|
| |||||||
| Zarejestruj się | Strona Spy | Lista Użytkowników | Darowizna | Szukać | Dzisiejsze Posty | Mark Forums Read | Regulamin forum |
 |
 |
| | Narzędzia wątku |
|
#1
5 listopada 2008, 12:11
| |||
| |||
| Cześć wszystkim. Mój komputer został spowalnia znacznie w ciągu ostatnich czterech tygodni lub tak. Obecnie ma prawie 15 minut tylko po to, aby ponownie uruchomić i gdy jestem przy użyciu komputera z HDD brzmi niewiarygodnie zajęty. Używam AVG Free Edition, S & D, Ad-Aware i SUPERAntiSpyware dość regularnie. Proszę mieć peek po czasie. Ja załączając wymagane logi dla Ciebie, 1. SUPERAntiSpyware zalogować. SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 11/04/2008 at 03:20 PM Zastosowanie Wersja: 4.21.1004 Core Zasady Database Version: 3622 Trace Rules Database Version: 1606 Scan type: Complete Scan Total Scan Time: 01:30:19 Pamięć pozycji zeskanowane: 339 Pamięć zagrożeń wykrytych: 0 Rejestr pozycji zeskanowane: 6045 Rejestr zagrożeń wykrytych: 0 Plik przedmioty zeskanowane: 58429 Plik wykrycia zagrożenia: 27 Adware.Tracking Cookie C: \ Documents and Settings \ Mark \ Cookies \ mark@networksolutions.112.2o 7 [1]. Txt C: \ Documents and Settings \ Mark \ Cookies \ mark@avgtechnologies.112.2o7 [2]. Txt C: \ Documents and Settings \ Mark \ Cookies \ znaku @ burstnet [1]. Txt C: \ Documents and Settings \ Mark \ Cookies \ znaku @ adtech [1]. Txt C: \ Documents and Settings \ Mark \ Cookies \ znaku @ DoubleClick [1]. Txt C: \ Documents and Settings \ Mark \ Cookies \ mark@admse013.adbureau [1]. Txt C: \ Documents and Settings \ Mark \ Cookies \ znaku @ specificclick [2]. Txt C: \ Documents and Settings \ Mark \ Cookies \ znaku @ obsługujących-sys [2]. Txt C: \ Documents and Settings \ Mark \ Cookies \ znaku @ tribalfusion [2]. Txt C: \ Documents and Settings \ Mark \ Cookies \ mark@haynet.adbureau [2]. Txt C: \ Documents and Settings \ Mark \ Cookies \ mark@media.adrevolver [2]. Txt C: \ Documents and Settings \ Mark \ Cookies \ mark@ad.yieldmanager [2]. Txt C: \ Documents and Settings \ Mark \ Cookies \ znaku @ revsci [1]. Txt C: \ Documents and Settings \ Mark \ Cookies \ znaku @ Mediaplex [1]. Txt C: \ Documents and Settings \ Mark \ Cookies \ znaku @ adrevolver [2]. Txt C: \ Documents and Settings \ Mark \ Cookies \ znaku @ adcentriconline [1]. Txt C: \ Documents and Settings \ Mark \ Cookies \ mark@media.adrevolver [3]. Txt C: \ Documents and Settings \ Mark \ Cookies \ mark@uk.sitestat [4]. Txt C: \ Documents and Settings \ Mark \ Cookies \ znaku @ reklamowe [1]. Txt C: \ Documents and Settings \ Mark \ Cookies \ znaku @ apmebf [2]. Txt C: \ Documents and Settings \ Mark \ Cookies \ mark@bs.serving-sys [2]. Txt C: \ Documents and Settings \ Mark \ Cookies \ znaku @ 2o7 [2]. Txt C: \ Documents and Settings \ Mark \ Cookies \ mark@uk.sitestat [3]. Txt C: \ Documents and Settings \ Mark \ Cookies \ znaku @ adecn [1]. Txt C: \ Documents and Settings \ Mark \ Cookies \ znaku @ tacoda [1]. Txt C: \ Documents and Settings \ Mark \ Cookies \ znaku @ atdmt [2]. Txt C: \ Documents and Settings \ Mark \ Cookies \ mark@adopt.euroclick [1]. Txt 2. Malwarebytes' Anti-Malware zalogować. Malwarebytes' Anti-Malware 1.30 Baza wersji: 1363 Windows 5.1.2600 Service Pack 3 04/11/2008 18:31:42 mbam-log-2008-11-04 (18-31-42). txt Scan type: Quick Scan Obiekty skanowane: 66723 Czas odtwarzania: 13 minut (y) 1 sekund (y) Memory Processes Infected: 0 Memory Modules Infected: 0 Zainfekowane klucze rejestru: 2 Zainfekowane wartości rejestru: 1 Danych Rejestru przedmioty Infected: 0 Foldery Infected: 0 Pliki Infected: 1 Memory Processes Infected: (Nie wykryto złośliwego pozycji) Memory Modules Infected: (Nie wykryto złośliwego pozycji) Zainfekowane klucze rejestru: HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Ext \ Stats \ (3ba4271e-5c1e-48e2-b432-d8bf420dd31d) (Rogue.DeusCleaner) -> kwarantannie i usunięte pomyślnie. HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Ext \ Stats \ (1a26f07f-0d60-4835-91cf-1e1766a0ec56) (Trojan.Agent) -> kwarantannie i usunięte pomyślnie. Zainfekowane wartości rejestru: HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ SharedDLLs \ C: \ WINDOWS \ system32 \ _RegTLB. dll (Trojan.Agent) -> kwarantannie i usunięte pomyślnie. Danych Rejestru przedmioty Infected: (Nie wykryto złośliwego pozycji) Foldery Infected: (Nie wykryto złośliwego pozycji) Zainfekowane pliki: C: \ WINDOWS \ system32 \ _RegTLB.dll (Trojan.Agent) -> kwarantannie i usunięte pomyślnie. 3. HijackThis Logfile of Trend Micro HijackThis v2.0.2 Skanowanie zapisany na 18:56:10, na 05/11/2008 Platforma: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Uruchamianie procesów: C: \ WINDOWS \ System32 \ smss.exe C: \ WINDOWS \ system32 \ winlogon.exe C: \ WINDOWS \ system32 \ Services.exe C: \ WINDOWS \ system32 \ lsass.exe C: \ WINDOWS \ system32 \ svchost.exe C: \ Program Files \ Windows Defender \ MsMpEng.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ Program Files \ Lavasoft \ Ad-Aware \ aawservice.exe C: \ WINDOWS \ system32 \ brsvc01a.exe C: \ WINDOWS \ system32 \ spoolsv.exe C: \ WINDOWS \ system32 \ brss01a.exe C: \ WINDOWS \ explorer.exe C: \ PROGRA ~ 1 \ COMMON ~ 1 \ AOL \ ACS \ AOLacsd.exe C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgwdsvc.exe C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe C: \ WINDOWS \ system32 \ UStorSrv.exe C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgrsx.exe C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgemc.exe C: \ WINDOWS \ system32 \ VTTimer.exe C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgtray.exe C: \ Program Files \ Windows Defender \ MSASCui.exe C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe C: \ WINDOWS \ system32 \ ctfmon.exe C: \ WINDOWS \ system32 \ wuauclt.exe C: \ Program Files \ Internet Explorer \ iexplore.exe C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.google.co.uk/ R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Window Title = Packard Bell O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - (3CA2F312-6F6E-4B53-A66E-4E65E497C8C0) - C: \ Program Files \ AVG \ AVG8 \ avgssie.dll O2 - BHO: Spybot-S & D IE Protection - (53707962-6F74-2D53-2644-206D7942484F) - C: \ Program Files \ Spybot - Search & Destroy \ SDHelper.dll O2 - BHO: Java (TM) Plug-In SSV Helper - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre6 \ bin \ ssv.dll O2 - BHO: AVG Security Toolbar - (A057A204-BACC-4D26-9990-79A187E2698E) - C: \ PROGRA ~ 1 \ AVG \ AVG8 \ AVGTOO ~ 1.DLL O2 - BHO: Java (TM) Plug-In 2 SSV Helper - (DBC80044-A445-435b-BC74-9C25C1C588A9) - C: \ Program Files \ Java \ jre6 \ bin \ jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - (E7E6F031-17CE-4C07-BC86-EABFE594F69C) - C: \ Program Files \ Java \ jre6 \ lib \ rozmieścić \ jqs \ tj. \ jqs_plugin.dll O3 - Toolbar: AVG Security Toolbar - (A057A204-BACC-4D26-9990-79A187E2698E) - C: \ PROGRA ~ 1 \ AVG \ AVG8 \ AVGTOO ~ 1.DLL O4 - HKLM \ .. \ Run: [VTTimer] VTTimer.exe O4 - HKLM \ .. \ Run: [AVG8_TRAY] C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgtray.exe O4 - HKLM \ .. \ Run: [Windows Defender] "C: \ Program Files \ Windows Defender \ MSASCui.exe"-hide O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe" O4 - HKCU \ .. \ Run: [SUPERAntiSpyware] C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe O4 - HKUS \ S-1-5-19 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'LOCAL SERVICE') O4 - HKUS \ S-1-5-20 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'NETWORK SERVICE') O4 - HKUS \ S-1-5-18 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'SYSTEM') O4 - HKUS \. DEFAULT \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Program Files \ Adobe \ Acrobat 7.0 \ Reader \ reader_sl.exe O8 - Extra kontekście menu: E & ksportuj do programu Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ Micros ~ 3 \ Office11 \ EXCEL.EXE/3000 O9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ Micros ~ 3 \ Office11 \ REFIEBAR.DLL O9 - Extra button: Web Wejście - (B4E30F61-16D9-11D3-85D1-005004229569) - C: \ WINDOWS \ system32 \ shdocvw.dll O9 - Extra button: Real.com - (CD67F990-D8E9-11d2-98FE-00C0F0318AFE) - C: \ WINDOWS \ system32 \ shdocvw.dll O9 - Extra button: (no name) - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ Program Files \ Spybot - Search & Destroy \ SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & & Destroy Configuration - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ Program Files \ Spybot - Search & Destroy \ SDHelper.dll O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe O9 - Extra 'Tools' menuitem: @ Xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe O9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O14 - IERESET.INF: START_PAGE_URL = file: / / C: \ Apps \ IE \ offline \ uk.htm O15 - Trusted Zone: http://download.windowsupdate.com O16 - DPF: (56762DEC-6B0D-4AB4-A8AD-989993B5D08B) (OnlineScanner Control) -- http://www.eset.eu/buxus/docs/OnlineScanner.cab O16 - DPF: (B1E2B96C-12FE-45E2-BEF1-44A219113CDD) (SABScanProcesses klasy) -- http://www.superadblocker.com/activex/sabspx.cab O17 - HKLM \ System \ CCS \ Services \ Tcpip \ .. \ (0737344F-6C02-4327-BCC5-C875D83CE9A1): NameServer = 192.168.0.1 O17 - HKLM \ SYSTEM \ CS1 \ Services \ Tcpip \ .. \ (0737344F-6C02-4327-BCC5-C875D83CE9A1): NameServer = 192.168.0.1 O17 - HKLM \ SYSTEM \ CS2 \ Services \ Tcpip \ .. \ (0737344F-6C02-4327-BCC5-C875D83CE9A1): NameServer = 192.168.0.1 O18 - Protocol: linkscanner - (F274614C-63F8-47D5-A4D1-FBDDE494F8D1) - C: \ Program Files \ AVG \ AVG8 \ avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll O20 - Winlogon Notify:! SASWinLogon - C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C: \ Program Files \ Lavasoft \ Ad-Aware \ aawservice.exe O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc - C: \ PROGRA ~ 1 \ COMMON ~ 1 \ AOL \ ACS \ AOLacsd.exe O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, sro - C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgemc.exe O23 - Service: AVG Free8 watchdog (avg8wd) - AVG Technologies CZ, sro - C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgwdsvc.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C: \ WINDOWS \ system32 \ brsvc01a.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc - C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe O23 - Service: SmartLinkService (SLService) - Unknown owner - slserv.exe (plik brakuje) O23 - Service: UStorage Service - OTi - C: \ WINDOWS \ system32 \ UStorSrv.exe -- End of file - 7014 bytes Thanking you guys in advance, Mam co wiary, Slime. |
|
#2
5 listopada 2008, 15:24
| |||
| |||
| Uruchom Kaspersky Online Scanner W systemie Microsoft Windows Vista, Należy otworzyć przeglądarkę internetową, korzystając z Uruchom jako administrator polecenia. Z pulpitu kliknij prawym przyciskiem myszy ikonę, aby otworzyć przeglądarkę i wybrać Uruchom jako administrator.
Podczas skanowania odbywa się w Skanowanie jest kompletna okna, zakażeniu jest wyświetlany. Nie ma możliwości do czyszczenia / dezynfekcji, jednak musimy przeanalizować informacje na temat sprawozdania. Aby uzyskać raport: Kliknij na: Zapisz raport jako
 Skopiuj i wklej w Kaspersky Online Scanner Sprawozdanie w następnej odpowiedzi. Uwaga dla użytkowników programu Internet Explorer 7: Jeśli w dowolnym momencie, masz problemy z wyświetlaniem zaakceptować klawiszem licencji, kliknij przycisk Zoom narzędzie znajduje się w prawym dolnym rogu okna IE i ustaw zoom do 75%. Gdy licencja jest akceptowane, zresetuj do 100%.
__________________  |
|
#3
5 listopada 2008, 21:51
| |||
| |||
| Po Ef ma kierować można za pośrednictwem czyszczenia swój komp zajrzyj tutaj http://www.computer-juice.com/forums...-malware-9243/ |
|
#4
6 listopada 2008, 09:53
| |||
| |||
| Hi evilfantasy & thanks for your time. Mamy jednak problem. Kaspersky Online Scanner nie będzie pełne skanowanie. Mam go uruchomić 3 razy i to najdłuższa trwała 23 minut i została zakończona 7% skanowania! Pliki skanowane .................................... 4817 Zagrożenie nazwy ..................................... 2 Zainfekowane obiekty .................................. 1 Podejrzane obiekty ................................ 12 Czas trwania skanowania 00:23:31 ........................... Can't get skanowania sprawozdanie albo! Za każdym razem, gdy próbowałem jednak mam Java Console ekranie pop na widok, to jest istotne? Coś jeszcze mogę spróbować? Slime |
|
#5
6 listopada 2008, 09:57
| |||
| |||
| Pobrać losowy system informacji narzędzie (RSIT) poprzez wyrywkowe / losowo z i zapisz go na pulpicie.
__________________ |
|
#6
6 listopada 2008, 10:11
| |||
| |||
| Dobrze, Wydawało się, że trochę lepiej. Logi na wniosek, Logfile losowego systemu informacji narzędzie 1,04 (napisane przez losowej / random) Prowadzi Zaznacz na 2008-11-06 17:05:19 Microsoft Windows XP Home Edition z dodatkiem Service Pack 3 System dysk C: jest 60 GB (84%) z 71 GB wolnego Razem RAM: 191 MB (16% wolny) Logfile of Trend Micro HijackThis v2.0.2 Skanowanie zapisany na 17:06:26, na 06/11/2008 Platforma: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Uruchamianie procesów: C: \ WINDOWS \ System32 \ smss.exe C: \ WINDOWS \ system32 \ winlogon.exe C: \ WINDOWS \ system32 \ Services.exe C: \ WINDOWS \ system32 \ lsass.exe C: \ WINDOWS \ system32 \ svchost.exe C: \ Program Files \ Windows Defender \ MsMpEng.