Witam Serdecznie.
Mam wielką prośbę i pytanie. Podczas uruchamiania systemu (Windows XP HE) pojawia się na ekranie dziwny komunikat:
Bardzo proszę o pomoc w rozwiązaniu tego problemu.
Życzę Wszystkim Samych Pięknych i Szczęśliwych Chwil w zbliżającym się Nowym Roku.
Pod linkiem, który podałeś nie ma żadnego obrazka.
1.Czy system jest z SP2 ?
2.Czy dawno pojawia się ten ekran ?
3.Daj logi do sprawdzenia.
Witam Serdecznie i odpowiadam:
1.System jest z SP2.
2.Ekran pojawia się od ok. 2 tygodni.
3.Jestem “nowy i zielony” - nie wiem jak to zrobić. Proszę o pomoc. Będę wdzięczny i zobowiązany.
Pozdrawiam.
Czy instalowałeś jakieś oprogramowanie, po którty pojawia się ten komunikat ?
Sprawdź, czy w trybie awaryjmym pojawia się ten komunikat i przeskanuj kompa antywirusem.
Odpowiadam na pytania.
Instaluję dużo różnych programów i teraz nie potrafię sobie przypomnieć czy ten dziwny komunikat pojawił się po jakiejś nowej instalacji. W trybie awaryjnym komunikat się nie pojawia. Przeskanowałem komputer skanerem antywirusowym (Panda TotalScanPro) z pakietu Panda IS 2008. Nic nie znaleziono. Czysto.
Proszę o pomoc.
Pozdrawiam.
To na pewno komunikat emitowany przez jakiś program antywirusowy, który masz zainstalowany, bądź jakiś program odpowiedający za bezpieczeństwo systemu. Przeinstaluj programy tego typu, które masz zianstalowane.
Przeinstalowywałem Pandę. Nic nie pomogło.
HijackThis, Silent Runners, Combofix i inne - Instrukcja
Daj logi z HijackThis, Silent Runners oraz Combofix.
Załączam logi.
[Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:47:29, on 2007-12-27
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Security\Panda Internet Security 2008\TPSrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\Program Files\Panda Security\Panda Internet Security 2008\PsCtrls.exe
C:\Program Files\Panda Security\Panda Internet Security 2008\PavFnSvr.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Security\Panda Internet Security 2008\pavsrv51.exe
C:\Program Files\Panda Security\Panda Internet Security 2008\AVENGINE.EXE
C:\Program Files\Panda Security\Panda Internet Security 2008\AntiSpam\pskmssvc.exe
C:\WINDOWS\system32\PSIService.exe
c:\program files\panda security\panda internet security 2008\firewall\PSHOST.EXE
C:\Program Files\Panda Security\Panda Internet Security 2008\psimsvc.exe
C:\Program Files\SiteAdvisor\6253\SAService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE
C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe
C:\PROGRA~1\A4Tech\Mouse\Amoumain.exe
C:\Program Files\VibrateGameDeviceDriver\RFPIcon.exe
C:\WINDOWS\system32\oodtray.exe
C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
C:\Program Files\Panda Security\Panda Internet Security 2008\APVXDWIN.EXE
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Nero\Nero8\InCD\NBHGui.exe
C:\Program Files\Nero\Nero8\InCD\InCD.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Panda Security\Panda Internet Security 2008\SRVLOAD.EXE
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Panda Security\Panda Internet Security 2008\WebProxy.exe
C:\Program Files\Panda Security\Panda Internet Security 2008\PavBckPT.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl/tpsa/run?n=msi
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Expressivo - {85F685C3-20D9-4943-95E4-EB4224056C3F} - C:\Program Files\ivo\Expressivo\integr\ih-iexplorer\IH_iexplorer.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Expressivo - {85F685C3-20D9-4943-95E4-EB4224056C3F} - C:\Program Files\ivo\Expressivo\integr\ih-iexplorer\IH_iexplorer.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM…\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM…\Run: [soundMAX] “C:\Program Files\Analog Devices\SoundMAX\Smax4.exe” /tray
O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM…\Run: [nwiz] nwiz.exe /install
O4 - HKLM…\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM…\Run: [sunJavaUpdateSched] “C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe”
O4 - HKLM…\Run: [V0220Mon.exe] F:\DRIVERS\English\V0220Mon.exe
O4 - HKLM…\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
O4 - HKLM…\Run: [EPSON Stylus DX4800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE /P26 “EPSON Stylus DX4800 Series” /O6 “USB001” /M “Stylus DX4800”
O4 - HKLM…\Run: [iKeyWorks] C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe
O4 - HKLM…\Run: [WheelMouse] C:\PROGRA~1\A4Tech\Mouse\Amoumain.exe
O4 - HKLM…\Run: [RTBatteryMeter] C:\Program Files\VibrateGameDeviceDriver\RFPIcon.exe
O4 - HKLM…\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe
O4 - HKLM…\Run: [NBKeyScan] “C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe”
O4 - HKLM…\Run: [siteAdvisor] C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
O4 - HKLM…\Run: [TrayServer] D:\Moje Programy\Programy\Programy video\TrayServer.exe
O4 - HKLM…\Run: [APVXDWIN] “C:\Program Files\Panda Security\Panda Internet Security 2008\APVXDWIN.EXE” /s
O4 - HKLM…\Run: [sCANINICIO] “C:\Program Files\Panda Security\Panda Internet Security 2008\Inicio.exe”
O4 - HKLM…\Run: [uVS11 Preload] D:\Moje Programy\Programy\Ulead VideoStudio 11\uvPL.exe
O4 - HKLM…\Run: [sony Ericsson PC Suite] “C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe” /startoptions
O4 - HKLM…\Run: [QuickTime Task] “C:\Program Files\QuickTime\QTTask.exe” -atboottime
O4 - HKLM…\Run: [iTunesHelper] “C:\Program Files\iTunes\iTunesHelper.exe”
O4 - HKLM…\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM…\Run: [securDisc] C:\Program Files\Nero\Nero8\InCD\NBHGui.exe
O4 - HKLM…\Run: [inCD] C:\Program Files\Nero\Nero8\InCD\InCD.exe
O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU…\Run: [Creative Live! Cam Manager] “C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe”
O4 - HKCU…\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] “C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe”
O4 - HKCU…\Run: [Odkurzacz-MCD] C:\Program Files\Odkurzacz\odk_mcd.exe
O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Opcje tłumaczenia angielsko-polskie (Kompas wersja 4) - {4F1DF60B-1BFF-4566-924B-9F24A974C910} - C:\Program Files\TransEnPl4\trenpl4ie_opcje.htm
O9 - Extra ‘Tools’ menuitem: Opcje tłumaczenia angielsko-polskie (Kompas wersja 4) - {4F1DF60B-1BFF-4566-924B-9F24A974C910} - C:\Program Files\TransEnPl4\trenpl4ie_opcje.htm
O9 - Extra button: Tłumacz angielski->polski (Kompas wersja 4) - {50C285B9-12A7-427B-B1B4-3BD810513848} - C:\Program Files\TransEnPl4\trenpl4ie_tlumaczenpl.htm
O9 - Extra ‘Tools’ menuitem: Tłumacz angielski->polski (Kompas wersja 4) - {50C285B9-12A7-427B-B1B4-3BD810513848} - C:\Program Files\TransEnPl4\trenpl4ie_tlumaczenpl.htm
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Tłumacz polski->angielski (Kompas wersja 4) - {860D2F9E-9D14-4D7C-A3C9-1B1B40C758F6} - C:\Program Files\TransEnPl4\trenpl4ie_tlumaczplen.htm
O9 - Extra ‘Tools’ menuitem: Tłumacz polski->angielski (Kompas wersja 4) - {860D2F9E-9D14-4D7C-A3C9-1B1B40C758F6} - C:\Program Files\TransEnPl4\trenpl4ie_tlumaczplen.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/v1/cabs/ascstubie.cab
O16 - DPF: {631FF594-EC25-4CFF-B869-402DF294E1D6} (Instalator oprogramowania Onet.pl) - http://slimak.onet.pl/_m/kamerzysta/One … or012s.ocx
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow … eqlab2.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su2/CTL_V02002/ … /CTPID.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Urządzenie mobilne Apple (Apple Mobile Device) - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - D:\Moje Programy\Programy\Common\Database\bin\fbserver.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
O23 - Service: Usługa iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: Nero Registry InCD Service (NeroRegInCDSrv) - Nero AG - C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\pavsrv51.exe
O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\AntiSpam\pskmssvc.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program files\panda security\panda internet security 2008\firewall\PSHOST.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\psimsvc.exe
O23 - Service: Usługa SiteAdvisor (SiteAdvisor Service) - Unknown owner - C:\Program Files\SiteAdvisor\6253\SAService.exe
O23 - Service: Start BT in service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\TPSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
–
End of file - 14159 bytes]
[ComboFix 07-12-21.4 - Wojciech 2007-12-27 16:33:37.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1250.1.1045.18.323 [GMT 1:00]
Running from: C:\Documents and Settings\Wojciech\Pulpit\ComboFix.exe
* Created a new restore point
.
((((((((((((((((((((((((( Files Created from 2007-11-27 to 2007-12-27 )))))))))))))))))))))))))))))))
.
