siankaa utworzono 25 czerwca 2009 utworzono 25 czerwca 2009 (edytowane) Dobry:) mam taki mały problem, zabardzo nie wiem co robić, bo powtarza on sie już drugi raz... przed formatem dysku c, wysakkwial mi jakiś błąd : jqs coś takiego i nie wchodziły mi stronki! gg chodzi a żadne stronki nie wchodziły wiec zrobiłam formata, teraz niestety problem ten nadal został, a po włączeniu kompa wyskakuje mi poważny błąd windows coś takiego, koledzy ''informatycy'' kazali mi jakies proxy wpisywac na mozilli, ale to nic nie pomogło. wklejam zdjecie z tym błędem od microsofta,jak widać mam xp, neta z Netii, niby pisze ze internet połączony, a stronki nie chodzą. co robić ????????? mowie od razu że nie nadaje sie w tych sprawach..
MarekM25 komentarz 25 czerwca 2009 komentarz 25 czerwca 2009 (edytowane) Jeżeli przeglądarki nie działają to zazwyczaj, któryś z tych kroków pomaga: 1. Przeinstalowanie przeglądarki 2. Wpisanie DNS 3. Wyłączenie proxy 4. Spójrz czy w innej przeglądarce problem też występuję. 5. Reinstal sterowników od internetu Co do tego błędu: Pliki podane w błędzie przeskanuj na: http://www.virustotal.com/pl/ i podaj linki do wyników na forum.
siankaa komentarz 26 czerwca 2009 Autor komentarz 26 czerwca 2009 (edytowane) Panowie prosiłabym żebyście mi tu wszytysko tłumaczyli 'jak krowie na rowie' bo ja naprawde mało wiem o komputerach. co do przeglądarki ten problem wystepuje zarównow mozilli jak i normlanym explorerze, proxy sa wylaczone, sterowniki od internetu juz odinstalowywalam i instalowalam od poczatku, a DNS nie wiem co to jest. co do błedu, jak te pliki przeskanowac? dodam jeszcze, że gdy włącze internet, szybko przeglądarke, to gdzies tak do 3 minut moge chopdzic po stronkach, pozniej wyskakuje' że nie moze odnalezc serwera' wiec może ten błąd z microsoftu ma cos wspolnego z netem?.. Panowie prosiłabym żebyście mi tu wszytysko tłumaczyli 'jak krowie na rowie' bo ja naprawde mało wiem o komputerach. co do przeglądarki ten problem wystepuje zarównow mozilli jak i normlanym explorerze, proxy sa wylaczone, sterowniki od internetu juz odinstalowywalam i instalowalam od poczatku, a DNS nie wiem co to jest. co do błedu, jak te pliki przeskanowac? dodam jeszcze, że gdy włącze internet, szybko przeglądarke, to gdzies tak do 3 minut moge chopdzic po stronkach, pozniej wyskakuje' że nie moze odnalezc serwera' wiec może ten błąd z microsoftu ma cos wspolnego z netem?.. http://www.virustotal.com/pl/analisis/fb9f...0a20-1245950688 tego drugiego pliku nie moge znalezc;/ moze jest jakis ukryty no bo go nie ma;/ Panowie prosiłabym żebyście mi tu wszytysko tłumaczyli 'jak krowie na rowie' bo ja naprawde mało wiem o komputerach. co do przeglądarki ten problem wystepuje zarównow mozilli jak i normlanym explorerze, proxy sa wylaczone, sterowniki od internetu juz odinstalowywalam i instalowalam od poczatku, a DNS nie wiem co to jest. co do błedu, jak te pliki przeskanowac? dodam jeszcze, że gdy włącze internet, szybko przeglądarke, to gdzies tak do 3 minut moge chopdzic po stronkach, pozniej wyskakuje' że nie moze odnalezc serwera' wiec może ten błąd z microsoftu ma cos wspolnego z netem?.. http://www.virustotal.com/pl/analisis/fb9f...0a20-1245950688 tego drugiego pliku nie moge znalezc;/ moze jest jakis ukryty no bo go nie ma;/ teraz znowu wysakukuje mi blad tym razem inny;] znajduje sie on w: C:\DOCUME~1\kania\USTAWI~1\Temp\WER26.tmp.dir00\appcompat.txt link: http://www.virustotal.com/pl/analisis/4141...7278-1246010260 kolejny: C:\DOCUME~1\kania\USTAWI~1\Temp\WER26.tmp.dir00\BN25.tmp.mdmp- link: http://www.virustotal.com/pl/analisis/1851...45c3-1246010665 te dwa ostatnie błędy wyskaują co jakis cas kiedy korzystam z kompa, ten pierwszy wysakkuje przy starcie kompa...... stronki jak działałay na poczatku tyklo przez kilka minut tak dzialaja nadal;/
MarekM25 komentarz 26 czerwca 2009 komentarz 26 czerwca 2009 hmmm a coś pod tym okienkiem Microsft Windows piszę (tam gdzie zasłaniają szczegóły). Pokaż log z Random's System Information Tool
siankaa komentarz 26 czerwca 2009 Autor komentarz 26 czerwca 2009 Logfile of random's system information tool 1.06 (written by random/random)Run by kania at 2009-06-26 13:39:56Microsoft Windows XP Professional System drive C: has 8 GB (71%) free of 11 GBTotal RAM: 383 MB (40% free)HijackThis download failed======Registry dump======[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]{8E718888-423F-11D2-876E-00A0C9082467} - &Radio - C:\WINDOWS\System32\msdxm.ocx [2001-10-26 846876][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]"RaidTool"=C:\Program Files\VIA\RAID\raid_tool.exe [2005-06-20 1056768]"Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd []"SpeedTouch USB Diagnostics"=C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe [2004-01-26 866816]"Windows Logon Application"=C:\WINDOWS\System32\logon.exe [2001-10-26 127376]"windowsupdate"=C:\WINDOWS\System32\windowsupdate.exe [2009-06-24 97792]"Windows Network Firewall"=C:\WINDOWS\System32\firewall.exe [2001-10-26 129536]"Application Layer Gateway Service"=C:\WINDOWS\System32\algs.exe [2001-10-26 124928]"Microsoft Windows Update"=C:\WINDOWS\system32\apps.exe [2009-06-24 351744]"Nod32 Service"=C:\WINDOWS\system32\nod64.exe [2009-06-24 192512]"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2004-12-20 33792]"NeroFilterCheck"=C:\WINDOWS\System32\NeroCheck.exe [2001-07-09 155648][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]"Microsoft Windows Update"=C:\WINDOWS\system32\apps.exe [2009-06-24 351744][HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"=C:\WINDOWS\System32\ctfmon.exe [2001-10-26 13312]"cdoosoft"=C:\WINDOWS\System32\olhrwef.exe [2009-06-25 107097]"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2001-08-02 1077277]"Gadu-Gadu"=C:\Program Files\Gadu-Gadu\gg.exe [2008-03-20 2127296]"AutoConnect"=C:\Program Files\AutoConnect\AutoConnect.exe [2004-08-28 295424]"kania"=C:\Documents and Settings\kania\kania.exe [2009-06-24 23412]"Microsoft Windows Update"=C:\WINDOWS\system32\apps.exe [2009-06-24 351744]"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe [2005-10-28 94208][HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]"Microsoft Windows Update"=C:\WINDOWS\system32\apps.exe [2009-06-24 351744]C:\Documents and Settings\All Users\Menu Start\Programy\AutostartWinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]"dontdisplaylastusername"=0"legalnoticecaption"="legalnoticetext"="shutdownwithoutlogon"=1"undockwithoutlogon"=1[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]"NoDriveTypeAutoRun"=145[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]"C:\WINDOWS\System32\windowsupdate.exe"="C:\WINDOWS\System32\windowsupdate.exe:*:Enabled:windowsupdate""C:\WINDOWS\System32\lbujgdi.exe"="C:\WINDOWS\System32\lbujgdi.exe:*:Enabled:Ultimate Tool""DEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~??????????Š?ŚŤŽŹ??????????Š?ŚŤŽŹ ˇ˘Ł¤Ą?§¨?Ş???ŻÄü"="DEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~??????????Š?ŚŤŽŹ??????????Š?ŚŤŽŹ ˇ˘Ł¤Ą?§¨?Ş???ŻÄü:*:Enabled:Nod32 Service""C:\WINDOWS\System32\tngp.exe"="C:\WINDOWS\System32\tngp.exe:*:Enabled:Ultimate Tool""C:\WINDOWS\System32\wfpytiv.exe"="C:\WINDOWS\System32\wfpytiv.exe:*:Enabled:Ultimate Tool""C:\WINDOWS\System32\yzwq.exe"="C:\WINDOWS\System32\yzwq.exe:*:Enabled:Ultimate Tool""C:\WINDOWS\System32\iynfxxpl.exe"="C:\WINDOWS\System32\iynfxxpl.exe:*:Enabled:Ultimate Tool""C:\WINDOWS\System32\ywhaunrc.exe"="C:\WINDOWS\System32\ywhaunrc.exe:*:Enabled:Ultimate Tool""C:\WINDOWS\System32\nonpod.exe"="C:\WINDOWS\System32\nonpod.exe:*:Enabled:Ultimate Tool""C:\WINDOWS\System32\bdehyj.exe"="C:\WINDOWS\System32\bdehyj.exe:*:Enabled:Ultimate Tool""C:\WINDOWS\System32\arxguq.exe"="C:\WINDOWS\System32\arxguq.exe:*:Enabled:Ultimate Tool""C:\WINDOWS\System32\yrpizuyt.exe"="C:\WINDOWS\System32\yrpizuyt.exe:*:Enabled:Ultimate Tool""C:\WINDOWS\System32\kuqqpf.exe"="C:\WINDOWS\System32\kuqqpf.exe:*:Enabled:Ultimate Tool"[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]======List of files/folders created in the last 1 months======2009-06-26 13:39:59 ----D---- C:\Program Files\trend micro2009-06-26 13:39:56 ----D---- C:\rsit2009-06-26 13:39:49 ----A---- C:\WINDOWS\System32\kuqqpf.exe2009-06-26 12:57:02 ----A---- C:\WINDOWS\System32\yrpizuyt.exe2009-06-25 22:48:21 ----A---- C:\WINDOWS\System32\arxguq.exe2009-06-25 21:44:42 ----A---- C:\WINDOWS\System32\bdehyj.exe2009-06-25 18:17:54 ----A---- C:\WINDOWS\System32\nonpod.exe2009-06-25 17:47:32 ----D---- C:\Documents and Settings\kania\Dane aplikacji\Opera2009-06-25 17:47:28 ----D---- C:\Program Files\Opera2009-06-25 17:46:55 ----D---- C:\col39292009-06-25 16:28:52 ----D---- C:\Documents and Settings\kania\Dane aplikacji\Gadu-Gadu2009-06-25 16:18:30 ----A---- C:\WINDOWS\System32\ywhaunrc.exe2009-06-25 15:18:29 ----A---- C:\WINDOWS\System32\iynfxxpl.exe2009-06-25 14:54:29 ----D---- C:\Documents and Settings\kania\Dane aplikacji\Ahead2009-06-25 14:53:17 ----D---- C:\Program Files\Nero2009-06-25 14:53:17 ----D---- C:\Program Files\Common Files\Ahead2009-06-25 14:46:30 ----D---- C:\WINDOWS\RegisteredPackages2009-06-25 14:35:37 ----A---- C:\WINDOWS\System32\wstdecod.dll2009-06-25 14:35:36 ----A---- C:\WINDOWS\System32\psisdecd.dll2009-06-25 14:35:36 ----A---- C:\WINDOWS\System32\msyuv.dll2009-06-25 14:35:36 ----A---- C:\WINDOWS\System32\msvidctl.dll2009-06-25 14:35:34 ----A---- C:\WINDOWS\System32\ksuser.dll2009-06-25 14:35:33 ----A---- C:\WINDOWS\System32\qedwipes.dll2009-06-25 14:35:32 ----A---- C:\WINDOWS\System32\qedit.dll2009-06-25 14:35:32 ----A---- C:\WINDOWS\System32\qasf.dll2009-06-25 14:35:32 ----A---- C:\WINDOWS\System32\mswebdvd.dll2009-06-25 14:35:32 ----A---- C:\WINDOWS\System32\msdmo.dll2009-06-25 14:35:31 ----A---- C:\WINDOWS\System32\quartz.dll2009-06-25 14:35:31 ----A---- C:\WINDOWS\System32\qdvd.dll2009-06-25 14:35:31 ----A---- C:\WINDOWS\System32\qdv.dll2009-06-25 14:35:31 ----A---- C:\WINDOWS\System32\qcap.dll2009-06-25 14:35:31 ----A---- C:\WINDOWS\System32\mciqtz32.dll2009-06-25 14:35:31 ----A---- C:\WINDOWS\System32\encapi.dll2009-06-25 14:35:30 ----A---- C:\WINDOWS\System32\devenum.dll2009-06-25 14:35:30 ----A---- C:\WINDOWS\System32\amstream.dll2009-06-25 14:35:29 ----A---- C:\WINDOWS\System32\dmusic.dll2009-06-25 14:35:29 ----A---- C:\WINDOWS\System32\dmsynth.dll2009-06-25 14:35:29 ----A---- C:\WINDOWS\System32\dmstyle.dll2009-06-25 14:35:29 ----A---- C:\WINDOWS\System32\dmloader.dll2009-06-25 14:35:29 ----A---- C:\WINDOWS\System32\dmime.dll2009-06-25 14:35:28 ----A---- C:\WINDOWS\System32\dswave.dll2009-06-25 14:35:28 ----A---- C:\WINDOWS\System32\dmscript.dll2009-06-25 14:35:28 ----A---- C:\WINDOWS\System32\dmcompos.dll2009-06-25 14:35:28 ----A---- C:\WINDOWS\System32\dmband.dll2009-06-25 14:35:28 ----A---- C:\WINDOWS\System32\dinput8.dll2009-06-25 14:35:28 ----A---- C:\WINDOWS\System32\d3d9.dll2009-06-25 14:35:27 ----A---- C:\WINDOWS\System32\d3d8.dll2009-06-25 14:35:26 ----A---- C:\WINDOWS\System32\dxdiagn.dll2009-06-25 14:35:26 ----A---- C:\WINDOWS\System32\dxdiag.exe2009-06-25 14:35:24 ----A---- C:\WINDOWS\System32\dxdllreg.exe2009-06-25 14:35:24 ----A---- C:\WINDOWS\System32\dsdmoprp.dll2009-06-25 14:35:24 ----A---- C:\WINDOWS\System32\dsdmo.dll2009-06-25 14:35:24 ----A---- C:\WINDOWS\System32\dpvvox.dll2009-06-25 14:35:24 ----A---- C:\WINDOWS\System32\dpvsetup.exe2009-06-25 14:35:24 ----A---- C:\WINDOWS\System32\dpvoice.dll2009-06-25 14:35:24 ----A---- C:\WINDOWS\System32\dpvacm.dll2009-06-25 14:35:23 ----A---- C:\WINDOWS\System32\dpnsvr.exe2009-06-25 14:35:23 ----A---- C:\WINDOWS\System32\dpnlobby.dll2009-06-25 14:35:23 ----A---- C:\WINDOWS\System32\dpnhpast.dll2009-06-25 14:35:23 ----A---- C:\WINDOWS\System32\dpnet.dll2009-06-25 14:35:22 ----A---- C:\WINDOWS\System32\pid.dll2009-06-25 14:35:22 ----A---- C:\WINDOWS\System32\dx8vb.dll2009-06-25 14:35:22 ----A---- C:\WINDOWS\System32\dx7vb.dll2009-06-25 14:35:22 ----A---- C:\WINDOWS\System32\dsound3d.dll2009-06-25 14:35:22 ----A---- C:\WINDOWS\System32\dsound.dll2009-06-25 14:35:22 ----A---- C:\WINDOWS\System32\dpwsockx.dll2009-06-25 14:35:22 ----A---- C:\WINDOWS\System32\dpnhupnp.dll2009-06-25 14:35:22 ----A---- C:\WINDOWS\System32\dpnaddr.dll2009-06-25 14:35:22 ----A---- C:\WINDOWS\System32\dpmodemx.dll2009-06-25 14:35:22 ----A---- C:\WINDOWS\System32\dplayx.dll2009-06-25 14:35:22 ----A---- C:\WINDOWS\System32\dplaysvr.exe2009-06-25 14:35:22 ----A---- C:\WINDOWS\System32\dinput.dll2009-06-25 14:35:22 ----A---- C:\WINDOWS\System32\d3d8thk.dll2009-06-25 14:35:21 ----A---- C:\WINDOWS\System32\ddrawex.dll2009-06-25 14:35:21 ----A---- C:\WINDOWS\System32\ddraw.dll2009-06-25 14:35:21 ----A---- C:\WINDOWS\System32\d3dim700.dll2009-06-25 14:33:27 ----D---- C:\Program Files\Winamp2009-06-25 14:33:27 ----A---- C:\WINDOWS\winamp.ini2009-06-25 14:24:28 ----A---- C:\WINDOWS\ntbtlog.txt2009-06-25 14:05:21 ----A---- C:\WINDOWS\System32\yzwq.exe2009-06-25 13:30:00 ----A---- C:\Documents and Settings\kania\Dane aplikacji\ezplay.ini2009-06-25 13:29:51 ----A---- C:\Documents and Settings\kania\Dane aplikacji\inst.exe2009-06-25 13:29:50 ----D---- C:\Documents and Settings\kania\Dane aplikacji\Vso2009-06-25 00:04:42 ----A---- C:\WINDOWS\System32\wfpytiv.exe2009-06-24 23:35:14 ----D---- C:\Documents and Settings\kania\Dane aplikacji\Ventrilo2009-06-24 23:34:49 ----D---- C:\Program Files\Ventrilo2009-06-24 23:34:22 ----D---- C:\Program Files\Common Files\Wise Installation Wizard2009-06-24 22:46:10 ----D---- C:\Documents and Settings\kania\Dane aplikacji\GetRightToGo2009-06-24 21:00:05 ----A---- C:\WINDOWS\System32\tngp.exe2009-06-24 20:58:51 ----D---- C:\WINDOWS\Minidump2009-06-24 19:24:13 ----RSH---- C:\WINDOWS\System32\nod64.exe2009-06-24 19:11:59 ----D---- C:\Program Files\WinZip2009-06-24 19:06:42 ----A---- C:\WINDOWS\System32\apps.exe2009-06-24 18:59:31 ----RSH---- C:\s.exe2009-06-24 18:59:04 ----RSH---- C:\WINDOWS\System32\nmdfgds1.dll2009-06-24 18:48:34 ----A---- C:\WINDOWS\System32\lbujgdi.exe2009-06-24 18:45:51 ----D---- C:\Program Files\AutoConnect2009-06-24 18:39:19 ----D---- C:\WINDOWS\Logs2009-06-24 18:38:54 ----SH---- C:\boot.ini2009-06-24 18:35:40 ----D---- C:\WINDOWS\System32\IME2009-06-24 18:35:40 ----D---- C:\WINDOWS\System32\3com_dmi2009-06-24 18:35:40 ----D---- C:\WINDOWS\System32\10452009-06-24 18:35:39 ----RSHDC---- C:\WINDOWS\System32\dllcache2009-06-24 18:35:39 ----RSD---- C:\WINDOWS\Fonts2009-06-24 18:35:39 ----RD---- C:\WINDOWS\Web2009-06-24 18:35:39 ----HD---- C:\WINDOWS\inf2009-06-24 18:35:39 ----D---- C:\WINDOWS\WinSxS2009-06-24 18:35:39 ----D---- C:\WINDOWS\twain_322009-06-24 18:35:39 ----D---- C:\WINDOWS\Temp2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\wins2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\wbem2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\usmt2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\spool2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\ShellExt2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\Setup2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\ras2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\oobe2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\npp2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\mui2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\inetsrv2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\icsxml2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\ias2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\export2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\drivers2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\dhcp2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\config2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\30762009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\20522009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\10542009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\10422009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\10412009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\10372009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\10332009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\10312009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\10282009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\10252009-06-24 18:35:39 ----D---- C:\WINDOWS\system322009-06-24 18:35:39 ----D---- C:\WINDOWS\system2009-06-24 18:35:39 ----D---- C:\WINDOWS\security2009-06-24 18:35:39 ----D---- C:\WINDOWS\Resources2009-06-24 18:35:39 ----D---- C:\WINDOWS\repair2009-06-24 18:35:39 ----D---- C:\WINDOWS\mui2009-06-24 18:35:39 ----D---- C:\WINDOWS\msapps2009-06-24 18:35:39 ----D---- C:\WINDOWS\msagent2009-06-24 18:35:39 ----D---- C:\WINDOWS\Media2009-06-24 18:35:39 ----D---- C:\WINDOWS\java2009-06-24 18:35:39 ----D---- C:\WINDOWS\ime2009-06-24 18:35:39 ----D---- C:\WINDOWS\Help2009-06-24 18:35:39 ----D---- C:\WINDOWS\Driver Cache2009-06-24 18:35:39 ----D---- C:\WINDOWS\Debug2009-06-24 18:35:39 ----D---- C:\WINDOWS\Cursors2009-06-24 18:35:39 ----D---- C:\WINDOWS\Connection Wizard2009-06-24 18:35:39 ----D---- C:\WINDOWS\Config2009-06-24 18:35:39 ----D---- C:\WINDOWS\AppPatch2009-06-24 18:35:39 ----D---- C:\WINDOWS\addins2009-06-24 18:35:39 ----D---- C:\WINDOWS2009-06-24 18:33:29 ----D---- C:\Documents and Settings\kania\Dane aplikacji\Macromedia2009-06-24 18:33:29 ----D---- C:\Documents and Settings\kania\Dane aplikacji\Adobe2009-06-24 18:08:34 ----RSH---- C:\WINDOWS\wuaucpl.exe2009-06-24 18:04:27 ----D---- C:\Program Files\Yahoo!2009-06-24 18:03:01 ----RSH---- C:\WINDOWS\System32\windowsupdate.exe2009-06-24 17:58:32 ----D---- C:\Program Files\WinRAR2009-06-24 17:57:08 ----D---- C:\Program Files\Gadu-Gadu2009-06-24 17:56:42 ----D---- C:\Documents and Settings\kania\Dane aplikacji\Mozilla2009-06-24 17:56:41 ----D---- C:\Program Files\Mozilla Firefox2009-06-24 17:47:06 ----A---- C:\WINDOWS\System32\WooDial2000.dll2009-06-24 17:46:13 ----A---- C:\WINDOWS\System32\h323log.txt2009-06-24 17:45:59 ----A---- C:\WINDOWS\System32\stci.dll2009-06-24 17:45:57 ----D---- C:\Program Files\Thomson2009-06-24 17:45:27 ----D---- C:\Program Files\Java Web Start2009-06-24 17:45:25 ----N---- C:\WINDOWS\System32\javaw.exe2009-06-24 17:45:25 ----N---- C:\WINDOWS\System32\java.exe2009-06-24 17:45:20 ----N---- C:\WINDOWS\System32\ActPanel.dll2009-06-24 17:45:20 ----D---- C:\Program Files\Java2009-06-24 17:44:26 ----D---- C:\Program Files\Neostrada TP2009-06-24 17:43:43 ----A---- C:\WINDOWS\System32\nv4.dll2009-06-24 17:43:13 ----A---- C:\WINDOWS\System32\usbui.dll2009-06-24 17:43:04 ----SHD---- C:\WINDOWS\ftpcache2009-06-24 