Witam, przy próbie otwarcia jakiejkolwiek aplikacji wyskakuje komunikat " Uruchomie tej aplikacji nie powiodło się , ponieważ nie znaleziono mslkokke.dll. Ponowne zainstalowanie tej aplikacji może naprawi ten problem." Co to oznacza i czy można ten problem naprawi?
Win xp he
Nie moę uruchomic również Combofix.
ComboFix 08-10-10.09 - Właściciel 2008-10-13 17:26:16.1 - NTFSx86
Uruchomiony z: C:\Documents and Settings\Właściciel\Pulpit\ComboFix.exe
UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA
.
((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Autorun.inf
C:\Program Files\INSTALL.LOG
C:\setup.exe
C:\WINDOWS\IE4 Error Log.txt
.
((((((((((((((((((((((((( Pliki utworzone od 2008-09-13 do 2008-10-13 )))))))))))))))))))))))))))))))
.
2008-10-13 12:48 . 2008-10-13 12:48
2008-10-13 11:55 . 2008-10-13 11:55
2008-10-13 11:30 . 2008-10-13 11:55
2008-10-13 11:30 . 2008-10-13 11:30
2008-10-13 11:30 . 2004-08-04 09:00 99,995 --a------ C:\SETUPXP.HTM
2008-10-13 11:30 . 2004-08-04 09:00 38,019 --a------ C:\README.HTM
2008-10-13 11:30 . 2004-08-04 09:00 10 --a------ C:\WIN51IP.SP2
2008-10-13 11:30 . 2004-08-04 09:00 10 --a------ C:\WIN51IP
2008-10-13 11:30 . 2004-08-04 09:00 10 --a------ C:\WIN51
2008-10-13 11:18 . 2008-10-13 11:29
2008-10-13 11:17 . 2008-10-13 11:18
2008-10-13 11:17 . 2008-10-13 11:55
2008-10-13 11:17 . 2008-10-13 11:17
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-13 15:31 --------- d-----w C:\Documents and Settings\Właściciel\Dane aplikacji\FileZilla
2008-10-13 15:31 --------- d-----w C:\Documents and Settings\Właściciel\Dane aplikacji\FileZilla
2008-10-13 15:31 --------- d-----w C:\Documents and Settings\Właściciel\Dane aplikacji\FileZilla
2008-08-20 21:14 --------- d-----w C:\Documents and Settings\Właściciel\Dane aplikacji\skypePM
2008-08-20 21:14 --------- d-----w C:\Documents and Settings\Właściciel\Dane aplikacji\skypePM
2008-08-20 21:14 --------- d-----w C:\Documents and Settings\Właściciel\Dane aplikacji\skypePM
2008-08-20 18:30 2,864 ----a-w C:\WINDOWS\system32\winsock.dll
2008-08-20 17:02 --------- d-----w C:\Program Files\Sun
2008-08-20 17:01 --------- d-----w C:\Program Files\Java
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-03-18 01:48 32 ----a-w C:\Documents and Settings\All Users\Dane aplikacji\ezsid.dat
2007-03-19 19:13 6,422,611 ----a-w C:\Program Files\frostwire-4.13.1.6.windows.exe
2006-06-23 06:48 32,768 ----a-r C:\WINDOWS\inf\UpdateUSB.exe
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“Skype”=“C:\Program Files\Skype\Phone\Skype.exe” [2008-02-01 21898024]
“BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}”=“C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe” [2006-11-16 139264]
“ctfmon.exe”=“C:\WINDOWS\system32\ctfmon.exe” [2006-03-02 15360]
“MSMSGS”=“C:\Program Files\Messenger\msmsgs.exe” [2004-10-13 1694208]
“Odkurzacz-MCD”=“C:\Program Files\Odkurzacz\odk_mcd.exe” [2008-02-04 266240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“SoundMAXPnP”=“C:\Program Files\Analog Devices\Core\smax4pnp.exe” [2006-05-01 843776]
“JMB36X Configure”=“C:\WINDOWS\system32\JMRaidTool.exe” [2006-06-02 385024]
“ATICCC”=“C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe” [2006-05-10 90112]
“Google Desktop Search”=“C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe” [2007-11-03 1862144]
“NeroFilterCheck”=“C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe” [2006-01-12 155648]