2007-12-27 15:43 . 2007-12-27 15:43
2007-12-26 21:35 . 2007-12-27 10:47 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2007-12-26 21:35 . 2007-12-26 21:35 1,409 --a------ C:\WINDOWS\QTFont.for
2007-12-25 18:01 . 1997-01-16 00:00 71,680 --a------ C:\WINDOWS\ST5UNST.EXE
2007-12-25 12:38 . 2007-12-25 12:38
2007-12-25 12:37 . 2007-12-25 12:37 6,568 --a------ C:\WINDOWS\system32\EPPICResdb0000
2007-12-25 12:37 . 2007-12-25 12:37 117 --a------ C:\WINDOWS\system32\EPPICResdb
2007-12-22 20:35 . 2007-12-22 20:35
2007-12-22 20:35 . 2007-12-22 20:36
2007-12-22 17:41 . 2007-12-22 17:41
2007-12-22 17:39 . 2007-12-22 17:52
2007-12-22 17:33 . 2007-12-22 17:34 0 --a------ C:\WINDOWS\lgfwup.ini
2007-12-22 17:32 . 1998-06-24 00:00 115,016 --------- C:\WINDOWS\system32\MSINET.OCX
2007-12-22 17:32 . 1998-07-22 00:00 102,912 --------- C:\WINDOWS\system32\Vb6stkit.dll
2007-12-22 17:32 . 1998-07-22 00:00 102,160 --------- C:\WINDOWS\system32\VB6KO.DLL
2007-12-20 13:29 . 2007-12-20 13:30
2007-12-20 13:29 . 2007-12-20 13:29
2007-12-20 13:29 . 2007-12-20 13:29
2007-12-20 13:20 . 2007-12-20 13:20
2007-12-20 13:20 . 2007-12-20 13:20
2007-12-15 23:12 . 2007-12-15 23:12
2007-12-15 23:12 . 2007-12-15 23:12
2007-12-15 23:10 . 2007-12-15 23:13
2007-12-15 22:30 . 2007-12-15 22:30
2007-12-15 16:54 . 2007-12-15 16:54 261 --a------ C:\WINDOWS\system32\PavCPL.dat
2007-12-15 15:00 . 2007-12-23 15:41
2007-12-15 14:59 . 2007-12-15 14:59
2007-12-15 14:59 . 2007-12-15 14:59
2007-12-15 14:59 . 2007-12-15 14:59 476,752 --a------ C:\Documents and Settings\All Users\Dane aplikacji\pswi_preloaded.exe
2007-12-15 14:36 . 2007-12-23 15:41 2,828 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys
2007-12-15 14:36 . 2007-12-23 15:33 88 -r-hs---- C:\WINDOWS\system32\2A81F970C1.sys
2007-12-14 23:13 . 2007-12-14 23:13
2007-12-14 22:49 . 2007-12-26 23:47
2007-12-14 17:00 . 2007-12-14 21:23
2007-12-14 13:02 . 2007-12-14 13:31
2007-12-14 12:56 . 2007-12-14 12:56
2007-12-14 12:56 . 2007-12-14 12:56
2007-12-14 12:56 . 2007-12-14 12:56
2007-12-14 12:56 . 2007-12-04 19:38 120,056 --------- C:\WINDOWS\system32\pxcpyi64.exe
2007-12-14 12:56 . 2007-12-04 19:38 118,520 --------- C:\WINDOWS\system32\pxinsi64.exe
2007-12-14 12:55 . 2007-12-14 12:55
2007-12-14 02:43 . 2007-04-23 15:54 108,680 -ra------ C:\WINDOWS\system32\drivers\s115mdm.sys
2007-12-14 02:43 . 2007-04-23 15:54 100,488 -ra------ C:\WINDOWS\system32\drivers\s115mgmt.sys
2007-12-14 02:43 . 2007-04-23 15:54 98,568 -ra------ C:\WINDOWS\system32\drivers\s115obex.sys
2007-12-14 02:43 . 2007-04-23 15:54 83,208 -ra------ C:\WINDOWS\system32\drivers\s115bus.sys
2007-12-14 02:43 . 2007-04-23 15:54 15,112 -ra------ C:\WINDOWS\system32\drivers\s115mdfl.sys
2007-12-14 02:43 . 2007-04-23 15:54 12,424 -ra------ C:\WINDOWS\system32\drivers\s115whnt.sys
2007-12-14 02:43 . 2007-04-23 15:54 12,424 -ra------ C:\WINDOWS\system32\drivers\s115wh.sys
2007-12-14 02:43 . 2007-04-23 15:54 12,424 -ra------ C:\WINDOWS\system32\drivers\s115cmnt.sys
2007-12-14 02:43 . 2007-04-23 15:54 12,424 -ra------ C:\WINDOWS\system32\drivers\s115cm.sys
2007-12-13 22:02 . 2007-12-13 22:02 238,888 --a------ C:\WINDOWS\NuNInst.exe
2007-12-13 22:02 . 2007-12-13 22:02 128,424 --a------ C:\WINDOWS\system32\drivers\InCDfs.sys
2007-12-13 22:02 . 2007-12-13 22:02 40,360 --a------ C:\WINDOWS\system32\drivers\InCDRm.sys
2007-12-13 22:02 . 2007-12-13 22:02 38,952 --a------ C:\WINDOWS\system32\drivers\InCDPass.sys
2007-12-13 22:02 . 2007-12-13 22:02 17,448 --a------ C:\WINDOWS\system32\drivers\InCDrec.sys
2007-12-13 19:09 . 2007-12-13 19:09 972,072 --a------ C:\WINDOWS\UNNeroMediaHome.exe
2007-12-13 18:19 . 2007-12-27 10:48 13,880 --a------ C:\WINDOWS\system32\drivers\COMFiltr.sys
2007-12-13 17:26 . 2007-12-13 17:27
2007-12-13 17:24 . 2007-12-13 17:24
2007-12-13 14:54 . 2007-12-13 14:54
2007-12-13 14:50 . 2007-12-13 14:50 0 --a------ C:\WINDOWS\mngui.INI
