Wszystkie aplikacje otwieraja się w notatniku


(Spolem) #1

Witam

Mam problem kolega zrobił sobie żarcik i wysłał mi taki programik ze widzie co ja pisze na gg i kto do mnie pisze.

Chciałem go usunąć wiec otworzyłem go notatnikiem i wszystko wykasowałem bo inaczej nie dało go sie wykasować ;]

Od tej pory wszystko otwiera sie notatnikiem i są w nim Hińskie znaki mogę otwierać programy tylko Uruchom jako.

Mówię że przywracanie systemu nie działa po przywracałem kilka razy i nic nie dale nadal to samo a w Start

Proszę o pomoc jak zreperować przyczynę.


(tores1977) #2

wszystkie-aplikacje-otwieraja-sie-notatniku-t160232.html


(Spolem) #3

Powiem wprost niezbyt rozumiem tantej rozmowy


(deFco247) #4

Wykonaj instrukcje w ostatnim poście w wymienionym wyżej wątku.


(Spolem) #5

Nie bardzo rozumiem wlasnie tego postu : zapisz jako plik.reg >> wszystkie pliki >> scal z rejestrem >> restart

To znaczy ze mam tanto wkleic do notatnika i zapisać jako> zaznaczyć wszystkie pliki>I zapisać pod tylułem ".reg" ?? Jeśli tak to to zrobilem :slight_smile:


(deFco247) #6

Dokładnie tak miałeś to zrobić. :slight_smile:

Wykonaj jeszcze restart i sprawdź działanie plików .exe


(Spolem) #7

Niestety nie pomogło :frowning:


(danyll) #8

deFco247 nie wprowadzaj w błąd. Nie zapisujesz

tylko jako rozszerzenie dajesz *.reg czyli wklejasz tekst do notatnika, dajesz zapisz jako, zmieniasz z txt na wszystkie rozszerzenia i nazywasz swój plik np. "fix.reg" (bez cudzysłowu). Później 2x klikasz na tym i potwierdzasz ok dodanie do rejestru. (sorry że tak łopatologicznie);]


(deFco247) #9

To nie ja napisałem o tym tytule. To był tylko cytat.

SpOLeM , ten plik miał nosić nazwę plik.reg


(danyll) #10

Zacytowałeś go i napisałeś

. Ja bym się zasugerował, że dobrze robiłem. Ale to już nieważne. Mam nadzieję, że ten fix rejestru pomógł:slight_smile:


(Spolem) #11

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT.exe]

@="exefile"

[HKEY_CLASSES_ROOT\exefile\shell\open\command]

@="\"%1\" %*"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command]

@="\"%1\" %*"

Wkleiłem to do notatnika zrobiłem : zapisz jako


(Leon$) #12

(Spolem) #13

Zrobiłem to co kazales nawet 2razy i nic nadal ten sam problem co włoncze to otwiera sie notatnik i HINSKIE znaki a jeszcze nie powiedziałem żę przy włonczeniu komputera też wyyskakują 23notatniki xDD z HINSKIMI znakami :frowning:


(Leon$) #14

Pobierz System Repair Engineer

http://www.cybertrash.pl/images/tata/System%20Repair/System%20Repair%20Engineer.html

przeskanuj daj log

:slight_smile:


(Spolem) #15
2009-06-17,11:43:02


System Repair Engineer 2.7.0.1210

Smallfrogs (http://www.KZTechs.com)


Windows XP Professional Dodatek Service Pack 2 (Build 2600) - Administrative User - Completed Functions Allowed


Follow item(s) have been selected:

    All Boot Items (Including Registry, Startup Folders, Services and so on)

    Browser Add-ons

    Running Processes (Including process model information)

    File Associations

    Winsock Provider

    Autorun.Inf

    HOSTS File

    Process Privileges Scan

    Scheduled Tasks

    API HOOK

    Hidden Process



Boot Items

Registry

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  [(Verified)Microsoft Windows Publisher]
<"C:\Program Files\Gadu-Gadu\gg.exe" /tray> [(Verified)Gadu-Gadu sp. z o.o.]
  [File is missing]

    <1qaw3edr5> []
<; "C:\Program Files\BitComet\BitComet.exe" /tray> [(Verified)Comet Network Technology Co Ltd.]
<; "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun> [(Verified)DAEMON Tools Code Signing Services]
<; "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized> [(Verified)Skype Technologies SA]
<; "E:\Nowy folder\Steam.exe" -silent> [File is missing]
<; C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe> [File is missing]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<"C:\Program Files\Java\jre6\bin\jusched.exe"> [(Verified)"Sun Microsystems, Inc."]
  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
  [PixArt Imaging Incorporation]
  [Hewlett-Packard Co.]
  [Ahead Software Gmbh]
<"C:\Program Files\QuickTime\QTTask.exe" -atboottime> [Apple Inc.]
  [(Verified)"Vendio Services, Inc."]
  [prolink]
  []
<"C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"> [(Verified)Microsoft Corporation]
<%systemroot%\system32\dumprep 0 -k> [File is missing]
  [(Verified)ALWIL Software]

    <1qaw3edr5> []
<; "C:\Program Files\iTunes\iTunesHelper.exe"> [(Verified)Apple Inc.]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]

    <1qaw3edr5> []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  [Microsoft Corporation]
  [(Verified)Microsoft Windows Publisher]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<> [N/A]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  [Microsoft Corporation]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

    <{B5A7F190-DDA6-4420-B3BA-52453494E6CD}> [(Verified)Microsoft Corporation]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
  [(Verified)Microsoft Windows Component Publisher]
<%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher]
<%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher]
<%systemroot%\system32\stobject.dll> [Microsoft Corporation]
  [(Verified)Microsoft Windows Component Publisher]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
  [(Verified)Microsoft Windows Publisher]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
  [(Verified)Microsoft Windows Publisher]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
  [(Verified)Microsoft Windows Publisher]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
  [(Verified)Microsoft Windows Publisher]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
  [(Verified)Microsoft Windows Publisher]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
  [(Verified)Microsoft Windows Publisher]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
  [(Verified)Microsoft Windows Publisher]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
  [(Verified)Microsoft Windows Publisher]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
  [(Verified)Microsoft Windows Publisher]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]

    <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll> [Microsoft Corporation]

