Wróć   polish:Elite:board > komunikacja > bezpieczeństwo i anonimowość > Logi do sprawdzenia
Odpowiedz
 
LinkBack Narzędzia wątku Przeszukaj ten temat Wygląd

  #1 (permalink)  
Stare 06.10.2012, 23:52
Junior Member
 
Zarejestrowany: May 2007
Postów: 8
Postów w giełdzie: 0
Domyślnie adobe32/svchost.exe

Witam


Jak w temacie,takie okienko z błędem mi wyskakuje nie wiem czym to wykasować,komputer przeskanowany kasperskim oraz spy bot.Nie tylko o ten błąd mi się rozchodzi ale także o 'coś' co mi zamula kompa.Wiem ,ze coś jest na rzeczy bo z dnia na dzień komputer sam od siebie nie zwalnia.


Pomocy

Logi z DDS:
DDS
Kod:
.
DDS (Ver_2011-08-26.01) - NTFSAMD64 
Internet Explorer: 8.0.7600.16385  BrowserJavaVersion: 10.7.2
Run by Chuck at 23:45:53 on 2012-10-06
Microsoft Windows 7 Ultimate   6.1.7600.0.1250.48.1045.18.8156.3971 [GMT 2:00]
.
AV: Kaspersky Anti-Virus *Enabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
SP: Kaspersky Anti-Virus *Enabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Vtune\TBPANEL.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\SysWOW64\schtasks.exe
C:\Windows\system32\conhost.exe
C:\ProgramData\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
C:\ProgramData\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\RapidBIT\cidaemon.exe
C:\Program Files\Condusiv Technologies\Diskeeper\DkService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Content Blocker Plugin: {5564cc73-efa7-4cbf-918a-5cf7fbbfff4f} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
BHO: Virtual Keyboard Plugin: {73455575-e40c-433c-9784-c78dc7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: URL Advisor Plugin: {e33cf602-d945-461a-83f0-819f76a199f8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll
TB: {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No File
uRun: [TBPanel] C:\Program Files (x86)\Vtune\TBPanel.exe /A
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [ChomikBox] C:\Program Files (x86)\ChomikBox\ChomikBox.exe
uRun: [AdobeUpdate] wscript "C:\Users\Chuck\AppData\Roaming\Adobe32\invis.vbs" "C:\Users\Chuck\AppData\Roaming\Adobe32\bat.bat"
uRun: [stplpfhevfcucfammws] C:\Users\Chuck\AppData\Roaming\stplpfhevfcucfammws.exe
mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
mRun: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll
TCP: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40
TCP: Interfaces\{861E1238-D433-4CEF-BBF0-1C7F3E5C7DCB} : DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40
TCP: Interfaces\{B1E1D5BE-2D8B-4B88-B6B1-AA1BAE19BD6A} : DhcpNameServer = 192.168.42.129
AppInit_DLLs: c:\progra~3\browse~1\23762~1.17\{16cdf~1\browse~1.dll 
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F}
{73455575-E40C-433C-9784-C78DC7761455}
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{E33CF602-D945-461A-83F0-819F76A199F8}
TB-X64: {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No File
mRun-x64: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
mRun-x64: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
AppInit_DLLs-X64: c:\progra~3\browse~1\23762~1.17\{16cdf~1\browse~1.dll 
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Chuck\AppData\Roaming\Mozilla\Firefox\Profiles\jtnun39g.default\
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?affID=109217&tt=031012_ccp_4012_1&babsrc=KW_ss&mntrId=44f3a87800000000000050e549ca4431&q=
FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)
FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?affID=109217&tt=031012_ccp_4012_1&babsrc=HP_ss&mntrId=44f3a87800000000000050e549ca4431
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
---- FIREFOX POLICIES ----
user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0);FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=44f3a87800000000000050e549ca4431&q=
FF - user.js: extensions.BabylonToolbar.id - 44f3a87800000000000050e549ca4431
FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}
FF - user.js: extensions.BabylonToolbar.instlDay - 15619
FF - user.js: extensions.BabylonToolbar.vrsn - 1.8.0.7
FF - user.js: extensions.BabylonToolbar.vrsni - 1.8.0.7
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.8.0.721:41:41
FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar.tlbrId - base
FF - user.js: extensions.BabylonToolbar.instlRef - sst
FF - user.js: extensions.BabylonToolbar.dfltLng - en
FF - user.js: extensions.BabylonToolbar.excTlbr - false
FF - user.js: extensions.BabylonToolbar.admin - false
.
============= SERVICES / DRIVERS ===============
.
R0 DKDFM;Device Filter Manager Driver;C:\Windows\system32\drivers\DKDFM.sys --> C:\Windows\system32\drivers\DKDFM.sys [?]
R0 DKTLFSMF;Telemetry File System Mini Filter Driver;C:\Windows\system32\drivers\DKTLFSMF.sys --> C:\Windows\system32\drivers\DKTLFSMF.sys [?]
R1 AppleCharger;AppleCharger;C:\Windows\system32\DRIVERS\AppleCharger.sys --> C:\Windows\system32\DRIVERS\AppleCharger.sys [?]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys --> C:\Windows\system32\DRIVERS\klim6.sys [?]
R1 kltdi;kltdi;C:\Windows\system32\DRIVERS\kltdi.sys --> C:\Windows\system32\DRIVERS\kltdi.sys [?]
R1 kneps;kneps;C:\Windows\system32\DRIVERS\kneps.sys --> C:\Windows\system32\DRIVERS\kneps.sys [?]
R2 AVP;Usługa Kaspersky Anti-Virus;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe [2012-8-17 218880]
R2 Browser Manager;Browser Manager;C:\ProgramData\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [2012-10-6 2201112]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2012-4-18 2255464]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-8-3 379496]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-4-18 2655768]
R3 DKRtWrt;DKRtWrt;C:\Windows\system32\DRIVERS\DKRtWrt.sys --> C:\Windows\system32\DRIVERS\DKRtWrt.sys [?]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;C:\Windows\system32\Drivers\EtronHub3.sys --> C:\Windows\system32\Drivers\EtronHub3.sys [?]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;C:\Windows\system32\Drivers\EtronXHCI.sys --> C:\Windows\system32\Drivers\EtronXHCI.sys [?]
R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\Windows\system32\DRIVERS\klkbdflt.sys --> C:\Windows\system32\DRIVERS\klkbdflt.sys [?]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\system32\DRIVERS\klmouflt.sys --> C:\Windows\system32\DRIVERS\klmouflt.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 FlexService;Remote Connections Service;C:\Program Files (x86)\RapidBIT\cisvc.exe [2009-5-17 41984]
S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-9-22 114144]
.
=============== Created Last 30 ================
.
2012-10-06 21:20:20	178688	----a-w-	C:\Windows\SysWow64\unrar.dll
2012-10-06 21:20:17	--------	d-----w-	C:\Program Files (x86)\K-Lite Codec Pack
2012-10-06 20:17:41	--------	d-----w-	C:\Program Files (x86)\TeaTimer (Spybot - Search & Destroy)
2012-10-06 20:17:41	--------	d-----w-	C:\Program Files (x86)\SDHelper (Spybot - Search & Destroy)
2012-10-06 20:17:41	--------	d-----w-	C:\Program Files (x86)\Misc. Support Library (Spybot - Search & Destroy)
2012-10-06 20:17:41	--------	d-----w-	C:\Program Files (x86)\File Scanner Library (Spybot - Search & Destroy)
2012-10-06 20:16:35	--------	d-----w-	C:\ProgramData\Spybot - Search & Destroy
2012-10-06 20:16:34	--------	d-----w-	C:\Program Files (x86)\Spybot - Search & Destroy
2012-10-06 20:10:40	--------	d-----w-	C:\Program Files (x86)\SweetIM
2012-10-06 19:45:21	69000	----a-w-	C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{73BAC8C0-8D11-4E82-AF93-66D50C9E674B}\offreg.dll
2012-10-06 19:45:10	55632	----a-w-	C:\Users\Chuck\AppData\Roaming\stplpfhevfcucfammws.exe
2012-10-06 19:44:37	200500	----a-w-	C:\Users\Chuck\AppData\Roaming\poclbm120327GeForce GTS 450gv1w256l4.bin
2012-10-06 19:42:01	--------	d-----w-	C:\Program Files (x86)\Gophoto.it
2012-10-06 19:41:43	--------	d-----w-	C:\ProgramData\Browser Manager
2012-10-06 19:32:52	--------	d-----w-	C:\Program Files (x86)\TorrentHandler
2012-10-06 19:32:25	--------	d-----w-	C:\Program Files (x86)\1ClickDownload
2012-10-05 06:13:35	--------	d-----w-	C:\Users\Chuck\AppData\Roaming\Condusiv_Technologies
2012-10-05 06:13:35	--------	d-----w-	C:\Users\Chuck\AppData\Local\Condusiv_Technologies
2012-10-04 22:10:41	106832	----a-w-	C:\Windows\System32\drivers\DKTLFSMF.sys
2012-10-04 22:10:40	40752	----a-w-	C:\Windows\System32\drivers\DKDFM.sys
2012-10-04 22:10:38	52048	----a-w-	C:\Windows\System32\drivers\DKRtWrt.sys
2012-10-04 22:10:35	--------	d-----w-	C:\ProgramData\Condusiv Technologies
2012-10-04 22:10:35	--------	d-----w-	C:\Program Files\Common Files\Diskeeper Corporation
2012-10-04 22:06:24	99176	----a-w-	C:\Windows\SysWow64\PresentationHostProxy.dll
2012-10-04 22:06:24	49472	----a-w-	C:\Windows\SysWow64\netfxperf.dll
2012-10-04 22:06:24	48960	----a-w-	C:\Windows\System32\netfxperf.dll
2012-10-04 22:06:24	444752	----a-w-	C:\Windows\System32\mscoree.dll
2012-10-04 22:06:24	320352	----a-w-	C:\Windows\System32\PresentationHost.exe
2012-10-04 22:06:24	297808	----a-w-	C:\Windows\SysWow64\mscoree.dll
2012-10-04 22:06:24	295264	----a-w-	C:\Windows\SysWow64\PresentationHost.exe
2012-10-04 22:06:24	1942856	----a-w-	C:\Windows\System32\dfshim.dll
2012-10-04 22:06:24	1130824	----a-w-	C:\Windows\SysWow64\dfshim.dll
2012-10-04 22:06:24	109912	----a-w-	C:\Windows\System32\PresentationHostProxy.dll
2012-10-04 22:04:48	--------	d-----w-	C:\Program Files\Condusiv Technologies
2012-10-02 20:38:04	--------	d-----w-	C:\Users\Chuck\AppData\Roaming\NapiProjekt
2012-10-02 20:38:00	--------	d-----w-	C:\Program Files (x86)\NapiProjekt
2012-09-28 20:23:21	--------	d-----w-	C:\Users\Chuck\AppData\Roaming\OnLive App
2012-09-28 20:23:16	--------	d-----w-	C:\Program Files (x86)\OnLive
2012-09-26 14:40:07	--------	d-----w-	C:\ProgramData\GG
2012-09-25 18:10:58	1554944	----a-w-	C:\Windows\SysWow64\vorbis.acm
2012-09-25 16:21:14	--------	d-----w-	C:\Program Files (x86)\uTorrent
2012-09-24 20:08:28	821736	----a-w-	C:\Windows\SysWow64\npDeployJava1.dll
2012-09-24 20:08:28	746984	----a-w-	C:\Windows\SysWow64\deployJava1.dll
2012-09-24 20:08:16	95208	----a-w-	C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2012-09-24 19:50:59	916456	----a-w-	C:\Windows\System32\deployJava1.dll
2012-09-24 19:50:59	1034216	----a-w-	C:\Windows\System32\npDeployJava1.dll
2012-09-24 18:56:08	--------	d-----w-	C:\Users\Chuck\AppData\Roaming\uTorrent
2012-09-22 18:14:09	--------	d-----w-	C:\Users\Chuck\AppData\Local\Macromedia
2012-09-22 17:18:57	--------	d-----w-	C:\Users\Chuck\.gstreamer-0.10
2012-09-22 17:18:03	--------	d-----w-	C:\Users\Chuck\AppData\Local\ChomikBox
2012-09-20 18:36:59	64856	----a-w-	C:\Windows\System32\klfphc.dll
2012-09-20 18:36:26	--------	d-----w-	C:\Windows\ELAMBKUP
2012-09-20 18:36:24	--------	d-----w-	C:\ProgramData\Kaspersky Lab
2012-09-20 18:36:24	--------	d-----w-	C:\Program Files (x86)\Kaspersky Lab
2012-09-20 18:36:18	89432	----a-w-	C:\Windows\System32\drivers\klflt.sys
2012-09-19 21:16:51	9310152	----a-w-	C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{73BAC8C0-8D11-4E82-AF93-66D50C9E674B}\mpengine.dll
2012-09-19 21:16:50	279656	------w-	C:\Windows\System32\MpSigStub.exe
2012-09-19 20:58:50	--------	d-----w-	C:\Program Files (x86)\VS Revo Group
2012-09-19 20:53:40	--------	d-----w-	C:\Windows\pss
2012-09-19 19:32:16	5174	----a-w-	C:\Windows\SysWow64\nppt9x.vxd
2012-09-19 19:32:16	4682	----a-w-	C:\Windows\SysWow64\npptNT2.sys
2012-09-19 19:25:52	--------	d-----w-	C:\Program Files (x86)\NCsoft
2012-09-17 19:29:29	--------	d-----w-	C:\Users\Chuck\AppData\Roaming\GG
2012-09-17 19:29:29	--------	d-----w-	C:\Users\Chuck\AppData\Local\GG
2012-09-17 16:41:44	--------	d-----w-	C:\Users\Chuck\AppData\Local\Google
2012-09-17 16:41:35	73416	----a-w-	C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-17 16:41:35	696520	----a-w-	C:\Windows\SysWow64\FlashPlayerApp.exe
2012-09-17 16:36:50	--------	d-----w-	C:\Users\Chuck\AppData\Local\Opera
2012-09-10 20:17:39	802816	----a-w-	C:\Windows\SysWow64\imagXRA7.dll
2012-09-10 20:17:39	497296	----a-w-	C:\Windows\SysWow64\imagXpr7.dll
2012-09-10 20:17:39	368640	----a-w-	C:\Windows\SysWow64\TwnLib4.dll
2012-09-10 20:17:39	258048	----a-w-	C:\Windows\SysWow64\imagXR7.dll
2012-09-10 20:17:39	1757184	----a-w-	C:\Windows\SysWow64\imagX7.dll
2012-09-10 20:17:38	--------	d-----w-	C:\ProgramData\Nero
2012-09-10 20:17:38	--------	d-----w-	C:\Program Files (x86)\Nero
.
==================== Find3M  ====================
.
2012-09-20 20:00:16	29528	----a-w-	C:\Windows\System32\drivers\klmouflt.sys
2012-09-20 20:00:16	29016	----a-w-	C:\Windows\System32\drivers\klkbdflt.sys
2012-08-13 14:49:40	178008	----a-w-	C:\Windows\System32\drivers\kneps.sys
2012-08-02 13:09:34	28504	----a-w-	C:\Windows\System32\drivers\klim6.sys
2012-07-30 17:55:02	283200	----a-w-	C:\Windows\System32\drivers\dtsoftbus01.sys
.
============= FINISH: 23:46:23,72 ===============
Attach
Kod:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Ultimate 
Boot Device: \Device\HarddiskVolume1
Install Date: 2012-04-18 00:27:23
System Uptime: 2012-10-06 23:41:35 (0 hours ago)
.
Motherboard: INTEL Corporation |  | H61MA-D2V
Processor: Intel(R) Core(TM) i3-2100 CPU @ 3.10GHz | Intel(R) Core(TM) i3-2100 CPU @ 3.10GHz | 3100/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 244 GiB total, 88,691 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 293 GiB total, 190,655 GiB free.
F: is FIXED (NTFS) - 394 GiB total, 276,079 GiB free.
H: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP76: 2012-09-30 12:43:35 - Zaplanowany punkt kontrolny
RP77: 2012-10-03 23:48:54 - Zainstalowany program DirectX
RP78: 2012-10-05 00:06:02 - Windows Update
RP80: 2012-10-06 21:45:34 - Windows Defender Checkpoint
.
==== Installed Programs ======================
.
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.4) - Polish
AIMP3
ASIO4ALL
µTorrent
AuctioGen
Battlefield 3™
Browser Manager
Cakewalk RgcAudio z3ta Plus v1.5.2 VSTi DXi REPACK
Counter-Strike 1.6 DiGiTALZONE
Crystal Player Professional 1.98
DAEMON Tools Lite
Dino Crisis 2
Drakensang - The River of Time
Ekspert CD
Etron USB3.0 Host Controller
FL Studio 10
FL Studio 9
GG
Hardcore
Intel(R) Control Center
Intel(R) Management Engine Components
Internet Explorer Toolbar 4.6 by SweetPacks
Java 7 Update 7
Java Auto Updater
Just Cause 2
K-Lite Codec Pack 9.1.0 (Standard)
Kaspersky Anti-Virus 2013
Lineage® II: Freya (High Five)
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Mozilla Firefox 15.0.1 (x86 pl)
Mozilla Maintenance Service
NapiProjekt (2.0.0.2151)
Native Instruments Massive v1.0.1.008 VSTi DXi RTAS
Nero 8 Lite 8.3.6.0
NVIDIA 3D Vision Controller Driver
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
ON_OFF Charge B11.1102.1
OnLive
OpenAL
Opera 12.02
PoiZone
Pro Evolution Soccer 2012
Real Alternative 2.0.2
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
reFX Nexus VSTi RTAS v2.2.0
reFX Vanguard VSTi v1.7.0
Rob Papen BLUE Version 1.7.0
S.T.A.L.K.E.R. - Clear Sky
Sawer
SMoKE Patch GOLD 4.6
Spybot - Search & Destroy 1.4
Steam
SweetIM for Messenger 3.7
Sylenth1 v2.20
Tone2 Gladiator VSTi v2.2
Toxic Biohazard
Update Manager for SweetPacks 1.1
V-Station 1.5.1
VirtualDJ Home FREE
Vtune 7.21
.
==== End Of File ===========================