2007-12-13 14:48 . 2007-12-14 02:43
2007-12-13 14:46 . 2007-12-13 14:46
2007-12-13 14:46 . 2007-12-13 14:46
2007-12-13 14:46 . 2007-12-13 14:47
2007-12-13 14:46 . 2007-12-13 14:46
2007-12-13 14:46 . 2007-12-13 14:46
2007-12-13 14:45 . 2007-12-13 14:46
2007-12-13 14:45 . 2007-12-13 14:46
2007-12-11 21:20 . 2007-10-12 15:14 3,734,536 --a------ C:\WINDOWS\system32\d3dx9_36.dll
2007-12-11 21:20 . 2007-10-12 15:14 1,374,232 --a------ C:\WINDOWS\system32\D3DCompiler_36.dll
2007-12-11 21:20 . 2007-10-02 09:56 444,776 --a------ C:\WINDOWS\system32\d3dx10_36.dll
2007-12-11 21:20 . 2007-10-22 03:39 267,272 --a------ C:\WINDOWS\system32\xactengine2_10.dll
2007-12-11 21:17 . 2007-12-11 21:17
2007-12-11 21:02 . 2007-12-11 21:45
2007-12-11 21:02 . 2007-12-27 00:03
2007-12-11 12:49 . 2007-12-11 20:54 3,245 --a------ C:\WINDOWS\jhrscn_c32.ini
2007-12-11 12:49 . 2007-12-11 12:49 1,430 --a------ C:\WINDOWS\cfbcbv32.ini
2007-12-11 12:36 . 2007-12-11 12:36
2007-12-11 10:57 . 2007-12-11 10:57 65,536 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx
2007-12-11 10:57 . 2007-12-11 10:57 49,152 --a------ C:\WINDOWS\system32\QuickTime.qts
2007-12-11 08:05 . 2007-12-11 08:05
2007-12-11 08:03 . 2007-12-15 16:36
2007-12-11 08:03 . 2007-12-11 08:03
2007-12-11 08:03 . 2007-12-11 08:20 441,760 --a------ C:\WINDOWS\system32\drivers\timntr.sys
2007-12-11 08:03 . 2007-12-11 08:20 368,736 --a------ C:\WINDOWS\system32\drivers\tdrpman.sys
2007-12-11 08:03 . 2007-12-11 08:20 129,248 --a------ C:\WINDOWS\system32\drivers\snapman.sys
2007-12-11 08:03 . 2007-12-11 08:20 44,384 --a------ C:\WINDOWS\system32\drivers\tifsfilt.sys
2007-12-10 21:38 . 2007-06-18 12:09 106,496 --a------ C:\WINDOWS\msinet.ocx
2007-12-10 16:50 . 2007-12-10 16:52
2007-12-10 16:49 . 2007-12-10 16:49
2007-12-10 16:48 . 2007-12-10 16:50
2007-12-10 16:48 . 2007-12-10 16:48
2007-12-10 16:48 . 2007-03-27 19:56 210,456 --a------ C:\WINDOWS\system32\IVIresizeW7.dll
2007-12-10 16:48 . 2007-03-27 19:56 206,360 --a------ C:\WINDOWS\system32\IVIresizeA6.dll
2007-12-10 16:48 . 2007-03-27 19:56 198,168 --a------ C:\WINDOWS\system32\IVIresizeP6.dll
2007-12-10 16:48 . 2007-03-27 19:56 198,168 --a------ C:\WINDOWS\system32\IVIresizeM6.dll
2007-12-10 16:48 . 2007-03-27 19:56 194,072 --a------ C:\WINDOWS\system32\IVIresizePX.dll
2007-12-10 16:48 . 2007-03-27 19:56 26,136 --a------ C:\WINDOWS\system32\IVIresize.dll
2007-12-10 15:07 . 2007-12-10 15:07
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-27 14:56 361,248 ----a-w C:\WINDOWS\system32\drivers\APPFCONT.DAT.bck
2007-12-27 14:56 361,248 ----a-w C:\WINDOWS\system32\drivers\APPFCONT.DAT
2007-12-27 14:56 1,224 ----a-w C:\WINDOWS\system32\drivers\APPFLTR.CFG.bck
2007-12-27 14:56 1,224 ----a-w C:\WINDOWS\system32\drivers\APPFLTR.CFG
2007-12-26 17:24 --------- d-----w C:\Program Files\Odkurzacz
2007-12-25 09:53 --------- d–h--w C:\Program Files\InstallShield Installation Information
2007-12-25 09:53 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\UDL
2007-12-25 09:52 --------- d-----w C:\Program Files\epson
2007-12-22 21:45 --------- d-----w C:\Documents and Settings\Wojciech\Dane aplikacji\Skype
2007-12-22 21:44 --------- d-----w C:\Documents and Settings\Wojciech\Dane aplikacji\skypePM
2007-12-22 19:35 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Nero
2007-12-21 21:32 --------- d-----w C:\Program Files\Paseczek
2007-12-21 07:31 --------- d-----w C:\Program Files\Opera
2007-12-20 12:30 --------- d-----w C:\Documents and Settings\Wojciech\Dane aplikacji\Apple Computer
2007-12-19 20:27 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help
2007-12-19 14:01 --------- d-----w C:\Program Files\SiteAdvisor
2007-12-15 15:54 0 ----a-w C:\WINDOWS\system32\drivers\wnmsav.dat
2007-12-15 07:39 --------- d-----w C:\Program Files\Panda Security