    <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll> [Microsoft Corporation]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
  [(Verified)Microsoft Windows Component Publisher]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
  [(Verified)Microsoft Windows Component Publisher]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
  [(Verified)Microsoft Windows Component Publisher]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
  [(Verified)Microsoft Windows Component Publisher]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [File is missing]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [File is missing]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
  []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [File is missing]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
  [(Verified)Microsoft Windows Publisher]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
  [Microsoft Corporation]

[HKEY_CURRENT_USER\Control Panel\Desktop]
  [(Verified)Microsoft Windows Publisher]


==================================

Startup Folders

[BlueSoleil]
 C:\PROGRA~1\IVTCOR~1\BLUESO~1\BLUESO~1.EXE [IVT Corporation.]>

[HP Digital Imaging Monitor]
 C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [Hewlett-Packard Co.]>

[HP Image Zone - szybkie uruchamianie]
 C:\PROGRA~1\HP\DIGITA~1\bin\hpqthb08.exe [Hewlett-Packard Co.]>

[Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007]
 C:\PROGRA~1\MICROS~1\Office12\ONENOTEM.EXE [Microsoft Corporation]>

[UniSpiker-2.6]
 C:\PROGRA~1\ivo\UNISPI~1.6\UNI_SP~1.EXE [N/A]>


==================================

Services

[Apple Mobile Device / Apple Mobile Device][Running/Auto Start]

  <"C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe">

[avast! iAVS4 Control Service / aswUpdSv][Running/Auto Start]

  <"C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe">

[avast! Antivirus / avast! Antivirus][Running/Auto Start]

  <"C:\Program Files\Alwil Software\Avast4\ashServ.exe">

[avast! Mail Scanner / avast! Mail Scanner][Running/Manual Start]

  <"C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service>

[avast! Web Scanner / avast! Web Scanner][Running/Manual Start]

  <"C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service>

[Usługa inteligentnego transferu w tle / BITS][Stopped/Auto Start]

  <%fystemRoot%\system32\svchost.exe -k netsvcs-->%systemroot%\system32\qmgr.dll>

[Bonjour Service / Bonjour Service][Running/Auto Start]

  <"C:\Program Files\Bonjour\mDNSResponder.exe">

[CiSvc / CiSvc][Stopped/Manual Start]
<(File is missing)>

[ERSvc / ERSvc][Stopped/Auto Start]
%SystemRoot%\System32\ersvc.dll>

[Windows Presentation Foundation Font Cache 3.0.0.0 / FontCache3.0.0.0][Stopped/Manual Start]


[Windows CardSpace / idsvc][Stopped/Manual Start]

  <"C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe">

[Usługa iPod / iPod Service][Stopped/Manual Start]

  <"C:\Program Files\iPod\bin\iPodService.exe">

[Java Quick Starter / JavaQuickStarterService][Running/Auto Start]

  <"C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf">

[Instalator Windows / MSIServer][Stopped/Manual Start]


[Net.Tcp Port Sharing Service / NetTcpPortSharing][Stopped/Disabled]

  <"C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe">

[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]


[Pml Driver HPZ12 / Pml Driver HPZ12][Running/Auto Start]


[PC Tools Auxiliary Service / sdAuxService][Stopped/Manual Start]


[PC Tools Security Service / sdCoreService][Stopped/Manual Start]


[StarWind AE Service / StarWindServiceAE][Running/Auto Start]


[Aktualizacje automatyczne / wuauserv][Stopped/Auto Start]

  <%fystemroot%\system32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\wuauserv.dll>


==================================

Drivers

[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]


[AMD Athlon64 Processor Driver / AmdK8][Running/System Start]


[aswFsBlk / aswFsBlk][Running/Auto Start]


[Bluetooth Audio Service / BlueletAudio][Running/Manual Start]


[Bluetooth SCO Audio Service / BlueletSCOAudio][Running/Manual Start]


[Bluetooth PAN Network Adapter / BT][Running/Manual Start]


[BtCap, WDM Video Capture / BT848][Running/Auto Start]


[Bluetooth USB For Bluetooth Service / Btcsrusb][Stopped/Manual Start]


[Bluetooth HID Enumerator / BTHidEnum][Running/Boot Start]

  <\SystemRoot\System32\Drivers\vbtenum.sys>

[Bluetooth HID Manager Service / BTHidMgr][Running/Boot Start]

  <\SystemRoot\System32\Drivers\BTHidMgr.sys>

[BtTuner, WDM TV Tuner / BTTUNER][Running/Auto Start]


[BtXBar, WDM Crossbar / BTXBAR][Running/Auto Start]


[GEAR ASPI Filter Driver / GEARAspiWDM][Running/Manual Start]


[IEEE-1284.4 Driver HPZid412 / HPZid412][Stopped/Manual Start]


[Print Class Driver for IEEE-1284.4 HPZipr12 / HPZipr12][Stopped/Manual Start]


[USB to IEEE-1284.4 Translation Driver HPZius12 / HPZius12][Stopped/Manual Start]


[Motorola USB Composite Device Driver / motccgp][Stopped/Manual Start]


[MotCcgpFlService / motccgpfl][Stopped/Manual Start]


[Motorola Inc. USB Device / MotDev][Stopped/Manual Start]


[Motorola USB CDC ACM Driver / motmodem][Stopped/Manual Start]


[nv / nv][Running/Manual Start]


[PCTools KDS / PCTCore][Running/Boot Start]

  <\SystemRoot\system32\drivers\PCTCore.sys>

[Sterownik bezpośredniego połączenia kablowego / Ptilink][Running/Manual Start]


[PxHelp20 / PxHelp20][Running/Boot Start]

  <\SystemRoot\System32\Drivers\PxHelp20.sys>

[Secdrv / Secdrv][Stopped/Manual Start]


[SiS191/SiS190 Ethernet Device NDIS 5.1 Driver / SiSGbeXP][Running/Manual Start]


[SiSRaid2 / SiSRaid2][Running/Boot Start]

  <\SystemRoot\system32\DRIVERS\SiSRaid2.sys>

[sptd / sptd][Running/Boot Start]

  <\SystemRoot\System32\Drivers\sptd.sys>

[Motorola USB Modem Driver for MPT / usbsermpt][Stopped/Manual Start]


[Virtual Serial port driver / VComm][Running/Manual Start]


[Bluetooth VComm Manager Service / VcommMgr][Running/Manual Start]


[Bluetooth HID Device Service / VHidMinidrv][Stopped/Manual Start]



