konolo
Nowy
Liczba postów: 1
|
Eksplorator windows przestał pracować
Czesc. Moim problemem jest to że od 3 dni nie moge wejsć do żadnego folderu bo wywala bład : Eksplorator windows przestał pracować. Myślałem nad reinstalem systemu. Ale zależy mi na plikach. Czy jest jakis sposub na to ??
LOG z Combofix:
Kod:
ComboFix 12-12-02.01 - Arek 2012-12-04 17: 20: 53.1.2 - x86
Microsoft Windows 7 Ultimate E 6.1.7600.0.1250.48.1045.18.3070.1386 [GMT 1: 00]
Uruchomiony z: c: \users\Arek\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 5.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 5.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Rezydentny antywirus jest aktywny
.
.
.
((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C: \autorun.inf
C: \data
c: \program files\DealPly
c: \program files\DealPly\DealPly.crx
c: \program files\DealPly\DealPlyIE.dll
c: \program files\DealPly\DealPlyUpdate.exe
c: \program files\DealPly\DealPlyUpdate.log
c: \program files\DealPly\DealPlyUpdateRun.exe
c: \program files\DealPly\icon.ico
c: \program files\DealPly\uninst.exe
c: \program files\Funmoods
c: \program files\Funmoods\1.5.23.22\FavIcon.ico
c: \program files\IMinent Toolbar\tbHElper.dll
c: \program files\Incredibar.com
c: \program files\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll
c: \program files\Incredibar.com\incredibar\1.5.11.14\incredibarApp.dll
c: \program files\Incredibar.com\incredibar\1.5.11.14\incredibarEng.dll
c: \program files\Incredibar.com\incredibar\1.5.11.14\incredibarsrv.exe
c: \program files\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll
c: \program files\Incredibar.com\incredibar\1.5.11.14\uninstall.exe
c: \program files\RelevantKnowledge
c: \program files\RelevantKnowledge\ncncf.dat
c: \program files\RelevantKnowledge\nscf.dat
c: \program files\RelevantKnowledge\rlls64.dll
c: \program files\RelevantKnowledge\rloci.bin
c: \program files\RelevantKnowledge\rlvknlg64.exe
c: \program files\smartdl
c: \program files\smartdl\gunzip.exe
c: \program files\smartdl\status-o
c: \program files\smartdl\status
c: \program files\smartdl\TorrentSearch.exe
c: \program files\SSearch
c: \program files\SSearch\search.ico
c: \program files\SSearch\sqlite3.exe
c: \program files\TSearch
c: \program files\TSearch\client.py
c: \program files\TSearch\easydownload.exe
c: \program files\TSearch\libtorrent.pyd
c: \program files\TSearch\python25.dll
c: \program files\TSearch\results
c: \program files\Your Product\Uninstall
c: \program files\Your Product\Uninstall\IRIMG1.JPG
c: \program files\Your Product\Uninstall\IRIMG2.JPG
c: \program files\Your Product\Uninstall\uninstall.dat
c: \program files\Your Product\Uninstall\uninstall.xml
c: \programdata\DownloadnSave
c: \programdata\DownloadnSave\background.html
c: \programdata\DownloadnSave\content.js
c: \programdata\DownloadnSave\ocgfhngeplicpinapgghfhedfonedfgn.crx
c: \programdata\DownloadnSave\settings.ini
c: \programdata\Microsoft\Windows\Start Menu\Programs\DownloadnSave
c: \programdata\Microsoft\Windows\Start Menu\Programs\DownloadnSave\DownloadnSave.lnk
c: \programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge
c: \programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\About RelevantKnowledge.lnk
c: \programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Member of GRID - Goodware Repository Information Database.lnk
c: \programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Privacy Policy and User License Agreement.lnk
c: \programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Support.lnk
c: \users\Arek\AppData\Local\Skymonk2\skymonk2.exe -tray
c: \users\Darek\AppData\Local\TempDIR
c: \windows\PFRO.log
c: \windows\system32\DreamScene.dll.10876
c: \windows\system32\SETC1EA.tmp
.
.
((((((((((((((((((((((((((((((((((((((( Sterowniki/Usługi )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NEWDRIVER
-------\Service_NEWDRIVER
.
.
((((((((((((((((((((((((( Pliki utworzone od 2012-11-04 do 2012-12-04 )))))))))))))))))))))))))))))))
.
.