2007-12-14 23:34 --------- d-----w C:\Documents and Settings\Wojciech\Dane aplikacji\uTorrent
2007-12-14 21:17 --------- d-----w C:\Program Files\Common Files\Adobe
2007-12-10 15:48 --------- d-----w C:\Program Files\Common Files\Ulead Systems
2007-12-04 18:38 129,784 ------w C:\WINDOWS\system32\pxafs.dll
2007-12-04 18:36 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2007-12-04 18:36 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2007-12-04 18:36 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2007-12-04 18:36 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2007-12-04 18:36 682,496 ----a-w C:\WINDOWS\system32\DivX.dll
2007-12-04 18:36 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2007-12-04 18:36 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2007-12-04 18:36 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2007-12-04 18:36 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2007-12-04 18:36 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2007-12-04 18:36 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2007-12-04 18:36 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
2007-11-28 20:42 --------- d-----w C:\Program Files\MoorHunt
2007-11-26 10:24 --------- d-----w C:\Documents and Settings\Wojciech\Dane aplikacji\SiteAdvisor
2007-11-26 09:57 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\sentinel
2007-11-26 09:49 --------- d-----w C:\Program Files\Common Files\Panda Software
2007-11-26 09:48 --------- d-----w C:\Program Files\Panda Software
2007-11-26 09:43 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Backup
2007-11-24 10:27 --------- d-----w C:\Program Files\Windows Desktop Search
2007-11-24 10:27 --------- d-----w C:\Program Files\VibrateGameDeviceDriver
2007-11-24 10:23 --------- d-----w C:\Program Files\Common Files\VideoMate
2007-11-23 11:30 278,984 ----a-w C:\WINDOWS\system32\drivers\atksgt.sys
2007-11-23 11:30 25,416 ----a-w C:\WINDOWS\system32\drivers\lirsgt.sys
2007-11-23 09:55 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Test Drive Unlimited
2007-11-23 09:44 108,144 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2007-11-23 09:44 --------- d–h--r C:\Documents and Settings\Wojciech\Dane aplikacji\SecuROM
2007-11-23 06:56 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Creative
2007-11-23 06:55 --------- d-----w C:\Documents and Settings\Wojciech\Dane aplikacji\Creative
2007-11-22 22:41 43,520 ----a-w C:\WINDOWS\system32\CmdLineExt03.dll
2007-11-22 20:04 131,584 ------w C:\WINDOWS\combatfs.exe
2007-11-21 21:36 --------- d-----w C:\Program Files\Smarty Uninstaller Pro
2007-11-21 20:19 --------- d-----w C:\Documents and Settings\Wojciech\Dane aplikacji\Ashampoo
2007-11-21 16:31 132,904 ----a-w C:\WINDOWS\system32\drivers\imagesrv.sys
2007-11-21 16:31 11,304 ----a-w C:\WINDOWS\system32\drivers\imagedrv.sys
2007-11-20 19:42 --------- d-----w C:\Documents and Settings\Wojciech\Dane aplikacji\MAGIX
2007-11-20 13:38 --------- d-----w C:\Documents and Settings\LocalService\Dane aplikacji\SiteAdvisor
2007-11-18 20:51 --------- d-----w C:\Program Files\XP Codec Pack
2007-11-18 20:16 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\SiteAdvisor
2007-11-18 20:16 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\McAfee
2007-11-17 21:36 --------- d-----w C:\Documents and Settings\Wojciech\Dane aplikacji\SecondLife
2007-11-17 20:54 --------- d-----w C:\Program Files\Google
2007-11-16 20:24 --------- d-----w C:\Program Files\eMule
2007-11-16 20:24 --------- d-----w C:\Documents and Settings\Wojciech\Dane aplikacji\Winamp
2007-11-16 20:09 --------- d-----w C:\Program Files\INTERIAPL
2007-11-16 15:08 --------- d-----w C:\Program Files\uTorrent
2007-11-16 09:41 32 ----a-w C:\Documents and Settings\All Users\Dane aplikacji\ezsid.dat
2007-11-16 09:41 --------- d-----w C:\Program Files\Common Files\Skype
2007-11-14 20:43 --------- d-----w C:\Program Files\Picasa2