==================================

Browser Add-ons

[ToggleEN Toolbar]

  {038cb5c7-48ea-4af9-94e0-a1646542e62b} 

[AcroIEHlprObj Class]

  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} 

[BitComet Helper]

  {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} 

[Groove GFS Browser Helper]

  {72853161-30C5-4D22-B7F9-0BBC1D38A37E} 

[Java(tm) Plug-In SSV Helper]

  {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} 

[Java(tm) Plug-In 2 SSV Helper]

  {DBC80044-A445-435b-BC74-9C25C1C588A9} 

[JQSIEStartDetectorImpl Class]

  {E7E6F031-17CE-4C07-BC86-EABFE594F69C} 

[free-downloads.net Toolbar]

  {ecdee021-0d17-467f-a1ff-c7a115230949} 

[Send to OneNote from Internet Explorer button]

  {2670000A-7350-4f3c-8081-5663EE0C6C49} 

[&Poszukaj]

  {92780B25-18CC-41C8-B9BE-3C9C571A8263} 

[BitComet]

  {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} <, >

[]

  {e2e2dd38-d088-4134-82b7-f2ba38496583} <%windir%\Network Diagnostic\xpnetdiag.exe, (Signed) N/A>

[ToggleEN Toolbar]

  {038cb5c7-48ea-4af9-94e0-a1646542e62b} 

[free-downloads.net Toolbar]

  {ecdee021-0d17-467f-a1ff-c7a115230949} 

[DAEMON Tools Toolbar]

  {32099AAC-C132-4136-9E9A-4E364A424E17} 

[MksSkanerOnline Class]

  {68282C51-9459-467B-95BF-3C0E89627E55} 

[Java Plug-in 1.6.0_11]

  {8AD9C840-044E-11D1-B3E9-00805F499D93} 

[Java Plug-in 1.6.0_11]

  {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} 

[Java Plug-in 1.6.0_11]

  {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} 

[]

  {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <, >

[ToggleEN Toolbar]

  {038CB5C7-48EA-4AF9-94E0-A1646542E62B} 

[AcroIEHlprObj Class]

  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} 

[]

  {2318C2B1-4965-11D4-9B18-009027A5CD4F} <, >

[]

  {2670000A-7350-4F3C-8081-5663EE0C6C49} <, >

[DHTML Edit Control Safe for Scripting for IE5]

  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} 

[DAEMON Tools Toolbar]

  {32099AAC-C132-4136-9E9A-4E364A424E17} 

[BitComet Helper]

  {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} 

[XML Document]

  {48123BC4-99D9-11D1-A6B3-00C04FD91555} 

[Groove GFS Browser Helper]

  {72853161-30C5-4D22-B7F9-0BBC1D38A37E} 

[Java(tm) Plug-In SSV Helper]

  {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} 

[XML HTTP 6.0]

  {88d96a0a-f192-11d4-a65f-0040963251e5} 

[]

  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <, >

[]

  {AA58ED58-01DD-4D91-8333-CF10577473F7} <, >

[]

  {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <, >

[]

  {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} <, >

[]

  {D18A0B52-D63C-4ED0-AFC6-C1E3DC1AF43A} <, >

[Shockwave Flash Object]

  {D27CDB6E-AE6D-11CF-96B8-444553540000} 

[Java(tm) Plug-In 2 SSV Helper]

  {DBC80044-A445-435B-BC74-9C25C1C588A9} 

[]

  {E2E2DD38-D088-4134-82B7-F2BA38496583} <, >

[JQSIEStartDetectorImpl Class]

  {E7E6F031-17CE-4C07-BC86-EABFE594F69C} 

[free-downloads.net Toolbar]

  {ECDEE021-0D17-467F-A1FF-C7A115230949} 

[XML HTTP]

  {f6d90f16-9c73-11d3-b32e-00c04f990bb4} 

[E&ksportuj do programu Microsoft Excel]


[pobierz wszystkie video za pomocą bitcomet]


[pobierz wszystko za pomocą bitcomet]


[pobierz za pomocą bitcomet]



==================================

Running Processes

[PID][\SystemRoot\System32\smss.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

[PID][\??\C:\WINDOWS\system32\csrss.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

    [C] [Microsoft Corporation, 5.1.2600.3103 (xpsp_sp2_qfe.070316-1308)]

    [C] [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_qfe.070308-0217)]

[PID][\??\C:\WINDOWS\system32\winlogon.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

    [C] [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_qfe.070308-0217)]

    [C] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

    [C] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

    [C] [Microsoft Corporation, 6.00.2900.3121 (xpsp_sp2_qfe.070418-1302)]

    [C] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

    [C] [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)]

[PID][C] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

    [C] [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_qfe.070308-0217)]

    [C] [Microsoft Corporation, 6.00.2900.3121 (xpsp_sp2_qfe.070418-1302)]

    [C] [Apple Inc., 1,0,5,11]

    [C] [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)]

[PID][C] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

    [C] [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_qfe.070308-0217)]

    [C] [Microsoft Corporation, 6.00.2900.3121 (xpsp_sp2_qfe.070418-1302)]

    [C] [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)]

    [C] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

[PID][C] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

    [C] [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_qfe.070308-0217)]

    [C] [Microsoft Corporation, 6.00.2900.3121 (xpsp_sp2_qfe.070418-1302)]

    [C] [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)]

    [c] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

[PID][C] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

    [C] [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_qfe.070308-0217)]

    [C] [Microsoft Corporation, 6.00.2900.3121 (xpsp_sp2_qfe.070418-1302)]

    [C] [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)]

[PID][C] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

    [C] [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_qfe.070308-0217)]

    [C] [Microsoft Corporation, 6.00.2900.3121 (xpsp_sp2_qfe.070418-1302)]

    [C] [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)]

    [C] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

    [c] [Microsoft Corporation, 5.1.2600.2658 (xpsp.050419-1524)]

    [c] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

    [C] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

[PID][C] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

    [C] [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_qfe.070308-0217)]

    [C] [Microsoft Corporation, 6.00.2900.3121 (xpsp_sp2_qfe.070418-1302)]

    [C] [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)]

[PID][C] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

    [C] [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_qfe.070308-0217)]

    [C] [Microsoft Corporation, 6.00.2900.3121 (xpsp_sp2_qfe.070418-1302)]

    [C] [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)]

