x-kom hosting

Rutynowa kontrola

Walus002
utworzono
utworzono (edytowane)

RSIT

D:\Warzne programy\Avira\AntiVir Desktop\AVWEBGRD.EXEC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\wscntfy.exeC:\WINDOWS\explorer.exeD:\Programy\Fire Fox\firefox.exeC:\Documents and Settings\Patryk\Pulpit\RSIT.exeC:\Program Files\trend micro\Patryk.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.orbitdownloader.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = ŁączaR3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dllR3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLLO2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLLO2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllO2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dllO2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLLO3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dllO3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLLO4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exeO4 - HKLM\..\Run: [WinampAgent] D:\Programy\Winamp\winampa.exeO4 - HKLM\..\Run: [avgnt] "D:\Warzne programy\Avira\AntiVir Desktop\avgnt.exe" /minO4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /backgroundO4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exeO8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.htmlO8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://D:\WARZNE~1\MICROS~1\Office12\EXCEL.EXE/3000O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\WARZNE~1\MICROS~1\Office12\REFIEBAR.DLLO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{93FEAD93-B351-48B4-A36E-CB58F7823819}: NameServer = 194.204.159.1 217.98.63.164O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - D:\Warzne programy\Avira\AntiVir Desktop\avmailc.exeO23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - D:\Warzne programy\Avira\AntiVir Desktop\sched.exeO23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - D:\Warzne programy\Avira\AntiVir Desktop\avguard.exeO23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - D:\Warzne programy\Avira\AntiVir Desktop\AVWEBGRD.EXEO23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe--End of file - 5924 bytes======Registry dump======[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}]Ask Search Assistant BHO - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL [2009-06-23 66912][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]Winamp Toolbar Loader - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-02-19 1262888][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}]Ask Toolbar BHO - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL [2009-06-23 262144][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-02-19 1262888]{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - Ask Toolbar - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL [2009-06-23 262144][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]"Smapp"=C:\Program Files\Analog Devices\SoundMAX\SMTray.exe [2002-11-08 98304]"WinampAgent"=D:\Programy\Winamp\winampa.exe [2009-04-10 37888]"avgnt"=D:\Warzne programy\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696][HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]"Orb"=C:\Program Files\Winamp Remote\bin\OrbTray.exe [2008-04-01 507904]C:\Documents and Settings\All Users\Menu Start\Programy\AutostartDSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265608][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-09-19 133632][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]"dontdisplaylastusername"=0"legalnoticecaption"="legalnoticetext"="shutdownwithoutlogon"=1"undockwithoutlogon"=1[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]"NoDriveTypeAutoRun"=323"NoDriveAutoRun"=67108863"NoDrives"=0[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]"HonorAutoRunSetting"="NoDriveAutoRun"="NoDriveTypeAutoRun"="NoDrives"=[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000""%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019""C:\Program Files\Winamp Remote\bin\Orb.exe"="C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb""C:\Program Files\Winamp Remote\bin\OrbTray.exe"="C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray""C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"="C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client""D:\Programy\Nowe Gadu-Gadu\gg.exe"="D:\Programy\Nowe Gadu-Gadu\gg.exe:*:Enabled:Nowe Gadu-Gadu""D:\Warzne programy\Micro soft office\Office12\OUTLOOK.EXE"="D:\Warzne programy\Micro soft