  #2 (permalink)  
Stare 07.10.2012, 09:50
Senior Member
 
Zarejestrowany: Aug 2012
Skąd: C:\Windows\
Postów: 2 022
Postów w giełdzie: 0
Domyślnie Odp: adobe32/svchost.exe

Witaj.
Odinstaluj:
Kod:
Spybot - Search & Destroy 1.4
SweetIM for Messenger 3.7
Użyj adwcleaner z opcja "Delete" i podaj log, który utworzy:
http://www.instalki.pl/programy/down...dwCleaner.html

Pobierz the avenger:
http://www.instalki.pl/programy/down...e_Avenger.html
W okienku wklej:
Kod:
Files to delete:
C:\Users\Chuck\AppData\Roaming\stplpfhevfcucfammws.exe
Folders to delete:
C:\Users\Chuck\AppData\Roaming\Adobe32
kliknij Execute
Po wykonaniu skryptu
Wykonaj weryfikacje plików systemowych, w tym celu uruchom cmd.exe w okienku wklep: sfc /scannow i zatwierdź enterem
potem daj nowe logi z DDS + log z Autoruns
Jakby były jakies komunikaty po restarcie systemu to pisz śmiało

  #3 (permalink)  
Stare 07.10.2012, 16:01
Junior Member
 
Zarejestrowany: May 2007
Postów: 8
Postów w giełdzie: 0
Domyślnie Odp: adobe32/svchost.exe

Tu logi z AdwCleaner:
Kod:
# AdwCleaner v2.003 - Logfile created 10/07/2012 at 15:57:28
# Updated 23/09/2012 by Xplode
# Operating system : Windows 7 Ultimate  (64 bits)
# User : Chuck - CHUCK-KOMPUTER
# Boot Mode : Normal
# Running from : C:\Users\Chuck\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
File Found : C:\Users\Chuck\AppData\Roaming\Mozilla\Firefox\Profiles\jtnun39g.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
File Found : C:\Users\Chuck\AppData\Roaming\Mozilla\Firefox\Profiles\jtnun39g.default\searchplugins\SweetIm.xml
Folder Found : C:\ProgramData\Browser Manager
Folder Found : C:\Users\Chuck\AppData\Roaming\Mozilla\Firefox\Profiles\jtnun39g.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}

***** [Registry] *****

Data Found : HKLM\..\Windows [AppInit_DLLs] = c:\progra~3\browse~1\23762~1.17\{16cdf~1\browse~1.dll
Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\DataMngr_Toolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\SweetIm
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\b
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\Software\Iminent
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Found : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Key Found : HKU\S-1-5-21-1903259936-2497965519-3858582179-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7600.16385

[OK] Registry is clean.

-\\ Mozilla Firefox v15.0.1 (pl)

Profile name : default 
File : C:\Users\Chuck\AppData\Roaming\Mozilla\Firefox\Profiles\jtnun39g.default\prefs.js

Found : user_pref("keyword.URL", "hxxp://search.babylon.com/?affID=109217&tt=031012_ccp_4012_1&babsrc=KW_ss&[...]
Found : user_pref("browser.search.defaultenginename", "Search the web (Babylon)");
Found : user_pref("browser.search.selectedEngine", "Search the web (Babylon)");
Found : user_pref("browser.search.order.1", "Search the web (Babylon)");
Found : user_pref("extensions.BabylonToolbar_i.newTab", true);
Found : user_pref("extensions.BabylonToolbar_i.newTabUrl", "about:home");
Found : user_pref("browser.startup.homepage", "hxxp://search.babylon.com/?affID=109217&tt=031012_ccp_4012_1&[...]

-\\ Opera v12.2.1578.0

File : C:\Users\Chuck\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [5636 octets] - [07/10/2012 15:57:04]
AdwCleaner[R2].txt - [5603 octets] - [07/10/2012 15:57:28]

########## EOF - C:\AdwCleaner[R2].txt - [5663 octets] ##########


To jest to z tego sfc/scannow
Kod:
http://wklej.org/hash/61dddba1320/
Log
DDS
Kod:
.
DDS (Ver_2011-08-26.01) - NTFSAMD64 
Internet Explorer: 8.0.7600.16385  BrowserJavaVersion: 10.7.2
Run by Chuck at 16:27:46 on 2012-10-07
Microsoft Windows 7 Ultimate   6.1.7600.0.1250.48.1045.18.8156.4169 [GMT 2:00]
.
AV: Kaspersky Anti-Virus *Enabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
SP: Kaspersky Anti-Virus *Enabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\RapidBIT\cidaemon.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Vtune\TBPANEL.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Condusiv Technologies\Diskeeper\DkService.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Content Blocker Plugin: {5564cc73-efa7-4cbf-918a-5cf7fbbfff4f} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
BHO: Virtual Keyboard Plugin: {73455575-e40c-433c-9784-c78dc7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: URL Advisor Plugin: {e33cf602-d945-461a-83f0-819f76a199f8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll
TB: {98889811-442D-49dd-99D7-DC866BE87DBC} - No File
uRun: [TBPanel] C:\Program Files (x86)\Vtune\TBPanel.exe /A
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [ChomikBox] C:\Program Files (x86)\ChomikBox\ChomikBox.exe
uRun: [AdobeUpdate] wscript "C:\Users\Chuck\AppData\Roaming\Adobe32\invis.vbs" "C:\Users\Chuck\AppData\Roaming\Adobe32\bat.bat"
uRun: [stplpfhevfcucfammws] C:\Users\Chuck\AppData\Roaming\stplpfhevfcucfammws.exe
mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll
TCP: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40
TCP: Interfaces\{861E1238-D433-4CEF-BBF0-1C7F3E5C7DCB} : DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40
TCP: Interfaces\{B1E1D5BE-2D8B-4B88-B6B1-AA1BAE19BD6A} : DhcpNameServer = 192.168.42.129
AppInit_DLLs: c:\progra~3\browse~1\23762~1.17\{16cdf~1\browse~1.dll
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F}
{73455575-E40C-433C-9784-C78DC7761455}
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{E33CF602-D945-461A-83F0-819F76A199F8}
TB-X64: {98889811-442D-49dd-99D7-DC866BE87DBC} - No File
mRun-x64: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
AppInit_DLLs-X64: c:\progra~3\browse~1\23762~1.17\{16cdf~1\browse~1.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Chuck\AppData\Roaming\Mozilla\Firefox\Profiles\jtnun39g.default\
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?affID=109217&tt=031012_ccp_4012_1&babsrc=KW_ss&mntrId=44f3a87800000000000050e549ca4431&q=
FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)
FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?affID=109217&tt=031012_ccp_4012_1&babsrc=HP_ss&mntrId=44f3a87800000000000050e549ca4431
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
---- FIREFOX POLICIES ----
user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0);FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=44f3a87800000000000050e549ca4431&q=
FF - user.js: extensions.BabylonToolbar.id - 44f3a87800000000000050e549ca4431
FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}
FF - user.js: extensions.BabylonToolbar.instlDay - 15619
FF - user.js: extensions.BabylonToolbar.vrsn - 1.8.0.7
FF - user.js: extensions.BabylonToolbar.vrsni - 1.8.0.7
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.8.0.721:41:41
FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar.tlbrId - base
FF - user.js: extensions.BabylonToolbar.instlRef - sst
FF - user.js: extensions.BabylonToolbar.dfltLng - en
FF - user.js: extensions.BabylonToolbar.excTlbr - false
FF - user.js: extensions.BabylonToolbar.admin - false
.
============= SERVICES / DRIVERS ===============
.
R0 DKDFM;Device Filter Manager Driver;C:\Windows\system32\drivers\DKDFM.sys --> C:\Windows\system32\drivers\DKDFM.sys [?]
R0 DKTLFSMF;Telemetry File System Mini Filter Driver;C:\Windows\system32\drivers\DKTLFSMF.sys --> C:\Windows\system32\drivers\DKTLFSMF.sys [?]
R1 AppleCharger;AppleCharger;C:\Windows\system32\DRIVERS\AppleCharger.sys --> C:\Windows\system32\DRIVERS\AppleCharger.sys [?]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys --> C:\Windows\system32\DRIVERS\klim6.sys [?]
R1 kltdi;kltdi;C:\Windows\system32\DRIVERS\kltdi.sys --> C:\Windows\system32\DRIVERS\kltdi.sys [?]
R1 kneps;kneps;C:\Windows\system32\DRIVERS\kneps.sys --> C:\Windows\system32\DRIVERS\kneps.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960]
R2 AVP;Usługa Kaspersky Anti-Virus;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe [2012-8-17 218880]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2012-4-18 2255464]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-8-3 379496]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-4-18 2655768]
R3 DKRtWrt;DKRtWrt;C:\Windows\system32\DRIVERS\DKRtWrt.sys --> C:\Windows\system32\DRIVERS\DKRtWrt.sys [?]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;C:\Windows\system32\Drivers\EtronHub3.sys --> C:\Windows\system32\Drivers\EtronHub3.sys [?]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;C:\Windows\system32\Drivers\EtronXHCI.sys --> C:\Windows\system32\Drivers\EtronXHCI.sys [?]
R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\Windows\system32\DRIVERS\klkbdflt.sys --> C:\Windows\system32\DRIVERS\klkbdflt.sys [?]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\system32\DRIVERS\klmouflt.sys --> C:\Windows\system32\DRIVERS\klmouflt.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 FlexService;Remote Connections Service;C:\Program Files (x86)\RapidBIT\cisvc.exe [2009-5-17 41984]
S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-9-22 114144]
.
=============== Created Last 30 ================
.
2012-10-07 14:00:48	61440	----a-w-	C:\Windows\SysWow64\drivers\dsmosiqo.sys
2012-10-06 21:20:20	178688	----a-w-	C:\Windows\SysWow64\unrar.dll
2012-10-06 21:20:17	--------	d-----w-	C:\Program Files (x86)\K-Lite Codec Pack
2012-10-06 20:17:41	--------	d-----w-	C:\Program Files (x86)\TeaTimer (Spybot - Search & Destroy)
2012-10-06 20:17:41	--------	d-----w-	C:\Program Files (x86)\SDHelper (Spybot - Search & Destroy)
2012-10-06 20:17:41	--------	d-----w-	C:\Program Files (x86)\Misc. Support Library (Spybot - Search & Destroy)
2012-10-06 20:17:41	--------	d-----w-	C:\Program Files (x86)\File Scanner Library (Spybot - Search & Destroy)
2012-10-06 20:16:35	--------	d-----w-	C:\ProgramData\Spybot - Search & Destroy
2012-10-06 20:16:34	--------	d-----w-	C:\Program Files (x86)\Spybot - Search & Destroy
2012-10-06 19:45:10	55632	----a-w-	C:\Users\Chuck\AppData\Roaming\stplpfhevfcucfammws.exe
2012-10-06 19:44:37	200500	----a-w-	C:\Users\Chuck\AppData\Roaming\poclbm120327GeForce GTS 450gv1w256l4.bin
2012-10-06 19:42:01	--------	d-----w-	C:\Program Files (x86)\Gophoto.it
2012-10-06 19:32:52	--------	d-----w-	C:\Program Files (x86)\TorrentHandler
2012-10-06 19:32:25	--------	d-----w-	C:\Program Files (x86)\1ClickDownload
2012-10-05 06:13:35	--------	d-----w-	C:\Users\Chuck\AppData\Roaming\Condusiv_Technologies
2012-10-05 06:13:35	--------	d-----w-	C:\Users\Chuck\AppData\Local\Condusiv_Technologies
2012-10-04 22:10:41	106832	----a-w-	C:\Windows\System32\drivers\DKTLFSMF.sys
2012-10-04 22:10:40	40752	----a-w-	C:\Windows\System32\drivers\DKDFM.sys
2012-10-04 22:10:38	52048	----a-w-	C:\Windows\System32\drivers\DKRtWrt.sys
2012-10-04 22:10:35	--------	d-----w-	C:\ProgramData\Condusiv Technologies
2012-10-04 22:10:35	--------	d-----w-	C:\Program Files\Common Files\Diskeeper Corporation
2012-10-04 22:06:24	99176	----a-w-	C:\Windows\SysWow64\PresentationHostProxy.dll
2012-10-04 22:06:24	49472	----a-w-	C:\Windows\SysWow64\netfxperf.dll
2012-10-04 22:06:24	48960	----a-w-	C:\Windows\System32\netfxperf.dll
2012-10-04 22:06:24	444752	----a-w-	C:\Windows\System32\mscoree.dll
2012-10-04 22:06:24	320352	----a-w-	C:\Windows\System32\PresentationHost.exe
2012-10-04 22:06:24	297808	----a-w-	C:\Windows\SysWow64\mscoree.dll
2012-10-04 22:06:24	295264	----a-w-	C:\Windows\SysWow64\PresentationHost.exe
2012-10-04 22:06:24	1942856	----a-w-	C:\Windows\System32\dfshim.dll
2012-10-04 22:06:24	1130824	----a-w-	C:\Windows\SysWow64\dfshim.dll
2012-10-04 22:06:24	109912	----a-w-	C:\Windows\System32\PresentationHostProxy.dll
2012-10-04 22:04:48	--------	d-----w-	C:\Program Files\Condusiv Technologies
2012-10-02 20:38:04	--------	d-----w-	C:\Users\Chuck\AppData\Roaming\NapiProjekt
2012-10-02 20:38:00	--------	d-----w-	C:\Program Files (x86)\NapiProjekt
2012-09-28 20:23:21	--------	d-----w-	C:\Users\Chuck\AppData\Roaming\OnLive App
2012-09-28 20:23:16	--------	d-----w-	C:\Program Files (x86)\OnLive
2012-09-26 14:40:07	--------	d-----w-	C:\ProgramData\GG
2012-09-25 18:10:58	1554944	----a-w-	C:\Windows\SysWow64\vorbis.acm
2012-09-25 16:21:14	--------	d-----w-	C:\Program Files (x86)\uTorrent
2012-09-24 20:08:28	821736	----a-w-	C:\Windows\SysWow64\npDeployJava1.dll
2012-09-24 20:08:28	746984	----a-w-	C:\Windows\SysWow64\deployJava1.dll
2012-09-24 20:08:16	95208	----a-w-	C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2012-09-24 19:50:59	916456	----a-w-	C:\Windows\System32\deployJava1.dll
2012-09-24 19:50:59	1034216	----a-w-	C:\Windows\System32\npDeployJava1.dll
2012-09-24 18:56:08	--------	d-----w-	C:\Users\Chuck\AppData\Roaming\uTorrent
2012-09-22 18:14:09	--------	d-----w-	C:\Users\Chuck\AppData\Local\Macromedia
2012-09-22 17:18:57	--------	d-----w-	C:\Users\Chuck\.gstreamer-0.10
2012-09-22 17:18:03	--------	d-----w-	C:\Users\Chuck\AppData\Local\ChomikBox
2012-09-20 18:36:59	64856	----a-w-	C:\Windows\System32\klfphc.dll
2012-09-20 18:36:26	--------	d-----w-	C:\Windows\ELAMBKUP
2012-09-20 18:36:24	--------	d-----w-	C:\ProgramData\Kaspersky Lab
2012-09-20 18:36:24	--------	d-----w-	C:\Program Files (x86)\Kaspersky Lab
2012-09-20 18:36:18	89432	----a-w-	C:\Windows\System32\drivers\klflt.sys
2012-09-19 21:16:51	9310152	----a-w-	C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{73BAC8C0-8D11-4E82-AF93-66D50C9E674B}\mpengine.dll
2012-09-19 21:16:50	279656	------w-	C:\Windows\System32\MpSigStub.exe
2012-09-19 20:58:50	--------	d-----w-	C:\Program Files (x86)\VS Revo Group
2012-09-19 20:53:40	--------	d-----w-	C:\Windows\pss
2012-09-19 19:32:16	5174	----a-w-	C:\Windows\SysWow64\nppt9x.vxd
2012-09-19 19:32:16	4682	----a-w-	C:\Windows\SysWow64\npptNT2.sys
2012-09-19 19:25:52	--------	d-----w-	C:\Program Files (x86)\NCsoft
2012-09-17 19:29:29	--------	d-----w-	C:\Users\Chuck\AppData\Roaming\GG
2012-09-17 19:29:29	--------	d-----w-	C:\Users\Chuck\AppData\Local\GG
2012-09-17 16:41:44	--------	d-----w-	C:\Users\Chuck\AppData\Local\Google
2012-09-17 16:41:35	73416	----a-w-	C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-17 16:41:35	696520	----a-w-	C:\Windows\SysWow64\FlashPlayerApp.exe
2012-09-17 16:36:50	--------	d-----w-	C:\Users\Chuck\AppData\Local\Opera
2012-09-10 20:17:39	802816	----a-w-	C:\Windows\SysWow64\imagXRA7.dll
2012-09-10 20:17:39	497296	----a-w-	C:\Windows\SysWow64\imagXpr7.dll
2012-09-10 20:17:39	368640	----a-w-	C:\Windows\SysWow64\TwnLib4.dll
2012-09-10 20:17:39	258048	----a-w-	C:\Windows\SysWow64\imagXR7.dll
2012-09-10 20:17:39	1757184	----a-w-	C:\Windows\SysWow64\imagX7.dll
2012-09-10 20:17:38	--------	d-----w-	C:\ProgramData\Nero
2012-09-10 20:17:38	--------	d-----w-	C:\Program Files (x86)\Nero
.
==================== Find3M  ====================
.
2012-09-20 20:00:16	29528	----a-w-	C:\Windows\System32\drivers\klmouflt.sys
2012-09-20 20:00:16	29016	----a-w-	C:\Windows\System32\drivers\klkbdflt.sys
2012-08-13 14:49:40	178008	----a-w-	C:\Windows\System32\drivers\kneps.sys
2012-08-02 13:09:34	28504	----a-w-	C:\Windows\System32\drivers\klim6.sys
2012-07-30 17:55:02	283200	----a-w-	C:\Windows\System32\drivers\dtsoftbus01.sys
.
============= FINISH: 16:28:13,98 ===============
Attach
Kod:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Ultimate 
Boot Device: \Device\HarddiskVolume1
Install Date: 2012-04-18 00:27:23
System Uptime: 2012-10-07 16:18:59 (0 hours ago)
.
Motherboard: INTEL Corporation |  | H61MA-D2V
Processor: Intel(R) Core(TM) i3-2100 CPU @ 3.10GHz | Intel(R) Core(TM) i3-2100 CPU @ 3.10GHz | 3100/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 244 GiB total, 95,01 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 293 GiB total, 190,655 GiB free.
F: is FIXED (NTFS) - 394 GiB total, 276,079 GiB free.
H: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP76: 2012-09-30 12:43:35 - Zaplanowany punkt kontrolny
RP77: 2012-10-03 23:48:54 - Zainstalowany program DirectX
RP78: 2012-10-05 00:06:02 - Windows Update
RP80: 2012-10-06 21:45:34 - Windows Defender Checkpoint
RP81: 2012-10-07 15:45:53 - Removed SweetIM for Messenger 3.7
RP82: 2012-10-07 15:47:07 - Removed Update Manager for SweetPacks 1.1
RP83: 2012-10-07 15:47:53 - Removed Internet Explorer Toolbar 4.6 by SweetPacks
.
==== Installed Programs ======================
.
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.4) - Polish
AIMP3
ASIO4ALL
µTorrent
AuctioGen
Battlefield 3™
Cakewalk RgcAudio z3ta Plus v1.5.2 VSTi DXi REPACK
Counter-Strike 1.6 DiGiTALZONE
Crystal Player Professional 1.98
DAEMON Tools Lite
Dino Crisis 2
Drakensang - The River of Time
Ekspert CD
Etron USB3.0 Host Controller
FL Studio 10
FL Studio 9
GG
Hardcore
Intel(R) Control Center
Intel(R) Management Engine Components
Java 7 Update 7
Java Auto Updater
Just Cause 2
K-Lite Codec Pack 9.1.0 (Standard)
Kaspersky Anti-Virus 2013
Lineage® II: Freya (High Five)
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Mozilla Firefox 15.0.1 (x86 pl)
Mozilla Maintenance Service
NapiProjekt (2.0.0.2151)
Native Instruments Massive v1.0.1.008 VSTi DXi RTAS
Nero 8 Lite 8.3.6.0
NVIDIA 3D Vision Controller Driver
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
ON_OFF Charge B11.1102.1
OnLive
OpenAL
Opera 12.02
PoiZone
Pro Evolution Soccer 2012
Real Alternative 2.0.2
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
reFX Nexus VSTi RTAS v2.2.0
reFX Vanguard VSTi v1.7.0
Rob Papen BLUE Version 1.7.0
S.T.A.L.K.E.R. - Clear Sky
Sawer
SMoKE Patch GOLD 4.6
Steam
Sylenth1 v2.20
Tone2 Gladiator VSTi v2.2
Toxic Biohazard
V-Station 1.5.1
VirtualDJ Home FREE
Vtune 7.21
.
==== End Of File ===========================
No i jeszcze błąd przy starcie:
'C:\user\chuck\appdata\roaming\Adobe32\svchost.exe.Upewnij się że wpisana nazwa jest poprawna i spróbuj ponownie'

W adwcleaner z tych logów zauważyłem że został zainstalowany toolbar babylon,sam musiał pod jakimś innym instalatorem sie schować,sam od siebie tego czegoś nie instalowałem.

  #4 (permalink)  
Stare 07.10.2012, 16:04
Senior Member
 
Zarejestrowany: Aug 2012
Skąd: C:\Windows\
Postów: 2 022
Postów w giełdzie: 0
Domyślnie Odp: adobe32/svchost.exe

OK czekam na resztę

  #5 (permalink)  
Stare 07.10.2012, 18:26
Junior Member
 
Zarejestrowany: May 2007
Postów: 8
Postów w giełdzie: 0
Domyślnie Odp: adobe32/svchost.exe

Jak coś da się zrobić prócz formata to daj znać

  #6 (permalink)  
Stare 07.10.2012, 18:34
Senior Member
 
Zarejestrowany: Aug 2012
Skąd: C:\Windows\
Postów: 2 022
Postów w giełdzie: 0
Domyślnie Odp: adobe32/svchost.exe

Format? nie u mnie ja tak łatwo sie nie poddaję
Po za tym to infekcja prawie usunięta daj logi z OTL ( tylko z tej wersji, która podam, pobierz ja z tąd ) :
http://www.idg.pl/ftp/pc_45864/otl.32570.html
to usuniemy ten komunikat i troszkę posprzątamy.
Pozdrawiam.
Paweł

  #7 (permalink)  
Stare 07.10.2012, 19:09
Junior Member
 
Zarejestrowany: May 2007
Postów: 8
Postów w giełdzie: 0
Domyślnie Odp: adobe32/svchost.exe

OTL
Kod:
http://wklej.org/id/843112/
Extras
Kod:
http://wklej.org/id/843108/
ps:jaki program polecasz do oczyszczania rejestru ze zbędnych śmieci?

  #8 (permalink)  
Stare 07.10.2012, 19:16
Senior Member
 
Zarejestrowany: Aug 2012
Skąd: C:\Windows\
Postów: 2 022
Postów w giełdzie: 0
Domyślnie Odp: adobe32/svchost.exe

Uruchom OTL w okienku Własne opcje skanowania/skrypt wklej:
Kod:
:OTL
IE - HKU\S-1-5-21-1903259936-2497965519-3858582179-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=ST1000DL002-9TT153_W1V12ZKL____W1V12ZKL&ts=1349628965
IE - HKU\S-1-5-21-1903259936-2497965519-3858582179-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=ST1000DL002-9TT153_W1V12ZKL____W1V12ZKL&ts=1349628965
IE - HKU\S-1-5-21-1903259936-2497965519-3858582179-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-1903259936-2497965519-3858582179-1000\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKU\S-1-5-21-1903259936-2497965519-3858582179-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.v9.com/web/?q={searchTerms}
IE - HKU\S-1-5-21-1903259936-2497965519-3858582179-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=109217&tt=031012_ccp_4012_1&babsrc=SP_ss&mntrId=44f3a87800000000000050e549ca4431
IE - HKU\S-1-5-21-1903259936-2497965519-3858582179-1000\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.v9.com/web/?q={searchTerms}
O3 - HKLM\..\Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found.
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-1903259936-2497965519-3858582179-1001..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-1903259936-2497965519-3858582179-1000..\Run: [AdobeUpdate] C:\Users\Chuck\AppData\Roaming\Adobe32\invis.vbs ()
O4 - HKU\S-1-5-21-1903259936-2497965519-3858582179-1000..\Run: [stplpfhevfcucfammws] C:\Users\Chuck\AppData\Roaming\stplpfhevfcucfammws.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
Commands
[emptytemp]
Kliknij Wykonaj skrypt daj log z usuwania.
1. Następnie: Do czyszczenia systemu ze zbędnych śmieci to polecam CCleaner:
http://www.instalki.pl/programy/down.../CCleaner.html

  #9 (permalink)  
Stare 07.10.2012, 19:58
Junior Member
 
Zarejestrowany: May 2007
Postów: 8
Postów w giełdzie: 0
Domyślnie Odp: adobe32/svchost.exe

Takie coś wyskoczyło po ponownym uruchomieniu komputera:

Kod:
All processes killed
========== OTL ==========
HKU\S-1-5-21-1903259936-2497965519-3858582179-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-1903259936-2497965519-3858582179-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_USERS\S-1-5-21-1903259936-2497965519-3858582179-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-21-1903259936-2497965519-3858582179-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1903259936-2497965519-3858582179-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1903259936-2497965519-3858582179-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_USERS\S-1-5-21-1903259936-2497965519-3858582179-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC}\ not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1903259936-2497965519-3858582179-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1903259936-2497965519-3858582179-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeUpdate deleted successfully.
C:\Users\Chuck\AppData\Roaming\Adobe32\invis.vbs moved successfully.
Registry value HKEY_USERS\S-1-5-21-1903259936-2497965519-3858582179-1000\Software\Microsoft\Windows\CurrentVersion\Run\\stplpfhevfcucfammws deleted successfully.
C:\Users\Chuck\AppData\Roaming\stplpfhevfcucfammws.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
File ptytemp] not found.
 
OTL by OldTimer - Version 3.2.57.0 log created on 10072012_195158

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
A tu z programu AutoRuns
Kod:
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"	""	""	""
+ "RtHDVCpl"	"Menedżer Realtek HD Audio"	"Realtek Semiconductor"	"c:\program files\realtek\audio\hda\ravcpl64.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run"	""	""	""
+ "AVP"	"Kaspersky Anti-Virus"	"Kaspersky Lab ZAO"	"c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2013\avp.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components"	""	""	""
+ "Microsoft Windows"	"Poczta systemu Windows"	"Microsoft Corporation"	"c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components"	""	""	""
+ "Microsoft Windows"	"Poczta systemu Windows"	"Microsoft Corporation"	"c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run"	""	""	""
+ "DAEMON Tools Lite"	"DAEMON Tools Lite"	"DT Soft Ltd"	"c:\program files (x86)\daemon tools lite\dtlite.exe"
+ "TBPanel"	"Vtune : Display Control Panel"	""	"c:\program files (x86)\vtune\tbpanel.exe"
"HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers"	""	""	""
+ "GGDriveMenu"	"GG drive menu"	"GG Network S.A."	"c:\users\chuck\appdata\roaming\gg\ggdrive\ggdrive-menu.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers"	""	""	""
+ "Kaspersky Anti-Virus"	"Windows Shell Extension"	"Kaspersky Lab ZAO"	"c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2013\x64\shellex.dll"
+ "WinRAR"	"Rozszerzenie powłoki"	"Alexander Roshal"	"c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers"	""	""	""
+ "Kaspersky Anti-Virus"	"Windows Shell Extension"	"Kaspersky Lab ZAO"	"c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2013\shellex.dll"
+ "WinRAR32"	"Rozszerzenie powłoki"	"Alexander Roshal"	"c:\program files\winrar\rarext32.dll"
"HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers"	""	""	""
+ "GGDriveMenu"	"GG drive menu"	"GG Network S.A."	"c:\users\chuck\appdata\roaming\gg\ggdrive\ggdrive-menu.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers"	""	""	""
+ "Kaspersky Anti-Virus"	"Windows Shell Extension"	"Kaspersky Lab ZAO"	"c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2013\x64\shellex.dll"
+ "WinRAR"	"Rozszerzenie powłoki"	"Alexander Roshal"	"c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers"	""	""	""
+ "Kaspersky Anti-Virus"	"Windows Shell Extension"	"Kaspersky Lab ZAO"	"c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2013\shellex.dll"
+ "WinRAR32"	"Rozszerzenie powłoki"	"Alexander Roshal"	"c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers"	""	""	""
+ "WinRAR"	"Rozszerzenie powłoki"	"Alexander Roshal"	"c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers"	""	""	""
+ "WinRAR32"	"Rozszerzenie powłoki"	"Alexander Roshal"	"c:\program files\winrar\rarext32.dll"
"HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers"	""	""	""
+ "GGDriveMenu"	"GG drive menu"	"GG Network S.A."	"c:\users\chuck\appdata\roaming\gg\ggdrive\ggdrive-menu.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers"	""	""	""
+ "Gadgets"	"Element docelowy paska bocznego"	"Microsoft Corporation"	"c:\program files\windows sidebar\sbdrop.dll"
+ "NvCplDesktopContext"	""	"NVIDIA Corporation"	"c:\windows\system32\nvshext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers"	""	""	""
+ "Gadgets"	"Element docelowy paska bocznego"	"Microsoft Corporation"	"c:\program files (x86)\windows sidebar\sbdrop.dll"
+ "VtuneShlExt"	"TBPanelExt Module"	""	"c:\program files (x86)\vtune\tbpanelext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers"	""	""	""
+ "NeroDigitalColumnHandler Class"	"Nero Digital Shell Extension"	"Nero AG"	"c:\program files (x86)\common files\nero\lib\nerodigitalext.dll"
+ "PDF Shell Extension"	"PDF Shell Extension"	"Adobe Systems, Inc."	"c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers"	""	""	""
+ "Kaspersky Anti-Virus"	"Windows Shell Extension"	"Kaspersky Lab ZAO"	"c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2013\x64\shellex.dll"
+ "WinRAR"	"Rozszerzenie powłoki"	"Alexander Roshal"	"c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers"	""	""	""
+ "Kaspersky Anti-Virus"	"Windows Shell Extension"	"Kaspersky Lab ZAO"	"c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2013\shellex.dll"
+ "WinRAR32"	"Rozszerzenie powłoki"	"Alexander Roshal"	"c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers"	""	""	""
+ "WinRAR"	"Rozszerzenie powłoki"	"Alexander Roshal"	"c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers"	""	""	""
+ "WinRAR32"	"Rozszerzenie powłoki"	"Alexander Roshal"	"c:\program files\winrar\rarext32.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers"	""	""	""
+ "GGDriveOverlay1"	"GG drive overlay"	"GG Network S.A."	"c:\programdata\gg\ggdrive\ggdrive-overlay.dll"
+ "GGDriveOverlay2"	"GG drive overlay"	"GG Network S.A."	"c:\programdata\gg\ggdrive\ggdrive-overlay.dll"
+ "GGDriveOverlay3"	"GG drive overlay"	"GG Network S.A."	"c:\programdata\gg\ggdrive\ggdrive-overlay.dll"
+ "GGDriveOverlay4"	"GG drive overlay"	"GG Network S.A."	"c:\programdata\gg\ggdrive\ggdrive-overlay.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"	""	""	""
+ "Content Blocker Plugin"	"Content Blocker Plugin"	"Kaspersky Lab ZAO"	"c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2013\x64\ieext\contentblocker\ie_content_blocker_plugin.dll"
+ "URL Advisor Plugin"	"URL Advisor Plugin"	"Kaspersky Lab ZAO"	"c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2013\x64\ieext\urladvisor\klwtbbho.dll"
+ "Virtual Keyboard Plugin"	"Virtual Keyboard Plugin"	"Kaspersky Lab ZAO"	"c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2013\x64\ieext\virtualkeyboard\ie_virtual_keyboard_plugin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"	""	""	""
+ "Adobe PDF Link Helper"	"Adobe PDF Helper for Internet Explorer"	"Adobe Systems Incorporated"	"c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Content Blocker Plugin"	"Content Blocker Plugin"	"Kaspersky Lab ZAO"	"c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2013\ieext\contentblocker\ie_content_blocker_plugin.dll"
+ "Java(tm) Plug-In 2 SSV Helper"	"Java(TM) Platform SE binary"	"Oracle Corporation"	"c:\program files (x86)\java\jre7\bin\jp2ssv.dll"
+ "Java(tm) Plug-In SSV Helper"	"Java(TM) Platform SE binary"	"Oracle Corporation"	"c:\program files (x86)\java\jre7\bin\ssv.dll"
+ "URL Advisor Plugin"	"URL Advisor Plugin"	"Kaspersky Lab ZAO"	"c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2013\ieext\urladvisor\klwtbbho.dll"
+ "Virtual Keyboard Plugin"	"Virtual Keyboard Plugin"	"Kaspersky Lab ZAO"	"c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2013\ieext\virtualkeyboard\ie_virtual_keyboard_plugin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions"	""	""	""
+ "&Klawiatura wirtualna"	"Virtual Keyboard Plugin"	"Kaspersky Lab ZAO"	"c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2013\x64\ieext\virtualkeyboard\ie_virtual_keyboard_plugin.dll"
+ "&Sprawdzanie adresów internetowych"	"URL Advisor Plugin"	"Kaspersky Lab ZAO"	"c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2013\x64\ieext\urladvisor\klwtbbho.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions"	""	""	""
+ "&Klawiatura wirtualna"	"Virtual Keyboard Plugin"	"Kaspersky Lab ZAO"	"c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2013\ieext\virtualkeyboard\ie_virtual_keyboard_plugin.dll"
+ "&Sprawdzanie adresów internetowych"	"URL Advisor Plugin"	"Kaspersky Lab ZAO"	"c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2013\ieext\urladvisor\klwtbbho.dll"
"HKLM\System\CurrentControlSet\Services"	""	""	""
+ "AppleChargerSrv"	"Apple mobile devices charging service"	""	"c:\windows\system32\applechargersrv.exe"
+ "AVP"	"Zapewnia ochronę komputera przed wirusami, niebezpiecznym oprogramowaniem, atakami hakerów, oszustwami internetowymi i spamem."	"Kaspersky Lab ZAO"	"c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2013\avp.exe"
+ "FlexService"	"Creates and maintains network connections to remote servers. If this service is stopped, these connections will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start."	"BitMicro Software Corporation"	"c:\program files (x86)\rapidbit\cisvc.exe"
+ "LMS"	"Allows applications to access the local Intel(R) Management and Security Application using its locally-available selected network interfaces."	"Intel Corporation"	"c:\program files (x86)\intel\intel(r) management engine components\lms\lms.exe"
+ "nvsvc"	"Provides system and desktop level support to the NVIDIA display driver"	"NVIDIA Corporation"	"c:\windows\system32\nvvsvc.exe"
+ "nvUpdatusService"	"NVIDIA Settings Update Manager service, used to check new updates from NVIDIA server."	"NVIDIA Corporation"	"c:\program files (x86)\nvidia corporation\nvidia updatus\daemonu.exe"
+ "Steam Client Service"	"Steam Client Service monitors and updates Steam content"	"Valve Corporation"	"c:\program files (x86)\common files\steam\steamservice.exe"
+ "Stereo Service"	"Provides system support for NVIDIA Stereoscopic 3D driver"	"NVIDIA Corporation"	"c:\program files (x86)\nvidia corporation\3d vision\nvscpapisvr.exe"
+ "UNS"	"Intel(R) Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel(R) Management and Security Application Device."	"Intel Corporation"	"c:\program files (x86)\intel\intel(r) management engine components\uns\uns.exe"
+ "WinDefend"	"Ochrona przed szpiegującym i niechcianym oprogramowaniem"	"Microsoft Corporation"	"c:\program files\windows defender\mpsvc.dll"
+ "WMPNetworkSvc"	"Udostępnia biblioteki programu Windows Media Player innym odtwarzaczom i urządzeniom multimedialnym w sieci przy użyciu technologii Universal Plug and Play"	"Microsoft Corporation"	"c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services"	""	""	""
+ "adp94xx"	"Adaptec Windows SAS/SATA Storport Driver"	"Adaptec, Inc."	"c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci"	"Adaptec Windows SATA Storport Driver"	"Adaptec, Inc."	"c:\windows\system32\drivers\adpahci.sys"
+ "adpu320"	"Adaptec StorPort Ultra320 SCSI Driver (X64)"	"Adaptec, Inc."	"c:\windows\system32\drivers\adpu320.sys"
+ "aliide"	"ALi mini IDE Driver"	"Acer Laboratories Inc."	"c:\windows\system32\drivers\aliide.sys"
+ "amdsata"	"AHCI 1.2 Device Driver"	"Advanced Micro Devices"	"c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs"	"AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform"	"AMD Technologies Inc."	"c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata"	"Storage Filter Driver"	"Advanced Micro Devices"	"c:\windows\system32\drivers\amdxata.sys"
+ "AppleCharger"	"Apple mobile devices charging program"	""	"c:\windows\system32\drivers\applecharger.sys"
+ "arc"	"Adaptec RAID Storport Driver"	"Adaptec, Inc."	"c:\windows\system32\drivers\arc.sys"
+ "arcsas"	"Adaptec SAS RAID WS03 Driver"	"Adaptec, Inc."	"c:\windows\system32\drivers\arcsas.sys"
+ "b06bdrv"	"Broadcom NetXtreme II GigE VBD"	"Broadcom Corporation"	"c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a"	"Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver."	"Broadcom Corporation"	"c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo"	"Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver"	"Brother Industries, Ltd."	"c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp"	"Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver"	"Brother Industries, Ltd."	"c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid"	"Sterownik szeregowy I/F (WDM) firmy Brother"	"Brother Industries Ltd."	"c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm"	"Brother Serial driver (WDM version)"	"Brother Industries Ltd."	"c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm"	"Brother USB MDM Driver "	"Brother Industries Ltd."	"c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer"	"Brother USB Serial Driver"	"Brother Industries Ltd."	"c:\windows\system32\drivers\brusbser.sys"
+ "Cardex"	"Display Control Program"	"Windows (R) Server 2003 DDK provider"	"c:\windows\syswow64\drivers\tbpanelx64.sys"
+ "cmdide"	"CMD PCI IDE Bus Driver"	"CMD Technology, Inc."	"c:\windows\system32\drivers\cmdide.sys"
+ "DKDFM"	"Device Filter Manager Driver"	"Condusiv Technologies"	"c:\windows\system32\drivers\dkdfm.sys"
+ "DKRtWrt"	"Diskeeper FileSystem Mini-Filter Driver"	"Condusiv Technologies"	"c:\windows\system32\drivers\dkrtwrt.sys"
+ "DKTLFSMF"	"Telemetry File System Mini Filter Driver"	"Condusiv Technologies"	"c:\windows\system32\drivers\dktlfsmf.sys"
+ "dtsoftbus01"	"DAEMON Tools Virtual Bus Driver"	"DT Soft Ltd"	"c:\windows\system32\drivers\dtsoftbus01.sys"
+ "ebdrv"	"Broadcom NetXtreme II 10 GigE VBD"	"Broadcom Corporation"	"c:\windows\system32\drivers\evbda.sys"
+ "elxstor"	"Storport Miniport Driver for LightPulse HBAs"	"Emulex"	"c:\windows\system32\drivers\elxstor.sys"
+ "EtronHub3"	"Etron eXtensible Hub Driver."	"Etron Technology Inc"	"c:\windows\system32\drivers\etronhub3.sys"
+ "EtronXHCI"	"Etron eXtensible Host Controller Driver."	"Etron Technology Inc"	"c:\windows\system32\drivers\etronxhci.sys"
+ "gdrv"	""	""	"File not found: C:\Windows\gdrv.sys"
+ "hcw85cir"	"Hauppauge WinTV 885 Consumer IR Driver for eHome"	"Hauppauge Computer Works, Inc."	"c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD"	"Smart Array SAS/SATA Controller Media Driver"	"Hewlett-Packard Company"	"c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV"	"Intel Matrix Storage Manager driver - x64"	"Intel Corporation"	"c:\windows\system32\drivers\iastorv.sys"
+ "iirsp"	"Intel/ICP Raid Storport Driver"	"Intel Corp./ICP vortex GmbH"	"c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService"	"Realtek(r) High Definition Audio Function Driver"	"Realtek Semiconductor Corp."	"c:\windows\system32\drivers\rtkvhd64.sys"
+ "kl1"	"Kaspersky Unified Driver"	"Kaspersky Lab ZAO"	"c:\windows\system32\drivers\kl1.sys"
+ "KLIF"	"Kaspersky Lab Interceptor and Filter"	"Kaspersky Lab"	"c:\windows\system32\drivers\klif.sys"
+ "KLIM6"	"Kaspersky Anti-Virus NDIS 6 Filter"	"Kaspersky Lab ZAO"	"c:\windows\system32\drivers\klim6.sys"
+ "klkbdflt"	"Kaspersky Lab Keyboard Class Filter"	"Kaspersky Lab"	"c:\windows\system32\drivers\klkbdflt.sys"
+ "klmouflt"	"Kaspersky Lab Mouse Class Filter"	"Kaspersky Lab"	"c:\windows\system32\drivers\klmouflt.sys"
+ "kltdi"	"Network filtering component"	"Kaspersky Lab"	"c:\windows\system32\drivers\kltdi.sys"
+ "kneps"	"KNEPS Power"	"Kaspersky Lab"	"c:\windows\system32\drivers\kneps.sys"
+ "LSI_FC"	"LSI Fusion-MPT FC Driver (StorPort)"	"LSI Corporation"	"c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS"	"LSI Fusion-MPT SAS Driver (StorPort)"	"LSI Corporation"	"c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2"	"LSI SAS Gen2 Driver (StorPort)"	"LSI Corporation"	"c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI"	"LSI Fusion-MPT SCSI Driver (StorPort)"	"LSI Corporation"	"c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas"	"MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64"	"LSI Corporation"	"c:\windows\system32\drivers\megasas.sys"
+ "MegaSR"	"LSI MegaRAID Software RAID Driver"	"LSI Corporation, Inc."	"c:\windows\system32\drivers\megasr.sys"
+ "MEIx64"	"Intel(R) Management Engine Interface"	"Intel Corporation"	"c:\windows\system32\drivers\hecix64.sys"
+ "nfrd960"	"IBM ServeRAID Controller Driver"	"IBM Corporation"	"c:\windows\system32\drivers\nfrd960.sys"
+ "NVHDA"	"NVIDIA HDMI Audio Driver"	"NVIDIA Corporation"	"c:\windows\system32\drivers\nvhda64v.sys"
+ "nvlddmkm"	"NVIDIA Windows Kernel Mode Driver, Version 280.26 "	"NVIDIA Corporation"	"c:\windows\system32\drivers\nvlddmkm.sys"
+ "nvraid"	"NVIDIA® nForce(TM) RAID Driver"	"NVIDIA Corporation"	"c:\windows\system32\drivers\nvraid.sys"
+ "nvstor"	"NVIDIA® nForce(TM) Sata Performance Driver"	"NVIDIA Corporation"	"c:\windows\system32\drivers\nvstor.sys"
+ "puktfz"	""	""	"File not found: system32\drivers\dsmosiqo.sys"
+ "ql2300"	"QLogic Fibre Channel Stor Miniport Driver"	"QLogic Corporation"	"c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx"	"QLogic iSCSI Storport Miniport Driver"	"QLogic Corporation"	"c:\windows\system32\drivers\ql40xx.sys"
+ "RTL8167"	"Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver                "	"Realtek                                            "	"c:\windows\system32\drivers\rt64win7.sys"
+ "secdrv"	"Macrovision SECURITY Driver"	"Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K."	"c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2"	"SiS RAID Stor Miniport Driver"	"Silicon Integrated Systems Corp."	"c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4"	"SiS AHCI Stor-Miniport Driver"	"Silicon Integrated Systems"	"c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor"	"Promise  SuperTrak EX Series Driver for Windows "	"Promise Technology"	"c:\windows\system32\drivers\stexstor.sys"
+ "TBPanel"	""	""	"File not found: C:\Windows\System32\Drivers\TBPanel.sys"
+ "viaide"	"VIA Generic PCI IDE Bus Driver"	"VIA Technologies, Inc."	"c:\windows\system32\drivers\viaide.sys"
+ "vsmraid"	"VIA RAID DRIVER FOR AMD-X86-64"	"VIA Technologies Inc.,Ltd"	"c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32"	""	""	""
+ "msacm.l3acm"	"MPEG Layer-3 Audio Codec for MSACM"	"Fraunhofer Institut Integrierte Schaltungen IIS"	"c:\windows\system32\l3codeca.acm"
+ "VIDC.FFDS"	""	""	"c:\windows\system32\ff_vfw.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32"	""	""	""
+ "msacm.l3acm"	"MPEG Layer-3 Audio Codec for MSACM"	"Fraunhofer Institut Integrierte Schaltungen IIS"	"c:\windows\syswow64\l3codeca.acm"
+ "msacm.vorbis"	"Ogg Vorbis CODEC for MSACM"	"HMS http://hp.vector.co.jp/authors/VA012897/"	"c:\windows\syswow64\vorbis.acm"
+ "vidc.cvid"	"Koder-dekoder Cinepak®"	"Radius Inc."	"c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Classes\Filter"	""	""	""
+ "IL FL Studio DXi"	""	"Image-Line"	"e:\fl\system\plugin\dxi\fl studio dxi.dll"
+ "IL Multi FL Studio DXi"	""	"Image-Line"	"e:\fl\system\plugin\dxi\fl studio dxi (multi).dll"
+ "NI Massive"	"Massive"	"Native Instruments GmbH"	"e:\vstplugins\massive\dxi\massivedxi.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"	""	""	""
+ "AC3File"	""	""	"c:\program files\klcp64\filters\ac3file64.ax"
+ "DirectVobSub"	"VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth"	"MPC-HC Team"	"c:\program files\klcp64\filters\vsfilter.dll"
+ "DirectVobSub (auto-loading version)"	"VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth"	"MPC-HC Team"	"c:\program files\klcp64\filters\vsfilter.dll"
+ "ffdshow Audio Decoder"	"DirectShow and VFW video and audio decoding/encoding/processing filter"	""	"c:\program files\klcp64\ffdshow\ffdshow.ax"
+ "ffdshow Audio Processor"	"DirectShow and VFW video and audio decoding/encoding/processing filter"	""	"c:\program files\klcp64\ffdshow\ffdshow.ax"
+ "ffdshow DXVA Video Decoder"	"DirectShow and VFW video and audio decoding/encoding/processing filter"	""	"c:\program files\klcp64\ffdshow\ffdshow.ax"
+ "ffdshow raw video filter"	"DirectShow and VFW video and audio decoding/encoding/processing filter"	""	"c:\program files\klcp64\ffdshow\ffdshow.ax"
+ "ffdshow subtitles filter"	"DirectShow and VFW video and audio decoding/encoding/processing filter"	""	"c:\program files\klcp64\ffdshow\ffdshow.ax"
+ "ffdshow Video Decoder"	"DirectShow and VFW video and audio decoding/encoding/processing filter"	""	"c:\program files\klcp64\ffdshow\ffdshow.ax"
+ "Haali Matroska Muxer"	"Haali Media Splitter"	""	"c:\program files\klcp64\filters\haali\splitter.x64.ax"
+ "Haali Media Splitter"	"Haali Media Splitter"	""	"c:\program files\klcp64\filters\haali\splitter.x64.ax"
+ "Haali Media Splitter (AR)"	"Haali Media Splitter"	""	"c:\program files\klcp64\filters\haali\splitter.x64.ax"
+ "Haali Simple Media Splitter"	"Haali Media Splitter"	""	"c:\program files\klcp64\filters\haali\splitter.x64.ax"
+ "Haali Video Sink"	"Haali Media Splitter"	""	"c:\program files\klcp64\filters\haali\splitter.x64.ax"
+ "MPC - FLV Source (Gabest)"	"FLV Splitter"	"MPC-HC Team"	"c:\program files\klcp64\filters\flvsplitter.ax"
+ "MPC - FLV Splitter (Gabest)"	"FLV Splitter"	"MPC-HC Team"	"c:\program files\klcp64\filters\flvsplitter.ax"
+ "MPC - MP4 Source"	"MP4 Splitter"	"MPC-HC Team"	"c:\program files\klcp64\filters\mp4splitter.ax"
+ "MPC - MP4 Splitter"	"MP4 Splitter"	"MPC-HC Team"	"c:\program files\klcp64\filters\mp4splitter.ax"
+ "MPC - MPEG Audio Source"	"Mpa Splitter"	"MPC-HC Team"	"c:\program files\klcp64\filters\mpasplitter.ax"
+ "MPC - MPEG Audio Splitter"	"Mpa Splitter"	"MPC-HC Team"	"c:\program files\klcp64\filters\mpasplitter.ax"
+ "MPC - Mpeg Source (Gabest)"	"Mpeg Splitter"	"MPC-HC Team"	"c:\program files\klcp64\filters\mpegsplitter.ax"
+ "MPC - Mpeg Splitter (Gabest)"	"Mpeg Splitter"	"MPC-HC Team"	"c:\program files\klcp64\filters\mpegsplitter.ax"
+ "MPC - MPEG4 Video Source"	"MP4 Splitter"	"MPC-HC Team"	"c:\program files\klcp64\filters\mp4splitter.ax"
+ "MPC - MPEG4 Video Splitter"	"MP4 Splitter"	"MPC-HC Team"	"c:\program files\klcp64\filters\mp4splitter.ax"
+ "MPC - RealAudio Decoder"	"RealMedia Splitter"	"MPC-HC Team"	"c:\program files\klcp64\filters\realmediasplitter.ax"
+ "MPC - RealMedia Source"	"RealMedia Splitter"	"MPC-HC Team"	"c:\program files\klcp64\filters\realmediasplitter.ax"
+ "MPC - RealMedia Splitter"	"RealMedia Splitter"	"MPC-HC Team"	"c:\program files\klcp64\filters\realmediasplitter.ax"
+ "MPC - RealVideo Decoder"	"RealMedia Splitter"	"MPC-HC Team"	"c:\program files\klcp64\filters\realmediasplitter.ax"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"	""	""	""
+ "Crystal Player DVD Audio Decoder"	"DVD Audio Decoder Filter"	"Crystal Reality LLC"	"c:\program files (x86)\crystal player\crystaldvdaudio.ax"
+ "Crystal Player DVD Video Decoder"	"DVD Video Decoder Filter"	"Crystal Reality LLC"	"c:\program files (x86)\crystal player\crystaldvdvideo.ax"
+ "Crystal Player MPEG4 Decoder (libavcodec)"	"Crystal MPEG4 Decoder (libavcodec)"	"Crystal Reality LLC"	"c:\program files (x86)\crystal player\crystalmpeg4decoder.ax"
+ "DirectVobSub"	"VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth"	"MPC-HC Team"	"c:\program files (x86)\k-lite codec pack\filters\vsfilter.dll"
+ "DirectVobSub (auto-loading version)"	"VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth"	"MPC-HC Team"	"c:\program files (x86)\k-lite codec pack\filters\vsfilter.dll"
+ "ffdshow Audio Decoder"	"DirectShow and VFW video and audio decoding/encoding/processing filter"	""	"c:\program files (x86)\k-lite codec pack\filters\ffdshow\ffdshow.ax"
+ "ffdshow Audio Processor"	"DirectShow and VFW video and audio decoding/encoding/processing filter"	""	"c:\program files (x86)\k-lite codec pack\filters\ffdshow\ffdshow.ax"
+ "ffdshow raw video filter"	"DirectShow and VFW video and audio decoding/encoding/processing filter"	""	"c:\program files (x86)\k-lite codec pack\filters\ffdshow\ffdshow.ax"
+ "ffdshow subtitles filter"	"DirectShow and VFW video and audio decoding/encoding/processing filter"	""	"c:\program files (x86)\k-lite codec pack\filters\ffdshow\ffdshow.ax"
+ "ffdshow Video Decoder"	"DirectShow and VFW video and audio decoding/encoding/processing filter"	""	"c:\program files (x86)\k-lite codec pack\filters\ffdshow\ffdshow.ax"
+ "Haali Matroska Muxer"	"Haali Media Splitter"	""	"c:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Media Splitter"	"Haali Media Splitter"	""	"c:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Media Splitter (AR)"	"Haali Media Splitter"	""	"c:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Simple Media Splitter"	"Haali Media Splitter"	""	"c:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Video Renderer"	""	""	"c:\program files (x86)\k-lite codec pack\filters\haali\dxr.dll"
+ "Haali Video Sink"	"Haali Media Splitter"	""	"c:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax"
+ "LAV Audio Decoder"	"LAV Audio Decoder - DirectShow Audio Decoder"	"1f0.de - Hendrik Leppkes"	"c:\program files (x86)\k-lite codec pack\filters\lav\lavaudio.ax"
+ "LAV Splitter"	"LAV Splitter - DirectShow Media Splitter"	"1f0.de - Hendrik Leppkes"	"c:\program files (x86)\k-lite codec pack\filters\lav\lavsplitter.ax"
+ "LAV Splitter Source"	"LAV Splitter - DirectShow Media Splitter"	"1f0.de - Hendrik Leppkes"	"c:\program files (x86)\k-lite codec pack\filters\lav\lavsplitter.ax"
+ "LAV Video Decoder"	"LAV Video Decoder - DirectShow Video Decoder"	"1f0.de - Hendrik Leppkes"	"c:\program files (x86)\k-lite codec pack\filters\lav\lavvideo.ax"
+ "MPC - RealAudio Decoder"	"RealMedia Splitter"	"MPC-HC Team"	"c:\program files (x86)\real alternative\realmediasplitter.ax"
+ "MPC - RealMedia Source"	"RealMedia Splitter"	"MPC-HC Team"	"c:\program files (x86)\real alternative\realmediasplitter.ax"
+ "MPC - RealMedia Splitter"	"RealMedia Splitter"	"MPC-HC Team"	"c:\program files (x86)\real alternative\realmediasplitter.ax"
+ "MPC - RealVideo Decoder"	"RealMedia Splitter"	"MPC-HC Team"	"c:\program files (x86)\real alternative\realmediasplitter.ax"
+ "NeAudio2"	"Nero Audio Decoder 2"	"Nero AG"	"c:\program files (x86)\common files\nero\dsfilter\neaudio2.ax"
+ "Nero DVD Decoder"	"MPEG-1/2/4 & AVC video decoder w/ DxVA"	"Nero AG"	"c:\program files (x86)\common files\nero\dsfilter\nevideo.ax"
+ "Nero MP4 Splitter"	"MP4 Splitter Filter"	"Nero AG"	"c:\program files (x86)\common files\nero\dsfilter\nemp4splitter.ax"
+ "Nero Splitter"	"Splitter Filter"	"Nero AG"	"c:\program files (x86)\common files\nero\dsfilter\nesplitter.ax"
+ "Nero Video Decoder"	"MPEG-1/2/4 & AVC video decoder w/ DxVA"	"Nero AG"	"c:\program files (x86)\common files\nero\dsfilter\nevideo.ax"
+ "rgc:audio z3ta+"	"z3ta+ Waveshaping Synthesizer"	"Cakewalk Music Software"	"e:\vstplugins\z3ta+\z3ta+_fx.dll"
+ "Video Memory Render Filter"	""	""	"e:\fl\plugins\fruity\effects\zgameeditor visualizer\videomemoryrenderfilter.ax"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls"	""	""	""
+ "c:\progra~3\browse~1\23762~1.17\{16cdf~1\browse~1.dll"	""	""	"File not found: c:\progra~3\browse~1\23762~1.17\{16cdf~1\browse~1.dll"
Ten defragmentator z windowsa to się nie nadaje na nic,to czym to można zrobić byle by dobrze?Mam diskkeeper ale coś nie chce mi chodzić.

