Installer\setup.exe
AddRemove-PhotoScape - C:\Program Files\PhotoScape\uninstall.exe
AddRemove-Pictomio - C:\Program Files\Pictomio\Uninstall.exe
AddRemove-TALKON - C:\Program Files\TALKON\uninstall.exe
AddRemove-{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6} - C:\Program Files\InstallShield Installation Information\{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}\setup.exe

#2 wirusolog

wirusolog

    Expert

  • Moderatorzy
  • 5764 postów
  • Płeć:Mężczyzna

Napisano 02 09 2011 - 18:34

Service_abp470n5

To usługa jednej z wersji SALITY/SECTOR, wirusa zarażającego wszystkie pliki *.exe.

Jeśli znasz się na komputerach, to najlepszym sposobem jest wypalenie na innym komputerze bootowalnej płytki z AV, i użycie jej na swoim komputerze >http://searchengines...CD-t112329.html
Jeśli nie znasz się zbytnio na komputerach, to pozostaje tradycyjne usuwanie:
1) Użyj Sality Killer -->http://support.kaspe.../?qid=208279886
Link zapasowy, gdyby wirus zablokował stronę narzędzia: > http://www.speedysha...alityKiller.com
2) Użyj Sality Remover/rmsality>http://www.softpedia...oad-105925.html
Link zapasowy >http://www.zshare.ne...19025638c1dcfd/
3) Użyj >http://www.dobreprog...dows,12976.html
Link zapasowy (już ze zmienioną nazwą), jeśli oficjalna strona będzie zablokowana przez wirusa >>http://www.zshare.ne...210692cc7f98a6/
4) wszystkie skany powtarzaj po kolei dotąd, aż żaden z nich nic nie będzie wykrywał.
5) sprawdź, czy Tryb Awaryjny nie jest uszkodzony (F8 przed startem Systemu)
6) wtedy dasz nowe logi z OTL.com ---post nr 2
- OTL.txt i Extras.txt (czyli przed skanem musisz zaznaczyć "Użyj filtrowania" w polu "Rejestr-skan dodatkowy).
.

#3 XanTyp

XanTyp

    Expert Rank

  • Admins
  • 3887 postów
  • Płeć:Mężczyzna
  • Lokalizacja:Headquarter

Napisano 02 09 2011 - 20:29

http://searchengines...-dziale-Wirusy/

(...)

LOGI PODAJEMY W ZAŁĄCZNIKACH LUB WKLEJAMY NA WWW.WKLEJ.ORG

Specjalne wyróżnienie wielkości i koloru czcionki miało tu uzasadnienie i proszę o stosowanie się do tego zalecenia. I profilaktycznie: Do pozostałych również.

Nawet, jeśli nie będę mógł pomóc, to może coś podpowiem:

1. Najpierw sięgnij do źródła, potem dopiero dzwoń po hydraulika.

2. Precyzja odpowiedzi zależy przed wszystkim od precyzji zadanego pytania.
3. Nie czytam w myślach, ale mogę powróżyć na specjalne życzenie (:


#4 ixe

ixe

    Second Rank

  • Użytkownicy +
  • 107 postów
  • Płeć:Mężczyzna
  • Lokalizacja:Żary

Napisano 02 09 2011 - 21:15

logi po skanowaniu http://www.wklej.org/id/588862/ http://www.wklej.org/id/588864/ System awaryjny nie działa po kliknięciu prawym klikiem myszy ponownie uruchamia się aplikacja o której pisałem wcześniej.

#5 vigo5

vigo5

    Very Good Rank

  • Użytkownicy +
  • 961 postów

Napisano 02 09 2011 - 21:31

Przecież na stronie Kaspersky'ego masz pliki .reg do naprawy trybu awaryjnego.
Pobierz, wypakuj i uruchom plik SafeBootWinXP:
http://support.kaspe...ity_regkeys.zip

Próbowałeś reinstalować Nero?
W razie problemów spróbuj użyć Nero General CleanTool

#6 wirusolog

wirusolog

    Expert

  • Moderatorzy
  • 5764 postów
  • Płeć:Mężczyzna

Napisano 02 09 2011 - 22:26

W logach nie widzę nic podejrzanego.
Podaję naprawę Trybu Awaryjnego:
Uruchom OTL i w dolne białe pole wklej to:
:OTL
SRV - File not found [Auto | Running] -- D:\Program Files\Metin2_PL\hamachi-2.exe -- (Hamachi2Svc)

