Wykorzystanie procesora skacze jak szalone

maszek · 2 Luty 2010 12:05

witam

od pewnego czasu użycie procesora w komputerze zaczeło skakać jak szalone i niewiem czego to wina

od niedawna zauważyłem także że na 2 pozycji od czasu do czasu pojawia się proces wmiprvse czytałem o nim i wiem że jest systemowy

problem wydaje mi sie pojawił się gdy złapałem win32/jeefo ale już się go pozbyłem prosze o pomoc

Irydium · 2 Luty 2010 12:42

Sprawdź w Menedżerze zadań windows (w XP CTRL+ALT+DEL) w zakładce Procesy jaki proces zużywa najwięcej cpu. Możesz też podać logi z HiJackThis i OTL. Skoro złapałeś wirusa, może coś w systemie jeszcze od niego pozostało.

Buber82 · 2 Luty 2010 13:34

Wmpiserve to usługa udostępnienia windows media playera w sieci. Nic groźnego, aczkolwiek zbyteczne do codziennej pracy, wyłączysz to w opcjach media playera bądź z poziomu msconfig ( zakładka usługi )

maszek · 2 Luty 2010 13:49

Hi jaack this

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 14:27:59, on 2010-02-02

Platform: Unknown Windows (WinNT 6.01.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16385)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

C:\Program Files\Multimedia Keyboard\PS2USBKbdDrv.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Norton AntiVirus\Engine\17.5.0.127\ccSvcHst.exe

C:\Program Files\Opera\opera.exe

C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe

C:\Program Files\RelevantKnowledge\rlvknlg.exe

C:\Windows\system32\wbem\unsecapp.exe

D:\Program Files\Valve\Steam\Steam.exe

C:\Program Files\Windows Media Player\wmplayer.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=15161&l=dis

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\Windows\System32\dvmurl.dll

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\17.5.0.127\IPSBHO.DLL

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Pomocnik rejestracji usługi Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll (file missing)

O4 - HKLM…\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s

O4 - HKLM…\Run: [WireLessKeyboard] C:\Program Files\Multimedia Keyboard\PS2USBKbdDrv.exe

O4 - HKCU…\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU…\Run: [DAEMON Tools Lite] “C:\Program Files\DAEMON Tools Lite\DTLite.exe” -autorun

O4 - HKUS\S-1-5-19…\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘USŁUGA LOKALNA’)

O4 - HKUS\S-1-5-19…\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User ‘USŁUGA LOKALNA’)

O4 - HKUS\S-1-5-20…\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘USŁUGA SIECIOWA’)

O4 - HKUS\S-1-5-20…\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User ‘USŁUGA SIECIOWA’)

O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra ‘Tools’ menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O13 - Gopher Prefix:

O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow … ab_nvd.cab

O17 - HKLM\System\CCS\Services\Tcpip…{6BA16F34-8CEC-4C79-8BFC-0A95FED4C9F2}: NameServer = 194.204.159.1,194.204.152.34

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\system32\skype4com.dll

O23 - Service: BlueSoleilCS - IVT Corporation - D:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe

O23 - Service: BsHelpCS - IVT Corporation - D:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe

O23 - Service: BsMobileCS - IVT Corporation - D:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe

O23 - Service: Dragon Age: Początek - Aktualizator zawartości (DAUpdaterSvc) - BioWare - C:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe

O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE

O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - E:\Program Files\LogMeIn Hamachi\hamachi-2.exe

O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\17.5.0.127\ccSvcHst.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: RelevantKnowledge - TMRG, Inc. - C:\Program Files\RelevantKnowledge\rlservice.exe

O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

–

End of file - 6281 bytes

– Dodane 02.02.2010 (Wt) 14:54 –

OTl

sory ze link ale pełne logi sie niezmieściły

http://www.sendspace.pl/file/dd6c71276585deaee2d4f05

Buber82 · 2 Luty 2010 14:52

Masz Vistę czy 7 ? Wyłącz indeksowanie, możesz użyć konfiguratorów Sunrise, mają parę opcji poprawiających wydajność.

maszek · 2 Luty 2010 14:55

mam 7 i wcześniej sie tak niedziało wszystko wskazuje że to wina tego WmiPrvSE lokalizacja C:\Windows\System32\wbem

Buber82 · 2 Luty 2010 14:58

W logu nie widać nic niepokojącego.

Standardowo, wyłącz przywracanie systemu, combofix, po restarcie włącz przywracanie z powrotem, odśmiecanie w usługach i odpalanych przy starcie programach, defragmentacja dysku (ewentualna), może przeskanuj ad-aware’m. Ogólnie konserwacja

Semtex · 2 Luty 2010 15:49

Kolego polecasz użycie bardzo niebezpiecznego narzędzia, weźmiesz odpowiedzialność za ewentualne problemy po użyciu, jeżeli naprawdę Combo coś znajdzie poprowadzisz usuwanie ??

Buber82 · 2 Luty 2010 16:18

Combofix właściwie użyty nie wymaga żadnej interwencji ani nie daje powodów do obaw.

Semtex · 2 Luty 2010 17:31

Poczytaj, Combo używamy tylko jeżeli zostaliśmy o to poproszenie przez specjalistę, który prowadzi “leczenie”.

maszek · 2 Luty 2010 17:34

z tym combofiksem to długo chyba niewiem może ktoś ma inne sugestie jeżeli chodzi o gry to ten procesor nieprzeszkadza tylko w counter strike 1.6 niedziała;// jak już mówiłem użycie procka powodują procesy ps teraz wyskoczył mi problem z siecią ale sie pozbyłem już go ten combofix jest dziwny jakiś

Irydium · 2 Luty 2010 18:03

Combofix powinno się zasadniczo używać tylko w wypadku znalezienia czegoś niepokojącego przez OTL.

maszek · 2 Luty 2010 21:36

jak już mówiłem dręczy mnie ten proces wmiprvse wg mnie to jego wina tylko jak go wyłączyć ale na stałe

a jeszcze jedno jednym z procesów zżerającym procka jest

RelevantKnowledge

to potrzebne jest bo jak nie to skasuje

Buber82 · 2 Luty 2010 22:10

[OT] Semtex, zawodowo jestem takim “specjalistą” [/OT]

Pomyliłem usługi, ale wstyd. Anyway, chwila googlania i mamy opis:

Przeskanuj kompa tak jak wyżej wspomniałem i używaj google ze zrozumieniem, bo rozwalisz system nawet o tym nie wiedząc.

maszek · 3 Luty 2010 10:05

mam logi z combofix

ComboFix 10-02-02.02 - Mateusz 2010-02-03 10:49:01.1.2 - x86

Microsoft Windows 7 Home Premium 6.1.7600.0.1250.48.1045.18.4094.3073 [GMT 1:00]

Uruchomiony z: c:\users\Mateusz\Desktop\ComboFix.exe

.


((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))

.


c:\program files\RelevantKnowledge

c:\program files\RelevantKnowledge\MSVCP71.DLL

c:\program files\RelevantKnowledge\MSVCR71.DLL

c:\program files\RelevantKnowledge\rlls.dll

c:\program files\RelevantKnowledge\rlls64.dll

c:\program files\RelevantKnowledge\rloci.bin

c:\program files\RelevantKnowledge\rlservice.exe

c:\program files\RelevantKnowledge\rlvknlg.exe

c:\program files\RelevantKnowledge\rlvknlg64.exe

c:\program files\temp

c:\users\Mateusz\AppData\Roaming\Desktopicon

c:\users\Mateusz\AppData\Roaming\Desktopicon\eBay.ico

c:\users\Mateusz\AppData\Roaming\Desktopicon\uninst.exe

c:\windows\system32\SHELLLNK.TLB

c:\windows\system32\VB6KO.DLL


.

((((((((((((((((((((((((((((((((((((((( Sterowniki/Usługi )))))))))))))))))))))))))))))))))))))))))))))))))

.


-------\Service_RelevantKnowledge



((((((((((((((((((((((((( Pliki utworzone od 2010-01-03 do 2010-02-03 )))))))))))))))))))))))))))))))

.