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ Program Files \ Lavasoft \ Ad-Aware \ aawservice.exe C: \ WINDOWS \ system32 \ brsvc01a.exe C: \ WINDOWS \ system32 \ spoolsv.exe C: \ WINDOWS \ system32 \ brss01a.exe C: \ WINDOWS \ explorer.exe C: \ PROGRA ~ 1 \ COMMON ~ 1 \ AOL \ ACS \ AOLacsd.exe C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgwdsvc.exe C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe C: \ WINDOWS \ system32 \ UStorSrv.exe C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgrsx.exe C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgemc.exe C: \ WINDOWS \ system32 \ VTTimer.exe C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgtray.exe C: \ Program Files \ Windows Defender \ MSASCui.exe C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe C: \ WINDOWS \ system32 \ ctfmon.exe c: \ dziennik \ lotosu organizatora 6 \ organizować \ org6.exe C: \ Program Files \ Internet Explorer \ IEXPLORE.EXE c: \ dziennik \ lotosu organizatora 6 \ organizować \ org6.exe C: \ WINDOWS \ system32 \ svchost.exe C: \ Documents and Settings \ Mark \ Desktop \ RSIT.exe C: \ Program Files \ Trend Micro \ HijackThis \ Mark.exe R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.google.co.uk/ R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Window Title = Packard Bell O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - (3CA2F312-6F6E-4B53-A66E-4E65E497C8C0) - C: \ Program Files \ AVG \ AVG8 \ avgssie.dll O2 - BHO: Spybot-S & D IE Protection - (53707962-6F74-2D53-2644-206D7942484F) - C: \ Program Files \ Spybot - Search & Destroy \ SDHelper.dll O2 - BHO: Java (TM) Plug-In SSV Helper - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre6 \ bin \ ssv.dll O2 - BHO: AVG Security Toolbar - (A057A204-BACC-4D26-9990-79A187E2698E) - C: \ PROGRA ~ 1 \ AVG \ AVG8 \ AVGTOO ~ 1.DLL O2 - BHO: Java (TM) Plug-In 2 SSV Helper - (DBC80044-A445-435b-BC74-9C25C1C588A9) - C: \ Program Files \ Java \ jre6 \ bin \ jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - (E7E6F031-17CE-4C07-BC86-EABFE594F69C) - C: \ Program Files \ Java \ jre6 \ lib \ rozmieścić \ jqs \ tj. \ jqs_plugin.dll O3 - Toolbar: AVG Security Toolbar - (A057A204-BACC-4D26-9990-79A187E2698E) - C: \ PROGRA ~ 1 \ AVG \ AVG8 \ AVGTOO ~ 1.DLL O4 - HKLM \ .. \ Run: [VTTimer] VTTimer.exe O4 - HKLM \ .. \ Run: [AVG8_TRAY] C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgtray.exe O4 - HKLM \ .. \ Run: [Windows Defender] "C: \ Program Files \ Windows Defender \ MSASCui.exe"-hide O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe" O4 - HKCU \ .. \ Run: [SUPERAntiSpyware] C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe O4 - HKUS \ S-1-5-19 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'LOCAL SERVICE') O4 - HKUS \ S-1-5-20 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'NETWORK SERVICE') O4 - HKUS \ S-1-5-18 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'SYSTEM') O4 - HKUS \. DEFAULT \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Program Files \ Adobe \ Acrobat 7.0 \ Reader \ reader_sl.exe O8 - Extra kontekście menu: E & ksportuj do programu Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ Micros ~ 3 \ Office11 \ EXCEL.EXE/3000 O9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ Micros ~ 3 \ Office11 \ REFIEBAR.DLL O9 - Extra button: Web Wejście - (B4E30F61-16D9-11D3-85D1-005004229569) - C: \ WINDOWS \ system32 \ shdocvw.dll O9 - Extra button: Real.com - (CD67F990-D8E9-11d2-98FE-00C0F0318AFE) - C: \ WINDOWS \ system32 \ shdocvw.dll O9 - Extra button: (no name) - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ Program Files \ Spybot - Search & Destroy \ SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & & Destroy Configuration - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ Program Files \ Spybot - Search & Destroy \ SDHelper.dll O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe O9 - Extra 'Tools' menuitem: @ Xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe O9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O14 - IERESET.INF: START_PAGE_URL = file: / / C: \ Apps \ IE \ offline \ uk.htm O15 - Trusted Zone: http://download.windowsupdate.com O16 - DPF: (56762DEC-6B0D-4AB4-A8AD-989993B5D08B) (OnlineScanner Control) -- http://www.eset.eu/buxus/docs/OnlineScanner.cab O16 - DPF: (B1E2B96C-12FE-45E2-BEF1-44A219113CDD) (SABScanProcesses klasy) -- http://www.superadblocker.com/activex/sabspx.cab O17 - HKLM \ System \ CCS \ Services \ Tcpip \ .. \ (0737344F-6C02-4327-BCC5-C875D83CE9A1): NameServer = 192.168.0.1 O17 - HKLM \ SYSTEM \ CS1 \ Services \ Tcpip \ .. \ (0737344F-6C02-4327-BCC5-C875D83CE9A1): NameServer = 192.168.0.1 O17 - HKLM \ SYSTEM \ CS2 \ Services \ Tcpip \ .. \ (0737344F-6C02-4327-BCC5-C875D83CE9A1): NameServer = 192.168.0.1 O18 - Protocol: linkscanner - (F274614C-63F8-47D5-A4D1-FBDDE494F8D1) - C: \ Program Files \ AVG \ AVG8 \ avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll O20 - Winlogon Notify:! SASWinLogon - C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C: \ Program Files \ Lavasoft \ Ad-Aware \ aawservice.exe O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc - C: \ PROGRA ~ 1 \ COMMON ~ 1 \ AOL \ ACS \ AOLacsd.exe O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, sro - C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgemc.exe O23 - Service: AVG Free8 watchdog (avg8wd) - AVG Technologies CZ, sro - C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgwdsvc.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C: \ WINDOWS \ system32 \ brsvc01a.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc - C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe O23 - Service: SmartLinkService (SLService) - Unknown owner - slserv.exe (plik brakuje) O23 - Service: UStorage Service - OTi - C: \ WINDOWS \ system32 \ UStorSrv.exe -- End of file - 7153 bytes ====== ====== Folderze Zaplanowane zadania C: \ WINDOWS \ zadania \ MP Scheduled Scan.job ====== ====== Rejestru dump [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3)] Adobe PDF Reader Link Helper - C: \ Program Files \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll [2006-12-18 59032] [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (3CA2F312-6F6E-4B53-A66E-4E65E497C8C0)] AVG Safe Search - C: \ Program Files \ AVG \ AVG8 \ avgssie.dll [2008-08-29 455960] [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (53707962-6F74-2D53-2644-206D7942484F)] Spybot-S & D IE Protection - C: \ Program Files \ Spybot - Search & Destroy \ SDHelper.dll [2008-09-15 1562960] [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (761497BB-D6F0-462C-B6EB-D4DAF1D92D43)] Java (TM) Plug-In SSV Helper - C: \ Program Files \ Java \ jre6 \ bin \ ssv.dll [2008-11-04 320920] [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (A057A204-BACC-4D26-9990-79A187E2698E)] AVG Security Toolbar - C: \ PROGRA ~ 1 \ AVG \ AVG8 \ AVGTOO ~ 1.DLL [2008-07-18 2055960] [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (DBC80044-A445-435b-BC74-9C25C1C588A9)] Java (TM) Plug-In 2 SSV Helper - C: \ Program Files \ Java \ jre6 \ bin \ jp2ssv.dll [2008-11-04 34816] [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (E7E6F031-17CE-4C07-BC86-EABFE594F69C)] JQSIEStartDetectorImpl klasa - C: \ Program Files \ Java \ jre6 \ lib \ rozmieścić \ jqs \ tj. \ jqs_plugin.dll [2008-11-04 73728] [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Internet Explorer \ Toolbar] (A057A204-BACC-4D26-9990-79A187E2698E) - AVG Security Toolbar - C: \ PROGRA ~ 1 \ AVG \ AVG8 \ AVGTOO ~ 1.DLL [2008-07-18 2055960] [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entVersion \ Run] "VTTimer" = C: \ WINDOWS \ system32 \ VTTimer.exe [2004-03-26 49152] "AVG8_TRAY" = C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgtray.exe [2008-09-30 1234712] "Windows Defender" = C: \ Program Files \ Windows Defender \ MSASCui.exe [2006-11-03 866584] "SunJavaUpdateSched" = C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe [2008-11-04 136600] [HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Run] "SUPERAntiSpyware" = C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe [2008-09-03 1576176] "ctfmon.exe" = C: \ WINDOWS \ system32 \ ctfmon.exe [2008-04-14 15360] [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Shared Tools \ msconfig \ startupreg \ ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe [2008-04-14 15360] [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Shared Tools \ msconfig \ startupreg \ MSMSGS] C: \ Program Files \ Messenger \ msmsgs.exe [2008-04-14 1695232] [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Shared Tools \ msconfig \ startupreg \ NeroCheck] C: \ WINDOWS \ system32 \ NeroCheck.exe [2001-07-09 155648] [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Shared Tools \ msconfig \ startupreg \ PCMService] c: \ Apps \ Powercinema \ pcmservice.exe [2004-10-08 81920] [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Shared Tools \ msconfig \ startupreg \ QuickTime Task] C: \ Program Files \ QuickTime \ qttask.exe [2006-06-01 282624] [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Shared Tools \ msconfig \ startupreg \ SoundMan] C: \ WINDOWS \ SOUNDMAN.EXE [2004-02-26 65024] [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Shared Tools \ msconfig \ startupreg \ TkBellExe] C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe [2004-11-16 180269] [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Shared Tools \ msconfig \ startupfolder \ C: ^ Documents and Settings ^ All Users ^ Menu Start ^ Programy ^ Autostart ^ Adobe Reader Speed Launch.lnk] C: \ PROGRA ~ 1 \ Adobe \ ACROBA ~ 2.0 \ Reader \ READER ~ 1.EXE [2008-04-23 29696] [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Shared Tools \ msconfig \ startupfolder \ C: ^ Documents and Settings Mark ^ ^ Menu Start ^ Programy ^ Autostart ^ Lotus Organizer EasyClip.lnk] C: \ dziennik \ LOTUSO ~ 1 \ organizować \ EASYCL ~ 1.EXE [1999-09-15 229432] C: \ Documents and Settings \ All Users \ Menu Start \ Programy \ Autostart Adobe Reader Speed Launch.lnk - C: \ Program Files \ Adobe \ Acrobat 7.0 \ Reader \ reader_sl.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Windows] "AppInit_DLLS" = "avgrsstx.dll" [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ Notify \! SASWinLogon] C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll [2008-07-23 352256] [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ ShellServiceObjectDelayLoad] WPDShServiceObj - (AAA288BA-9A4C-45B0-95D7-94D524869DB5) - C: \ WINDOWS \ system32 \ WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ ShellExecuteHooks] "(091EB208-39DD-417D-A5DD-7E2C2D8FB9CB)" = C: \ PROGRA ~ 1 \ WIFD1F ~ 1 \ MpShHook.dll [2006-11-03 83224] "(5AE067D3-9AFB-48E0-853A-EBB7F4A000DA)" = C: \ Program Files \ SUPERAntiSpyware \ SASSEH.DLL [2008-05-13 77824] [HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ contro l \ Lsa] "uwierzytelniania pakietów" = MSV1_0 C: \ WINDOWS \ system32 \ geebx.dll [HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ contro l \ safeboot \ Minimal \ aawservice] [HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ contro l \ safeboot \ Minimal \ WinDefend] [HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ contro l \ safeboot \ Network \ aawservice] [HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ contro l \ safeboot \ Network \ WinDefend] [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entVersion \ Policies \ System] "dontdisplaylastusername" = 0 "legalnoticecaption" = "legalnoticetext" = "shutdownwithoutlogon" = 1 "undockwithoutlogon" = 1 [HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Policies \ Explorer] "NoDriveTypeAutoRun" = 145 [HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ usługi es \ sharedaccess \ parameters \ firewallpolicy \ standardowy profil \ authorizedapplications \ list] "% windir% \ system32 \ Sessmgr.exe" = "% windir% \ system32 \ Sessmgr.exe: *: Enabled: @ Xpsp2res.dll, -22019" "C: \ Program Files \ Abacast \ Abaclient.exe" = "C: \ Program Files \ Abacast \ Abaclient.exe: *: Enabled: Abaclient" "C: \ Program Files \ Real \ RealPlayer \ realplay.exe" = "C: \ Program Files \ Real \ RealPlayer \ realplay.exe: *: Enabled: RealP warstwa" "C: \ Program Files \ Internet Explorer \ IEXPLORE.EXE" = "C: \ Program Files \ Internet Explorer \ IEXPLORE.EXE: *: Enabled: Internet Explorer" "C: \ Program Files \ Mozilla Firefox \ firefox.exe" = "C: \ Program Files \ Mozilla Firefox \ firefox.exe: *: Enabled: Mozilla Firefox" "C: \ Program Files \ Lavasoft \ Ad-Aware 2007 \ lsupdatemanager.exe" = "C: \ Program Files \ Lavasoft \ Ad-Aware 2007 \ lsupdatemanager.exe: *: Enabled: Ad-Aware Update Manager" "C: \ Program Files \ Grisoft \ AVG7 \ avginet.exe" = "C: \ Program Files \ Grisoft \ AVG7 \ avginet.exe: *: Enabled: avginet.e XE" "C: \ Program Files \ Grisoft \ AVG7 \ avgamsvr.exe" = "C: \ Program Files \ Grisoft \ AVG7 \ avgamsvr.exe: *: Enabled: avgamsvr. Exe" "C: \ Program Files \ Grisoft \ AVG7 \ avgcc.exe" = "C: \ Program Files \ Grisoft \ AVG7 \ avgcc.exe: *: Enabled: avgcc.exe" "% windir% \ Network Diagnostic \ xpnetdiag.exe" = "% windir% \ Network Diagnostic \ xpnetdiag.exe: *: Enabled: @ Xpsp3res.dll, -20000" "C: \ Program Files \ NetMeeting \ conf.exe" = "C: \ Program Files \ NetMeeting \ conf.exe: *: Enabled: Windows ® NetMeeting ®" "C: \ Program Files \ AVG \ AVG8 \ avgemc.exe" = "C: \ Program Files \ AVG \ AVG8 \ avgemc.exe: *: Enabled: avgemc.exe" "C: \ Program Files \ AVG \ AVG8 \ avgupd.exe" = "C: \ Program Files \ AVG \ AVG8 \ avgupd.exe: *: Enabled: avgupd.exe" [HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ usługi es \ sharedaccess \ parameters \ firewallpolicy \ domainpr ofile \ authorizedapplications \ list] "% windir% \ system32 \ Sessmgr.exe" = "% windir% \ system32 \ Sessmgr.exe: *: Enabled: @ Xpsp2res.dll, -22019" "% windir% \ Network Diagnostic \ xpnetdiag.exe" = "% windir% \ Network Diagnostic \ xpnetdiag.exe: *: Enabled: @ Xpsp3res.dll, -20000" Plik stowarzyszenia ====== ====== . js - otwarty - "C: \ Program Files \ Macromedia \ Dreamweaver MX \ Dreamweaver.exe" "% 1" ====== Lista pliki utworzone w ciągu ostatnich 1 miesiąc ====== 