2012-12-04 16: 36 . 2012-12-04 16: 36 -------- d-----w- c: \users\UpdatusUser\AppData\Local\temp
2012-12-04 16: 36 . 2012-12-04 16: 36 -------- d-----w- c: \users\Default\AppData\Local\temp
2012-12-04 15: 56 . 2012-12-04 15: 56 -------- d-----w- c: \program files\VS Revo Group
2012-12-04 14: 55 . 2012-12-04 16: 39 56200 ----a-w- c: \programdata\Microsoft\Windows Defender\Definition Updates\{E9021E2E-A16A-43E3-95D6-9900774FA561}\offreg.dll
2012-12-04 14: 35 . 2012-12-04 14: 35 -------- d-----w- c: \program files\LS-USBMX
2012-12-04 14: 35 . 2005-09-07 14: 35 335872 ----a-w- c: \windows\Property.exe
2012-12-04 14: 35 . 2005-08-29 11: 58 291840 ----a-w- c: \windows\FCVAP64.dll
2012-12-04 14: 35 . 2005-08-27 21: 19 145408 ----a-w- c: \windows\setreg.exe
2012-12-04 14: 35 . 2005-08-27 15: 34 155712 ----a-w- c: \windows\GetWinVer.exe
2012-12-04 14: 35 . 2005-08-16 16: 04 86016 ----a-w- c: \windows\EZFRD64.dll
2012-12-04 14: 34 . 2008-04-21 13: 06 75776 ----a-w- c: \windows\system32\USBMAX.cpl
2012-12-04 14: 34 . 2008-05-19 14: 15 41336 ----a-w- c: \windows\system32\drivers\Hid3331.sys
2012-12-04 14: 34 . 2012-12-04 14: 34 -------- d-----w- c: \windows\USB Vibration
2012-12-04 14: 33 . 2012-12-04 14: 33 270468 ----a-w- c: \program files\Common Files\InstallShield\Professional\RunTime\0700\Intel32\Setup.dll
2012-12-04 14: 33 . 2012-12-04 14: 33 159876 ----a-w- c: \program files\Common Files\InstallShield\Professional\RunTime\0700\Intel32\IGdi.dll
2012-12-04 14: 33 . 2002-08-05 09: 46 57344 ----a-w- c: \program files\Common Files\InstallShield\Professional\RunTime\0700\Intel32\ctor.dll
2012-12-04 14: 33 . 2002-08-02 02: 10 5632 ----a-w- c: \program files\Common Files\InstallShield\Professional\RunTime\0700\Intel32\DotNetInstaller.exe
2012-12-04 14: 33 . 2002-08-02 01: 20 634880 ----a-w- c: \program files\Common Files\InstallShield\Professional\RunTime\0700\Intel32\iKernel.dll
2012-12-04 14: 33 . 2002-08-02 01: 20 237568 ----a-w- c: \program files\Common Files\InstallShield\Professional\RunTime\0700\Intel32\iscript.dll
2012-12-04 14: 33 . 2002-08-02 01: 20 151552 ----a-w- c: \program files\Common Files\InstallShield\Professional\RunTime\0700\Intel32\iuser.dll
2012-12-04 14: 33 . 2012-12-04 14: 33 -------- d-----w- c: \program files\USB Vibration
2012-12-04 13: 39 . 2012-12-04 13: 41 -------- d-----w- c: \program files\Euro Truck Simulator 2
2012-12-04 12: 56 . 2012-12-04 12: 56 -------- d-----w- c: \users\Natalia\AppData\Roaming\TuneUp Software
2012-12-03 19: 54 . 2012-10-15 12: 57 31584 ----a-w- c: \windows\system32\TURegOpt.exe
2012-12-03 19: 54 . 2012-10-15 12: 57 21344 ----a-w- c: \windows\system32\authuitu.dll
2012-12-03 19: 52 . 2012-12-03 19: 52 -------- d-----w- c: \users\Arek\AppData\Roaming\TuneUp Software
2012-12-03 19: 50 . 2012-12-03 19: 54 -------- d-----w- c: \program files\TuneUp Utilities 2013
2012-12-03 19: 45 . 2012-12-03 19: 52 -------- d-----w- c: \programdata\TuneUp Software
2012-12-03 19: 44 . 2012-12-03 21: 19 -------- d-sh--w- c: \programdata\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2012-12-03 06: 23 . 2012-12-03 06: 23 -------- d-----w- c: \windows\E10DB5DAE57640EAA7FC1CB2A7B283A6.TMP
2012-12-03 06: 22 . 2010-01-12 04: 03 68200 ----a-w- c: \windows\system32\OpenCL.dll
2012-12-03 06: 22 . 2010-01-12 04: 03 4338792 ----a-w- c: \windows\system32\nvencodemft.dll
2012-12-03 06: 22 . 2010-01-12 04: 03 318568 ----a-w- c: \windows\system32\nvdecodemft.dll
2012-12-03 06: 22 . 2010-01-12 04: 03 14924392 ----a-w- c: \windows\system32\nvoglv32.dll
2012-12-03 06: 22 . 2010-01-12 04: 03 11586280 ----a-w- c: \windows\system32\drivers\nvlddmkm.sys
2012-12-03 06: 22 . 2010-01-12 04: 03 4077672 ----a-w- c: \windows\system32\nvcuvenc.dll
2012-12-03 06: 22 . 2010-01-12 04: 03 4061800 ----a-w- c: \windows\system32\nvcuda.dll
2012-12-03 06: 22 . 2010-01-12 04: 03 2243176 ----a-w- c: \windows\system32\nvcuvid.dll
2012-12-03 06: 22 . 2010-01-12 04: 03 182888 ----a-w- c: \windows\system32\nvcod189.dll
2012-12-03 06: 22 . 2010-01-12 04: 03 182888 ----a-w- c: \windows\system32\nvcod.dll
2012-12-03 06: 22 . 2010-01-12 04: 03 11639400 ----a-w- c: \windows\system32\nvcompiler.dll
2012-12-02 20: 11 . 2012-12-04 13: 03 -------- d-----w- c: \users\Natalia\AppData\Local\CrashDumps
2012-12-02 19: 48 . 2012-12-02 19: 48 -------- d-----w- c: \program files\Yahoo!