“Samsung PanelMgr”=“C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe” [2007-05-30 520192]
“SunJavaUpdateSched”=“C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe” [2008-06-10 144784]
“QuickTime Task”=“C:\Program Files\QuickTime\qttask.exe” [2008-03-28 413696]
“iTunesHelper”=“C:\Program Files\iTunes\iTunesHelper.exe” [2008-03-30 267048]
“Adobe Reader Speed Launcher”=“C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe” [2008-01-11 39792]
[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
“CTFMON.EXE”=“C:\WINDOWS\system32\CTFMON.EXE” [2006-03-02 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
“VIDC.ACDV”= ACDV.dll
“msacm.divxa32”= msaud32_divx.acm
[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
“%windir%\system32\sessmgr.exe”=
“F:\LimeWire\LimeWire.exe”=
“C:\Program Files\Bonjour\mDNSResponder.exe”=
“F:\e m u l e\eMule\emule.exe”=
“C:\Program Files\iTunes\iTunes.exe”=
“%windir%\Network Diagnostic\xpnetdiag.exe”=
“C:\Program Files\Skype\Phone\Skype.exe”=
[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
“18718:TCP”= 18718:TCP:BitCometBeta 18718 TCP
“18718:UDP”= 18718:UDP:BitCometBeta 18718 UDP
R2 SSPORT;SSPORT;C:\WINDOWS\system32\Drivers\SSPORT.sys []
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{10436f1d-8b03-11dc-9cd5-0018f3a128af}]
\Shell\AutoRun\command - K:\setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{e04adc0f-8a2c-11dc-a854-806d6172696f}]
\Shell\AutoRun\command - I:\ASUSACPI.exe
*Newly Created Service* - WMIAPSRV
.
Zawartość folderu ‘Zaplanowane zadania’
2008-08-29 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
.
HKCU-Run-Nokia.PCSync - D:\P R O G R A M Y
start>>uruchom>>>cmd
sc stop SSPORT
sc delete SSPORT
po każdej linijce enter
usuń ręcznie folder C: \Qoobox , usuń instalkę Combofix z dysku.
Przeczyść komputer Ccleanerem
Wykonaj optymalizację autostartu
Wyłącz i włącz przywracanie systemu na wszystkich dyskach. Instrukcja
Przeskanuj obszar całego komputera http://www.kaspersky.pl/virusscanner.html (uruchom przez IE) Daj raport z niego na forum
lub
KASPERSKY ONLINE SCANNER REPORT
14 październik 2008 16:16:50
System operacyjny: Microsoft Windows XP Home Edition, Dodatek Service Pack 2 (Build 2600)
Kaspersky Online Scanner wersja: 5.0.98.1
Ostatnia aktualizacja Kaspersky Anti-Virus12/10/2008
Liczba wpisów w bazie danych Kaspersky Anti-Virus1306853
Ustawienia skanowania
Skanowanie przy użyciu następujących baz danych rozszerzone
Skanuj archiwa tak
Skanuj pocztowe bazy danych tak
Obszar skanowania Mój komputer
A:\
C:\
D:\
F:\
G:\
H:\
I:\
J:\
Statystyki skanowania
Liczba skanowanych obiektów 193644
Liczba wykrytych wirusów 1
Liczba zainfekowanych obiektów 4
Liczba podejrzanych obiektów 0
Czas trwania skanowania 01:44:18
Nazwa zainfekowanego obiektu Nazwa wirusa Ostatnie działanie
C:\Documents and Settings\All Users\Dane aplikacji\Microsoft\Network\Downloader\qmgr0.dat Object is locked pominięty
C:\Documents and Settings\All Users\Dane aplikacji\Microsoft\Network\Downloader\qmgr1.dat Object is locked pominięty
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked pominięty
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked pominięty
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked pominięty
C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\UsrClass.dat Object is locked pominięty
C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\UsrClass.dat.LOG Object is locked pominięty