[PID][C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_qfe.070308-0217)]

    [C] [Microsoft Corporation, 7.10.3077.0]

    [C] [Microsoft Corporation, 7.10.3052.4]

    [C] [ALWIL Software, 4, 8, 1335, 0]

[PID][C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [Microsoft Corporation, 7.10.3077.0]

    [C] [Microsoft Corporation, 7.10.3052.4]

    [C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_qfe.070308-0217)]

    [C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)]

    [C] [Apple Inc., 1,0,5,11]

[PID][C] [Microsoft Corporation, 6.00.2900.2649 (xpsp.050406-1732)]

    [C] [Microsoft Corporation, 6.00.2900.3157 (xpsp_sp2_qfe.070614-1244)]

    [C] [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_qfe.070308-0217)]

    [C] [Microsoft Corporation, 6.00.2900.3121 (xpsp_sp2_qfe.070418-1302)]

    [C] [Microsoft Corporation, 6.00.2900.3121 (xpsp_sp2_qfe.070418-1302)]

    [C] [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)]

    [C] [Microsoft Corporation, 8.00.50727.762]

    [C] [Microsoft Corporation, 8.00.50727.762]

    [C] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]

    [C] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

    [C] [Microsoft Corporation, 5.1.2600.2658 (xpsp.050419-1524)]

    [C] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

    [C] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

    [C] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

    [C] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]

    [C] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]

    [C] [Alexander Roshal, 3.80]

    [C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [N/A,]

    [C] [Sony DADC Austria AG., 1,1,225,0]

    [C] [Gadu-Gadu S.A., 7,6,0,1578]

    [C] [Adobe Systems Incorporated, 6.0.1.2003110300]

    [C] [NVIDIA Corporation, 6.14.11.7824]

    [C] [NVIDIA Corporation, 6.14.11.7824]

    [C] [NVIDIA Corporation, 6.14.11.7824]

    [C] [,]

    [C] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]

[PID][C] [(Verified) Microsoft Corporation, 5.1.2600.2696 (xpsp.050610-1527)]

    [C] [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_qfe.070308-0217)]

    [C] [Microsoft Corporation, 6.00.2900.3121 (xpsp_sp2_qfe.070418-1302)]

    [C] [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)]

    [C] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

    [C] [Hewlett Packard, 5.01.00.011]

    [C] [Hewlett Packard, 2.01.00.001]

    [C] [Microsoft Corporation, 5.01.00.011]

    [C] [Hewlett Packard, 5.01.00.011]

    [C] [HP, 2.335.5.0]

    [C] [Microsoft Corporation, 8.00.50727.762]

    [C] [Microsoft Corporation, 6.0.5824.16384 (winmain(wmbla).060911-0725)]

    [C] [Apple Inc., 1,0,5,11]

[PID][C] [Apple Inc., 2.12.33.0]

    [C] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

    [C] [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_qfe.070308-0217)]

[PID][C] [Apple Inc., 1,0,5,11]

    [C] [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_qfe.070308-0217)]

    [C] [Microsoft Corporation, 6.00.2900.3121 (xpsp_sp2_qfe.070418-1302)]

    [C] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

[PID][C] [Sun Microsystems, Inc., 6.0.110.3]

    [C] [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_qfe.070308-0217)]

    [C] [Microsoft Corporation, 7.10.3052.4]

    [C] [Microsoft Corporation, 6.00.2900.3121 (xpsp_sp2_qfe.070418-1302)]

    [C] [Microsoft Corporation, 1.1.4322.573]

    [C] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]

    [C] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]

    [C] [Microsoft Corporation, 8.00.50727.762]

    [C] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]

    [C] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]

    [C] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]

    [C] [Microsoft Corporation, 1.1.4322.2032]

    [C] [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)]

    [C] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

[PID][C] [NVIDIA Corporation, 6.14.11.7824]

    [C] [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_qfe.070308-0217)]

    [C] [Microsoft Corporation, 6.00.2900.3121 (xpsp_sp2_qfe.070418-1302)]

    [C] [NVIDIA Corporation, 6.14.11.7824]

    [C] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

    [C] [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)]

[PID][C] [HP, 9, 0, 0, 0]

    [C] [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_qfe.070308-0217)]

    [C] [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)]

[PID][C] [Rocket Division Software, 3.2.3 Build 20070527]

    [C] [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_qfe.070308-0217)]

    [C] [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)]

    [C] [Apple Inc., 1,0,5,11]

    [C] [Microsoft Corporation, 6.00.2900.3121 (xpsp_sp2_qfe.070418-1302)]

[PID][C] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

    [C] [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_qfe.070308-0217)]

    [C] [Microsoft Corporation, 6.00.2900.3121 (xpsp_sp2_qfe.070418-1302)]

    [C] [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)]

    [C] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

[PID][C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_qfe.070308-0217)]

    [C] [Microsoft Corporation, 7.10.3077.0]

    [C] [Microsoft Corporation, 7.10.3052.4]

    [C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [Apple Inc., 1,0,5,11]

    [C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [Microsoft Corporation, 7.10.3077.0]

    [C] [Microsoft Corporation, 6.00.2900.3121 (xpsp_sp2_qfe.070418-1302)]

    [C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)]

[PID][C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_qfe.070308-0217)]

    [C] [Microsoft Corporation, 7.10.3077.0]

    [C] [Microsoft Corporation, 7.10.3052.4]

    [C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [ALWIL Software, 4, 8, 1335, 0]

    [C] [ALWIL Software, 4, 8, 1335, 0]

[PID][C] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

    [C] [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_qfe.070308-0217)]

    [C] [Microsoft Corporation, 6.00.2900.3121 (xpsp_sp2_qfe.070418-1302)]

    [C] [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)]

[PID][C] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

    [C] [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_qfe.070308-0217)]

    [C] [Microsoft Corporation, 6.00.2900.3121 (xpsp_sp2_qfe.070418-1302)]

    [C] [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)]

    [C] [Gadu-Gadu S.A., 7,6,0,1578]

[PID][C] [Gadu-Gadu S.A., 7,7,0,3746]

    [C] [Microsoft Corporation, 6.00.2900.3121 (xpsp_sp2_qfe.070418-1302)]

    [C] [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_qfe.070308-0217)]

    [C] [sms-express.com, 1, 0, 0, 0]

    [C] [The OpenSSL Project, http://www.openssl.org/, 0.9.8e]