2010-02-03 09:54 . 2010-02-03 09:56	--------	d-----w-	c:\users\Mateusz\AppData\Local\temp

2010-02-03 09:54 . 2010-02-03 09:54	--------	d-----w-	c:\users\Maszek\AppData\Local\temp

2010-02-03 09:54 . 2010-02-03 09:54	--------	d-----w-	c:\users\Default\AppData\Local\temp

2010-02-03 08:39 . 2009-08-29 09:00	84912	----a-w-	c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\VirusDefs\20100202.041\NAVENG.SYS

2010-02-03 08:39 . 2009-08-29 09:00	177520	----a-w-	c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\VirusDefs\20100202.041\NAVENG32.DLL

2010-02-03 08:39 . 2009-08-29 09:00	1647984	----a-w-	c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\VirusDefs\20100202.041\NAVEX32A.DLL

2010-02-03 08:39 . 2009-08-29 09:00	1323568	----a-w-	c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\VirusDefs\20100202.041\NAVEX15.SYS

2010-02-03 08:39 . 2010-01-30 17:43	2747440	----a-w-	c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\VirusDefs\20100202.041\CCERASER.DLL

2010-02-03 08:39 . 2010-01-30 17:43	259440	----a-w-	c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\VirusDefs\20100202.041\ECMSVR32.DLL

2010-02-03 08:39 . 2009-08-29 09:00	371248	----a-w-	c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\VirusDefs\20100202.041\EECTRL.SYS

2010-02-03 08:39 . 2009-08-29 09:00	102448	----a-w-	c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\VirusDefs\20100202.041\ERASER.SYS

2010-02-02 21:46 . 2010-02-02 21:47	--------	d-----w-	c:\program files\Unlocker

2010-02-02 21:35 . 2009-12-05 04:54	529456	----a-w-	c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\BASHDefs\20100130.002\BHDrvx86.sys

2010-02-02 21:35 . 2009-12-05 04:54	201616	----a-w-	c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\BASHDefs\20100130.002\BHRules.dll

2010-02-02 21:35 . 2009-12-05 04:54	1405840	----a-w-	c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\BASHDefs\20100130.002\BHEngine.dll

2010-02-02 21:35 . 2009-12-05 04:54	668720	----a-w-	c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\BASHDefs\20100130.002\BHDrvx64.sys

2010-02-02 21:35 . 2009-12-05 04:54	610704	----a-w-	c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\BASHDefs\20100130.002\bbRGen.dll

2010-02-02 15:57 . 2010-02-02 15:57	--------	d-----w-	c:\users\Mateusz\AppData\Local\IVONA_INST

2010-02-01 09:55 . 2010-02-01 09:55	--------	d-----w-	c:\program files\NVIDIA Corporation

2010-01-31 20:59 . 2010-01-31 21:03	--------	d-----w-	c:\program files\Odkurzacz

2010-01-31 20:53 . 2010-01-31 20:53	--------	d-----w-	c:\program files\RegCleaner

2010-01-31 19:42 . 2010-02-02 21:48	--------	d-----w-	c:\users\Mateusz\AppData\Local\CrashDumps

2010-01-31 18:47 . 2010-01-31 18:47	--------	d-----w-	c:\program files\Trend Micro

2010-01-31 17:21 . 2009-10-31 05:45	2614272	----a-w-	c:\windows\explorer.exe

2010-01-31 17:21 . 2009-10-28 06:17	285696	----a-w-	c:\windows\system32\winlogon.exe

2010-01-31 17:02 . 2010-01-31 17:02	146	----a-w-	c:\windows\DelMR.bat

2010-01-31 09:53 . 2009-10-28 22:37	811896	----a-w-	c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\IPSDefs\20100128.002\Scxpx86.dll

2010-01-31 09:53 . 2009-10-28 22:37	343088	----a-w-	c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\IPSDefs\20100128.002\IDSvix86.sys

2010-01-31 09:53 . 2009-10-28 22:37	329592	----a-w-	c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\IPSDefs\20100128.002\IDSXpx86.sys

2010-01-31 09:53 . 2009-10-28 22:37	488312	----a-w-	c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\IPSDefs\20100128.002\IDSxpx86.dll

2010-01-31 09:53 . 2009-10-28 22:37	466992	----a-w-	c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\IPSDefs\20100128.002\IDSviA64.sys

2010-01-30 17:19 . 2009-08-30 00:16	164216	----a-r-	c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\IPSFFPlgn\components\IPSFFPl.dll

2010-01-30 17:19 . 2010-01-30 17:20	--------	d-----w-	c:\program files\Common Files\Symantec Shared

2010-01-30 17:19 . 2010-01-30 17:19	--------	d-----w-	c:\program files\Symantec

2010-01-30 17:19 . 2010-01-30 17:19	124976	----a-w-	c:\windows\system32\drivers\SYMEVENT.SYS

2010-01-30 17:19 . 2009-08-26 22:13	900464	----a-w-	c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\OCS\hsplayer.dll

2010-01-30 17:19 . 2009-09-01 09:02	893296	----a-w-	c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\CLT\cltLMSx.dll

2010-01-30 17:19 . 2010-02-01 08:26	--------	d-----w-	c:\windows\system32\drivers\NAV

2010-01-30 17:19 . 2010-01-30 17:19	--------	d-----w-	c:\program files\Norton AntiVirus

2010-01-30 17:19 . 2010-01-30 17:19	--------	d-----w-	c:\programdata\Norton

2010-01-30 17:17 . 2010-01-30 17:19	--------	d-----w-	c:\programdata\NortonInstaller

2010-01-30 17:17 . 2010-01-30 17:17	--------	d-----w-	c:\program files\NortonInstaller

2010-01-30 13:37 . 2010-01-30 13:37	2560	----a-w-	c:\windows\_MSRSTRT.EXE

2010-01-30 13:06 . 2010-01-30 13:06	--------	d-----w-	c:\users\Mateusz\AppData\Roaming\DivX

2010-01-30 13:06 . 2010-01-30 13:54	--------	d-----w-	c:\program files\ProgDVB

2010-01-30 07:26 . 2010-01-30 07:26	--------	d-----w-	c:\users\Mateusz\AppData\Local\THQ

2010-01-29 18:19 . 2010-01-29 18:19	--------	d-----w-	c:\users\Mateusz\AppData\Local\IsolatedStorage

2010-01-29 18:16 . 2007-02-02 17:30	13696	----a-w-	c:\windows\system32\drivers\PctvVirtualNdis.sys

2010-01-29 18:04 . 2010-01-29 18:04	--------	d-----w-	c:\users\Mateusz\AppData\Local\Pinnacle Systems GmbH

2010-01-29 18:00 . 2010-01-31 09:50	--------	d-----w-	c:\program files\DivX

2010-01-29 17:54 . 2010-01-29 18:16	--------	d-----w-	c:\programdata\Pinnacle

2010-01-26 08:19 . 2010-01-26 08:17	79360	----a-w-	c:\windows\system32\mkzlib.dll

2010-01-26 08:19 . 2010-01-26 08:17	79360	----a-w-	c:\windows\mkzlib.dll

2010-01-26 07:50 . 2010-01-26 07:50	--------	d-----w-	c:\program files\ALLConverter

2010-01-26 07:50 . 2010-01-26 07:50	--------	d-----w-	c:\programdata\ALLPlayer

2010-01-26 07:50 . 2009-06-11 21:52	892928	----a-w-	c:\windows\system32\iconv.dll

2010-01-26 07:50 . 2009-06-11 21:52	892928	----a-w-	c:\programdata\ALLPlayer\LIVE\DOLBY\iconv.dll

2010-01-26 07:50 . 2009-05-29 21:31	881664	----a-w-	c:\programdata\ALLPlayer\LIVE\XVID\xvidcore.dll

2010-01-26 07:50 . 2008-11-13 03:25	740442	----a-w-	c:\programdata\ALLPlayer\LIVE\DIVX\DivX.dll

2010-01-26 07:50 . 2008-04-14 21:50	1291776	----a-w-	c:\programdata\ALLPlayer\LIVE\QUARTZ\quartzXP.dll

2010-01-26 07:50 . 2010-01-31 09:49	--------	d-----w-	c:\program files\ALLPlayer

2010-01-25 17:42 . 2010-01-25 17:43	--------	d-----w-	c:\users\Mateusz\AppData\Roaming\BESTplayer

2010-01-25 17:19 . 2009-08-03 23:31	3948600	----a-w-	c:\windows\system32\ntsunkrnl.exe

2010-01-25 17:17 . 2010-01-31 09:49	--------	d-----w-	c:\program files\Sunrise Seven

2010-01-25 17:15 . 2010-01-31 12:27	--------	d-----w-	c:\program files\Microsoft Silverlight

2010-01-25 17:12 . 2009-12-19 09:02	977920	----a-w-	c:\windows\system32\wininet.dll

2010-01-25 17:12 . 2009-10-19 14:10	108544	----a-w-	c:\windows\system32\t2embed.dll

2010-01-25 17:12 . 2009-10-19 14:10	70656	----a-w-	c:\windows\system32\fontsub.dll

2010-01-25 15:10 . 2010-01-25 15:10	--------	d-----w-	c:\users\Mateusz\AppData\Local\ElevatedDiagnostics

2010-01-24 08:47 . 2010-01-24 08:47	--------	d-----w-	c:\program files\Multimedia Keyboard

2010-01-23 13:26 . 2010-01-23 13:26	--------	d-----w-	c:\users\Mateusz\AppData\Local\Risen

2010-01-23 12:54 . 2010-01-23 12:54	691696	----a-w-	c:\windows\system32\drivers\sptd.sys

2010-01-20 17:24 . 2010-01-20 17:24	--------	d-----w-	c:\users\Mateusz\AppData\Roaming\SystemUp

2010-01-20 17:23 . 2010-01-20 17:23	--------	d-----w-	c:\program files\zoneLINK

2010-01-20 05:56 . 2010-01-24 07:58	--------	d-----w-	c:\users\Mateusz\AppData\Local\LogMeIn Hamachi

2010-01-12 11:03 . 2010-01-12 11:03	68200	----a-w-	c:\windows\system32\OpenCL.dll

2010-01-12 11:03 . 2010-01-12 11:03	4338792	----a-w-	c:\windows\system32\nvencodemft.dll

2010-01-12 11:03 . 2010-01-12 11:03	4077672	----a-w-	c:\windows\system32\nvcuvenc.dll

2010-01-12 11:03 . 2010-01-12 11:03	4061800	----a-w-	c:\windows\system32\nvcuda.dll

2010-01-12 11:03 . 2010-01-12 11:03	318568	----a-w-	c:\windows\system32\nvdecodemft.dll