17:42:19 ----A---- C:\WINDOWS\imsins.BAK2009-06-24 17:42:15 ----A---- C:\WINDOWS\System32\PerfStringBackup.INI2009-06-24 17:42:14 ----D---- C:\Program Files\Common Files\ODBC2009-06-24 17:42:14 ----A---- C:\WINDOWS\ODBCINST.INI2009-06-24 17:42:12 ----D---- C:\Program Files\Common Files\SpeechEngines2009-06-24 17:42:11 ----RD---- C:\Program Files2009-06-24 17:42:11 ----D---- C:\Program Files\Common Files\Microsoft Shared2009-06-24 17:42:11 ----D---- C:\Program Files\Common Files2009-06-24 17:42:08 ----RA---- C:\WINDOWS\System32\kbdtuq.dll2009-06-24 17:42:08 ----RA---- C:\WINDOWS\System32\kbdtuf.dll2009-06-24 17:42:08 ----RA---- C:\WINDOWS\System32\kbdazel.dll2009-06-24 17:42:07 ----RA---- C:\WINDOWS\System32\kbdycc.dll2009-06-24 17:42:07 ----RA---- C:\WINDOWS\System32\kbduzb.dll2009-06-24 17:42:07 ----RA---- C:\WINDOWS\System32\kbdur.dll2009-06-24 17:42:07 ----RA---- C:\WINDOWS\System32\kbdtat.dll2009-06-24 17:42:07 ----RA---- C:\WINDOWS\System32\kbdru1.dll2009-06-24 17:42:07 ----RA---- C:\WINDOWS\System32\kbdru.dll2009-06-24 17:42:07 ----RA---- C:\WINDOWS\System32\kbdmon.dll2009-06-24 17:42:07 ----RA---- C:\WINDOWS\System32\kbdkyr.dll2009-06-24 17:42:07 ----RA---- C:\WINDOWS\System32\kbdkaz.dll2009-06-24 17:42:07 ----RA---- C:\WINDOWS\System32\kbdbu.dll2009-06-24 17:42:07 ----RA---- C:\WINDOWS\System32\kbdblr.dll2009-06-24 17:42:07 ----RA---- C:\WINDOWS\System32\kbdaze.dll2009-06-24 17:42:05 ----RA---- C:\WINDOWS\System32\kbdhept.dll2009-06-24 17:42:05 ----RA---- C:\WINDOWS\System32\kbdhela3.dll2009-06-24 17:42:05 ----RA---- C:\WINDOWS\System32\kbdhela2.dll2009-06-24 17:42:05 ----RA---- C:\WINDOWS\System32\kbdhe319.dll2009-06-24 17:42:05 ----RA---- C:\WINDOWS\System32\kbdhe220.dll2009-06-24 17:42:05 ----RA---- C:\WINDOWS\System32\kbdhe.dll2009-06-24 17:42:05 ----RA---- C:\WINDOWS\System32\kbdgkl.dll2009-06-24 17:42:04 ----RA---- C:\WINDOWS\System32\kbdlv1.dll2009-06-24 17:42:04 ----RA---- C:\WINDOWS\System32\kbdlv.dll2009-06-24 17:42:04 ----RA---- C:\WINDOWS\System32\kbdlt1.dll2009-06-24 17:42:04 ----RA---- C:\WINDOWS\System32\kbdlt.dll2009-06-24 17:42:04 ----RA---- C:\WINDOWS\System32\kbdest.dll2009-06-24 17:42:01 ----A---- C:\WINDOWS\System32\kbdsl1.dll2009-06-24 17:42:01 ----A---- C:\WINDOWS\System32\kbdsl.dll2009-06-24 17:42:01 ----A---- C:\WINDOWS\System32\kbdro.dll2009-06-24 17:42:01 ----A---- C:\WINDOWS\System32\kbdhu1.dll2009-06-24 17:42:01 ----A---- C:\WINDOWS\System32\kbdhu.dll2009-06-24 17:42:01 ----A---- C:\WINDOWS\System32\kbdcz2.dll2009-06-24 17:42:01 ----A---- C:\WINDOWS\System32\kbdcz1.dll2009-06-24 17:42:01 ----A---- C:\WINDOWS\System32\kbdcz.dll2009-06-24 17:42:01 ----A---- C:\WINDOWS\System32\kbdcr.dll2009-06-24 17:42:00 ----A---- C:\WINDOWS\System32\kbdycl.dll2009-06-24 17:42:00 ----A---- C:\WINDOWS\System32\KBDAL.DLL2009-06-24 17:42:00 ----A---- C:\WINDOWS\System32\irclass.dll2009-06-24 17:41:59 ----A---- C:\WINDOWS\System32\spxcoins.dll2009-06-24 17:41:59 ----A---- C:\WINDOWS\System32\EqnClass.Dll2009-06-24 17:41:59 ----A---- C:\WINDOWS\System32\dgsetup.dll2009-06-24 17:41:59 ----A---- C:\WINDOWS\System32\dgrpsetu.dll2009-06-24 17:41:59 ----A---- C:\WINDOWS\System32\batt.dll2009-06-24 17:41:57 ----N---- C:\WINDOWS\System32\CONFIG.TMP2009-06-24 17:41:57 ----A---- C:\WINDOWS\TASKMAN.EXE2009-06-24 17:41:57 ----A---- C:\WINDOWS\NOTEPAD.EXE2009-06-24 17:41:56 ----A---- C:\WINDOWS\System32\storprop.dll2009-06-24 17:41:48 ----ASH---- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini2009-06-24 17:41:44 ----RA---- C:\WINDOWS\SET7.tmp2009-06-24 17:41:42 ----RA---- C:\WINDOWS\SET3.tmp2009-06-24 17:41:36 ----D---- C:\WINDOWS\System32\CatRoot22009-06-24 17:41:36 ----D---- C:\WINDOWS\System32\CatRoot2009-06-24 17:41:30 ----SD---- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft2009-06-24 17:41:21 ----A---- C:\WINDOWS\setuplog.txt2009-06-24 17:41:17 ----D---- C:\Documents and Settings2009-06-24 17:28:04 ----SHD---- C:\RECYCLER2009-06-24 17:06:38 ----A---- C:\WINDOWS\System32\MSVCR71.dll2009-06-24 17:06:38 ----A---- C:\WINDOWS\System32\MSVCP71.dll2009-06-24 17:06:38 ----A---- C:\WINDOWS\System32\MFC71.dll2009-06-24 17:06:35 ----D---- C:\Program Files\Alwil Software2009-06-24 17:04:57 ----A---- C:\WINDOWS\System32\vusetup.dll2009-06-24 17:04:25 ----A---- C:\WINDOWS\IsUn0415.exe2009-06-24 17:03:27 ----A---- C:\WINDOWS\CMISETUP.INI2009-06-24 17:03:27 ----A---- C:\WINDOWS\CMCDPLAY.INI2009-06-24 17:03:24 ----A---- C:\WINDOWS\Wininit.ini2009-06-24 17:03:24 ----A---- C:\WINDOWS\System32\udaprop.dll2009-06-24 17:03:23 ----A---- C:\WINDOWS\System32\cmuda.dll2009-06-24 17:03:23 ----A---- C:\WINDOWS\System32\cmirmdrv.exe2009-06-24 17:03:23 ----A---- C:\WINDOWS\System32\cmirmdrv.dll2009-06-24 17:03:23 ----A---- C:\WINDOWS\System32\Audio3D.dll2009-06-24 17:03:23 ----A---- C:\WINDOWS\System32\a3d.dll2009-06-24 17:03:22 ----D---- C:\Program Files\C-Media 3D Audio2009-06-24 17:03:22 ----A---- C:\WINDOWS\CMIUninstall.exe2009-06-24 17:03:22 ----A---- C:\WINDOWS\CmiRmRedundDir.exe2009-06-24 17:03:22 ----A---- C:\WINDOWS\CMIRmDriver.dll2009-06-24 17:02:07 ----D---- C:\WINDOWS\System32\ReinstallBackups2009-06-24 17:01:53 ----A---- C:\WINDOWS\IsUninst.exe2009-06-24 17:00:12 ----HD---- C:\Program Files\InstallShield Installation Information2009-06-24 16:59:10 ----D---- C:\Program Files\VIA2009-06-24 16:59:06 ----D---- C:\Program Files\Common Files\InstallShield2009-06-24 16:58:14 ----RSH---- C:\8paf1d.com2009-06-24 16:57:47 ----RSH---- C:\WINDOWS\System32\olhrwef.exe2009-06-24 16:57:47 ----RSH---- C:\WINDOWS\System32\nmdfgds0.dll2009-06-24 16:57:20 ----SHD---- C:\WINDOWS\Installer2009-06-24 16:57:17 ----D---- C:\Documents and Settings\kania\Dane aplikacji\Identities2009-06-24 16:57:11 ----HD---- C:\Program Files\Uninstall Information2009-06-24 16:57:06 ----SD---- C:\Documents and Settings\kania\Dane aplikacji\Microsoft2009-06-24 16:57:06 ----ASH---- C:\Documents and Settings\kania\Dane aplikacji\desktop.ini2009-06-24 16:55:26 ----SHD---- C:\System Volume Information2009-06-24 16:55:25 ----D---- C:\WINDOWS\Prefetch2009-06-24 16:55:25 ----A---- C:\WINDOWS\SchedLgU.Txt2009-06-24 16:51:40 ----D---- C:\WINDOWS\System32\xircom2009-06-24 16:51:40 ----D---- C:\Program Files\xerox2009-06-24 16:51:40 ----D---- C:\Program Files\microsoft frontpage2009-06-24 16:51:14 ----A---- C:\WINDOWS\control.ini2009-06-24 16:51:14 ----A---- C:\AUTOEXEC.BAT2009-06-24 16:51:07 ----A---- C:\WINDOWS\OEWABLog.txt2009-06-24 16:51:03 ----A---- C:\WINDOWS\System32\mapi32.dll2009-06-24 16:50:11 ----SD---- C:\WINDOWS\Downloaded Program Files2009-06-24 16:50:11 ----RD---- C:\WINDOWS\Offline Web Pages2009-06-24 16:50:10 ----RAH---- C:\WINDOWS\System32\logonui.exe.manifest2009-06-24 16:50:05 ----RAH---- C:\WINDOWS\System32\cdplayer.exe.manifest2009-06-24 16:49:49 ----D---- C:\WINDOWS\srchasst2009-06-24 16:49:41 ----D---- C:\WINDOWS\System32\Macromed2009-06-24 16:49:41 ----D---- C:\WINDOWS\System32\DirectX2009-06-24 16:49:31 ----A---- C:\WINDOWS\System32\qmgrprxy.dll2009-06-24 16:49:31 ----A---- C:\WINDOWS\System32\qmgr.dll2009-06-24 16:49:29 ----D---- C:\Program Files\Movie Maker2009-06-24 16:49:14 ----A---- C:\WINDOWS\System32\safrslv.dll2009-06-24 16:49:14 ----A---- C:\WINDOWS\System32\safrdm.dll2009-06-24 16:49:14 ----A---- C:\WINDOWS\System32\safrcdlg.dll2009-06-24 16:49:14 ----A---- C:\WINDOWS\System32\racpldlg.dll2009-06-24 16:49:14 ----A---- C:\WINDOWS\System32\atrace.dll2009-06-24 16:49:10 ----A---- C:\WINDOWS\System32\desktop.ini2009-06-24 16:49:10 ----A---- C:\WINDOWS\desktop.ini2009-06-24 16:49:04 ----D---- C:\WINDOWS\System32\Restore2009-06-24 16:49:04 ----A---- C:\WINDOWS\System32\srsvc.dll2009-06-24 16:49:04 ----A---- C:\WINDOWS\System32\srrstr.dll2009-06-24 16:49:04 ----A---- C:\WINDOWS\System32\srclient.dll2009-06-24 16:49:03 ----D---- C:\Program Files\Windows Media Player2009-06-24 16:49:03 ----A---- C:\WINDOWS\System32\nmevtmsg.dll2009-06-24 16:49:03 ----A---- C:\WINDOWS\System32\mnmdd.dll2009-06-24 16:49:03 ----A---- C:\WINDOWS\System32\isrdbg32.dll2009-06-24 16:49:03 ----A---- C:\WINDOWS\System32\ils.dll2009-06-24 16:49:02 ----A---- C:\WINDOWS\System32\nmmkcert.dll2009-06-24 16:49:02 ----A---- C:\WINDOWS\System32\msconf.dll2009-06-24 16:49:02 ----A---- C:\WINDOWS\System32\mnmsrvc.exe2009-06-24 16:48:59 ----D---- C:\WINDOWS\PCHEALTH2009-06-24 16:48:59 ----D---- C:\Program Files\NetMeeting2009-06-24 16:48:59 ----A---- C:\WINDOWS\System32\msoert2.dll2009-06-24 16:48:59 ----A---- C:\WINDOWS\System32\acctres.dll2009-06-24 16:48:58 ----D---- C:\Program Files\Common Files\Services2009-06-24 16:48:58 ----A---- C:\WINDOWS\System32\msoeacct.dll2009-06-24 16:48:57 ----A---- C:\WINDOWS\System32\inetres.dll2009-06-24 16:48:57 ----A---- C:\WINDOWS\System32\inetcomm.dll2009-06-24 16:48:53 ----SD---- C:\WINDOWS\Tasks2009-06-24 16:48:53 ----D---- C:\Program Files\Outlook Express2009-06-24 16:48:53 ----A---- C:\WINDOWS\System32\schedsvc.dll2009-06-24 16:48:53 ----A---- C:\WINDOWS\System32\mstinit.exe2009-06-24 16:48:53 ----A---- C:\WINDOWS\System32\mstask.dll2009-06-24 16:48:53 ----A---- C:\WINDOWS\System32\isign32.dll2009-06-24 16:48:53 ----A---- C:\WINDOWS\System32\icwphbk.dll2009-06-24 16:48:53 ----A---- C:\WINDOWS\System32\icwdial.dll2009-06-24 16:48:52 ----A---- C:\WINDOWS\System32\inetcfg.dll2009-06-24 16:48:52 ----A---- C:\WINDOWS\System32\icfgnt5.dll2009-06-24 16:48:50 ----D---- C:\Program Files\Common Files\MSSoap2009-06-24 16:48:47 ----D---- C:\Program Files\Common Files\System2009-06-24 16:48:43 ----D---- C:\Program Files\Internet Explorer2009-06-24 16:48:05 ----D---- C:\Program Files\ComPlus Applications2009-06-24 16:48:03 ----A---- C:\WINDOWS\vbaddin.ini2009-06-24 16:48:03 ----A---- C:\WINDOWS\vb.ini2009-06-24 16:47:59 ----D---- C:\WINDOWS\Registration2009-06-24 16:47:53 ----HD---- C:\Program Files\WindowsUpdate2009-06-24 16:47:53 ----D---- C:\Program Files\Usługi online2009-06-24 16:47:47 ----D---- C:\Program Files\Messenger2009-06-24 16:47:43 ----D---- C:\Program Files\MSN2009-06-24 16:47:39 ----D---- C:\Program Files\MSN Gaming Zone2009-06-24 16:47:39 ----A---- C:\WINDOWS\System32\write.exe2009-06-24 16:47:31 ----A---- C:\WINDOWS\System32\sndvol32.exe2009-06-24 16:47:31 ----A---- C:\WINDOWS\System32\sndrec32.exe2009-06-24 16:47:31 ----A---- C:\WINDOWS\System32\mplay32.exe2009-06-24 16:47:31 ----A---- C:\WINDOWS\System32\accwiz.exe2009-06-24 16:47:30 ----D---- C:\Program Files\Windows NT2009-06-24 16:47:30 ----A---- C:\WINDOWS\System32\winchat.exe2009-06-24 16:47:30 ----A---- C:\WINDOWS\System32\hypertrm.dll2009-06-24 16:47:30 ----A---- C:\WINDOWS\System32\hticons.dll2009-06-24 16:47:30 ----A---- C:\WINDOWS\System32\avwav.dll2009-06-24 16:47:30 ----A---- C:\WINDOWS\System32\avtapi.dll2009-06-24 16:47:30 ----A---- C:\WINDOWS\System32\avmeter.dll2009-06-24 16:47:28 ----A---- C:\WINDOWS\System32\mspaint.exe2009-06-24 16:47:25 ----A---- C:\WINDOWS\System32\clipbrd.exe2009-06-24 16:47:24 ----A---- C:\WINDOWS\System32\getuname.dll2009-06-24 16:47:23 ----A---- C:\WINDOWS\System32\winmine.exe2009-06-24 16:47:23 ----A---- C:\WINDOWS\System32\spider.exe2009-06-24 16:47:23 ----A---- C:\WINDOWS\System32\sol.exe2009-06-24 16:47:23 ----A---- C:\WINDOWS\System32\mshearts.exe2009-06-24 16:47:23 ----A---- C:\WINDOWS\System32\charmap.exe2009-06-24 16:47:23 ----A---- C:\WINDOWS\System32\calc.exe2009-06-24 16:47:22 ----A---- C:\WINDOWS\System32\wuauserv.dll2009-06-24 16:47:22 ----A---- C:\WINDOWS\System32\wuaueng.dll2009-06-24 16:47:22 ----A---- C:\WINDOWS\System32\wuauclt.exe2009-06-24 16:47:22 ----A---- C:\WINDOWS\System32\tscfgwmi.dll2009-06-24 16:47:22 ----A---- C:\WINDOWS\System32\freecell.exe2009-06-24 16:47:21 ----A---- C:\WINDOWS\System32\usrlogon.cmd2009-06-24 16:47:21 ----A---- C:\WINDOWS\System32\tsshutdn.exe2009-06-24 16:47:21 ----A---- C:\WINDOWS\System32\tslabels.ini2009-06-24 16:47:21 ----A---- C:\WINDOWS\System32\tskill.exe2009-06-24 16:47:21 ----A---- C:\WINDOWS\System32\tsdiscon.exe2009-06-24 16:47:21 ----A---- C:\WINDOWS\System32\tscupgrd.exe2009-06-24 16:47:21 ----A---- C:\WINDOWS\System32\tscon.exe2009-06-24 16:47:21 ----A---- C:\WINDOWS\System32\sessmgr.exe2009-06-24 16:47:21 ----A---- C:\WINDOWS\System32\reset.exe2009-06-24 16:47:21 ----A---- C:\WINDOWS\System32\remotepg.dll2009-06-24 16:47:21 ----A---- C:\WINDOWS\System32\rdshost.exe2009-06-24 16:47:21 ----A---- C:\WINDOWS\System32\rdsaddin.exe2009-06-24 16:47:21 ----A---- C:\WINDOWS\System32\rdchost.dll2009-06-24 16:47:21 ----A---- C:\WINDOWS\System32\mstscax.dll2009-06-24 16:47:21 ----A---- C:\WINDOWS\System32\mstsc.exe2009-06-24 16:47:20 ----A---- C:\WINDOWS\System32\termsrv.dll2009-06-24 16:47:20 ----A---- C:\WINDOWS\System32\shadow.exe2009-06-24 16:47:20 ----A---- C:\WINDOWS\System32\rwinsta.exe2009-06-24 16:47:20 ----A---- C:\WINDOWS\System32\regini.exe2009-06-24 16:47:20 ----A---- C:\WINDOWS\System32\rdpwsx.dll2009-06-24 16:47:20 ----A---- C:\WINDOWS\System32\rdpsnd.dll2009-06-24 16:47:20 ----A---- C:\WINDOWS\System32\rdpclip.exe2009-06-24 16:47:20 ----A---- C:\WINDOWS\System32\rdpcfgex.dll2009-06-24 16:47:20 ----A---- C:\WINDOWS\System32\qwinsta.exe2009-06-24 16:47:20 ----A---- C:\WINDOWS\System32\qprocess.exe2009-06-24 16:47:20 ----A---- C:\WINDOWS\System32\qappsrv.exe2009-06-24 16:47:20 ----A---- C:\WINDOWS\System32\msg.exe2009-06-24 16:47:20 ----A---- C:\WINDOWS\System32\logoff.exe2009-06-24 16:47:20 ----A---- C:\WINDOWS\System32\icaapi.dll2009-06-24 16:47:20 ----A---- C:\WINDOWS\System32\cfgbkend.dll2009-06-24 16:47:19 ----D---- C:\WINDOWS\System32\MsDtc2009-06-24 16:47:19 ----A---- C:\WINDOWS\System32\xolehlp.dll2009-06-24 16:47:19 ----A---- C:\WINDOWS\System32\mtxoci.dll2009-06-24 16:47:19 ----A---- C:\WINDOWS\System32\msdtcuiu.dll2009-06-24 16:47:19 ----A---- C:\WINDOWS\System32\msdtctm.dll2009-06-24 16:47:19 ----A---- C:\WINDOWS\System32\msdtcprx.dll2009-06-24 16:47:19 ----A---- C:\WINDOWS\System32\msdtcprf.ini2009-06-24 16:47:19 ----A---- C:\WINDOWS\System32\msdtclog.dll2009-06-24 16:47:19 ----A---- C:\WINDOWS\System32\msdtc.exe2009-06-24 16:47:19 ----A---- C:\WINDOWS\System32\cdmodem.dll2009-06-24 16:47:18 ----A---- C:\WINDOWS\System32\dcomcnfg.exe2009-06-24 16:47:17 ----D---- C:\WINDOWS\System32\Com2009-06-24 16:47:17 ----A---- C:\WINDOWS\System32\stclient.dll2009-06-24 16:47:17 ----A---- C:\WINDOWS\System32\mtxlegih.dll2009-06-24 16:47:17 ----A---- C:\WINDOWS\System32\mtxex.dll2009-06-24 16:47:17 ----A---- C:\WINDOWS\System32\mtxdm.dll2009-06-24 16:47:17 ----A---- C:\WINDOWS\System32\comrepl.dll2009-06-24 16:47:17 ----A---- C:\WINDOWS\System32\comaddin.dll2009-06-24 16:47:17 ----A---- C:\WINDOWS\System32\colbact.dll2009-06-24 16:47:17 ----A---- C:\WINDOWS\System32\catsrvps.dll2009-06-24 16:47:16 ----A---- C:\WINDOWS\System32\comuid.dll2009-06-24 16:47:16 ----A---- C:\WINDOWS\System32\comsvcs.dll2009-06-24 16:47:16 ----A---- C:\WINDOWS\System32\comsnap.dll2009-06-24 16:47:16 ----A---- C:\WINDOWS\System32\clbcatq.dll2009-06-24 16:47:16 ----A---- C:\WINDOWS\System32\clbcatex.dll2009-06-24 16:47:16 ----A---- C:\WINDOWS\System32\catsrvut.dll2009-06-24 16:47:16 ----A---- C:\WINDOWS\System32\catsrv.dll2009-06-24 16:47:07 ----A---- C:\WINDOWS\System32\wmimgmt.msc2009-06-24 16:47:06 ----A---- C:\WINDOWS\System32\servdeps.dll2009-06-24 16:47:06 ----A---- C:\WINDOWS\System32\mmfutil.dll2009-06-24 16:47:06 ----A---- C:\WINDOWS\System32\licwmi.dll2009-06-24 16:47:06 ----A---- C:\WINDOWS\System32\cmprops.dll======List of files/folders modified in the last 1 months======2009-06-25 17:47:32 ----A---- C:\WINDOWS\win.ini2009-06-24 17:42:10 ----A---- C:\WINDOWS\system.ini======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======R3 alcan5wn;SpeedTouch USB ADSL PPP Networking Driver (NDISWAN); C:\WINDOWS\System32\DRIVERS\alcan5wn.sys [2003-12-08 53600]R3 alcaudsl;SpeedTouch ADSL Modem ATM Transport; C:\WINDOWS\System32\DRIVERS\alcaudsl.sys [2003-12-08 70688]R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2004-08-23 821760]R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\System32\DRIVERS\fetnd5b.sys [2003-11-11 41984]R3 hidusb;Sterownik Microsoft klasy HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-08-18 9600]R3 mouhid;Sterownik myszy HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-26 12160]R3 nv4;nv4; C:\WINDOWS\System32\DRIVERS\nv4.sys [2001-08-17 731648]R3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2001-08-18 24960]R3 usbhub;Koncentrator z obsługą USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2001-08-18 50688]R3 usbprint;Klasa PRINTER USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2001-08-17 24832]R3 usbstor;Sterownik magazynu masowego USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2001-08-18 21760]R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2001-08-18 18944]R3 vulfntrs;VIA USB Roothub Lower Filter; C:\WINDOWS\System32\Drivers\vulfntr.sys [2002-11-13 10496]S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []S2 acpi32;acpi32; \??\C:\WINDOWS\system32\drivers\acpi32.sys []S2 amd64si;amd64si; \??\C:\WINDOWS\system32\drivers\amd64si.sys []S2 ati64si;ati64si; \??\C:\WINDOWS\system32\drivers\ati64si.sys []S2 fips32cup;fips32cup; \??\C:\WINDOWS\system32\drivers\fips32cup.sys []S2 i386si;i386si; \??\C:\WINDOWS\system32\drivers\i386si.sys []S2 ksi32sk;ksi32sk; \??\C:\WINDOWS\system32\drivers\ksi32sk.sys []S2 nicsk32;nicsk32; \??\C:\WINDOWS\system32\drivers\nicsk32.sys []S2 port135sik;port135sik; \??\C:\WINDOWS\system32\drivers\port135sik.sys []S2 securentm;securentm; \??\C:\WINDOWS\system32\drivers\securentm.sys []S2 systemntmi;systemntmi; \??\C:\WINDOWS\system32\drivers\systemntmi.sys []S2 ws2_32sik;ws2_32sik; \??\C:\WINDOWS\system32\drivers\ws2_32sik.sys []S3 AVPsys;AVPsys; \??\C:\WINDOWS\System32\drivers\cdaudio.sys []S3 ezplay;VSO Software ezplay; C:\WINDOWS\System32\Drivers\ezplay.sys [2009-06-25 94208]S3 FETNDIS;Sterownik NT karty VIA PCI 10/100Mb Fast Ethernet; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]S3 NTSIM;NTSIM; \??\C:\WINDOWS\System32\ntsim.sys []S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-06-25 47360]S3 vulfnths;VIA USB Host Controller Lower Filter; C:\WINDOWS\System32\Drivers\vulfnth.sys [2002-10-24 6912]S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []S4 IntelIde;IntelIde; C:\WINDOWS\System32\drivers\IntelIde.sys []======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======R2 Local Service;Local Service; C:\WINDOWS\wuaucpl.exe [2009-06-24 415232]-----------------EOF----------------- w sumie to już drugi raz włączam kompa i błędy nie wyskakują, wiec moze juz cos sie naprawilo, a co do przegladarki to nie wiecie co to moze byc?