    [C] [Microsoft Corporation, 7.10.6030.0]

    [C] [The OpenSSL Project, http://www.openssl.org/, 0.9.8e]

    [C] [Gadu-Gadu S.A., 7,6,0,1578]

    [C] [Microsoft Corporation, 6.2.0013.1 (DbgBuild.030619-2209)]

    [C] [N/A,]

    [C] [The OpenSSL Project, http://www.openssl.org/, 0.9.8e]

    [C] [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)]

    [C] [Gadu-Gadu S.A., 7,7,0,2976]

    [C] [n0ne, 1, 0, 0, 2]

    [C] [Gadu-Gadu S.A., 7,6,0,3433]

    [C] [N/A,]

    [C] [N/A,]

    [C] [Apple Inc., 1,0,5,11]

    [C] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

    [C] [Adobe Systems, Inc., 9,0,124,0]

[PID][C] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

    [C] [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_qfe.070308-0217)]

    [C] [Microsoft Corporation, 6.00.2900.3121 (xpsp_sp2_qfe.070418-1302)]

    [C] [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)]

[PID][C] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

    [C] [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_qfe.070308-0217)]

    [C] [Microsoft Corporation, 6.00.2900.3121 (xpsp_sp2_qfe.070418-1302)]

    [C] [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)]

    [C] [Gadu-Gadu S.A., 7,6,0,1578]

[PID][C] [Mozilla Corporation, 1.8.1.20: 2008121709]

    [C] [Netscape Communications Corporation, 4.0]

    [C] [Netscape Communications Corporation, 4.6.8]

    [C] [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_qfe.070308-0217)]

    [C] [Mozilla Foundation, 1.8.1.20: 2008121709]

    [C] [Netscape Communications Corporation, 4.6.8]

    [C] [Netscape Communications Corporation, 4.6.8]

    [C] [Microsoft Corporation, 6.00.2900.3121 (xpsp_sp2_qfe.070418-1302)]

    [C] [Mozilla Foundation, 3.11.9.0 Basic ECC]

    [C] [Mozilla Foundation, 3.11.9.0 Basic ECC]

    [C] [Mozilla Foundation, 3.11.4 Basic ECC]

    [C] [Mozilla Foundation, 3.11.9.0 Basic ECC]

    [C] [Mozilla Foundation, 1.8.1.20: 2008121709]

    [C] [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)]

    [C] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

    [C] [Mozilla Foundation, 1.8.1.20: 2008121709]

    [C] [N/A,]

    [C] [Mozilla Foundation, 1.8.1.20: 2008121709]

    [C] [Mozilla Foundation, 1.8.1.20: 2008121709]

    [C] [Apple Inc., 1,0,5,11]

    [C] [Gadu-Gadu S.A., 7,6,0,1578]

    [C] [Softomate, 1, 0, 0, 10]

    [C] [Skype Technologies, 1, 0, 1, 184]

    [C] [Microsoft Corporation, 8.00.50727.762]

    [C] [Microsoft Corporation, 8.00.50727.762]

    [C] [Mozilla Foundation, 1.8.1.20: 2008121709]

    [C] [, 1,0,7,0088]

    [C] [Vendio Services, Inc., 1, 2, 0, 9]

    [C] [Vendio Services, Inc., 1, 2, 0, 8]

    [C] [Mozilla Foundation, 3.11.4 Basic ECC]

    [C] [Mozilla Foundation, 1.65]

    [C] [,]

[PID][C] [Smallfrogs Studio, 2.7.0.1210]

    [C] [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_qfe.070308-0217)]

[PID][C] [Smallfrogs Studio, 2.7.0.1210]

    [C] [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_qfe.070308-0217)]

    [C] [Microsoft Corporation, 6.00.2900.3121 (xpsp_sp2_qfe.070418-1302)]

    [C] [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)]

    [C] [Gadu-Gadu S.A., 7,6,0,1578]

    [C] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

    [C] [Smallfrogs Studio, 2, 1, 0, 15]

    [C] [Apple Inc., 1,0,5,11]

    [C] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

    [C] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]


==================================

File Associations

.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]

.EXE OK. ["%1" %*]

.COM OK. ["%1" %*]

.PIF OK. ["%1" %*]

.REG OK. [regedit.exe "%1"]

.BAT OK. ["%1" %*]

.SCR OK. ["%1" /S]

.CHM OK. ["C:\WINDOWS\hh.exe" %1]

.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]

.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]

.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]

.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]

.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]

.LNK OK. [{00021401-0000-0000-C000-000000000046}]


==================================

Winsock Provider

N/A


==================================

Autorun.Inf

N/A


==================================

HOSTS File

127.0.0.1 localhost


==================================

Process Privileges Scan

Special Privileges Enabled: SeLoadDriverPrivilege [PID = 1804, C:\WINDOWS\EXPLORER.EXE]

Special Privileges Enabled: SeLoadDriverPrivilege [PID = 2912, C:\DOCUMENTS AND SETTINGS\MASTERADMIN\PULPIT\NOWY FOLDER\SRENGLDR.EXE]


==================================

Scheduled Tasks

[Enabled] User_Feed_Synchronization-{83AF7F50-30B4-421F-B802-B6B18F7D9395}.job

        C:\WINDOWS\system32\msfeedssync.exe 

[Enabled] AppleSoftwareUpdate.job

        C:\Program Files\Apple Software Update\SoftwareUpdate.exe 


==================================

API HOOK

N/A


==================================

Hidden Process

N/A


==================================

(Leon$) #16

uruchom System Repair Engineer zakładka System Repair >> Browser Add-ons >> odszukaj i usuń

Pobierz Combofix http://www.searchengines.pl/index.php?s ... ntry395642 ale nie włączaj.

Podczas pobierania i skanu Combofixem proszę wyłączyć wszelkie zapory i antywirusy

Otwórz notatnik i wklej

zapisz jako CFScript.txt (zapisz by ikonka CFScript.txt była obok ikonki ComboFix.exe) >> Przeciągnij i upuść ikonkę CFScript.txt na ikonkę ComboFix.exe

Powinno rozpocząć się usuwanie

Potem log z usuwania Combofix

:slight_smile:


(Spolem) #17

niestety jak przeciagam plik do ComboFixa wlacza sie notatnik i nic sie nie dzieje...