office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook""D:\Gry\MobileForces\System\MobileForces.exe"="D:\Gry\MobileForces\System\MobileForces.exe:*:Enabled:MobileForces"[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000""%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"======List of files/folders created in the last 1 months======2009-07-02 19:28:42 ----D---- C:\Program Files\trend micro2009-07-02 19:28:41 ----D---- C:\rsit2009-07-02 19:24:40 ----D---- C:\WINDOWS\temp2009-07-02 19:24:38 ----A---- C:\ComboFix.txt2009-07-02 19:20:43 ----A---- C:\Boot.bak2009-07-02 19:20:39 ----RASHD---- C:\cmdcons2009-07-02 19:19:02 ----A---- C:\WINDOWS\zip.exe2009-07-02 19:19:02 ----A---- C:\WINDOWS\SWXCACLS.exe2009-07-02 19:19:02 ----A---- C:\WINDOWS\SWSC.exe2009-07-02 19:19:02 ----A---- C:\WINDOWS\SWREG.exe2009-07-02 19:19:02 ----A---- C:\WINDOWS\sed.exe2009-07-02 19:19:02 ----A---- C:\WINDOWS\PEV.exe2009-07-02 19:19:02 ----A---- C:\WINDOWS\NIRCMD.exe2009-07-02 19:19:02 ----A---- C:\WINDOWS\grep.exe2009-07-02 19:18:55 ----D---- C:\WINDOWS\ERDNT2009-07-02 19:18:54 ----SD---- C:\ComboFix2009-07-02 19:18:16 ----D---- C:\Qoobox2009-07-02 17:21:58 ----D---- C:\Documents and Settings\Patryk\Dane aplikacji\DMCache2009-07-02 17:03:48 ----D---- C:\downloads2009-07-02 17:03:48 ----D---- C:\Documents and Settings\Patryk\Dane aplikacji\GrabPro2009-07-02 17:03:43 ----D---- C:\Documents and Settings\Patryk\Dane aplikacji\Orbit2009-06-29 01:37:15 ----AD---- C:\Documents and Settings\All Users\Dane aplikacji\TEMP2009-06-27 17:49:48 ----A---- C:\WINDOWS\system32\vbar332.dll2009-06-27 17:49:19 ----D---- C:\Program Files\directx2009-06-27 16:04:37 ----D---- C:\WINDOWS\ie8updates2009-06-27 15:24:38 ----HDC---- C:\WINDOWS\ie82009-06-26 22:04:52 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Windows Genuine Advantage2009-06-26 11:34:55 ----D---- C:\Documents and Settings\Patryk\Dane aplikacji\WinRAR2009-06-25 14:51:15 ----A---- C:\WINDOWS\system32\MRT.exe2009-06-25 14:51:09 ----D---- C:\Program Files\MSXML 4.02009-06-24 22:28:00 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Adobe2009-06-24 22:27:48 ----D---- C:\Program Files\Common Files\Adobe2009-06-24 22:27:48 ----D---- C:\Program Files\Adobe2009-06-24 21:07:07 ----A---- C:\WINDOWS\system32\mdimon.dll2009-06-24 21:06:00 ----D---- C:\Program Files\Microsoft Works2009-06-24 21:05:32 ----D---- C:\Program Files\Microsoft Visual Studio2009-06-24 21:05:31 ----D---- C:\Program Files\Common Files\DESIGNER2009-06-24 21:04:53 ----D---- C:\Program Files\Microsoft.NET2009-06-24 21:03:11 ----D---- C:\WINDOWS\SHELLNEW2009-06-24 21:02:21 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help2009-06-24 18:40:42 ----D---- C:\Program Files\Hewlett-Packard2009-06-24 18:40:27 ----D---- C:\Program Files\Common Files\Hewlett-Packard2009-06-24 18:39:55 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Hewlett-Packard2009-06-24 18:39:31 ----A---- C:\WINDOWS\system32\hpzll5ha.dll2009-06-24 18:35:12 ----A---- C:\WINDOWS\system32\hpzids01.dll2009-06-24 18:35:06 ----DC---- C:\WINDOWS\system32\DRVSTORE2009-06-24 18:35:06 ----A---- C:\WINDOWS\system32\hppldcoi.dll2009-06-24 18:35:06 ----A---- C:\WINDOWS\system32\hpowiax3.dll2009-06-24 18:35:06 ----A---- C:\WINDOWS\system32\hpovst10.dll2009-06-24 18:35:06 ----A---- C:\WINDOWS\system32\hpotscl3.dll2009-06-24 18:35:06 ----A---- C:\WINDOWS\system32\difxapi.dll2009-06-24 18:34:55 ----D---- C:\Program Files\HP2009-06-24 18:34:16 ----HD---- C:\Config.Msi2009-06-24 00:54:13 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$2009-06-24 00:54:08 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$2009-06-24 00:54:02 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$2009-06-24 00:53:53 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$2009-06-24 00:53:48 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$2009-06-24 00:53:36 ----HDC---- C:\WINDOWS\$NtUninstallKB959772_WM11$2009-06-24 00:53:32 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$2009-06-24 00:53:26 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$2009-06-24 00:53:20 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$2009-06-24 00:53:14 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$2009-06-24 00:52:41 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$2009-06-24 00:52:36 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$2009-06-24 00:52:28 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$2009-06-24 00:52:09 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$2009-06-24 00:20:27 