wojtekquns utworzono 11 maja 2009 utworzono 11 maja 2009 ComboFix 09-05-09.05 - Administrator 2006-02-24 0:08.1 - NTFSx86Microsoft Windows XP Professional 5.1.2600.2.1250.48.1045.18.503.198 [GMT 1:00]Uruchomiony z: c:\documents and settings\Administrator\Pulpit\ComboFix.exeAV: PC Tools AntiVirus 5.0.1.1 *On-access scanning enabled* (Updated).((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))).c:\windows\IE4 Error Log.txt.((((((((((((((((((((((((( Pliki utworzone od 2006-01-23 do 2006-02-23 ))))))))))))))))))))))))))))))).2009-01-07 17:20 . 2009-01-07 17:20 134144 -c----w c:\windows\system32\dllcache\sqmapi.dll2009-01-07 17:20 . 2009-01-07 17:20 265720 ----a-w c:\windows\system32\msdbg2.dll2008-09-30 07:26 . 2008-09-30 07:26 -------- d-----w c:\windows\system32\CatRoot_bak2008-09-11 08:41 . 2008-09-11 08:41 -------- d-----w c:\documents and settings\Administrator\Dane aplikacji\Symantec2008-09-11 08:40 . 2008-09-11 08:40 -------- d-----w c:\documents and settings\Administrator\Ustawienia lokalne\Dane aplikacji\Symantec_Corporation2008-09-11 07:48 . 2007-03-28 18:12 15664 ----a-w c:\windows\system32\drivers\GEARAspiWDM.sys2008-09-11 07:48 . 2007-03-28 18:12 109360 ----a-w c:\windows\system32\GEARAspi.dll2008-09-11 07:48 . 2007-03-28 18:49 128104 ----a-w c:\windows\system32\drivers\WimFltr.sys2008-09-11 07:48 . 2007-03-28 18:23 14072 ----a-w c:\windows\system32\drivers\vproeventmonitor.sys2008-09-11 07:48 . 2007-03-28 18:29 37864 ----a-w c:\windows\system32\drivers\v2imount.sys2008-09-11 07:48 . 2007-03-28 18:29 131944 ----a-w c:\windows\system32\drivers\symsnap.sys2008-09-11 07:48 . 2008-09-11 07:48 -------- dc----w c:\windows\system32\DRVSTORE2008-09-11 07:46 . 2008-09-11 07:47 -------- d-----w c:\program files\Norton Ghost2008-09-11 07:45 . 2008-09-11 07:50 -------- d-----w c:\documents and settings\All Users\Dane aplikacji\Symantec2008-09-11 07:45 . 2008-09-11 07:47 -------- d-----w c:\program files\Common Files\Symantec Shared2008-09-11 07:45 . 2008-09-11 07:45 -------- d-----w c:\program files\Symantec2008-09-11 07:31 . 2008-09-11 07:31 -------- d-----w c:\documents and settings\Administrator\Ustawienia lokalne\Dane aplikacji\Opera2008-09-11 07:31 . 2008-09-11 07:31 -------- d-----w c:\program files\Opera2008-06-13 11:02 . 2008-06-13 11:02 -------- d-----w c:\windows\system32\Adobe2008-06-13 05:38 . 2008-06-14 18:01 273024 -c----w c:\windows\system32\dllcache\bthport.sys2008-06-13 05:38 . 2008-06-14 18:01 273024 ------w c:\windows\system32\drivers\bthport.sys2008-06-09 07:08 . 2009-03-08 03:31 55296 -c--a-w c:\windows\system32\dllcache\msfeedsbs.dll2008-06-09 07:08 . 2009-03-08 03:32 594432 -c--a-w c:\windows\system32\dllcache\msfeeds.dll2008-06-09 07:08 . 2008-08-25 08:38 13824 -c----w c:\windows\system32\dllcache\ieudinit.exe2008-06-09 07:08 . 2009-03-08 03:32 1985024 -c--a-w c:\windows\system32\dllcache\iertutil.dll2008-06-09 07:08 . 2009-03-08 03:39 11063808 -c--a-w c:\windows\system32\dllcache\ieframe.dll2008-06-09 07:08 . 2009-03-08 03:11 445952 -c--a-w c:\windows\system32\dllcache\ieapfltr.dll2008-06-09 07:08 . 2009-02-06 20:07 3698584 -c--a-w c:\windows\system32\dllcache\ieapfltr.dat2008-06-09 07:08 . 2009-03-08 03:31 59904 -c--a-w c:\windows\system32\dllcache\icardie.dll2008-06-09 07:08 . 2006-02-21 00:59 -------- d-----w c:\windows\system32\pl-pl2008-06-06 10:30 . 2008-06-06 10:30 -------- d-----w c:\program files\QuickTime2008-05-27 07:54 . 2006-02-20 23:10 52 ----a-w c:\windows\system\ACD.CMD2008-05-27 07:54 . 2006-02-20 23:10 52 ----a-w c:\windows\system\ACD2.CMD2008-05-27 07:54 . 2001-11-22 13:00 24626 ----a-w c:\windows\system32\scrrntr.dll2008-05-27 07:54 . 