2010-01-12 11:03 . 2010-01-12 11:03	2243176	----a-w-	c:\windows\system32\nvcuvid.dll

2010-01-12 11:03 . 2010-01-12 11:03	182888	----a-w-	c:\windows\system32\nvcod189.dll

2010-01-12 11:03 . 2010-01-12 11:03	182888	----a-w-	c:\windows\system32\nvcod.dll

2010-01-12 11:03 . 2010-01-12 11:03	14924392	----a-w-	c:\windows\system32\nvoglv32.dll

2010-01-12 11:03 . 2010-01-12 11:03	11639400	----a-w-	c:\windows\system32\nvcompiler.dll

2010-01-12 11:03 . 2010-01-12 11:03	11586280	----a-w-	c:\windows\system32\drivers\nvlddmkm.sys

2010-01-11 21:18 . 2010-01-11 21:18	962664	----a-w-	c:\windows\system32\nvsvc.dll

2010-01-11 21:18 . 2010-01-11 21:18	13679720	----a-w-	c:\windows\system32\nvcpl.dll

2010-01-11 21:18 . 2010-01-11 21:18	129640	----a-w-	c:\windows\system32\nvvsvc.exe

2010-01-11 21:18 . 2010-01-11 21:18	110696	----a-w-	c:\windows\system32\nvmctray.dll

2010-01-08 15:09 . 2010-01-08 15:09	--------	d-----w-	c:\program files\Common Files\PCSuite

2010-01-08 14:42 . 2010-01-08 14:42	--------	d-----w-	c:\users\Mateusz\AppData\Local\bluesoleil

2010-01-08 14:07 . 2010-01-08 14:07	--------	d-----w-	c:\windows\system32\ivtMobCache

2010-01-07 17:56 . 2010-01-07 17:56	--------	d-----w-	c:\program files\IVT Corporation

2010-01-07 17:18 . 2010-01-07 17:18	--------	d-----w-	c:\programdata\Nokia

2010-01-07 16:46 . 2010-01-07 16:46	--------	d-----w-	c:\users\Mateusz\AppData\Local\Nokia

2010-01-07 16:46 . 2010-01-08 14:02	--------	d-----w-	c:\users\Mateusz\AppData\Local\NokiaAccount

2010-01-07 16:43 . 2010-01-31 12:37	--------	d-----w-	c:\program files\PC Connectivity Solution

2010-01-07 16:43 . 2010-01-07 16:43	12212040	----a-w-	c:\programdata\OviInstallerCache\{B6164ADA-55DA-4FA9-B78B-A7EB741742A1}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X86-ENU.exe

2010-01-07 16:13 . 2009-10-06 10:52	91136	----a-w-	c:\windows\system32\nmwcdcls.dll

2010-01-07 16:13 . 2010-01-08 15:09	--------	d-----w-	c:\program files\Nokia

2010-01-07 16:13 . 2010-01-07 16:13	95232	----a-w-	c:\programdata\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\pcswpcsi.exe

2010-01-07 16:13 . 2010-01-07 16:13	8192	----a-w-	c:\programdata\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstCCD.exe

2010-01-07 16:13 . 2010-01-07 16:13	61440	----a-w-	c:\programdata\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstPCSFEMsi.exe

2010-01-07 16:13 . 2010-01-07 16:13	10240	----a-w-	c:\programdata\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstPCS.exe

2010-01-07 16:13 . 2010-01-08 15:09	--------	d-----w-	c:\programdata\Installations


.

(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-02-02 16:36 . 2009-11-24 16:23	108824	----a-w-	c:\users\Mateusz\AppData\Local\GDIPFONTCACHEV1.DAT

2010-02-02 15:28 . 2009-11-24 17:23	--------	d-----w-	c:\programdata\Microsoft Help

2010-02-02 15:27 . 2009-11-24 17:25	--------	d-----w-	c:\program files\Microsoft Works

2010-02-02 15:25 . 2009-12-01 14:40	--------	d-----w-	c:\program files\Microsoft

2010-02-02 13:13 . 2009-11-24 16:49	16608	----a-w-	c:\windows\gdrv.sys

2010-02-01 09:56 . 2009-11-24 17:32	--------	d-----w-	c:\programdata\NVIDIA

2010-01-31 21:02 . 2009-11-24 18:32	--------	d-----w-	c:\programdata\OpenFM

2010-01-31 17:04 . 2009-12-01 13:39	--------	d-----w-	c:\program files\AviSynth 2.5

2010-01-31 17:02 . 2010-01-07 16:14	--------	d-----w-	c:\program files\Common Files\Nokia

2010-01-31 17:02 . 2009-11-24 16:31	--------	d--h--w-	c:\program files\InstallShield Installation Information

2010-01-31 12:40 . 2007-06-21 06:34	203328	----a-r-	c:\windows\GSetup.exe

2010-01-31 12:38 . 2009-12-09 19:41	--------	d-----w-	c:\program files\RocketDock

2010-01-31 12:33 . 2009-12-05 18:15	--------	d-----w-	c:\program files\NAPI-PROJEKT

2010-01-31 12:32 . 2009-11-24 16:35	--------	d-----w-	c:\program files\lg_fwupdate

2010-01-31 12:22 . 2009-12-01 14:46	--------	d-----w-	c:\program files\Xvid

2010-01-31 12:20 . 2009-11-25 13:20	--------	d-----w-	c:\program files\Winamp

2010-01-31 12:13 . 2010-01-02 11:14	--------	d-----w-	c:\program files\Dragon Age

2010-01-31 12:09 . 2010-01-02 11:14	--------	d-----w-	c:\program files\Common Files\BioWare

2010-01-31 12:07 . 2009-12-24 13:04	--------	d-----w-	c:\program files\Audacity

2010-01-31 09:49 . 2009-12-01 14:45	--------	d-----w-	c:\program files\AVI ReComp

2010-01-30 17:42 . 2009-12-01 16:48	--------	d-----w-	c:\program files\uTorrent

2010-01-30 17:19 . 2010-01-30 17:19	805	----a-w-	c:\windows\system32\drivers\SYMEVENT.INF

2010-01-30 17:19 . 2010-01-30 17:19	7443	----a-w-	c:\windows\system32\drivers\SYMEVENT.CAT

2010-01-30 13:44 . 2009-07-14 08:07	687590	----a-w-	c:\windows\system32\perfh015.dat

2010-01-30 13:44 . 2009-07-14 08:07	131176	----a-w-	c:\windows\system32\perfc015.dat

2010-01-30 13:17 . 2009-11-26 18:15	--------	d-----w-	c:\users\Mateusz\AppData\Roaming\Any Video Converter

2010-01-26 18:16 . 2009-12-01 16:47	--------	d-----w-	c:\users\Mateusz\AppData\Roaming\uTorrent

2010-01-24 08:47 . 2009-11-24 16:30	--------	d-----w-	c:\program files\Common Files\InstallShield

2010-01-23 11:15 . 2009-11-27 13:36	281760	----a-w-	c:\windows\system32\drivers\atksgt.sys

2010-01-23 11:14 . 2009-11-27 13:36	25888	----a-w-	c:\windows\system32\drivers\lirsgt.sys

2010-01-15 11:02 . 2009-12-01 14:48	--------	d-----w-	c:\users\Mateusz\AppData\Roaming\AVI ReComp

2010-01-14 10:12 . 2009-11-24 16:22	181120	------w-	c:\windows\system32\MpSigStub.exe

2010-01-12 11:03 . 2010-01-12 11:03	10920	----a-w-	c:\windows\system32\drivers\nvBridge.kmd

2010-01-12 11:03 . 2009-11-24 17:31	592488	----a-w-	c:\windows\system32\nvuninst.exe

2010-01-12 11:03 . 2009-09-27 15:12	592488	----a-w-	c:\windows\system32\nvudisp.exe

2010-01-12 11:03 . 2009-09-27 15:12	1280616	----a-w-	c:\windows\system32\nvapi.dll

2010-01-12 11:03 . 2009-07-13 22:09	4321384	----a-w-	c:\windows\system32\nvwgf2um.dll

2010-01-12 11:03 . 2009-06-10 21:19	9388648	----a-w-	c:\windows\system32\nvd3dum.dll

2010-01-07 16:53 . 2010-01-07 16:14	--------	d-----w-	c:\users\Mateusz\AppData\Roaming\Nokia

2010-01-07 16:43 . 2010-01-07 16:43	13930312	----a-w-	c:\programdata\OviInstallerCache\{B6164ADA-55DA-4FA9-B78B-A7EB741742A1}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X64-ENU.exe

2010-01-07 16:43 . 2010-01-07 16:43	77824	----a-w-	c:\programdata\OviInstallerCache\{B6164ADA-55DA-4FA9-B78B-A7EB741742A1}\Installer\CommonCustomActions\Run_XML6_SP1.exe

2010-01-07 16:43 . 2010-01-07 16:43	61440	----a-w-	c:\programdata\OviInstallerCache\{B6164ADA-55DA-4FA9-B78B-A7EB741742A1}\Installer\CommonCustomActions\WMF11Runx86.exe

2010-01-07 16:43 . 2010-01-07 16:43	58880	----a-w-	c:\programdata\OviInstallerCache\{B6164ADA-55DA-4FA9-B78B-A7EB741742A1}\Installer\CommonCustomActions\WMF11Runx64.exe