Sprobowalem uruchomic samego Combofixa aby wywalil mi jakies smiecie (pliki .exe uruchamiam metoda "uruchom jako" - tylko w ten sposob moge je wlaczyc)

ponizej wklejam loga z programu moze cos na nim zobaczycie:

-- Dodane 17.06.2009 (Śr) 22:27 --

ComboFix 09-06-16.05 - MasterAdmin 2009-06-17 22:16.1 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.2.1250.48.1045.18.511.226 [GMT 2:00]

Uruchomiony z: c:\documents and settings\MasterAdmin\Pulpit\ComboFix.exe

.

((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\windows\system32\drivers\b716d26c.sys

c:\windows\system32\hattric

c:\documents and settings\MasterAdmin\Dane aplikacji\wiaserva.log

c:\windows\system32\IcyTowerv10.exe

.

((((((((((((((((((((((((((((((((((((((( Sterowniki/Usługi )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Service_b716d26c

((((((((((((((((((((((((( Pliki utworzone od 2009-05-17 do 2009-06-17 )))))))))))))))))))))))))))))))

.

2009-06-16 11:37 . 2009-06-16 11:38 -------- d-----w- c:\windows\system32\Adobe

2009-06-16 11:37 . 2009-06-16 11:38 681 ----a-w- c:\windows\mozver.dat

2009-06-14 19:57 . 2009-06-14 19:57 225 ----a-w- c:\documents and settings\MasterAdmin\plik.reg

2009-06-14 18:56 . 2009-06-14 18:56 225 ----a-w- c:\documents and settings\MasterAdmin.reg

2009-06-13 14:49 . 2009-06-13 14:49 -------- d-----w- c:\program files\Trend Micro

2009-06-06 06:46 . 2009-02-05 20:06 51376 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2009-06-06 06:46 . 2009-02-05 20:06 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys

2009-06-06 06:46 . 2009-02-05 20:05 26944 ----a-w- c:\windows\system32\drivers\aavmker4.sys

2009-06-06 06:46 . 2009-02-05 20:04 97480 ----a-w- c:\windows\system32\AvastSS.scr

2009-06-06 06:46 . 2009-02-05 20:08 93296 ----a-w- c:\windows\system32\drivers\aswmon.sys

2009-06-06 06:46 . 2009-02-05 20:08 94032 ----a-w- c:\windows\system32\drivers\aswmon2.sys

2009-06-06 06:46 . 2009-02-05 20:07 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys

2009-06-06 06:46 . 2009-02-05 20:07 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2009-06-06 06:46 . 2009-02-05 20:11 1256296 ----a-w- c:\windows\system32\aswBoot.exe

2009-05-29 16:12 . 2004-08-03 22:44 21504 ----a-w- c:\windows\system32\hidserv.dll

2009-05-29 16:12 . 2004-08-03 22:44 21504 ----a-w- c:\windows\system32\dllcache\hidserv.dll

2009-05-27 08:21 . 2009-05-27 08:21 -------- d-----w- c:\program files\Password Spyer 2k

2009-05-27 08:20 . 2009-05-27 08:20 -------- d-----w- c:\program files\Password Solutions

2009-05-27 08:20 . 2009-05-27 08:20 -------- d-----w- c:\documents and settings\MasterAdmin\Dane aplikacji\Password Solutions

2009-05-26 20:36 . 2009-05-26 20:38 -------- d-----w- c:\documents and settings\MasterAdmin\Dane aplikacji\Passware

2009-05-26 20:36 . 2009-05-26 20:36 367686 ----a-r- c:\documents and settings\MasterAdmin\Dane aplikacji\Microsoft\Installer{F6E30EBA-2DFE-4793-BF0F-DB02F18B061F}\icon.exe

2009-05-26 20:24 . 2009-05-26 20:24 356352 ----a-w- c:\windows\eSellerateEngine.dll

2009-05-26 20:23 . 2009-05-26 20:28 -------- d-----w- c:\program files\Password Discovery

2009-05-26 20:18 . 2009-05-26 20:18 6518 ----a-r- c:\documents and settings\MasterAdmin\Dane aplikacji\Microsoft\Installer{0BB3FF9C-325E-40B8-A365-6337283F15BA}_5cb298.exe

2009-05-26 20:18 . 2009-05-26 20:18 6518 ----a-r- c:\documents and settings\MasterAdmin\Dane aplikacji\Microsoft\Installer{0BB3FF9C-325E-40B8-A365-6337283F15BA}_4d97265.exe

2009-05-26 20:18 . 2009-05-26 20:18 6518 ----a-r- c:\documents and settings\MasterAdmin\Dane aplikacji\Microsoft\Installer{0BB3FF9C-325E-40B8-A365-6337283F15BA}_28cc39ed.exe

2009-05-26 20:18 . 2009-05-26 20:18 -------- d-----w- c:\program files\XaviWare Password Recovery .MDB

2009-05-26 19:56 . 2009-05-26 20:36 -------- d-----w- c:\program files\Passware

2009-05-26 19:49 . 2009-05-26 20:05 -------- d-----w- c:\program files\SnadBoy's Revelation v2

2009-05-26 14:42 . 2006-09-04 17:16 1970176 ----a-w- c:\windows\system32\d3dx9.dll

2009-05-26 14:42 . 2006-09-04 17:16 679936 ----a-w- c:\windows\system32\D3DX81ab.dll

2009-05-22 14:23 . 2009-05-22 14:23 -------- d-----w- C:\csdos

.

(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-06-15 17:43 . 2009-03-13 16:31 2226832 ----a-w- c:\documents and settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat

2009-05-23 19:01 . 2009-01-08 13:47 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Microsoft Help

2009-05-22 15:08 . 2009-03-13 12:54 -------- d-----w- c:\program files\free-downloads.net

2009-05-21 20:40 . 2008-11-28 13:55 -------- d-----w- c:\documents and settings\MasterAdmin\Dane aplikacji\Skype

2009-05-21 19:40 . 2008-11-28 13:56 -------- d-----w- c:\documents and settings\MasterAdmin\Dane aplikacji\skypePM

2009-05-16 19:37 . 2009-01-31 16:29 -------- d---a-w- c:\documents and settings\All Users\Dane aplikacji\TEMP

2009-05-08 15:32 . 2009-05-08 15:29 -------- d-----w- c:\program files\NeoSmart Technologies