2007-11-14 20:26 --------- d-----w C:\Documents and Settings\Wojciech\Dane aplikacji\Codeton
2007-11-14 20:20 --------- d-----w C:\Program Files\TransEnPl4
2007-11-14 20:20 --------- d-----w C:\Documents and Settings\Wojciech\Dane aplikacji\TransEngPol4
2007-11-14 20:20 --------- d-----w C:\Documents and Settings\Wojciech\Dane aplikacji\TransAng3
2007-11-14 09:44 --------- d-----w C:\Documents and Settings\Wojciech\Dane aplikacji\Talkback
2007-11-14 09:42 --------- d-----w C:\Program Files\Onet
2007-11-14 09:42 --------- d-----w C:\Program Files\Common Files\Onet.pl
2007-11-14 09:42 --------- d-----w C:\Documents and Settings\Wojciech\Dane aplikacji\Kamerzysta
2007-11-14 09:42 --------- d-----w C:\Documents and Settings\Wojciech\Dane aplikacji\Czat
2007-11-14 09:42 --------- d-----w C:\Documents and Settings\Wojciech\Dane aplikacji\AutoUpdate
2007-11-14 06:29 --------- d-----w C:\Program Files\MSXML 4.0
2007-11-13 20:29 --------- d-----w C:\Documents and Settings\Wojciech\Dane aplikacji\InstallShield
2007-11-13 17:30 --------- d-----w C:\Program Files\Skype
2007-11-13 17:30 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Skype
2007-11-13 17:28 --------- d-----w C:\Program Files\Tlen.pl
2007-11-13 17:28 --------- d-----w C:\Documents and Settings\Wojciech\Dane aplikacji\Tlen.pl
2007-11-13 17:23 --------- d-----w C:\Documents and Settings\Wojciech\Dane aplikacji\Gadu-Gadu
2007-11-13 17:01 --------- d-----w C:\Program Files\Gadu-Gadu
2007-11-13 16:57 --------- d-----w C:\Program Files\Winamp
2007-11-13 16:02 --------- d-----w C:\Program Files\MarBit
2007-11-13 15:12 108,768 ----a-w C:\WINDOWS\system32\drivers\ACEDRV08.sys
2007-11-13 14:51 --------- d-----w C:\Program Files\Common Files\MAGIX Shared
2007-11-13 14:51 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\MAGIX
2007-11-13 11:43 --------- d-----w C:\Documents and Settings\Wojciech\Dane aplikacji\Nero
2007-11-13 11:23 --------- d-----w C:\Program Files\Apple Software Update
2007-11-13 11:23 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Apple
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-13 09:08 --------- d-----w C:\Program Files\ivo
2007-11-13 09:08 --------- d-----w C:\Documents and Settings\Wojciech\Dane aplikacji\Expressivo
2007-11-13 08:07 --------- d-----w C:\Program Files\OO Software
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\NBHShellExt]
@={8D2223A2-B3C6-4e32-B096-CDD11F628C60}
[HKEY_CLASSES_ROOT\CLSID{8D2223A2-B3C6-4e32-B096-CDD11F628C60}]
2007-12-13 22:02 96552 --a------ C:\Program Files\Nero\Nero8\InCD\NBHShx.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“ctfmon.exe”=“C:\WINDOWS\system32\ctfmon.exe” [2004-08-04 13:00]
“Creative Live! Cam Manager”=“C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe” [2006-05-31 16:00]
“BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}”=“C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe” [2007-12-13 19:10]
“Odkurzacz-MCD”=“C:\Program Files\Odkurzacz\odk_mcd.exe” [2007-05-03 10:02]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“SoundMAXPnP”=“C:\Program Files\Analog Devices\Core\smax4pnp.exe” [2006-05-01 03:07]
“SoundMAX”=“C:\Program Files\Analog Devices\SoundMAX\Smax4.exe” [2006-04-10 09:19]
“NvCplDaemon”=“RUNDLL32.exe” [2004-08-04 13:00 C:\WINDOWS\system32\rundll32.exe]
“nwiz”=“nwiz.exe” [2007-10-04 17:14 C:\WINDOWS\system32\nwiz.exe]
“NvMediaCenter”=“RUNDLL32.exe” [2004-08-04 13:00 C:\WINDOWS\system32\rundll32.exe]
“SunJavaUpdateSched”=“C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe” [2007-09-25 01:11]
“V0220Mon.exe”=“F:\DRIVERS\English\V0220Mon.exe” []
“AVFX Engine”=“C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe” [2006-10-19 19:44]
“EPSON Stylus DX4800 Series”=“C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.exe” [2005-02-02 04:00]
“iKeyWorks”=“C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe” [2004-08-31 06:33]