C:\Documents and Settings\LocalService\Ustawienia lokalne\Historia\History.IE5\index.dat Object is locked pominięty
C:\Documents and Settings\LocalService\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat Object is locked pominięty
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked pominięty
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked pominięty
C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\UsrClass.dat Object is locked pominięty
C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\UsrClass.dat.LOG Object is locked pominięty
C:\Documents and Settings\Właściciel\Cookies\index.dat Object is locked pominięty
C:\Documents and Settings\Właściciel\NTUSER.DAT Object is locked pominięty
C:\Documents and Settings\Właściciel\ntuser.dat.LOG Object is locked pominięty
C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Ahead\Nero Home\bl.db Object is locked pominięty
C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Ahead\Nero Home\bl.db-journal Object is locked pominięty
C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Ahead\Nero Home\is2.db Object is locked pominięty
C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Ahead\Nero Home\is2.db-journal Object is locked pominięty
C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\ApplicationHistory\CLI.EXE.c88dbd71.ini.inuse Object is locked pominięty
C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\UsrClass.dat Object is locked pominięty
C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\UsrClass.dat.LOG Object is locked pominięty
C:\Documents and Settings\Właściciel\Ustawienia lokalne\Historia\History.IE5\index.dat Object is locked pominięty
C:\Documents and Settings\Właściciel\Ustawienia lokalne\temp\Perflib_Perfdata_12c.dat Object is locked pominięty
C:\Documents and Settings\Właściciel\Ustawienia lokalne\temp\Perflib_Perfdata_be0.dat Object is locked pominięty
C:\Documents and Settings\Właściciel\Ustawienia lokalne\temp\Perflib_Perfdata_be8.dat Object is locked pominięty
C:\Documents and Settings\Właściciel\Ustawienia lokalne\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked pominięty
C:\Documents and Settings\Właściciel\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat Object is locked pominięty
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\logs\sw_ae-20081014-122740.log Object is locked pominięty
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked pominięty
C:\System Volume Information_restore{CD4AB682-A128-4934-876C-7240DC9E2164}\RP270\change.log Object is locked pominięty
C:\WINDOWS\Debug\PASSWD.LOG Object is locked pominięty
C:\WINDOWS\SchedLgU.Txt Object is locked pominięty
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked pominięty
C:\WINDOWS\Sti_Trace.log Object is locked pominięty
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked pominięty
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked pominięty
C:\WINDOWS\system32\config\ACEEvent.evt Object is locked pominięty
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked pominięty
C:\WINDOWS\system32\config\default Object is locked pominięty
C:\WINDOWS\system32\config\default.LOG Object is locked pominięty
C:\WINDOWS\system32\config\Internet.evt Object is locked pominięty
C:\WINDOWS\system32\config\SAM Object is locked pominięty
C:\WINDOWS\system32\config\SAM.LOG Object is locked pominięty
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked pominięty
