Problem z C:\WINDOWS\System32\Tools\DelFolders.exe


(saylor13) #1

Witam. Podczas uruchamiania komp. i otwarciu Windows XPprofesional pokazuje się komunikat, że sytem nie może znależć foleru C:\WINDOWS\System32\Tools\DelFolders.exe. Nie wiem o co chodzi. Czy ktoś może mnie objaśnić :?


(Leon$) #2

Daj log HijackThis i Combofix http://forum.dobreprogramy.pl/viewtopic.php?f=16&t=36654

wywalimy co trzeba i będzie OK

:slight_smile:


(niezDarek) #3

viewtopic.php?f=13&t=164809&start=0&st=0&sk=t&sd=a


(saylor13) #4

Logfile of HijackThis v1.99.1

Scan saved at 07:15:48, on 2008-02-12

Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:WINDOWSSystem32smss.exe

C:WINDOWSsystem32winlogon.exe

C:WINDOWSsystem32services.exe

C:WINDOWSsystem32lsass.exe

C:WINDOWSsystem32Ati2evxx.exe

C:WINDOWSsystem32svchost.exe

C:WINDOWSSystem32svchost.exe

C:WINDOWSsystem32Ati2evxx.exe

C:WINDOWSExplorer.EXE

C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe

C:Program FilesAlwil SoftwareAvast4ashServ.exe

C:WINDOWSsystem32LEXBCES.EXE

C:WINDOWSsystem32spoolsv.exe

C:WINDOWSsystem32LEXPPS.EXE

C:WINDOWSsystem32bgsvcgen.exe

C:WINDOWSsystem32svchost.exe

C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe

C:Program FilesAlwil SoftwareAvast4ashWebSv.exe

C:WINDOWSsystem32wscntfy.exe

C:WINDOWSSOUNDMAN.EXE

C:Program FilesSilicon Integrated SystemsSiSRaidPackageSRaid.exe

C:Program FilesLexmark 1200 Serieslxczbmgr.exe

C:WINDOWSVMSnap3.EXE

C:WINDOWSDomino.EXE

C:Program FilesATI TechnologiesATI Control Panelatiptaxx.exe

C:Program FilesLexmark 1200 Serieslxczbmon.exe

C:PROGRA~1ALWILS~1Avast4ashDisp.exe

E:Program FilesMpcStarCodecsQuickTimeQTSystemqttask.exe

C:WINDOWSsystem32ctfmon.exe

E:Program FilesBitCometBitComet.exe

C:Program FilesMessengermsmsgs.exe

C:Documents and SettingsAdministratorMoje dokumentyHijackThis.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://google.atcomet.com/b/

R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = ĹÄ…cza

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll

O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - E:Program FilesBitComettoolsBitCometBHO_1.2.1.2.dll

O4 - HKLM…Run: [siSUSBRG] C:WINDOWSSiSUSBrg.exe

O4 - HKLM…Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM…Run: [siSRaid] C:Program FilesSilicon Integrated SystemsSiSRaidPackageSRaid.exe

O4 - HKLM…Run: [Lexmark 1200 Series] “C:Program FilesLexmark 1200 Serieslxczbmgr.exe”

O4 - HKLM…Run: [VMSnap3] C:WINDOWSVMSnap3.EXE

O4 - HKLM…Run: [Domino] C:WINDOWSDomino.EXE

O4 - HKLM…Run: [bigDog303] C:WINDOWSVM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)

O4 - HKLM…Run: [ATIPTA] “C:Program FilesATI TechnologiesATI Control Panelatiptaxx.exe”

O4 - HKLM…Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe

O4 - HKLM…Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe

O4 - HKLM…Run: [QuickTime Task] “E:Program FilesMpcStarCodecsQuickTimeQTSystemqttask.exe” -atboottime

O4 - HKLM…Run: [Adobe Reader Speed Launcher] “C:Program FilesAdobeReader 8.0ReaderReader_sl.exe”

O4 - HKLM…RunOnce: [Execute] C:WINDOWSSystem32ToolsDelFolders.exe

O4 - HKCU…Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe

O4 - HKCU…Run: [bitComet] “E:Program FilesBitCometBitComet.exe” /tray

O4 - HKCU…Run: [MSMSGS] “C:Program FilesMessengermsmsgs.exe” /background

O4 - HKCU…Run: [uIWatcher] E:Program FilesAshampoo Magical UnInstallUIWatcher.exe