2010-01-07 16:43 . 2010-01-07 16:43	50000	----a-w-	c:\programdata\OviInstallerCache\{B6164ADA-55DA-4FA9-B78B-A7EB741742A1}\Installer\CommonCustomActions\pcswpc.exe

2010-01-07 16:42 . 2010-01-07 16:42	--------	d-----w-	c:\programdata\OviInstallerCache

2010-01-07 16:15 . 2010-01-07 16:15	0	---ha-w-	c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf

2010-01-07 16:15 . 2010-01-07 16:14	--------	d-----w-	c:\users\Mateusz\AppData\Roaming\PC Suite

2010-01-07 16:15 . 2010-01-07 16:14	--------	d-----w-	c:\programdata\PC Suite

2010-01-07 16:14 . 2010-01-07 16:14	--------	d-----w-	c:\program files\DIFX

2010-01-02 11:51 . 2010-01-02 11:51	--------	d-----w-	c:\programdata\BioWare

2010-01-02 11:33 . 2009-11-24 17:31	--------	d-----w-	c:\program files\Common Files\Wise Installation Wizard

2010-01-02 11:33 . 2010-01-02 11:33	--------	d-----w-	c:\programdata\Media Center Programs

2009-12-28 10:11 . 2009-11-24 18:21	--------	d-----w-	c:\users\Mateusz\AppData\Roaming\Gadu-Gadu 10

2009-12-27 16:38 . 2009-12-27 16:38	--------	d-----w-	c:\program files\LittleFighter2

2009-12-23 17:04 . 2009-11-24 16:15	686400	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll

2009-12-13 17:02 . 2009-12-13 17:02	686400	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll

2009-12-13 10:18 . 2009-12-13 10:16	--------	d-----w-	c:\program files\Spritefixer

2009-12-13 10:16 . 2009-12-13 10:16	49152	----a-w-	c:\windows\UNINS.EXE

2009-12-13 10:16 . 2009-12-13 10:16	28672	----a-w-	c:\windows\system32\shelllnk.dll

2009-12-13 10:16 . 2009-12-13 10:16	53760	----a-w-	c:\windows\system32\zlib.dll

2009-12-08 17:08 . 2009-12-08 17:08	--------	d-----w-	c:\users\Mateusz\AppData\Roaming\Ahead

2009-11-28 09:57 . 2009-11-28 09:57	411368	----a-w-	c:\windows\system32\deploytk.dll

2009-11-26 02:12 . 2009-11-26 02:12	85504	----a-w-	c:\windows\system32\ff_vfw.dll

2009-11-25 21:50 . 2009-11-25 21:50	180224	----a-w-	c:\windows\system32\xvidvfw.dll

2009-11-24 18:11 . 2009-11-24 16:54	319456	----a-w-	c:\windows\DIFxAPI.dll

2009-11-24 16:15 . 2009-11-24 16:15	48648	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll

2009-11-24 15:39 . 2009-11-24 15:39	1093064	----a-w-	c:\users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profiles\sge3av37.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll

2009-11-23 10:53 . 2009-11-23 10:53	37376	----a-w-	c:\users\Mateusz\AppData\Roaming\Gadu-Gadu 10\_userdata\ggbho.2.dll

2009-06-10 21:26 . 2009-07-14 02:04	9633792	--sha-r-	c:\windows\Fonts\StaticCache.dat

2009-07-14 01:14 . 2009-07-13 23:42	396800	--sha-w-	c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe

.


((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  

REGEDIT4


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]

2009-09-02 13:56	1175944	----a-w-	c:\program files\Ask.com\GenericAskToolbar.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-09-02 1175944]


[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]

[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]

[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]

[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]


[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-09-02 1175944]


[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]

[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]

[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]

[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-11-03 7866912]

"WireLessKeyboard "="c:\program files\Multimedia Keyboard\PS2USBKbdDrv.exe" [2005-05-14 217088]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]

"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2009-10-26 15872]


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv


[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages	REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp


[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]

path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk

backup=c:\windows\pss\Adobe Reader Speed Launch.lnk.CommonStartup

backupExtension=.CommonStartup


[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Gladinet Cloud Desktop.lnk]

path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Gladinet Cloud Desktop.lnk

backup=c:\windows\pss\Gladinet Cloud Desktop.lnk.CommonStartup

backupExtension=.CommonStartup


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]

c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BtTray]

2009-08-07 14:12	315478	----a-w-	d:\program files\IVT Corporation\BlueSoleil\BtTray.exe


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu 10]

2009-11-23 10:56	11797096	----a-w-	e:\program files\Gadu-Gadu 10\gg.exe


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]

2008-10-25 10:44	31072	----a-w-	c:\program files\Microsoft Office\Office12\GrooveMonitor.exe


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RocketDock]

2007-09-02 12:58	495616	----a-w-	c:\program files\RocketDock\RocketDock.exe


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]

2010-01-31 09:58	1217808	----a-w-	d:\program files\Valve\Steam\Steam.exe


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]

2009-07-01 16:37	37888	----a-w-	c:\program files\Winamp\winampa.exe


R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\drivers\BtHidBus.sys [2009-06-17 20744]

R0 SymDS;Symantec Data Store;c:\windows\System32\drivers\NAV\1105000.07F\symds.sys [2010-01-31 328752]

R0 SymEFA;Symantec Extended File Attributes;c:\windows\System32\drivers\NAV\1105000.07F\symefa.sys [2010-01-31 172592]

R1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\BASHDefs\20100130.002\BHDrvx86.sys [2010-02-02 529456]

R1 ccHP;Symantec Hash Provider;c:\windows\System32\drivers\NAV\1105000.07F\cchpx86.sys [2010-01-31 501888]

R1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\IPSDefs\20100128.002\IDSvix86.sys [2010-01-31 343088]

R1 SymIRON;Symantec Iron Driver;c:\windows\System32\drivers\NAV\1105000.07F\ironx86.sys [2010-01-31 116272]

R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\System32\drivers\NAV\1105000.07F\symtdiv.sys [2010-01-31 340016]

R2 NAV;Norton AntiVirus;c:\program files\Norton AntiVirus\Engine\17.5.0.127\ccsvchst.exe [2010-01-31 126392]

R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\System32\drivers\btnetBus.sys [2009-06-17 29192]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-01-30 102448]

R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\System32\drivers\IvtBtBus.sys [2009-06-17 25480]

R3 RTL8167;Realtek 8167 NT Driver;c:\windows\System32\drivers\Rt86win7.sys [2009-03-01 139776]

S3 DAUpdaterSvc;Dragon Age: Początek - Aktualizator zawartości;c:\program files\Dragon Age\bin_ship\daupdatersvc.service.exe [2010-01-02 25832]

S3 PctvVirtualNdis;Pinnacle Virtual Miniport;c:\windows\System32\drivers\PctvVirtualNdis.sys [2010-01-29 13696]

S4 BsMobileCS;BsMobileCS;d:\program files\IVT Corporation\BlueSoleil\BsMobileCS.exe [2009-08-07 143467]

S4 ES lite Service;ES lite Service for program management.;c:\program files\Gigabyte\EasySaver\essvr.exe [2009-11-24 80392]

S4 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;e:\program files\LogMeIn Hamachi\hamachi-2.exe [2009-10-29 1074568]

.

.

------- Skan uzupełniający -------

.

uStart Page = hxxp://www.ask.com?o=15161&l=dis

IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

TCP: {6BA16F34-8CEC-4C79-8BFC-0A95FED4C9F2} = 194.204.159.1,194.204.152.34

.

- - - - USUNIĘTO PUSTE WPISY - - - -


HKCU-Run-DAEMON Tools Lite - c:\program files\DAEMON Tools Lite\DTLite.exe

MSConfigStartUp-ALLUpdate - c:\program files\ALLPlayer\ALLUpdate.exe

MSConfigStartUp-BearShareInstall - c:\users\Mateusz\AppData\Local\Temp\BearShareInstaller\nseE820.tmp.exe

MSConfigStartUp-DAEMON Tools Lite - c:\program files\DAEMON Tools Lite\DTLite.exe

MSConfigStartUp-egui - c:\program files\ESET\ESET NOD32 Antivirus\egui.exe

MSConfigStartUp-LGODDFU - c:\program files\lg_fwupdate\fwupdate.exe

MSConfigStartUp-mRouterConfig - c:\program files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe

MSConfigStartUp-NeroFilterCheck - c:\program files\Common Files\Ahead\Lib\NeroCheck.exe

MSConfigStartUp-uTorrent - c:\program files\uTorrent\uTorrent.exe

AddRemove-05B59228C7E1C21DFBE89260F879BD95880548D8 - c:\progra~1\DIFX\270581355A767BF1\dpinst.exe

AddRemove-504244733D18C8F63FF584AEB290E3904E791693 - c:\progra~1\DIFX\B4723E9A0713E5B1\dpinst.exe

AddRemove-8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA - c:\progra~1\DIFX\270581355A767BF1\dpinst.exe

AddRemove-ALLConverter to 3GP_is1 - c:\program files\ALLConverter\3GP\unins000.exe

AddRemove-ALLPlayer_is1 - c:\program files\ALLPlayer\unins000.exe

AddRemove-Audacity_is1 - c:\program files\Audacity\unins000.exe

AddRemove-AVI ReComp - c:\program files\AVI ReComp\Uninstall.exe

AddRemove-eBay Icon - c:\users\Mateusz\AppData\Roaming\Desktopicon\uninst.exe

AddRemove-InstallShield_{6206FD57-3E60-4A52-AD1B-7D9F7BA2777E} - c:\program files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe

AddRemove-Mozilla Firefox (3.5.5) - c:\program files\Mozilla Firefox\uninstall\helper.exe

AddRemove-NapiProjekt_is1 - c:\program files\NAPI-PROJEKT\unins000.exe

AddRemove-Nero - Burning Rom!UninstallKey - c:\program files\Nero\Nero 7\\nero\uninstall\UNNERO.exe

AddRemove-Nokia Ovi Suite - c:\programdata\OviInstallerCache\{B6164ADA-55DA-4FA9-B78B-A7EB741742A1}\Nokia_Ovi_Suite_PCS_Update.exe

AddRemove-Nokia PC Suite - c:\programdata\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Nokia_PC_Suite_7_1_40_1_pol_web.exe

AddRemove-VobSub - c:\program files\Gabest\VobSub\uninstall.exe

AddRemove-Winamp - c:\program files\Winamp\UninstWA.exe

AddRemove-WinLiveSuite_Wave3 - c:\program files\Windows Live\Installer\wlarp.exe

AddRemove-Xvid_is1 - c:\program files\Xvid\unins000.exe

AddRemove-zonelink_UTILITIES_INTERNETTUNER_is1 - c:\program files\zoneLINK\SystemUp 2009\Utilities\InternetTuner\unins000.exe

AddRemove-{155F4A0E-76ED-45A2-91FB-FF2A2133C31A} - c:\program files\InstallShield Installation Information\{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}\setup.exe

AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files\DivX\DivXCodecUninstall.exe

AddRemove-{AB0DBC9A-422A-4888-A8E5-A32EC1779E68}_is1 - c:\program files\Sunrise Seven\unins000.exe

AddRemove-{AEC81925-9C76-4707-84A9-40696C613ED3} - c:\program files\Common Files\BioWare\Uninstall Dragon Age.exe

AddRemove-{d08d9f98-1c78-4704-87e6-368b0023d831} - c:\program files\RelevantKnowledge\rlvknlg.exe

AddRemove-{E8AEA11B-E60A-455E-B008-E4E763604612} - c:\program files\InstallShield Installation Information\{E8AEA11B-E60A-455E-B008-E4E763604612}\setup.exe

AddRemove-{EE91E474-9298-47B8-817F-8E0042408998} - c:\program files\InstallShield Installation Information\{EE91E474-9298-47B8-817F-8E0042408998}\setup.exe




[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NAV]

"ImagePath"="\"c:\program files\Norton AntiVirus\Engine\17.5.0.127\ccSvcHst.exe\" /s \"NAV\" /m \"c:\program files\Norton AntiVirus\Engine\17.5.0.127\diMaster.dll\" /prefetch:1"

.

--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------


[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000


[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000


[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000


[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------


- - - - - - - > 'Explorer.exe'(3624)

c:\windows\system32\BsMobileSDK.dll

c:\windows\system32\BsLangInDepRes.dll

c:\windows\system32\Bs2Res.dll

c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll

c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL

c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_pol.nlr

c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr

.

------------------------ Pozostałe uruchomione procesy ------------------------

.

c:\windows\system32\nvvsvc.exe

c:\windows\system32\nvvsvc.exe

c:\windows\system32\taskhost.exe

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

c:\windows\system32\conhost.exe

c:\windows\system32\WUDFHost.exe

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

c:\windows\system32\DllHost.exe

c:\windows\system32\sppsvc.exe

.

**************************************************************************

.

Czas ukończenia: 2010-02-03 10:58:45 - komputer został uruchomiony ponownie

ComboFix-quarantined-files.txt 2010-02-03 09:58


Przed: 19 076 980 736 bajtów wolnych

Po: 18 797 023 232 bajtów wolnych


- - End Of File - - FF2EA8CA05DD91BC3382D0A98BCC6875

Buber82 · 3 Luty 2010 11:09

No i ok, są postępy, jakoś komputer nie wybuchł

Moja rada, skasuj nortona całkowicie, na stronie symanteca znajdziesz do tego narzędzie, używaj avg bądź aviry ( o ile ten norton nie jest płatny, pochodzi z płytki ze sterownikami do płyty głównej). Ponadto wywal wszystkie “toolbary” i inne śmieci instalujące sie np. z winampem.

Gutek · 3 Luty 2010 11:30

Zmiana zasad wklejania logów na forum - viewtopic.php?f=16&t=253052

Wklej do Notatnika:

File:: c:\users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profiles\sge3av37.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll Folder:: c:\program files\Ask.com Registry:: [-HKEY_LOCAL_MACHINE~\Browser Helper Objects{D4027C7F-154A-4066-A1AD-4243D8127440}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] “{D4027C7F-154A-4066-A1AD-4243D8127440}”=- [-HKEY_CLASSES_ROOT\clsid{d4027c7f-154a-4066-a1ad-4243d8127440}] [-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [-HKEY_CLASSES_ROOT\TypeLib{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] “{D4027C7F-154A-4066-A1AD-4243D8127440}”=- [-HKEY_CLASSES_ROOT\clsid{d4027c7f-154a-4066-a1ad-4243d8127440}] [-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [-HKEY_CLASSES_ROOT\TypeLib{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

>>Plik>>Zapisz jako… >>> CFScript (najwygodniej będzie, jeśli zapiszesz w takiej lokalizacji, by ikonka CFScript.txt znalazła się obok ikonki ComboFix.exe )

Przeciągnij i upuść plik CFScript.txt na plik ComboFix.exe (czyli ikonkę CFScript.txt na ikonkę ComboFix.exe )

– podobnie jak na tym obrazku –>

(jeśli pojawi się pytanie " 1 or 2" - to wpisz 1 i naciśnij ENTER) Ma się rozpocząć usuwanie. (i powstanie log)

Po restarcie usuń ręcznie folder C: ** Qoobox**.

maszek · 3 Luty 2010 11:52

nie norton jest z neta sciągnołem go gdy pojawił się problem z tym jeefo po tym combofixe poprawiło się cs się włącza 8) ale czasem nadal skacze zrobie jak mówisz

Gutek · 3 Luty 2010 11:57

A po co to napisałem - proszę wykonać.

Co do jeefo zobacz - usuwanie-znanych-wirusow-sality-jeefo-parite-virut-itp-t370365.html

Wykonaj pełny skan Dr. Web CureIt

maszek · 3 Luty 2010 12:05

wiem wiem zaczynam wlaśnie

– Dodane 03.02.2010 (Śr) 14:26 –

niee jeffo sie już pozbyłem a i daje logi z combofixa

ComboFix 10-02-02.04 - Mateusz 2010-02-03 14:16:09.2.2 - x86

Microsoft Windows 7 Home Premium 6.1.7600.0.1250.48.1045.18.4094.3254 [GMT 1:00]

Uruchomiony z: c:\users\Mateusz\Desktop\ComboFix.exe

Użyto następujących komend :: c:\users\Mateusz\Desktop\CFScript.txt


FILE ::

"c:\users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profiles\sge3av37.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll"

.


((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))

.


c:\users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profiles\sge3av37.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll


.

((((((((((((((((((((((((( Pliki utworzone od 2010-01-03 do 2010-02-03 )))))))))))))))))))))))))))))))

.


2010-02-03 13:21 . 2010-02-03 13:21	--------	d-----w-	c:\users\Mateusz\AppData\Local\temp

2010-02-03 13:21 . 2010-02-03 13:21	--------	d-----w-	c:\users\Public\AppData\Local\temp

2010-02-03 13:21 . 2010-02-03 13:21	--------	d-----w-	c:\users\Maszek\AppData\Local\temp

2010-02-03 13:21 . 2010-02-03 13:21	--------	d-----w-	c:\users\Default\AppData\Local\temp

2010-02-03 08:39 . 2009-08-29 09:00	84912	----a-w-	c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\VirusDefs\20100202.041\NAVENG.SYS

2010-02-03 08:39 . 2009-08-29 09:00	177520	----a-w-	c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\VirusDefs\20100202.041\NAVENG32.DLL

2010-02-03 08:39 . 2009-08-29 09:00	1647984	----a-w-	c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\VirusDefs\20100202.041\NAVEX32A.DLL

2010-02-03 08:39 . 2009-08-29 09:00	1323568	----a-w-	c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\VirusDefs\20100202.041\NAVEX15.SYS

2010-02-03 08:39 . 2010-01-30 17:43	2747440	----a-w-	c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\VirusDefs\20100202.041\CCERASER.DLL

2010-02-03 08:39 . 2010-01-30 17:43	259440	----a-w-	c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\VirusDefs\20100202.041\ECMSVR32.DLL

2010-02-03 08:39 . 2009-08-29 09:00	371248	----a-w-	c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\VirusDefs\20100202.041\EECTRL.SYS

2010-02-03 08:39 . 2009-08-29 09:00	102448	----a-w-	c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\VirusDefs\20100202.041\ERASER.SYS

2010-02-02 21:46 . 2010-02-02 21:47	--------	d-----w-	c:\program files\Unlocker

2010-02-02 21:35 . 2009-12-05 04:54	529456	----a-w-	c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\BASHDefs\20100130.002\BHDrvx86.sys

2010-02-02 21:35 . 2009-12-05 04:54	201616	----a-w-	c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\BASHDefs\20100130.002\BHRules.dll