C:\WINDOWS\system32\config\SECURITY Object is locked pominięty
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked pominięty
C:\WINDOWS\system32\config\software Object is locked pominięty
C:\WINDOWS\system32\config\software.LOG Object is locked pominięty
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked pominięty
C:\WINDOWS\system32\config\system Object is locked pominięty
C:\WINDOWS\system32\config\system.LOG Object is locked pominięty
C:\WINDOWS\system32\drivers\sptd.sys Object is locked pominięty
C:\WINDOWS\system32\h323log.txt Object is locked pominięty
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked pominięty
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked pominięty
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked pominięty
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked pominięty
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked pominięty
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked pominięty
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked pominięty
C:\WINDOWS\wiadebug.log Object is locked pominięty
C:\WINDOWS\wiaservc.log Object is locked pominięty
C:\WINDOWS\WindowsUpdate.log Object is locked pominięty
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked pominięty
F:\Documents and Settings\All Users\Dane aplikacji\Microsoft\Crypto\RSA\MachineKeys\6c32d907d1bdf0df8d5ae5f78e32fbb7_6d4006da-fb2d-4b16-b3d1-9ca0252a071c Object is locked pominięty
F:\Documents and Settings\All Users\Dane aplikacji\Microsoft\Crypto\RSA\MachineKeys\809ec265959e24574782bf2a7ccddaa4_6d4006da-fb2d-4b16-b3d1-9ca0252a071c Object is locked pominięty
F:\Documents and Settings\All Users\Dane aplikacji\Microsoft\Crypto\RSA\MachineKeys\a17472ef4dfcf56c420e5695fd3ae14b_6d4006da-fb2d-4b16-b3d1-9ca0252a071c Object is locked pominięty
F:\Documents and Settings\All Users\Dane aplikacji\Microsoft\Dr Watson\user.dmp Object is locked pominięty
F:\P R O G R A M Y\Driver_Detective.rar/DriverDetective.exe Zainfekowanych: not-a-virus:AdWare.Win32.Dm.qa pominięty
F:\P R O G R A M Y\Driver_Detective.rar RAR: zainfekowany - 1 pominięty
F:\P R O G R A M Y\Driver_Detective_6_1_.2.5.0_-By_VICTORIOUS.zip/Driver Detective 6.2.5.0 - C/DriverDetective.exe Zainfekowanych: not-a-virus:AdWare.Win32.Dm.qa pominięty
F:\P R O G R A M Y\Driver_Detective_6_1_.2.5.0_-By_VICTORIOUS.zip ZIP: zainfekowany - 1 pominięty
F:\System Volume Information\MountPointManagerRemoteDatabase Object is locked pominięty
Proces skanowania został zakończony.
Usuń to:
Usunąłem te dwa pliki, ale nadal są te komunukaty
Pobierz System Repair Engineer http://www.cybertrash.pl/images/tata/Sy … ineer.html przeskanuj system i daj log na forum
[c] [ATI Technologies Inc., 1.2.2208.29988]
[c] [ATI Technologies Inc., 1.2.2442.36627]
[c] [ATI Technologies Inc., 1.2.2442.36692]
[c] [ATI Technologies Inc., 1.2.2236.29147]
[c] [ATI Technologies Inc., 1.2.2442.36613]
[c] [ATI Technologies Inc., 1.2.2236.29162]
[c] [ATI Technologies Inc., 1.2.2442.36683]
[c] [ATI Technologies Inc., 1.2.2208.29994]
[c] [ATI Technologies Inc., 1.2.2442.36607]
[c] [ATI Technologies Inc., 1.2.2208.29993]
[c] [ATI Technologies Inc., 1.2.2442.36689]
[c] [ATI Technologies Inc., 1.2.2341.28028]
[c] [ATI Technologies Inc., 1.2.2341.28007]
[c] [ATI Technologies Inc., 1.2.2442.36616]
[c] [ATI Technologies Inc., 1.2.2341.28018]
[c] [ATI Technologies Inc., 1.2.2442.36679]
[c] [ATI Technologies Inc., 1.2.2442.36676]