“WheelMouse”=“C:\PROGRA~1\A4Tech\Mouse\Amoumain.exe” [2004-09-01 03:28]
“RTBatteryMeter”=“C:\Program Files\VibrateGameDeviceDriver\RFPIcon.exe” [2003-01-16 11:32]
“OODefragTray”=“C:\WINDOWS\system32\oodtray.exe” [2007-05-11 02:08]
“NBKeyScan”=“C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe” [2007-12-03 14:21]
“SiteAdvisor”=“C:\Program Files\SiteAdvisor\6253\SiteAdv.exe” [2007-08-13 19:05]
“TrayServer”=“D:\Moje Programy\Programy\Programy video\TrayServer.exe” []
“APVXDWIN”=“C:\Program Files\Panda Security\Panda Internet Security 2008\APVXDWIN.exe” [2007-07-23 18:30]
“SCANINICIO”=“C:\Program Files\Panda Security\Panda Internet Security 2008\Inicio.exe” [2007-07-11 15:17]
“UVS11 Preload”=“D:\Moje Programy\Programy\Ulead VideoStudio 11\uvPL.exe” [2007-09-12 12:17]
“Sony Ericsson PC Suite”=“C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe” [2007-06-13 08:16]
“QuickTime Task”=“C:\Program Files\QuickTime\QTTask.exe” [2007-12-11 10:56]
“iTunesHelper”=“C:\Program Files\iTunes\iTunesHelper.exe” [2007-12-11 12:10]
“NeroFilterCheck”=“C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe” [2007-03-01 14:57]
“SecurDisc”=“C:\Program Files\Nero\Nero8\InCD\NBHGui.exe” [2007-12-13 22:02]
“InCD”=“C:\Program Files\Nero\Nero8\InCD\InCD.exe” [2007-12-13 22:02]
C:\Documents and Settings\Wojciech\Menu Start\Programy\Autostart\
ERUNT AutoBackup.lnk - C:\Program Files\ERUNT\AUTOBACK.EXE [2005-10-20 12:04:08]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
“{56F9679E-7826-4C84-81F3-532071A8BCC5}”= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 15:39 294400]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
avldr.dll 2007-02-15 20:02 50736 C:\WINDOWS\system32\avldr.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Synchronizer.lnk]
path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Synchronizer.lnk
backup=C:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^ComproRemote.lnk]
path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\ComproRemote.lnk
backup=C:\WINDOWS\pss\ComproRemote.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^ComproScheduler.lnk]
path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\ComproScheduler.lnk
backup=C:\WINDOWS\pss\ComproScheduler.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^TweakYC.lnk]
path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\TweakYC.lnk
backup=C:\WINDOWS\pss\TweakYC.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Wyszukiwanie z pulpitu systemu Windows.lnk]
path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Wyszukiwanie z pulpitu systemu Windows.lnk
backup=C:\WINDOWS\pss\Wyszukiwanie z pulpitu systemu Windows.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
“NMIndexingService”=3 (0x3)
R0 timounter;Acronis True Image Backup Archive Explorer;C:\WINDOWS\system32\DRIVERS\timntr.sys [2007-12-11 08:20]
R1 APPFLT;App Filter Plugin;C:\WINDOWS\system32\Drivers\APPFLT.SYS [2007-05-11 09:33]
R1 CXAVSAUD;Compro VideoMate X series Audio Capture;C:\WINDOWS\system32\DRIVERS\cxavsaud.sys [2006-03-22 15:07]
R1 DSAFLT;DSA Filter Plugin;C:\WINDOWS\system32\Drivers\DSAFLT.SYS [2007-05-11 09:33]
R1 FNETMON;NetMon Filter Plugin;C:\WINDOWS\system32\Drivers\fnetmon.SYS [2007-05-11 09:33]
R1 IDSFLT;Ids Filter Plugin;C:\WINDOWS\system32\Drivers\IDSFLT.SYS [2007-07-11 11:39]
R1 NETFLTDI;Panda Net Driver [TDI Layer];C:\WINDOWS\system32\Drivers\NETFLTDI.SYS [2007-05-11 09:33]
R1 ShldDrv;Panda File Shield Driver;C:\WINDOWS\system32\Drivers\ShlDrv51.sys [2007-05-23 15:40]
R1 SMSFLT;SMS Filter Plugin;C:\WINDOWS\system32\Drivers\SMSFLT.SYS [2007-05-11 09:33]
R1 WNMFLT;Wifi Monitor Filter Plugin;C:\WINDOWS\system32\Drivers\WNMFLT.SYS [2007-05-11 09:33]
R2 ACEDRV08;ACEDRV08;C:\WINDOWS\system32\drivers\ACEDRV08.sys [2007-11-13 16:12]
R2 cpoint;Panda CPoint Driver;C:\WINDOWS\system32\drivers\cpoint.sys [2007-06-08 08:44]