Gość komentarz 26 czerwca 2009 komentarz 26 czerwca 2009 Infekcja. Użyj programu Malwarebytes. Wciskamy Skanuj, wybieramy dyski do skanowania i Rozpoczynamy skanowanie, na końcu wciskamy Usuń zaznaczone jak będą i Ok. Wrzuć wygenerowany raport po usuwaniu MBAMem. .
siankaa komentarz 26 czerwca 2009 Autor komentarz 26 czerwca 2009 Infekcja.Użyj programu Malwarebytes. Wciskamy Skanuj, wybieramy dyski do skanowania i Rozpoczynamy skanowanie, na końcu wciskamy Usuń zaznaczone jak będą i Ok. Wrzuć wygenerowany raport po usuwaniu MBAMem. . Malwarebytes' Anti-Malware 1.38Wersja bazy definicji: 2338Windows 5.1.2600 2009-06-26 23:04:39mbam-log-2009-06-26 (23-04-39).txtTyp skanowania: Pełne skanowanie (C:\|D:\|)Przeskanowane obiekty: 136709Upłynęło: 1 hour(s), 9 minute(s), 59 second(s)Zainfekowane procesy w pamięci: 6Zainfekowane moduły pamięci: 1Zainfekowane klucze rejestru: 35Zainfekowane wartości rejestru: 14Zainfekowane pliki rejestru: 4Zainfekowane foldery: 0Zainfekowane pliki: 155Zainfekowane procesy w pamięci:C:\WINDOWS\system32\firewall.exe (Backdoor.Bot) -> Unloaded process successfully.C:\WINDOWS\system32\nod64.exe (Backdoor.SdBot) -> Unloaded process successfully.C:\WINDOWS\system32\logon.exe (Trojan.Agent) -> Unloaded process successfully.C:\WINDOWS\system32\apps.exe (Backdoor.Bot) -> Unloaded process successfully.C:\WINDOWS\system32\windowsupdate.exe (Backdoor.Bot) -> Unloaded process successfully.C:\WINDOWS\system32\algs.exe (Backdoor.Bot) -> Unloaded process successfully.Zainfekowane moduły pamięci:C:\WINDOWS\system32\nmdfgds0.dll (Spyware.OnlineGames) -> Delete on reboot.Zainfekowane klucze rejestru:HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\acpi32 (Rootkit.Agent) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\acpi32 (Rootkit.Agent) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\acpi32 (Rootkit.Agent) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\amd64si (Rootkit.Agent) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\amd64si (Rootkit.Agent) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\amd64si (Rootkit.Agent) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ati64si (Rootkit.Agent) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ati64si (Rootkit.Agent) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ati64si (Rootkit.Agent) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\netsik (Rootkit.Agent) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\netsik (Rootkit.Agent) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\nicsk32 (Rootkit.Agent) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\nicsk32 (Rootkit.Agent) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\nicsk32 (Rootkit.Agent) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\port135sik (Rootkit.Agent) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\port135sik (Rootkit.Agent) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\port135sik (Rootkit.Agent) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\fips32cup (Rootkit.Agent) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\fips32cup (Rootkit.Agent) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\fips32cup (Rootkit.Agent) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\i386si (Rootkit.Agent) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\i386si (Rootkit.Agent) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\i386si (Rootkit.Agent) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\securentm (Rootkit.Agent) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\securentm (Rootkit.Agent) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\securentm (Rootkit.Agent) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\systemntmi (Rootkit.Agent) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\systemntmi (Rootkit.Agent) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\systemntmi (Rootkit.Agent) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ksi32sk (Rootkit.Agent) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ksi32sk (Rootkit.Agent) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ksi32sk (Rootkit.Agent) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ws2_32sik (Rootkit.Agent) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ws2_32sik (Rootkit.Agent) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ws2_32sik (Rootkit.Agent) -> Quarantined and deleted successfully.Zainfekowane wartości rejestru:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\windows network firewall (Backdoor.Bot) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\nod32 service (Backdoor.IRCBot) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\nod32 service (Backdoor.IRCBot) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cdoosoft (Trojan.Agent) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\windows logon application (Trojan.Agent) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\microsoft windows update (Backdoor.Bot) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\WindowsUpdate (Backdoor.Bot) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\windowsupdate (Backdoor.Bot) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\application layer gateway service (Backdoor.Bot) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\OLE\Windowsupdate (Backdoor.Bot) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\OLE\nod32 service (Backdoor.IRCBot) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\WaitToKillServiceT (Malware.Trace) -> Quarantined and deleted successfully.HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\s32bg (Trojan.Agent) -> Quarantined and deleted successfully.HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\s32bg (Trojan.Agent) -> Quarantined and deleted successfully.Zainfekowane pliki rejestru:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.Zainfekowane foldery:(Nie wykryto groźnych plików)Zainfekowane pliki:C:\WINDOWS\system32\firewall.exe (Backdoor.Bot) -> Quarantined and deleted successfully.C:\WINDOWS\system32\nod64.exe (Backdoor.SdBot) -> Quarantined and deleted successfully.c:\system volume information\_restore{4383b888-ccd1-4ccc-9b95-907ff43b16ba}\RP10\A0004654.sys (Rootkit.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{4383b888-ccd1-4ccc-9b95-907ff43b16ba}\RP10\A0004982.sys (Rootkit.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{4383b888-ccd1-4ccc-9b95-907ff43b16ba}\RP11\A0005003.sys (Rootkit.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{4383b888-ccd1-4ccc-9b95-907ff43b16ba}\RP11\A0006020.sys (Rootkit.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{4383b888-ccd1-4ccc-9b95-907ff43b16ba}\RP11\A0006039.sys (Rootkit.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{4383b888-ccd1-4ccc-9b95-907ff43b16ba}\RP11\A0006084.sys (Rootkit.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{4383b888-ccd1-4ccc-9b95-907ff43b16ba}\RP11\A0006113.sys (Rootkit.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{4383b888-ccd1-4ccc-9b95-907ff43b16ba}\RP11\A0006414.sys (Rootkit.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{4383b888-ccd1-4ccc-9b95-907ff43b16ba}\RP11\A0006143.sys (Rootkit.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{4383b888-ccd1-4ccc-9b95-907ff43b16ba}\RP11\A0006302.sys (Rootkit.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{4383b888-ccd1-4ccc-9b95-907ff43b16ba}\RP11\A0006345.sys (Rootkit.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{4383b888-ccd1-4ccc-9b95-907ff43b16ba}\RP11\A0006360.sys (Rootkit.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{4383b888-ccd1-4ccc-9b95-907ff43b16ba}\RP11\A0006373.sys (Rootkit.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{4383b888-ccd1-4ccc-9b95-907ff43b16ba}\RP11\A0006394.sys (Rootkit.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{4383b888-ccd1-4ccc-9b95-907ff43b16ba}\RP11\A0006409.sys (Rootkit.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{4383b888-ccd1-4ccc-9b95-907ff43b16ba}\RP11\A0006413.sys (Rootkit.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{4383b888-ccd1-4ccc-9b95-907ff43b16ba}\RP11\A0007427.sys (Rootkit.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{4383b888-ccd1-4ccc-9b95-907ff43b16ba}\RP11\A0007454.sys (Rootkit.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{4383b888-ccd1-4ccc-9b95-907ff43b16ba}\RP11\A0007469.sys (Rootkit.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{4383b888-ccd1-4ccc-9b95-907ff43b16ba}\RP11\A0007487.sys (Rootkit.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{4383b888-ccd1-4ccc-9b95-907ff43b16ba}\RP11\A0007488.sys (Rootkit.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{4383b888-ccd1-4ccc-9b95-907ff43b16ba}\RP11\A0007489.sys (Rootkit.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{4383b888-ccd1-4ccc-9b95-907ff43b16ba}\RP11\A0007490.sys (Rootkit.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{4383b888-ccd1-4ccc-9b95-907ff43b16ba}\RP11\A0007493.sys (Rootkit.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{4383b888-ccd1-4ccc-9b95-907ff43b16ba}\RP11\A0008507.sys (Rootkit.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{4383b888-ccd1-4ccc-9b95-907ff43b16ba}\RP11\A0008525.sys (Rootkit.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{4383b888-ccd1-4ccc-9b95-907ff43b16ba}\RP11\A0008545.sys (Rootkit.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{4383b888-ccd1-4ccc-9b95-907ff43b16ba}\RP11\A0009551.sys (Rootkit.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{4383b888-ccd1-4ccc-9b95-907ff43b16ba}\RP11\A0010552.sys (Rootkit.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{4383b888-ccd1-4ccc-9b95-907ff43b16ba}\RP6\A0000343.sys (Rootkit.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{4383b888-ccd1-4ccc-9b95-907ff43b16ba}\RP8\A0000396.sys (Rootkit.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{4383b888-ccd1-4ccc-9b95-907ff43b16ba}\RP8\A0000420.sys (Rootkit.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{4383b888-ccd1-4ccc-9b95-907ff43b16ba}\RP8\A0001417.sys (Rootkit.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{4383b888-ccd1-4ccc-9b95-907ff43b16ba}\RP8\A0001436.sys (Rootkit.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{4383b888-ccd1-4ccc-9b95-907ff43b16ba}\RP8\A0002455.sys (Rootkit.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{4383b888-ccd1-4ccc-9b95-907ff43b16ba}\RP9\A0002619.sys (Rootkit.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{4383b888-ccd1-4ccc-9b95-907ff43b16ba}\RP9\A0003456.sys (Rootkit.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{4383b888-ccd1-4ccc-9b95-907ff43b16ba}\RP9\A0004473.sys (Rootkit.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{4383b888-ccd1-4ccc-9b95-907ff43b16ba}\RP9\A0004476.sys (Rootkit.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{4383b888-ccd1-4ccc-9b95-907ff43b16ba}\RP9\A0004532.sys (Rootkit.Agent) -> Quarantined and deleted successfully.c:\system volume information\_restore{4383b888-ccd1-4ccc-9b95-907ff43b16ba}\RP9\A0004645.sys (Rootkit.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\system32\unpwcvvr.exe (Backdoor.SdBot) -> Quarantined and deleted successfully.c:\WINDOWS\system32\afhmezfr.exe (Backdoor.SdBot) -> Quarantined and deleted successfully.c:\WINDOWS\system32\arxguq.exe (Backdoor.SdBot) -> Quarantined and deleted successfully.c:\WINDOWS\system32\bdehyj.exe (Backdoor.SdBot) -> Quarantined and deleted successfully.c:\WINDOWS\system32\hbmizams.exe (Backdoor.SdBot) -> Quarantined and deleted successfully.c:\WINDOWS\system32\iynfxxpl.exe (Backdoor.SdBot) -> Quarantined and deleted successfully.c:\WINDOWS\system32\nonpod.exe (Backdoor.SdBot) -> Quarantined and deleted successfully.c:\WINDOWS\system32\tngp.exe (Backdoor.SdBot) -> Quarantined and deleted successfully.c:\WINDOWS\system32\wfpytiv.exe (Backdoor.SdBot) -> Quarantined and deleted successfully.c:\WINDOWS\system32\yrpizuyt.exe (Backdoor.SdBot) -> Quarantined and deleted successfully.c:\WINDOWS\system32\ywhaunrc.exe (Backdoor.SdBot) -> Quarantined and deleted successfully.c:\WINDOWS\system32\yzwq.exe (Backdoor.SdBot) -> Quarantined and deleted successfully.c:\WINDOWS\system32\kuqqpf.exe (Backdoor.SdBot) -> Quarantined and deleted successfully.c:\WINDOWS\system32\lbujgdi.exe (Backdoor.SdBot) -> Quarantined and deleted successfully.c:\WINDOWS\system32\drivers\acpi32.sys (Rootkit.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\system32\drivers\amd64si.sys (Rootkit.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\system32\drivers\ati64si.sys (Rootkit.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\system32\drivers\netsik.sys (Rootkit.Agent) -> Delete on reboot.c:\WINDOWS\system32\drivers\nicsk32.sys (Rootkit.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\system32\drivers\port135sik.sys (Rootkit.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\system32\drivers\fips32cup.sys (Rootkit.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\system32\drivers\i386si.sys (Rootkit.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\system32\drivers\securentm.sys (Rootkit.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\system32\drivers\systemntmi.sys (Rootkit.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\system32\drivers\ksi32sk.sys (Rootkit.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\system32\drivers\ws2_32sik.sys (Rootkit.Agent) -> Quarantined and deleted successfully.d:\sm.exe (Worm.Autorun) -> Quarantined and deleted successfully.d:\i.cmd (Spyware.OnlineGames) -> Quarantined and deleted successfully.d:\qwtb.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.d:\husyu8n.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.d:\gpcdt.cmd (Spyware.OnlineGames) -> Quarantined and deleted successfully.d:\ej10fkdo.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.d:\vwewav8.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.d:\npee.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.d:\eyt.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.d:\ymxf2.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.d:\nu.cmd (Spyware.OnlineGames) -> Quarantined and deleted successfully.d:\boyedt.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.d:\hkn6k.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.d:\ysep1.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.d:\lc.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.d:\w.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.d:\j.cmd (Spyware.OnlineGames) -> Quarantined and deleted successfully.d:\icxpa.cmd (Spyware.OnlineGames) -> Quarantined and deleted successfully.d:\ukvr.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.d:\3.cmd (Spyware.OnlineGames) -> Quarantined and deleted successfully.d:\n68mqcra.exe (Trojan.Agent) -> Quarantined and deleted successfully.d:\2a.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.d:\8.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.d:\6phx.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.d:\1f.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.d:\9dlvtiil.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.d:\xdglur.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.d:\Instalki\quicktime_all_versions_keygen\KeYGeN.exe (Trojan.Dropper) -> Quarantined and deleted successfully.d:\system volume information\_restore{a9686cf7-01bb-431f-b48a-04787ad90e8e}\RP657\A0131420.exe (Worm.Autorun) -> Quarantined and deleted successfully.d:\system volume information\_restore{a9686cf7-01bb-431f-b48a-04787ad90e8e}\RP657\A0131441.exe (Worm.Autorun) -> Quarantined and deleted successfully.d:\system volume information\_restore{a9686cf7-01bb-431f-b48a-04787ad90e8e}\RP657\A0131464.exe (Worm.Autorun) -> Quarantined and deleted successfully.d:\system volume information\_restore{a9686cf7-01bb-431f-b48a-04787ad90e8e}\RP657\A0131515.exe (Worm.Autorun) -> Quarantined and deleted successfully.c:\s.exe (Trojan.Agent) -> Quarantined and deleted successfully.C:\WINDOWS\system32\olhrwef.exe (Trojan.Agent) -> Quarantined and deleted successfully.C:\WINDOWS\system32\logon.exe (Trojan.Agent) -> Quarantined and deleted successfully.C:\WINDOWS\Temp\BN2.tmp (Trojan.Agent) -> Quarantined and deleted successfully.C:\WINDOWS\Temp\BN3.tmp (Trojan.Agent) -> Quarantined and deleted successfully.c:\documents and settings\kania\Ustawienia lokalne\Temp\BN4.tmp (Trojan.Agent) -> Quarantined and deleted successfully.C:\WINDOWS\Temp\BN4.tmp (Trojan.Agent) -> Quarantined and deleted successfully.C:\WINDOWS\Temp\BN5.tmp (Trojan.Agent) -> Quarantined and deleted successfully.C:\WINDOWS\Temp\BN6.tmp (Trojan.Agent) -> Quarantined and deleted successfully.C:\WINDOWS\Temp\BN7.tmp (Trojan.Agent) -> Quarantined and deleted successfully.C:\WINDOWS\Temp\BN8.tmp (Trojan.Agent) -> Quarantined and deleted successfully.C:\WINDOWS\system32\apps.exe (Backdoor.Bot) -> Quarantined and deleted successfully.C:\WINDOWS\system32\windowsupdate.exe (Backdoor.Bot) -> Quarantined and deleted successfully.c:\documents and settings\kania\ustawienia lokalne\Temp\BN10.tmp (Trojan.Agent) -> Quarantined and deleted successfully.c:\documents and settings\kania\ustawienia lokalne\Temp\BN11.tmp (Trojan.Agent) -> Quarantined and deleted successfully.c:\documents and settings\kania\ustawienia lokalne\Temp\BN12.tmp (Trojan.Agent) -> Quarantined and deleted successfully.c:\documents and settings\kania\ustawienia lokalne\Temp\BN1D.tmp (Trojan.Agent) -> Quarantined and deleted successfully.c:\documents and settings\kania\ustawienia lokalne\Temp\BN1E.tmp (Trojan.Agent) -> Quarantined and deleted successfully.c:\documents and settings\kania\ustawienia lokalne\Temp\BN20.tmp (Trojan.Agent) -> Quarantined and deleted successfully.c:\documents and settings\kania\ustawienia lokalne\Temp\BN22.tmp (Trojan.Agent) -> Quarantined and deleted successfully.c:\documents and settings\kania\ustawienia lokalne\Temp\BN4D.tmp (Trojan.Agent) -> Quarantined and deleted successfully.c:\documents and settings\kania\ustawienia lokalne\Temp\BN54.tmp (Trojan.Agent) -> Quarantined and deleted successfully.c:\documents and settings\kania\ustawienia lokalne\Temp\BN5C.tmp (Trojan.Agent) -> Quarantined and deleted successfully.c:\documents and settings\kania\ustawienia lokalne\Temp\BN5F.tmp (Trojan.Agent) -> Quarantined and deleted successfully.c:\documents and settings\kania\ustawienia lokalne\Temp\BN61.tmp (Trojan.Agent) -> Quarantined and deleted successfully.c:\documents and settings\kania\ustawienia lokalne\Temp\BN68.tmp (Trojan.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\Temp\BN10.tmp (Trojan.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\Temp\BN14.tmp (Trojan.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\Temp\BN15.tmp (Trojan.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\Temp\BN16.tmp (Trojan.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\Temp\BN17.tmp (Trojan.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\Temp\BN1C.tmp (Trojan.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\Temp\BN1D.tmp (Trojan.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\Temp\BN25.tmp (Trojan.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\Temp\BN29.tmp (Trojan.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\Temp\BN2A.tmp (Trojan.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\Temp\BN2B.tmp (Trojan.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\Temp\BN30.tmp (Trojan.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\Temp\BN33.tmp (Trojan.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\Temp\BN36.tmp (Trojan.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\Temp\BN41.tmp (Trojan.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\Temp\BN4F.tmp (Trojan.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\Temp\BN50.tmp (Trojan.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\Temp\BN56.tmp (Trojan.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\Temp\BN5D.tmp (Trojan.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\Temp\BN5E.tmp (Trojan.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\Temp\BN60.tmp (Trojan.Agent) -> Quarantined and deleted successfully.c:\WINDOWS\Temp\BN63.tmp (Trojan.Agent) -> Quarantined and deleted successfully.C:\WINDOWS\system32\algs.exe (Backdoor.Bot) -> Quarantined and deleted successfully.c:\WINDOWS\system32\nmdfgds0.dll (Spyware.OnlineGames) -> Delete on reboot.c:\WINDOWS\system32\nmdfgds1.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.c:\documents and settings\kania\oashdihasidhasuidhiasdhiashdiuasdhasd (Trace.Pandex) -> Quarantined and deleted successfully.c:\documents and settings\LocalService\oashdihasidhasuidhiasdhiashdiuasdhasd (Trace.Pandex) -> Quarantined and deleted successfully.C:\WINDOWS\system32\config\systemprofile\s32bg.exe.exe (Trojan.Agent) -> Quarantined and deleted successfully. wszysciusienko dziala:D nawet net sie nie rozlacza:) dzieki chlopaki:********
MarekM25 komentarz 26 czerwca 2009 komentarz 26 czerwca 2009 Daj jeszcze nowy log i wyłącz i włącz przywracanie systemu.
siankaa komentarz 26 czerwca 2009 Autor komentarz 26 czerwca 2009 skad ten nowy log? i gdzie zaznaczyc przywracanie systemu?