:Reg
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot]
"AlternateShell"="cmd.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]
@="Driver Group"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]
@="Driver Group"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]
@="Driver Group"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmadmin]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmboot.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmio.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmload.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmserver]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]
@="Driver Group"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]
@="Driver Group"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]
@="Driver Group"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]
@="Driver Group"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]
@="Driver Group"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]
@="Driver Group"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sr.sys]
@="FSFilter System Recovery"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SRService]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]
@="Driver Group"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]
@="Universal Serial Bus controllers"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]
@="CD-ROM Drive"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
@="DiskDrive"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]
@="Standard floppy disk controller"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
@="Hdc"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
@="Keyboard"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
@="Mouse"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]
@="PCMCIA Adapters"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
@="SCSIAdapter"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
@="System"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]
@="Floppy disk drive"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
@="Volume"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
@="Human Interface Devices"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base]
@="Driver Group"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender]
@="Driver Group"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system]
@="Driver Group"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmadmin]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmboot.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmio.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmload.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmserver]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system]
@="Driver Group"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter]
@="Driver Group"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ip6fw.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS]
@="Driver Group"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper]
@="Driver Group"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup]
@="Driver Group"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup]
@="Driver Group"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network]
@="Driver Group"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider]
@="Driver Group"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nm]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nm.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NtLmSsp]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration]
@="Driver Group"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter]
@="Driver Group"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI]
@="Driver Group"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk]
@="Driver Group"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpcdd.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpdd.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpwd.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class]
@="Driver Group"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sr.sys]
@="FSFilter System Recovery"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SRService]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers]
@="Driver Group"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender]
@="Driver Group"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI]
@="Driver Group"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tdpipe.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tdtcp.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\termservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vga.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vgasave.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WZCSVC]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}]
@="Universal Serial Bus controllers"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}]
@="CD-ROM Drive"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}]
@="DiskDrive"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}]
@="Standard floppy disk controller"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
@="Hdc"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
@="Keyboard"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
@="Mouse"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}]
@="Net"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}]
@="NetClient"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}]
@="NetService"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}]
@="NetTrans"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}]
@="PCMCIA Adapters"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
@="SCSIAdapter"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
@="System"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}]
@="Floppy disk drive"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
@="Volume"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
@="Human Interface Devices"

:Commands
[emptyflash]
[emptytemp]

Kliknij w Wykonaj Script. Zapisz raport, który się pokaże.

Ściągnij >Ad-Remover i wciśnij w nim Clean
Pokaż raport z tego narzędzia.

Sprawdź Tryb Awaryjny.

Pokaż nowy log OTL.txt oraz raport z usuwania, i raport z Ad-Remover.
.

#7 ixe

ixe

    Second Rank

  • Użytkownicy +
  • 107 postów
  • Płeć:Mężczyzna
  • Lokalizacja:Żary

Napisano 02 09 2011 - 23:03

Dalsze raporty http://www.wklej.org/id/588903/ http://www.wklej.org/id/588904/ co do prawego klika to dalej szwankuje.

Zapomniałem o logu z OTL oto on : http://www.wklej.org/id/588905/

#8 wirusolog

wirusolog

    Expert

  • Moderatorzy
  • 5764 postów
  • Płeć:Mężczyzna

Napisano 03 09 2011 - 04:45

Jeszcze kosmetyka:
Uruchom OTL i w dolne białe pole wklej to:
:OTL
SRV - File not found [Disabled | Stopped] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2011-07-29 17:11:51 | 003,542,616 | ---- | M] () [Auto | Running] -- C:/Program Files/Common Files/Akamai/netsession_win_2da1ebd.dll -- (Akamai)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKCU\..\URLSearchHook: {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\prxtbSof0.dll (Conduit Ltd.)
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2233703&SearchSource=3&q={searchTerms}"
[2011-08-01 08:04:48 | 000,000,000 | ---D | M] (Softonic-Polska Community Toolbar) -- C:\Documents and Settings\iro\Dane aplikacji\Mozilla\Firefox\Profiles\7ebg71v3.default\extensions\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}
O2 - BHO: (Softonic-Polska Toolbar) - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\prxtbSof0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Softonic-Polska Toolbar) - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\prxtbSof0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Softonic-Polska Toolbar) - {C86EB8A9-CCC2-4B6C-B75D-73576ED591BF} - C:\Program Files\Softonic-Polska\prxtbSof0.dll (Conduit Ltd.)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

:Reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.pl/"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.pl/"

:Commands
[Reboot]
Kliknij w Wykonaj Script.

Zainstaluj bezpieczniejszą wersję Javy >Java 7 (JRE)
Starą wersję odinstaluj.

**************************************************************************************************

Jak klikam prawym klikiem myszki na jakąś ikonę na pulpicie startuje mi się instalator NERO

co do prawego klika to dalej szwankuje.

Chyba Moderator/ka przesunie temat do bardziej odpowiedniego działu Forum, bo ten problem nie ma żadnego związku z infekcjami.
.

.




Użytkownicy przeglądający ten temat: 0

0 użytkowników, 0 gości, 0 anonimowych