2010-02-02 21:35 . 2009-12-05 04:54	1405840	----a-w-	c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\BASHDefs\20100130.002\BHEngine.dll

2010-02-02 21:35 . 2009-12-05 04:54	668720	----a-w-	c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\BASHDefs\20100130.002\BHDrvx64.sys

2010-02-02 21:35 . 2009-12-05 04:54	610704	----a-w-	c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\BASHDefs\20100130.002\bbRGen.dll

2010-02-02 15:57 . 2010-02-02 15:57	--------	d-----w-	c:\users\Mateusz\AppData\Local\IVONA_INST

2010-02-01 09:55 . 2010-02-01 09:55	--------	d-----w-	c:\program files\NVIDIA Corporation

2010-01-31 20:59 . 2010-01-31 21:03	--------	d-----w-	c:\program files\Odkurzacz

2010-01-31 20:53 . 2010-01-31 20:53	--------	d-----w-	c:\program files\RegCleaner

2010-01-31 19:42 . 2010-02-02 21:48	--------	d-----w-	c:\users\Mateusz\AppData\Local\CrashDumps

2010-01-31 18:47 . 2010-01-31 18:47	--------	d-----w-	c:\program files\Trend Micro

2010-01-31 17:21 . 2009-10-31 05:45	2614272	----a-w-	c:\windows\explorer.exe

2010-01-31 17:21 . 2009-10-28 06:17	285696	----a-w-	c:\windows\system32\winlogon.exe

2010-01-31 17:02 . 2010-01-31 17:02	146	----a-w-	c:\windows\DelMR.bat

2010-01-31 09:53 . 2009-10-28 22:37	811896	----a-w-	c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\IPSDefs\20100128.002\Scxpx86.dll

2010-01-31 09:53 . 2009-10-28 22:37	343088	----a-w-	c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\IPSDefs\20100128.002\IDSvix86.sys

2010-01-31 09:53 . 2009-10-28 22:37	329592	----a-w-	c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\IPSDefs\20100128.002\IDSXpx86.sys

2010-01-31 09:53 . 2009-10-28 22:37	488312	----a-w-	c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\IPSDefs\20100128.002\IDSxpx86.dll

2010-01-31 09:53 . 2009-10-28 22:37	466992	----a-w-	c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\IPSDefs\20100128.002\IDSviA64.sys

2010-01-30 17:19 . 2009-08-30 00:16	164216	----a-r-	c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\IPSFFPlgn\components\IPSFFPl.dll

2010-01-30 17:19 . 2010-01-30 17:20	--------	d-----w-	c:\program files\Common Files\Symantec Shared

2010-01-30 17:19 . 2010-01-30 17:19	--------	d-----w-	c:\program files\Symantec

2010-01-30 17:19 . 2010-01-30 17:19	124976	----a-w-	c:\windows\system32\drivers\SYMEVENT.SYS

2010-01-30 17:19 . 2009-08-26 22:13	900464	----a-w-	c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\OCS\hsplayer.dll

2010-01-30 17:19 . 2009-09-01 09:02	893296	----a-w-	c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\CLT\cltLMSx.dll

2010-01-30 17:19 . 2010-02-01 08:26	--------	d-----w-	c:\windows\system32\drivers\NAV

2010-01-30 17:19 . 2010-01-30 17:19	--------	d-----w-	c:\program files\Norton AntiVirus

2010-01-30 17:19 . 2010-01-30 17:19	--------	d-----w-	c:\programdata\Norton

2010-01-30 17:17 . 2010-01-30 17:19	--------	d-----w-	c:\programdata\NortonInstaller

2010-01-30 17:17 . 2010-01-30 17:17	--------	d-----w-	c:\program files\NortonInstaller

2010-01-30 13:37 . 2010-01-30 13:37	2560	----a-w-	c:\windows\_MSRSTRT.EXE

2010-01-30 13:06 . 2010-01-30 13:06	--------	d-----w-	c:\users\Mateusz\AppData\Roaming\DivX

2010-01-30 13:06 . 2010-01-30 13:54	--------	d-----w-	c:\program files\ProgDVB

2010-01-30 07:26 . 2010-01-30 07:26	--------	d-----w-	c:\users\Mateusz\AppData\Local\THQ

2010-01-29 18:19 . 2010-01-29 18:19	--------	d-----w-	c:\users\Mateusz\AppData\Local\IsolatedStorage

2010-01-29 18:16 . 2007-02-02 17:30	13696	----a-w-	c:\windows\system32\drivers\PctvVirtualNdis.sys

2010-01-29 18:04 . 2010-01-29 18:04	--------	d-----w-	c:\users\Mateusz\AppData\Local\Pinnacle Systems GmbH

2010-01-29 18:00 . 2010-01-31 09:50	--------	d-----w-	c:\program files\DivX

2010-01-29 17:54 . 2010-01-29 18:16	--------	d-----w-	c:\programdata\Pinnacle

2010-01-26 08:19 . 2010-01-26 08:17	79360	----a-w-	c:\windows\system32\mkzlib.dll

2010-01-26 08:19 . 2010-01-26 08:17	79360	----a-w-	c:\windows\mkzlib.dll

2010-01-26 07:50 . 2010-01-26 07:50	--------	d-----w-	c:\program files\ALLConverter

2010-01-26 07:50 . 2010-01-26 07:50	--------	d-----w-	c:\programdata\ALLPlayer

2010-01-26 07:50 . 2009-06-11 21:52	892928	----a-w-	c:\windows\system32\iconv.dll

2010-01-26 07:50 . 2009-06-11 21:52	892928	----a-w-	c:\programdata\ALLPlayer\LIVE\DOLBY\iconv.dll

2010-01-26 07:50 . 2009-05-29 21:31	881664	----a-w-	c:\programdata\ALLPlayer\LIVE\XVID\xvidcore.dll

2010-01-26 07:50 . 2008-11-13 03:25	740442	----a-w-	c:\programdata\ALLPlayer\LIVE\DIVX\DivX.dll

2010-01-26 07:50 . 2008-04-14 21:50	1291776	----a-w-	c:\programdata\ALLPlayer\LIVE\QUARTZ\quartzXP.dll

2010-01-26 07:50 . 2010-01-31 09:49	--------	d-----w-	c:\program files\ALLPlayer

2010-01-25 17:42 . 2010-01-25 17:43	--------	d-----w-	c:\users\Mateusz\AppData\Roaming\BESTplayer

2010-01-25 17:19 . 2009-08-03 23:31	3948600	----a-w-	c:\windows\system32\ntsunkrnl.exe

2010-01-25 17:17 . 2010-01-31 09:49	--------	d-----w-	c:\program files\Sunrise Seven

2010-01-25 17:15 . 2010-01-31 12:27	--------	d-----w-	c:\program files\Microsoft Silverlight

2010-01-25 17:12 . 2009-12-19 09:02	977920	----a-w-	c:\windows\system32\wininet.dll

2010-01-25 17:12 . 2009-10-19 14:10	108544	----a-w-	c:\windows\system32\t2embed.dll

2010-01-25 17:12 . 2009-10-19 14:10	70656	----a-w-	c:\windows\system32\fontsub.dll

2010-01-25 15:10 . 2010-01-25 15:10	--------	d-----w-	c:\users\Mateusz\AppData\Local\ElevatedDiagnostics

2010-01-24 08:47 . 2010-01-24 08:47	--------	d-----w-	c:\program files\Multimedia Keyboard

2010-01-23 13:26 . 2010-01-23 13:26	--------	d-----w-	c:\users\Mateusz\AppData\Local\Risen

2010-01-23 12:54 . 2010-01-23 12:54	691696	----a-w-	c:\windows\system32\drivers\sptd.sys

2010-01-20 17:24 . 2010-01-20 17:24	--------	d-----w-	c:\users\Mateusz\AppData\Roaming\SystemUp

2010-01-20 17:23 . 2010-01-20 17:23	--------	d-----w-	c:\program files\zoneLINK

2010-01-20 05:56 . 2010-01-24 07:58	--------	d-----w-	c:\users\Mateusz\AppData\Local\LogMeIn Hamachi

2010-01-12 11:03 . 2010-01-12 11:03	68200	----a-w-	c:\windows\system32\OpenCL.dll

2010-01-12 11:03 . 2010-01-12 11:03	4338792	----a-w-	c:\windows\system32\nvencodemft.dll

2010-01-12 11:03 . 2010-01-12 11:03	4077672	----a-w-	c:\windows\system32\nvcuvenc.dll

2010-01-12 11:03 . 2010-01-12 11:03	4061800	----a-w-	c:\windows\system32\nvcuda.dll

2010-01-12 11:03 . 2010-01-12 11:03	318568	----a-w-	c:\windows\system32\nvdecodemft.dll

2010-01-12 11:03 . 2010-01-12 11:03	2243176	----a-w-	c:\windows\system32\nvcuvid.dll

2010-01-12 11:03 . 2010-01-12 11:03	182888	----a-w-	c:\windows\system32\nvcod189.dll

2010-01-12 11:03 . 2010-01-12 11:03	182888	----a-w-	c:\windows\system32\nvcod.dll

2010-01-12 11:03 . 2010-01-12 11:03	14924392	----a-w-	c:\windows\system32\nvoglv32.dll

2010-01-12 11:03 . 2010-01-12 11:03	11639400	----a-w-	c:\windows\system32\nvcompiler.dll