MarekM25 komentarz 27 czerwca 2009 komentarz 27 czerwca 2009 nowy log programem RSIT i przywracanie systemu to: start->akcesoria->narzędzia systemowe->przywracanie systemu->ustawienia przywracania systemu->wyłącz przywracanie systemu na wszystkich dyskach i analogicznie potem włącz
kubassksiezpol komentarz 27 czerwca 2009 komentarz 27 czerwca 2009 (edytowane) Przywracanie systemu można szybciej wyłączyć i włączyć tak .Prawy przycisk myszki na mój komputer >> wybierasz kartę przywracanie systemu >> wyłącz przywracanie systemu na wszystkich dyskach. Później zrobisz to samo tylko że za drugim razem odznaczysz tą fajkę
MarekM25 komentarz 27 czerwca 2009 komentarz 27 czerwca 2009 na jedno wyjdzie:) prawda Twój sposób szybszy, ale akurat na linuxie siedzę i z pamięci mówiłem
siankaa komentarz 27 czerwca 2009 Autor komentarz 27 czerwca 2009 Logfile of random's system information tool 1.06 (written by random/random)Run by kania at 2009-06-27 11:10:51Microsoft Windows XP Professional System drive C: has 8 GB (73%) free of 11 GBTotal RAM: 383 MB (37% free)======Registry dump======[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]{8E718888-423F-11D2-876E-00A0C9082467} - &Radio - C:\WINDOWS\System32\msdxm.ocx [2001-10-26 846876][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]"RaidTool"=C:\Program Files\VIA\RAID\raid_tool.exe [2005-06-20 1056768]"Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd []"SpeedTouch USB Diagnostics"=C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe [2004-01-26 866816]"Microsoft Windows Update"=apps.exe []"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2004-12-20 33792]"NeroFilterCheck"=C:\WINDOWS\System32\NeroCheck.exe [2001-07-09 155648]"Hidder"=C:\PROGRA~1\GDATAS~1\SEKRET~1\Hidder.exe [2002-06-03 565248][HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"=C:\WINDOWS\System32\ctfmon.exe [2001-10-26 13312]"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2001-08-02 1077277]"Gadu-Gadu"=C:\Program Files\Gadu-Gadu\gg.exe [2008-03-20 2127296]"AutoConnect"=C:\Program Files\AutoConnect\AutoConnect.exe [2004-08-28 295424]"kania"=C:\Documents and Settings\kania\kania.exe [2009-06-24 23412]"Microsoft Windows Update"=apps.exe []"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe [2005-10-28 94208]"cdoosoft"=C:\WINDOWS\System32\olhrwef.exe [2009-06-27 108007]C:\Documents and Settings\All Users\Menu Start\Programy\AutostartWinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]"dontdisplaylastusername"=0"legalnoticecaption"="legalnoticetext"="shutdownwithoutlogon"=1"undockwithoutlogon"=1[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]"NoDriveTypeAutoRun"=145[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]"C:\WINDOWS\System32\windowsupdate.exe"="C:\WINDOWS\System32\windowsupdate.exe:*:Enabled:windowsupdate""C:\WINDOWS\System32\lbujgdi.exe"="C:\WINDOWS\System32\lbujgdi.exe:*:Enabled:Ultimate Tool""DEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~??????????Š?ŚŤŽŹ??????????Š?ŚŤŽŹ ˇ˘Ł¤Ą?§¨?Ş???ŻÄü"="DEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~??????????Š?ŚŤŽŹ??????????Š?ŚŤŽŹ ˇ˘Ł¤Ą?§¨?Ş???ŻÄü:*:Enabled:Nod32 Service""C:\WINDOWS\System32\tngp.exe"="C:\WINDOWS\System32\tngp.exe:*:Enabled:Ultimate Tool""C:\WINDOWS\System32\wfpytiv.exe"="C:\WINDOWS\System32\wfpytiv.exe:*:Enabled:Ultimate Tool""C:\WINDOWS\System32\yzwq.exe"="C:\WINDOWS\System32\yzwq.exe:*:Enabled:Ultimate Tool""C:\WINDOWS\System32\iynfxxpl.exe"="C:\WINDOWS\System32\iynfxxpl.exe:*:Enabled:Ultimate Tool""C:\WINDOWS\System32\ywhaunrc.exe"="C:\WINDOWS\System32\ywhaunrc.exe:*:Enabled:Ultimate Tool""C:\WINDOWS\System32\nonpod.exe"="C:\WINDOWS\System32\nonpod.exe:*:Enabled:Ultimate Tool""C:\WINDOWS\System32\bdehyj.exe"="C:\WINDOWS\System32\bdehyj.exe:*:Enabled:Ultimate Tool""C:\WINDOWS\System32\arxguq.exe"="C:\WINDOWS\System32\arxguq.exe:*:Enabled:Ultimate Tool""C:\WINDOWS\System32\yrpizuyt.exe"="C:\WINDOWS\System32\yrpizuyt.exe:*:Enabled:Ultimate Tool""C:\WINDOWS\System32\kuqqpf.exe"="C:\WINDOWS\System32\kuqqpf.exe:*:Enabled:Ultimate Tool""C:\WINDOWS\System32\hbmizams.exe"="C:\WINDOWS\System32\hbmizams.exe:*:Enabled:Ultimate Tool""C:\WINDOWS\System32\afhmezfr.exe"="C:\WINDOWS\System32\afhmezfr.exe:*:Enabled:Ultimate Tool""C:\WINDOWS\System32\unpwcvvr.exe"="C:\WINDOWS\System32\unpwcvvr.exe:*:Enabled:Ultimate Tool"[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]======List of files/folders created in the last 1 months======2009-06-27 11:05:57 ----RSH---- C:\WINDOWS\System32\nmdfgds1.dll2009-06-26 23:09:29 ----RSH---- C:\WINDOWS\System32\olhrwef.exe2009-06-26 17:28:51 ----RSH---- C:\metdgv.bat2009-06-26 15:34:38 ----D---- C:\Program Files\G DATA Software2009-06-26 15:05:47 ----D---- C:\Documents and Settings\kania\Dane aplikacji\Malwarebytes2009-06-26 15:04:51 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes2009-06-26 15:04:50 ----D---- C:\Program Files\Malwarebytes' Anti-Malware2009-06-26 13:56:01 ----A---- C:\WINDOWS\NeroDigital.ini2009-06-26 13:39:59 ----D---- C:\Program Files\trend micro2009-06-26 13:39:56 ----D---- C:\rsit2009-06-25 17:47:32 ----D---- C:\Documents and Settings\kania\Dane aplikacji\Opera2009-06-25 17:47:28 ----D---- C:\Program Files\Opera2009-06-25 17:46:55 ----D---- C:\col39292009-06-25 16:28:52 ----D---- C:\Documents and Settings\kania\Dane aplikacji\Gadu-Gadu2009-06-25 14:54:29 ----D---- C:\Documents and Settings\kania\Dane aplikacji\Ahead2009-06-25 14:53:17 ----D---- C:\Program Files\Nero2009-06-25 14:53:17 ----D---- C:\Program Files\Common Files\Ahead2009-06-25 14:46:30 ----D---- C:\WINDOWS\RegisteredPackages2009-06-25 14:35:37 ----A---- C:\WINDOWS\System32\wstdecod.dll2009-06-25 14:35:36 ----A---- C:\WINDOWS\System32\psisdecd.dll2009-06-25 14:35:36 ----A---- C:\WINDOWS\System32\msyuv.dll2009-06-25 14:35:36 ----A---- C:\WINDOWS\System32\msvidctl.dll2009-06-25 14:35:34 ----A---- C:\WINDOWS\System32\ksuser.dll2009-06-25 14:35:33 ----A---- C:\WINDOWS\System32\qedwipes.dll2009-06-25 14:35:32 ----A---- C:\WINDOWS\System32\qedit.dll2009-06-25 14:35:32 ----A---- C:\WINDOWS\System32\qasf.dll2009-06-25 14:35:32 ----A---- C:\WINDOWS\System32\mswebdvd.dll2009-06-25 14:35:32 ----A---- C:\WINDOWS\System32\msdmo.dll2009-06-25 14:35:31 ----A---- C:\WINDOWS\System32\quartz.dll2009-06-25 14:35:31 ----A---- C:\WINDOWS\System32\qdvd.dll2009-06-25 14:35:31 ----A---- C:\WINDOWS\System32\qdv.dll2009-06-25 14:35:31 ----A---- C:\WINDOWS\System32\qcap.dll2009-06-25 14:35:31 ----A---- C:\WINDOWS\System32\mciqtz32.dll2009-06-25 14:35:31 ----A---- C:\WINDOWS\System32\encapi.dll2009-06-25 14:35:30 ----A---- C:\WINDOWS\System32\devenum.dll2009-06-25 14:35:30 ----A---- C:\WINDOWS\System32\amstream.dll2009-06-25 14:35:29 ----A---- C:\WINDOWS\System32\dmusic.dll2009-06-25 14:35:29 ----A---- C:\WINDOWS\System32\dmsynth.dll2009-06-25 14:35:29 ----A---- C:\WINDOWS\System32\dmstyle.dll2009-06-25 14:35:29 ----A---- C:\WINDOWS\System32\dmloader.dll2009-06-25 14:35:29 ----A---- C:\WINDOWS\System32\dmime.dll2009-06-25 14:35:28 ----A---- C:\WINDOWS\System32\dswave.dll2009-06-25 14:35:28 ----A---- C:\WINDOWS\System32\dmscript.dll2009-06-25 14:35:28 ----A---- C:\WINDOWS\System32\dmcompos.dll2009-06-25 14:35:28 ----A---- C:\WINDOWS\System32\dmband.dll2009-06-25 14:35:28 ----A---- C:\WINDOWS\System32\dinput8.dll2009-06-25 14:35:28 ----A---- C:\WINDOWS\System32\d3d9.dll2009-06-25 14:35:27 ----A---- C:\WINDOWS\System32\d3d8.dll2009-06-25 14:35:26 ----A---- C:\WINDOWS\System32\dxdiagn.dll2009-06-25 14:35:26 ----A---- C:\WINDOWS\System32\dxdiag.exe2009-06-25 14:35:24 ----A---- C:\WINDOWS\System32\dxdllreg.exe2009-06-25 14:35:24 ----A---- C:\WINDOWS\System32\dsdmoprp.dll2009-06-25 14:35:24 ----A---- C:\WINDOWS\System32\dsdmo.dll2009-06-25 14:35:24 ----A---- C:\WINDOWS\System32\dpvvox.dll2009-06-25 14:35:24 ----A---- C:\WINDOWS\System32\dpvsetup.exe2009-06-25 14:35:24 ----A---- C:\WINDOWS\System32\dpvoice.dll2009-06-25 14:35:24 ----A---- C:\WINDOWS\System32\dpvacm.dll2009-06-25 14:35:23 ----A---- C:\WINDOWS\System32\dpnsvr.exe2009-06-25 14:35:23 ----A---- C:\WINDOWS\System32\dpnlobby.dll2009-06-25 14:35:23 ----A---- C:\WINDOWS\System32\dpnhpast.dll2009-06-25 14:35:23 ----A---- C:\WINDOWS\System32\dpnet.dll2009-06-25 14:35:22 ----A---- C:\WINDOWS\System32\pid.dll2009-06-25 14:35:22 ----A---- C:\WINDOWS\System32\dx8vb.dll2009-06-25 14:35:22 ----A---- C:\WINDOWS\System32\dx7vb.dll2009-06-25 14:35:22 ----A---- C:\WINDOWS\System32\dsound3d.dll2009-06-25 14:35:22 ----A---- C:\WINDOWS\System32\dsound.dll2009-06-25 14:35:22 ----A---- C:\WINDOWS\System32\dpwsockx.dll2009-06-25 14:35:22 ----A---- C:\WINDOWS\System32\dpnhupnp.dll2009-06-25 14:35:22 ----A---- C:\WINDOWS\System32\dpnaddr.dll2009-06-25 14:35:22 ----A---- C:\WINDOWS\System32\dpmodemx.dll2009-06-25 14:35:22 ----A---- C:\WINDOWS\System32\dplayx.dll2009-06-25 14:35:22 ----A---- C:\WINDOWS\System32\dplaysvr.exe2009-06-25 14:35:22 ----A---- C:\WINDOWS\System32\dinput.dll2009-06-25 14:35:22 ----A---- C:\WINDOWS\System32\d3d8thk.dll2009-06-25 14:35:21 ----A---- C:\WINDOWS\System32\ddrawex.dll2009-06-25 14:35:21 ----A---- C:\WINDOWS\System32\ddraw.dll2009-06-25 14:35:21 ----A---- C:\WINDOWS\System32\d3dim700.dll2009-06-25 14:33:27 ----D---- C:\Program Files\Winamp2009-06-25 14:33:27 ----A---- C:\WINDOWS\winamp.ini2009-06-25 14:24:28 ----A---- C:\WINDOWS\ntbtlog.txt2009-06-25 13:30:00 ----A---- C:\Documents and Settings\kania\Dane aplikacji\ezplay.ini2009-06-25 13:29:51 ----A---- C:\Documents and Settings\kania\Dane aplikacji\inst.exe2009-06-25 13:29:50 ----D---- C:\Documents and Settings\kania\Dane aplikacji\Vso2009-06-24 23:35:14 ----D---- C:\Documents and Settings\kania\Dane aplikacji\Ventrilo2009-06-24 23:34:49 ----D---- C:\Program Files\Ventrilo2009-06-24 23:34:22 ----D---- C:\Program Files\Common Files\Wise Installation Wizard2009-06-24 22:46:10 ----D---- C:\Documents and Settings\kania\Dane aplikacji\GetRightToGo2009-06-24 20:58:51 ----D---- C:\WINDOWS\Minidump2009-06-24 19:11:59 ----D---- C:\Program Files\WinZip2009-06-24 18:45:51 ----D---- C:\Program Files\AutoConnect2009-06-24 18:39:19 ----D---- C:\WINDOWS\Logs2009-06-24 18:38:54 ----SH---- C:\boot.ini2009-06-24 18:35:40 ----D---- C:\WINDOWS\System32\IME2009-06-24 18:35:40 ----D---- C:\WINDOWS\System32\3com_dmi2009-06-24 18:35:40 ----D---- C:\WINDOWS\System32\10452009-06-24 18:35:39 ----RSHDC---- C:\WINDOWS\System32\dllcache2009-06-24 18:35:39 ----RSD---- C:\WINDOWS\Fonts2009-06-24 18:35:39 ----RD---- C:\WINDOWS\Web2009-06-24 18:35:39 ----HD---- C:\WINDOWS\inf2009-06-24 18:35:39 ----D---- C:\WINDOWS\WinSxS2009-06-24 18:35:39 ----D---- C:\WINDOWS\twain_322009-06-24 18:35:39 ----D---- C:\WINDOWS\Temp2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\wins2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\wbem2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\usmt2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\spool2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\ShellExt2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\Setup2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\ras2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\oobe2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\npp2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\mui2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\inetsrv2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\icsxml2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\ias2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\export2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\drivers2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\dhcp2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\config2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\30762009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\20522009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\10542009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\10422009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\10412009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\10372009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\10332009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\10312009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\10282009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\10252009-06-24 18:35:39 ----D---- C:\WINDOWS\system322009-06-24 18:35:39 ----D---- C:\WINDOWS\system2009-06-24 18:35:39 ----D---- C:\WINDOWS\security2009-06-24 18:35:39 ----D---- C:\WINDOWS\Resources2009-06-24 18:35:39 ----D---- C:\WINDOWS\repair2009-06-24 18:35:39 ----D---- C:\WINDOWS\mui2009-06-24 18:35:39 ----D---- C:\WINDOWS\msapps2009-06-24 18:35:39 ----D---- C:\WINDOWS\msagent2009-06-24 18:35:39 ----D---- C:\WINDOWS\Media2009-06-24 18:35:39 ----D---- C:\WINDOWS\java2009-06-24 18:35:39 ----D---- C:\WINDOWS\ime2009-06-24 18:35:39 ----D---- C:\WINDOWS\Help2009-06-24 18:35:39 ----D---- C:\WINDOWS\Driver Cache2009-06-24 18:35:39 ----D---- C:\WINDOWS\Debug2009-06-24 18:35:39 ----D---- C:\WINDOWS\Cursors2009-06-24 18:35:39 ----D---- C:\WINDOWS\Connection Wizard2009-06-24 18:35:39 ----D---- C:\WINDOWS\Config2009-06-24 18:35:39 ----D---- C:\WINDOWS\AppPatch2009-06-24 18:35:39 ----D---- C:\WINDOWS\addins2009-06-24 18:35:39 ----D---- C:\WINDOWS2009-06-24 18:33:29 ----D---- C:\Documents and Settings\kania\Dane aplikacji\Macromedia2009-06-24 18:33:29 ----D---- C:\Documents and Settings\kania\Dane aplikacji\Adobe2009-06-24 18:08:34 ----RSH---- C:\WINDOWS\wuaucpl.exe2009-06-24 18:04:27 ----D---- C:\Program Files\Yahoo!2009-06-24 17:58:32 ----D---- C:\Program Files\WinRAR2009-06-24 17:57:08 ----D---- C:\Program Files\Gadu-Gadu2009-06-24 17:56:42 ----D---- C:\Documents and Settings\kania\Dane aplikacji\Mozilla2009-06-24 17:56:41 ----D---- C:\Program Files\Mozilla Firefox2009-06-24 17:47:06 ----A---- C:\WINDOWS\System32\WooDial2000.dll2009-06-24 17:46:13 ----A---- C:\WINDOWS\System32\h323log.txt2009-06-24 17:45:59 ----A---- C:\WINDOWS\System32\stci.dll2009-06-24 17:45:57 ----D---- C:\Program Files\Thomson2009-06-24 17:45:27 ----D---- C:\Program Files\Java Web Start2009-06-24 17:45:25 ----N---- C:\WINDOWS\System32\javaw.exe2009-06-24 17:45:25 ----N---- C:\WINDOWS\System32\java.exe2009-06-24 17:45:20 ----N---- C:\WINDOWS\System32\ActPanel.dll2009-06-24 17:45:20 ----D---- C:\Program Files\Java2009-06-24 17:44:26 ----D---- C:\Program Files\Neostrada TP2009-06-24 17:43:43 ----A---- C:\WINDOWS\System32\nv4.dll2009-06-24 17:43:13 ----A---- C:\WINDOWS\System32\usbui.dll2009-06-24 17:43:04 ----SHD---- C:\WINDOWS\ftpcache2009-06-24 17:42:19 ----A---- C:\WINDOWS\imsins.BAK2009-06-24 17:42:15 ----A---- C:\WINDOWS\System32\PerfStringBackup.INI2009-06-24 17:42:14 ----D---- C:\Program Files\Common Files\ODBC2009-06-24 17:42:14 ----A---- C:\WINDOWS\ODBCINST.INI2009-06-24 17:42:12 ----D---- C:\Program Files\Common Files\SpeechEngines2009-06-24 17:42:11 ----RD---- C:\Program Files2009-06-24 17:42:11 ----D---- C:\Program Files\Common Files\Microsoft Shared2009-06-24 17:42:11 ----D---- C:\Program Files\Common Files2009-06-24 17:42:08 ----RA---- C:\WINDOWS\System32\kbdtuq.dll2009-06-24 17:42:08 ----RA---- C:\WINDOWS\System32\kbdtuf.dll2009-06-24 17:42:08 ----RA---- C:\WINDOWS\System32\kbdazel.dll2009-06-24 17:42:07 ----RA---- C:\WINDOWS\System32\kbdycc.dll2009-06-24 17:42:07 ----RA---- C:\WINDOWS\System32\kbduzb.dll2009-06-24 17:42:07 ----RA---- C:\WINDOWS\System32\kbdur.dll2009-06-24 17:42:07 ----RA---- C:\WINDOWS\System32\kbdtat.dll2009-06-24 17:42:07 ----RA---- C:\WINDOWS\System32\kbdru1.dll2009-06-24 17:42:07 ----RA---- C:\WINDOWS\System32\kbdru.dll2009-06-24 17:42:07 ----RA---- C:\WINDOWS\System32\kbdmon.dll2009-06-24 17:42:07 ----RA---- C:\WINDOWS\System32\kbdkyr.dll2009-06-24 17:42:07 ----RA---- C:\WINDOWS\System32\kbdkaz.dll2009-06-24 17:42:07 ----RA---- C:\WINDOWS\System32\kbdbu.dll2009-06-24 17:42:07 ----RA---- C:\WINDOWS\System32\kbdblr.dll2009-06-24 17:42:07 ----RA---- C:\WINDOWS\System32\kbdaze.dll2009-06-24 17:42:05 ----RA---- C:\WINDOWS\System32\kbdhept.dll2009-06-24 17:42:05 ----RA---- C:\WINDOWS\System32\kbdhela3.dll2009-06-24 17:42:05 ----RA---- C:\WINDOWS\System32\kbdhela2.dll2009-06-24 17:42:05 ----RA---- C:\WINDOWS\System32\kbdhe319.dll2009-06-24 17:42:05 ----RA---- C:\WINDOWS\System32\kbdhe220.dll2009-06-24 17:42:05 ----RA---- C:\WINDOWS\System32\kbdhe.dll2009-06-24 17:42:05 ----RA---- C:\WINDOWS\System32\kbdgkl.dll2009-06-24 17:42:04 ----RA---- C:\WINDOWS\System32\kbdlv1.dll2009-06-24 17:42:04 ----RA---- C:\WINDOWS\System32\kbdlv.dll2009-06-24 17:42:04 ----RA---- C:\WINDOWS\System32\kbdlt1.dll2009-06-24 17:42:04 ----RA---- C:\WINDOWS\System32\kbdlt.dll2009-06-24 17:42:04 ----RA---- C:\WINDOWS\System32\kbdest.dll2009-06-24 17:42:01 ----A---- C:\WINDOWS\System32\kbdsl1.dll2009-06-24 17:42:01 ----A---- C:\WINDOWS\System32\kbdsl.dll2009-06-24 17:42:01 ----A---- C:\WINDOWS\System32\kbdro.dll2009-06-24 17:42:01 ----A---- C:\WINDOWS\System32\kbdhu1.dll2009-06-24 17:42:01 ----A---- C:\WINDOWS\System32\kbdhu.dll2009-06-24 17:42:01 ----A---- C:\WINDOWS\System32\kbdcz2.dll2009-06-24 17:42:01 ----A---- C:\WINDOWS\System32\kbdcz1.dll2009-06-24 17:42:01 ----A---- C:\WINDOWS\System32\kbdcz.dll2009-06-24 17:42:01 ----A---- C:\WINDOWS\System32\kbdcr.dll2009-06-24 17:42:00 ----A---- C:\WINDOWS\System32\kbdycl.dll2009-06-24 17:42:00 ----A---- C:\WINDOWS\System32\KBDAL.DLL2009-06-24 17:42:00 ----A---- C:\WINDOWS\System32\irclass.dll2009-06-24 17:41:59 ----A---- C:\WINDOWS\System32\spxcoins.dll2009-06-24 17:41:59 ----A---- C:\WINDOWS\System32\EqnClass.Dll2009-06-24 17:41:59 ----A---- C:\WINDOWS\System32\dgsetup.dll2009-06-24 17:41:59 ----A---- C:\WINDOWS\System32\dgrpsetu.dll2009-06-24 17:41:59 ----A---- C:\WINDOWS\System32\batt.dll2009-06-24 17:41:57 ----N---- C:\WINDOWS\System32\CONFIG.TMP2009-06-24 17:41:57 ----A---- C:\WINDOWS\TASKMAN.EXE2009-06-24 17:41:57 ----A---- C:\WINDOWS\NOTEPAD.EXE2009-06-24 17:41:56 ----A---- C:\WINDOWS\System32\storprop.dll2009-06-24 17:41:48 ----ASH---- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini2009-06-24 17:41:44 ----RA---- C:\WINDOWS\SET7.tmp2009-06-24 17:41:42 ----RA---- C:\WINDOWS\SET3.tmp2009-06-24 17:41:36 ----D---- C:\WINDOWS\System32\CatRoot22009-06-24 17:41:36 ----D---- C:\WINDOWS\System32\CatRoot2009-06-24 17:41:30 ----SD---- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft2009-06-24 17:41:21 ----A---- C:\WINDOWS\setuplog.txt2009-06-24 17:41:17 ----D---- C:\Documents and Settings2009-06-24 17:28:04 ----SHD---- C:\RECYCLER2009-06-24 17:06:38 ----A---- C:\WINDOWS\System32\MSVCR71.dll2009-06-24 17:06:38 ----A---- C:\WINDOWS\System32\MSVCP71.dll2009-06-24 17:06:38 ----A---- C:\WINDOWS\System32\MFC71.dll2009-06-24 17:06:35 ----D---- C:\Program Files\Alwil Software2009-06-24 17:04:57 ----A---- C:\WINDOWS\System32\vusetup.dll2009-06-24 17:04:25 ----A---- C:\WINDOWS\IsUn0415.exe2009-06-24 17:03:27 ----A---- C:\WINDOWS\CMISETUP.INI2009-06-24 17:03:27 ----A---- C:\WINDOWS\CMCDPLAY.INI2009-06-24 17:03:24 ----A---- C:\WINDOWS\Wininit.ini2009-06-24 17:03:24 ----A---- C:\WINDOWS\System32\udaprop.dll2009-06-24 17:03:23 ----A---- C:\WINDOWS\System32\cmuda.dll2009-06-24 17:03:23 ----A---- C:\WINDOWS\System32\cmirmdrv.exe2009-06-24 17:03:23 ----A---- C:\WINDOWS\System32\cmirmdrv.dll2009-06-24 17:03:23 ----A---- C:\WINDOWS\System32\Audio3D.dll2009-06-24 17:03:23 ----A---- C:\WINDOWS\System32\a3d.dll2009-06-24 17:03:22 ----D---- C:\Program Files\C-Media 3D Audio2009-06-24 17:03:22 ----A---- C:\WINDOWS\CMIUninstall.exe2009-06-24 17:03:22 ----A---- C:\WINDOWS\CmiRmRedundDir.exe2009-06-24 17:03:22 ----A---- C:\WINDOWS\CMIRmDriver.dll2009-06-24 17:02:07 ----D---- C:\WINDOWS\System32\ReinstallBackups2009-06-24 17:01:53 ----A---- C:\WINDOWS\IsUninst.exe2009-06-24 17:00:12 ----HD---- C:\Program Files\InstallShield Installation Information2009-06-24 16:59:10 ----D---- C:\Program Files\VIA2009-06-24 16:59:06 ----D---- C:\Program Files\Common Files\InstallShield2009-06-24 16:58:14 ----RSH---- C:\8paf1d.com2009-06-24 16:57:20 ----SHD---- C:\WINDOWS\Installer2009-06-24 16:57:17 ----D---- C:\Documents and Settings\kania\Dane aplikacji\Identities2009-06-24 16:57:11 ----HD---- C:\Program Files\Uninstall Information2009-06-24 16:57:06 ----SD---- C:\Documents and Settings\kania\Dane aplikacji\Microsoft2009-06-24 16:57:06 ----ASH---- C:\Documents and Settings\kania\Dane aplikacji\desktop.ini2009-06-24 16:55:26 ----SHD---- C:\System Volume Information2009-06-24 16:55:25 ----D---- C:\WINDOWS\Prefetch2009-06-24 16:55:25 ----A---- C:\WINDOWS\SchedLgU.Txt2009-06-24 16:51:40 ----D---- C:\WINDOWS\System32\xircom2009-06-24 16:51:40 ----D---- C:\Program Files\xerox2009-06-24 16:51:40 ----D---- C:\Program Files\microsoft frontpage2009-06-24 16:51:14 ----A---- C:\WINDOWS\control.ini2009-06-24 16:51:14 ----A---- C:\AUTOEXEC.BAT2009-06-24 16:51:07 ----A---- C:\WINDOWS\OEWABLog.txt2009-06-24 16:51:03 ----A---- C:\WINDOWS\System32\mapi32.dll2009-06-24 16:50:11 ----SD---- C:\WINDOWS\Downloaded Program Files2009-06-24 16:50:11 ----RD---- C:\WINDOWS\Offline Web Pages2009-06-24 16:50:10 ----RAH---- C:\WINDOWS\System32\logonui.exe.manifest2009-06-24 16:50:05 ----RAH---- C:\WINDOWS\System32\cdplayer.exe.manifest2009-06-24 16:49:49 ----D---- C:\WINDOWS\srchasst2009-06-24 16:49:41 ----D---- C:\WINDOWS\System32\Macromed2009-06-24 16:49:41 ----D---- C:\WINDOWS\System32\DirectX2009-06-24 16:49:31 ----A---- C:\WINDOWS\System32\qmgrprxy.dll2009-06-24 16:49:31 ----A---- C:\WINDOWS\System32\qmgr.dll2009-06-24 16:49:29 ----D---- C:\Program Files\Movie Maker2009-06-24 16:49:14 ----A---- C:\WINDOWS\System32\safrslv.dll2009-06-24 16:49:14 ----A---- C:\WINDOWS\System32\safrdm.dll2009-06-24 16:49:14 ----A---- C:\WINDOWS\System32\safrcdlg.dll2009-06-24 16:49:14 ----A---- C:\WINDOWS\System32\racpldlg.dll2009-06-24 16:49:14 ----A---- C:\WINDOWS\System32\atrace.dll2009-06-24 16:49:10 ----A---- C:\WINDOWS\System32\desktop.ini2009-06-24 16:49:10 ----A---- C:\WINDOWS\desktop.ini2009-06-24 16:49:04 ----D---- C:\WINDOWS\System32\Restore2009-06-24 16:49:04 ----A---- C:\WINDOWS\System32\srsvc.dll2009-06-24 16:49:04 ----A---- C:\WINDOWS\System32\srrstr.dll2009-06-24 16:49:04 ----A---- C:\WINDOWS\System32\srclient.dll2009-06-24 16:49:03 ----D---- C:\Program Files\Windows Media Player2009-06-24 16:49:03 ----A---- C:\WINDOWS\System32\nmevtmsg.dll2009-06-24 16:49:03 ----A---- C:\WINDOWS\System32\mnmdd.dll2009-06-24 16:49:03 ----A---- C:\WINDOWS\System32\isrdbg32.dll2009-06-24 16:49:03 ----A---- C:\WINDOWS\System32\ils.dll2009-06-24 16:49:02 ----A---- C:\WINDOWS\System32\nmmkcert.dll2009-06-24 16:49:02 ----A---- C:\WINDOWS\System32\msconf.dll2009-06-24 16:49:02 ----A---- C:\WINDOWS\System32\mnmsrvc.exe2009-06-24 16:48:59 ----D---- C:\WINDOWS\PCHEALTH2009-06-24 16:48:59 ----D---- C:\Program Files\NetMeeting2009-06-24 16:48:59 ----A---- C:\WINDOWS\System32\msoert2.dll2009-06-24 16:48:59 ----A---- C:\WINDOWS\System32\acctres.dll2009-06-24 16:48:58 ----D---- C:\Program Files\Common Files\Services2009-06-24 16:48:58 ----A---- C:\WINDOWS\System32\msoeacct.dll2009-06-24 16:48:57 ----A---- C:\WINDOWS\System32\inetres.dll2009-06-24 16:48:57 ----A---- C:\WINDOWS\System32\inetcomm.dll2009-06-24 16:48:53 ----SD---- C:\WINDOWS\Tasks2009-06-24 16:48:53 ----D---- C:\Program Files\Outlook Express2009-06-24 16:48:53 ----A---- C:\WINDOWS\System32\schedsvc.dll2009-06-24 16:48:53 ----A---- C:\WINDOWS\System32\mstinit.exe2009-06-24 16:48:53 ----A---- C:\WINDOWS\System32\mstask.dll2009-06-24 16:48:53 ----A---- C:\WINDOWS\System32\isign32.dll2009-06-24 16:48:53 ----A---- C:\WINDOWS\System32\icwphbk.dll2009-06-24 16:48:53 ----A---- C:\WINDOWS\System32\icwdial.dll2009-06-24 16:48:52 ----A---- C:\WINDOWS\System32\inetcfg.dll2009-06-24 16:48:52 ----A---- C:\WINDOWS\System32\icfgnt5.dll2009-06-24 16:48:50 ----D---- C:\Program Files\Common Files\MSSoap2009-06-24 16:48:47 ----D---- C:\Program Files\Common Files\System2009-06-24 16:48:43 ----D---- C:\Program Files\Internet Explorer2009-06-24 16:48:05 ----D---- C:\Program Files\ComPlus Applications2009-06-24 16:48:03 ----A---- C:\WINDOWS\vbaddin.ini2009-06-24 16:48:03 ----A---- C:\WINDOWS\vb.ini2009-06-24 16:47:59 ----D---- C:\WINDOWS\Registration2009-06-24 16:47:53 ----HD---- C:\Program Files\WindowsUpdate2009-06-24 16:47:53 ----D---- C:\Program Files\Usługi online2009-06-24 16:47:47 ----D---- C:\Program Files\Messenger2009-06-24 16:47:43 ----D---- C:\Program Files\MSN2009-06-24 16:47:39 ----D---- C:\Program Files\MSN Gaming Zone2009-06-24 16:47:39 ----A---- C:\WINDOWS\System32\write.exe2009-06-24 16:47:31 ----A---- C:\WINDOWS\System32\sndvol32.exe2009-06-24 16:47:31 ----A---- C:\WINDOWS\System32\sndrec32.exe2009-06-24 16:47:31 ----A---- C:\WINDOWS\System32\mplay32.exe2009-06-24 16:47:31 ----A---- C:\WINDOWS\System32\accwiz.exe2009-06-24 16:47:30 ----D---- C:\Program Files\Windows NT2009-06-24 16:47:30 ----A---- C:\WINDOWS\System32\winchat.exe2009-06-24 16:47:30 ----A---- C:\WINDOWS\System32\hypertrm.dll2009-06-24 16:47:30 ----A---- C:\WINDOWS\System32\hticons.dll2009-06-24 16:47:30 ----A---- C:\WINDOWS\System32\avwav.dll2009-06-24 16:47:30 ----A---- C:\WINDOWS\System32\avtapi.dll2009-06-24 16:47:30 ----A---- C:\WINDOWS\System32\avmeter.dll2009-06-24 16:47:28 ----A---- C:\WINDOWS\System32\mspaint.exe2009-06-24 16:47:25 ----A---- C:\WINDOWS\System32\clipbrd.exe2009-06-24 16:47:24 ----A---- C:\WINDOWS\System32\getuname.dll2009-06-24 16:47:23 ----A---- C:\WINDOWS\System32\winmine.exe2009-06-24 16:47:23 ----A---- C:\WINDOWS\System32\spider.exe2009-06-24 16:47:23 ----A---- C:\WINDOWS\System32\sol.exe2009-06-24 16:47:23 ----A---- C:\WINDOWS\System32\mshearts.exe2009-06-24 16:47:23 ----A---- C:\WINDOWS\System32\charmap.exe2009-06-24 16:47:23 ----A---- C:\WINDOWS\System32\calc.exe2009-06-24 16:47:22 ----A---- C:\WINDOWS\System32\wuauserv.dll2009-06-24 16:47:22 ----A---- C:\WINDOWS\System32\wuaueng.dll2009-06-24 16:47:22 ----A---- C:\WINDOWS\System32\wuauclt.exe2009-06-24 16:47:22 ----A---- C:\WINDOWS\System32\tscfgwmi.dll2009-06-24 16:47:22 ----A---- C:\WINDOWS\System32\freecell.exe2009-06-24 16:47:21 ----A---- C:\WINDOWS\System32\usrlogon.cmd2009-06-24 16:47:21 ----A---- C:\WINDOWS\System32\tsshutdn.exe2009-06-24 16:47:21 ----A---- C:\WINDOWS\System32\tslabels.ini2009-06-24 16:47:21 ----A---- C:\WINDOWS\System32\tskill.exe2009-06-24 16:47:21 ----A---- C:\WINDOWS\System32\tsdiscon.exe2009-06-24 16:47:21 ----A---- C:\WINDOWS\System32\tscupgrd.exe2009-06-24 16:47:21 ----A---- C:\WINDOWS\System32\tscon.exe2009-06-24 16:47:21 ----A---- C:\WINDOWS\System32\sessmgr.exe2009-06-24 16:47:21 ----A---- C:\WINDOWS\System32\reset.exe2009-06-24 16:47:21 ----A---- C:\WINDOWS\System32\remotepg.dll2009-06-24 16:47:21 ----A---- C:\WINDOWS\System32\rdshost.exe2009-06-24 16:47:21 ----A---- C:\WINDOWS\System32\rdsaddin.exe2009-06-24 16:47:21 ----A---- C:\WINDOWS\System32\rdchost.dll2009-06-24 16:47:21 ----A---- C:\WINDOWS\System32\mstscax.dll2009-06-24 16:47:21 ----A---- C:\WINDOWS\System32\mstsc.exe2009-06-24 16:47:20 ----A---- C:\WINDOWS\System32\termsrv.dll2009-06-24 16:47:20 ----A---- C:\WINDOWS\System32\shadow.exe2009-06-24 16:47:20 ----A---- C:\WINDOWS\System32\rwinsta.exe2009-06-24 16:47:20 ----A---- C:\WINDOWS\System32\regini.exe2009-06-24 16:47:20 ----A---- C:\WINDOWS\System32\rdpwsx.dll2009-06-24 16:47:20 ----A---- C:\WINDOWS\System32\rdpsnd.dll2009-06-24 16:47:20 ----A---- C:\WINDOWS\System32\rdpclip.exe2009-06-24 16:47:20 ----A---- C:\WINDOWS\System32\rdpcfgex.dll2009-06-24 16:47:20 ----A---- C:\WINDOWS\System32\qwinsta.exe2009-06-24 16:47:20 ----A---- C:\WINDOWS\System32\qprocess.exe2009-06-24 16:47:20 ----A---- C:\WINDOWS\System32\qappsrv.exe2009-06-24 16:47:20 ----A---- C:\WINDOWS\System32\msg.exe2009-06-24 16:47:20 ----A---- C:\WINDOWS\System32\logoff.exe2009-06-24 16:47:20 ----A---- C:\WINDOWS\System32\icaapi.dll2009-06-24 16:47:20 ----A---- C:\WINDOWS\System32\cfgbkend.dll2009-06-24 16:47:19 ----D---- C:\WINDOWS\System32\MsDtc2009-06-24 16:47:19 ----A---- C:\WINDOWS\System32\xolehlp.dll2009-06-24 16:47:19 ----A---- C:\WINDOWS\System32\mtxoci.dll2009-06-24 16:47:19 ----A---- C:\WINDOWS\System32\msdtcuiu.dll2009-06-24 16:47:19 ----A---- C:\WINDOWS\System32\msdtctm.dll2009-06-24 16:47:19 ----A---- C:\WINDOWS\System32\msdtcprx.dll2009-06-24 16:47:19 ----A---- C:\WINDOWS\System32\msdtcprf.ini2009-06-24 16:47:19 ----A---- C:\WINDOWS\System32\msdtclog.dll2009-06-24 16:47:19 ----A---- C:\WINDOWS\System32\msdtc.exe2009-06-24 16:47:19 ----A---- C:\WINDOWS\System32\cdmodem.dll2009-06-24 16:47:18 ----A---- C:\WINDOWS\System32\dcomcnfg.exe2009-06-24 16:47:17 ----D---- C:\WINDOWS\System32\Com2009-06-24 16:47:17 ----A---- C:\WINDOWS\System32\stclient.dll2009-06-24 16:47:17 ----A---- C:\WINDOWS\System32\mtxlegih.dll2009-06-24 16:47:17 ----A---- C:\WINDOWS\System32\mtxex.dll2009-06-24 16:47:17 ----A---- C:\WINDOWS\System32\mtxdm.dll2009-06-24 16:47:17 ----A---- C:\WINDOWS\System32\comrepl.dll2009-06-24 16:47:17 ----A---- C:\WINDOWS\System32\comaddin.dll2009-06-24 16:47:17 ----A---- C:\WINDOWS\System32\colbact.dll2009-06-24 16:47:17 ----A---- C:\WINDOWS\System32\catsrvps.dll2009-06-24 16:47:16 ----A---- C:\WINDOWS\System32\comuid.dll2009-06-24 16:47:16 ----A---- C:\WINDOWS\System32\comsvcs.dll2009-06-24 16:47:16 ----A---- C:\WINDOWS\System32\comsnap.dll2009-06-24 16:47:16 ----A---- C:\WINDOWS\System32\clbcatq.dll2009-06-24 16:47:16 ----A---- C:\WINDOWS\System32\clbcatex.dll2009-06-24 16:47:16 ----A---- C:\WINDOWS\System32\catsrvut.dll2009-06-24 16:47:16 ----A---- C:\WINDOWS\System32\catsrv.dll2009-06-24 16:47:07 ----A---- C:\WINDOWS\System32\wmimgmt.msc2009-06-24 16:47:06 ----A---- C:\WINDOWS\System32\servdeps.dll2009-06-24 16:47:06 ----A---- C:\WINDOWS\System32\mmfutil.dll2009-06-24 16:47:06 ----A---- C:\WINDOWS\System32\licwmi.dll2009-06-24 16:47:06 ----A---- C:\WINDOWS\System32\cmprops.dll======List of files/folders modified in the last 1 months======2009-06-25 17:47:32 ----A---- C:\WINDOWS\win.ini2009-06-24 17:42:10 ----A---- C:\WINDOWS\system.ini======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======R3 alcan5wn;SpeedTouch USB ADSL PPP Networking Driver (NDISWAN); C:\WINDOWS\System32\DRIVERS\alcan5wn.sys [2003-12-08 53600]R3 alcaudsl;SpeedTouch ADSL Modem ATM Transport; C:\WINDOWS\System32\DRIVERS\alcaudsl.sys [2003-12-08 70688]R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2004-08-23 821760]R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\System32\DRIVERS\fetnd5b.sys [2003-11-11 41984]R3 hidusb;Sterownik Microsoft klasy HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-08-18 9600]R3 mouhid;Sterownik myszy HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-26 12160]R3 nv4;nv4; C:\WINDOWS\System32\DRIVERS\nv4.sys [2001-08-17 731648]R3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2001-08-18 24960]R3 usbhub;Koncentrator z obsługą USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2001-08-18 50688]R3 usbprint;Klasa PRINTER USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2001-08-17 24832]R3 usbstor;Sterownik magazynu masowego USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2001-08-18 21760]R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2001-08-18 18944]R3 vulfntrs;VIA USB Roothub Lower Filter; C:\WINDOWS\System32\Drivers\vulfntr.sys [2002-11-13 10496]S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []S2 acpi32;acpi32; \??\C:\WINDOWS\system32\drivers\acpi32.sys []S2 systemntmi;systemntmi; \??\C:\WINDOWS\system32\drivers\systemntmi.sys []S3 AVPsys;AVPsys; \??\C:\WINDOWS\System32\drivers\cdaudio.sys []S3 ezplay;VSO Software ezplay; C:\WINDOWS\System32\Drivers\ezplay.sys [2009-06-25 94208]S3 FETNDIS;Sterownik NT karty VIA PCI 10/100Mb Fast Ethernet; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]S3 NTSIM;NTSIM; \??\C:\WINDOWS\System32\ntsim.sys []S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-06-25 47360]S3 vulfnths;VIA USB Host Controller Lower Filter; C:\WINDOWS\System32\Drivers\vulfnth.sys [2002-10-24 6912]S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []S4 IntelIde;IntelIde; C:\WINDOWS\System32\drivers\IntelIde.sys []======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======R2 Local Service;Local Service; C:\WINDOWS\wuaucpl.exe [2009-06-24 415232]-----------------EOF----------------- dzieki chlopaki! wszystko chodzi bez zarzutu. dobrze ze sa takie fora!! pozdrawiam!
Gość komentarz 27 czerwca 2009 komentarz 27 czerwca 2009 Tutaj potrzebny będzie log z ComboFixa, daj nam go. .