R2 CX23880;Conexant 23880 Video Capture;C:\WINDOWS\system32\drivers\cx88vid.sys [2006-03-22 15:12]
R2 CXTUNE;Conexant 2388x Tuner;C:\WINDOWS\system32\drivers\CX88TUNE.sys [2006-03-22 15:07]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3;C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-12-03 14:21]
R2 NeroRegInCDSrv;Nero Registry InCD Service;C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe [2007-12-13 22:02]
R2 PavProc;Panda Process Protection Driver;C:\WINDOWS\system32\DRIVERS\PavProc.sys [2007-07-12 13:49]
R2 tifsfilter;Acronis True Image FS Filter;C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2007-12-11 08:20]
R3 Amusbdev;A4Tech Wireless Desktop USB RF-Mouse filter driver;C:\WINDOWS\system32\DRIVERS\Amusbdev.sys [2004-08-25 10:09]
R3 AvFlt;Antivirus Filter Driver;C:\WINDOWS\system32\drivers\av5flt.sys []
R3 ComFiltr;Panda Anti-Dialer;C:\WINDOWS\system32\DRIVERS\COMFiltr.sys [2007-12-27 10:48]
R3 CXAVXBAR;Compro VideoMate X series AVStream Crossbar;C:\WINDOWS\system32\drivers\cxavxbar.sys [2006-03-22 15:07]
R3 DynCal;Dynamic Calibration Service;C:\WINDOWS\system32\drivers\Dyncal.sys [2003-11-14 03:46]
R3 NETIMFLT;PANDA NDIS IM Filter Miniport;C:\WINDOWS\system32\DRIVERS\netimflt.sys [2007-04-24 15:43]
R3 PavSRK.sys;PavSRK.sys;C:\WINDOWS\system32\PavSRK.sys []
R3 PavTPK.sys;PavTPK.sys;C:\WINDOWS\system32\PavTPK.sys []
R3 V0220Dev;Live! Cam Video IM;C:\WINDOWS\system32\DRIVERS\V0220Dev.sys [2006-05-24 09:55]
R3 V0220Vfx;V0220VFX;C:\WINDOWS\system32\DRIVERS\V0220Vfx.sys [2006-03-24 09:24]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;D:\Moje Programy\Programy\Common\Database\bin\fbserver.exe [2005-11-17 14:18]
S3 gel90xne;gel90xne;C:\DOCUME~1\Wojciech\USTAWI~1\Temp\gel90xne.sys []
S3 s115bus;Sony Ericsson Device 115 driver (WDM);C:\WINDOWS\system32\DRIVERS\s115bus.sys [2007-04-23 15:54]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\s115mdfl.sys [2007-04-23 15:54]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\s115mdm.sys [2007-04-23 15:54]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\s115mgmt.sys [2007-04-23 15:54]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\s115obex.sys [2007-04-23 15:54]
S3 Start BT in service;Start BT in service;C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [2007-04-21 14:54]
*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
.
Contents of the ‘Scheduled Tasks’ folder
“2007-12-27 08:57:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job”
“2007-12-15 15:54:24 C:\WINDOWS\Tasks\Podstawowe porządkowanie.job”
“2007-12-15 15:54:24 C:\WINDOWS\Tasks\Podstawowe porządkowanie1.job”
.
**************************************************************************
catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-27 16:36:06
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
detected NTDLL code modification:
ZwEnumerateKey, ZwClose, ZwEnumerateValueKey, ZwQueryValueKey, ZwOpenFile
scanning hidden processes …
scanning hidden autostart entries …
scanning hidden files …
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-12-27 16:37:03
.
2007-12-13 12:22:26 — E O F —]
Witam Serdecznie.
Wczoraj wkleiłem logi, o których pisaliście.
Bardzo proszę o sprawdzenie i ewentualną pomoc w moim problemie, z dziwnym komunikatem podczas uruchamiania systemu.
Dziękuję i Pozdrawiam.
Daj kazdy log z osobna w code lub quote bo tak to wyglada jak jeden wielki syf 
Przepraszam już się poprawiam.
Proszę o odrobinę wyrozumiałości. Jestem jeszcze “zielony” w temacie.
Oto prawidłowe (mam nadzieję…) logi.
Proszę o pomoc i pozdrawiam.
Witam Serdecznie.
Jeszcze raz proszę o sprawdzenie logów, które wcześniej wkleiłem (mam nadzieję, że już poprawnie…).
Problem dotyczy dziwnego komunikatu pojawiającego się podczas uruchamiania systemu.
Bardzo Proszę o pomoc.
Dziękuję i pozdrawiam.
.