2010-01-12 11:03 . 2010-01-12 11:03	11586280	----a-w-	c:\windows\system32\drivers\nvlddmkm.sys

2010-01-11 21:18 . 2010-01-11 21:18	962664	----a-w-	c:\windows\system32\nvsvc.dll

2010-01-11 21:18 . 2010-01-11 21:18	13679720	----a-w-	c:\windows\system32\nvcpl.dll

2010-01-11 21:18 . 2010-01-11 21:18	129640	----a-w-	c:\windows\system32\nvvsvc.exe

2010-01-11 21:18 . 2010-01-11 21:18	110696	----a-w-	c:\windows\system32\nvmctray.dll

2010-01-08 15:09 . 2010-01-08 15:09	--------	d-----w-	c:\program files\Common Files\PCSuite

2010-01-08 14:42 . 2010-01-08 14:42	--------	d-----w-	c:\users\Mateusz\AppData\Local\bluesoleil

2010-01-08 14:07 . 2010-01-08 14:07	--------	d-----w-	c:\windows\system32\ivtMobCache

2010-01-07 17:56 . 2010-01-07 17:56	--------	d-----w-	c:\program files\IVT Corporation

2010-01-07 17:18 . 2010-01-07 17:18	--------	d-----w-	c:\programdata\Nokia

2010-01-07 16:46 . 2010-01-07 16:46	--------	d-----w-	c:\users\Mateusz\AppData\Local\Nokia

2010-01-07 16:46 . 2010-01-08 14:02	--------	d-----w-	c:\users\Mateusz\AppData\Local\NokiaAccount

2010-01-07 16:43 . 2010-01-31 12:37	--------	d-----w-	c:\program files\PC Connectivity Solution

2010-01-07 16:43 . 2010-01-07 16:43	12212040	----a-w-	c:\programdata\OviInstallerCache\{B6164ADA-55DA-4FA9-B78B-A7EB741742A1}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X86-ENU.exe

2010-01-07 16:13 . 2009-10-06 10:52	91136	----a-w-	c:\windows\system32\nmwcdcls.dll

2010-01-07 16:13 . 2010-01-08 15:09	--------	d-----w-	c:\program files\Nokia

2010-01-07 16:13 . 2010-01-07 16:13	95232	----a-w-	c:\programdata\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\pcswpcsi.exe

2010-01-07 16:13 . 2010-01-07 16:13	8192	----a-w-	c:\programdata\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstCCD.exe

2010-01-07 16:13 . 2010-01-07 16:13	61440	----a-w-	c:\programdata\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstPCSFEMsi.exe

2010-01-07 16:13 . 2010-01-07 16:13	10240	----a-w-	c:\programdata\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstPCS.exe

2010-01-07 16:13 . 2010-01-08 15:09	--------	d-----w-	c:\programdata\Installations


.

(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-02-02 16:36 . 2009-11-24 16:23	108824	----a-w-	c:\users\Mateusz\AppData\Local\GDIPFONTCACHEV1.DAT

2010-02-02 15:28 . 2009-11-24 17:23	--------	d-----w-	c:\programdata\Microsoft Help

2010-02-02 15:27 . 2009-11-24 17:25	--------	d-----w-	c:\program files\Microsoft Works

2010-02-02 15:25 . 2009-12-01 14:40	--------	d-----w-	c:\program files\Microsoft

2010-02-02 13:13 . 2009-11-24 16:49	16608	----a-w-	c:\windows\gdrv.sys

2010-02-01 09:56 . 2009-11-24 17:32	--------	d-----w-	c:\programdata\NVIDIA

2010-01-31 21:02 . 2009-11-24 18:32	--------	d-----w-	c:\programdata\OpenFM

2010-01-31 17:04 . 2009-12-01 13:39	--------	d-----w-	c:\program files\AviSynth 2.5

2010-01-31 17:02 . 2010-01-07 16:14	--------	d-----w-	c:\program files\Common Files\Nokia

2010-01-31 17:02 . 2009-11-24 16:31	--------	d--h--w-	c:\program files\InstallShield Installation Information

2010-01-31 12:40 . 2007-06-21 06:34	203328	----a-r-	c:\windows\GSetup.exe

2010-01-31 12:38 . 2009-12-09 19:41	--------	d-----w-	c:\program files\RocketDock

2010-01-31 12:33 . 2009-12-05 18:15	--------	d-----w-	c:\program files\NAPI-PROJEKT

2010-01-31 12:32 . 2009-11-24 16:35	--------	d-----w-	c:\program files\lg_fwupdate

2010-01-31 12:22 . 2009-12-01 14:46	--------	d-----w-	c:\program files\Xvid

2010-01-31 12:20 . 2009-11-25 13:20	--------	d-----w-	c:\program files\Winamp

2010-01-31 12:13 . 2010-01-02 11:14	--------	d-----w-	c:\program files\Dragon Age

2010-01-31 12:09 . 2010-01-02 11:14	--------	d-----w-	c:\program files\Common Files\BioWare

2010-01-31 12:07 . 2009-12-24 13:04	--------	d-----w-	c:\program files\Audacity

2010-01-31 09:49 . 2009-12-01 14:45	--------	d-----w-	c:\program files\AVI ReComp

2010-01-30 17:42 . 2009-12-01 16:48	--------	d-----w-	c:\program files\uTorrent

2010-01-30 17:19 . 2010-01-30 17:19	805	----a-w-	c:\windows\system32\drivers\SYMEVENT.INF

2010-01-30 17:19 . 2010-01-30 17:19	7443	----a-w-	c:\windows\system32\drivers\SYMEVENT.CAT

2010-01-30 13:44 . 2009-07-14 08:07	687590	----a-w-	c:\windows\system32\perfh015.dat

2010-01-30 13:44 . 2009-07-14 08:07	131176	----a-w-	c:\windows\system32\perfc015.dat

2010-01-30 13:17 . 2009-11-26 18:15	--------	d-----w-	c:\users\Mateusz\AppData\Roaming\Any Video Converter

2010-01-26 18:16 . 2009-12-01 16:47	--------	d-----w-	c:\users\Mateusz\AppData\Roaming\uTorrent

2010-01-24 08:47 . 2009-11-24 16:30	--------	d-----w-	c:\program files\Common Files\InstallShield

2010-01-23 11:15 . 2009-11-27 13:36	281760	----a-w-	c:\windows\system32\drivers\atksgt.sys

2010-01-23 11:14 . 2009-11-27 13:36	25888	----a-w-	c:\windows\system32\drivers\lirsgt.sys

2010-01-15 11:02 . 2009-12-01 14:48	--------	d-----w-	c:\users\Mateusz\AppData\Roaming\AVI ReComp

2010-01-14 10:12 . 2009-11-24 16:22	181120	------w-	c:\windows\system32\MpSigStub.exe

2010-01-12 11:03 . 2010-01-12 11:03	10920	----a-w-	c:\windows\system32\drivers\nvBridge.kmd

2010-01-12 11:03 . 2009-11-24 17:31	592488	----a-w-	c:\windows\system32\nvuninst.exe

2010-01-12 11:03 . 2009-09-27 15:12	592488	----a-w-	c:\windows\system32\nvudisp.exe

2010-01-12 11:03 . 2009-09-27 15:12	1280616	----a-w-	c:\windows\system32\nvapi.dll

2010-01-12 11:03 . 2009-07-13 22:09	4321384	----a-w-	c:\windows\system32\nvwgf2um.dll

2010-01-12 11:03 . 2009-06-10 21:19	9388648	----a-w-	c:\windows\system32\nvd3dum.dll

2010-01-07 16:53 . 2010-01-07 16:14	--------	d-----w-	c:\users\Mateusz\AppData\Roaming\Nokia

2010-01-07 16:43 . 2010-01-07 16:43	13930312	----a-w-	c:\programdata\OviInstallerCache\{B6164ADA-55DA-4FA9-B78B-A7EB741742A1}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X64-ENU.exe

2010-01-07 16:43 . 2010-01-07 16:43	77824	----a-w-	c:\programdata\OviInstallerCache\{B6164ADA-55DA-4FA9-B78B-A7EB741742A1}\Installer\CommonCustomActions\Run_XML6_SP1.exe

2010-01-07 16:43 . 2010-01-07 16:43	61440	----a-w-	c:\programdata\OviInstallerCache\{B6164ADA-55DA-4FA9-B78B-A7EB741742A1}\Installer\CommonCustomActions\WMF11Runx86.exe

2010-01-07 16:43 . 2010-01-07 16:43	58880	----a-w-	c:\programdata\OviInstallerCache\{B6164ADA-55DA-4FA9-B78B-A7EB741742A1}\Installer\CommonCustomActions\WMF11Runx64.exe

2010-01-07 16:43 . 2010-01-07 16:43	50000	----a-w-	c:\programdata\OviInstallerCache\{B6164ADA-55DA-4FA9-B78B-A7EB741742A1}\Installer\CommonCustomActions\pcswpc.exe

2010-01-07 16:42 . 2010-01-07 16:42	--------	d-----w-	c:\programdata\OviInstallerCache

2010-01-07 16:15 . 2010-01-07 16:15	0	---ha-w-	c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf

2010-01-07 16:15 . 2010-01-07 16:14	--------	d-----w-	c:\users\Mateusz\AppData\Roaming\PC Suite