2012-12-02 18: 10 . 2012-12-02 18: 10 -------- d-----w- c: \users\Arek\AppData\Local\CircleDock
2012-12-02 18: 10 . 2012-12-02 18: 10 -------- d-----w- c: \program files\Circle Dock
2012-12-02 18: 10 . 2012-12-02 18: 10 -------- d-----w- C: \Circle Dock AddIns
2012-12-02 17: 52 . 2012-12-02 17: 53 -------- d-----w- c: \users\Arek\AppData\Local\Torch
2012-12-02 17: 52 . 2012-12-02 17: 52 -------- d-----w- c: \users\Arek\AppData\Roaming\Free3GPConverter
2012-12-02 17: 49 . 2012-12-02 17: 49 -------- d-----w- c: \programdata\boost_interprocess
2012-12-02 17: 49 . 2012-12-02 17: 50 -------- d-----w- c: \program files\Searchqu Toolbar
2012-12-02 17: 48 . 2012-12-02 17: 52 -------- d-----w- c: \program files\Free 3GP Converter
2012-12-02 16: 09 . 2012-12-02 16: 09 -------- d-----w- c: \program files\ConvertHelper
2012-12-02 15: 40 . 2012-12-02 15: 40 -------- d-----w- c: \users\Arek\dwhelper
2012-12-02 10: 23 . 2012-12-04 12: 51 -------- d-----w- C: \Inne#1
2012-12-01 18: 15 . 2012-12-01 18: 15 -------- d-----w- c: \programdata\Ask
2012-12-01 18: 14 . 2012-12-01 18: 14 -------- d-----w- c: \program files\FreeTime
2012-12-01 17: 32 . 2012-12-01 17: 32 -------- d-----w- c: \windows\pl
2012-12-01 17: 30 . 2012-12-01 17: 30 -------- d-----w- c: \program files\Microsoft SQL Server Compact Edition
2012-12-01 17: 28 . 2012-12-01 17: 28 -------- d-----w- c: \windows\PCHEALTH
2012-12-01 17: 26 . 2012-12-01 17: 30 -------- d-----w- c: \program files\Windows Live
2012-12-01 17: 19 . 2010-08-11 04: 44 2983424 ----a-w- c: \windows\system32\UIRibbon.dll
2012-12-01 17: 19 . 2010-08-11 04: 35 1164800 ----a-w- c: \windows\system32\UIRibbonRes.dll
2012-12-01 13: 51 . 2012-12-01 18: 44 -------- d-----w- c: \users\Arek\AppData\Local\WMTools Downloaded Files
2012-12-01 13: 50 . 2012-12-01 13: 50 -------- d-----w- c: \program files\Movie Maker 2.6
2012-12-01 13: 42 . 2012-12-01 17: 36 -------- d-----w- c: \users\Arek\AppData\Local\Windows Live
2012-12-01 13: 42 . 2012-12-01 13: 42 -------- d-----w- c: \program files\Common Files\Windows Live
2012-12-01 13: 38 . 2012-12-02 18: 31 -------- d-----w- c: \users\Arek\AppData\Roaming\avidemux
2012-12-01 13: 38 . 2012-12-02 18: 31 -------- d-----w- c: \program files\Avidemux 2.6
2012-12-01 13: 29 . 2012-12-01 13: 29 -------- d-----w- c: \program files\GoldWave
2012-12-01 13: 12 . 2012-12-01 18: 06 -------- d-----w- c: \users\Arek\AppData\Roaming\Audacity
2012-12-01 13: 12 . 2012-12-01 13: 12 -------- d-----w- c: \program files\Audacity
2012-12-01 10: 59 . 2012-12-01 10: 59 -------- d-----w- c: \users\Arek\AppData\Roaming\WinAVI
2012-12-01 10: 59 . 2012-12-01 10: 59 -------- d-----w- c: \users\Arek\AppData\Local\WinAVI
2012-12-01 10: 58 . 2012-12-01 10: 58 -------- d-----w- c: \program files\WinAVI
2012-12-01 10: 46 . 2012-12-01 11: 19 -------- d-----w- c: \program files\MSI Afterburner
2012-12-01 10: 46 . 2012-12-01 10: 46 -------- d-----w- c: \program files\MSI Kombustor 2.4
2012-11-30 15: 14 . 2012-11-30 15: 14 -------- d-----w- c: \users\Darek\AppData\Local\Programs
2012-11-29 16: 08 . 2012-11-29 16: 08 -------- d-----w- c: \program files\Common Files\Skype
2012-11-27 19: 29 . 2012-11-27 19: 38 -------- d-----w- c: \users\Darek\AppData\Local\Smartbar
2012-11-27 19: 27 . 2012-11-27 19: 33 233888 ----a-w- c: \windows\system32\DreamScene.dll
2012-11-27 14: 07 . 2012-11-27 14: 07 -------- d-----w- c: \program files\RocketDock
2012-11-26 15: 08 . 2012-11-26 15: 08 -------- d-----w- c: \users\Natalia\AppData\Local\Paint.NET