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM2009-06-24 00:19:02 ----D---- C:\Documents and Settings\Patryk\Dane aplikacji\OpenFM2009-06-23 23:00:40 ----D---- C:\Documents and Settings\Patryk\Dane aplikacji\Ventrilo2009-06-23 22:59:25 ----D---- C:\Program Files\Common Files\Wise Installation Wizard2009-06-23 15:44:07 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$2009-06-23 15:43:55 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$2009-06-23 15:43:50 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$2009-06-23 15:43:41 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$2009-06-23 15:43:32 ----HDC---- C:\WINDOWS\$NtUninstallKB961373$2009-06-23 15:43:23 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$2009-06-23 15:43:12 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$2009-06-23 15:42:59 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$2009-06-23 15:42:47 ----D---- C:\WINDOWS\ie7updates2009-06-23 15:42:27 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$2009-06-23 15:42:13 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$2009-06-23 15:42:02 ----HDC---- C:\WINDOWS\$NtUninstallKB969898$2009-06-23 15:41:52 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$2009-06-23 15:41:34 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$2009-06-23 15:41:22 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$2009-06-23 15:41:11 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$2009-06-23 15:40:58 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$2009-06-23 15:40:47 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$2009-06-23 15:40:33 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$2009-06-23 15:40:21 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$2009-06-23 15:40:09 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$2009-06-23 15:39:58 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$2009-06-23 15:39:39 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$2009-06-23 15:39:26 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$2009-06-23 15:39:02 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$2009-06-23 14:13:11 ----D---- C:\WINDOWS\system32\PreInstall2009-06-23 14:13:10 ----N---- C:\WINDOWS\system32\spmsg.dll2009-06-23 14:13:08 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$2009-06-23 14:13:07 ----HD---- C:\WINDOWS\$hf_mig$2009-06-23 13:00:26 ----D---- C:\WINDOWS\system32\SoftwareDistribution2009-06-23 11:02:41 ----A---- C:\WINDOWS\system32\h323log.txt2009-06-23 11:00:27 ----A---- C:\WINDOWS\system32\nv4_disp.dll2009-06-23 11:00:13 ----A---- C:\WINDOWS\system32\usbui.dll2009-06-23 10:59:06 ----A---- C:\WINDOWS\imsins.BAK2009-06-23 10:59:04 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI2009-06-23 10:59:03 ----SHD---- C:\WINDOWS\Installer2009-06-23 10:59:02 ----D---- C:\Program Files\Common Files\ODBC2009-06-23 10:59:02 ----A---- C:\WINDOWS\ODBCINST.INI2009-06-23 10:58:59 ----RD---- C:\Program Files2009-06-23 10:58:59 ----D---- C:\Program Files\Common Files\SpeechEngines2009-06-23 10:58:59 ----D---- C:\Program Files\Common Files\Microsoft Shared2009-06-23 10:58:59 ----D---- C:\Program Files\Common Files2009-06-23 10:58:51 ----RA---- C:\WINDOWS\system32\kbdtuq.dll2009-06-23 10:58:51 ----RA---- C:\WINDOWS\system32\kbdtuf.dll2009-06-23 10:58:51 ----RA---- C:\WINDOWS\system32\kbdazel.dll2009-06-23 10:58:49 ----RA---- C:\WINDOWS\system32\kbdycc.dll2009-06-23 10:58:49 ----RA---- C:\WINDOWS\system32\kbduzb.dll2009-06-23 10:58:49 ----RA---- C:\WINDOWS\system32\kbdur.dll2009-06-23 10:58:49 ----RA---- C:\WINDOWS\system32\kbdtat.dll2009-06-23 10:58:49 ----RA---- C:\WINDOWS\system32\kbdru1.dll2009-06-23 10:58:49 ----RA---- C:\WINDOWS\system32\kbdru.dll2009-06-23 10:58:49 ----RA---- C:\WINDOWS\system32\kbdmon.dll2009-06-23 10:58:49 ----RA---- C:\WINDOWS\system32\kbdkyr.dll2009-06-23 10:58:49 ----RA---- C:\WINDOWS\system32\kbdkaz.dll2009-06-23 10:58:49 ----RA---- C:\WINDOWS\system32\kbdbu.dll2009-06-23 10:58:49 ----RA---- C:\WINDOWS\system32\kbdblr.dll2009-06-23 10:58:49 ----RA---- C:\WINDOWS\system32\kbdaze.dll2009-06-23 10:58:47 ----RA---- C:\WINDOWS\system32\kbdhept.dll2009-06-23 10:58:47 ----RA---- C:\WINDOWS\system32\kbdhela3.dll2009-06-23 10:58:47 ----RA---- C:\WINDOWS\system32\kbdhela2.dll2009-06-23 10:58:47 ----RA---- C:\WINDOWS\system32\kbdhe319.dll2009-06-23 10:58:47 ----RA---- C:\WINDOWS\system32\kbdhe220.dll2009-06-23 10:58:47 ----RA---- C:\WINDOWS\system32\kbdhe.dll2009-06-23 10:58:47 ----RA---- C:\WINDOWS\system32\kbdgkl.dll2009-06-23 10:58:46 ----RA---- C:\WINDOWS\system32\kbdlv1.dll2009-06-23 