2010-01-07 16:15 . 2010-01-07 16:14	--------	d-----w-	c:\programdata\PC Suite

2010-01-07 16:14 . 2010-01-07 16:14	--------	d-----w-	c:\program files\DIFX

2010-01-02 11:51 . 2010-01-02 11:51	--------	d-----w-	c:\programdata\BioWare

2010-01-02 11:33 . 2009-11-24 17:31	--------	d-----w-	c:\program files\Common Files\Wise Installation Wizard

2010-01-02 11:33 . 2010-01-02 11:33	--------	d-----w-	c:\programdata\Media Center Programs

2009-12-28 10:11 . 2009-11-24 18:21	--------	d-----w-	c:\users\Mateusz\AppData\Roaming\Gadu-Gadu 10

2009-12-27 16:38 . 2009-12-27 16:38	--------	d-----w-	c:\program files\LittleFighter2

2009-12-23 17:04 . 2009-11-24 16:15	686400	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll

2009-12-13 17:02 . 2009-12-13 17:02	686400	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll

2009-12-13 10:18 . 2009-12-13 10:16	--------	d-----w-	c:\program files\Spritefixer

2009-12-13 10:16 . 2009-12-13 10:16	49152	----a-w-	c:\windows\UNINS.EXE

2009-12-13 10:16 . 2009-12-13 10:16	28672	----a-w-	c:\windows\system32\shelllnk.dll

2009-12-13 10:16 . 2009-12-13 10:16	53760	----a-w-	c:\windows\system32\zlib.dll

2009-12-08 17:08 . 2009-12-08 17:08	--------	d-----w-	c:\users\Mateusz\AppData\Roaming\Ahead

2009-11-28 09:57 . 2009-11-28 09:57	411368	----a-w-	c:\windows\system32\deploytk.dll

2009-11-26 02:12 . 2009-11-26 02:12	85504	----a-w-	c:\windows\system32\ff_vfw.dll

2009-11-25 21:50 . 2009-11-25 21:50	180224	----a-w-	c:\windows\system32\xvidvfw.dll

2009-11-24 18:11 . 2009-11-24 16:54	319456	----a-w-	c:\windows\DIFxAPI.dll

2009-11-24 16:15 . 2009-11-24 16:15	48648	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll

2009-11-23 10:53 . 2009-11-23 10:53	37376	----a-w-	c:\users\Mateusz\AppData\Roaming\Gadu-Gadu 10\_userdata\ggbho.2.dll

2009-06-10 21:26 . 2009-07-14 02:04	9633792	--sha-r-	c:\windows\Fonts\StaticCache.dat

2009-07-14 01:14 . 2009-07-13 23:42	396800	--sha-w-	c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe

.


((((((((((((((((((((((((((((( SnapShot@2010-02-03_09.56.16 )))))))))))))))))))))))))))))))))))))))))

.

+ 2009-11-24 18:10 . 2010-02-03 12:10	37820 c:\windows\System32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin

+ 2009-07-14 04:55 . 2010-02-03 12:10	38578 c:\windows\System32\wdi\BootPerformanceDiagnostics_SystemData.bin

- 2009-07-14 04:55 . 2010-02-03 08:30	38578 c:\windows\System32\wdi\BootPerformanceDiagnostics_SystemData.bin

+ 2009-11-24 16:12 . 2010-02-03 12:12	16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2009-11-24 16:12 . 2010-02-03 09:55	16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2009-11-28 07:55 . 2010-02-03 09:14	32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat

+ 2009-11-28 07:55 . 2010-02-03 11:13	32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat

+ 2009-11-28 07:55 . 2010-02-03 11:13	16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\History\History.IE5\index.dat

- 2009-11-28 07:55 . 2010-02-03 09:14	16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\History\History.IE5\index.dat

- 2009-11-28 07:55 . 2010-02-03 09:14	16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Cookies\index.dat

+ 2009-11-28 07:55 . 2010-02-03 11:13	16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Cookies\index.dat

+ 2009-11-24 16:12 . 2010-02-03 12:12	32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2009-11-24 16:12 . 2010-02-03 09:14	32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-11-24 16:12 . 2010-02-03 12:12	16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2009-11-24 16:12 . 2010-02-03 08:33	16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-11-24 16:55 . 2010-02-03 12:10	9602 c:\windows\System32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-4241924113-1261296075-3278213690-1001_UserData.bin

+ 2010-02-03 12:08 . 2010-02-03 12:08	2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

- 2010-02-03 08:28 . 2010-02-03 09:55	2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2010-02-03 12:08 . 2010-02-03 12:08	2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

- 2010-02-03 08:28 . 2010-02-03 09:55	2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

.

((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  

REGEDIT4


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-11-03 7866912]

"WireLessKeyboard "="c:\program files\Multimedia Keyboard\PS2USBKbdDrv.exe" [2005-05-14 217088]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]

"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2009-10-26 15872]


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv


[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages	REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp


[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]

path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk

backup=c:\windows\pss\Adobe Reader Speed Launch.lnk.CommonStartup

backupExtension=.CommonStartup


[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Gladinet Cloud Desktop.lnk]

path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Gladinet Cloud Desktop.lnk

backup=c:\windows\pss\Gladinet Cloud Desktop.lnk.CommonStartup

backupExtension=.CommonStartup


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]

c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BtTray]

2009-08-07 14:12	315478	----a-w-	d:\program files\IVT Corporation\BlueSoleil\BtTray.exe


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu 10]

2009-11-23 10:56	11797096	----a-w-	e:\program files\Gadu-Gadu 10\gg.exe


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]

2008-10-25 10:44	31072	----a-w-	c:\program files\Microsoft Office\Office12\GrooveMonitor.exe


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RocketDock]

2007-09-02 12:58	495616	----a-w-	c:\program files\RocketDock\RocketDock.exe


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]

2010-01-31 09:58	1217808	----a-w-	d:\program files\Valve\Steam\Steam.exe


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]

2009-07-01 16:37	37888	----a-w-	c:\program files\Winamp\winampa.exe


R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\drivers\BtHidBus.sys [2009-06-17 20744]

R0 SymDS;Symantec Data Store;c:\windows\System32\drivers\NAV\1105000.07F\symds.sys [2010-01-31 328752]

R0 SymEFA;Symantec Extended File Attributes;c:\windows\System32\drivers\NAV\1105000.07F\symefa.sys [2010-01-31 172592]

R1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\BASHDefs\20100130.002\BHDrvx86.sys [2010-02-02 529456]

R1 ccHP;Symantec Hash Provider;c:\windows\System32\drivers\NAV\1105000.07F\cchpx86.sys [2010-01-31 501888]

R1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\IPSDefs\20100128.002\IDSvix86.sys [2010-01-31 343088]

R1 SymIRON;Symantec Iron Driver;c:\windows\System32\drivers\NAV\1105000.07F\ironx86.sys [2010-01-31 116272]

R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\System32\drivers\NAV\1105000.07F\symtdiv.sys [2010-01-31 340016]

R2 NAV;Norton AntiVirus;c:\program files\Norton AntiVirus\Engine\17.5.0.127\ccsvchst.exe [2010-01-31 126392]

R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\System32\drivers\btnetBus.sys [2009-06-17 29192]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-01-30 102448]

R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\System32\drivers\IvtBtBus.sys [2009-06-17 25480]

R3 RTL8167;Realtek 8167 NT Driver;c:\windows\System32\drivers\Rt86win7.sys [2009-03-01 139776]

S0 sptd;sptd;c:\windows\System32\drivers\sptd.sys [2010-01-23 691696]

S3 DAUpdaterSvc;Dragon Age: Początek - Aktualizator zawartości;c:\program files\Dragon Age\bin_ship\daupdatersvc.service.exe [2010-01-02 25832]

S3 PctvVirtualNdis;Pinnacle Virtual Miniport;c:\windows\System32\drivers\PctvVirtualNdis.sys [2010-01-29 13696]

S4 BsMobileCS;BsMobileCS;d:\program files\IVT Corporation\BlueSoleil\BsMobileCS.exe [2009-08-07 143467]

S4 ES lite Service;ES lite Service for program management.;c:\program files\Gigabyte\EasySaver\essvr.exe [2009-11-24 80392]

S4 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;e:\program files\LogMeIn Hamachi\hamachi-2.exe [2009-10-29 1074568]

.

.

------- Skan uzupełniający -------

.

uStart Page = hxxp://www.ask.com?o=15161&l=dis

IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

TCP: {6BA16F34-8CEC-4C79-8BFC-0A95FED4C9F2} = 194.204.159.1,194.204.152.34

.


[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NAV]

"ImagePath"="\"c:\program files\Norton AntiVirus\Engine\17.5.0.127\ccSvcHst.exe\" /s \"NAV\" /m \"c:\program files\Norton AntiVirus\Engine\17.5.0.127\diMaster.dll\" /prefetch:1"

.

--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------


[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000


[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000


[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000


[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Czas ukończenia: 2010-02-03 14:22:42

ComboFix-quarantined-files.txt 2010-02-03 13:22

ComboFix2.txt 2010-02-03 09:58


Przed: 18 932 445 184 bajtów wolnych

Po: 18 870 091 776 bajtów wolnych


- - End Of File - - 83EDA5BED6092098F1613DF57FD76DD5

a i narazie cs działa i nic się niemuli thx za pomoc i zaangażowanie wykonam wszystkie rady ale i tak dzięki

jak coś nietak z logami jest to piszcie tu ja będe zaglądał od czasu do czasu