[c] [ATI Technologies Inc., 1.2.2442.36686]
[c] [ATI Technologies Inc., 1.2.2341.28013]
[c] [ATI Technologies Inc., 1.2.2442.36610]
[c] [ATI Technologies Inc., 1.2.2341.28023]
[c] [ATI Technologies Inc., 1.2.2442.36649]
[c] [ATI Technologies Inc., 1.2.2279.31385]
[c] [ATI Technologies Inc., 1.2.2442.36654]
[c] [ATI Technologies Inc., 1.2.2442.36646]
[c] [ATI Technologies Inc., 1.2.2208.29989]
[c] [ATI Technologies Inc., 1.2.2442.36666]
[c] [ATI Technologies Inc., 1.2.2442.36661]
[c] [ATI Technologies Inc., 1.2.2442.36663]
[c] [ATI Technologies Inc., 1.2.2208.29990]
[c] [ATI Technologies Inc., 1.2.2442.36619]
[c] [ATI Technologies Inc., 1.2.2208.30002]
[c] [ATI Technologies Inc., 1.2.2232.28756]
[c] [ATI Technologies Inc., 1.2.2232.28758]
[c] [ATI Technologies Inc., 1.11.0.0]
[c] [ATI Technologies Inc., 1.2.2208.29990]
[c] [ATI Technologies Inc., 1.2.2390.25922]
[c] [ATI Technologies Inc., 1.2.2208.29987]
[c] [ATI Technologies Inc., 1.11.0.0]
[c] [ATI Technologies Inc., 1.2.2208.29986]
[c] [ATI Technologies Inc., 1.2.2442.36556]
[c] [ATI Technologies Inc., 1.2.2307.27448]
[c] [ATI Technologies Inc., 1.2.2307.27453]
[c] [ATI Technologies Inc., 1.2.2412.27525]
[c] [ATI Technologies Inc., 1.2.2208.29993]
[c] [ATI Technologies Inc., 1.2.2208.29988]
[c] [ATI Technologies Inc., 1.2.2208.30002]
[C] [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)]
[C] [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)]
[C] [Microsoft Corporation, 1.1.4322.2032]
[C] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)]
[C] [Microsoft Corporation, 1.1.4322.2032]
[C] [Microsoft Corporation, 11.0.5606]
[PID][C] [Apple, Inc., 1, 14, 0, 0]
[PID][C] [ASUSTeK COMPUTER INC., 1, 0, 1, 0]
[PID][C] [Apple Inc., 1,0,4,12]
[PID][C] [Microsoft Corporation, 7.00.9466]
[C] [Microsoft Corporation, 7.00.9466]
[PID][C] [Rocket Division Software, 3.2.3 Build 20070527]
[C] [Apple Inc., 1,0,4,12]
[PID][C] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID][C] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID][C] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID][C] [Nero AG, 1, 5, 3, 0]
[C] [Nero AG, 1, 5, 3, 0]
[C] [Microsoft Corporation, 7.10.3077.0]
[C] [Microsoft Corporation, 7.10.3052.4]
[C] [Nero AG, 1, 5, 3, 0]
[C] [Nero AG, 1, 0, 0, 0]
[C] [Nero AG, 1, 5, 3, 0]
[C] [Nero AG, 1, 5, 3, 0]
[C] [Nero AG, 1, 5, 3, 0]
[C] [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)]
[C] [Nero AG, 1, 5, 3, 0]
[C] [Nero AG, 4,5,13,0]
[C] [Nero AG, 1, 5, 3, 0]
[C] [Nero AG, 1, 5, 3, 0]
[C] [Nero AG, 1, 5, 3, 0]
[PID][C] [Apple Inc., 7.6.2.9]
[C] [Apple Inc., 7.6.2.1]
[C] [Apple Inc., 7.6.2.9]
[PID][C] [ATI Technologies Inc., 1.11.0.0]
[C] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)]
[C] [Microsoft Corporation, 1.1.4322.2032]
[C] [Microsoft Corporation, 7.10.3052.4]
[C] [Microsoft Corporation, 1.1.4322.2032]
[c] [Microsoft Corporation, 1.1.4322.2032]
[c] [N/A,]
[C] [Microsoft Corporation, 1.1.4322.573]
[C] [Microsoft Corporation, 1.1.4322.2032]
[c] [Microsoft Corporation, 1.1.4322.2032]
[c] [N/A,]
[c] [ATI Technologies Inc., 1.2.2442.36564]
[c] [ATI Technologies Inc., 1.2.2208.29985]
[c] [ATI Technologies Inc., 1.2.2208.29986]
[c] [ATI Technologies Inc., 1.2.2442.36720]
[c] [ATI Technologies Inc., 1.2.2208.29991]
[c] [Microsoft Corporation, 1.1.4322.2032]
[c] [N/A,]
[c] [ATI Technologies Inc., 1.2.2442.36720]
[c] [Microsoft Corporation, 1.1.4322.2032]
[c] [N/A,]
[c] [Microsoft Corporation, 1.1.4322.2032]