2002-11-20 19:16 180224 ----a-w c:\windows\system32\Ijl11.dll2008-04-18 12:34 . 2008-04-18 12:34 -------- d-----w c:\program files\Common Files\Lingea Shared2008-04-18 12:33 . 2008-04-18 12:33 -------- d-----w c:\program files\Oxford2008-04-08 07:46 . 2008-04-08 07:46 -------- d-----w c:\documents and settings\Administrator\Ustawienia lokalne\Dane aplikacji\Help2008-04-08 06:02 . 2008-04-08 06:02 -------- d-----w c:\program files\Educat2008-01-12 18:17 . 2006-07-30 17:00 86016 ----a-r c:\windows\system32\ZSPOOL.DLL2008-01-12 18:17 . 2006-07-30 17:00 24576 ----a-r c:\windows\system32\ZTAG32.DLL2008-01-12 18:17 . 2006-07-30 17:00 28672 ----a-r c:\windows\system32\IMF32.DLL2008-01-12 18:17 . 2006-07-30 17:00 102400 ----a-r c:\windows\system32\zlhp1018.dll2008-01-12 18:17 . 2006-07-30 17:00 28672 ----a-r c:\windows\system32\zlm.dll2008-01-12 18:17 . 2006-07-30 17:00 106496 ----a-r c:\windows\system32\vshp1018.dll2008-01-12 18:17 . 2006-07-30 17:00 442368 ----a-r c:\windows\system32\zshp1018.exe2008-01-12 18:17 . 2008-01-12 18:17 -------- d-----w c:\program files\Hewlett-Packard2008-01-12 18:17 . 2008-01-12 18:17 -------- d--h--w c:\program files\Zenographics2008-01-07 06:42 . 2008-01-07 06:42 -------- d-----w c:\program files\DITel2007-12-14 13:16 . 2007-03-21 18:39 1060864 ----a-w c:\windows\system32\MFC71.DLL2007-12-14 13:16 . 2007-03-21 18:33 503808 ----a-w c:\windows\system32\MSVCP71.DLL2007-12-14 13:16 . 2007-03-21 18:33 348160 ----a-w c:\windows\system32\MSVCR71.DLL2007-12-14 13:16 . 2007-12-14 13:16 -------- d-----w c:\program files\Alwil Software2007-12-14 10:04 . 2007-12-14 10:10 -------- d-----w c:\documents and settings\Administrator\Ustawienia lokalne\Dane aplikacji\Adobe2007-12-14 10:04 . 2007-12-14 10:04 -------- d-----w c:\program files\Common Files\Adobe2007-12-07 10:19 . 2007-12-07 10:19 -------- d-----w C:\SaveFolder2007-12-07 10:18 . 2007-12-07 10:18 -------- d-----w c:\program files\RemoteAgent2007-12-07 10:18 . 2006-09-27 13:56 110592 ----a-w c:\windows\system32\vcmimm4.dll2007-11-14 08:26 . 2007-11-14 08:26 -------- d-----w C:\spoolerlogs2007-11-13 13:11 . 2008-05-28 06:31 -------- d-----w C:\Jan Michonski2007-09-19 11:30 . 2007-09-19 11:30 -------- d-----w c:\windows\system32\LogFiles2007-05-08 14:03 . 2007-05-08 14:03 1275392 ----a-w c:\windows\system32\msxml4.dll2007-04-16 07:16 . 2007-04-16 07:16 -------- d-----w c:\documents and settings\Administrator\Dane aplikacji\VULCAN2007-04-16 07:15 . 2007-04-16 07:15 -------- d-----w c:\program files\VULCAN2007-04-16 07:15 . 2007-04-16 07:15 -------- d-----w c:\program files\Common Files\VULCAN2007-04-16 07:15 . 2007-04-16 07:15 -------- d-----w c:\documents and settings\All Users\Dane aplikacji\VULCAN2007-02-28 16:04 . 2008-08-14 13:46 2181632 -c----w c:\windows\system32\dllcache\ntoskrnl.exe2007-02-28 16:04 . 2008-08-14 13:46 2059008 -c----w c:\windows\system32\dllcache\ntkrnlpa.exe2007-02-28 16:04 . 2008-08-14 13:46 2017280 -c----w c:\windows\system32\dllcache\ntkrpamp.exe2007-02-28 16:04 . 2008-08-14 13:46 2137600 -c----w c:\windows\system32\dllcache\ntkrnlmp.exe2006-11-21 07:20 . 2006-11-21 07:20 -------- d-----w c:\documents and settings\All Users\Dane aplikacji\.Beniamin2006-11-20 06:39 . 2006-11-20 06:39 -------- d-----w c:\program files\MSXML 4.02006-11-20 06:39 . 2006-11-20 06:39 -------- d-----w C:\464e63ee97b13cf492bc59ef8d0fa22006-10-10 11:26 . 2006-10-10 11:28 -------- d-----w c:\program files\Sky 32006-09-20 15:35 . 2006-09-20 15:35 441136 -c----w c:\windows\system32\dllcache\WgaLogon.dll2006-09-20 15:35 . 