2012-11-24 13: 17 . 2012-11-24 13: 17 -------- d-----w- c: \users\Arek\AppData\Roaming\Theta
2012-11-24 13: 12 . 2012-11-24 13: 12 -------- d-----w- c: \users\Arek\AppData\Roaming\Ubisoft
2012-11-24 12: 59 . 2012-11-24 12: 59 -------- d-----w- c: \users\Arek\AppData\Roaming\Assassin's Creed III
2012-11-24 12: 57 . 2012-11-24 12: 57 -------- d-----w- c: \program files\Ubisoft
2012-11-24 10: 41 . 2012-11-24 12: 40 -------- d-----w- c: \program files\R.G. Mechanics
2012-11-23 18: 05 . 2012-11-23 19: 39 -------- d-----w- c: \users\Arek\AppData\Roaming\Azureus
2012-11-20 05: 56 . 2012-11-20 05: 56 -------- d-----w- c: \program files\LogMeIn Hamachi
2012-11-16 16: 46 . 2012-11-16 16: 46 -------- d-----w- c: \program files\Origin Games
2012-11-13 15: 13 . 2012-05-15 10: 26 883008 ----a-w- c: \windows\system32\nvgenco32.dll
2012-11-13 15: 13 . 2012-05-15 10: 26 1000768 ----a-w- c: \windows\system32\nvdispco32.dll
2012-11-12 21: 47 . 2012-11-12 21: 47 -------- d-----w- c: \users\Darek\AppData\Local\Chromium
2012-11-12 17: 25 . 1999-04-23 21: 22 151552 ----a-w- c: \windows\system32\MSOSS.DLL
2012-11-12 17: 24 . 2000-10-05 14: 55 221184 ------w- c: \program files\Common Files\InstallShield\IScript\IScript.dll
2012-11-12 17: 24 . 2000-10-05 14: 50 221184 ------w- c: \program files\Common Files\InstallShield\engine\6\Intel 32\iuser.dll
2012-11-12 17: 24 . 2000-10-05 14: 49 32768 ------w- c: \program files\Common Files\InstallShield\engine\6\Intel 32\objectps.dll
2012-11-12 17: 24 . 2000-10-05 14: 55 77824 ----a-w- c: \program files\Common Files\InstallShield\engine\6\Intel 32\ctor.dll
2012-11-12 17: 21 . 2004-11-08 11: 55 602244 ----a-w- c: \program files\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe
2012-11-12 03: 09 . 2012-10-17 00: 32 6918632 ----a-w- c: \programdata\Microsoft\Windows Defender\Definition Updates\{E9021E2E-A16A-43E3-95D6-9900774FA561}\mpengine.dll
2012-11-11 18: 37 . 2012-11-12 17: 23 -------- d-----w- c: \program files\Codemasters
2012-11-11 18: 36 . 2000-01-04 05: 39 212992 ----a-w- c: \program files\Common Files\InstallShield\engine\6\Intel 32\ILog.dll
2012-11-11 11: 19 . 2010-06-02 03: 55 239960 ----a-w- c: \windows\system32\xactengine3_7.dll
2012-11-11 11: 19 . 2010-05-26 10: 41 1868128 ----a-w- c: \windows\system32\d3dcsx_43.dll
2012-11-11 11: 19 . 2010-05-26 10: 41 470880 ----a-w- c: \windows\system32\d3dx10_43.dll
2012-11-11 11: 19 . 2010-05-26 10: 41 248672 ----a-w- c: \windows\system32\d3dx11_43.dll
2012-11-11 11: 17 . 2012-11-11 11: 17 -------- d-----w- c: \program files\Gameforge
2012-11-11 11: 01 . 2012-11-11 11: 07 -------- d-----w- c: \users\Darek\AppData\Roaming\GetRightToGo
2012-11-10 21: 33 . 2012-11-11 13: 29 -------- d-----w- c: \program files\Farming Simulator 2013
2012-11-09 21: 37 . 2012-11-09 21: 37 -------- d-----w- c: \users\Arek\.swt
2012-11-05 15: 04 . 2012-11-05 15: 04 -------- d-----w- c: \users\Arek\.thumbnails
2012-11-05 14: 36 . 2012-11-05 16: 17 -------- d-----w- c: \users\Arek\.gimp-2.8
2012-11-04 17: 45 . 2010-06-02 03: 55 74072 ----a-w- c: \windows\system32\XAPOFX1_5.dll
2012-11-04 17: 45 . 2010-06-02 03: 55 527192 ----a-w- c: \windows\system32\XAudio2_7.dll
2012-11-04 17: 44 . 2010-05-26 10: 41 2106216 ----a-w- c: \windows\system32\D3DCompiler_43.dll
2012-11-04 17: 44 . 2010-05-26 10: 41 1998168 ----a-w- c: \windows\system32\D3DX9_43.dll
2012-11-04 17: 42 . 2012-11-04 17: 42 -------- d-----w- c: \users\Arek\AppData\Local\Programs
.
.
