Aktualizacje na programosy.pl: FocuskyNetwork NotepadDiagram DesignerNTLite Free PortableNTLite Freen-Track StudioSoftPerfect WiFi GuardVidyard GoVideoK7 UltimateSecurity  

  • Ogłoszenie:

Antywirusy po jakimś czasie przestają działać

Bezpieczeństwo systemów, usuwanie wirusów, dobieranie programów antywirusowych. Obowiązkowe logi w tym dziale: trzy z FRST + Gmer.
Wyślij odpowiedź

Antywirusy po jakimś czasie przestają działać

Postprzez lucas1979 28 Lut 2010, 17:47

reklama
Witam, moim problemem jest to że po zainstalowaniu antywirusa ( najpierw Avast 5 teraz Avg 9) przez jakiś czas jest dobrze a potem podczas włączania komputera antywirus nie włącza się w autostarcie a próba jego włączenia poprzez ikonę kończy się komunikatem "Nie można uruchomić aplikacji, ponieważ jej konfiguracja jest niewłaściwa. Problem ten może rozwiązać ponowne zainstalowanie aplikacji."
zrobiłem pełne skanowanie Avg ( reinstalacja na razie pomogła ale w Avascie było to samo - pomagało na jakiś czas) a potem jeszcze Ad aware i Spybot S&D oraz dwoma skanerami online, wykazało mi tylko trzy robale o niskim zagrożeniu które usunąłem
Oto log z OTL
Kod: Zaznacz wszystko
OTL logfile created on: 2010-02-28 16:50:02 - Run 1
OTL by OldTimer - Version 3.1.30.3     Folder = E:\Z przeglądarki
Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 71,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29,29 Gb Total Space | 18,93 Gb Free Space | 64,61% Space Free | Partition Type: NTFS
Drive D: | 29,29 Gb Total Space | 3,58 Gb Free Space | 12,23% Space Free | Partition Type: NTFS
Drive E: | 78,13 Gb Total Space | 48,89 Gb Free Space | 62,58% Space Free | Partition Type: NTFS
Drive F: | 39,06 Gb Total Space | 38,67 Gb Free Space | 99,00% Space Free | Partition Type: NTFS
Drive G: | 57,10 Gb Total Space | 44,30 Gb Free Space | 77,58% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DOMOWY
Current User Name: Łukasz
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2010-02-28 16:48:36 | 000,549,888 | ---- | M] (OldTimer Tools) -- E:\Z przeglądarki\OTL.exe
PRC - [2010-02-28 11:17:27 | 000,396,288 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
PRC - [2010-02-28 09:34:07 | 001,055,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010-02-28 09:34:06 | 000,702,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010-02-28 09:34:06 | 000,600,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010-02-28 09:34:06 | 000,503,576 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010-02-28 09:34:04 | 002,033,432 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010-02-28 09:34:04 | 000,906,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe
PRC - [2010-02-28 09:34:03 | 000,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010-02-25 23:15:43 | 011,952,304 | ---- | M] (Mozilla Messaging) -- C:\Program Files\Mozilla Thunderbird\thunderbird.exe
PRC - [2010-01-16 04:18:19 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-01-03 15:19:45 | 000,152,984 | -H-- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2008-10-06 01:54:18 | 000,407,040 | ---- | M] (Michał Bąbik) -- C:\Program Files\Tla Pulpitu\zmtla.exe
PRC - [2008-04-14 21:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2010-02-28 16:48:36 | 000,549,888 | ---- | M] (OldTimer Tools) -- E:\Z przeglądarki\OTL.exe


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [On_Demand | Stopped] --  -- (IDriverT)
SRV - File not found [Auto | Stopped] --  -- (gupdate) Usługa Google Update (gupdate)
SRV - [2010-02-28 09:34:04 | 000,906,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010-02-28 09:34:03 | 000,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010-01-11 22:17:44 | 000,154,216 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\nvsvc32.exe -- (nvsvc)
SRV - [2009-11-18 21:46:24 | 000,183,112 | ---- | M] () [Disabled | Stopped] -- C:\WINDOWS\system32\PnkBstrB.exe -- (PnkBstrB)
SRV - [2009-01-03 15:19:45 | 000,152,984 | -H-- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2003-07-28 19:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2010-02-28 09:34:18 | 000,360,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010-02-28 09:34:15 | 000,333,192 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010-02-28 09:34:14 | 000,028,424 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010-02-07 22:21:54 | 000,047,360 | ---- | M] (VSO Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pcouffin.sys -- (pcouffin)
DRV - [2010-01-12 05:03:33 | 010,276,768 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2009-07-21 22:42:21 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\etdrv.sys -- (etdrv)
DRV - [2009-07-21 22:41:29 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2009-07-10 16:14:42 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009-07-04 19:20:49 | 000,279,712 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2009-07-04 19:20:49 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009-01-20 11:53:06 | 005,027,840 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009-01-13 18:13:52 | 000,049,160 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2009-01-13 18:13:44 | 000,014,728 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2009-01-13 18:13:36 | 000,031,240 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmHidLo.sys -- (WmHidLo)
DRV - [2009-01-13 18:13:28 | 000,029,192 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2009-01-13 18:13:20 | 000,019,336 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2008-10-30 14:14:20 | 000,117,888 | R--- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008-06-20 12:08:27 | 000,225,856 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2008-04-13 23:26:08 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008-04-13 21:09:18 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2008-04-13 21:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2006-06-16 11:20:18 | 000,012,416 | ---- | M] (         ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gt680x.sys -- (GT680x)
DRV - [2002-09-23 13:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2002-09-23 13:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2002-09-23 13:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [1999-10-21 10:12:52 | 000,020,400 | ---- | M] (EnTech Taiwan) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\entech.sys -- (ENTECH)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]



IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1960408961-823518204-839522115-1004\S-1-5-21-1960408961-823518204-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "http://www.allegro.pl/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.7
FF - prefs.js..extensions.enabledItems: lazarus@interclue.com:2.0.5
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.716
FF - prefs.js..extensions.enabledItems: nasanightlaunch@example.com:0.6.20100112

FF - HKLM\software\mozilla\Firefox\extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010-02-28 09:34:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-01-21 16:35:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-02-12 23:21:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010-02-25 23:15:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.2\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

[2010-01-21 17:09:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Mozilla\Extensions
[2010-01-21 17:09:43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Łukasz\Dane aplikacji\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010-02-27 22:42:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Mozilla\Firefox\Profiles\cijia1zf.default\extensions
[2009-12-06 13:14:34 | 000,000,000 | ---D | M] (Stylish) -- C:\Documents and Settings\Łukasz\Dane aplikacji\Mozilla\Firefox\Profiles\cijia1zf.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2010-01-07 19:55:00 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Łukasz\Dane aplikacji\Mozilla\Firefox\Profiles\cijia1zf.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010-01-27 23:10:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Mozilla\Firefox\Profiles\cijia1zf.default\extensions\lazarus@interclue.com
[2010-01-21 16:41:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Mozilla\Firefox\Profiles\cijia1zf.default\extensions\nasanightlaunch@example.com
[2010-02-27 22:42:55 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010-01-16 02:08:36 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-01-16 02:08:36 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-01-16 02:08:36 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-01-16 02:08:36 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-01-16 02:08:36 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-01-16 02:08:36 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2002-09-23 13:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Tła pulpitu] C:\Program Files\Tla Pulpitu\zmtla.exe (Michał Bąbik)
O4 - HKU\S-1-5-21-1960408961-823518204-839522115-1004..\Run: [Thunderbird] C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Messaging)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1960408961-823518204-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.151.0.5 89.151.0.27
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Łukasz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Łukasz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-07-04 05:15:31 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{1885b97a-e3e6-11de-b67e-00241d2e14c6}\Shell\AutoRun\command - "" = xmor.exe
O33 - MountPoints2\{1885b97a-e3e6-11de-b67e-00241d2e14c6}\Shell\open\Command - "" = xmor.exe
O33 - MountPoints2\{f65a49c5-686c-11de-b57a-00241d2e14c6}\Shell\AutoRun\command - "" = wfx062.exe
O33 - MountPoints2\{f65a49c5-686c-11de-b57a-00241d2e14c6}\Shell\open\Command - "" = wfx062.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2010-02-28 15:50:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Dane aplikacji\ArcaBit
[2010-02-28 15:16:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Dane aplikacji\ArcaVirMicroScan
[2010-02-28 13:59:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2010-02-28 13:58:58 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2010-02-28 11:17:27 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010-02-28 09:51:46 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010-02-28 09:50:40 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\~0
[2010-02-28 09:50:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Lavasoft
[2010-02-28 09:47:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Spybot - Search & Destroy
[2010-02-28 09:34:27 | 000,000,000 | -H-D | C] -- D:\$AVG
[2010-02-28 09:34:27 | 000,000,000 | -H-D | C] -- C:\$AVG
[2010-02-28 09:34:18 | 000,360,584 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010-02-28 09:34:18 | 000,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010-02-28 09:34:15 | 000,333,192 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2010-02-28 09:34:14 | 000,028,424 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2010-02-28 09:34:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\Avg
[2010-02-28 09:34:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\avg9
[2010-02-28 09:33:38 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2010-02-28 09:33:38 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[2010-02-28 09:33:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2010-02-28 09:32:22 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Łukasz\Recent
[2010-02-28 09:27:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2010-02-27 08:53:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Ustawienia lokalne\Dane aplikacji\Geckofx
[2010-02-27 08:43:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Broad Intelligence
[2010-02-27 08:30:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Dane aplikacji\AnvSoft
[2010-02-07 22:21:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Vso
[2010-02-07 15:27:47 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2010-02-06 22:41:03 | 000,000,000 | ---D | C] -- D:\Moje Gry
[2010-02-02 21:37:31 | 000,000,000 | RH-D | C] -- D:\Moja muzyka
[2010-01-31 14:19:45 | 000,000,000 | RH-D | C] -- D:\Moje obrazy
[2010-01-26 08:36:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Google
[2010-01-25 10:35:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google
[2009-11-24 23:50:52 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Łukasz\Dane aplikacji\pcouffin.sys
[2009-11-22 16:44:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Help
[2009-11-22 16:44:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Help
[2009-07-04 08:51:19 | 000,012,416 | ---- | C] (         ) -- C:\WINDOWS\System32\drivers\gt680x.sys
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[11 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2010-02-28 16:29:00 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010-02-28 15:18:59 | 000,000,583 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\ArcaVirMicroScan.lnk
[2010-02-28 11:17:28 | 000,001,740 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\HijackThis.lnk
[2010-02-28 10:57:11 | 000,000,194 | -H-- | M] () -- C:\aaw7boot.cmd
[2010-02-28 09:57:38 | 000,448,720 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-02-28 09:57:37 | 001,116,198 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-02-28 09:57:37 | 000,504,924 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-02-28 09:57:37 | 000,074,946 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-02-28 09:57:37 | 000,074,752 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-02-28 09:53:09 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-02-28 09:53:09 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010-02-28 09:53:08 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-02-28 09:53:07 | 000,000,458 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010-02-28 09:52:59 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-02-28 09:51:59 | 004,980,736 | ---- | M] () -- C:\Documents and Settings\Łukasz\ntuser.dat
[2010-02-28 09:51:59 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Łukasz\ntuser.ini
[2010-02-28 09:51:45 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010-02-28 09:35:55 | 056,402,923 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010-02-28 09:35:42 | 000,142,495 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2010-02-28 09:34:18 | 000,360,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010-02-28 09:34:18 | 000,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010-02-28 09:34:15 | 000,333,192 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2010-02-28 09:34:14 | 000,113,461 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2010-02-28 09:34:14 | 000,028,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2010-02-28 09:34:10 | 006,061,540 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2010-02-28 09:34:10 | 000,492,629 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2010-02-27 22:59:23 | 000,103,424 | ---- | M] () -- C:\Documents and Settings\Łukasz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-02-20 21:38:33 | 000,012,559 | ---- | M] () -- C:\Documents and Settings\Łukasz\.recently-used.xbel
[2010-02-20 17:24:24 | 000,271,490 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010-02-19 17:17:25 | 000,000,008 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
[2010-02-13 16:42:50 | 000,087,608 | ---- | M] () -- C:\Documents and Settings\Łukasz\Dane aplikacji\inst.exe
[2010-02-13 16:42:50 | 000,047,360 | ---- | M] (VSO Software) -- C:\Documents and Settings\Łukasz\Dane aplikacji\pcouffin.sys
[2010-02-13 16:42:50 | 000,007,887 | ---- | M] () -- C:\Documents and Settings\Łukasz\Dane aplikacji\pcouffin.cat
[2010-02-13 16:42:50 | 000,001,144 | ---- | M] () -- C:\Documents and Settings\Łukasz\Dane aplikacji\pcouffin.inf
[2010-02-13 13:45:14 | 000,000,668 | ---- | M] () -- C:\Documents and Settings\Łukasz\Dane aplikacji\vso_ts_preview.xml
[2010-02-07 22:21:54 | 000,047,360 | ---- | M] (VSO Software) -- C:\WINDOWS\System32\drivers\pcouffin.sys
[2010-02-07 15:19:40 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[11 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-02-28 15:18:59 | 000,000,583 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\ArcaVirMicroScan.lnk
[2010-02-28 11:17:28 | 000,001,740 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\HijackThis.lnk
[2010-02-28 10:57:11 | 000,000,194 | -H-- | C] () -- C:\aaw7boot.cmd
[2010-02-28 09:52:09 | 000,000,458 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010-02-28 09:34:14 | 000,113,461 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2010-02-28 09:34:10 | 056,402,923 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010-02-28 09:34:10 | 006,061,540 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2010-02-28 09:34:10 | 000,492,629 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2010-02-28 09:34:10 | 000,142,495 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2010-02-20 21:38:33 | 000,012,559 | ---- | C] () -- C:\Documents and Settings\Łukasz\.recently-used.xbel
[2010-02-06 12:38:01 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat
[2009-11-26 11:20:26 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009-11-26 11:20:26 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009-11-24 23:51:04 | 000,000,668 | ---- | C] () -- C:\Documents and Settings\Łukasz\Dane aplikacji\vso_ts_preview.xml
[2009-11-24 23:50:56 | 000,000,033 | ---- | C] () -- C:\Documents and Settings\Łukasz\Dane aplikacji\pcouffin.log
[2009-11-24 23:50:52 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Łukasz\Dane aplikacji\inst.exe
[2009-11-24 23:50:52 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Łukasz\Dane aplikacji\pcouffin.cat
[2009-11-24 23:50:52 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Łukasz\Dane aplikacji\pcouffin.inf
[2009-11-24 11:33:24 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009-11-17 18:29:36 | 000,138,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009-10-03 11:32:35 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\AVERM.dll
[2009-10-03 11:32:35 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\AVEQT.dll
[2009-10-02 18:15:34 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2009-09-09 12:48:24 | 000,000,004 | ---- | C] () -- C:\WINDOWS\System32\micr0st.dll
[2009-09-03 22:24:22 | 000,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009-09-03 22:24:18 | 000,207,360 | ---- | C] () -- C:\WINDOWS\System32\evrprop.dll
[2009-09-03 22:24:13 | 000,258,048 | ---- | C] () -- C:\WINDOWS\System32\libFLAC.dll
[2009-09-03 22:23:27 | 000,079,360 | ---- | C] () -- C:\WINDOWS\System32\mkzlib.dll
[2009-09-03 22:23:26 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\mkunicode.dll
[2009-08-30 08:13:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ui.INI
[2009-07-10 16:14:41 | 000,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009-07-06 13:10:58 | 000,024,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\GVTDrv.sys
[2009-07-04 19:20:49 | 000,279,712 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009-07-04 19:20:49 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009-07-04 13:18:51 | 000,103,424 | ---- | C] () -- C:\Documents and Settings\Łukasz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-07-04 12:36:26 | 000,000,071 | ---- | C] () -- C:\WINDOWS\ScreenHunter.INI
[2009-07-04 09:54:13 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009-07-04 09:03:14 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS66.DLL
[2009-07-04 08:51:19 | 000,000,484 | ---- | C] () -- C:\WINDOWS\System32\PS2DMiniDrv.ini
[2009-07-04 08:51:17 | 000,303,186 | ---- | C] () -- C:\WINDOWS\System32\MKCoInstaller.dll
[2005-05-29 02:45:43 | 000,647,168 | ---- | C] () -- C:\WINDOWS\System32\pqdvdb.dll
[1996-04-03 20:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

[color=#E56717]========== LOP Check ==========[/color]

[2009-07-04 10:01:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ashampoo
[2010-02-28 09:34:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\avg9
[2009-07-10 16:17:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2009-07-04 19:49:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Tages
[2009-10-02 18:10:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2010-02-28 12:08:14 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\~0
[2010-02-27 08:30:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\AnvSoft
[2010-02-28 15:50:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\ArcaBit
[2010-02-28 15:19:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\ArcaVirMicroScan
[2009-12-07 11:00:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Ashampoo
[2010-02-27 09:10:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Broad Intelligence
[2009-07-10 16:18:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\DAEMON Tools
[2009-07-10 16:18:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\DAEMON Tools Lite
[2010-02-20 21:38:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\gtk-2.0
[2009-08-23 15:22:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\ScannerData
[2010-01-21 17:09:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Thunderbird
[2009-09-28 18:02:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Tla Pulpitu
[2010-02-13 16:42:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Vso
[2010-02-28 09:53:07 | 000,000,458 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job

[color=#E56717]========== Purity Check ==========[/color]


< End of report >
Ostatnio edytowany przez lucas1979, 28 Lut 2010, 18:37, edytowano w sumie 1 raz
AMD Phenom X4 955 BE@3,6Ghz;Gigabyte GA-MA770T-UD3P; 4x1GB Kingston DDR3 1333 Mhz; Gainward GTX260 896MB 448bit PCI-E DDR3 Golden Sample 55nm
lucas1979
~user
 
Posty: 298
Dołączenie: 15 Lip 2005, 16:38
Miejscowość: GŁOGÓW
Pochwały: 1


Góra

Antywirusy po jakimś czasie przestają działać

Postprzez wojtas 28 Lut 2010, 18:26

Proszę zastosować się do zasad wstawiania logów i edytować swój post zgodnie z zasadami
Image
Awatar użytkownika
wojtas
*mod
 
Posty: 18165
Dołączenie: 13 Sty 2006, 16:00
Miejscowość: Krzeszyce
Pochwały: 1656


Góra
Wyślij odpowiedź

Powróć do Bezpieczeństwo

Kto jest na forum

Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 19 gości

Powered by phpBB © Group
Forum Programosy.pl