2006-09-20 15:35 280368 -c----w c:\windows\system32\dllcache\WgaTray.exe2006-09-07 11:41 . 2006-09-07 11:41 -------- d-----w c:\documents and settings\Administrator\Dane aplikacji\Ahead2006-08-02 22:15 . 2004-08-05 13:58 65536 ----a-w c:\windows\system32\NeroCo.dll2006-07-11 13:09 . 2006-07-11 13:12 -------- d-----w C:\windist2006-07-11 12:22 . 2006-07-11 10:03 -------- d-----w c:\windows\system32\config\systemprofile\Dane aplikacji\PWNEncy20052006-07-11 12:22 . 2006-07-11 08:53 -------- d-----w c:\windows\system32\config\systemprofile\Dane aplikacji\SmarThru42006-07-11 12:16 . 2006-07-11 12:16 262144 ----a-w c:\windows\system32\default_user_class.dat2006-07-11 11:27 . 2006-07-11 11:27 -------- d--h--w c:\windows\system32\GroupPolicy2006-07-11 11:15 . 2004-08-04 12:00 17632 ----a-w c:\windows\system32\drivers\mscsrv.sys2006-07-11 11:15 . 2006-07-11 11:15 35840 ----a-w c:\windows\system32\cenzorupg.exe2006-07-11 11:15 . 2002-07-15 17:18 8704 ----a-w c:\windows\system32\sporder.dll2006-07-11 11:15 . 2004-08-04 12:00 194560 ----a-w c:\windows\system32\ws2icp.dll2006-07-11 10:03 . 2006-07-11 10:03 -------- d-----w c:\documents and settings\Administrator\Dane aplikacji\PWNEncy20052006-07-11 09:12 . 2001-04-04 12:00 245760 ----a-w c:\windows\system32\DECO_32.DLL2006-07-11 09:12 . 2006-07-11 10:22 -------- d-----w c:\program files\PWN2006-07-11 08:52 . 2006-07-11 09:00 -------- d-----w c:\program files\Readiris2006-07-11 08:52 . 2006-07-11 09:00 -------- d-----w c:\program files\SmarThru 42006-07-11 08:49 . 2006-07-11 08:49 -------- d-----w c:\windows\system32\drivers\Samsung2006-07-11 08:49 . 2005-07-06 12:00 41984 ----a-w c:\windows\system32\drivers\DgivEcp.sys2006-07-11 08:49 . 2006-07-11 08:49 -------- d-----w c:\program files\Samsung2006-07-11 08:49 . 2005-03-03 04:32 151552 ----a-w c:\windows\system32\scx420ci.exe2006-07-11 08:49 . 2004-10-12 05:25 57344 ----a-w c:\windows\system32\scx420ci.dll2006-07-11 08:49 . 2004-11-09 03:14 10077 ----a-w c:\windows\system32\scx420lm.DLL2006-07-11 08:47 . 2004-08-03 21:01 25856 -c--a-w c:\windows\system32\dllcache\usbprint.sys2006-07-11 08:47 . 2004-08-03 21:01 25856 ----a-w c:\windows\system32\drivers\usbprint.sys2006-07-11 08:47 . 2004-11-09 03:14 49152 ----a-w c:\windows\system32\ssusbpn.dll2006-07-11 08:47 . 2005-07-06 12:00 69632 ----a-w c:\windows\system32\ssdevm.dll2006-07-11 08:47 . 2004-05-17 01:45 45056 ----a-r c:\windows\system32\Ssuiext.dll2006-07-11 08:47 . 2005-06-23 13:34 49152 ----a-r c:\windows\system32\WIASTIIO.dll2006-07-11 08:47 . 2004-11-17 09:16 77824 ----a-r c:\windows\system32\WIAIPH.dll2006-07-11 08:47 . 2005-02-02 04:39 81920 ----a-r c:\windows\system32\WIAEH.dll2006-07-11 08:47 . 2005-03-24 11:58 53315 ----a-r c:\windows\system32\Sswiadrv.dll2006-07-11 08:47 . 2004-08-03 20:58 15104 -c--a-w c:\windows\system32\dllcache\usbscan.sys2006-07-11 08:47 . 2004-08-03 20:58 15104 ----a-w c:\windows\system32\drivers\usbscan.sys2006-07-11 08:46 . 2004-08-03 21:08 31616 -c--a-w c:\windows\system32\dllcache\usbccgp.sys2006-07-11 08:46 . 2004-08-03 21:08 31616 ----a-w c:\windows\system32\drivers\usbccgp.sys2006-07-11 08:30 . 2006-06-30 17:29 12328 ----a-w c:\documents and settings\bibliotekarz01\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT2006-07-11 08:27 . 2006-06-30 17:29 12328 ----a-w c:\documents and settings\czytelnik04b\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT2006-07-11 08:26 . 2006-06-30 17:29 12328 ----a-w c:\documents and settings\czytelnik03b\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT2006-07-11 08:24 . 2006-06-30 17:29 12328 ----a-w c:\documents and settings\czytelnik01b\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT2006-07-11 07:53 . 