O4 - Startup: Reboot.exe

O8 - Extra context menu item: &D&ownload &with BitComet - res://E:Program FilesBitCometBitComet.exe/AddLink.htm

O8 - Extra context menu item: &D&ownload all video with BitComet - res://E:Program FilesBitCometBitComet.exe/AddVideo.htm

O8 - Extra context menu item: &D&ownload all with BitComet - res://E:Program FilesBitCometBitComet.exe/AddAllLink.htm

O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://E:Program FilesBitComettoolsBitCometBHO_1.2.1.2.dll/206 (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe

O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe

O17 - HKLMSystemCCSServicesTcpip…{68EBEDEE-0E0A-4BB6-B72E-AE41E3470465}: NameServer = 194.204.159.1,194.204.152.34

O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - E:Program FilesAreschatServer.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:WINDOWSsystem32Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:Program FilesAlwil SoftwareAvast4ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:Program FilesAlwil SoftwareAvast4ashWebSv.exe" /service (file missing)

O23 - Service: B’s Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:WINDOWSsystem32bgsvcgen.exe

O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:WINDOWSsystem32LEXBCES.EXE


(niezDarek) #5

usuń

O4 - Startup: Reboot.exe


(Leon$) #6

A gdzie ukośniki w ścieżkach w tym logu

wklej jak się należy

:slight_smile:


(saylor13) #7

Logfile of HijackThis v1.99.1

Scan saved at 07:15:48, on 2008-02-12

Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\LEXPPS.EXE

C:\WINDOWS\system32\bgsvcgen.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\Silicon Integrated Systems\SiSRaidPackage\SRaid.exe

C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe

C:\WINDOWS\VMSnap3.EXE

C:\WINDOWS\Domino.EXE

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\Program Files\Lexmark 1200 Series\lxczbmon.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

E:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe

C:\WINDOWS\system32\ctfmon.exe

E:\Program Files\BitComet\BitComet.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Documents and Settings\Administrator\Moje dokumenty\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.atcomet.com/b/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - E:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll

O4 - HKLM…\Run: [siSUSBRG] C:\WINDOWS\SiSUSBrg.exe

O4 - HKLM…\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM…\Run: [siSRaid] C:\Program Files\Silicon Integrated Systems\SiSRaidPackage\SRaid.exe

O4 - HKLM…\Run: [Lexmark 1200 Series] “C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe”

O4 - HKLM…\Run: [VMSnap3] C:\WINDOWS\VMSnap3.EXE

O4 - HKLM…\Run: [Domino] C:\WINDOWS\Domino.EXE

O4 - HKLM…\Run: [bigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)

O4 - HKLM…\Run: [ATIPTA] “C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe”

O4 - HKLM…\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM…\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM…\Run: [QuickTime Task] “E:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe” -atboottime

O4 - HKLM…\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe”

O4 - HKLM…\RunOnce: [Execute] C:\WINDOWS\System32\Tools\DelFolders.exe

O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU…\Run: [bitComet] “E:\Program Files\BitComet\BitComet.exe” /tray

O4 - HKCU…\Run: [MSMSGS] “C:\Program Files\Messenger\msmsgs.exe” /background

O4 - HKCU…\Run: [uIWatcher] E:\Program Files\Ashampoo Magical UnInstall\UIWatcher.exe

O4 - Startup: Reboot.exe

O8 - Extra context menu item: &D&ownload &with BitComet - res://E:\Program Files\BitComet\BitComet.exe/AddLink.htm

O8 - Extra context menu item: &D&ownload all video with BitComet - res://E:\Program Files\BitComet\BitComet.exe/AddVideo.htm

O8 - Extra context menu item: &D&ownload all with BitComet - res://E:\Program Files\BitComet\BitComet.exe/AddAllLink.htm

O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://E:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O17 - HKLM\System\CCS\Services\Tcpip…{68EBEDEE-0E0A-4BB6-B72E-AE41E3470465}: NameServer = 194.204.159.1,194.204.152.34

O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - E:\Program Files\Ares\chatServer.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: B’s Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe

O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

:oops:


(Leon$) #8

wpisy

O4 - HKLM\..\RunOnce: [Execute] C:\WINDOWS\System32\Tools\DelFolders.exe

O4 - Startup: Reboot.exe

O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://E:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing)

usuń HijackThisem >> Fix checked

Pobierz Combofix http://www.bezpieczenstwosystemow.pl/index.php?topic=18.0

przeskanuj system daj log na forum

:slight_smile:


(saylor13) #9

Jak dotąd wszystko wyszło doskonale, ale nie udało mi się z ComboFix. Przy próbie uruchomienia pojawia się komunikat "C:\Document and Setings\Administrator\Pulpit\ComboFix.exe nie jest prawidłową aplikacją systemu Win32. I tu moje możliwości się kończą. ![-o<


(Leon$) #10

http://www.searchengines.pl/index.php?showtopic=86306&st=0&p=395642entry395642

Daj log z DSS http://www.searchengines.pl/index.php?showtopic=86306&st=0&p=392369entry392369

:slight_smile:


(saylor13) #11

Run by Administrator on 2008-02-18 07:41:33

Computer is in Normal Mode.


– HijackThis (run as Administrator.exe) ---------------------------------------

Logfile of HijackThis v1.99.1

Scan saved at 07:41:38, on 2008-02-18

Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\Silicon Integrated Systems\SiSRaidPackage\SRaid.exe

C:\WINDOWS\system32\LEXBCES.EXE

C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe

C:\WINDOWS\VMSnap3.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Domino.EXE

C:\WINDOWS\system32\LEXPPS.EXE

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\Lexmark 1200 Series\lxczbmon.exe

E:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Messenger\msmsgs.exe

E:\Program Files\BitComet\BitComet.exe

C:\WINDOWS\system32\bgsvcgen.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Documents and Settings\Administrator\Pulpit\dss.exe

E:\PROGRA~1\ADMINI~1.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.atcomet.com/b/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - E:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll

O2 - BHO: Expressivo - {85F685C3-20D9-4943-95E4-EB4224056C3F} - E:\Program Files\Expressivo Demo\integr\ih-iexplorer\IH_iexplorer.dll

O2 - BHO: Adobe PDF Reader Link Helper - {A8607BAF-0EB3-473C-84C9-F3A5B901A796} - C:\WINDOWS\AcroIEHelper.dll

O3 - Toolbar: Expressivo - {85F685C3-20D9-4943-95E4-EB4224056C3F} - E:\Program Files\Expressivo Demo\integr\ih-iexplorer\IH_iexplorer.dll

O4 - HKLM…\Run: [siSUSBRG] C:\WINDOWS\SiSUSBrg.exe

O4 - HKLM…\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM…\Run: [siSRaid] C:\Program Files\Silicon Integrated Systems\SiSRaidPackage\SRaid.exe

O4 - HKLM…\Run: [Lexmark 1200 Series] “C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe”

O4 - HKLM…\Run: [VMSnap3] C:\WINDOWS\VMSnap3.EXE

O4 - HKLM…\Run: [Domino] C:\WINDOWS\Domino.EXE

O4 - HKLM…\Run: [bigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)

O4 - HKLM…\Run: [ATIPTA] “C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe”

O4 - HKLM…\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM…\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM…\Run: [QuickTime Task] “E:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe” -atboottime

O4 - HKLM…\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe”

O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU…\Run: [MSMSGS] “C:\Program Files\Messenger\msmsgs.exe” /background

O4 - HKCU…\Run: [bitComet] “E:\Program Files\BitComet\BitComet.exe” /tray

O8 - Extra context menu item: &D&ownload &with BitComet - res://E:\Program Files\BitComet\BitComet.exe/AddLink.htm

O8 - Extra context menu item: &D&ownload all video with BitComet - res://E:\Program Files\BitComet\BitComet.exe/AddVideo.htm

O8 - Extra context menu item: &D&ownload all with BitComet - res://E:\Program Files\BitComet\BitComet.exe/AddAllLink.htm

O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://E:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab

O17 - HKLM\System\CCS\Services\Tcpip…{68EBEDEE-0E0A-4BB6-B72E-AE41E3470465}: NameServer = 194.204.159.1,194.204.152.34

O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - E:\Program Files\Ares\chatServer.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: B’s Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe

O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

– Files created between 2008-01-18 and 2008-02-18 -----------------------------

2008-02-16 23:16:39 0 d-------- C:\WINDOWS\system32\PLS Kalendarz dir

2008-02-16 23:16:05 512000 --a------ C:\WINDOWS\system32\PLS Kalendarz.scr

2008-02-16 22:06:17 0 d-------- C:\Program Files\Kuma Games

2008-02-12 20:45:44 231424 --a------ C:\WINDOWS\AcroIEHelper.dll

2008-02-12 20:45:43 50 --a------ C:\tmp.bat

2008-02-12 07:47:04 0 d-------- C:\WINDOWS\pss

2008-02-11 14:32:53 217127 --a------ C:\WINDOWS\system32\drv43260.dll

2008-02-11 14:32:53 208935 --a------ C:\WINDOWS\system32\drv33260.dll

2008-02-11 14:32:53 176165 --a------ C:\WINDOWS\system32\drv23260.dll

2008-02-11 14:32:53 65602 --a------ C:\WINDOWS\system32\cook3260.dll

2008-02-11 14:32:51 0 d-------- C:\Program Files\VSO

2008-02-10 20:53:59 47360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys

2008-02-07 14:14:24 48 --a------ C:\WINDOWS\EL0103.dat

2008-02-07 13:45:56 0 d–h----- C:\WINDOWS\PIF

2008-02-04 22:33:01 2560 --a------ C:\WINDOWS\system32\bitcometres.dll

2008-02-03 23:25:08 305152 --a------ C:\WINDOWS\IsUninst.exe

2008-02-01 13:09:10 0 d-------- C:\WINDOWS\system32\SoftwareDistribution

2008-01-29 13:59:29 9192 --ah----- C:\WINDOWS\system32\mlfcache.dat

2008-01-29 09:52:18 15872 --a------ C:\WINDOWS\system32\winskfr.dll

2008-01-29 09:52:18 119568 --a------ C:\WINDOWS\system32\vb6fr.dll

2008-01-28 14:31:27 7680 --a------ C:\WINDOWS\system32\ff_vfw.dll

2008-01-28 11:19:17 1158 --a------ C:\WINDOWS\mozver.dat

2008-01-27 09:53:11 12281687 --a------ C:\avg7qt(2).dat

2008-01-27 09:49:43 106496 --a------ C:\WINDOWS\system32\TwnLib20.dll

2008-01-27 09:49:39 471040 -----n— C:\WINDOWS\system32\ImagXRA7.dll

2008-01-27 09:49:39 262144 -----n— C:\WINDOWS\system32\ImagXR7.dll

2008-01-27 09:49:39 1568768 -----n— C:\WINDOWS\system32\ImagX7.dll

2008-01-27 09:49:37 155648 --a------ C:\WINDOWS\system32\NeroCheck.exe

2008-01-27 09:45:37 516096 -----n— C:\WINDOWS\system32\ati2sgag.exe

2008-01-27 09:00:52 0 --a------ C:\WINDOWS\nsreg.dat

2008-01-27 00:20:39 664 --a------ C:\WINDOWS\system32\d3d9caps.dat

2008-01-26 23:30:01 49152 -----n— C:\WINDOWS\system32\setupsvc.dll

2008-01-26 23:30:01 57344 -----n— C:\WINDOWS\system32\GenSvcInst.exe

2008-01-26 23:30:01 86016 -----n— C:\WINDOWS\system32\bgsvcgen.exe

2008-01-26 23:30:00 32256 -----n— C:\WINDOWS\system32\drivers\cdrbsdrv.sys

2008-01-26 23:26:59 274432 --a------ C:\WINDOWS\system32\FFTIFF16.dll

2008-01-26 23:26:59 208896 --a------ C:\WINDOWS\system32\FFRafShellEx.dll

2008-01-26 23:26:59 155648 --a------ C:\WINDOWS\system32\FFRAFLIB.DLL

2008-01-26 23:22:15 0 d-------- C:\Program Files\ABBYY FineReader 5.0 Sprint

2008-01-26 23:21:58 0 d-------- C:\Program Files\FaxTools

2008-01-26 23:16:29 49152 --a------ C:\WINDOWS\VMSnap3.EXE

2008-01-26 23:16:29 24576 --a------ C:\WINDOWS\VMPipe.dll

2008-01-26 23:16:29 102400 --a------ C:\WINDOWS\VM303Cap.exe http://www.zsmc.com.cn; http://www.zsmc.com.cn StillCap>