10:58:46 ----RA---- C:\WINDOWS\system32\kbdlv.dll2009-06-23 10:58:46 ----RA---- C:\WINDOWS\system32\kbdlt1.dll2009-06-23 10:58:46 ----RA---- C:\WINDOWS\system32\kbdlt.dll2009-06-23 10:58:46 ----RA---- C:\WINDOWS\system32\kbdest.dll2009-06-23 10:58:41 ----RA---- C:\WINDOWS\system32\kbdycl.dll2009-06-23 10:58:41 ----RA---- C:\WINDOWS\system32\kbdsl1.dll2009-06-23 10:58:41 ----RA---- C:\WINDOWS\system32\kbdsl.dll2009-06-23 10:58:41 ----RA---- C:\WINDOWS\system32\kbdro.dll2009-06-23 10:58:41 ----RA---- C:\WINDOWS\system32\kbdhu1.dll2009-06-23 10:58:41 ----RA---- C:\WINDOWS\system32\kbdhu.dll2009-06-23 10:58:41 ----RA---- C:\WINDOWS\system32\kbdcz2.dll2009-06-23 10:58:41 ----RA---- C:\WINDOWS\system32\kbdcz1.dll2009-06-23 10:58:41 ----RA---- C:\WINDOWS\system32\kbdcz.dll2009-06-23 10:58:41 ----RA---- C:\WINDOWS\system32\kbdcr.dll2009-06-23 10:58:41 ----RA---- C:\WINDOWS\system32\KBDAL.DLL2009-06-23 10:58:39 ----A---- C:\WINDOWS\system32\irclass.dll2009-06-23 10:58:38 ----A---- C:\WINDOWS\system32\spxcoins.dll2009-06-23 10:58:38 ----A---- C:\WINDOWS\system32\EqnClass.Dll2009-06-23 10:58:38 ----A---- C:\WINDOWS\system32\dgsetup.dll2009-06-23 10:58:38 ----A---- C:\WINDOWS\system32\dgrpsetu.dll2009-06-23 10:58:36 ----N---- C:\WINDOWS\system32\CONFIG.TMP2009-06-23 10:58:36 ----A---- C:\WINDOWS\TASKMAN.EXE2009-06-23 10:58:36 ----A---- C:\WINDOWS\system32\batt.dll2009-06-23 10:58:35 ----A---- C:\WINDOWS\system32\storprop.dll2009-06-23 10:58:35 ----A---- C:\WINDOWS\NOTEPAD.EXE2009-06-23 10:58:26 ----ASH---- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini2009-06-23 10:58:21 ----RA---- C:\WINDOWS\SET8.tmp2009-06-23 10:58:19 ----RA---- C:\WINDOWS\SET4.tmp2009-06-23 10:58:17 ----RA---- C:\WINDOWS\SET3.tmp2009-06-23 10:58:12 ----D---- C:\WINDOWS\system32\CatRoot22009-06-23 10:58:12 ----D---- C:\WINDOWS\system32\CatRoot2009-06-23 10:58:06 ----SD---- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft2009-06-23 10:57:48 ----A---- C:\WINDOWS\setuplog.txt2009-06-23 10:57:44 ----SHD---- C:\System Volume Information2009-06-23 10:57:44 ----D---- C:\Documents and Settings2009-06-23 10:56:55 ----RASH---- C:\boot.ini2009-06-23 10:53:57 ----SD---- C:\WINDOWS\Downloaded Program Files2009-06-23 10:53:57 ----RSHDC---- C:\WINDOWS\system32\dllcache2009-06-23 10:53:57 ----RSD---- C:\WINDOWS\Fonts2009-06-23 10:53:57 ----RD---- C:\WINDOWS\Web2009-06-23 10:53:57 ----HD---- C:\WINDOWS\inf2009-06-23 10:53:57 ----D---- C:\WINDOWS\WinSxS2009-06-23 10:53:57 ----D---- C:\WINDOWS\WBEM2009-06-23 10:53:57 ----D---- C:\WINDOWS\twain_322009-06-23 10:53:57 ----D---- C:\WINDOWS\system32\wins2009-06-23 10:53:57 ----D---- C:\WINDOWS\system32\wbem2009-06-23 10:53:57 ----D---- C:\WINDOWS\system32\usmt2009-06-23 10:53:57 ----D---- C:\WINDOWS\system32\spool2009-06-23 10:53:57 ----D---- C:\WINDOWS\system32\ShellExt2009-06-23 10:53:57 ----D---- C:\WINDOWS\system32\Setup2009-06-23 10:53:57 ----D---- C:\WINDOWS\system32\ras2009-06-23 10:53:57 ----D---- C:\WINDOWS\system32\pl-pl2009-06-23 10:53:57 ----D---- C:\WINDOWS\system32\pl2009-06-23 10:53:57 ----D---- C:\WINDOWS\system32\oobe2009-06-23 10:53:57 ----D---- C:\WINDOWS\system32\npp2009-06-23 10:53:57 ----D---- C:\WINDOWS\system32\mui2009-06-23 10:53:57 ----D---- C:\WINDOWS\system32\inetsrv2009-06-23 10:53:57 ----D---- C:\WINDOWS\system32\IME2009-06-23 10:53:57 ----D---- C:\WINDOWS\system32\icsxml2009-06-23 10:53:57 ----D---- C:\WINDOWS\system32\ias2009-06-23 10:53:57 ----D---- C:\WINDOWS\system32\export2009-06-23 10:53:57 ----D---- C:\WINDOWS\system32\drivers2009-06-23 10:53:57 ----D---- C:\WINDOWS\system32\dhcp2009-06-23 10:53:57 ----D---- C:\WINDOWS\system32\config2009-06-23 10:53:57 ----D---- C:\WINDOWS\system32\3com_dmi2009-06-23 10:53:57 ----D---- C:\WINDOWS\system32\30762009-06-23 10:53:57 ----D---- C:\WINDOWS\system32\20522009-06-23 10:53:57 ----D---- C:\WINDOWS\system32\10542009-06-23 10:53:57 ----D---- C:\WINDOWS\system32\10452009-06-23 10:53:57 ----D---- C:\WINDOWS\system32\10422009-06-23 10:53:57 ----D---- C:\WINDOWS\system32\10412009-06-23 10:53:57 ----D---- C:\WINDOWS\system32\10372009-06-23 10:53:57 ----D---- C:\WINDOWS\system32\10332009-06-23 10:53:57 ----D---- C:\WINDOWS\system32\10312009-06-23 10:53:57 ----D---- C:\WINDOWS\system32\10282009-06-23 10:53:57 ----D---- C:\WINDOWS\system32\10252009-06-23 10:53:57 ----D---- C:\WINDOWS\system322009-06-23 10:53:57 ----D---- C:\WINDOWS\system2009-06-23 10:53:57 ----D---- C:\WINDOWS\security2009-06-23 10:53:57 ----D---- C:\WINDOWS\Resources2009-06-23 10:53:57 ----D---- C:\WINDOWS\repair2009-06-23 10:53:57 ----D---- C:\WINDOWS\Provisioning2009-06-23 10:53:57 ----D---- C:\WINDOWS\PeerNet2009-06-23 10:53:57 ----D---- C:\WINDOWS\pchealth2009-06-23 10:53:57 ----D---- C:\WINDOWS\Offline Web Pages2009-06-23 10:53:57 ----D---- C:\WINDOWS\NLDRV2009-06-23 10:53:57 ----D---- C:\WINDOWS\Network Diagnostic2009-06-23 10:53:57 ----D---- C:\WINDOWS\mui2009-06-23 10:53:57 ----D---- C:\WINDOWS\msapps2009-06-23 10:53:57 ----D---- C:\WINDOWS\msagent2009-06-23 10:53:57 ----D---- C:\WINDOWS\Media2009-06-23 10:53:57 ----D---- C:\WINDOWS\L2Schemas2009-06-23 10:53:57 ----D---- C:\WINDOWS\java2009-06-23 10:53:57 ----D---- C:\WINDOWS\ime2009-06-23 10:53:57 ----D---- C:\WINDOWS\Help2009-06-23 10:53:57 ----D---- C:\WINDOWS\ehome2009-06-23 10:53:57 ----D---- C:\WINDOWS\Driver Cache2009-06-23 10:53:57 ----D---- C:\WINDOWS\Debug2009-06-23 10:53:57 ----D---- C:\WINDOWS\Cursors2009-06-23 10:53:57 ----D---- C:\WINDOWS\Connection Wizard2009-06-23 10:53:57 ----D---- C:\WINDOWS\Config2009-06-23 10:53:57 ----D---- C:\WINDOWS\AppPatch2009-06-23 10:53:57 ----D---- C:\WINDOWS\addins2009-06-23 10:53:57 ----D---- C:\WINDOWS2009-06-23 10:47:17 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Avira2009-06-23 10:42:02 ----D---- C:\Program Files\AskSBar2009-06-23 10:41:42 ----D---- C:\Program Files\COMODO2009-06-23 10:41:42 ----A---- C:\WINDOWS\system32\cssdll32.dll2009-06-23 10:41:02 ----D---- C:\Documents and Settings\Patryk\Dane aplikacji\Comodo2009-06-23 10:29:25 ----D---- C:\Program Files\Winamp Toolbar2009-06-23 10:29:25 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar2009-06-23 10:29:18 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\OrbNetworks2009-06-23 10:29:13 ----D---- C:\Program Files\Winamp Remote2009-06-23 10:26:26 ----N---- C:\WINDOWS\system32\pxinsa64.exe2009-06-23 10:26:26 ----N---- C:\WINDOWS\system32\pxhpinst.exe2009-06-23 10:26:26 ----N---- C:\WINDOWS\system32\pxcpya64.exe2009-06-23 10:26:26 ----N---- C:\WINDOWS\system32\pxafs.dll2009-06-23 10:26:25 ----N---- C:\WINDOWS\system32\vxblock.dll2009-06-23 10:26:25 ----N---- C:\WINDOWS\system32\pxwave.dll2009-06-23 10:26:25 ----N---- C:\WINDOWS\system32\pxsfs.dll2009-06-23 10:26:25 ----N---- C:\WINDOWS\system32\pxmas.dll2009-06-23 10:26:25 ----N---- C:\WINDOWS\system32\pxdrv.dll2009-06-23 10:26:25 ----N---- C:\WINDOWS\system32\px.dll2009-06-23 10:26:21 ----D---- C:\Documents and Settings\Patryk\Dane aplikacji\Winamp2009-06-23 10:17:09 ----D---- C:\Documents and Settings\Patryk\Dane aplikacji\Nowe Gadu-Gadu2009-06-23 10:10:06 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$2009-06-23 10:07:16 ----D---- C:\Program Files\MSBuild2009-06-23 10:07:09 ----D---- C:\WINDOWS\system32\XPSViewer2009-06-23 10:07:02 ----D---- C:\WINDOWS\system32\en-us2009-06-23 10:07:02 ----D---- C:\Program Files\Reference Assemblies2009-06-23 10:06:16 ----N---- C:\WINDOWS\system32\spmsg2.dll2009-06-23 10:06:11 ----A---- C:\WINDOWS\system32\spupdsvc.exe2009-06-23 10:05:17 ----RSD---- C:\WINDOWS\assembly2009-06-23 10:04:18 ----D---- C:\WINDOWS\Microsoft.NET2009-06-23 09:44:33 ----D---- C:\Documents and Settings\Patryk\Dane aplikacji\Macromedia2009-06-23 09:44:33 ----D---- C:\Documents and Settings\Patryk\Dane aplikacji\Adobe2009-06-23 09:39:01 ----D---- C:\Documents and Settings\Patryk\Dane aplikacji\Mozilla2009-06-23 09:31:15 ----A---- C:\WINDOWS\Fast800.ini2009-06-23 09:31:15 ----A---- C:\WINDOWS\adidsl.ini2009-06-23 09:31:10 ----A---- C:\WINDOWS\adiras.exe2009-06-23 09:31:09 ----A---- C:\WINDOWS\system32\ipdetect.exe2009-06-23 09:31:09 ----A---- C:\WINDOWS\system32\adadix32.dll2009-06-23 09:31:09 ----A---- C:\WINDOWS\adiras.ini2009-06-23 09:31:07 ----A---- C:\WINDOWS\system32\unaddrv.exe2009-06-23 09:31:07 ----A---- C:\WINDOWS\system32\coclassfast.dll2009-06-23 09:31:07 ----A---- C:\WINDOWS\system32\adadix2k.dll2009-06-23 09:31:07 ----A---- C:\WINDOWS\system32\adadix16.dll2009-06-23 09:31:05 ----A---- C:\WINDOWS\autoclk.exe2009-06-23 09:30:57 ----D---- C:\Program Files\SAGEM2009-06-23 09:30:32 ----SHD---- C:\WINDOWS\ftpcache2009-06-23 09:26:52 ----D---- C:\WINDOWS\system32\ReinstallBackups2009-06-23 09:26:06 ----A---- C:\WINDOWS\IsUninst.exe2009-06-23 09:24:02 ----A---- C:\WINDOWS\system32\ksuser.dll2009-06-23 09:23:56 ----A---- C:\WINDOWS\system32\wdmioctl.dll2009-06-23 09:23:56 ----A---- C:\WINDOWS\system32\SMMedia.dll2009-06-23 09:23:55 ----A---- C:\WINDOWS\SynthCoreA.Dll2009-06-23 09:23:54 ----A---- C:\WINDOWS\SynCor.exe2009-06-23 09:23:53 ----A---- C:\WINDOWS\system32\SynthCore11Resources.dll2009-06-23 