[c] [ATI Technologies Inc., 1.2.2442.36700]
[c] [ATI Technologies Inc., 1.2.2208.29987]
[C] [Apple Inc., 1,0,4,12]
[c] [Microsoft Corporation, 1.1.4322.573]
[c] [ATI Technologies Inc., 1.2.2442.36723]
[c] [ATI Technologies Inc., 1.0.0.0]
[c] [ATI Technologies Inc., 1.11.0.0]
[c] [ATI Technologies Inc., 1.2.2208.29985]
[c] [ATI Technologies Inc., 1.2.2208.30002]
[c] [Microsoft Corporation, 1.1.4322.2032]
[c] [N/A,]
[c] [ATI Technologies Inc., 1.2.2442.36700]
[c] [Microsoft Corporation, 1.1.4322.2032]
[C] [Microsoft Corporation, 1.1.4322.2032]
[C] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)]
[C] [Microsoft Corporation, 1.1.4322.2032]
[C] [Microsoft Corporation, 11.0.5606]
[PID][C] [ATI Technologies Inc., 1.11.0.0]
[C] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)]
[C] [Microsoft Corporation, 1.1.4322.2032]
[C] [Microsoft Corporation, 7.10.3052.4]
[C] [Microsoft Corporation, 1.1.4322.2032]
[c] [Microsoft Corporation, 1.1.4322.2032]
[c] [N/A,]
[C] [Microsoft Corporation, 1.1.4322.573]
[C] [Microsoft Corporation, 1.1.4322.2032]
[c] [Microsoft Corporation, 1.1.4322.2032]
[c] [N/A,]
[c] [ATI Technologies Inc., 1.2.2442.36564]
[c] [ATI Technologies Inc., 1.2.2208.29985]
[c] [ATI Technologies Inc., 1.2.2208.29986]
[c] [ATI Technologies Inc., 1.2.2442.36720]
[c] [ATI Technologies Inc., 1.2.2208.29991]
[c] [Microsoft Corporation, 1.1.4322.2032]
[c] [N/A,]
[c] [ATI Technologies Inc., 1.2.2442.36720]
[c] [Microsoft Corporation, 1.1.4322.2032]
[c] [N/A,]
[c] [Microsoft Corporation, 1.1.4322.2032]
[c] [ATI Technologies Inc., 1.2.2442.36724]
[c] [ATI Technologies Inc., 1.2.2208.29986]
[c] [ATI Technologies Inc., 1.2.2208.29987]
[C] [Apple Inc., 1,0,4,12]
[c] [Microsoft Corporation, 1.1.4322.573]
[c] [ATI Technologies Inc., 1.2.2442.36723]
[c] [ATI Technologies Inc., 1.0.0.0]
[c] [, 1.0.2153.16662]
[c] [ATI Technologies Inc., 1.2.2208.29985]
[c] [ATI Technologies Inc., 1.2.2208.29987]
[c] [ATI Technologies Inc., 1.2.2442.36727]
[c] [ATI Technologies Inc., 1.2.2442.36717]
[c] [ATI Technologies Inc., 1.2.2208.29990]
[c] [Microsoft Corporation, 1.1.4322.2032]
[c] [N/A,]
[c] [ATI Technologies Inc., 1.11.0.0]
[c] [ATI Technologies Inc., 1.2.2442.36625]
[c] [ATI Technologies Inc., 1.2.2442.36664]
[c] [ATI Technologies Inc., 1.2.2442.36670]
[c] [ATI Technologies Inc., 1.2.2442.36598]
[c] [ATI Technologies Inc., 1.2.2442.36667]
[c] [ATI Technologies Inc., 1.2.2442.36693]
[c] [ATI Technologies Inc., 1.2.2442.36613]
[c] [ATI Technologies Inc., 1.2.2442.36683]
[c] [ATI Technologies Inc., 1.2.2442.36607]
[c] [ATI Technologies Inc., 1.2.2442.36690]
[c] [ATI Technologies Inc., 1.2.2442.36616]
[c] [ATI Technologies Inc., 1.2.2442.36680]
[c] [ATI Technologies Inc., 1.2.2442.36677]
[c] [ATI Technologies Inc., 1.2.2442.36686]
[c] [ATI Technologies Inc., 1.2.2442.36610]
[c] [ATI Technologies Inc., 1.2.2442.36643]
[c] [ATI Technologies Inc., 1.2.2442.36639]
[c] [ATI Technologies Inc., 1.2.2442.36605]
[c] [ATI Technologies Inc., 1.2.2442.36673]
[c] [ATI Technologies Inc., 1.2.2442.36658]
[c] [ATI Technologies Inc., 1.2.2442.36634]
[c] [ATI Technologies Inc., 1.2.2442.36646]
[c] [ATI Technologies Inc., 1.2.2442.36637]
[c] [ATI Technologies Inc., 1.2.2442.36630]
[c] [ATI Technologies Inc., 1.2.2442.36628]
[c] [ATI Technologies Inc., 1.2.2442.36652]
[c] [ATI Technologies Inc., 1.2.2442.36655]
[c] [ATI Technologies Inc., 1.2.2442.36661]
[c] [ATI Technologies Inc., 1.2.2442.36720]