2004-03-22 14:17 24816 ----a-w c:\windows\system32\mdimon.dll2006-07-11 07:52 . 2006-07-11 07:52 -------- d-----w c:\program files\Microsoft.NET2006-07-11 07:50 . 2006-07-11 07:52 -------- d-----w c:\windows\SHELLNEW2006-07-10 13:03 . 2006-06-30 17:29 12328 ----a-w c:\documents and settings\czytelnik02a\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT2006-07-10 12:55 . 2006-06-30 17:29 12328 ----a-w c:\documents and settings\czytelnik02c\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT2006-07-10 12:54 . 2006-06-30 17:29 12328 ----a-w c:\documents and settings\czytelnik04c\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT2006-07-10 12:53 . 2006-06-30 17:29 12328 ----a-w c:\documents and settings\czytelnik03c\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT2006-07-10 11:18 . 2006-07-10 11:18 -------- d-----w c:\program files\Microsoft Shared Computer Toolkit2006-07-10 11:09 . 2006-07-10 11:10 -------- d-----w c:\program files\UPHClean2006-07-10 10:44 . 2005-09-01 09:03 127488 ----a-w c:\windows\system32\drivers\imagesrv.sys.(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))).2009-03-08 03:34 . 2004-08-04 12:00 914944 ----a-w c:\windows\system32\wininet.dll2009-03-08 03:34 . 2004-08-04 12:00 43008 ----a-w c:\windows\system32\licmgr10.dll2009-03-08 03:33 . 2004-08-04 12:00 18944 ----a-w c:\windows\system32\corpol.dll2009-03-08 03:33 . 2004-08-04 12:00 420352 ----a-w c:\windows\system32\vbscript.dll2009-03-08 03:32 . 2004-08-04 12:00 72704 ----a-w c:\windows\system32\admparse.dll2009-03-08 03:32 . 2004-08-04 12:00 71680 ----a-w c:\windows\system32\iesetup.dll2009-03-08 03:31 . 2004-08-04 12:00 34816 ----a-w c:\windows\system32\imgutil.dll2009-03-08 03:31 . 2004-08-04 12:00 48128 ----a-w c:\windows\system32\mshtmler.dll2009-03-08 03:31 . 2004-08-04 12:00 45568 ----a-w c:\windows\system32\mshta.exe2009-03-08 03:22 . 2004-08-04 12:00 156160 ----a-w c:\windows\system32\msls31.dll2009-01-07 17:21 . 2006-06-30 17:33 26144 ----a-w c:\windows\system32\spupdsvc.exe2009-01-07 17:20 . 2006-06-28 15:59 24576 ----a-w c:\windows\system32\nlsdl.dll2009-01-07 17:20 . 2006-06-29 06:05 26112 ----a-w c:\windows\system32\idndl.dll2009-01-07 17:20 . 2006-06-29 06:05 23552 ----a-w c:\windows\system32\normaliz.dll2008-10-23 16:09 . 2008-10-23 16:08 -------- d-----w c:\program files\Winamp2008-10-16 13:13 . 2006-06-30 17:23 202776 ----a-w c:\windows\system32\wuweb.dll2008-10-16 13:13 . 2006-06-30 17:23 1809944 ----a-w c:\windows\system32\wuaueng.dll2008-10-16 13:12 . 2006-06-30 17:23 323608 ----a-w c:\windows\system32\wucltui.dll2008-10-16 13:12 . 2006-06-30 17:23 561688 ----a-w c:\windows\system32\wuapi.dll2008-10-16 13:09 . 2006-06-30 17:23 51224 ----a-w c:\windows\system32\wuauclt.exe2008-10-16 13:09 . 2005-05-26 02:16 43544 ----a-w c:\windows\system32\wups2.dll2008-10-16 13:09 . 2004-08-04 12:00 92696 ----a-w c:\windows\system32\cdm.dll2008-10-16 13:08 . 2006-06-30 17:23 34328 ----a-w c:\windows\system32\wups.dll2008-09-15 15:40 . 2004-08-04 12:00 1846272 ----a-w c:\windows\system32\win32k.sys2008-09-11 07:39 . 2006-06-30 17:33 -------- d-----w c:\program files\Common Files\InstallShield2008-08-28 10:04 . 2004-08-04 12:00 333056 ----a-w c:\windows\system32\drivers\srv.sys2008-08-14 13:46 . 2004-08-04 00:38 2059008 ----a-w c:\windows\system32\ntkrnlpa.exe2008-08-14 13:46 . 2004-08-04 12:00 2181632 ----a-w c:\windows\system32\ntoskrnl.exe2008-08-14 09:51 . 2004-08-04 12:00 138368 ----a-w c:\windows\system32\drivers\afd.sys2008-07-07 20:33 . 2004-08-04 12:00 253952 ----a-w c:\windows\system32\es.dll2008-06-24 16:24 . 