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-04 15: 01 . 2012-07-06 12: 31 48648 ----a-w- c: \programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2012-12-01 17: 26 . 2011-03-28 17: 36 19696 ----a-w- c: \programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-11-08 13: 35 . 2012-09-04 13: 03 26984 ----a-w- c: \windows\system32\drivers\avgtpx86.sys
2012-10-27 09: 47 . 2012-10-27 09: 47 242240 ----a-w- c: \windows\system32\drivers\dtsoftbus01.sys
2012-10-27 09: 44 . 2012-10-27 09: 44 473656 ----a-w- c: \windows\system32\drivers\sptd.sys
2012-10-23 13: 07 . 2012-06-08 16: 08 48648 ----a-w- c: \programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2012-10-23 13: 07 . 2012-06-08 16: 08 686416 ----a-w- c: \programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-10-08 19: 12 . 2012-04-06 10: 56 73656 ----a-w- c: \windows\system32\FlashPlayerCPLApp.cpl
2012-10-08 19: 12 . 2012-04-06 10: 56 696760 ----a-w- c: \windows\system32\FlashPlayerApp.exe
2012-10-08 15: 43 . 2012-10-08 15: 43 728858 ----a-w- c: \windows\system32\unins000.exe
2012-10-07 09: 36 . 2012-10-07 09: 37 93672 ----a-w- c: \windows\system32\WindowsAccessBridge.dll
2012-10-07 09: 36 . 2012-10-07 09: 37 821736 ----a-w- c: \windows\system32\npDeployJava1.dll
2012-10-07 09: 36 . 2012-04-07 04: 36 746984 ----a-w- c: \windows\system32\deployJava1.dll
2012-09-28 15: 45 . 2012-09-28 15: 45 246272 ----a-w- c: \windows\system32\rtvcvfw64.dll
2012-09-28 15: 45 . 2012-09-28 15: 45 247296 ----a-w- c: \windows\system32\rtvcvfw32.dll
2012-09-27 18: 07 . 2012-10-10 09: 36 99192 ----a-w- c: \windows\system32\drivers\idmwfp.sys
2012-09-16 10: 19 . 2012-09-16 10: 19 151040 ----a-w- c: \windows\system32\SevenZipSharp.dll_new
2012-09-16 10: 19 . 2012-09-16 10: 19 209920 ----a-w- c: \windows\system32\XPTable.dll_new
2012-09-16 10: 19 . 2012-09-16 10: 19 883712 ----a-w- c: \windows\system32\YgoowCore.dll_new
2012-09-16 10: 19 . 2012-09-16 10: 19 2006528 ----a-w- c: \windows\system32\Ygoow.exe_new
2012-10-27 20: 41 . 2012-10-27 20: 41 261600 ----a-w- c: \program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2010-11-20 . F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 . 811520 . . [6.1.7601.17514] . . c: \windows\SoftwareDistribution\Download\4a7f49b3f65af6828820068e5dd598c8\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
[-] 2009-07-14 . 8626F0C30D4E3564FFDD25C90F4426F1 . 811520 . . [6.1.7600.16385] . . c: \windows\System32\user32.dll
[7] 2009-07-14 . 34B7E222E81FAFA885F0C5F2CFA56861 . 811520 . . [6.1.7600.16385] . . c: \windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c: \program files\Ask.com\GenericAskToolbar.dll" [2012-08-08 1527496]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3ec1a45c-8bc3-4bfe-b226-4051c5d3d068}]
2012-10-17 17: 54 89288 ----a-w- c: \progra~1\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{58124A0B-DC32-4180-9BFF-E0E21AE34026}]
2010-07-02 07: 54 2607872 ----a-w- c: \program files\IMinent Toolbar\tbcore3.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{687578b9-7132-4a7a-80e4-30ee31099e03}]
2011-05-09 09: 49 176936 ----a-w- c: \program files\uTorrentControl2\prxtbuTo0.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
2011-05-09 09: 49 176936 ----a-w- c: \program files\DVDVideoSoftTB\prxtbDVDV.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-11-08 13: 35 1796552 ----a-w- c: \program files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{c2db4fe6-8409-45ce-8010-189a7b5cce86}]
2011-05-09 08: 49 176936 ----a-w- c: \program files\NCH\prxtbNCH.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2012-08-08 17: 15 1527496 ----a-w- c: \program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{687578b9-7132-4a7a-80e4-30ee31099e03}"= "c: \program files\uTorrentControl2\prxtbuTo0.dll" [2011-05-09 176936]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c: \program files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll" [2012-11-08 1796552]
"{c2db4fe6-8409-45ce-8010-189a7b5cce86}"= "c: \program files\NCH\prxtbNCH.dll" [2011-05-09 176936]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c: \program files\Ask.com\GenericAskToolbar.dll" [2012-08-08 1527496]
"{977AE9CC-AF83-45E8-9E03-E2798216E2D5}"= "c: \program files\IMinent Toolbar\tbcore3.dll" [2010-07-02 2607872]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c: \program files\DVDVideoSoftTB\prxtbDVDV.dll" [2011-05-09 176936]
"{3ec1a45c-8bc3-4bfe-b226-4051c5d3d068}"= "c: \progra~1\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll" [2012-10-17 89288]
.