09:23:53 ----A---- C:\WINDOWS\system32\Syncor11.dll2009-06-23 09:23:53 ----A---- C:\WINDOWS\system32\S11thk32.dll2009-06-23 09:23:51 ----D---- C:\WINDOWS\VirtualEar2009-06-23 09:23:51 ----A---- C:\WINDOWS\system32\Audio3d.dll2009-06-23 09:23:50 ----A---- C:\WINDOWS\system32\virtear.dll2009-06-23 09:23:49 ----D---- C:\Program Files\Analog Devices2009-06-23 09:23:49 ----A---- C:\WINDOWS\system32\DSndUp.exe2009-06-23 09:23:49 ----A---- C:\WINDOWS\system32\CleanUp.exe2009-06-23 09:23:49 ----A---- C:\WINDOWS\system32\a3d.dll2009-06-23 09:23:48 ----HD---- C:\Program Files\InstallShield Installation Information2009-06-23 09:23:42 ----D---- C:\Program Files\Common Files\InstallShield2009-06-23 09:23:37 ----A---- C:\WINDOWS\Ascd_tmp.ini2009-06-23 09:16:51 ----D---- C:\Documents and Settings\Patryk\Dane aplikacji\Tibia2009-06-23 09:15:39 ----D---- C:\Documents and Settings\Patryk\Dane aplikacji\Identities2009-06-23 09:15:37 ----HD---- C:\Program Files\Uninstall Information2009-06-23 09:15:32 ----ASH---- C:\Documents and Settings\Patryk\Dane aplikacji\desktop.ini2009-06-23 09:15:31 ----SD---- C:\Documents and Settings\Patryk\Dane aplikacji\Microsoft2009-06-23 09:14:18 ----D---- C:\WINDOWS\SoftwareDistribution2009-06-23 09:13:09 ----SD---- C:\WINDOWS\system32\Microsoft2009-06-23 09:13:09 ----D---- C:\WINDOWS\Prefetch2009-06-23 09:13:08 ----A---- C:\WINDOWS\SchedLgU.Txt2009-06-23 09:09:33 ----D---- C:\WINDOWS\system32\xircom2009-06-23 09:09:33 ----D---- C:\Program Files\xerox2009-06-23 09:09:33 ----D---- C:\Program Files\microsoft frontpage2009-06-23 09:09:10 ----A---- C:\WINDOWS\control.ini2009-06-23 09:09:10 ----A---- C:\AUTOEXEC.BAT2009-06-23 09:08:55 ----A---- C:\WINDOWS\OEWABLog.txt2009-06-23 09:08:51 ----A---- C:\WINDOWS\system32\mapi32.dll2009-06-23 09:07:47 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest2009-06-23 09:07:43 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest2009-06-23 09:07:38 ----HD---- C:\Program Files\WindowsUpdate2009-06-23 09:07:34 ----D---- C:\Program Files\Usługi online2009-06-23 09:07:15 ----D---- C:\WINDOWS\system32\DirectX2009-06-23 09:07:05 ----A---- C:\WINDOWS\system32\atrace.dll2009-06-23 09:07:02 ----A---- C:\WINDOWS\system32\desktop.ini2009-06-23 09:07:02 ----A---- C:\WINDOWS\desktop.ini2009-06-23 09:06:55 ----A---- C:\WINDOWS\system32\nmevtmsg.dll2009-06-23 09:06:53 ----D---- C:\Program Files\Common Files\Services2009-06-23 09:06:53 ----A---- C:\WINDOWS\system32\acctres.dll2009-06-23 09:06:50 ----SD---- C:\WINDOWS\Tasks2009-06-23 09:06:50 ----A---- C:\WINDOWS\system32\icfgnt5.dll2009-06-23 09:06:49 ----D---- C:\Program Files\Common Files\MSSoap2009-06-23 09:06:43 ----D---- C:\WINDOWS\srchasst2009-06-23 09:06:42 ----D---- C:\WINDOWS\system32\Macromed2009-06-23 09:06:39 ----A---- C:\WINDOWS\system32\wuweb.dll2009-06-23 09:06:39 ----A---- C:\WINDOWS\system32\wucltui.dll2009-06-23 09:06:39 ----A---- C:\WINDOWS\system32\wuauserv.dll2009-06-23 09:06:39 ----A---- C:\WINDOWS\system32\wuaueng1.dll2009-06-23 09:06:38 ----A---- C:\WINDOWS\system32\wups.dll2009-06-23 09:06:38 ----A---- C:\WINDOWS\system32\wuaueng.dll2009-06-23 09:06:38 ----A---- C:\WINDOWS\system32\wuauclt1.exe2009-06-23 09:06:38 ----A---- C:\WINDOWS\system32\wuauclt.exe2009-06-23 09:06:38 ----A---- C:\WINDOWS\system32\wuapi.dll2009-06-23 09:06:38 ----A---- C:\WINDOWS\system32\qmgrprxy.dll2009-06-23 09:06:38 ----A---- C:\WINDOWS\system32\bitsprx4.dll2009-06-23 09:06:38 ----A---- C:\WINDOWS\system32\bitsprx3.dll2009-06-23 09:06:38 ----A---- C:\WINDOWS\system32\bitsprx2.dll2009-06-23 09:06:37 ----A---- C:\WINDOWS\system32\qmgr.dll2009-06-23 09:06:32 ----D---- C:\Program Files\Movie Maker2009-06-23 09:06:12 ----A---- C:\WINDOWS\system32\safrslv.dll2009-06-23 09:06:12 ----A---- C:\WINDOWS\system32\safrdm.dll2009-06-23 09:06:12 ----A---- C:\WINDOWS\system32\safrcdlg.dll2009-06-23 09:06:12 ----A---- C:\WINDOWS\system32\racpldlg.dll2009-06-23 09:06:07 ----A---- C:\WINDOWS\system32\fltMc.exe2009-06-23 09:06:07 ----A---- C:\WINDOWS\system32\fltlib.dll2009-06-23 09:06:06 ----D---- C:\WINDOWS\system32\Restore2009-06-23 09:06:06 ----A---- C:\WINDOWS\system32\srsvc.dll2009-06-23 09:06:06 ----A---- C:\WINDOWS\system32\srrstr.dll2009-06-23 09:06:06 ----A---- C:\WINDOWS\system32\srclient.dll2009-06-23 09:06:05 ----A---- C:\WINDOWS\system32\nmmkcert.dll2009-06-23 09:06:05 ----A---- C:\WINDOWS\system32\mnmdd.dll2009-06-23 09:06:05 ----A---- C:\WINDOWS\system32\isrdbg32.dll2009-06-23 09:06:05 ----A---- C:\WINDOWS\system32\ils.dll2009-06-23 09:06:04 ----A---- C:\WINDOWS\system32\msconf.dll2009-06-23 09:06:04 ----A---- C:\WINDOWS\system32\mnmsrvc.exe2009-06-23 09:06:01 ----D---- C:\Program Files\NetMeeting2009-06-23 09:06:01 ----A---- C:\WINDOWS\system32\msoert2.dll2009-06-23 09:06:01 ----A---- C:\WINDOWS\system32\msoeacct.dll2009-06-23 09:05:59 ----A---- C:\WINDOWS\system32\inetres.dll2009-06-23 09:05:59 ----A---- C:\WINDOWS\system32\inetcomm.dll2009-06-23 09:05:56 ----D---- C:\Program Files\Outlook Express2009-06-23 09:05:56 ----A---- C:\WINDOWS\system32\schedsvc.dll2009-06-23 09:05:56 ----A---- C:\WINDOWS\system32\mstinit.exe2009-06-23 09:05:56 ----A---- C:\WINDOWS\system32\mstask.dll2009-06-23 09:05:56 ----A---- C:\WINDOWS\system32\icwphbk.dll2009-06-23 09:05:55 ----A---- C:\WINDOWS\system32\isign32.dll2009-06-23 09:05:55 ----A---- C:\WINDOWS\system32\inetcfg.dll2009-06-23 09:05:55 ----A---- C:\WINDOWS\system32\icwdial.dll2009-06-23 09:05:49 ----D---- C:\Program Files\Common Files\System2009-06-23 09:05:48 ----D---- C:\Program Files\Internet Explorer2009-06-23 09:04:58 ----D---- C:\Program Files\ComPlus Applications2009-06-23 09:04:56 ----A---- C:\WINDOWS\vbaddin.ini2009-06-23 09:04:56 ----A---- C:\WINDOWS\vb.ini2009-06-23 09:04:50 ----D---- C:\WINDOWS\Registration2009-06-23 09:04:28 ----D---- C:\Program Files\Windows Media Connect 22009-06-23 09:04:27 ----D---- C:\Program Files\Windows Media Player2009-06-23 09:04:26 ----D---- C:\Program Files\Messenger2009-06-23 09:04:23 ----D---- C:\Program Files\MSN Gaming Zone2009-06-23 09:04:23 ----A---- C:\WINDOWS\system32\write.exe2009-06-23 09:04:15 ----A---- C:\WINDOWS\system32\sndvol32.exe2009-06-23 09:04:15 ----A---- C:\WINDOWS\system32\hticons.dll2009-06-23 09:04:14 ----A---- C:\WINDOWS\system32\winchat.exe2009-06-23 09:04:14 ----A---- C:\WINDOWS\system32\avwav.dll2009-06-23 09:04:14 ----A---- C:\WINDOWS\system32\avtapi.dll2009-06-23 09:04:14 ----A---- C:\WINDOWS\system32\avmeter.dll2009-06-23 09:04:08 ----A---- C:\WINDOWS\system32\getuname.dll2009-06-23 09:04:08 ----A---- C:\WINDOWS\system32\charmap.exe2009-06-23 09:04:08 ----A---- C:\WINDOWS\system32\calc.exe2009-06-23 09:04:07 ----A---- C:\WINDOWS\system32\winmine.exe2009-06-23 09:04:07 ----A---- C:\WINDOWS\system32\sol.exe2009-06-23 09:04:07 ----A---- C:\WINDOWS\system32\mshearts.exe2009-06-23 09:04:07 ----A---- C:\WINDOWS\system32\freecell.exe2009-06-23 09:04:06 ----A---- C:\WINDOWS\system32\usrlogon.cmd2009-06-23 09:04:06 ----A---- C:\WINDOWS\system32\tsshutdn.exe2009-06-23 09:04:06 ----A---- C:\WINDOWS\system32\tslabels.ini2009-06-23 09:04:06 ----A---- C:\WINDOWS\system32\tskill.exe2009-06-23 09:04:06 ----A---- C:\WINDOWS\system32\tsdiscon.exe2009-06-23 09:04:06 ----A---- C:\WINDOWS\system32\tscon.exe2009-06-23 09:04:06 ----A---- C:\WINDOWS\system32\shadow.exe2009-06-23 09:04:06 ----A---- C:\WINDOWS\system32\rwinsta.exe2009-06-23 09:04:06 ----A---- C:\WINDOWS\system32\reset.exe2009-06-23 09:04:06 ----A---- C:\WINDOWS\system32\regini.exe2009-06-23 09:04:06 ----A---- C:\WINDOWS\system32\rdpcfgex.dll2009-06-23 09:04:06 ----A---- C:\WINDOWS\system32\qwinsta.exe2009-06-23 09:04:06 ----A---- C:\WINDOWS\system32\qappsrv.exe2009-06-23 09:04:06 ----A---- C:\WINDOWS\system32\msg.exe2009-06-23 09:04:06 ----A---- C:\WINDOWS\system32\logoff.exe2009-06-23 09:04:05 ----A---- C:\WINDOWS\system32\msdtcprf.ini2009-06-23 09:04:05 ----A---- C:\WINDOWS\system32\cdmodem.dll2009-06-23 09:04:00 ----A---- C:\WINDOWS\system32\wmimgmt.msc2009-06-23 09:03:59 ----A---- C:\WINDOWS\system32\sndrec32.exe2009-06-23 09:03:59 ----A---- C:\WINDOWS\system32\mplay32.exe2009-06-23 09:03:59 ----A---- C:\WINDOWS\system32\hypertrm.dll2009-06-23 09:03:59 ----A---- C:\WINDOWS\system32\accwiz.exe2009-06-23 09:03:58 ----D---- C:\Program Files\Windows NT2009-06-23 09:03:58 ----A---- C:\WINDOWS\system32\spider.exe2009-06-23 09:03:58 ----A---- C:\WINDOWS\system32\mspaint.exe2009-06-23 09:03:58 ----A---- C:\WINDOWS\system32\clipbrd.exe2009-06-23 09:03:57 ----A---- C:\WINDOWS\system32\tsgqec.dll2009-06-23 09:03:57 ----A---- C:\WINDOWS\system32\tscfgwmi.dll2009-06-23 09:03:57 ----A---- C:\WINDOWS\system32\rhttpaa.dll2009-06-23 09:03:57 ----A---- C:\WINDOWS\system32\aaclient.dll2009-06-23 09:03:56 ----A---- C:\WINDOWS\system32\sessmgr.exe2009-06-23 09:03:56 ----A---- C:\WINDOWS\system32\remotepg.dll2009-06-23 09:03:56 ----A---- C:\WINDOWS\system32\rdshost.exe2009-06-23 09:03:56 ----A---- C:\WINDOWS\system32\rdsaddin.exe2009-06-23 09:03:56 ----A---- C:\WINDOWS\system32\mstscax.dll2009-06-23 09:03:56 ----A---- C:\WINDOWS\system32\mstsc.exe2009-06-23 