2004-08-04 12:00 74240 ----a-w c:\windows\system32\mscms.dll2008-06-20 17:42 . 2004-08-04 12:00 246784 ----a-w c:\windows\system32\mswsock.dll2008-06-20 10:45 . 2004-08-04 12:00 360320 ----a-w c:\windows\system32\drivers\tcpip.sys2008-06-20 09:52 . 2004-08-04 12:00 225920 ----a-w c:\windows\system32\drivers\tcpip6.sys2008-05-08 12:28 . 2004-08-04 12:00 202752 ----a-w c:\windows\system32\drivers\rmcast.sys2008-05-07 05:16 . 2004-08-04 12:00 1291264 ----a-w c:\windows\system32\quartz.dll2008-04-11 18:51 . 2006-06-30 17:23 683520 ----a-w c:\windows\system32\inetcomm.dll2008-03-25 04:52 . 2004-08-04 12:00 621344 ----a-w c:\windows\system32\mswstr10.dll2008-03-25 04:52 . 2004-08-04 12:00 178976 ----a-w c:\windows\system32\msjint40.dll2008-02-26 12:01 . 2004-08-04 12:00 294912 ----a-w c:\windows\system32\msctf.dll2008-02-20 06:51 . 2004-08-04 12:00 282624 ----a-w c:\windows\system32\gdi32.dll2008-02-20 05:38 . 2004-08-04 12:00 45568 ----a-w c:\windows\system32\dnsrslvr.dll2008-02-12 10:44 . 2006-02-20 23:16 21904 ----a-w c:\windows\system32\drivers\AVFilter.sys2007-12-18 09:51 . 2004-08-04 12:00 179584 ----a-w c:\windows\system32\drivers\mrxdav.sys2007-12-06 15:51 . 2006-02-20 23:16 28568 ----a-w c:\windows\system32\drivers\AVHook.sys2007-12-06 15:51 . 2006-02-20 23:16 21912 ----a-w c:\windows\system32\drivers\AVRec.sys2007-12-04 18:42 . 2004-08-04 12:00 550912 ----a-w c:\windows\system32\oleaut32.dll2007-11-13 13:31 . 2006-06-30 17:34 -------- d--h--w c:\program files\InstallShield Installation Information2007-11-13 10:25 . 2004-08-04 12:00 20480 ----a-w c:\windows\system32\drivers\secdrv.sys2007-11-07 09:29 . 2004-08-04 12:00 723968 ----a-w c:\windows\system32\lsasrv.dll2007-10-25 09:00 . 2004-08-04 12:00 230912 ----a-w c:\windows\system32\wmasf.dll2007-07-09 13:11 . 2004-08-04 12:00 584192 ----a-w c:\windows\system32\rpcrt4.dll2007-07-06 12:51 . 2004-08-04 12:00 95744 ----a-w c:\windows\system32\mqsec.dll2007-07-06 12:51 . 2004-08-04 12:00 660992 ----a-w c:\windows\system32\mqqm.dll2007-07-06 12:51 . 2004-08-04 12:00 512000 ----a-w c:\windows\system32\mqutil.dll2007-07-06 12:51 . 2004-08-04 12:00 48640 ----a-w c:\windows\system32\mqupgrd.dll2007-07-06 12:51 . 2004-08-04 12:00 47104 ----a-w c:\windows\system32\mqdscli.dll2007-07-06 12:51 . 2004-08-04 12:00 177152 ----a-w c:\windows\system32\mqrt.dll2007-07-06 12:51 . 2004-08-04 12:00 16896 ----a-w c:\windows\system32\mqise.dll2007-07-06 12:51 . 2004-08-04 12:00 138240 ----a-w c:\windows\system32\mqad.dll2007-07-06 10:05 . 2004-08-04 12:00 72960 ----a-w c:\windows\system32\drivers\mqac.sys2007-06-26 06:10 . 2004-08-04 12:00 1104896 ----a-w c:\windows\system32\msxml3.dll2007-06-13 13:23 . 2004-08-04 12:00 1034752 ------w c:\windows\explorer.exe2007-04-25 14:23 . 2004-08-04 12:00 144896 ----a-w c:\windows\system32\schannel.dll2007-04-23 10:32 . 2004-08-04 12:00 364160 ----a-w c:\windows\system32\drivers\update.sys2007-04-18 16:14 . 2004-08-04 12:00 2854400 ----a-w c:\windows\system32\msi.dll2007-03-17 13:45 . 2004-08-04 12:00 293376 ----a-w c:\windows\system32\winsrv.dll2007-03-08 15:38 . 2004-08-04 12:00 579072 ----a-w c:\windows\system32\user32.dll2007-03-08 15:38 . 2004-08-04 12:00 40960 ----a-w c:\windows\system32\mf3216.dll2007-03-07 23:51 . 2008-10-23 16:08 9464 ------w c:\windows\system32\drivers\cdralw2k.sys2007-03-07 23:51 . 2008-10-23 16:08 9336 ------w c:\windows\system32\drivers\cdr4_xp.sys2007-03-07 23:51 . 2008-10-23 16:08 43528 ------w c:\windows\system32\drivers\PxHelp20.sys2007-03-07 23:51 . 2008-10-23 16:08 129784 ------w c:\windows\system32\pxafs.dll2007-02-09 11:10 . 