[HKEY_CLASSES_ROOT\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CLASSES_ROOT\clsid\{c2db4fe6-8409-45ce-8010-189a7b5cce86}]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CLASSES_ROOT\clsid\{977ae9cc-af83-45e8-9e03-e2798216e2d5}]
[HKEY_CLASSES_ROOT\TBSB01620.TBSB01620.3]
[HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}]
[HKEY_CLASSES_ROOT\TBSB01620.TBSB01620]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_CLASSES_ROOT\clsid\{3ec1a45c-8bc3-4bfe-b226-4051c5d3d068}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay1]
@="{E68D0A50-3C40-4712-B90D-DCFA93FF2534}"
[HKEY_CLASSES_ROOT\CLSID\{E68D0A50-3C40-4712-B90D-DCFA93FF2534}]
2012-06-05 09: 41 1232896 ----a-w- c: \programdata\GG\ggdrive\ggdrive-overlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay2]
@="{E68D0A51-3C40-4712-B90D-DCFA93FF2534}"
[HKEY_CLASSES_ROOT\CLSID\{E68D0A51-3C40-4712-B90D-DCFA93FF2534}]
2012-06-05 09: 41 1232896 ----a-w- c: \programdata\GG\ggdrive\ggdrive-overlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay3]
@="{E68D0A52-3C40-4712-B90D-DCFA93FF2534}"
[HKEY_CLASSES_ROOT\CLSID\{E68D0A52-3C40-4712-B90D-DCFA93FF2534}]
2012-06-05 09: 41 1232896 ----a-w- c: \programdata\GG\ggdrive\ggdrive-overlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay4]
@="{E68D0A53-3C40-4712-B90D-DCFA93FF2534}"
[HKEY_CLASSES_ROOT\CLSID\{E68D0A53-3C40-4712-B90D-DCFA93FF2534}]
2012-06-05 09: 41 1232896 ----a-w- c: \programdata\GG\ggdrive\ggdrive-overlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2012-02-08 00: 49 22376 ----a-w- d: \program files\IDMShellExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Optimizer Pro"="c: \program files\Optimizer Pro\OptProLauncher.exe" [2012-01-02 81912]
"TBPanel"="c: \program files\Vtune\TBPanel.exe" [2009-04-03 2158592]
"ares"="d: \program files\Ares\Ares.exe" [2012-02-02 3209216]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c: \program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"ChomikBox"="d: \program files\ChomikBox\chomikbox.exe" [2012-11-16 5979648]
"HTC Home Widget"="c: \htc home\HTCHome.exe" [2010-09-16 335360]
"uTorrent"="d: \program files\uTorrent\uTorrent.exe" [2012-09-17 898448]
"Skymonk2"="c: \users\Arek\AppData\Local\Skymonk2\skymonk2.exe" [2012-12-04 445584]
"EADM"="c: \program files\Origin\Origin.exe" [2012-11-30 3492504]
"DAEMON Tools Lite"="c: \program files\DAEMON Tools Lite\DTLite.exe" [2012-08-28 3671904]
"Pando Media Booster"="c: \program files\Pando Networks\Media Booster\PMB.exe" [2012-11-09 3093624]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"vProt"="c: \program files\AVG Secure Search\vprot.exe" [2012-11-08 997320]
"HF_G_Jul"="c: \program files\AVG Secure Search\HF_G_Jul.exe" [2012-07-18 36960]
"SSDMonitor"="c: \program files\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2012-03-21 103896]
"ApnUpdater"="c: \program files\Ask.com\Updater\Updater.exe" [2012-08-08 1644744]
"ROC_ROC_JULY_P1"="c: \program files\AVG Secure Search\ROC_ROC_JULY_P1.exe" [2012-09-04 1022048]
"Iminent"="c: \program files\Iminent\Iminent.exe" [2012-08-24 1073784]
"IminentMessenger"="c: \program files\Iminent\Iminent.Messengers.exe" [2012-08-24 884856]
"SweetIM"="c: \program files\SweetIM\Messenger\SweetIM.exe" [2012-05-29 115032]
"Sweetpacks Communicator"="c: \program files\SweetIM\Communicator\SweetPacksUpdateManager.exe" [2012-08-15 231768]
"egui"="d: \program files\ESET\ESET NOD32 Antivirus\egui.exe" [2012-03-07 3117344]
"4StoryPrePatch"="d: \program files\Gameforge4D\4Story_PL\PrePatch.exe" [2012-05-14 327680]
"LogMeIn Hamachi Ui"="c: \program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-11-19 2254768]
.
c: \users\Natalia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c: \program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux4"=wdmaud.drv
.
[HKLM\~\startupfolder\C: ^Users^Darek^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^IMVU.lnk]
path=c: \users\Darek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk
backup=c: \windows\pss\IMVU.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C: ^Users^Darek^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk]
path=c: \users\Darek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
backup=c: \windows\pss\OpenOffice.org 3.3.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-02 08: 07 843712 ----a-r- c: \program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]
2012-02-02 15: 55 3209216 ----a-w- d: \program files\Ares\Ares.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-06-27 17: 03 152872 ----a-w- c: \program files\Common Files\Ahead\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ChomikBox]
2012-11-16 12: 59 5979648 ----a-w- d: \program files\ChomikBox\chomikbox.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2012-08-28 13: 52 3671904 ----a-w- c: \program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu 10]
2011-07-04 17: 45 13374048 ----a-w- d: \program files\Gadu-Gadu 10\gg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-01 13: 57 153136 ----a-w- c: \program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2012-11-09 10: 27 17877168 ----a-r- c: \program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sweetpacks Communicator]
2012-08-15 17: 08 231768 ----a-w- c: \program files\SweetIM\Communicator\SweetPacksUpdateManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2012-09-17 12: 09 898448 ----a-w- d: \program files\uTorrent\uTorrent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2012-06-28 15: 40 74752 ----a-w- d: \program files\Winamp\winampa.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c: \program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
.
R2 SkypeUpdate;Skype Updater;c: \program files\Skype\Updater\Updater.exe [x]
R3 EagleXNt;EagleXNt;c: \windows\system32\drivers\EagleXNt.sys [x]
R3 FlashUSB;FlashUSB;c: \windows\system32\DRIVERS\FlashUSB.sys [x]
R3 h643331;h643331;c: \windows\system32\drivers\h643331.sys [x]
R3 hid3331;hid3331;c: \windows\system32\drivers\hid3331.sys [x]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c: \windows\system32\Drivers\IvtBtBus.sys [x]
R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;c: \windows\system32\Wat\WatAdminSvc.exe [x]
S0 BtHidBus;Bluetooth HID Bus Service;c: \windows\System32\Drivers\BtHidBus.sys [x]
S0 sptd;sptd;c: \windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 avgtp;avgtp;c: \windows\system32\drivers\avgtpx86.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c: \windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 eamonm;eamonm;c: \windows\system32\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c: \windows\system32\DRIVERS\ehdrv.sys [x]
S2 Application Updater;Application Updater;c: \program files\Application Updater\ApplicationUpdater.exe [x]
S2 ekrn;ESET Service;d: \program files\ESET\ESET NOD32 Antivirus\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c: \windows\system32\DRIVERS\epfwwfpr.sys [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c: \program files\LogMeIn Hamachi\hamachi-2.exe [x]
S2 IDMWFP;IDMWFP;c: \windows\system32\DRIVERS\idmwfp.sys [x]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c: \program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [x]
S2 Skype C2C Service;Skype C2C Service;c: \programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c: \program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c: \program files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [x]
S2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c: \program files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [x]
S3 rt61x86;Ralink RT61 Wireless Driver for Windows Vista;c: \windows\system32\DRIVERS\netr61.sys [x]
S3 RTL8167;Sterownik Realtek 8167 NT Driver;c: \windows\system32\DRIVERS\Rt86win7.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c: \program files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [x]
.
.
Zawartość folderu 'Zaplanowane zadania'
.
2012-12-04 c: \windows\Tasks\Adobe Flash Player Updater.job
- c: \windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-06 19: 12]
.
2012-12-04 c: \windows\Tasks\GoogleUpdateTaskMachineCore.job
- c: \program files\Google\Update\GoogleUpdate.exe [2012-04-19 15: 01]
.
2012-12-04 c: \windows\Tasks\GoogleUpdateTaskMachineUA.job
- c: \program files\Google\Update\GoogleUpdate.exe [2012-04-19 15: 01]
.
2012-12-04 c: \windows\Tasks\RMAutoUpdate.job
- c: \program files\PC Tools Registry Mechanic\SULauncher.exe [2012-08-18 10: 23]
.
2012-12-03 c: \windows\Tasks\RMSchedule.job
- c: \program files\PC Tools Registry Mechanic\RegMech.exe [2012-08-18 10: 22]
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp: //www.ask.com/?l=dis&o=15183
mStart Page = hxxp: //www.v9.com/?utm_source=b&utm_medium=fft-1&from=fft-1&uid=SAMSUNG_HD503HI_S23CJ9FZ600122&ts=1354385725
uSearchAssistant = hxxp: //feed.helperbar.com/?publisher=OC&dpid=OC&co=PL&userid=5bdea846-ce2b-4718-b3c1-d01d628c7d96&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms}
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c: \program files\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll
FF - ProfilePath - c: \users\Arek\AppData\Roaming\Mozilla\Firefox\Profiles\q9hu3o9b.default\
FF - prefs.js: browser.search.selectedEngine - v9
FF - prefs.js: browser.startup.homepage - hxxp: //www.v9.com/?utm_source=b&utm_medium=fft-1&from=fft-1&uid=SAMSUNG_HD503HI_S23CJ9FZ600122&ts=1354385725
FF - prefs.js: keyword.URL - hxxp: //dts.search-results.com/sr?src=ffb&gct=ds&appid=0&systemid=416&apn_dtid=BND416&apn_ptnrs=AGA&apn_uid=2858350555244914&o=APN10649&q=
FF - ExtSQL: 2012-11-06 19: 21; {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}; c: \users\Arek\AppData\Roaming\Mozilla\Firefox\Profiles\q9hu3o9b.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
FF - ExtSQL: 2012-11-11 15: 55; webmaster@keep-tube.com; c: \users\Arek\AppData\Roaming\Mozilla\Firefox\Profiles\q9hu3o9b.default\extensions\webmaster@keep-tube.com.xpi
FF - ExtSQL: 2012-12-02 16: 38; {b9db16a4-6edc-47ec-a1f4-b86292ed211d}; c: \users\Arek\AppData\Roaming\Mozilla\Firefox\Profiles\q9hu3o9b.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - ExtSQL: 2012-12-02 18: 50; {3ec1a45c-8bc3-4bfe-b226-4051c5d3d068}; c: \users\Arek\AppData\Roaming\Mozilla\Firefox\Profiles\q9hu3o9b.default\extensions\{3ec1a45c-8bc3-4bfe-b226-4051c5d3d068}
FF - ExtSQL: !HIDDEN! 2012-12-02 18: 50; {1FD91A9C-410C-4090-BBCC-55D3450EF433}; c: \program files\Searchqu Toolbar\Datamngr\FirefoxExtension
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
BHO-{EEE6C35C-6118-11DC-9C72-001320C79847} - (no file)
Toolbar-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
Toolbar-10 - (no file)
MSConfigStartUp-4StoryPrePatch - c: \program files\Gameforge4D\4Story_PL\PrePatch.exe
MSConfigStartUp-EA Core - c: \program files\Electronic Arts\EADM\Core.exe
MSConfigStartUp-IPLA! - c: \program files\ipla\ipla.exe
MSConfigStartUp-LightScribe Control Panel - c: \program files\Common Files\LightScribe\LightScribeControlPanel.exe
MSConfigStartUp-SunJavaUpdateSched - c: \program files\Java\jre6\bin\jusched.exe
AddRemove-DealPly - c: \program files\DealPly\uninst.exe
AddRemove-incredibar - c: \program files\Incredibar.com\incredibar\1.5.11.14\uninstall.exe
AddRemove-ExpressFiles - c: \program files\ExpressFiles\uninstall.exe
AddRemove-Winamp Detect - d: \program files\Winamp Detect\UninstWaDetect.exe
.