2008-11-06 17:05:19 ---- D ---- C: \ rsit 2008-11-05 13:07:01 ---- D ---- C: \ Program Files \ Trend Micro 2008-11-04 18:45:20 ---- A ---- C: \ WINDOWS \ system32 \ deploytk.dll 2008-11-04 18:45:19 ---- A ---- C: \ WINDOWS \ system32 \ javaws.exe 2008-11-04 18:45:18 ---- A ---- C: \ WINDOWS \ system32 \ javaw.exe 2008-11-04 18:45:16 ---- A ---- C: \ WINDOWS \ system32 \ JAVA.EXE 2008-11-04 18:43:23 ---- D ---- C: \ Program Files \ Java 2008-11-04 16:13:33 ---- D ---- C: \ Documents and Settings \ Mark \ Dane aplikacji \ Malwarebytes 2008-11-04 16:13:00 ---- D ---- C: \ Program Files \ Malwarebytes' Anti-Malware 2008-11-04 16:13:00 ---- D ---- C: \ Documents and Settings \ All Users \ Dane aplikacji \ Malwarebytes 2008-10-24 02:01:55 HDC ---- ---- C: \ WINDOWS \ $ NtUninstallKB958644 $ 2008-10-15 02:12:03 HDC ---- ---- C: \ WINDOWS \ $ NtUninstallKB956803 $ 2008-10-15 02:11:57 HDC ---- ---- C: \ WINDOWS \ $ NtUninstallKB956391 $ 2008-10-15 02:11:47 HDC ---- ---- C: \ WINDOWS \ $ NtUninstallKB957095 $ 2008-10-15 02:07:21 HDC ---- ---- C: \ WINDOWS \ $ NtUninstallKB954211 $ 2008-10-15 02:05:57 HDC ---- ---- C: \ WINDOWS \ $ NtUninstallKB956841 $ 2008-10-10 02:01:15 HDC ---- ---- C: \ WINDOWS \ $ NtUninstallKB951978 $ 2008-10-09 02:08:22 ---- D ---- C: \ WINDOWS \ prefetch 2008-10-08 18:20:46 HDC ---- ---- C: \ WINDOWS \ $ NtUninstallKB952954 $ 2008-10-08 18:20:38 HDC ---- ---- C: \ WINDOWS \ $ NtUninstallKB952287 $ 2008-10-08 18:20:03 HDC ---- ---- C: \ WINDOWS \ $ NtUninstallKB951748 $ 2008-10-08 18:18:50 HDC ---- ---- C: \ WINDOWS \ $ NtUninstallKB951698 $ 2008-10-08 18:17:30 HDC ---- ---- C: \ WINDOWS \ $ NtUninstallKB951376-v2 $ 2008-10-08 18:16:20 HDC ---- ---- C: \ WINDOWS \ $ NtUninstallKB951376 $ 2008-10-08 18:15:35 HDC ---- ---- C: \ WINDOWS \ $ NtUninstallKB951066 $ 2008-10-08 18:15:14 HDC ---- ---- C: \ WINDOWS \ $ NtUninstallKB950974 $ 2008-10-08 18:15:02 HDC ---- ---- C: \ WINDOWS \ $ NtUninstallKB950762 $ 2008-10-08 18:14:49 HDC ---- ---- C: \ WINDOWS \ $ NtUninstallKB946648 $ 2008-10-08 18:14:34 HDC ---- ---- C: \ WINDOWS \ $ NtUninstallKB938464 $ 2008-10-08 18:04:31 ---- D ---- C: \ WINDOWS \ system32 \ scripting 2008-10-08 18:04:30 ---- D ---- C: \ WINDOWS \ l2schemas 2008-10-08 18:04:28 ---- D ---- C: \ WINDOWS \ system32 \ pl 2008-10-08 18:04:28 ---- D ---- C: \ WINDOWS \ system32 \ bits 2008-10-08 17:59:16 ---- D ---- C: \ WINDOWS \ ServicePackFiles 2008-10-08 17:48:52 HDC ---- ---- C: \ WINDOWS \ $ NtServicePackUninstall $ 2008-10-08 17:48:40 ---- D ---- C: \ WINDOWS \ EHome ====== Lista pliki zmodyfikowane w ciągu ostatnich 1 miesiąc ====== 2008-11-06 17:06:25 ---- D ---- C: \ WINDOWS \ Temp 2008-11-06 15:44:29 ---- D ---- C: \ WINDOWS 2008-11-05 18:48:26 SD ---- ---- C: \ WINDOWS \ Zadania 2008-11-05 18:43:04 ---- A ---- C: \ WINDOWS \ SchedLgU.Txt 2008-11-05 18:10:11 ---- D ---- C: \ Program Files \ Sage Payroll07-08 2008-11-05 18:10:11 ---- A ---- C: \ WINDOWS \ Payroll.INI 2008-11-05 18:08:47 ---- A ---- C: \ WINDOWS \ SGREP32.INI 2008-11-05 13:38:52 ---- HD ---- C: \ $ $ AVG8.VAULT 2008-11-05 13:07:01 AD ---- ---- C: \ Program Files 2008-11-05 12:48:10 ---- D ---- C: \ Documents and Settings \ All Users \ Dane aplikacji \ Spybot - Search & Destroy 2008-11-05 12:47:38 ---- D ---- C: \ WINDOWS \ Debug 2008-11-04 18:46:40 ---- SHD ---- C: \ WINDOWS \ Installer 2008-11-04 18:46:24 ---- SHD ---- C: \ Config.msi 2008-11-04 18:45:22 ---- D ---- C: \ WINDOWS \ system32 2008-11-04 16:13:04 ---- D ---- C: \ WINDOWS \ system32 \ drivers 2008-11-04 13:50:38 ---- D ---- C: \ WINDOWS \ system32 \ Catroot2 2008-11-03 14:00:33 ---- A ---- C: \ WINDOWS \ system32 \ PerfStringBackup.INI 2008-10-31 18:42:10 ---- A ---- C: \ WINDOWS \ nero.INI 2008-10-30 12:10:38 ---- D ---- C: \ Program Files \ Mozilla Firefox 2008-10-24 02:02:42 ---- HD ---- C: \ WINDOWS \ inf 2008-10-24 02:02:02 ---- RSHD ---- C: \ WINDOWS \ system32 \ dllcache 2008-10-24 02:00:45 ---- D ---- C: \ WINDOWS \ $ hf_mig $ 2008-10-17 16:57:24 ---- A ---- C: \ WINDOWS \ BRWMARK.INI 2008-10-15 16:34:24 ---- A ---- C: \ WINDOWS \ system32 \ Netapi32.dll 2008-10-15 02:18:58 ---- D ---- C: \ Program Files \ Internet Explorer 2008-10-09 02:07:07 ---- D ---- C: \ WINDOWS \ system32 \ Setup 2008-10-09 02:07:07 ---- D ---- C: \ WINDOWS \ AppPatch 2008-10-09 02:07:06 ---- D ---- C: \ WINDOWS \ system32 \ wbem 2008-10-09 02:07:05 RSD ---- ---- C: \ WINDOWS \ Fonts 2008-10-09 02:06:20 ---- D ---- C: \ WINDOWS \ security 2008-10-08 18:21:26 ---- D ---- C: \ WINDOWS \ system32 \ CatRoot 2008-10-08 18:14:52 ---- D ---- C: \ Program Files \ Messenger 2008-10-08 18:05:20 ---- D ---- C: \ WINDOWS \ WinSxS 2008-10-08 18:05:00 ---- D ---- C: \ WINDOWS \ diagnostyki sieci 2008-10-08 18:05:00 ---- D ---- C: \ WINDOWS \ ime 2008-10-08 18:04:59 ---- D ---- C: \ WINDOWS \ Help 2008-10-08 18:04:33 ---- D ---- C: \ WINDOWS \ system32 \ usmt 2008-10-08 18:04:33 ---- D ---- C: \ WINDOWS \ system32 \ pl-PL 2008-10-08 18:04:28 ---- D ---- C: \ WINDOWS \ PEERNET 2008-10-08 18:04:27 ---- D ---- C: \ Program Files \ Movie Maker 2008-10-08 17:59:09 ---- D ---- C: \ WINDOWS \ system32 \ restore 2008-10-08 17:59:09 ---- D ---- C: \ WINDOWS \ system32 \ npp 2008-10-08 17:59:06 ---- D ---- C: \ WINDOWS \ msagent 2008-10-08 17:59:03 ---- D ---- C: \ WINDOWS \ srchasst 2008-10-08 17:58:57 ---- D ---- C: \ Program Files \ NetMeeting 2008-10-08 17:58:55 ---- D ---- C: \ WINDOWS \ system32 \ Com 2008-10-08 17:58:52 ---- D ---- C: \ Program Files \ Windows Media Player 2008-10-08 17:58:51 ---- D ---- C: \ Program Files \ Windows NT 2008-10-08 17:58:50 ---- D ---- C: \ Program Files \ Outlook Express 2008-10-08 17:58:46 ---- D ---- C: \ Program Files \ Common Files \ System 2008-10-08 17:58:28 ---- D ---- C: \ WINDOWS \ system32 \ oobe 2008-10-08 17:58:22 ---- D ---- C: \ WINDOWS \ system 2008-10-08 17:53:47 ---- D ---- C: \ WINDOWS \ system32 \ ReinstallBackups 2008-10-08 17:17:41 RASH ---- ---- C: \ BOOT.INI 2008-10-08 17:17:40 ---- A ---- C: \ WINDOWS \ win.ini 2008-10-08 17:17:39 ---- A ---- C: \ windows \ system.ini 2008-10-07 19:19:40 ---- A ---- C: \ WINDOWS \ system32 \ MRT.exe ====== Lista kierowców (R = Running, S = Zatrzymana, 0 = Boot, 1 = System, 2 = Auto, 3 = Demand, 4 = niepełnosprawnych )====== R1 AmdK7; sterownika procesora AMD K7, C: \ WINDOWS \ system32 \ DRIVERS \ Amdk7.sys [2008-04-13 37760] R1 AvgLdx86; AVG Free AVI Loader Driver x86; C: \ WINDOWS \ System32 \ Drivers \ avgldx86.sys [2008-08-29 97928] R1 AvgMfx86; AVG Free On-dostęp Skaner minifiltrami Driver x86; C: \ WINDOWS \ System32 \ Drivers \ avgmfx86.sys [2008-07-18 26824] R1 SASDIFSV; SASDIFSV; \? \ C: \ Program Files \ SUPERAntiSpyware \ SASDIFSV.SYS [] R1 SASKUTIL; SASKUTIL; \? \ C: \ Program Files \ SUPERAntiSpyware \ SASKUTIL.sys [] R2 AvgTdiX; Free8 AVG Network Redirector; C: \ WINDOWS \ System32 \ Drivers \ avgtdix.sys [2008-07-18 76040] R2 