2004-08-04 12:00 574464 ----a-w c:\windows\system32\drivers\ntfs.sys2007-02-05 20:19 . 2004-08-04 12:00 185856 ----a-w c:\windows\system32\upnphost.dll2006-11-17 07:22 . 2006-06-30 17:29 42944 ----a-w c:\documents and settings\Administrator\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT2006-11-01 19:19 . 2004-08-04 12:00 927504 ----a-w c:\windows\system32\mfc40u.dll2006-10-20 01:39 . 2004-08-04 12:00 714240 ----a-w c:\windows\system32\sxs.dll2006-10-16 16:16 . 2004-08-04 12:00 123392 ----a-w c:\windows\system32\oledlg.dll2006-10-14 08:13 . 2004-08-04 12:00 981760 ----a-w c:\windows\system32\mfc42u.dll2006-10-13 12:41 . 2004-08-04 12:00 65536 ----a-w c:\windows\system32\nwwks.dll2006-10-13 12:41 . 2004-08-04 12:00 64000 ----a-w c:\windows\system32\nwapi32.dll2006-10-13 12:41 . 2004-08-04 12:00 143872 ----a-w c:\windows\system32\nwprovau.dll2006-10-13 10:23 . 2004-08-04 12:00 163584 ----a-w c:\windows\system32\drivers\nwrdr.sys2006-08-25 15:51 . 2004-08-04 12:00 617472 ----a-w c:\windows\system32\comctl32.dll2006-08-24 12:19 . 2004-08-04 12:00 246814 ----a-w c:\windows\system32\strmdll.dll2006-08-24 12:18 . 2004-08-04 12:00 499766 ----a-w c:\windows\system32\dxmasf.dll2006-08-21 12:28 . 2006-06-30 17:23 16896 ----a-w c:\windows\system32\fltlib.dll2006-08-21 09:14 . 2006-06-30 17:23 23040 ----a-w c:\windows\system32\fltmc.exe2006-08-21 09:14 . 2006-06-30 17:23 128896 ----a-w c:\windows\system32\drivers\fltmgr.sys2006-08-17 12:30 . 2004-08-04 12:00 132096 ----a-w c:\windows\system32\wkssvc.dll2006-08-16 11:59 . 2004-08-04 12:00 100352 ----a-w c:\windows\system32\6to4svc.dll2006-08-02 22:15 . 2006-06-30 11:43 -------- d-----w c:\program files\Ahead2006-07-21 08:29 . 2004-08-04 12:00 72704 ----a-w c:\windows\system32\hlink.dll2006-06-30 17:34 . 2006-06-30 17:34 -------- d-----w c:\program files\GIGABYTE2006-06-30 17:34 . 2006-06-30 17:34 -------- d-----w c:\program files\Realtek2006-06-30 17:31 . 2006-06-30 17:31 -------- d-----w c:\program files\Intel2006-06-30 17:31 . 2006-06-30 17:31 -------- d-----w c:\program files\Yahoo!2006-06-30 17:29 . 2006-07-11 08:31 12328 ----a-w c:\documents and settings\bibliotekarz04\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT2006-06-30 17:29 . 2006-07-11 08:31 12328 ----a-w c:\documents and settings\bibliotekarz03\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT.((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))..*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-13 1694208]"NBJ"="c:\program files\Ahead\Nero BackItUp\NBJ.exe" [2005-10-11 1961984][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-11-28 98304]"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-11-28 77824]"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-11-28 118784]"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]"R2Plus_S2P"="c:\program files\Samsung\Samsung SCX-4x20 Series\PSU\Scan2pc.exe" [2005-07-01 69632]"NSCSysTrayUI"="c:\program files\Samsung\Samsung SCX-4x20 Series\NetworkScan\NSCSysTrayUI.exe" [2005-06-22 266240]"DemonStarter"="c:\program files\PWN\Definicje\Bin\Starter.exe" [2004-09-17 49152]"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 39792]"OrderReminder"="c:\program files\Hewlett-Packard\OrderReminder\OrderReminder.exe" [2006-07-30 98304]"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-06-06 413696]"Norton Ghost 12.0"="c:\program files\Norton Ghost\Agent\VProTray.exe" [2007-03-28 2037352]"WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-09-12 36352]"PCTAVApp"="c:\program files\PC Tools AntiVirus\PCTAV.exe" [2008-12-04 1370000]"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2006-05-18 