[c] [ATI Technologies Inc., 1.2.2442.36562]
[c] [ATI Technologies Inc., 1.2.2442.36620]
[c] [ATI Technologies Inc., 1.2.2208.29990]
[c] [ATI Technologies Inc., 1.2.2208.30002]
[c] [ATI Technologies Inc., 1.2.2208.29993]
[c] [ATI Technologies Inc., 1.2.2208.29993]
[c] [ATI Technologies Inc., 1.2.2236.29147]
[c] [ATI Technologies Inc., 1.2.2208.29987]
[c] [ATI Technologies Inc., 1.2.2236.29162]
[c] [ATI Technologies Inc., 1.2.2208.29986]
[c] [ATI Technologies Inc., 1.2.2208.29994]
[c] [ATI Technologies Inc., 1.2.2208.29993]
[c] [ATI Technologies Inc., 1.2.2341.28028]
[c] [ATI Technologies Inc., 1.2.2341.28018]
[c] [ATI Technologies Inc., 1.2.2341.28007]
[c] [ATI Technologies Inc., 1.2.2307.27448]
[c] [ATI Technologies Inc., 1.2.2307.27453]
[c] [ATI Technologies Inc., 1.2.2341.28013]
[c] [ATI Technologies Inc., 1.2.2341.28023]
[c] [ATI Technologies Inc., 1.2.2232.28756]
[c] [ATI Technologies Inc., 1.2.2232.28758]
[c] [ATI Technologies Inc., 1.2.2208.30007]
[c] [ATI Technologies Inc., 1.2.2208.29990]
[c] [ATI Technologies Inc., 1.2.2208.30001]
[c] [ATI Technologies Inc., 1.2.2208.29989]
[c] [ATI Technologies Inc., 1.2.2208.29989]
[c] [ATI Technologies Inc., 1.2.2208.29990]
[c] [ATI Technologies Inc., 1.2.2208.29988]
[c] [ATI Technologies Inc., 1.2.2390.25922]
[c] [ATI Technologies Inc., 1.2.2279.31385]
[c] [ATI Technologies Inc., 1.2.2412.27525]
[c] [ATI Technologies Inc., 1.2.2208.29988]
[c] [ATI Technologies Inc., 1.2.2302.19274]
[c] [ATI Technologies Inc., 1.2.2208.29991]
[c] [ATI Technologies Inc., 1.2.2208.30001]
[c] [Microsoft Corporation, 1.1.4322.2032]
[C] [Microsoft Corporation, 1.1.4322.2032]
[C] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)]
[C] [Microsoft Corporation, 1.1.4322.2032]
[C] [Microsoft Corporation, 11.0.5606]
[PID][C] [Microsoft Corporation, 7.2.6001.784 (winmain_oob/wu_wsuswlc(wmbla).080718-1904)]
[C] [Microsoft Corporation, 7.2.6001.784 (winmain_oob/wu_wsuswlc(wmbla).080718-1904)]
[PID][C] [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)]
[C] [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)]
[C] [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)]
[C] [Microsoft Corporation, 7.00.5730.13 (longhorn(wmbla).070711-1130)]
[C] [Microsoft Corporation, 1.00.1018.0]
[D] [Microsoft Corporation, 11.0.5510]
[C] [Microsoft Corporation, 7.00.5730.13 (longhorn(wmbla).070711-1130)]
[C] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C] [Yahoo! Inc., 2006, 10, 26, 1]
[C] [Adobe Systems Incorporated, 8.0.0.2006102200]
[C] [skype Technologies S.A., 2, 2, 0, 147]
[C] [skype Technologies, 1, 0, 1, 169]
[C] [sun Microsystems, Inc., 6.0.70.6]
[C] [Microsoft Corporation, 7.10.3052.4]
[C] [Apple Inc., 1,0,4,12]
[C] [Yahoo! Inc., 2005, 12, 16, 1]
[C] [Yahoo! Inc., 2006.1.25.01]
[C] [Microsoft Corporation, 7.0.6000.16461]
[C] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C] [Yahoo! Inc., 2006, 7, 27, 1]
[C] [Adobe Systems, Inc., 9,0,124,0]
[C] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)]
[C] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)]
[PID][C] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C] [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)]
[PID][C] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C] [Microsoft Corporation, 0,3,5,0]
[PID][D] [Microsoft Corporation, 11.0.5604]
[C] [Microsoft Corporation, 11.0.5606]
[C] [Microsoft Corporation, 5.50.30.2002]
[C] [Google, 5.1.703.26697]