siankaa komentarz 27 czerwca 2009 Autor komentarz 27 czerwca 2009 no już zaraz zainstaluje ten program. ale wiecie co jednak nie wszytysko chodzi... mianowsicie sam mi sie wylacza komputer i wyskakuje niebieskie pole z napise page_faulut_in_nonpaged_area. informacje techniczne: ***STOP: 0x00000050 (0xE2158008,0x00000000,0x805702x8,0x00000001) ........... co robic
Psycholandia komentarz 27 czerwca 2009 komentarz 27 czerwca 2009 Do poczytania i zastosowania: http://support.microsoft.com/kb/903251/pl
siankaa komentarz 27 czerwca 2009 Autor komentarz 27 czerwca 2009 zrobiam to skanowanie camboxem po czym z 3 razy komputer musiał uruchamiać się ponownie... gg nie mogę wlączać gdyż jest używane przez iinny proces czy coś takiego, na końcu skanowania tym programem wyskoczyla informacja że ten program jest podszywany pod jakiś inny program i że może wprowadzić on wirusa o jakieś tam nazwie ;/ mogłam zrobić screena. jednym słowem komp zamula i to bardzooo. a chodził tak szybciutko przed tym camboxem;/ no już zaraz zainstaluje ten program. ale wiecie co jednak nie wszytysko chodzi... mianowsicie sam mi sie wylacza komputer i wyskakuje niebieskie pole z napise page_faulut_in_nonpaged_area. informacje techniczne: ***STOP: 0x00000050 (0xE2158008,0x00000000,0x805702x8,0x00000001) ........... co robic ten blad u gory juz nie wyskakuje... jak narazie. zrobiam to skanowanie camboxem po czym z 3 razy komputer musiał uruchamiać się ponownie... gg nie mogę wlączać gdyż jest używane przez iinny proces czy coś takiego, na końcu skanowania tym programem wyskoczyla informacja że ten program jest podszywany pod jakiś inny program i że może wprowadzić on wirusa o jakieś tam nazwie ;/ mogłam zrobić screena. jednym słowem komp zamula i to bardzooo. a chodził tak szybciutko przed tym camboxem;/ a tutaj Wam daje loga o ile to jest to ComboFix 09-06-26.02 - kania 2009-06-27 20:59.1 - NTFSx86Microsoft Windows XP Professional 5.1.2600.0.1250.48.1045.18.383.168 [GMT 2:00]Uruchomiony z: c:\documents and settings\kania\Pulpit\ComboFix.exe.((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))).C:\autorun.infc:\documents and settings\kania\Dane aplikacji\inst.exec:\documents and settings\kania\kania.exeC:\metdgv.batc:\windows\Help\agt0405.hlpc:\windows\Help\agt0408.hlpc:\windows\Help\agt0415.hlpc:\windows\Help\agt0419.hlpc:\windows\system32\drivers\acpi32.sysc:\windows\system32\drivers\fips32cup.sysc:\windows\system32\drivers\i386si.sysc:\windows\system32\drivers\ksi32sk.sysc:\windows\system32\drivers\nicsk32.sysc:\windows\system32\drivers\port135sik.sysc:\windows\system32\drivers\systemntmi.sysc:\windows\system32\ic:\windows\system32\nmdfgds0.dllc:\windows\system32\nmdfgds1.dllc:\windows\system32\olhrwef.exeD:\0xuc.comD:\autorun.infD:\cahpcg.cmdD:\d9c.batD:\e2.cmdD:\fbak.exeD:\fsaht.cmdD:\g1ljsm.comD:\gbm6n.exeD:\gclwpivc.cmdD:\lad.batD:\m.comD:\metdgv.batD:\mt.batD:\q9.cmdD:\rbj9jn1n.batD:\sv8c2bjw.batD:\xh319r9b.batD:\y6yol.exe.((((((((((((((((((((((((((((((((((((((( Sterowniki/Usługi ))))))))))))))))))))))))))))))))))))))))))))))))).-------\Legacy_ACPI32-------\Legacy_ATI64SI-------\Legacy_FIPS32CUP-------\Legacy_I386SI-------\Legacy_KSI32SK-------\Legacy_NETSIK-------\Legacy_NICSK32-------\Legacy_PORT135SIK-------\Legacy_SECURENTM-------\Legacy_SYSTEMNTMI-------\Legacy_WS2_32SIK-------\Service_acpi32-------\Service_AVPsys-------\Service_fips32cup-------\Service_i386si-------\Service_ksi32sk-------\Service_nicsk32-------\Service_port135sik-------\Service_systemntmi((((((((((((((((((((((((( Pliki utworzone od 2009-05-27 do 2009-06-27 ))))))))))))))))))))))))))))))).2009-06-27 11:14 . 2009-06-27 11:14 -------- d-----w- c:\program files\Debugging Tools for Windows2009-06-26 13:34 . 2001-10-25 22:40 31776 ----a-w- c:\windows\system32\drivers\AFPAnsi.sys2009-06-26 13:34 . 2009-06-26 13:34 -------- d-----w- c:\program files\G DATA Software2009-06-26 13:05 . 2009-06-26 13:05 -------- d-----w- c:\documents and settings\kania\Dane aplikacji\Malwarebytes2009-06-26 13:05 . 2009-06-17 09:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys2009-06-26 13:04 . 2009-06-26 13:04 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Malwarebytes2009-06-26 13:04 . 2009-06-26 13:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware2009-06-26 13:04 . 2009-06-17 09:27 18456 ----a-w- c:\windows\system32\drivers\mbam.sys2009-06-26 11:39 . 2009-06-27 09:10 -------- d-----w- c:\program files\trend micro2009-06-26 11:39 . 2009-06-26 11:40 -------- d-----w- C:\rsit2009-06-25 15:47 . 2009-06-25 15:49 -------- d-----w- c:\program files\Opera2009-06-25 15:46 . 2009-06-25 15:46 -------- d-----w- C:\col39292009-06-25 14:28 . 2009-06-25 14:28 -------- d-----w- c:\documents and settings\kania\Dane aplikacji\Gadu-Gadu2009-06-25 12:57 . 2009-06-25 15:13 -------- d-----w- c:\documents and settings\kania\Ustawienia lokalne\Dane aplikacji\Ahead2009-06-25 12:54 . 2009-06-25 12:54 -------- d-----w- c:\documents and settings\kania\Dane aplikacji\Ahead2009-06-25 12:53 . 2009-06-25 12:53 -------- d-----w- c:\program files\Nero2009-06-25 12:53 . 2009-06-25 12:53 -------- d-----w- c:\program files\Common Files\Ahead2009-06-25 12:33 . 2009-06-25 12:33 -------- d-----w- c:\program files\Winamp2009-06-25 11:30 . 2009-06-25 15:50 94208 ----a-w- c:\documents and settings\kania\Dane aplikacji\ezplay.sys2009-06-25 11:30 . 2009-06-25 11:30 94208 ----a-w- c:\windows\system32\drivers\ezplay.sys2009-06-25 11:29 . 2009-06-25 15:50 47360 ----a-w- c:\documents and settings\kania\Dane aplikacji\pcouffin.sys2009-06-25 11:29 . 2009-06-25 11:29 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys2009-06-25 11:29 . 2009-06-25 15:50 -------- d-----w- c:\documents and settings\kania\Dane aplikacji\Vso2009-06-24 21:35 . 2009-06-27 12:28 -------- d-----w- c:\documents and settings\kania\Dane aplikacji\Ventrilo2009-06-24 21:34 . 2009-06-24 21:34 -------- d-----w- c:\program files\Ventrilo2009-06-24 21:34 . 2009-06-24 21:34 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard2009-06-24 20:46 . 2009-06-24 20:46 -------- d-----w- c:\documents and settings\kania\Dane aplikacji\GetRightToGo.(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))).2009-06-27 19:02 . 2009-06-24 16:45 -------- d-----w- c:\program files\AutoConnect2009-06-26 13:34 . 2009-06-24 15:00 -------- d--h--w- c:\program files\InstallShield Installation Information2009-06-25 15:49 . 2009-06-24 16:04 -------- d-----w- c:\program files\Yahoo!2009-06-25 12:25 . 2009-06-24 15:06 -------- d-----w- c:\program files\Alwil Software2009-06-24 16:30 . 2009-06-24 15:56 2950 ----a-w- c:\windows\mozver.dat2009-06-24 16:08 . 2009-06-24 16:08 415232 --sh--r- c:\windows\wuaucpl.exe2009-06-24 15:57 . 2009-06-24 15:57 -------- d-----w- c:\program files\Gadu-Gadu2009-06-24 15:57 . 2001-10-26 16:15 49492 ----a-w- c:\windows\system32\perfc015.dat2009-06-24 15:57 . 2001-10-26 16:15 355486 ----a-w- c:\windows\system32\perfh015.dat2009-06-24 15:56 . 2009-06-24 15:56 0 ----a-w- c:\windows\nsreg.dat2009-06-24 15:49 . 2009-06-24 15:44 -------- d-----w- c:\program files\Neostrada TP2009-06-24 15:45 . 2009-06-24 15:45 -------- d-----w- c:\program files\Thomson2009-06-24 15:45 . 2009-06-24 15:45 -------- d-----w- c:\program files\Java Web Start2009-06-24 15:45 . 2009-06-24 15:45 -------- d-----w- c:\program files\Java2009-06-24 15:45 . 2009-06-24 14:59 -------- d-----w- c:\program files\Common Files\InstallShield2009-06-24 15:03 . 2009-06-24 15:03 -------- d-----w- c:\program files\C-Media 3D Audio2009-06-24 15:00 . 2009-06-24 14:59 -------- d-----w- c:\program files\VIA2009-06-24 14:51 . 2009-06-24 14:51 -------- d-----w- c:\program files\microsoft frontpage2009-06-24 14:50 . 2009-06-24 14:50 80007 ----a-w- c:\windows\PCHEALTH\HELPCTR\OfflineCache\index.dat2009-06-24 14:49 . 2009-06-24 14:47 -------- d-----w- c:\program files\Usługi online2009-06-24 14:48 . 2009-06-24 14:48 21856 ----a-w- c:\windows\system32\emptyregdb.dat2009-06-24 06:29 . 2009-06-24 14:58 106448 --sh--r- C:\8paf1d.com.((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))..*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="c:\windows\System32\ctfmon.exe" [2001-10-26 13312]"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2001-08-02 1077277]"Gadu-Gadu"="c:\program files\Gadu-Gadu\gg.exe" [2008-03-20 2127296]"AutoConnect"="c:\program files\AutoConnect\AutoConnect.exe" [2004-08-28 295424]"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\lib\NMBgMonitor.exe" [2005-10-28 94208][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"RaidTool"="c:\program files\VIA\RAID\raid_tool.exe" [2005-06-20 1056768]"SpeedTouch USB Diagnostics"="c:\program files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-01-26 866816]"WinampAgent"="c:\program files\Winamp\winampa.exe" [2004-12-20 33792]"NeroFilterCheck"="c:\windows\System32\NeroCheck.exe" [2001-07-09 155648]"Hidder"="c:\progra~1\GDATAS~1\SEKRET~1\Hidder.exe" [2002-06-03 565248][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2001-10-26 13312]c:\documents and settings\All Users\Menu Start\Programy\Autostart\WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2009-6-24 118784][HKEY_LOCAL_MACHINE\software\microsoft\security center]"AntiVirusOverride"=dword:00000001"FirewallOverride"=dword:00000001"AntiVirusDisableNotify"=dword:00000001"UpdatesDisableNotify"=dword:00000001[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"DEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~€‚ƒ„…†‡ˆ‰Š‹ŚŤŽŹ‘’“”•–—˜™Š›ŚŤŽŹ ˇ˘Ł¤Ą¦§¨©Ş«¬®ŻÄü"=R0 AFPAnsi;G-DATA UkrywaczAnsi;c:\windows\system32\drivers\AFPAnsi.sys [2009-06-26 31776]R2 Local Service;Local Service;c:\windows\wuaucpl.exe [2009-06-24 415232].- - - - USUNIĘTO PUSTE WPISY - - - -HKLM-Run-Cmaudio - cmicnfg.cplHKU-Default-Run-Microsoft Windows Update - apps.exeHKU-Default-RunOnce-Microsoft Windows Update - apps.exe.------- Skan uzupełniający -------.IE: {{c95fe080-8f5d-11d2-a20b-00aa003c157a} - %SystemRoot%\web\related.htmTCP: {C9E40043-5F0C-4453-8A9E-0D06FD023813} = 213.241.79.37 83.238.255.76FF - ProfilePath - c:\documents and settings\kania\Dane aplikacji\Mozilla\Firefox\Profiles\zfwwrt76.default\FF - prefs.js: browser.search.selectedEngine - GoogleFF - prefs.js: network.proxy.ftp - 217.98.20.20FF - prefs.js: network.proxy.ftp_port - 8080FF - prefs.js: network.proxy.gopher - 217.98.20.20FF - prefs.js: network.proxy.gopher_port - 8080FF - prefs.js: network.proxy.http - 217.98.20.20FF - prefs.js: network.proxy.http_port - 8080FF - prefs.js: network.proxy.socks - 217.98.20.20FF - prefs.js: network.proxy.socks_port - 8080FF - prefs.js: network.proxy.ssl - 217.98.20.20FF - prefs.js: network.proxy.ssl_port - 8080FF - prefs.js: network.proxy.type - 4FF - plugin: c:\program files\Java\j2re1.4.0_03\bin\NPJava11.dllFF - plugin: c:\program files\Java\j2re1.4.0_03\bin\NPJava12.dllFF - plugin: c:\program files\Java\j2re1.4.0_03\bin\NPJava13.dllFF - plugin: c:\program files\Java\j2re1.4.0_03\bin\NPJava32.dllFF - plugin: c:\program files\Java\j2re1.4.0_03\bin\NPJPI140_03.dllFF - plugin: c:\program files\Java\j2re1.4.0_03\bin\NPOJI610.dll.**************************************************************************catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2009-06-27 21:02Windows 5.1.2600 NTFSskanowanie ukrytych procesów ... c:\windows\wuaucpl.exe [1448] 0x82368B30skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ... c:\windows\hide.conf 13 bytesskanowanie pomyślnie ukończoneukryte pliki: 1**************************************************************************.--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------- - - - - - - > 'winlogon.exe'(644)c:\windows\system32\ODBC32.dll- - - - - - - > 'lsass.exe'(708)c:\windows\system32\mswsock.dllc:\windows\System32\wshtcpip.dllc:\windows\System32\dssenh.dll.------------------------ Pozostałe uruchomione procesy ------------------------.c:\windows\system32\rundll32.exe.**************************************************************************.Czas ukończenia: 2009-06-27 21:03 - komputer został uruchomiony ponownieComboFix-quarantined-files.txt 2009-06-27 19:03Przed: 8 446 054 400 bajtów wolnychPo: 9 016 631 296 bajtów wolnychWinXP_PL_PRO_BF.EXE[boot loader]timeout=2default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS[operating systems]c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdconsmulti(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect219 // Logi wstawiaj w tagi [ code ] // NowakoV
MarekM25 komentarz 27 czerwca 2009 komentarz 27 czerwca 2009 (edytowane) Pobierz Avenger. W polu Input script here wklej taki tekst: (bez frazy kod): Files to delete:c:\windows\wuaucpl.exe Kliknij Execute. Komputer uruchomi się ponownie. I daj plik wygenerowany przez avenger: C:\avenger.txt Jeżeli on sobie nie poradzi to użyjemy cfscriptu Otwórz notatnik tekstowy i wklej do niego poniższy tekst: (bez frazy kod) Windows Registry Editor Version 5.00[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"DEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~???????????Š?ŚŤŽŹ???????=-???Š?ŚŤŽŹ ˇ˘Ł¤Ą?§¨?Ş???ŻÄü"=- Zapisz jako->Wybierz Wszystkie pliki->wpisz Fix.reg->Następnie kliknij na zapisany plik i uruchom komputer ponownie. Ale to jeszcze nie wszystko. Najlepiej przeskanuj komputer jakimś skanerem i podaj raport z tego skanowania na forum
siankaa komentarz 27 czerwca 2009 Autor komentarz 27 czerwca 2009 zrobilam co kazałeś oto log: Logfile of random's system information tool 1.06 (written by random/random)Run by kania at 2009-06-28 00:40:56Microsoft Windows XP Professional System drive C: has 8 GB (70%) free of 11 GBTotal RAM: 383 MB (47% free)Logfile of Trend Micro HijackThis v2.0.2Scan saved at 00:43:26, on 2009-06-28Platform: Windows XP (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 (6.00.2600.0000)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program Files\VIA\RAID\raid_tool.exeC:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exeC:\Program Files\Winamp\winampa.exeC:\WINDOWS\System32\apps.exeC:\WINDOWS\System32\upds.exeC:\WINDOWS\System32\WinSec.exeC:\WINDOWS\System32\ctfmon.exeC:\Program Files\Messenger\msmsgs.exeC:\Program Files\AutoConnect\AutoConnect.exeC:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exeC:\Program Files\WinZip\WZQKPICK.EXEC:\WINDOWS\System32\apps.exeC:\WINDOWS\System32\apps.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Documents and Settings\kania\Pulpit\RSIT.exeC:\Program Files\trend micro\kania.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = ŁączaR3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL (file missing)O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dllO3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocxO4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exeO4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /iconO4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exeO4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exeO4 - HKLM\..\Run: [Hidder] C:\PROGRA~1\GDATAS~1\SEKRET~1\Hidder.exe /startO4 - HKLM\..\Run: [internets] C:\WINDOWS\System32\WinSec.exeO4 - HKLM\..\Run: [Microsoft Windows Update] apps.exeO4 - HKLM\..\Run: [Windows System Update Tools] upds.exeO4 - HKLM\..\Run: [Java VM v6.9.2] C:\WINDOWS\System32\jdk-1_5_0_19-windows-i393-pp\jav.batO4 - HKLM\..\RunServices: [internets] C:\WINDOWS\System32\WinSec.exeO4 - HKLM\..\RunServices: [Microsoft Windows Update] apps.exeO4 - HKLM\..\RunServices: [Windows System Update Tools] upds.exeO4 - HKLM\..\RunOnce: [Microsoft Windows Update] apps.exeO4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exeO4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /backgroundO4 - HKCU\..\Run: [AutoConnect] C:\Program Files\AutoConnect\AutoConnect.exeO4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"O4 - HKCU\..\Run: [Microsoft Windows Update] apps.exeO4 - HKCU\..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe /trayO4 - HKCU\..\Run: [Java VM v6.9.2] C:\WINDOWS\System32\jdk-1_5_0_19-windows-i393-pp\jav.batO4 - HKCU\..\RunOnce: [Microsoft Windows Update] apps.exeO4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')O4 - HKUS\S-1-5-18\..\Run: [Microsoft Windows Update] apps.exe (User 'SYSTEM')O4 - HKUS\S-1-5-18\..\Run: [Java VM v6.9.2] C:\WINDOWS\System32\jdk-1_5_0_19-windows-i393-pp\jav.bat (User 'SYSTEM')O4 - HKUS\S-1-5-18\..\RunOnce: [Microsoft Windows Update] apps.exe (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')O4 - HKUS\.DEFAULT\..\RunOnce: [Microsoft Windows Update] apps.exe (User 'Default user')O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXEO9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htmO9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htmO17 - HKLM\System\CCS\Services\Tcpip\..\{C9E40043-5F0C-4453-8A9E-0D06FD023813}: NameServer = 213.241.79.37 83.238.255.76O23 - Service: Local Service - Unknown owner - C:\WINDOWS\wuaucpl.exe (file missing)--End of file - 4599 bytes======Registry dump======[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll [2003-11-04 54248][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]{8E718888-423F-11D2-876E-00A0C9082467} - &Radio - C:\WINDOWS\System32\msdxm.ocx [2001-10-26 846876][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]"RaidTool"=C:\Program Files\VIA\RAID\raid_tool.exe [2005-06-20 1064960]"SpeedTouch USB Diagnostics"=C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe [2004-01-26 873984]"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2004-12-20 40960]"NeroFilterCheck"=C:\WINDOWS\System32\NeroCheck.exe [2001-07-09 163840]"Hidder"=C:\PROGRA~1\GDATAS~1\SEKRET~1\Hidder.exe [2002-06-03 573440]"Internets"=C:\WINDOWS\System32\WinSec.exe [2009-06-27 241664]"Microsoft Windows Update"=C:\WINDOWS\system32\apps.exe [2009-06-27 351744]"Windows System Update Tools"=C:\WINDOWS\system32\upds.exe [2009-06-27 926720]"Java VM v6.9.2"=C:\WINDOWS\System32\jdk-1_5_0_19-windows-i393-pp\jav.bat [2008-03-06 87][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]"Microsoft Windows Update"=C:\WINDOWS\system32\apps.exe [2009-06-27 351744]"Java VM v6.9.2"= [][HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"=C:\WINDOWS\System32\ctfmon.exe [2001-10-26 20480]"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2001-08-02 1085469]"AutoConnect"=C:\Program Files\AutoConnect\AutoConnect.exe [2004-08-28 303104]"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe [2005-10-28 102400]"Microsoft Windows Update"=C:\WINDOWS\system32\apps.exe [2009-06-27 351744]"Gadu-Gadu"=C:\Program Files\Gadu-Gadu\gg.exe /tray []"Java VM v6.9.2"=C:\WINDOWS\System32\jdk-1_5_0_19-windows-i393-pp\jav.bat [2008-03-06 87][HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]"Microsoft Windows Update"=C:\WINDOWS\system32\apps.exe [2009-06-27 351744]C:\Documents and Settings\All Users\Menu Start\Programy\AutostartWinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]"dontdisplaylastusername"=0"legalnoticecaption"="legalnoticetext"="shutdownwithoutlogon"=1"undockwithoutlogon"=1[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]"NoDriveTypeAutoRun"=323"NoDriveAutoRun"=67108863"NoDrives"=0[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]"NoDriveAutoRun"="NoDriveTypeAutoRun"="NoDrives"=[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]"DEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~??????????