2009-05-08 11:14 . 2009-05-08 11:14 121882 ----a-w- c:\windows\Help\ECC.EXE

2009-05-06 17:19 . 2009-05-06 17:19 -------- d-----w- c:\program files\Robster Productions

2009-04-28 16:57 . 2009-04-27 16:34 -------- d-----w- c:\documents and settings\SpOLeM\Dane aplikacji\Nowe Gadu-Gadu

2009-04-28 12:28 . 2009-04-28 12:28 -------- d-----w- c:\documents and settings\SpOLeM\Dane aplikacji\Apple Computer

2009-04-27 16:27 . 2009-04-27 16:27 -------- d-----w- c:\documents and settings\SpOLeM\Dane aplikacji\Search Settings

2009-04-27 15:46 . 2009-04-27 15:46 74712 ----a-w- c:\documents and settings\SpOLeM\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT

2009-04-27 15:46 . 2009-04-27 15:46 131 ----a-w- c:\documents and settings\SpOLeM\Ustawienia lokalne\Dane aplikacji\fusioncache.dat

2009-04-12 14:24 . 2001-10-26 20:15 86834 ----a-w- c:\windows\system32\perfc015.dat

2009-04-12 14:24 . 2001-10-26 20:15 495270 ----a-w- c:\windows\system32\perfh015.dat

2009-04-05 19:32 . 2009-04-05 19:32 691712 ----a-w- c:\windows\isRS-000.tmp

2009-03-22 16:38 . 2009-03-22 16:38 107888 ----a-w- c:\windows\system32\CmdLineExt.dll

2008-12-19 19:52 . 2008-11-28 11:52 67688 ----a-w- c:\program files\mozilla firefox\components\jar50.dll

2008-12-19 19:52 . 2008-11-28 11:52 54368 ----a-w- c:\program files\mozilla firefox\components\jsd3250.dll

2008-12-19 19:52 . 2008-11-28 11:52 34944 ----a-w- c:\program files\mozilla firefox\components\myspell.dll

2008-12-19 19:52 . 2008-11-28 11:52 46712 ----a-w- c:\program files\mozilla firefox\components\spellchk.dll

2008-12-19 19:52 . 2008-11-28 11:52 172136 ----a-w- c:\program files\mozilla firefox\components\xpinstal.dll

.

------- Sigcheck -------

[-] 2008-04-14 17:20 580096 A435C5C069AFD901751AC323AD238793 c:\windows\SoftwareDistribution\Download\bb44941ebc6c98c13a74d1f65de46494\user32.dll

[-] 2007-07-10 13:06 642560 CE594E18FE0D0AF804F1F3694921CE62 c:\windows\system32\user32.dll

[-] 2009-01-27 19:55 642560 CE594E18FE0D0AF804F1F3694921CE62 c:\windows\system32\dllcache\user32.dll

[-] 2007-10-17 19:30 974848 16DF8A100E8966E48BA00C86F6C89972 c:\windows\explorer.exe

[-] 2008-04-14 17:21 1035264 C791ED9EAC5E76D9525E157B1D7A599A c:\windows\SoftwareDistribution\Download\bb44941ebc6c98c13a74d1f65de46494\explorer.exe

[-] 2008-04-14 17:20 1571840 A9ED600F08A92143253C10EDB5651ECF c:\windows\SoftwareDistribution\Download\bb44941ebc6c98c13a74d1f65de46494\sfcfiles.dll

[-] 2007-10-09 00:09 1548288 89878732D5EB0C845AD2356081142F2A c:\windows\system32\sfcfiles.dll

.

((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane

REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects{038cb5c7-48ea-4af9-94e0-a1646542e62b}]

2009-05-26 20:31 2094616 ----a-w- c:\program files\ToggleEN\tbTog1.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects{ecdee021-0d17-467f-a1ff-c7a115230949}]

2009-05-22 15:09 2094616 ----a-w- c:\program files\free-downloads.net\tbfre0.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]

"Gadu-Gadu"="c:\program files\Gadu-Gadu\gg.exe" [2008-03-20 2127296]

"BitComet"="c:\program files\BitComet\BitComet.exe" [2008-11-12 2511672]

"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-12-29 687560]

"Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-11-18 21633320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-10-07 86016]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-30 136600]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-07 13574144]

"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]

"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 49152]

"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]

"SearchSettings"="c:\program files\Search Settings\SearchSettings.exe" [2008-06-12 991584]

"PowerS"="c:\windows\PowerS.exe" [2001-08-03 159800]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]

"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-01-06 290088]

"SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2007-10-17 577536]

"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2006-11-17 1622016]

[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360]

[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"nltide_2"="shell32" [X]

"nltide_3"="advpack.dll" - c:\windows\system32\advpack.dll [2008-12-20 124928]

c:\documents and settings\MasterAdmin\Menu Start\Programy\Autostart\

Tworzenie wycink˘w ekranu i uruchamianie programu OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]

UniSpiker-2.6.lnk - c:\program files\ivo\UniSpiker-2.6\uni_spiker-2.6.exe [2006-3-6 86018]

c:\documents and settings\All Users\Menu Start\Programy\Autostart\

BlueSoleil.lnk - c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2007-5-17 661776]

HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-12 282624]

HP Image Zone - szybkie uruchamianie.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2005-5-12 73728]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"DisableStatusMessages"= 1 (0x1)

[HKEY_USERS.default\software\microsoft\windows\currentversion\policies\explorer]

"NoSMMyPictures"= 1 (0x1)

"NoSMConfigurePrograms"= 1 (0x1)

"NoSMHelp"= 1 (0x1)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]

@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]

@=""

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\Network Diagnostic\xpnetdiag.exe"=

"%windir%\system32\sessmgr.exe"=

"c:\Program Files\BitComet\BitComet.exe"=

"c:\Program Files\Gadu-Gadu\gg.exe"=

"d:\Gry misada\metin2.bin"=

"d:\Gry misada\Game\TC2.exe"=

"c:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"=

"c:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"=

"c:\Program Files\Microsoft Office\Office12\GROOVE.EXE"=

"c:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"=

"d:\Counter-Strike\hl.exe"=

"c:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"=

"c:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"=

"c:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"=

"c:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"=

"c:\Program Files\HP\Digital Imaging\bin\hposid01.exe"=

"c:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"=

"c:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"=

"c:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"=

"c:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"=

"c:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"=

"c:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"=

"c:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"=

"c:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"=

"c:\Program Files\Motorola\Software Update\msu.exe"=

"c:\Program Files\Bonjour\mDNSResponder.exe"=

"c:\Program Files\iTunes\iTunes.exe"=

"c:\Program Files\Nowe Gadu-Gadu\gg.exe"=

"e:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe"=

"c:\Program Files\Skype\Phone\Skype.exe"=

"c:\Program Files\Password Solutions\Office Password Recovery PRO\OfficePasswordRecoveryPRO.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"11605:TCP"= 11605:TCP:BitComet 11605 TCP