16207872]"SkyTel"="SkyTel.EXE" - c:\windows\SkyTel.exe [2006-02-20 2879488][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360]c:\windows\system32\config\systemprofile\Menu Start\Programy\Autostart\Check Windows Disk Protection.lnk - c:\program files\Microsoft Shared Computer Toolkit\CheckWDP.hta [2006-2-23 6181]c:\documents and settings\Administrator\Menu Start\Programy\Autostart\Check Windows Disk Protection.lnk - c:\program files\Microsoft Shared Computer Toolkit\CheckWDP.hta [2006-2-23 6181][HKEY_LOCAL_MACHINE\software\microsoft\security center]"AntiVirusOverride"=dword:00000001[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"="c:\\Program Files\\Samsung\\Samsung SCX-4x20 Series\\NetworkScan\\NSCSysTrayUI.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe"=R0 ewf;ewf;c:\windows\system32\drivers\ewf.sys [2006-02-23 46976]R2 Harmonogram automatycznej usługi LiveUpdate;Harmonogram automatycznej usługi LiveUpdate;c:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exe [2008-09-11 554352]R2 mscsrv;mscsrv;c:\windows\system32\drivers\mscsrv.sys [2006-07-11 17632]R2 SCTThresholdMon;SCTThresholdMonitor;c:\program files\Microsoft Shared Computer Toolkit\bin\SRVANY.EXE [2006-02-23 8192]S2 CenzorUpgrade;Cenzor Upgrade;c:\windows\system32\cenzorupg.exe [2006-07-11 35840]S2 WDPOperations;WDPOperations;c:\program files\Microsoft Shared Computer Toolkit\bin\SRVANY.EXE [2006-02-23 8192]--- Inne Usługi/Sterowniki w Pamięci ---*Deregistered* - mchInjDrv*Deregistered* - uphcleanhlp[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0b2ff18b-a266-11da-8623-0016e6590df0}]\Shell\Auto\command - E:\activexdebugger32.exe f\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL activexdebugger32.exe f\Shell\explore\Command - E:\activexdebugger32.exe f\Shell\open\Command - E:\activexdebugger32.exe f[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0c50a1b1-a11c-11dd-be6b-0016e6590df0}]\Shell\Auto\command - E:\activexdebugger32.exe f\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL activexdebugger32.exe f\Shell\explore\Command - E:\activexdebugger32.exe f\Shell\open\Command - E:\activexdebugger32.exe f[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3572a823-10d7-11db-bfba-806d6172696f}]\Shell\AutoRun\command - D:\setup.exe[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4985e656-37a6-11dd-a180-0016e6590df0}]\Shell\Auto\command - E:\activexdebugger32.exe f\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL activexdebugger32.exe f\Shell\explore\Command - E:\activexdebugger32.exe f\Shell\open\Command - E:\activexdebugger32.exe f[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5f5946aa-3c3b-11dd-a192-0016e6590df0}]\Shell\Auto\command - E:\activexdebugger32.exe f\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL activexdebugger32.exe f\Shell\explore\Command - E:\activexdebugger32.exe f\Shell\open\Command - E:\activexdebugger32.exe f[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6bc6b2cd-c13b-11dc-a12a-0016e6590df0}]\Shell\Auto\command - E:\activexdebugger32.exe f\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL activexdebugger32.exe f\Shell\explore\Command - E:\activexdebugger32.exe f\Shell\open\Command - E:\activexdebugger32.exe f[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6e86d3dc-3942-11dd-a18a-0016e6590df0}]\Shell\Auto\command - E:\activexdebugger32.exe f\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL activexdebugger32.exe f\Shell\explore\Command - E:\activexdebugger32.exe f\Shell\open\Command - E:\activexdebugger32.exe f[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c3241a57-8ee4-11dd-9737-0016e6590df0}]\Shell\AutoRun\command - E:\\Shell\open\Command - rundll32.exe .