Š?ŚŤŽŹ??????????Š?ŚŤŽŹ ˇ˘Ł¤Ą?§¨?Ş???ŻÄü"="DEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~??????????Š?ŚŤŽŹ??????????Š?ŚŤŽŹ ˇ˘Ł¤Ą?§¨?Ş???ŻÄü:*:Enabled:Nod32 Service""C:\WINDOWS\System32\WinSec.exe"="C:\WINDOWS\System32\WinSec.exe:*:Enabled:Internets""C:\WINDOWS\System32\upds.exe"="C:\WINDOWS\System32\upds.exe:*:Enabled:Windows System Update Tools""\??\C:\WINDOWS\system32\winlogon.exe"="\??\C:\WINDOWS\system32\winlogon.exe:*:enabled:@shell32.dll,-1""wmssvc.exe"="wmssvc.exe:*:Enabled:SYSTEM"[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]"wmssvc.exe"="wmssvc.exe:*:Enabled:SYSTEM"======List of files/folders created in the last 1 months======2009-06-28 00:23:43 ----D---- C:\Avenger2009-06-28 00:23:42 ----A---- C:\avenger.txt2009-06-28 00:03:42 ----D---- C:\WINDOWS\System32\jdk-1_5_0_19-windows-i393-pp2009-06-28 00:03:36 ----A---- C:\WINDOWS\System32\msmshdll1a.exe2009-06-27 23:38:48 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Adobe2009-06-27 23:38:32 ----D---- C:\Program Files\Common Files\Adobe2009-06-27 23:35:39 ----D---- C:\Program Files\Adobe2009-06-27 23:24:03 ----D---- C:\WINDOWS\Cache2009-06-27 23:22:37 ----D---- C:\Program Files\Gadu-Gadu2009-06-27 21:35:23 ----A---- C:\Bug.txt2009-06-27 21:26:37 ----SHD---- C:\RECYCLER2009-06-27 21:24:44 ----D---- C:\Program Files\PLAY ONLINE2009-06-27 21:17:19 ----RSH---- C:\WINDOWS\wmssvc.exe2009-06-27 21:15:01 ----A---- C:\WINDOWS\System32\win_04704.exe2009-06-27 21:12:29 ----RSH---- C:\WINDOWS\System32\upds.exe2009-06-27 21:06:01 ----A---- C:\WINDOWS\System32\yboz.bat2009-06-27 21:05:48 ----AH---- C:\WINDOWS\System32\lydvrsdg.exe2009-06-27 21:05:42 ----RSH---- C:\WINDOWS\System32\WinSec.exe2009-06-27 21:05:26 ----A---- C:\WINDOWS\System32\apps.exe2009-06-27 21:04:01 ----D---- C:\WINDOWS\temp2009-06-27 21:03:59 ----A---- C:\ComboFix.txt2009-06-27 20:58:36 ----A---- C:\Boot.bak2009-06-27 20:58:31 ----RASHD---- C:\cmdcons2009-06-27 20:56:58 ----A---- C:\WINDOWS\zip.exe2009-06-27 20:56:58 ----A---- C:\WINDOWS\SWXCACLS.exe2009-06-27 20:56:58 ----A---- C:\WINDOWS\SWSC.exe2009-06-27 20:56:58 ----A---- C:\WINDOWS\SWREG.exe2009-06-27 20:56:58 ----A---- C:\WINDOWS\sed.exe2009-06-27 20:56:58 ----A---- C:\WINDOWS\PEV.exe2009-06-27 20:56:58 ----A---- C:\WINDOWS\NIRCMD.exe2009-06-27 20:56:58 ----A---- C:\WINDOWS\grep.exe2009-06-27 20:56:52 ----D---- C:\WINDOWS\ERDNT2009-06-27 20:56:49 ----D---- C:\Qoobox2009-06-27 13:14:51 ----D---- C:\Program Files\Debugging Tools for Windows2009-06-26 15:34:38 ----D---- C:\Program Files\G DATA Software2009-06-26 15:05:47 ----D---- C:\Documents and Settings\kania\Dane aplikacji\Malwarebytes2009-06-26 15:04:51 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes2009-06-26 15:04:50 ----D---- C:\Program Files\Malwarebytes' Anti-Malware2009-06-26 13:56:01 ----A---- C:\WINDOWS\NeroDigital.ini2009-06-26 13:39:59 ----D---- C:\Program Files\trend micro2009-06-26 13:39:56 ----D---- C:\rsit2009-06-25 17:47:32 ----D---- C:\Documents and Settings\kania\Dane aplikacji\Opera2009-06-25 17:47:28 ----D---- C:\Program Files\Opera2009-06-25 17:46:55 ----D---- C:\col39292009-06-25 16:28:52 ----D---- C:\Documents and Settings\kania\Dane aplikacji\Gadu-Gadu2009-06-25 14:54:29 ----D---- C:\Documents and Settings\kania\Dane aplikacji\Ahead2009-06-25 14:53:17 ----D---- C:\Program Files\Nero2009-06-25 14:53:17 ----D---- C:\Program Files\Common Files\Ahead2009-06-25 14:46:30 ----D---- C:\WINDOWS\RegisteredPackages2009-06-25 14:35:37 ----A---- C:\WINDOWS\System32\wstdecod.dll2009-06-25 14:35:36 ----A---- C:\WINDOWS\System32\psisdecd.dll2009-06-25 14:35:36 ----A---- C:\WINDOWS\System32\msyuv.dll2009-06-25 14:35:36 ----A---- C:\WINDOWS\System32\msvidctl.dll2009-06-25 14:35:34 ----A---- C:\WINDOWS\System32\ksuser.dll2009-06-25 14:35:33 ----A---- C:\WINDOWS\System32\qedwipes.dll2009-06-25 14:35:32 ----A---- C:\WINDOWS\System32\qedit.dll2009-06-25 14:35:32 ----A---- C:\WINDOWS\System32\qasf.dll2009-06-25 14:35:32 ----A---- C:\WINDOWS\System32\mswebdvd.dll2009-06-25 14:35:32 ----A---- C:\WINDOWS\System32\msdmo.dll2009-06-25 14:35:31 ----A---- C:\WINDOWS\System32\quartz.dll2009-06-25 14:35:31 ----A---- C:\WINDOWS\System32\qdvd.dll2009-06-25 14:35:31 ----A---- C:\WINDOWS\System32\qdv.dll2009-06-25 14:35:31 ----A---- C:\WINDOWS\System32\qcap.dll2009-06-25 14:35:31 ----A---- C:\WINDOWS\System32\mciqtz32.dll2009-06-25 14:35:31 ----A---- C:\WINDOWS\System32\encapi.dll2009-06-25 14:35:30 ----A---- C:\WINDOWS\System32\devenum.dll2009-06-25 14:35:30 ----A---- C:\WINDOWS\System32\amstream.dll2009-06-25 14:35:29 ----A---- C:\WINDOWS\System32\dmusic.dll2009-06-25 14:35:29 ----A---- C:\WINDOWS\System32\dmsynth.dll2009-06-25 14:35:29 ----A---- C:\WINDOWS\System32\dmstyle.dll2009-06-25 14:35:29 ----A---- C:\WINDOWS\System32\dmloader.dll2009-06-25 14:35:29 ----A---- C:\WINDOWS\System32\dmime.dll2009-06-25 14:35:28 ----A---- C:\WINDOWS\System32\dswave.dll2009-06-25 14:35:28 ----A---- C:\WINDOWS\System32\dmscript.dll2009-06-25 14:35:28 ----A---- C:\WINDOWS\System32\dmcompos.dll2009-06-25 14:35:28 ----A---- C:\WINDOWS\System32\dmband.dll2009-06-25 14:35:28 ----A---- C:\WINDOWS\System32\dinput8.dll2009-06-25 14:35:28 ----A---- C:\WINDOWS\System32\d3d9.dll2009-06-25 14:35:27 ----A---- C:\WINDOWS\System32\d3d8.dll2009-06-25 14:35:26 ----A---- C:\WINDOWS\System32\dxdiagn.dll2009-06-25 14:35:26 ----A---- C:\WINDOWS\System32\dxdiag.exe2009-06-25 14:35:24 ----A---- C:\WINDOWS\System32\dxdllreg.exe2009-06-25 14:35:24 ----A---- C:\WINDOWS\System32\dsdmoprp.dll2009-06-25 14:35:24 ----A---- C:\WINDOWS\System32\dsdmo.dll2009-06-25 14:35:24 ----A---- C:\WINDOWS\System32\dpvvox.dll2009-06-25 14:35:24 ----A---- C:\WINDOWS\System32\dpvsetup.exe2009-06-25 14:35:24 ----A---- C:\WINDOWS\System32\dpvoice.dll2009-06-25 14:35:24 ----A---- C:\WINDOWS\System32\dpvacm.dll2009-06-25 14:35:23 ----A---- C:\WINDOWS\System32\dpnsvr.exe2009-06-25 14:35:23 ----A---- C:\WINDOWS\System32\dpnlobby.dll2009-06-25 14:35:23 ----A---- C:\WINDOWS\System32\dpnhpast.dll2009-06-25 14:35:23 ----A---- C:\WINDOWS\System32\dpnet.dll2009-06-25 14:35:22 ----A---- C:\WINDOWS\System32\pid.dll2009-06-25 14:35:22 ----A---- C:\WINDOWS\System32\dx8vb.dll2009-06-25 14:35:22 ----A---- C:\WINDOWS\System32\dx7vb.dll2009-06-25 14:35:22 ----A---- C:\WINDOWS\System32\dsound3d.dll2009-06-25 14:35:22 ----A---- C:\WINDOWS\System32\dsound.dll2009-06-25 14:35:22 ----A---- C:\WINDOWS\System32\dpwsockx.dll2009-06-25 14:35:22 ----A---- C:\WINDOWS\System32\dpnhupnp.dll2009-06-25 14:35:22 ----A---- C:\WINDOWS\System32\dpnaddr.dll2009-06-25 14:35:22 ----A---- C:\WINDOWS\System32\dpmodemx.dll2009-06-25 14:35:22 ----A---- C:\WINDOWS\System32\dplayx.dll2009-06-25 14:35:22 ----A---- C:\WINDOWS\System32\dplaysvr.exe2009-06-25 14:35:22 ----A---- C:\WINDOWS\System32\dinput.dll2009-06-25 14:35:22 ----A---- C:\WINDOWS\System32\d3d8thk.dll2009-06-25 14:35:21 ----A---- C:\WINDOWS\System32\ddrawex.dll2009-06-25 14:35:21 ----A---- C:\WINDOWS\System32\ddraw.dll2009-06-25 14:35:21 ----A---- C:\WINDOWS\System32\d3dim700.dll2009-06-25 14:33:27 ----D---- C:\Program Files\Winamp2009-06-25 14:33:27 ----A---- C:\WINDOWS\winamp.ini2009-06-25 14:24:28 ----A---- C:\WINDOWS\ntbtlog.txt2009-06-25 13:30:00 ----A---- C:\Documents and Settings\kania\Dane aplikacji\ezplay.ini2009-06-25 13:29:50 ----D---- C:\Documents and Settings\kania\Dane aplikacji\Vso2009-06-24 23:35:14 ----D---- C:\Documents and Settings\kania\Dane aplikacji\Ventrilo2009-06-24 23:34:49 ----D---- C:\Program Files\Ventrilo2009-06-24 23:34:22 ----D---- C:\Program Files\Common Files\Wise Installation Wizard2009-06-24 22:46:10 ----D---- C:\Documents and Settings\kania\Dane aplikacji\GetRightToGo2009-06-24 20:58:51 ----D---- C:\WINDOWS\Minidump2009-06-24 19:11:59 ----D---- C:\Program Files\WinZip2009-06-24 18:45:51 ----D---- C:\Program Files\AutoConnect2009-06-24 18:39:19 ----D---- C:\WINDOWS\Logs2009-06-24 18:38:54 ----RASH---- C:\boot.ini2009-06-24 18:35:40 ----D---- C:\WINDOWS\System32\IME2009-06-24 18:35:40 ----D---- C:\WINDOWS\System32\3com_dmi2009-06-24 18:35:40 ----D---- C:\WINDOWS\System32\10452009-06-24 18:35:39 ----RSHDC---- C:\WINDOWS\System32\dllcache2009-06-24 18:35:39 ----RSD---- C:\WINDOWS\Fonts2009-06-24 18:35:39 ----RD---- C:\WINDOWS\Web2009-06-24 18:35:39 ----HD---- C:\WINDOWS\inf2009-06-24 18:35:39 ----D---- C:\WINDOWS\WinSxS2009-06-24 18:35:39 ----D---- C:\WINDOWS\twain_322009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\wins2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\wbem2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\usmt2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\spool2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\ShellExt2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\Setup2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\ras2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\oobe2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\npp2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\mui2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\inetsrv2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\icsxml2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\ias2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\export2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\drivers2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\dhcp2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\config2009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\30762009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\20522009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\10542009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\10422009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\10412009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\10372009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\10332009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\10312009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\10282009-06-24 18:35:39 ----D---- C:\WINDOWS\System32\10252009-06-24 18:35:39 ----D---- C:\WINDOWS\system322009-06-24 18:35:39 ----D---- C:\WINDOWS\system2009-06-24 18:35:39 ----D---- C:\WINDOWS\security2009-06-24 18:35:39 ----D---- C:\WINDOWS\Resources2009-06-24 18:35:39 ----D---- C:\WINDOWS\repair2009-06-24 18:35:39 ----D---- C:\WINDOWS\mui2009-06-24 18:35:39 ----D---- C:\WINDOWS\msapps2009-06-24 18:35:39 ----D---- C:\WINDOWS\msagent2009-06-24 18:35:39 ----D---- C:\WINDOWS\Media2009-06-24 18:35:39 ----D---- C:\WINDOWS\java2009-06-24 18:35:39 ----D---- C:\WINDOWS\ime2009-06-24 18:35:39 ----D---- C:\WINDOWS\Help2009-06-24 18:35:39 ----D---- C:\WINDOWS\Driver Cache2009-06-24 18:35:39 ----D---- C:\WINDOWS\Debug2009-06-24 18:35:39 ----D---- C:\WINDOWS\Cursors2009-06-24 18:35:39 ----D---- C:\WINDOWS\Connection Wizard2009-06-24 18:35:39 ----D---- C:\WINDOWS\Config2009-06-24 18:35:39 ----D---- C:\WINDOWS\AppPatch2009-06-24 18:35:39 ----D---- C:\WINDOWS\addins2009-06-24 18:35:39 ----D---- C:\WINDOWS2009-06-24 18:33:29 ----D---- C:\Documents and Settings\kania\Dane aplikacji\Macromedia2009-06-24 18:33:29 ----D---- C:\Documents and Settings\kania\Dane aplikacji\Adobe2009-06-24 18:04:27 ----D---- C:\Program Files\Yahoo!2009-06-24 17:58:32 ----D---- C:\Program Files\WinRAR2009-06-24 17:56:42 ----D---- C:\Documents and Settings\kania\Dane aplikacji\Mozilla2009-06-24 17:56:41 ----D---- C:\Program Files\Mozilla Firefox2009-06-24 17:47:06 ----A---- C:\WINDOWS\System32\WooDial2000.dll2009-06-24 17:46:13 ----A---- C:\WINDOWS\System32\h323log.txt2009-06-24 17:45:59 ----A---- C:\WINDOWS\System32\stci.dll2009-06-24 17:45:57 ----D---- C:\Program Files\Thomson2009-06-24 17:45:27 ----D---- C:\Program Files\Java Web Start2009-06-24 17:45:25 ----N---- C:\WINDOWS\System32\javaw.exe2009-06-24 17:45:25 ----N---- C:\WINDOWS\System32\java.exe2009-06-24 17:45:20 ----N---- C:\WINDOWS\System32\ActPanel.dll2009-06-24 17:45:20 ----D---- C:\Program Files\Java2009-06-24 17:44:26 ----D---- C:\Program Files\Neostrada TP2009-06-24 17:43:43 ----A---- C:\WINDOWS\System32\nv4.dll2009-06-24 17:43:13 ----A---- C:\WINDOWS\System32\usbui.dll2009-06-24 17:43:04 ----SHD---- C:\WINDOWS\ftpcache2009-06-24 17:42:19 ----A---- C:\WINDOWS\imsins.BAK2009-06-24 17:42:15 ----A---- C:\WINDOWS\System32\PerfStringBackup.INI2009-06-24 17:42:14 ----D---- C:\Program Files\Common Files\ODBC2009-06-24 17:42:14 ----A---- C:\WINDOWS\ODBCINST.INI2009-06-24 17:42:12 ----D---- C:\Program Files\Common Files\SpeechEngines2009-06-24 17:42:11 ----RD---- C:\Program Files2009-06-24 17:42:11 ----D---- C:\Program Files\Common Files\Microsoft Shared2009-06-24 17:42:11 ----D---- C:\Program Files\Common Files2009-06-24 17:42:08 ----RA---- C:\WINDOWS\System32\kbdtuq.dll2009-06-24 17:42:08 ----RA---- C:\WINDOWS\System32\kbdtuf.dll2009-06-24 17:42:08 ----RA---- C:\WINDOWS\System32\kbdazel.dll2009-06-24 17:42:07 ----RA---- C:\WINDOWS\System32\kbdycc.dll2009-06-24 17:42:07 ----RA---- C:\WINDOWS\System32\kbduzb.dll2009-06-24 17:42:07 ----RA---- C:\WINDOWS\System32\kbdur.dll2009-06-24 17:42:07 ----RA---- C:\WINDOWS\System32\kbdtat.dll2009-06-24 17:42:07 ----RA---- C:\WINDOWS\System32\kbdru1.dll2009-06-24 17:42:07 ----RA---- C:\WINDOWS\System32\kbdru.dll2009-06-24 17:42:07 ----RA---- C:\WINDOWS\System32\kbdmon.dll2009-06-24 17:42:07 ----RA---- C:\WINDOWS\System32\kbdkyr.dll2009-06-24 17:42:07 ----RA---- C:\WINDOWS\System32\kbdkaz.dll2009-06-24 17:42:07 ----RA---- C:\WINDOWS\System32\kbdbu.dll2009-06-24 17:42:07 ----RA---- C:\WINDOWS\System32\kbdblr.dll2009-06-24 17:42:07 ----RA---- C:\WINDOWS\System32\kbdaze.dll2009-06-24 17:42:05 ----RA---- C:\WINDOWS\System32\kbdhept.dll2009-06-24 17:42:05 ----RA---- C:\WINDOWS\System32\kbdhela3.dll2009-06-24 17:42:05 ----RA---- C:\WINDOWS\System32\kbdhela2.dll2009-06-24 17:42:05 ----RA---- C:\WINDOWS\System32\kbdhe319.dll2009-06-24 17:42:05 ----RA---- C:\WINDOWS\System32\kbdhe220.dll2009-06-24 17:42:05 ----RA---- C:\WINDOWS\System32\kbdhe.dll2009-06-24 17:42:05 ----RA---- C:\WINDOWS\System32\kbdgkl.dll2009-06-24 17:42:04 ----RA---- C:\WINDOWS\System32\kbdlv1.dll2009-06-24 17:42:04 ----RA---- C:\WINDOWS\System32\kbdlv.dll2009-06-24 17:42:04 ----RA---- C:\WINDOWS\System32\kbdlt1.dll2009-06-24 17:42:04 ----RA---- C:\WINDOWS\System32\kbdlt.dll2009-06-24 17:42:04 ----RA---- C:\WINDOWS\System32\kbdest.dll2009-06-24 17:42:01 ----A---- C:\WINDOWS\System32\kbdsl1.dll2009-06-24 17:42:01 ----A---- C:\WINDOWS\System32\kbdsl.dll2009-06-24 17:42:01 ----A---- C:\WINDOWS\System32\kbdro.dll2009-06-24 17:42:01 ----A---- C:\WINDOWS\System32\kbdhu1.dll2009-06-24 17:42:01 ----A---- C:\WINDOWS\System32\kbdhu.dll2009-06-24 17:42:01 ----A---- C:\WINDOWS\System32\kbdcz2.dll2009-06-24 17:42:01 ----A---- C:\WINDOWS\System32\kbdcz1.dll2009-06-24 17:42:01 ----A---- C:\WINDOWS\System32\kbdcz.dll2009-06-24 17:42:01 ----A---- C:\WINDOWS\System32\kbdcr.dll2009-06-24 17:42:00 ----A---- C:\WINDOWS\System32\kbdycl.dll2009-06-24 17:42:00 ----A---- C:\WINDOWS\System32\KBDAL.DLL2009-06-24 17:42:00 ----A---- C:\WINDOWS\System32\irclass.dll2009-06-24 17:41:59 ----A---- C:\WINDOWS\System32\spxcoins.dll2009-06-24 17:41:59 ----A---- C:\WINDOWS\System32\EqnClass.Dll2009-06-24 17:41:59 ----A---- C:\WINDOWS\System32\dgsetup.dll2009-06-24 17:41:59 ----A---- C:\WINDOWS\System32\dgrpsetu.dll2009-06-24 17:41:59 ----A---- C:\WINDOWS\System32\batt.dll2009-06-24 17:41:57 ----N---- C:\WINDOWS\System32\CONFIG.TMP2009-06-24 17:41:57 ----A---- C:\WINDOWS\TASKMAN.EXE2009-06-24 17:41:57 ----A---- C:\WINDOWS\NOTEPAD.EXE2009-06-24 17:41:56 ----A---- C:\WINDOWS\System32\storprop.dll2009-06-24 17:41:48 ----ASH---- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini2009-06-24 17:41:44 ----RA---- C:\WINDOWS\SET7.tmp2009-06-24 17:41:42 ----RA---- C:\WINDOWS\SET3.tmp2009-06-24 17:41:36 ----D---- C:\WINDOWS\System32\CatRoot22009-06-24 17:41:36 ----D---- C:\WINDOWS\System32\CatRoot2009-06-24 17:41:30 ----SD---- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft2009-06-24 17:41:21 ----A---- C:\WINDOWS\setuplog.txt2009-06-24 17:41:17 ----D---- C:\Documents and Settings2009-06-24 17:06:38 ----A---- C:\WINDOWS\System32\MSVCR71.dll2009-06-24 17:06:38 ----A---- C:\WINDOWS\System32\MSVCP71.dll2009-06-24 17:06:38 ----A---- C:\WINDOWS\System32\MFC71.dll2009-06-24 17:06:35 ----D---- C:\Program Files\Alwil Software2009-06-24 17:04:57 ----A---- C:\WINDOWS\System32\vusetup.dll2009-06-24 17:04:25 ----A---- C:\WINDOWS\IsUn0415.exe2009-06-24 17:03:27 ----A---- C:\WINDOWS\CMISETUP.INI2009-06-24 17:03:27 ----A---- C:\WINDOWS\CMCDPLAY.INI2009-06-24 17:03:24 ----A---- C:\WINDOWS\Wininit.ini2009-06-24 17:03:24 ----A---- C:\WINDOWS\System32\udaprop.dll2009-06-24 17:03:23 ----A---- C:\WINDOWS\System32\cmuda.dll2009-06-24 17:03:23 ----A---- C:\WINDOWS\System32\cmirmdrv.exe2009-06-24 17:03:23 ----A---- C:\WINDOWS\System32\cmirmdrv.dll2009-06-24 17:03:23 ----A---- C:\WINDOWS\System32\Audio3D.dll2009-06-24 17:03:23 ----A---- C:\WINDOWS\System32\a3d.dll2009-06-24 17:03:22 ----D---- C:\Program Files\C-Media 3D Audio2009-06-24 17:03:22 ----A---- C:\WINDOWS\CMIUninstall.exe2009-06-24 17:03:22 ----A---- C:\WINDOWS\CmiRmRedundDir.exe2009-06-24 17:03:22 ----A---- C:\WINDOWS\CMIRmDriver.dll2009-06-24 17:02:07 ----D---- C:\WINDOWS\System32\ReinstallBackups2009-06-24 17:01:53 ----A---- C:\WINDOWS\IsUninst.exe2009-06-24 17:00:12 ----HD---- C:\Program Files\InstallShield Installation Information2009-06-24 16:59:10 ----D---- C:\Program Files\VIA2009-06-24 16:59:06 ----D---- C:\Program Files\Common Files\InstallShield2009-06-24 16:58:14 ----RSH---- C:\8paf1d.com2009-06-24 16:57:20 ----SHD---- C:\WINDOWS\Installer2009-06-24 16:57:17 ----D---- C:\Documents and Settings\kania\Dane aplikacji\Identities2009-06-24 16:57:11 ----HD---- C:\Program Files\Uninstall Information2009-06-24 16:57:06 ----SD---- C:\Documents and Settings\kania\Dane aplikacji\Microsoft2009-06-24 16:57:06 ----ASH---- C:\Documents and Settings\kania\Dane aplikacji\desktop.ini2009-06-24 16:55:26 ----SHD---- C:\System Volume Information2009-06-24 16:55:25 ----D---- C:\WINDOWS\Prefetch2009-06-24 16:55:25 ----A---- C:\WINDOWS\SchedLgU.Txt2009-06-24 16:51:40 ----D---- C:\WINDOWS\System32\xircom2009-06-24 16:51:40 ----D---- C:\Program Files\xerox2009-06-24 16:51:40 ----D---- C:\Program Files\microsoft frontpage2009-06-24 16:51:14 ----A---- C:\WINDOWS\control.ini2009-06-24 16:51:14 ----A---- C:\AUTOEXEC.BAT2009-06-24 16:51:07 ----A---- C:\WINDOWS\OEWABLog.txt2009-06-24 16:51:03 ----A---- C:\WINDOWS\System32\mapi32.dll2009-06-24 16:50:11 ----SD---- C:\WINDOWS\Downloaded Program Files2009-06-24 16:50:11 ----RD---- C:\WINDOWS\Offline Web Pages2009-06-24 16:50:10 ----RAH---- C:\WINDOWS\System32\logonui.exe.manifest2009-06-24 16:50:05 ----RAH---- C:\WINDOWS\System32\cdplayer.exe.manifest2009-06-24 16:49:49 ----D---- C:\WINDOWS\srchasst2009-06-24 16:49:41 ----D---- C:\WINDOWS\System32\Macromed2009-06-24 16:49:41 ----D---- C:\WINDOWS\System32\DirectX2009-06-24 16:49:31 ----A---- C:\WINDOWS\System32\qmgrprxy.dll2009-06-24 16:49:31 ----A---- C:\WINDOWS\System32\qmgr.dll2009-06-24 16:49:29 ----D---- C:\Program