BrPar; BrPar; C: \ WINDOWS \ system32 \ drivers \ BrPar.sys [2000-07-24 19537] R3 ALCXSENS; Serwis WDM 3D Audio Driver; C: \ WINDOWS \ system32 \ drivers \ ALCXSENS.SYS [2004-02-24 400384] R3 ALCXWDM; Serwis Realtek AC97 Audio (WDM); C: \ WINDOWS \ system32 \ drivers \ ALCXWDM.SYS [2004-02-27 611820] R3 rtl8139; Realtek RTL8139 (A / B / C)-opiera PCI Fast Ethernet Adapter NT Driver; C: \ WINDOWS \ system32 \ DRIVERS \ RTL8139.SYS [2004-08-03 20992] R3 SASENUM; SASENUM; \? \ C: \ Program Files \ SUPERAntiSpyware \ SASENUM.SYS [] R3 usbehci; Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C: \ WINDOWS \ system32 \ DRIVERS \ usbehci.sys [2008-04-13 30208] R3 usbhub; USB2 Enabled Hub, C: \ WINDOWS \ system32 \ DRIVERS \ Usbhub.sys [2008-04-13 59520] R3 usbuhci; Microsoft USB Universal Host Controller Miniport Driver; C: \ WINDOWS \ system32 \ DRIVERS \ usbuhci.sys [2008-04-13 20608] R3 viagfx; viagfx; C: \ WINDOWS \ system32 \ DRIVERS \ vtmini.sys [2004-05-05 142976] R3 wanatw; WAN Miniport (ATW); C: \ WINDOWS \ system32 \ DRIVERS \ wanatw4.sys [2003-01-10 33588] S1 kbdhid; Keyboard HID Driver; C: \ WINDOWS \ system32 \ DRIVERS \ Kbdhid.sys [2008-04-13 14592] S3 FETND5BV; VIA Rhine-Family Fast Ethernet Adapter Driver Service; C: \ WINDOWS \ system32 \ DRIVERS \ fetnd5bv.sys [2004-12-16 42496] S3 FETNDISB; VIA Rhine Family Fast Ethernet Adapter Driver Service; C: \ WINDOWS \ system32 \ DRIVERS \ fetnd5b.sys [2003-11-11 41984] S3 HidUsb; Microsoft HID Class Driver; C: \ WINDOWS \ system32 \ DRIVERS \ Hidusb.sys [2008-04-13 10368] S3 MODEMCSA; Unimodem Strumieniowanie Filtr urządzeń; C: \ WINDOWS \ system32 \ drivers \ MODEMCSA.sys [2001-08-17 16128] S3 mouhid; Mouse HID Driver; C: \ WINDOWS \ system32 \ DRIVERS \ mouhid.sys [2001-08-17 12160] S3 Mtlmnt5; Mtlmnt5; C: \ WINDOWS \ system32 \ DRIVERS \ Mtlmnt5.sys [2003-02-16 210128] S3 Mtlstrm; Mtlstrm; C: \ WINDOWS \ system32 \ DRIVERS \ Mtlstrm.sys [2003-02-16 1293192] S3 NtMtlFax; NtMtlFax; C: \ WINDOWS \ system32 \ DRIVERS \ NtMtlFax.sys [2003-02-05 162136] S3 SABProcEnum; SABProcEnum; \? \ C: \ Program Files \ Internet Explorer \ SABProcEnum.sys [] S3 Slntamr; Smartlink AMR_PCI Driver; C: \ WINDOWS \ system32 \ DRIVERS \ slntamr.sys [2003-02-16 516616] S3 SlNtHal; SlNtHal; C: \ WINDOWS \ system32 \ DRIVERS \ Slnthal.sys [2003-02-16 85520] S3 SlWdmSup; SlWdmSup; C: \ WINDOWS \ system32 \ DRIVERS \ SlWdmSup.sys [2003-01-17 39348] S3 usbccgp; Microsoft USB Generic Parent Driver; C: \ WINDOWS \ system32 \ DRIVERS \ usbccgp.sys [2008-04-13 32128] S3 usbohci; Microsoft USB Open Host Controller Miniport Driver; C: \ WINDOWS \ system32 \ DRIVERS \ Usbohci.sys [2008-04-13 17152] S3 UsbStor; USB Mass Storage Driver; C: \ WINDOWS \ system32 \ DRIVERS \ USBSTOR.SYS [2008-04-13 26368] S3 WudfPf; Windows Driver Foundation - User-mode Driver ramowej Platforma Driver; C: \ WINDOWS \ system32 \ DRIVERS \ WudfPf.sys [2006-09-28 77568] S3 WudfRd; Windows Driver Foundation - User-mode Driver ramowej Reflector; C: \ WINDOWS \ system32 \ DRIVERS \ wudfrd.sys [2006-09-28 82944] ====== Wykaz usług (R = Running, S = Zatrzymana, 0 = Boot, 1 = System, 2 = Auto, 3 = Demand, 4 = niepełnosprawnych )====== R2 aawservice; Lavasoft Ad-Aware Service, C: \ Program Files \ Lavasoft \ Ad-Aware \ aawservice.exe [2008-07-07 611664] R2 AOL ACS; AOL Connectivity Service; C: \ PROGRA ~ 1 \ COMMON ~ 1 \ AOL \ ACS \ AOLacsd.exe [2004-02-25 1123440] R2 avg8emc; AVG Free8 E-mail Scanner; C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgemc.exe [2008-08-29 875288] R2 avg8wd; AVG Free8 Watchdog; C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgwdsvc.exe [2008-08-29 231704] R2 Brother XP spl Service; BrSplService; C: \ WINDOWS \ system32 \ brsvc01a.exe [2003-08-28 57344] R2 JavaQuickStarterService; Java Quick Starter; C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe [2008-11-04 152984] R2 UStorage Service; UStorage Service; C: \ WINDOWS \ system32 \ UStorSrv.exe [2006-02-17 139264] R2 WinDefend, Windows Defender, C: \ Program Files \ Windows Defender \ MsMpEng.exe [2006-11-03 13592] S2 Faks Faks; C: \ WINDOWS \ system32 \ fxssvc.exe [2008-04-14 267776] S2 SLService; SmartLinkService; slserv.exe [] S3 aspnet_state; ASP.NET państwa Service; C: \ WINDOWS \ Microsoft.NET \ Framework \ v1.1.4322 \ aspne t_state.exe [2004-07-15 32768] S3 IDriverT; InstallDriver Table Manager; C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe [2005-04-03 69632] S3 ose; Office Source Engine, C: \ Program Files \ Common Files \ Microsoft Shared \ Source Engine \ Ose.exe [2003-07-28 89136] S3 WMPNetworkSvc, Windows Media Player Network Sharing Service; C: \ Program Files \ Windows Media Player \ wmpnetwk.exe [2006-10-18 913408] S3 WudfSvc; Windows Driver Foundation - User-mode Driver ramowej; C: \ WINDOWS \ system32 \ svchost.exe [2008-04-14 14336] ----------------- EOF ----------------- info.txt logfile losowego systemu informacji narzędzie 1,04 2008-11-06 17:06:34 ====== ====== Odinstaluj listy -> "C: \ Program Files \ Common Files \ aolshare \ Coach \ AolCInUn.exe" LANG = "pl-uk" -> C: \ PROGRA ~ 1 \ COMMON ~ 1 \ AOL \ ACS \ AcsUninstall.exe / c -> C: \ PROGRA ~ 1 \ COMMON ~ 1 \ AOL \ AOLSPY ~ 1 \ UNWISE.EXE C: \ PROGRA ~ 1 \ COMMON ~ 1 \ AOL \ AOLSPY ~ 1 \ INSTALL.LOG -> C: \ PROGRA ~ 1 \ S3 \ S3 \ s3setvga.exe-s-FC: \ PROGRA ~ 1 \ S3 \ S3 \ S3.uns -> C: \ Program Files \ Common Files \ AOL \ Screensaver \ uninst_ygpss.exe -> C: \ Program Files \ Common Files \ aolshare \ Aolunins_uk.exe -> C: \ Program Files \ Common Files \ Real \ Update_OB \ r1puninst.exe RealNetworks | RealPlayer | 6.0 -> C: \ Program Files \ Common Files \ Real \ Update_OB \ r1puninst.exe RealNetworks | RealPlayer | 6.0 -> C: \ Program Files \ Learn2.com \ StRunner \ stuninst.exe -> C: \ Program Files \ Viewpoint \ Viewpoint Experience Technology \ mtsAxInstaller.exe / u -> C: \ WINDOWS \ IsUninst.exe-f "C: \ Program Files \ Sage \ Sage Payroll e-Submissions Update \ Uninst.isu" -> C: \ WINDOWS \ IsUninst.exe-FC: \ WINDOWS \ orun32.isu -> C: \ WINDOWS \ system32 \ \ MSIEXEC.EXE / x (9541FED0-327F-4df0-8B96-EF57EF622F19) -> C: \ WINDOWS \ system32 \ Macromed \ SHOCKW ~ 1 \ UNWISE.EX WE: \ WINDOWS \ system32 \ Macromed \ SHOCKW ~ 1 \ Install.log -> Rundll32 C: \ PROGRA ~ 1 \ COMMON ~ 1 \ INSTAL ~ 1 \ engine \ 6 \ INTEL3 ~ 1 \ Ct or.dll, LaunchSetup "C: \ Program Files \ InstallShield Installation Information \ (2637C347-11D6-9DAD -9EA2-00055D0CA761) \ setup.exe "-uninstall -> Rundll32 C: \ PROGRA ~ 1 \ COMMON ~ 1 \ INSTAL ~ 1 \ engine \ 6 \ INTEL3 ~ 1 \ CT or.dll, LaunchSetup "C: \ Program Files \ InstallShield Installation Information \ (FB08F381-6533-4108 -B7DD-039E11FBC27E) \ setup.exe "REMOVE -> rundll32.exe Setupapi.dll, DefaultUninstall InstallHinfSection 132 C: \ WINDOWS \ inf \ PCHealth.inf -> vtuninst.exe-reg 5 'HKLM \ Software \ S3 \ VT \ S3Uninst \ S3Display " -> vtuninst.exe-reg 