2008-01-26 23:16:29 81920 --a------ C:\WINDOWS\system32\VM303STI.dll

2008-01-26 23:16:29 40960 --a------ C:\WINDOWS\system32\setupfilter.exe

2008-01-26 23:16:29 428160 --a------ C:\WINDOWS\system32\drivers\vmfilter303.sys

2008-01-26 23:16:29 53248 --a------ C:\WINDOWS\Sti303.exe

2008-01-26 23:16:28 32768 --a------ C:\WINDOWS\VMZoom.exe

2008-01-26 23:16:28 392058 --a------ C:\WINDOWS\system32\drivers\usbVM303.sys

2008-01-26 23:16:28 49152 --a------ C:\WINDOWS\Domino.EXE

2008-01-26 23:16:28 176128 --a------ C:\WINDOWS\amcap.exe

2008-01-26 23:16:28 0 d-------- C:\Program Files\Vimicro

2008-01-26 23:02:42 40960 -----n— C:\WINDOWS\system32\ChCfg.exe

2008-01-26 23:02:36 49024 -ra------ C:\WINDOWS\system32\drivers\sisidex.sys

2008-01-26 23:02:33 139264 -ra------ C:\WINDOWS\system32\IDEproperty.dll

2008-01-26 23:02:25 9472 -ra------ C:\WINDOWS\system32\drivers\sisperf.sys

2008-01-26 23:02:22 584 -----n— C:\WINDOWS\system32\drivers\alcxinit.dat

2008-01-26 23:02:22 208896 -----n— C:\WINDOWS\alcupd.exe

2008-01-26 23:02:22 139264 -----n— C:\WINDOWS\alcrmv.exe

2008-01-26 23:02:15 304640 --a------ C:\WINDOWS\IsUn0415.exe

2008-01-26 23:01:56 106496 -----n— C:\WINDOWS\SiSUSBrg.exe

2008-01-26 23:01:56 3583 -----n— C:\WINDOWS\SiSport.sys

2008-01-26 23:01:56 32768 -----n— C:\WINDOWS\SIS_LIB.DLL

2008-01-26 22:48:29 21856 --a------ C:\WINDOWS\system32\emptyregdb.dat

2008-01-19 12:27:50 0 d-------- C:\Program Files\Handset Manager

– Find3M Report ---------------------------------------------------------------

2008-02-16 21:52:03 0 d-------- C:\Documents and Settings\Administrator\Dane aplikacji\Expressivo

2008-02-16 21:12:18 0 d-------- C:\Documents and Settings\Administrator\Dane aplikacji\Skype

2008-02-14 16:23:55 668 --a------ C:\Documents and Settings\Administrator\Dane aplikacji\vso_ts_preview.xml

2008-02-14 16:23:55 0 d-------- C:\Documents and Settings\Administrator\Dane aplikacji\Vso

2008-02-11 14:33:11 34 --a------ C:\Documents and Settings\Administrator\Dane aplikacji\pcouffin.log

2008-02-11 14:33:01 47360 --a------ C:\Documents and Settings\Administrator\Dane aplikacji\pcouffin.sys

2008-02-11 14:33:01 1144 --a------ C:\Documents and Settings\Administrator\Dane aplikacji\pcouffin.inf

2008-02-11 14:33:01 7887 --a------ C:\Documents and Settings\Administrator\Dane aplikacji\pcouffin.cat

2008-02-09 19:55:28 0 d-------- C:\Program Files\REGSHAVE

2008-02-09 12:44:45 355486 --a------ C:\WINDOWS\system32\perfh015.dat

2008-02-09 12:44:45 49492 --a------ C:\WINDOWS\system32\perfc015.dat

2008-02-09 12:34:48 0 d-------- C:\Documents and Settings\Administrator\Dane aplikacji\FUJIFILM

2008-02-05 10:14:28 0 d-------- C:\Documents and Settings\Administrator\Dane aplikacji\Earthsim

2008-02-04 07:45:51 0 d-------- C:\Documents and Settings\Administrator\Dane aplikacji\Adobe

2008-01-29 13:53:58 0 d-------- C:\Program Files\Lexmark 1200 Series

2008-01-28 17:55:32 0 d-------- C:\Documents and Settings\Administrator\Dane aplikacji\Opera

2008-01-28 13:56:58 0 d-------- C:\Documents and Settings\Administrator\Dane aplikacji\DivX

2008-01-28 11:20:24 0 d-------- C:\Documents and Settings\Administrator\Dane aplikacji\Macromedia

2008-01-28 10:26:02 0 d-------- C:\Program Files\Common Files\Adobe

2008-01-28 09:34:29 0 d-------- C:\Documents and Settings\Administrator\Dane aplikacji\SolSuite