[C] [Google, 5.1.703.26697]
[C] [Google, 5.1.703.26697]
[C] [Google, 5.1.703.26697]
[C] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C] [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)]
[D] [Microsoft Corporation, 11.0.5510]
[D] [Microsoft Corporation, 11.0.5510]
[D] [Microsoft Corporation, 11.0.5530]
[D] [Microsoft Corporation, 11.0.5510]
[C] [Microsoft Corporation, 11.0.5117]
[C] [Microsoft Corporation, 11.0.5315]
[C] [Microsoft Corporation, 11.0.5510]
[C] [Microsoft Corporation, 11.0.5510]
[C] [Microsoft Corporation, 0,3,5,0]
[C] [Microsoft Corporation, 0,3,5,0]
[PID][C] [WinZip Computing, Inc., 13.0 (32-bit)]
[C] [WinZip Computing, Inc., 1.0 (32-bit)]
[C] [WinZip Computing, Inc., 3.0 (32-bit)]
[C] [WinZip Computing, Inc., 13.0 (32-bit)]
[C] [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)]
[PID][C] [smallfrogs Studio, 2.6.12.1018]
[PID][C] [smallfrogs Studio, 2.6.12.1018]
[C] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C] [Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506)]
[C] [Apple Inc., 1,0,4,12]
==================================
File Associations
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe “%1”]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. [“C:\WINDOWS\hh.exe” %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe “%1” %*]
.JS OK. [%SystemRoot%\System32\WScript.exe “%1” %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock Provider
N/A
==================================
Autorun.Inf
N/A
==================================
HOSTS File
127.0.0.1 localhost
==================================
Process Privileges Scan
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 1964, C:\WINDOWS\SAMSUNG\PANELMGR\SSMMGR.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 1980, C:\PROGRAM FILES\QUICKTIME\QTTASK.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 2024, C:\PROGRAM FILES\COMMON FILES\AHEAD\LIB\NMBGMONITOR.EXE]
Special Privileges Enabled: SeDebugPrivilege [PID = 300, C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CLI.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 300, C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CLI.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 384, C:\PROGRAM FILES\COMMON FILES\APPLE\MOBILE DEVICE SUPPORT\BIN\APPLEMOBILEDEVICESERVICE.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 2200, C:\PROGRAM FILES\COMMON FILES\AHEAD\LIB\NMINDEXSTORESVR.EXE]
Special Privileges Enabled: SeDebugPrivilege [PID = 3040, C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CLI.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 3040, C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CLI.EXE]
Special Privileges Enabled: SeDebugPrivilege [PID = 3048, C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CLI.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 3048, C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CLI.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 3828, C:\PROGRA~1\WINZIP\WINZIP32.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 3972, C:\DOCUME~1\WACICI~1\USTAWI~1\TEMP\SRENGLDR.EXE]
==================================
API HOOK
N/A
==================================
Hidden Process
N/A
==================================
Uruchom System Repair Engineer zakładka System Repair - Browser Add-ons - znajź i usuń
Uruchom System Repair Engineer zakładka System Repair - Advanced Repair - kliskasz Repair Safe Mode
Usunąłem powyższe wpisy i bez zmian.