5 'HKLM \ Software \ S3 \ VT \ S3Uninst \ S3Gamma2 " -> vtuninst.exe-reg 5 'HKLM \ Software \ S3 \ VT \ S3Uninst \ S3Info2 " -> vtuninst.exe-reg 5 'HKLM \ Software \ S3 \ VT \ S3Uninst \ S3Overlay " Abacast Klient -> C: \ PROGRA ~ 1 \ Abacast \ UNWISE.EXE C: \ PROGRA ~ 1 \ Abacast \ client.LOG Ad-Aware -> msiexec.exe / i (DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF) Adobe Flash Player 10 ActiveX -> C: \ WINDOWS \ system32 \ Macromed \ Flash \ uninstall_acti veX.exe Adobe Reader 7.1.0 -> msiexec.exe / i (AC76BA86-7AD7-1033-7B44-A71000000002) Ahead Nero Burning ROM -> C: \ Program Files \ Ahead \ Nero \ Uninstall \ UNNERO.exe / uninstall AVG Free 8.0 -> C: \ Program Files \ AVG \ AVG8 \ setup.exe / uninstall Aztech CNR2900 V.90 Modem -> C: \ WINDOWS \ Modio \ SLAMR2KO \ Setup.exe / Usuń Brother HL-5040 -> "C: \ Program Files \ Brother \ BRHL5040 \ IsUninst.exe"-f "C: \ Program Files \ Brother \ BRHL5040 \ DeIsL1.isu" cbruninst.dll Brother HL-6050 -> "C: \ Program Files \ Brother \ BRHL6050 \ IsUninst.exe"-f "C: \ Program Files \ Brother \ BRHL6050 \ DeIsL1.isu" cbruninst.dll CCleaner (usunąć tylko )-->" C: \ Program Files \ CCleaner \ uninst.exe " Eset Online Scanner -> C: \ WINDOWS \ system32 \ OnlineScannerUninstaller.ex e HijackThis 2.0.2 -> "C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe" / uninstall Poprawki dla systemu Windows Internet Explorer 7 (KB947864 )-->" C: \ WINDOWS \ ie7updates \ KB947864-IE7 \ spuninst \ spuninst.exe " Hotfix for Windows Media Format 11 SDK (KB929399 )-->" C: \ WINDOWS \ $ NtUninstallKB929399 $ \ spuninst \ spunin st.exe " Poprawki dla programu Windows Media Player 11 (KB939683 )-->" C: \ WINDOWS \ $ NtUninstallKB939683 $ \ spuninst \ spunin st.exe " Poprawki dla systemu Windows XP (KB952287 )-->" C: \ WINDOWS \ $ NtUninstallKB952287 $ \ spuninst \ spunin st.exe " Imation Disk Manager V Service -> C: \ DOCUME ~ 1 \ Mark \ LOCALS ~ 1 \ Temp \ Imation Disk Manager a.exe V-u Java (TM) 6 Update 10 -> Msiexec.exe / X (26A24AE4-039D-4CA4-87B4-2F83216010FF) Lotus Organizer 6.0 -> C: \ WINDOWS \ ounin11.exe / T Organizator / 99,1 V / I "c: \ lotus \ organizować \ orgnode.inf" / C "c: \ lotus \ Organizacja \ cinstnod.ini" / O c: \ uninst.log / L PL / U Organizator użytkownika Macromedia Dreamweaver MX -> Rundll32 C: \ PROGRA ~ 1 \ COMMON ~ 1 \ INSTAL ~ 1 \ engine \ 6 \ INTEL3 ~ 1 \ Ct or.dll, LaunchSetup "C: \ Program Files \ InstallShield Installation Information \ (8B4AB829 - DFD3-436D-B808-D9733D76C590) \ Setup.exe "-l0x9 mmUninstall Macromedia Extension Manager -> Rundll32 C: \ PROGRA ~ 1 \ COMMON ~ 1 \ INSTAL ~ 1 \ engine \ 6 \ INTEL3 ~ 1 \ Ct or.dll, LaunchSetup "C: \ Program Files \ InstallShield Installation Information \ (A5BA14E0 - 7384-11D4-BAE7-00409631A2C8) \ setup.exe "-l0x9 mmUninstall Macromedia Shockwave Player -> C: \ WINDOWS \ system32 \ Macromed \ SHOCKW ~ 2 \ UNWISE.EX WE: \ WINDOWS \ system32 \ Macromed \ SHOCKW ~ 2 \ Install.log Malwarebytes' Anti-Malware -> "C: \ Program Files \ Malwarebytes' Anti-Malware \ unins000.exe" Microsoft. NET Framework 1.1 Hotfix (KB928366 )-->" C: \ WINDOWS \ Microsoft.NET \ Framework \ v1.1.4322 \ Upd ates \ Hotfix.exe "C: \ WINDOWS \ Microsoft.NET \ Framework \ v1.1.4322 \ Upda tes \ M928366 \ M928366Uninstall.msp " Microsoft. NET Framework 1.1 -> msiexec.exe / X (CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1) Microsoft. NET Framework 1.1 -> Msiexec.exe / X (CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1) Microsoft Compression Client Pack 1.0 dla systemu Windows XP -> "C: \ WINDOWS \ $ NtUninstallMSCompPackV1 $ \ spuninst \ sp. uninst.exe" Microsoft zinternacjonalizowany Domeny Łagodzenie API -> "C: \ WINDOWS \ $ NtServicePackUninstallIDNMitigationA PIS $ \ spuninst \ spuninst.exe" Microsoft National Language Support Downlevel API -> "C: \ WINDOWS \ $ NtServicePackUninstallNLSDownlevelMa pping $ \ spuninst \ spuninst.exe" Microsoft Office Standard Edition 2003 -> msiexec.exe / i (91120409-6000-11D3-8CFE-0150048383C9) Microsoft User-Mode Driver ramowej Feature Pack 1.0 -> "C: \ WINDOWS \ $ NtUninstallWudf01000 $ \ spuninst \ spuni nst.exe" Microsoft Visual C + + 2005 Redistributable -> Msiexec.exe / X (7299052b-02a4-4627-81f2-1818da5d550d) Microsoft Works 7.0 -> msiexec.exe / i (764D06D8-D8DE-411E-A1C8-D9E9380F8A84) Microsoft GPW 2,0 SP3 Runtime -> Msiexec.exe / X (F3CA9611-CD42-4562-ADAB-A554CF8E17F1) Mozilla Firefox (3.0.1) -> C: \ Program Files \ Mozilla Firefox \ uninstall \ helper.exe MSXML 4.0 SP2 (KB936181) -> msiexec.exe / i (C04E32E0-0416-434D-AFB9-6969D703A9EF) MSXML 6.0 Parser (KB933579) -> msiexec.exe / i (0A869A65-8C94-4F7C-A5C7-972D3C8CED9E) Packard Bell informacje -> Rundll32 C: \ PROGRA ~ 1 \ COMMON ~ 1 \ INSTAL ~ 1 \ engine \ 6 \ INTEL3 ~ 1 \ CT or.dll, LaunchSetup "C: \ Program Files \ InstallShield Installation Information \ (B04AC0A3 - 7A0F-4E38-9DE7-FD1E4CE47D8C) \ setup.exe " Packard Bell Toolbar 1.0 -> "C: \ Program Files \ Dynamiczne Toolbar \ unins000.exe" QuickTime -> C: \ PROGRA ~ 1 \ COMMON ~ 1 \ INSTAL ~ 1 \ Driver \ 11 \ INTEL3 ~ 1 \ IDriver.exe / M (C21D5524-A970-42FA-AC8A-59B8C7CDCA31) / l1033 Sage Payroll 50 -> Rundll32 C: \ PROGRA ~ 1 \ COMMON ~ 1 \ INSTAL ~ 1 \ zawodowej ~ 1 \ RunTime \ 10 \ 50 \ Intel32 \ Ctor.dll, LaunchSetup "C: \ Program Files \ InstallShield Installation Information \ (AE4B057E-41EF-4DBA-A387-CC6A7666C5CD) \ Setup.exe "-l0x9-uninst-removeonly Sage Konta V11.00--> C: \ PROGRA ~ 1 \ COMMON ~ 1 \ INSTAL ~ 1 \ Driver \ 7 \ INTEL3 ~ 1 \ Driver.exe I / M (9B4F367E-94AD-40A4-8060-460CE4A98C45) Sage MIS 3.01 -> C: \ WINDOWS \ IsUninst.exe-f "C: \ Program Files \ Informer50 \ Uninst.isu" Sage Payroll 07-08 -> Rundll32 C: \ PROGRA ~ 1 \ COMMON ~ 1 \ INSTAL ~ 1 \ zawodowej ~ 1 \ RunTime \ 10 \ 50 \ Intel32 \ Ctor.dll, LaunchSetup "C: \ Program Files \ InstallShield Installation Informacje \ (CD9BCE06-1BB1-4D6F-AFDC-E2E50FA99543) \ Setup.exe "-l0x9-uninst-removeonly Sage Payroll -> C: \ WINDOWS \ IsUninst.exe-f "C: \ Program Files \ Sage Payroll \ UNINST80.ISU" Sage Payroll -> Rundll32 C: \ PROGRA ~ 1 \ COMMON ~ 1 \ INSTAL ~ 1 \ zawodowej ~ 1 \ RunTime \ 10 \ 50 \ Intel32 \ Ctor.dll, LaunchSetup "C: \ Program Files \ InstallShield Installation Information \ ( 09998BA7-A8D3-441C-8D35-D156C831D444) \ Setup.exe "-l0x9-uninst-removeonly Aktualizacja zabezpieczeń dla Step By Step Interactive Training (KB898458 )-->" C: \ WINDOWS \ $ NtUninstallKB898458 $ \ spuninst \ spunin st.exe " Aktualizacja zabezpieczeń dla Step By Step Interactive Training (KB923723 )-->" C: \ WINDOWS \ $ NtUninstallKB923723 $ \ spuninst \ spunin st.exe " Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 7 (KB938127 )-->" C: \ WINDOWS \ ie7updates \ KB938127-IE7 \ spuninst \ spuninst.exe " Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 7 (KB942615 )-->" C: \ WINDOWS \ ie7updates \ KB942615-IE7 \ spuninst \ spuninst.exe " Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 7 (KB944533 )-->" C: \ WINDOWS \ ie7updates \ KB944533-IE7 \ spuninst \ spuninst.exe " Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 7 (KB950759 )-->" C: \ WINDOWS \ ie7updates \ KB950759-IE7 \ spuninst \ spuninst.exe " Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 7 (KB953838 )-->" C: \ WINDOWS \ ie7updates \ KB953838-IE7 \ spuninst \ spuninst.exe " Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 7 (KB956390 )-->" C: \ WINDOWS \ ie7updates \ KB956390-IE7 \ spuninst \ spuninst.exe " Aktualizacja zabezpieczeń dla programu Windows Media Player 11 (KB936782 )-->" C: \ WINDOWS \ $ NtUninstallKB936782_WMP11 $ \ spuninst \ spuninst.exe " Aktualizacja zabezpieczeń dla programu Windows Media Player 11 (KB954154 )-->" C: \ WINDOWS \ $ NtUninstallKB954154_WM11 $ \ spuninst \ s puninst.exe " Aktualizacja zabezpieczeń dla systemu Windows XP (KB938464 )-->" C: \ WINDOWS \ $ NtUninstallKB938464 $ \ spuninst \ spunin st.exe " Aktualizacja zabezpieczeń dla systemu Windows XP (KB941569 )-->" C: \ WINDOWS \ $ NtUninstallKB941569 $ \ spuninst \ spunin st.exe " Aktualizacja zabezpieczeń dla systemu Windows XP (KB946648 )-->" C: \ WINDOWS \ $ NtUninstallKB946648 $ \ spuninst \ spunin st.exe " Aktualizacja zabezpieczeń dla systemu Windows XP (KB950760 )-->" C: \ WINDOWS \ $ NtUninstallKB950760 $ \ spuninst \ spunin st.exe " Aktualizacja zabezpieczeń dla systemu Windows XP (KB950762 )-->" C: \ WINDOWS \ $ NtUninstallKB950762 $ \ spuninst \ spunin st.exe " Aktualizacja zabezpieczeń dla systemu Windows XP (KB950974 )-->" C: \ WINDOWS \ $ NtUninstallKB950974 $ \ spuninst \ spunin st.exe " Aktualizacja zabezpieczeń dla systemu Windows XP (KB951066 )-->" C: \ WINDOWS \ $ NtUninstallKB951066 $ \ spuninst \ spunin st.exe " Aktualizacja zabezpieczeń dla systemu Windows XP (KB951376 )-->" C: \ WINDOWS \ $ NtUninstallKB951376 $ \ spuninst \ spunin st.exe " Aktualizacja zabezpieczeń dla systemu Windows XP (KB951376-v2 )-->" C: \ WINDOWS \ $ NtUninstallKB951376-v2 $ \ spuninst \ spuninst.exe " Aktualizacja zabezpieczeń dla systemu Windows XP (KB951698 )-->" C: \ WINDOWS \ $ NtUninstallKB951698 $ \ spuninst \ spunin st.exe " Aktualizacja zabezpieczeń dla systemu Windows XP (KB951748 )-->" C: \ WINDOWS \ $ NtUninstallKB951748 $ \ spuninst \ spunin st.exe " Aktualizacja zabezpieczeń dla systemu Windows XP (KB952954 )-->" C: \ WINDOWS \ $ NtUninstallKB952954 $ \ spuninst \ spunin st.exe " Aktualizacja zabezpieczeń dla systemu Windows XP (KB953839 )-->" C: \ WINDOWS \ $ NtUninstallKB953839 $ \ spuninst \ spunin st.exe " Aktualizacja zabezpieczeń dla systemu Windows XP (KB954211 )-->" C: \ WINDOWS \ $ NtUninstallKB954211 $ \ spuninst \ spunin st.exe " Aktualizacja zabezpieczeń dla systemu Windows XP (KB956391 )-->" C: \ WINDOWS \ $ NtUninstallKB956391 $ \ spuninst \ spunin st.exe " Aktualizacja zabezpieczeń dla systemu Windows XP (KB956803 )-->" C: \ WINDOWS \ $ NtUninstallKB956803 $ \ spuninst \ spunin st.exe " Aktualizacja zabezpieczeń dla systemu Windows XP (KB956841 )-->" C: \ WINDOWS \ $ NtUninstallKB956841 $ \ spuninst \ spunin st.exe " Aktualizacja zabezpieczeń dla systemu Windows XP (KB957095 )-->" C: \ WINDOWS \ $ NtUninstallKB957095 $ \ spuninst \ spunin st.exe " Aktualizacja zabezpieczeń dla systemu Windows XP (KB958644 )-->" C: \ WINDOWS \ $ NtUninstallKB958644 $ \ spuninst \ spunin st.exe " Sonic MyDVD -> msiexec.exe / i (21657574-BD54-48A2-9450-EB03B2C7FC29) Sonic RecordNow! -> Msiexec.exe / i (9541FED0-327F-4DF0-8B96-EF57EF622F19) Spybot - Search & Destroy 1.5.2.20 -> "C: \ WINDOWS \ unins000.exe" Spybot - Search & Destroy -> "C: \ Program Files \ Spybot - Search & Destroy \ unins001.exe" SUPERAntiSpyware Free Edition -> Msiexec.exe / X (CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA) Aktualizacja dla systemu Windows XP (KB951072-v2 )-->" C: \ WINDOWS \ $ NtUninstallKB951072-v2 $ \ spuninst \ spuninst.exe " Aktualizacja dla systemu Windows XP (KB951978 )-->" C: \ WINDOWS \ $ NtUninstallKB951978 $ \ spuninst \ spunin st.exe " VIA Rhine-Family Fast Ethernet Adapter -> Rundll32.exe vuins32.dll, Nadrenii vuins32Ex $ $ VIA Visual C + + CRT 8.0 -> msiexec.exe / i (B2395631-54D5-481E-B9A8-74B269546F40) Windows Defender Podpisy -> msiexec.exe / i (A5CC2A09-E9D3-49EC-923D-03874BBD4C2C) Windows Defender -> msiexec.exe / i (A06275F4-324B-4E85-95E6-87B2CD729401) Windows Media Format 11 runtime -> "C: \ Program Files \ Windows Media Player \ wmsetsdk.exe" / UninstallAll Windows Media Format 11 runtime -> "C: \ WINDOWS \ $ NtUninstallWMFDist11 $ \ spuninst \ spuni nst.exe" Windows Media Player 11 -> "C: \ Program Files \ Windows Media Player \ Setup_wm.exe" / Odinstaluj Windows Media Player 11 -> "C: \ WINDOWS \ $ NtUninstallwmp11 $ \ spuninst \ spuninst. Exe" Windows XP Service Pack 3 -> "C: \ WINDOWS \ $ NtServicePackUninstall $ \ spuninst \ SPU ninst.exe" ====== ====== Bezpieczeństwa centrum informacji AV: AVG Anti-Virus Free Zmienne środowiskowe ====== ====== "ComSpec" =% SystemRoot% \ system32 \ cmd.exe "Path" =% SystemRoot% \ system32;% SystemRoot%; SystemR oot%% \ System32 \ Wbem, C: \ PROGRA ~ 1 \ COMMON ~ 1 \ SONICS ~ 1 \, C: \ Program Files \ Common Files \ Sage SBD ; C: \ Program Files \ QuickTime \ QTSystem \, C: \ Program Files \ Common Files \ Sage SBD \ "windir" =% SystemRoot% "FP_NO_HOST_CHECK" = NO "OS" = Windows_NT "PROCESSOR_ARCHITECTURE" = x86 "PROCESSOR_LEVEL" = 6 "PROCESSOR_IDENTIFIER" = x86 Family 6 Model 8 Stepping 1, AuthenticAMD "PROCESSOR_REVISION" = 0801 "NUMBER_OF_PROCESSORS" = 1 "PATHEXT" =. COM;. EXE,. BAT,. CMD;. VBS;. VBE;. JS;. Jse;. WSF;. WSH "TEMP" =% SystemRoot% \ TEMP "TMP" =% SystemRoot% \ TEMP "CLASSPATH" =.; C: \ Program Files \ QuickTime \ QTSystem \ QTJava.zip "QTJAVA" = C: \ Program Files \ QuickTime \ QTSystem \ QTJava.zip ----------------- EOF ----------------- W oczekiwaniu, Slime. |
|
#7
6 listopada 2008, 10:25
| |||
| |||
| Mozilla Firefox (3.0.1) Jesteśmy na 3.0.3. Potrzeba aktualizacji. Odinstaluj Spybot - Search & Destroy 1.5.2.20. Pozostaw innych Spybot - Search & Destroy. ---------- Czy wyłączyć AVG przed rozpoczęciem Kaspersky skanowanie?
__________________ |
|
#8
6 listopada 2008, 10:50
| |||
| |||
| Cześć, Mozilla Firefox (3.0.1) Jesteśmy na 3.0.3. Potrzeba aktualizacji. Zrobione! Odinstaluj Spybot - Search & Destroy 1.5.2.20. Zrobione! Czy wyłączyć AVG przed rozpoczęciem Kaspersky skanowanie? Nie! Niestety, to było głupie z mojej strony. Próba Kaspersky Skanuj ponownie, będzie repoert powrót ASAP. Slime |
|
#9
6 listopada 2008, 10:52
| |||
| |||
| Mamy nadzieję, że pozwoli to kontynuować i zakończyć. Just don't download anything wysyłanie AV jest wyłączony lub otwierać dowolne załączniki wiadomości e-mail.
__________________ |
|
#10
6 listopada 2008, 11:02
| |||
| |||
| Cześć, może być głupi, ale mogę nie wydaje się z kolei AVG off! Any tips? Slime. |