\desktop.dll,InstallM[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e9280449-10dc-11db-9292-806d6172696f}]\Shell\AutoRun\command - D:\setup.exe[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP.Zawartość folderu 'Zaplanowane zadania'2006-02-23 c:\windows\Tasks\User_Feed_Synchronization-{1375DBBF-1456-453D-8457-D9EF20CCA570}.job- c:\windows\system32\msfeedssync.exe [2007-08-13 03:31].- - - - USUNIĘTO PUSTE WPISY - - - -HKLM-Run-tguard - c:\program files\Beniamin\tguard.exeSSODL-UpdateCheck-{7DC44C9F-A56D-4309-B21B-FC2044366677} - c:\windows\system32\mstmdm.dll.------- Skan uzupełniający -------.uStart Page = hxxp://www.google.pl/uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7uInternet Connection Wizard,ShellNext = iexploreIE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000LSP: c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dllLSP: ws2icp.dll.**************************************************************************catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2006-02-24 00:11Windows 5.1.2600 Dodatek Service Pack 2 NTFSskanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ... skanowanie pomyślnie ukończoneukryte pliki: 0**************************************************************************.--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------[HKEY_USERS\S-1-5-21-731500479-826713397-767345452-500\Software\Microsoft\Internet Explorer\User Preferences]@Denied: (2) (Administrator)"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,80,30,3a,3d,10,1e,ba,40,a5,91,cc,\"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,80,30,3a,3d,10,1e,ba,40,a5,91,cc,\.--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------- - - - - - - > 'winlogon.exe'(668)c:\program files\PC Tools AntiVirus\PCTAVHook.dllc:\windows\system32\igfxdev.dll- - - - - - - > 'lsass.exe'(724)c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dllc:\windows\system32\ws2icp.dllc:\program files\PC Tools AntiVirus\PCTAVHook.dll- - - - - - - > 'csrss.exe'(644)c:\program files\PC Tools AntiVirus\PCTAVHook.dll.Czas ukończenia: 2006-02-23 0:13ComboFix-quarantined-files.txt 2006-02-23 23:13Przed: 146 954 604 544 bajtów wolnychPo: 147 550 552 064 bajtów wolnychWindowsXP-KB310994-SP2-Pro-BootDisk-PLK.exe[boot loader]timeout=2default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS[operating systems]c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdconsmulti(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect384 --- E O F --- 2005-12-31 22:17
Gość komentarz 11 maja 2009 komentarz 11 maja 2009 Do Notatnika wklej: Windows Registry Editor Version 5.00[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2][-HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] Z menu Notatnika >>> Plik >>> Zapisz jako >>> Ustaw rozszerzenie na: "Wszystkie pliki" >>> Zapisz jako FIX.REG>>> plik uruchom (dwuklik i OK- zgódź się na dodanie do Rejestru). Zrestartuj komputer. 1. Posprzątaj po ComboFixie i różnych narzędziach >>> OTCleanIt. 2. Z folderu "System Volume Information" usuniesz poprzez chwilowe wyłączenie "Przywracania Systemu": >Panel Sterowania>System>Przywracanie Systemu>>zaznacz w okienku przy "Wyłącz przywracanie na wszystkich dyskach">Zastosuj>OK.Potem możesz powrócić do poprzedniego ustawienia (czyli usunąć zaznaczenie z okienka). 3. Wykonaj optymalizację systemu 4.Przeskanuj obszar mojego komputera http://www.kaspersky.pl/virusscanner.html (uruchom przez IE) Daj raport z niego na forum. .
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.