Files\Movie Maker2009-06-24 16:49:14 ----A---- C:\WINDOWS\System32\safrslv.dll2009-06-24 16:49:14 ----A---- C:\WINDOWS\System32\safrdm.dll2009-06-24 16:49:14 ----A---- C:\WINDOWS\System32\safrcdlg.dll2009-06-24 16:49:14 ----A---- C:\WINDOWS\System32\racpldlg.dll2009-06-24 16:49:14 ----A---- C:\WINDOWS\System32\atrace.dll2009-06-24 16:49:10 ----A---- C:\WINDOWS\System32\desktop.ini2009-06-24 16:49:10 ----A---- C:\WINDOWS\desktop.ini2009-06-24 16:49:04 ----D---- C:\WINDOWS\System32\Restore2009-06-24 16:49:04 ----A---- C:\WINDOWS\System32\srsvc.dll2009-06-24 16:49:04 ----A---- C:\WINDOWS\System32\srrstr.dll2009-06-24 16:49:04 ----A---- C:\WINDOWS\System32\srclient.dll2009-06-24 16:49:03 ----D---- C:\Program Files\Windows Media Player2009-06-24 16:49:03 ----A---- C:\WINDOWS\System32\nmevtmsg.dll2009-06-24 16:49:03 ----A---- C:\WINDOWS\System32\mnmdd.dll2009-06-24 16:49:03 ----A---- C:\WINDOWS\System32\isrdbg32.dll2009-06-24 16:49:03 ----A---- C:\WINDOWS\System32\ils.dll2009-06-24 16:49:02 ----A---- C:\WINDOWS\System32\nmmkcert.dll2009-06-24 16:49:02 ----A---- C:\WINDOWS\System32\msconf.dll2009-06-24 16:49:02 ----A---- C:\WINDOWS\System32\mnmsrvc.exe2009-06-24 16:48:59 ----D---- C:\WINDOWS\PCHEALTH2009-06-24 16:48:59 ----D---- C:\Program Files\NetMeeting2009-06-24 16:48:59 ----A---- C:\WINDOWS\System32\msoert2.dll2009-06-24 16:48:59 ----A---- C:\WINDOWS\System32\acctres.dll2009-06-24 16:48:58 ----D---- C:\Program Files\Common Files\Services2009-06-24 16:48:58 ----A---- C:\WINDOWS\System32\msoeacct.dll2009-06-24 16:48:57 ----A---- C:\WINDOWS\System32\inetres.dll2009-06-24 16:48:57 ----A---- C:\WINDOWS\System32\inetcomm.dll2009-06-24 16:48:53 ----SD---- C:\WINDOWS\Tasks2009-06-24 16:48:53 ----D---- C:\Program Files\Outlook Express2009-06-24 16:48:53 ----A---- C:\WINDOWS\System32\schedsvc.dll2009-06-24 16:48:53 ----A---- C:\WINDOWS\System32\mstinit.exe2009-06-24 16:48:53 ----A---- C:\WINDOWS\System32\mstask.dll2009-06-24 16:48:53 ----A---- C:\WINDOWS\System32\isign32.dll2009-06-24 16:48:53 ----A---- C:\WINDOWS\System32\icwphbk.dll2009-06-24 16:48:53 ----A---- C:\WINDOWS\System32\icwdial.dll2009-06-24 16:48:52 ----A---- C:\WINDOWS\System32\inetcfg.dll2009-06-24 16:48:52 ----A---- C:\WINDOWS\System32\icfgnt5.dll2009-06-24 16:48:50 ----D---- C:\Program Files\Common Files\MSSoap2009-06-24 16:48:47 ----D---- C:\Program Files\Common Files\System2009-06-24 16:48:43 ----D---- C:\Program Files\Internet Explorer2009-06-24 16:48:05 ----D---- C:\Program Files\ComPlus Applications2009-06-24 16:48:03 ----A---- C:\WINDOWS\vbaddin.ini2009-06-24 16:48:03 ----A---- C:\WINDOWS\vb.ini2009-06-24 16:47:59 ----D---- C:\WINDOWS\Registration2009-06-24 16:47:53 ----HD---- C:\Program Files\WindowsUpdate2009-06-24 16:47:53 ----D---- C:\Program Files\Usługi online2009-06-24 16:47:47 ----D---- C:\Program Files\Messenger2009-06-24 16:47:43 ----D---- C:\Program Files\MSN2009-06-24 16:47:39 ----D---- C:\Program Files\MSN Gaming Zone2009-06-24 16:47:39 ----A---- C:\WINDOWS\System32\write.exe2009-06-24 16:47:31 ----A---- C:\WINDOWS\System32\sndvol32.exe2009-06-24 16:47:31 ----A---- C:\WINDOWS\System32\sndrec32.exe2009-06-24 16:47:31 ----A---- C:\WINDOWS\System32\mplay32.exe2009-06-24 16:47:31 ----A---- C:\WINDOWS\System32\accwiz.exe2009-06-24 16:47:30 ----D---- C:\Program Files\Windows NT2009-06-24 16:47:30 ----A---- C:\WINDOWS\System32\winchat.exe2009-06-24 16:47:30 ----A---- C:\WINDOWS\System32\hypertrm.dll2009-06-24 16:47:30 ----A---- C:\WINDOWS\System32\hticons.dll2009-06-24 16:47:30 ----A---- C:\WINDOWS\System32\avwav.dll2009-06-24 16:47:30 ----A---- C:\WINDOWS\System32\avtapi.dll2009-06-24 16:47:30 ----A---- C:\WINDOWS\System32\avmeter.dll2009-06-24 16:47:28 ----A---- C:\WINDOWS\System32\mspaint.exe2009-06-24 16:47:25 ----A---- C:\WINDOWS\System32\clipbrd.exe2009-06-24 16:47:24 ----A---- C:\WINDOWS\System32\getuname.dll2009-06-24 16:47:23 ----A---- C:\WINDOWS\System32\winmine.exe2009-06-24 16:47:23 ----A---- C:\WINDOWS\System32\spider.exe2009-06-24 16:47:23 ----A---- C:\WINDOWS\System32\sol.exe2009-06-24 16:47:23 ----A---- C:\WINDOWS\System32\mshearts.exe2009-06-24 16:47:23 ----A---- C:\WINDOWS\System32\charmap.exe2009-06-24 16:47:23 ----A---- C:\WINDOWS\System32\calc.exe2009-06-24 16:47:22 ----A---- C:\WINDOWS\System32\wuauserv.dll2009-06-24 16:47:22 ----A---- C:\WINDOWS\System32\wuaueng.dll2009-06-24 16:47:22 ----A---- C:\WINDOWS\System32\wuauclt.exe2009-06-24 16:47:22 ----A---- C:\WINDOWS\System32\tscfgwmi.dll2009-06-24 16:47:22 ----A---- C:\WINDOWS\System32\freecell.exe2009-06-24 16:47:21 ----A---- C:\WINDOWS\System32\usrlogon.cmd2009-06-24 16:47:21 ----A---- C:\WINDOWS\System32\tsshutdn.exe2009-06-24 16:47:21 ----A---- C:\WINDOWS\System32\tslabels.ini2009-06-24 16:47:21 ----A---- C:\WINDOWS\System32\tskill.exe2009-06-24 16:47:21 ----A---- C:\WINDOWS\System32\tsdiscon.exe2009-06-24 16:47:21 ----A---- C:\WINDOWS\System32\tscupgrd.exe2009-06-24 16:47:21 ----A---- C:\WINDOWS\System32\tscon.exe2009-06-24 16:47:21 ----A---- C:\WINDOWS\System32\sessmgr.exe2009-06-24 16:47:21 ----A---- C:\WINDOWS\System32\reset.exe2009-06-24 16:47:21 ----A---- C:\WINDOWS\System32\remotepg.dll2009-06-24 16:47:21 ----A---- C:\WINDOWS\System32\rdshost.exe2009-06-24 16:47:21 ----A---- C:\WINDOWS\System32\rdsaddin.exe2009-06-24 16:47:21 ----A---- C:\WINDOWS\System32\rdchost.dll2009-06-24 16:47:21 ----A---- C:\WINDOWS\System32\mstscax.dll2009-06-24 16:47:21 ----A---- C:\WINDOWS\System32\mstsc.exe2009-06-24 16:47:20 ----A---- C:\WINDOWS\System32\termsrv.dll2009-06-24 16:47:20 ----A---- C:\WINDOWS\System32\shadow.exe2009-06-24 16:47:20 ----A---- C:\WINDOWS\System32\rwinsta.exe2009-06-24 16:47:20 ----A---- C:\WINDOWS\System32\regini.exe2009-06-24 16:47:20 ----A---- C:\WINDOWS\System32\rdpwsx.dll2009-06-24 16:47:20 ----A---- C:\WINDOWS\System32\rdpsnd.dll2009-06-24 16:47:20 ----A---- C:\WINDOWS\System32\rdpclip.exe2009-06-24 16:47:20 ----A---- C:\WINDOWS\System32\rdpcfgex.dll2009-06-24 16:47:20 ----A---- C:\WINDOWS\System32\qwinsta.exe2009-06-24 16:47:20 ----A---- C:\WINDOWS\System32\qprocess.exe2009-06-24 16:47:20 ----A---- C:\WINDOWS\System32\qappsrv.exe2009-06-24 16:47:20 ----A---- C:\WINDOWS\System32\msg.exe2009-06-24 16:47:20 ----A---- C:\WINDOWS\System32\logoff.exe2009-06-24 16:47:20 ----A---- C:\WINDOWS\System32\icaapi.dll2009-06-24 16:47:20 ----A---- C:\WINDOWS\System32\cfgbkend.dll2009-06-24 16:47:19 ----D---- C:\WINDOWS\System32\MsDtc2009-06-24 16:47:19 ----A---- C:\WINDOWS\System32\xolehlp.dll2009-06-24 16:47:19 ----A---- C:\WINDOWS\System32\mtxoci.dll2009-06-24 16:47:19 ----A---- C:\WINDOWS\System32\msdtcuiu.dll2009-06-24 16:47:19 ----A---- C:\WINDOWS\System32\msdtctm.dll2009-06-24 16:47:19 ----A---- C:\WINDOWS\System32\msdtcprx.dll2009-06-24 16:47:19 ----A---- C:\WINDOWS\System32\msdtcprf.ini2009-06-24 16:47:19 ----A---- C:\WINDOWS\System32\msdtclog.dll2009-06-24 16:47:19 ----A---- C:\WINDOWS\System32\msdtc.exe2009-06-24 16:47:19 ----A---- C:\WINDOWS\System32\cdmodem.dll2009-06-24 16:47:18 ----A---- C:\WINDOWS\System32\dcomcnfg.exe2009-06-24 16:47:17 ----D---- C:\WINDOWS\System32\Com2009-06-24 16:47:17 ----A---- C:\WINDOWS\System32\stclient.dll2009-06-24 16:47:17 ----A---- C:\WINDOWS\System32\mtxlegih.dll2009-06-24 16:47:17 ----A---- C:\WINDOWS\System32\mtxex.dll2009-06-24 16:47:17 ----A---- C:\WINDOWS\System32\mtxdm.dll2009-06-24 16:47:17 ----A---- C:\WINDOWS\System32\comrepl.dll2009-06-24 16:47:17 ----A---- C:\WINDOWS\System32\comaddin.dll2009-06-24 16:47:17 ----A---- C:\WINDOWS\System32\colbact.dll2009-06-24 16:47:17 ----A---- C:\WINDOWS\System32\catsrvps.dll2009-06-24 16:47:16 ----A---- C:\WINDOWS\System32\comuid.dll2009-06-24 16:47:16 ----A---- C:\WINDOWS\System32\comsvcs.dll2009-06-24 16:47:16 ----A---- C:\WINDOWS\System32\comsnap.dll2009-06-24 16:47:16 ----A---- C:\WINDOWS\System32\clbcatq.dll2009-06-24 16:47:16 ----A---- C:\WINDOWS\System32\clbcatex.dll2009-06-24 16:47:16 ----A---- C:\WINDOWS\System32\catsrvut.dll2009-06-24 16:47:16 ----A---- C:\WINDOWS\System32\catsrv.dll2009-06-24 16:47:07 ----A---- C:\WINDOWS\System32\wmimgmt.msc2009-06-24 16:47:06 ----A---- C:\WINDOWS\System32\servdeps.dll2009-06-24 16:47:06 ----A---- C:\WINDOWS\System32\mmfutil.dll2009-06-24 16:47:06 ----A---- C:\WINDOWS\System32\licwmi.dll2009-06-24 16:47:06 ----A---- C:\WINDOWS\System32\cmprops.dll======List of files/folders modified in the last 1 months======2009-06-27 21:02:42 ----A---- C:\WINDOWS\system.ini2009-06-25 17:47:32 ----A---- C:\WINDOWS\win.ini======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======R3 alcan5wn;SpeedTouch USB ADSL PPP Networking Driver (NDISWAN); C:\WINDOWS\System32\DRIVERS\alcan5wn.sys [2003-12-08 53600]R3 alcaudsl;SpeedTouch ADSL Modem ATM Transport; C:\WINDOWS\System32\DRIVERS\alcaudsl.sys [2003-12-08 70688]R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2004-08-23 821760]R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\System32\DRIVERS\fetnd5b.sys [2003-11-11 41984]R3 hidusb;Sterownik Microsoft klasy HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-08-18 9600]R3 mouhid;Sterownik myszy HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-26 12160]R3 nv4;nv4; C:\WINDOWS\System32\DRIVERS\nv4.sys [2001-08-17 731648]R3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2001-08-18 24960]R3 usbhub;Koncentrator z obsługą USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2001-08-18 50688]R3 usbprint;Klasa PRINTER USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2001-08-17 24832]R3 usbstor;Sterownik magazynu masowego USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2001-08-18 21760]R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2001-08-18 18944]R3 vulfntrs;VIA USB Roothub Lower Filter; C:\WINDOWS\System32\Drivers\vulfntr.sys [2002-11-13 10496]S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []S3 catchme;catchme; \??\C:\DOCUME~1\kania\USTAWI~1\Temp\catchme.sys []S3 ezplay;VSO Software ezplay; C:\WINDOWS\System32\Drivers\ezplay.sys [2009-06-25 94208]S3 FETNDIS;Sterownik NT karty VIA PCI 10/100Mb Fast Ethernet; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]S3 NTSIM;NTSIM; \??\C:\WINDOWS\System32\ntsim.sys []S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-06-25 47360]S3 vulfnths;VIA USB Host Controller Lower Filter; C:\WINDOWS\System32\Drivers\vulfnth.sys [2002-10-24 6912]S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []S4 IntelIde;IntelIde; C:\WINDOWS\System32\drivers\IntelIde.sys []======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======R2 NET Service;NET Service; C:\WINDOWS\wmssvc.exe [2009-06-27 225280]S2 Local Service;Local Service; C:\WINDOWS\wuaucpl.exe []-----------------EOF----------------- i co to miało zrobić? // Wstawiam w tagi [*/code] // Widocznie coś się "chrzani". // KamilJB[/color]
Gość komentarz 28 czerwca 2009 komentarz 28 czerwca 2009 Ogólnie w logu widać "sieczkę". 2009-06-27 21:17:19 ----RSH---- C:\WINDOWS\wmssvc.exe2009-06-27 21:15:01 ----A---- C:\WINDOWS\System32\win_04704.exe2009-06-27 21:12:29 ----RSH---- C:\WINDOWS\System32\upds.exe2009-06-27 21:06:01 ----A---- C:\WINDOWS\System32\yboz.bat2009-06-27 21:05:48 ----AH---- C:\WINDOWS\System32\lydvrsdg.exe2009-06-27 21:05:42 ----RSH---- C:\WINDOWS\System32\WinSec.exe2009-06-27 21:05:26 ----A---- C:\WINDOWS\System32\apps.exe Kilka robaczków, bardzo trudnych do usunięcia - często jest, że wracają po restarcie. Trojan: 2009-06-28 00:03:36 ----A---- C:\WINDOWS\System32\msmshdll1a.exe I na dodatek "podróbka" Javy: [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]"Java VM v6.9.2"=C:\WINDOWS\System32\jdk-1_5_0_19-windows-i393-pp\jav.bat [2008-03-06 87] *************************************************************** 1. Zastosuj WWDC. Opis i używanie narzędzia ---> KLIK. 2. Użyj (w Trybie Awaryjnym)-->SDFix. Narzędzie uruchamiasz w Trybie Awaryjnym.! Pokaż Report.txt znajdujący się w folderze SDFix. 3. Wklej do Notatnika: File::C:\WINDOWS\system32\apps.exeC:\WINDOWS\System32\WinSec.exe C:\WINDOWS\system32\upds.exe C:\WINDOWS\System32\jdk-1_5_0_19-windows-i393-pp\jav.bat C:\WINDOWS\System32\msmshdll1a.exeC:\WINDOWS\wmssvc.exeC:\WINDOWS\System32\win_04704.exeC:\WINDOWS\System32\upds.exeC:\WINDOWS\System32\yboz.batC:\WINDOWS\System32\lydvrsdg.exeDriver::Local Service"Local Service"Registry::[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]"Internets"=-"Microsoft Windows Update"=-"Windows System Update Tools"=-"Java VM v6.9.2"=-[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]"Microsoft Windows Update"=-"Java VM v6.9.2"=-[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]"Microsoft Windows Update"=-"Java VM v6.9.2"=-[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]"Microsoft Windows Update"=-[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]"DEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~??????????Š?ŚŤŽŹ??????????Š?ŚŤŽŹ ˇ˘Ł¤Ą?§¨?Ş???ŻÄü"=-"C:\WINDOWS\System32\WinSec.exe"=-"C:\WINDOWS\System32\upds.exe"=-"wmssvc.exe"=-[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]"wmssvc.exe"=- >>Plik>>Zapisz jako... >>> CFScript Przeciągnij i upuść plik CFScript.txt na plik ComboFix.exe --> Ma się rozpocząć usuwanie. (i powstanie log).Daj ten log, który powstanie w trakcie usuwania. Jeśli pójdzie dobrze, to: Po restarcie usuń ręcznie folder C:\Qoobox. 4. Ściągnij ---> SmitFraudFix. Rozpakuj go. Uruchom plik "SmitFraudFix.cmd Naciśnij dowolny klawiasz. Wciskasz na klawiaturze "2" i wciskasz "Enter". Czekasz, aż program skończy pracę. Tapeta powinna się zmienić (jest to normalne). Powinnien pokazać się Notatnik z wygenerowanym logiem - daj go na Forum, tutaj. Czyli na Forum wrzucasz takie logi: >>> Log z SDFixa. >>> Log z ComboFixa (po Scripcie). >>> Log z SmitFraudFix. .
MarekM25 komentarz 28 czerwca 2009 komentarz 28 czerwca 2009 Co ciekawe, że combofix nie pokazał tych robaków tylko RSIT to zrobił
siankaa komentarz 28 czerwca 2009 Autor komentarz 28 czerwca 2009 wiec tak moi drodzy...na programie WWDC miałam wszystko dobrze ustawione bo już miałam wcześniej ten program. druga rzecz: po porgramie SDFX WKLEJAM RAPORCIK (nie wiem czy dobrze znowu z regulaminem go wklejam) [b]SDFix: Version 1.240 [/b]Run by kania on 2009-06-28 at 13:43Microsoft Windows XP [Wersja 5.1.2600]Running From: C:\SDFix[b]Checking Services [/b]:Restoring Default Security ValuesRestoring Default Hosts FileRebooting[b]Checking Files [/b]: Trojan Files Found:C:\WINDOWS\system32\TFTP4136 - DeletedC:\WINDOWS\system32\TFTP4508 - DeletedC:\WINDOWS\system32\i - DeletedC:\WINDOWS\system32\logon.exe - DeletedC:\WINDOWS\system32\upds.exe - DeletedC:\WINDOWS\system32\Winsec.exe - DeletedRemoving Temp Files[b]ADS Check [/b]: [b]Final Check [/b]:catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2009-06-28 13:46:14Windows 5.1.2600 NTFSdetected NTDLL code modification:ZwOpenFilescanning hidden processes ...C:\WINDOWS\wmssvc.exe [1436] 0x82491A68scanning hidden services & system hive ...scanning hidden registry entries ...[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]"DeviceNotSelectedTimeout"="15""GDIProcessHandleQuota"=dword:00002710"Spooler"="yes""swapdisk"="""TransmissionRetryTimeout"="90""USERProcessHandleQuota"=dword:00002710scanning hidden files ...scan completed successfullyhidden processes: 1hidden services: 0hidden files: 0[b]Remaining Services [/b]:Authorized Application Key Export:[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]"DEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~??????????Š?ŚŤŽŹ??????????Š?ŚŤŽŹ ˇ˘Ł¤Ą?§¨?Ş???ŻÄü"="DEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~??????????Š?ŚŤŽŹ??????????Š?ŚŤŽŹ ˇ˘Ł¤Ą?§¨?Ş???ŻÄü:*:Enabled:Nod32 Service""C:\\WINDOWS\\System32\\WinSec.exe"="C:\\WINDOWS\\System32\\WinSec.exe:*:Enabled:Internets""C:\\WINDOWS\\System32\\upds.exe"="C:\\WINDOWS\\System32\\upds.exe:*:Enabled:Windows System Update Tools""\\??\\C:\\WINDOWS\\system32\\winlogon.exe"="\\??\\C:\\WINDOWS\\system32\\winlogon.exe:*:enabled:@shell32.dll,-1""wmssvc.exe"="wmssvc.exe:*:Enabled:SYSTEM"[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]"wmssvc.exe"="wmssvc.exe:*:Enabled:SYSTEM"[b]Remaining Files [/b]:File Backups: - C:\SDFix\backups\backups.zip[b]Files with Hidden Attributes [/b]:Wed 24 Jun 2009 106,448 ..SHR --- "C:\8paf1d.com"Sat 27 Jun 2009 225,280 ..SHR --- "C:\WINDOWS\wmssvc.exe"Sat 27 Jun 2009 129,536 A..H. --- "C:\WINDOWS\system32\lydvrsdg.exe"[b]Finished![/b] rzecz numer 3! zrobilam ten plik co kazaliscie przeszuciłam go na ikone camboxa inie wyskoczyl mi notatnik z logiem tlyko usunela sie ikonka z pulpitu camboxa a na C nie mam pliku notatnika z dzis tylko z wczoraj jak mi kazaliscie robic... za to wyskoczył blad ktory wklejam na dole ... nic nie zorbilam ale jest ten folder QBOX czy cos takiego wiec nie wiem czy mam go usunac czy nie... rzecz numer 4. log z SmitfraudFix: SmitFraudFix v2.423Scan done at 14:16:20,74, 2009-06-28Run from C:\Documents and Settings\kania\Pulpit\SmitfraudFix\SmitfraudFixOS: Microsoft Windows XP [Wersja 5.1.2600] - Windows_NTThe filesystem type is NTFSFix run in normal mode???????????????????????? SharedTaskScheduler Before SmitFraudFix!!!Attention, following keys are not inevitably infected!!!SrchSTS.exe by S!RiSearch SharedTaskScheduler's .dll???????????????????????? Killing process???????????????????????? hosts127.0.0.1 NtKrnlpa.info127.0.0.1 localhost???????????????????????? VACFixVACFixCredits: Malware Analysis & DiagnosticCode: S!Ri???????????????????????? Winsock2 FixS!Ri's WS2Fix: LSP not Found.???????????????????????? Generic Renos FixGenericRenosFix by S!Ri???????????????????????? Deleting infected files???????????????????????? IEDFixIEDFixCredits: Malware Analysis & DiagnosticCode: S!Ri???????????????????????? Agent.OMZ.FixAgent.OMZ.FixCredits: Malware Analysis & DiagnosticCode: S!Ri???????????????????????? 404Fix404FixCredits: Malware Analysis & DiagnosticCode: S!Ri???????????????????????? RK???????????????????????? DNSDescription: WAN (PPP/SLIP) InterfaceDNS Server Search Order: 213.241.79.37DNS Server Search Order: 83.238.255.76HKLM\SYSTEM\CCS\Services\Tcpip\..\{C9E40043-5F0C-4453-8A9E-0D06FD023813}: NameServer=213.241.79.37 83.238.255.76HKLM\SYSTEM\CS1\Services\Tcpip\..\{C9E40043-5F0C-4453-8A9E-0D06FD023813}: NameServer=213.241.79.37 83.238.255.76???????????????????????? Deleting Temp Files???????????????????????? Winlogon.System!!!Attention, following keys are not inevitably infected!!!"System"=""???????????????????????? RK.2 no to chyba tyle.... nie wiem co mam jescze robic;/
Gość komentarz 28 czerwca 2009 komentarz 28 czerwca 2009 Czyli się dowiedzieliśmy = masz VIRUTa = exeki, scr'eki, niektóre sys'y masz zarażone. 1. Posprzątaj po ComboFixie i różnych narzędziach >>> OTCleanIt. 2. Użyj Live CD. Ściągasz ten plik. Robisz obraz płyty. Bootujesz płytkę (jeśli masz wyłączone bootowanie = włączasz). Wchodzisz, skanujesz, leczysz wszystko to co znajdzie. .
siankaa komentarz 28 czerwca 2009 Autor komentarz 28 czerwca 2009 o to co mi wyskakuje gdy chce wlaczyc ten plik... aaaaaaaa po co mi to byloo
Gość komentarz 28 czerwca 2009 komentarz 28 czerwca 2009 Szybko musisz skanować.! Zapamiętaj! Lecz wszystko to co znajdzie. .
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.