2008-01-28 09:34:29 0 d-------- C:\Documents and Settings\Administrator\Dane aplikacji\Help

2008-01-27 09:00:49 0 d-------- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla

2008-01-27 08:53:06 0 d-------- C:\Documents and Settings\Administrator\Dane aplikacji\Gadu-Gadu

2008-01-27 00:07:48 0 d-------- C:\Documents and Settings\Administrator\Dane aplikacji\Media Player Classic

2008-01-26 23:42:03 62 --ahs---- C:\Documents and Settings\Administrator\Dane aplikacji\desktop.ini

2008-01-26 23:21:59 0 d–h----- C:\Program Files\InstallShield Installation Information

2008-01-26 23:03:29 0 d-------- C:\Program Files\SiSLan

2008-01-26 23:02:49 0 d-------- C:\Program Files\AvRack

2008-01-26 22:55:05 0 d-------- C:\Documents and Settings\Administrator\Dane aplikacji\Identities

2008-01-26 22:47:51 0 d-------- C:\Program Files\Messenger

2008-01-10 16:36:44 0 d-------- C:\Program Files\Common Files

2008-01-10 08:45:21 0 d-------- C:\Program Files\Alwil Software

2008-01-09 18:26:00 0 d-------- C:\Program Files\Ahead

2008-01-04 22:58:50 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll

2008-01-04 22:57:22 196608 --a------ C:\WINDOWS\system32\dtu100.dll

2008-01-04 22:57:22 81920 --a------ C:\WINDOWS\system32\dpl100.dll

2008-01-04 22:57:12 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll

2008-01-04 22:57:10 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll

2008-01-04 22:57:10 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll

2008-01-04 22:57:10 682496 --a------ C:\WINDOWS\system32\DivX.dll

2008-01-04 22:56:24 12288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll

2007-12-30 21:32:43 0 d-------- C:\Program Files\Google

– Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE~\Browser Helper Objects{A8607BAF-0EB3-473C-84C9-F3A5B901A796}]

2008-02-12 20:47 231424 --a------ C:\WINDOWS\AcroIEHelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

“SiSUSBRG”=“C:\WINDOWS\SiSUSBrg.exe” [2002-07-12 11:15]

“SoundMan”=“SOUNDMAN.EXE” [2004-12-22 10:09 C:\WINDOWS\SOUNDMAN.EXE]

“SiSRaid”=“C:\Program Files\Silicon Integrated Systems\SiSRaidPackage\SRaid.exe” [2004-12-22 17:32]

“Lexmark 1200 Series”=“C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe” [2006-07-13 06:33]

“VMSnap3”=“C:\WINDOWS\VMSnap3.EXE” [2006-08-30 10:58]

“Domino”=“C:\WINDOWS\Domino.EXE” [2006-06-28 17:54]

“BigDog303”=“C:\WINDOWS\VM303_STI.exe” []

“ATIPTA”=“C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe” [2005-10-14 21:05]

“NeroFilterCheck”=“C:\WINDOWS\system32\NeroCheck.exe” [2001-07-09 11:50]

“avast!”=“C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe” [2007-12-04 14:00]

“QuickTime Task”=“E:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe” [2008-01-30 12:57]

“Adobe Reader Speed Launcher”=“C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe” [2008-01-11 22:16]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

“CTFMON.EXE”=“C:\WINDOWS\system32\ctfmon.exe” [2004-08-03 23:44]

“MSMSGS”=“C:\Program Files\Messenger\msmsgs.exe” [2004-08-03 23:55]

“BitComet”=“E:\Program Files\BitComet\BitComet.exe” [2008-02-01 08:20]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitComet]

“E:\Program Files\BitComet\BitComet.exe” /tray

– End of Deckard’s System Scanner: finished at 2008-02-18 07:42:29 ------------


(niezDarek) #12

logi wklejaj lepiej na: http://wklej.org/


(Leon$) #13

Nic w logach niepokojącego nie ma napisz czy wszystko jest dobrze

:slight_smile:


(saylor13) #14

Jak na razie wszystko gra :lol: Dzięki wszystkim. Do następnego błędu.


(Asterisk) #15

saylor13 , Na przyszłość to proszę o dostosowanie się do tematu

Nowe zasady wklejania logów na forum


(saylor13) #16

OK. Dzięki za pomoc :lol: