VISTA! - Problem z grami na laptopie HP Pavilion dv5

Witam ! Mam problem z zainstalowaniem gier na laptopie HP Pavilion dv5 1020ew! Windows Vista Home Premium! Podczas instalacji gier instalcaja się zacina, a drugi przypadek gdy otwieram obraz gry przez Deamona zaczynam instalowac gre, wpisuje klucz, gdy przechodzi juz do instalacji wyskakuje blad ... error reading from file F:\autorun.dat. verify that the file exists and that you can access it ! co to ma znaczyc? vista ma jakies zabezpieczenia? czekam na odpowiedz! a drugie pytanko: są sterowniki do tego modelu na Windowsa XP? bo na stronie producenta sa ale nie do wszystkiego! moze od innych modeli HP Palivion beda pasowac?

error reading from file F:\autorun.dat

Przypuszczam że Masz jakiegoś syfa na kompie daj loga z Hijackthis'a i combofix'a
http://forum.idg.pl/bezpieczenstwo_kompute...ia-t118804.html
(ComboFix powinien to usunąć)

nic nie pomoglo ... instalowalem i to samo jest ... moze zobaczysz do tych plikow z tych programow bo ja nie wiem o co w nich chodzi:)

ComboFix 08-12-17.01 - admin 2008-12-18 16:16:26.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1250.1.1045.18.3069.1817 [GMT 1:00]
Uruchomiony z: c:\users\admin\AppData\Local\Opera\Opera\profile\cache4\temporary_download\ComboFix.exe
.

((((((((((((((((((((((((( Pliki utworzone od 2008-11-18 do 2008-12-18 )))))))))))))))))))))))))))))))
.

2008-12-17 18:31 . 2008-12-17 19:12 <DIR> d-------- c:\program files\Norton Internet Security
2008-12-17 18:29 . 2008-12-17 19:01 <DIR> d-------- c:\program files\Symantec
2008-12-17 18:29 . 2008-12-17 19:01 123,952 --a------ c:\windows\System32\drivers\SYMEVENT.SYS
2008-12-17 18:29 . 2008-12-17 19:01 10,671 --a------ c:\windows\System32\drivers\SYMEVENT.CAT
2008-12-17 18:29 . 2008-12-17 19:01 805 --a------ c:\windows\System32\drivers\SYMEVENT.INF
2008-12-17 17:36 . 2008-12-17 17:46 <DIR> d-------- c:\users\admin\NIS2008 PL
2008-12-16 17:23 . 2008-12-16 17:23 <DIR> d-------- c:\program files\Activision
2008-12-13 21:02 . 2008-12-13 21:12 <DIR> d-------- c:\users\admin\2008_12_13
2008-12-13 20:18 . 2008-12-13 20:18 <DIR> d-------- c:\users\All Users\DAEMON Tools Lite
2008-12-13 20:18 . 2008-12-13 20:18 <DIR> d-------- c:\users\admin\AppData\Roaming\DAEMON Tools Pro
2008-12-13 20:18 . 2008-12-13 20:18 <DIR> d-------- c:\programdata\DAEMON Tools Lite
2008-12-13 20:17 . 2008-12-13 20:18 <DIR> d-------- c:\users\admin\AppData\Roaming\DAEMON Tools Lite
2008-12-13 20:17 . 2008-12-13 20:18 <DIR> d-------- c:\program files\DAEMON Tools Lite
2008-12-10 11:38 . 2008-10-22 02:22 2,048 --a------ c:\windows\System32\tzres.dll
2008-12-10 10:40 . 2008-11-01 02:21 4,240,384 --a------ c:\windows\System32\GameUXLegacyGDFs.dll
2008-12-10 10:40 . 2008-06-23 02:59 2,868,736 --a------ c:\windows\System32\mf.dll
2008-12-10 10:40 . 2008-06-23 02:59 996,352 --a------ c:\windows\System32\WMNetMgr.dll
2008-12-10 10:40 . 2008-06-23 02:58 94,720 --a------ c:\windows\System32\logagent.exe
2008-12-10 10:40 . 2008-11-01 04:44 28,672 --a------ c:\windows\System32\Apphlpdm.dll
2008-12-10 10:12 . 2008-10-21 06:25 296,960 --a------ c:\windows\System32\gdi32.dll
2008-12-10 10:08 . 2008-10-29 07:29 2,927,104 --a------ c:\windows\explorer.exe
2008-12-10 10:08 . 2008-10-16 03:23 1,383,424 --a------ c:\windows\System32\mshtml.tlb
2008-12-10 10:08 . 2008-10-16 05:47 827,392 --a------ c:\windows\System32\wininet.dll
2008-12-09 10:25 . 2008-12-09 10:30 <DIR> d--h----- c:\windows\msdownld.tmp
2008-12-08 11:14 . 2008-12-08 11:14 <DIR> dr-h----- c:\users\admin\AppData\Roaming\SecuROM
2008-12-08 11:08 . 2008-12-08 11:08 <DIR> d-------- c:\users\All Users\Electronic Arts
2008-12-08 11:08 . 2008-12-08 11:08 <DIR> d-------- c:\programdata\Electronic Arts
2008-12-08 10:45 . 2008-05-30 14:11 3,850,760 --a------ c:\windows\System32\D3DX9_38.dll
2008-12-08 10:45 . 2007-07-19 18:14 3,727,720 --a------ c:\windows\System32\d3dx9_35.dll
2008-12-08 10:45 . 2008-05-30 14:11 1,491,992 --a------ c:\windows\System32\D3DCompiler_38.dll
2008-12-08 10:45 . 2007-07-19 18:14 1,358,192 --a------ c:\windows\System32\D3DCompiler_35.dll
2008-12-08 10:45 . 2008-05-30 14:11 467,984 --a------ c:\windows\System32\d3dx10_38.dll
2008-12-08 10:45 . 2007-07-19 18:14 444,776 --a------ c:\windows\System32\d3dx10_35.dll
2008-12-07 21:21 . 2008-12-07 21:22 <DIR> d-------- c:\program files\Gadu-Gadu
2008-12-07 21:05 . 2008-12-07 21:05 <DIR> d-------- c:\program files\Ubisoft
2008-12-07 19:15 . 2008-12-07 19:15 <DIR> d-------- c:\program files\Microsoft.NET
2008-12-07 19:10 . 2008-12-07 19:10 <DIR> d-------- c:\program files\Microsoft Visual Studio 8
2008-12-07 19:04 . 2008-12-07 19:04 <DIR> dr-h----- C:\MSOCache
2008-12-07 18:59 . 2008-12-13 20:18 <DIR> d-------- c:\program files\DAEMON Tools Toolbar
2008-12-07 18:55 . 2008-12-13 20:18 <DIR> d-------- c:\users\admin\AppData\Roaming\DAEMON Tools
2008-12-07 13:29 . 2008-12-17 19:05 <DIR> d-------- c:\users\admin\AppData\Roaming\Dev-Cpp
2008-12-07 11:53 . 2008-12-07 18:56 717,296 --a------ c:\windows\System32\drivers\sptd.sys
2008-12-07 11:46 . 2008-12-07 11:46 <DIR> d-------- c:\program files\MSECache
2008-12-07 10:39 . 2008-12-07 11:45 <DIR> d-------- c:\users\admin\office 2007
2008-12-04 07:29 . 2008-12-04 07:29 <DIR> d-------- c:\users\admin\Bluetooth Software
2008-12-03 19:23 . 2008-12-16 19:55 <DIR> d-------- c:\users\admin\Muzyka
2008-12-01 18:44 . 2008-12-01 18:44 <DIR> d-------- c:\users\admin\AppData\Roaming\Template
2008-12-01 18:44 . 2008-12-01 18:44 0 --a------ c:\users\admin\AppData\Roaming\wklnhst.dat
2008-11-30 20:14 . 2008-08-28 04:40 712,704 --a------ c:\windows\System32\WindowsCodecs.dll
2008-11-30 20:14 . 2008-08-28 04:40 425,472 --a------ c:\windows\System32\PhotoMetadataHandler.dll
2008-11-30 20:14 . 2008-08-28 04:40 347,136 --a------ c:\windows\System32\WindowsCodecsExt.dll
2008-11-29 19:58 . 2008-10-21 06:25 1,645,568 --a------ c:\windows\System32\connect.dll
2008-11-29 19:58 . 2008-10-22 04:57 241,152 --a------ c:\windows\System32\PortableDeviceApi.dll
2008-11-22 23:00 . 2008-11-22 23:00 <DIR> d-------- c:\users\All Users\281F3
2008-11-22 23:00 . 2008-11-22 23:00 <DIR> d-------- c:\programdata\281F3
2008-11-21 21:59 . 2008-11-21 21:59 <DIR> d-------- c:\users\All Users\2215
2008-11-21 21:59 . 2008-11-21 21:59 <DIR> d-------- c:\programdata\2215
2008-11-21 21:55 . 2008-11-21 21:56 <DIR> d-------- c:\program files\BearShare Applications
2008-11-21 21:55 . 2008-09-25 14:20 483,328 --a------ c:\windows\System32\actskn45.ocx
2008-11-21 10:00 . 2008-10-16 22:13 1,809,944 --a------ c:\windows\System32\wuaueng.dll
2008-11-21 10:00 . 2008-10-16 21:56 1,524,736 --a------ c:\windows\System32\wucltux.dll
2008-11-21 10:00 . 2008-10-16 22:09 51,224 --a------ c:\windows\System32\wuauclt.exe
2008-11-21 10:00 . 2008-10-16 22:09 43,544 --a------ c:\windows\System32\wups2.dll
2008-11-21 09:59 . 2008-10-16 22:12 561,688 --a------ c:\windows\System32\wuapi.dll
2008-11-21 09:59 . 2008-10-16 14:08 162,064 --a------ c:\windows\System32\wuwebv.dll
2008-11-21 09:59 . 2008-10-16 21:55 83,456 --a------ c:\windows\System32\wudriver.dll
2008-11-21 09:59 . 2008-10-16 22:08 34,328 --a------ c:\windows\System32\wups.dll
2008-11-21 09:59 . 2008-10-16 13:56 31,232 --a------ c:\windows\System32\wuapp.exe

.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-18 14:59 --------- d-----w c:\users\admin\AppData\Roaming\zweitgeist
2008-12-17 18:12 --------- d-----w c:\program files\Common Files\Symantec Shared
2008-12-17 18:04 --------- d-----w c:\programdata\Symantec
2008-12-17 16:41 --------- d-----w c:\users\admin\AppData\Roaming\Symantec
2008-12-16 19:04 --------- d-----w c:\program files\EA GAMES
2008-12-16 16:03 --------- d-----w c:\users\admin\AppData\Roaming\uTorrent
2008-12-15 18:36 --------- d-----w c:\users\admin\AppData\Roaming\VSO
2008-12-13 19:36 --------- d-----w c:\users\admin\AppData\Roaming\Canon
2008-12-13 19:35 --------- d-----w c:\program files\Canon
2008-12-10 14:32 --------- d-----w c:\program files\Windows Mail
2008-12-10 10:42 --------- d-----w c:\programdata\Microsoft Help
2008-12-08 10:21 --------- d--h--w c:\program files\InstallShield Installation Information
2008-12-07 21:13 --------- d-----w c:\program files\Microsoft Games
2008-12-07 18:18 --------- d-----w c:\program files\MSBuild
2008-12-07 18:18 --------- d-----w c:\program files\Microsoft Works
2008-12-05 18:12 --------- d-----w c:\users\admin\AppData\Roaming\Skype
2008-12-05 17:36 --------- d-----w c:\users\admin\AppData\Roaming\skypePM
2008-12-01 17:40 --------- d-----w c:\users\admin\AppData\Roaming\Hewlett-Packard
2008-11-07 20:32 --------- d-----w c:\program files\System Closer
2008-11-07 19:37 --------- d-----w c:\programdata\CanonIJPLM
2008-11-04 18:45 --------- d-----w c:\program files\Nowe Gadu-Gadu
2008-11-04 18:42 --------- d-----w c:\users\admin\AppData\Roaming\Nowe Gadu-Gadu
2008-11-03 18:11 --------- d-----w c:\programdata\Hewlett-Packard
2008-11-02 19:33 --------- d-----w c:\program files\Wru
2008-11-01 03:44 541,696 ----a-w c:\windows\AppPatch\AcLayers.dll
2008-11-01 03:44 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll
2008-11-01 03:44 460,288 ----a-w c:\windows\AppPatch\AcSpecfc.dll
2008-11-01 03:44 2,154,496 ----a-w c:\windows\AppPatch\AcGenral.dll
2008-11-01 03:44 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll
2008-10-27 10:28 --------- d-----w c:\program files\Audacity
2008-10-25 18:29 --------- d-----w c:\program files\Sun
2008-10-25 18:20 --------- d-----w c:\program files\Java
2008-10-23 17:20 --------- d-----w c:\program files\MGrenda
2008-10-23 13:04 --------- d---a-w c:\programdata\TEMP
2008-10-23 13:04 --------- d-----w c:\program files\Easy CD-DA Extractor 12
2008-10-22 14:21 21,248 ----a-w c:\windows\Help\OEM\scripts\HPScript.exe
2008-10-20 08:53 --------- d-----w c:\users\admin\AppData\Roaming\PC Suite
2008-10-20 08:53 --------- d-----w c:\programdata\PC Suite
2008-10-20 08:53 --------- d-----w c:\program files\Common Files\PCSuite
2008-10-20 08:51 --------- d-----w c:\programdata\Downloaded Installations
2008-10-06 09:51 20,224 ----a-w c:\windows\Help\OEM\scripts\HC_checkMUI.dll
2008-09-26 17:09 56 ---ha-w c:\users\All Users\ezsidmv.dat
2008-09-26 17:09 56 ---ha-w c:\programdata\ezsidmv.dat
2008-01-21 02:43 174 --sha-w c:\program files\desktop.ini
.

((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "c:\program files\Winamp Toolbar\winamptb.dll" [2008-07-16 1266992]

[HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}]
2008-09-02 15:05 398776 --a------ c:\program files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-02-26 2289664]
"ISUSPM"="c:\programdata\Macrovision\FLEXnet Connect\6\ISUSPM.exe" [2007-07-12 226904]
"zweitgeist Assistant"="c:\users\admin\Documents\weblin\weblinAssistant.exe" [2008-11-19 192512]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"AdobeUpdater"="c:\program files\Common Files\Adobe\Updater\AdobeUpdater.exe" [2005-03-16 970752]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"Gadu-Gadu"="c:\program files\Gadu-Gadu\gg.exe" [2008-03-20 2127296]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-12-10 216520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-01-17 1033512]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-04-16 442433]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-12-24 222504]
"DpAgent"="c:\program files\DigitalPersona\Bin\dpagent.exe" [2008-03-12 699456]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2008-05-14 468264]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-03-14 202032]
"OnScreenDisplay"="c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-11-01 554288]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-04-15 70912]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-11-20 488752]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-08-04 36352]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"SecurDisc"="c:\program files\Nero\Nero 7\InCD\NBHGui.exe" [2007-05-15 1628208]
"InCD"="c:\program files\Nero\Nero 7\InCD\InCD.exe" [2007-05-15 1057328]
"au"="c:\program files\Dealio\DealioAU.exe" [2008-05-26 595296]
"SearchSettings"="c:\program files\Search Settings\SearchSettings.exe" [2008-06-12 991584]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 644696]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-03 1603152]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-10-17 51048]

c:\users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]
Norton Internet Security Updater.exe [2008-08-30 28012]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-01-16 727592]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3codecp"= l3codecp.acm
"msacm.divxa32"= divxa32.acm
"msacm.ac3filter"= ac3filter.acm

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli DPPWDFLT

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{70E15C6F-F34B-48CA-BBBE-11E2763AAC6A}"= c:\program files\HP\QuickPlay\QP.exe:Quick Play
"{97D70102-0218-4AAF-BB86-4412765E7C7B}"= c:\program files\HP\QuickPlay\QPService.exe:Quick Play Resident Program
"{C460AC67-3968-46E7-91FB-2CC238E7C371}"= c:\program files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector
"{C519C8DC-3D07-44EC-8B87-9107977AA8FA}"= c:\program files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"{13965860-F644-45F5-BEBE-226A53B5C7F5}"= UDP:c:\program files\Winamp Remote\bin\Orb.exe:Orb
"{AA08C57A-448B-44C0-BE1C-C224CE1011D7}"= TCP:c:\program files\Winamp Remote\bin\Orb.exe:Orb
"{33B03DD3-E809-4EF6-82CD-4A2903D167B3}"= UDP:c:\program files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{61F90E30-B87F-42AB-BEBA-B9C0C309C595}"= TCP:c:\program files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{CAF2AD39-37E4-4E36-9611-FA53A2CEEEDA}"= UDP:c:\program files\Winamp Remote\bin\OrbIR.exe:OrbIR
"{CB094D84-8FD4-4973-B034-95C0EE542B6B}"= TCP:c:\program files\Winamp Remote\bin\OrbIR.exe:OrbIR
"{7E30AF6F-FC4C-4E85-9CF1-531E70FC079A}"= UDP:c:\program files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"{E1100CF4-18D8-4BB1-B4AF-2F0032F8DC44}"= TCP:c:\program files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"{354F49C0-5F4A-4153-A228-ED45EFAD2190}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{5CECF791-1456-47C6-8763-E5BB46FECED2}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"{C626255B-6730-448C-BEBB-30276CD96746}"= c:\program files\Skype\Phone\Skype.exe:Skype
"{6792866E-4A7D-435C-A467-B3A20C682A47}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{9D0B601F-73E3-4D75-A14E-E2D0FE9C9C50}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{13CBA39E-B5BD-48A9-83E0-0DBAA8945C73}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{82166073-64B8-46E0-9A53-29A7EA46C94E}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{3BA267A3-A251-4B5C-B830-4A8D50603194}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R0 Amddfltr;Amd Disk Lower Filter Driver;c:\windows\system32\DRIVERS\Amddfltr.sys [2008-08-02 15416]
R1 IDSvix86;Symantec Intrusion Prevention Driver;\??\c:\progra~2\Symantec\DEFINI~1\SymcData\ipsdefs\20081212.002\IDSvix86.sys [2008-12-17 270384]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\aestsrv.exe [2008-08-02 73728]
R2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2008-03-18 19456]
R2 LiveUpdate Notice;LiveUpdate Notice;"c:\program files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [2007-08-24 149352]
R2 Recovery Service for Windows;Recovery Service for Windows;c:\windows\SMINST\BLService.exe [2008-06-11 341328]
R2 vfsFPService;Validity Fingerprint Service;c:\windows\system32\vfsFPService.exe [2008-03-26 595248]
R3 Com4QLBEx;Com4QLBEx;"c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe" [2008-06-11 193840]
R3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2008-01-23 52736]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;\??\c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2008-12-17 99376]
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2008-04-01 81296]
R3 SYMNDISV;SYMNDISV;c:\windows\system32\Drivers\SYMNDISV.SYS [2008-06-13 41008]
R3 vfs101x;vfs101x;c:\windows\system32\drivers\vfs101x.sys [2008-03-26 40752]
S3 COH_Mon;COH_Mon;\??\c:\windows\system32\Drivers\COH_Mon.sys [2007-05-29 23888]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8545b339-c488-11dd-a112-002186731965}]
\shell\AutoRun\command - F:\Autorun.exe

*Newly Created Service* - COMHOST

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Common Files\LightScribe\LSRunOnce.exe"
.
Zawartość folderu 'Zaplanowane zadania'

2008-12-01 c:\windows\Tasks\HPCeeScheduleForadmin.job
- c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2008-04-15 14:14]

2008-12-17 c:\windows\Tasks\Norton Internet Security - Uruchom pełne skanowanie systemu - admin.job
- c:\program files\Norton Internet Security\Norton AntiVirus\Navw32.exe [2007-08-26 18:19]

2008-12-17 c:\windows\Tasks\User_Feed_Synchronization-{67B29CA5-83AA-4809-81DA-F9004A10679C}.job
- c:\windows\system32\msfeedssync.exe [2008-01-21 03:24]
.
- - - - USUNIĘTO PUSTE WPISY - - - -

HKCU-Run-ares - c:\program files\Ares\Ares.exe


.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.daemon-search.com/startpage
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_pl&c=83&bd=Pavilion&pf=cnnb
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_pl&c=83&bd=Pavilion&pf=cnnb
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_pl&c=83&bd=Pavilion&pf=cnnb
IE: &Winamp Search - c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: &Wyszukiwarka na pasku narzędzi AOL - c:\programdata\AOL\ieToolbar\resources\pl-PL\local\search.html
IE: Compare Prices with &Dealio - c:\users\admin\AppData\LocalLow\Dealio\kb127\res\DealioSearch.html
IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Wyślij obraz do urządzenia &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Wyślij stronę do urządzenia &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
.
.
------- Skojarzenia plików -------
.
regedit=regedit.exe "%1"
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-18 16:33:24
Windows 6.0.6001 Service Pack 1 NTFS

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ...

skanowanie pomyślnie ukończone
ukryte pliki: 0

**************************************************************************
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------

- - - - - - - > 'lsass.exe'(712)
c:\windows\system32\DPPWDFLT.dll

- - - - - - - > 'Explorer.exe'(2284)
c:\users\admin\AppData\Roaming\zweitgeist\hook13.dll
c:\program files\DigitalPersona\Bin\DpoFeedb.dll
c:\windows\system32\btmmhook.dll
c:\program files\Gadu-Gadu\ggwhook.dll
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c:\windows\System32\Ati2evxx.exe
c:\windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\stacsv.exe
c:\windows\System32\audiodg.exe
c:\windows\System32\Ati2evxx.exe
c:\windows\System32\wlanext.exe
c:\program files\DigitalPersona\Bin\DpHostW.exe
c:\program files\Canon\IJPLM\ijplmsvc.exe
c:\program files\Nero\Nero 7\InCD\InCDsrv.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
c:\program files\HP\QuickPlay\Kernel\TV\QPSched.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\windows\System32\conime.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
c:\program files\Hewlett-Packard\Shared\HpqToaster.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exe
c:\program files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
c:\program files\WIDCOMM\Bluetooth Software\BTStackServer.exe
c:\windows\System32\dllhost.exe
.
**************************************************************************
.
Czas ukończenia: 2008-12-18 16:39:09 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt 2008-12-18 15:39:01

Przed: 155 670 507 520 bajtów wolnych
Po: 161,168,547,840 bajtów wolnych

327 --- E O F --- 2008-12-16 16:57:26


________________________________________________________________________________
___________________________________________


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:09:24, on 2008-12-18
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Program Files\DigitalPersona\Bin\DpAgent.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conime.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
C:\Users\admin\Documents\weblin\weblinAssistant.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\Explorer.exe
C:\Users\admin\Documents\weblin\weblin.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...ion&pf=cnnb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...ion&pf=cnnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...ion&pf=cnnb
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb127\Dealio.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: UrlHelper Class - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb127\Dealio.dll
O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\dpagent.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [au] C:\Program Files\Dealio\DealioAU.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [ISUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [zweitgeist Assistant] "C:\Users\admin\Documents\weblin\weblinAssistant.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater\AdobeUpdater.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Norton Internet Security Updater.exe
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: &Wyszukiwarka na pasku narzędzi AOL - C:\ProgramData\AOL\ieToolbar\resources\pl-PL\local\search.html
O8 - Extra context menu item: Compare Prices with &Dealio - C:\Users\admin\AppData\LocalLow\Dealio\kb127\res\DealioSearch.html
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll
O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\aestsrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Harmonogram automatycznej usługi LiveUpdate (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Biometric Authentication Service (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\STacSV.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Unknown owner - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (file missing)
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe

--
End of file - 15227 bytes

w hijacku :

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll
O4 - HKLM\..\Run: [au] C:\Program Files\Dealio\DealioAU.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: &Wyszukiwarka na pasku narzędzi AOL - C:\ProgramData\AOL\ieToolbar\resources\pl-PL\local\search.html

te powyższe wpisy "sfiksuj"
>>Hijack>>scan(Do a system scan only)>>zaznacz je >>Fix checked.

Potem sprawdź na
http://www.virustotal.com/pl/
ten plik :
c:\windows\System32\tzres.dll

zrobilem to co kazales i jest nadal tak samo ...

To spróbuj Zgrać całą zawartość płyty (gry) do jakiegoś folderu na dysku np. na pulpicie i zainstaluj grę z dysku twardego.

to nic nie daje! jakis inny jest problem:) tak samo z grami ktore odpalam przez deamona ( obrazy )! nie mam pojecia juz wszystkiego probowalem! a moze na nowo system postawic? najchetniej bym zainstalowal Xp tylko jest problem ze starami!

Ze sterownikami nawet jeżeli to nie powinno być problemu , ale tak dla pewności daj swoje dokładne dane kompa (z Everesta) i podaj je tutaj (grafa,chipset,sieć,audio)

To jest Laptop Hp Pavilion dv5 1020ew!

Chipset AMD M770
Procesor AMD Turion X2 Dual-Core Mobile Processor RM-70 2.0GHz, 1MB CACHE
Pamięć 3072MB (1x2048MB+1x1024MB) DDR2, 8GB max
Dysk 250GB SATA 5.400rpm
Napędy Nagrywarka Supermulti DVD+/-RW Double Layer, Lightscribe
Karta graficzna ATI Mobility Radeon HD3450 256MB, 1533MB max
Ekran Matryca 15.4" 16:10, 1280x800 Pixel, WXGA High Definition BrightView Widescreen Glare (błyszcząca)
Karta dźwiękowa 3D Sound Blaster Pro compatible
Komunikacja Gigabit LAN 10/100/1000
Wireless LAN 802.11b/g WiFi
Bluetooth
Port IR
Gniazda rozszerzeń 1x Express Card/54 (zgodne z Express Card/34)
Zewnętrzne porty we-wy 4x USB 2.0, 1x IEEE 1394(Firewire), VGA, HDMI, RJ45, 3x Audio, eSATA
Klawiatura standardowa PL
Urządzenie wskazujące Touch Pad (tabliczka dotykowa)
Wymiary (szer. x wys. x głęb.) 357.0mm x 34.9 do 41.9mm x 259.0mm
Waga 2650g
Inne Zintegrowana kamera Pavilion WebCam z mikrofonem
Czytnik kart pamięci 5 w 1
Bateria Litowo-Jonowa 6-komorowa
Czytnik linii papilarnych
Pilot HP Mobile Remote Control
Dołączone wyposażenie Instrukcja, akumulator, zasilacz sieciowy z przewodem, pilot