.
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_USERS\S-1-5-21-782869360-2725772867-3391253172-1001\Software\SecuROM\License information*]
"datasecu"=hex: 5f,7e,9e,95,de,32,f3,31,f8,12,e4,f0,bd,f6,c3,66,b9,1c,62,78,38,
59,26,7e,9c,90,2a,8c,b6,09,31,5b,d4,77,8b,57,fa,51,d0,23,46,ce,76,c6,39,02,\
"rkeysecu"=hex: 85,37,af,4a,63,8d,1b,fb,af,c6,58,ce,da,a1,f9,9a
.
[HKEY_USERS\S-1-5-21-782869360-2725772867-3391253172-1001\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QImageIOHandlerFactoryInterface: \d: \B*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\imageformats]
"qgif4.dll"=multi: "2011-10-10T16: 42\00gif\00\00"
"qico4.dll"=multi: "2011-10-10T16: 42\00ico\00\00"
"qjpeg4.dll"=multi: "2011-10-10T16: 42\00jpeg\00jpg\00\00"
.
[HKEY_USERS\S-1-5-21-782869360-2725772867-3391253172-1001\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QTextCodecFactoryInterface: \d: \B*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\codecs]
"qcncodecs4.dll"=multi: "2011-10-10T16: 42\00GB18030\00GBK\00GB2312\00CP936\00MS936\00windows-936\00MIB: 114\00MIB: 113\00MIB: 2025\00\00"
"qkrcodecs4.dll"=multi: "2011-10-10T16: 42\00EUC-KR\00cp949\00MIB: 38\00MIB: -949\00\00"
"qtwcodecs4.dll"=multi: "2011-10-10T16: 42\00Big5\00Big5-HKSCS\00Big5-ETen\00CP950\00MIB: 2026\00MIB: 2101\00\00"
.
[HKEY_USERS\S-1-5-21-782869360-2725772867-3391253172-1001\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.7.false\d: \b*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\codecs]
"qcncodecs4.dll"=multi: "40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T16: 42\00\00"
"qjpcodecs4.dll"=multi: "40602\000\00Windows msvc release full-config\002011-10-10T16: 42\00\00"
"qjpcodecsd4.dll"=multi: "40703\001\00Windows msvc debug full-config QT_NO_DRAGANDDROP\002011-10-10T16: 42\00\00"
"qkrcodecs4.dll"=multi: "40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T16: 42\00\00"
"qtwcodecs4.dll"=multi: "40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T16: 42\00\00"
.
[HKEY_USERS\S-1-5-21-782869360-2725772867-3391253172-1001\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.7.false\d: \b*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\imageformats]
"Microsoft.VC80.CRT.manifest"=multi: "0\001\00unknown\002011-10-10T16: 42\00\00"
"msvcr80.dll"=multi: "0\001\00unknown\002011-10-10T16: 42\00\00"
"qgif4.dll"=multi: "40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T16: 42\00\00"
"qico4.dll"=multi: "40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T16: 42\00\00"
"qjpeg4.dll"=multi: "40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T16: 42\00\00"
.
[HKEY_USERS\S-1-5-21-782869360-2725772867-3391253172-1001_Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0): 85,34,af,67,cf,4a,57,0b,3c,bd,83,d9,62,ad,87,e7,22,f9,58,77,25,
25,62,f3,0b,18,20,fd,83,91,45,87,39,64,fa,2a,8d,8a,53,da,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-782869360-2725772867-3391253172-1001_Classes\CLSID\{cbe5a846-f117-4201-92f3-bdbdd894eca7}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword: 00000122
"Therad"=dword: 0000001e
"MData"=hex(0): 2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
38,95,44,75,07,18,dd,fb,11,42,94,27,b7,99,0d,2a,ba,05,1a,a2,02,c9,3e,9b,f9,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------
.
- - - - - - - > 'Explorer.exe'(4856)
c: \program files\Iminent\Iminent.WinCore.dll
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c: \windows\system32\nvvsvc.exe
c: \windows\system32\nvvsvc.exe
c: \windows\system32\PnkBstrA.exe
c: \program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c: \windows\system32\taskhost.exe
c: \program files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
c: \program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c: \program files\ExpressFiles\EFUpdater.exe
c: \windows\system32\conhost.exe
c: \program files\Optimizer Pro\OptProSmartScan.exe
c: \program files\Common Files\Ahead\Lib\NMIndexingService.exe
c: \program files\Windows Media Player\wmpnetwk.exe
c: \windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c: \program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c: \windows\system32\DllHost.exe
c: \windows\system32\sppsvc.exe
c: \users\Arek\AppData\Local\Skymonk2\skymonk2.bin
c: \program files\windows defender\MpCmdRun.exe
.
**************************************************************************
.
Czas ukończenia: 2012-12-04 17: 48: 38 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt 2012-12-04 16: 48
.
Przed: 47 200 309 248 bajtów wolnych
Po: 51 924 570 112 bajtów wolnych
.
- - End Of File - - 0977A2F1DB6095A4B116F0B43E8C3D7C
Prosze o pomoc.
|
Post: #1