  #10 (permalink)  
Stare 08.10.2012, 15:22
Senior Member
 
Zarejestrowany: Aug 2012
Skąd: C:\Windows\
Postów: 2 022
Postów w giełdzie: 0
Domyślnie Odp: adobe32/svchost.exe

W autoruns odznacz:
Zakładka
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run"
"DAEMON Tools Lite"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"
Wszystko
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"
Wszystko


To chyba tyle
A co do defragmentacji to moge polecic program prosty w obsludze:
http://www.instalki.pl/programy/down...efraggler.html
Sa jeszcze jakies problemy?
Odpowiedz

Szybka odpowiedź
Antispam, complete the task: 
 
Wiadomość:
Opcje

Narzędzia wątku Przeszukaj ten temat
Przeszukaj ten temat:

Zaawansowane wyszukiwanie
Wygląd

Zasady postowania
Nie możesz zakładać nowych tematów
Nie możesz pisać wiadomości
Nie możesz dodawać załączników
Nie możesz edytować swoich postów

BBCode jest Włączony
EmotikonyWłączony
[IMG] kod jest Włączony
HTML kod jest Wyłączony
Trackbacks are Wyłączony
Pingbacks are Wyłączony
Refbacks are Wyłączony


Podobne wątki
Temat Autor wątku Forum Odpowiedzi Ostatni post/autor
Svchost.exe na 100% cpu i services.exe-powtórka z przeszłości procesor777 Logi do sprawdzenia 6 08.05.2010 12:10
WmiPrvSE.exe i svchost.exe - olbrzymie zużycie procesora Lerhond Logi do sprawdzenia 7 19.03.2010 18:46
Svchost.exe i services.exe- duży problem, komputer zmulony całkowicie... procesor777 Logi do sprawdzenia 28 12.03.2010 15:57
Proces system svchost.exe avmo.exe (problem inny) cordelo bezpieczeństwo i anonimowość 3 28.04.2009 19:13
Proszę o sprawdzenie LOGA - dwwin.exe, svchost.exe, ROOTKIT w systemie... Hostel Logi do sprawdzenia 9 22.03.2007 19:24


Wszystkie czasy w strefie GMT +2. Teraz jest 10:30.

Powered by vBulletin® Version 3.8.8 Beta 3
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Search Engine Friendly URLs by vBSEO 3.5.2
Tłumaczenie: vBHELP.pl - Polskie wsparcie vBulletin
1414139413

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345