"11605:UDP"= 11605:UDP:BitComet 11605 UDP

"8461:TCP"= 8461:TCP:GoD High Port

"8462:TCP"= 8462:TCP:GoD Low Port

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-04-05 130424]

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-06-06 114768]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-06-06 20560]

R2 BT848;BtCap, WDM Video Capture;c:\windows\system32\drivers\BT848.SYS [2008-12-02 291768]

R2 BTTUNER;BtTuner, WDM TV Tuner;c:\windows\system32\drivers\BTTUNER.SYS [2008-12-02 21288]

R2 BTXBAR;BtXBar, WDM Crossbar;c:\windows\system32\drivers\BTXBAR.SYS [2008-12-02 12568]

S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys --> c:\windows\system32\DRIVERS\motccgp.sys [?]

S3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys --> c:\windows\system32\DRIVERS\motccgpfl.sys [?]

S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\DRIVERS\motodrv.sys --> c:\windows\system32\DRIVERS\motodrv.sys [?]

S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2009-04-05 348752]

.

Zawartość folderu 'Zaplanowane zadania'

2009-06-13 c:\windows\Tasks\AppleSoftwareUpdate.job

  • c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2009-06-17 c:\windows\Tasks\User_Feed_Synchronization-{83AF7F50-30B4-421F-B802-B6B18F7D9395}.job

  • c:\windows\system32\msfeedssync.exe [2007-10-08 23:35]

.

  • USUNIĘTO PUSTE WPISY - - - -

HKCU-Run-Hattric - c:\windows\system32\hattric\smss.exe

HKCU-Run-1qaw3edr5 - c:\windows\system32\IcyTowerv10.exe

HKCU-Run-Steam - e:\nowy folder\Steam.exe

HKCU-Run-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

HKLM-Run-1qaw3edr5 - c:\windows\system32\IcyTowerv10.exe

HKLM-Explorer_Run-1qaw3edr5 - c:\windows\system32\IcyTowerv10.exe

.

------- Skan uzupełniający -------

.

mStart Page = hxxp://www.msn.com

uInternet Connection Wizard,ShellNext = hxxp://gg.hit.gemius.pl/hitredir/id=ogW ... 04GGBANNER

IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000

IE: pobierz wszystkie video za pomocą bitcomet - c:\program files\BitComet\BitComet.exe/AddVideo.htm

IE: pobierz wszystko za pomocą bitcomet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm

IE: pobierz za pomocą bitcomet - c:\program files\BitComet\BitComet.exe/AddLink.htm

Trusted Zone: mks.com.pl

DPF: {68282C51-9459-467B-95BF-3C0E89627E55} - hxxp://www.mks.com.pl/skaner/SkanerOnline.cab

FF - ProfilePath -

.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-06-17 22:23

Windows 5.1.2600 Dodatek Service Pack 2 NTFS

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ...

skanowanie pomyślnie ukończone

ukryte pliki: 0

**************************************************************************

.

--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------

  • > 'winlogon.exe'(784)

c:\windows\system32\cscui.dll

  • > 'explorer.exe'(3832)

c:\windows\system32\SHDOCVW.dll

c:\windows\system32\ntshrui.dll

c:\windows\system32\SETUPAPI.dll

c:\windows\system32\NETSHELL.dll

c:\windows\system32\credui.dll

c:\windows\system32\stobject.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Pozostałe uruchomione procesy ------------------------

.

c:\program files\Alwil Software\Avast4\aswUpdSv.exe

c:\program files\Alwil Software\Avast4\ashServ.exe

c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\program files\Java\jre6\bin\jqs.exe

c:\windows\system32\nvsvc32.exe

c:\windows\system32\HPZipm12.exe

c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

c:\program files\Alwil Software\Avast4\ashMaiSv.exe

c:\program files\Alwil Software\Avast4\ashWebSv.exe

c:\windows\system32\wscntfy.exe

c:\windows\system32\wbem\wmiapsrv.exe

c:\windows\system32\notepad.exe

c:\windows\system32\notepad.exe

c:\windows\system32\notepad.exe

c:\windows\system32\notepad.exe

c:\windows\system32\notepad.exe

c:\windows\system32\notepad.exe

c:\windows\system32\notepad.exe

c:\windows\system32\notepad.exe

c:\windows\system32\notepad.exe

c:\windows\system32\notepad.exe

c:\windows\system32\notepad.exe

c:\windows\system32\notepad.exe

c:\windows\system32\notepad.exe

c:\windows\system32\notepad.exe

c:\windows\system32\notepad.exe

c:\windows\system32\notepad.exe

c:\windows\system32\notepad.exe

c:\windows\system32\notepad.exe

c:\windows\system32\notepad.exe

c:\windows\system32\notepad.exe

.

**************************************************************************

.

Czas ukończenia: 2009-06-17 22:25 - komputer został uruchomiony ponownie

ComboFix-quarantined-files.txt 2009-06-17 20:25

Przed: 2 686 459 904 bajtów wolnych

Po: 2 800 070 656 bajtów wolnych

276 --- E O F --- 2009-04-12 14:28


(Leon$) #18

trochę zostało usunięte

Otwórz notatnik i wklej

zapisz jako CFScript.txt (zapisz by ikonka CFScript.txt była obok ikonki ComboFix.exe) >> Przeciągnij i upuść ikonkę CFScript.txt na ikonkę ComboFix.exe

Powinno rozpocząć się usuwanie

Potem log z usuwania Combofix

:slight_smile:


(Spolem) #19

Zrobiłem to co powiedziałeś ale jak przeciągne "CFScript.txt na ikonkę ComboFix.exe" To otwiera sie notatnik i Hińskie znaki i nic sie nie dzieje :frowning:


(Leon$) #20

w takim razie usuń plik

wejdź do msconfig >> uruchamianie i odznacz

Pobierz program SDFix

-