09:03:55 ----D---- C:\WINDOWS\system32\MsDtc2009-06-23 09:03:55 ----A---- C:\WINDOWS\system32\termsrv.dll2009-06-23 09:03:55 ----A---- C:\WINDOWS\system32\rdpwsx.dll2009-06-23 09:03:55 ----A---- C:\WINDOWS\system32\rdpsnd.dll2009-06-23 09:03:55 ----A---- C:\WINDOWS\system32\rdpclip.exe2009-06-23 09:03:55 ----A---- C:\WINDOWS\system32\rdchost.dll2009-06-23 09:03:55 ----A---- C:\WINDOWS\system32\qprocess.exe2009-06-23 09:03:55 ----A---- C:\WINDOWS\system32\mtxoci.dll2009-06-23 09:03:55 ----A---- C:\WINDOWS\system32\msdtcuiu.dll2009-06-23 09:03:55 ----A---- C:\WINDOWS\system32\icaapi.dll2009-06-23 09:03:55 ----A---- C:\WINDOWS\system32\cfgbkend.dll2009-06-23 09:03:54 ----A---- C:\WINDOWS\system32\xolehlp.dll2009-06-23 09:03:54 ----A---- C:\WINDOWS\system32\msdtctm.dll2009-06-23 09:03:54 ----A---- C:\WINDOWS\system32\msdtcprx.dll2009-06-23 09:03:54 ----A---- C:\WINDOWS\system32\msdtclog.dll2009-06-23 09:03:54 ----A---- C:\WINDOWS\system32\msdtc.exe2009-06-23 09:03:53 ----D---- C:\WINDOWS\system32\Com2009-06-23 09:03:53 ----A---- C:\WINDOWS\system32\mtxlegih.dll2009-06-23 09:03:53 ----A---- C:\WINDOWS\system32\mtxex.dll2009-06-23 09:03:53 ----A---- C:\WINDOWS\system32\mtxdm.dll2009-06-23 09:03:53 ----A---- C:\WINDOWS\system32\dcomcnfg.exe2009-06-23 09:03:53 ----A---- C:\WINDOWS\system32\comrepl.dll2009-06-23 09:03:53 ----A---- C:\WINDOWS\system32\comaddin.dll2009-06-23 09:03:53 ----A---- C:\WINDOWS\system32\colbact.dll2009-06-23 09:03:52 ----A---- C:\WINDOWS\system32\stclient.dll2009-06-23 09:03:52 ----A---- C:\WINDOWS\system32\clbcatex.dll2009-06-23 09:03:52 ----A---- C:\WINDOWS\system32\catsrvut.dll2009-06-23 09:03:52 ----A---- C:\WINDOWS\system32\catsrvps.dll2009-06-23 09:03:52 ----A---- C:\WINDOWS\system32\catsrv.dll2009-06-23 09:03:51 ----A---- C:\WINDOWS\system32\comuid.dll2009-06-23 09:03:51 ----A---- C:\WINDOWS\system32\comsvcs.dll2009-06-23 09:03:51 ----A---- C:\WINDOWS\system32\comsnap.dll2009-06-23 09:03:51 ----A---- C:\WINDOWS\system32\clbcatq.dll2009-06-23 09:03:46 ----A---- C:\WINDOWS\system32\servdeps.dll2009-06-23 09:03:46 ----A---- C:\WINDOWS\system32\mmfutil.dll2009-06-23 09:03:45 ----A---- C:\WINDOWS\system32\licwmi.dll2009-06-23 09:03:45 ----A---- C:\WINDOWS\system32\cmprops.dll======List of files/folders modified in the last 1 months======2009-07-02 19:23:37 ----A---- C:\WINDOWS\system.ini2009-06-24 21:03:25 ----A---- C:\WINDOWS\win.ini======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======R1 AmdK7;Sterownik procesora AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-15 41856]R1 avgio;avgio; \??\D:\Warzne programy\Avira\AntiVir Desktop\avgio.sys []R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]R1 WS2IFSL;Środowisko wspomagające dostawcę usług innych niż IFS - Windows Socket 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-17 12032]R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-03-24 55640]R3 adiusbaw;USB ADSL WAN Adapter; C:\WINDOWS\system32\DRIVERS\adiusbaw.sys [2004-03-02 127065]R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]R3 FETNDIS;VIA Rhine Family Fast Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2003-01-27 35328]R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-04-14 1897408]R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2002-12-19 539008]R3 usbehci;Sterownik Miniport rozszerzonego kontrolera hosta USB 2.0 Microsoft; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]R3 usbhub;Koncentrator z obsługą USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys [2004-03-02 50007]S3 catchme;catchme; \??\C:\DOCUME~1\Patryk\USTAWI~1\Temp\catchme.sys []S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-03-08 49920]S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-03-08 16496]S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-03-08 21568]S3 NTSIM;NTSIM; \??\C:\WINDOWS\system32\ntsim.sys []S3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]S3 usbprint;Klasa PRINTER USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]S3 usbscan;Sterownik skanera USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]S3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-09-19 77568]S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-09-19 82944]S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======R2 AntiVirMailService;Avira AntiVir MailGuard; D:\Warzne programy\Avira\AntiVir Desktop\avmailc.exe [2009-05-11 194817]R2 AntiVirSchedulerService;Avira AntiVir Scheduler; D:\Warzne programy\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]R2 AntiVirService;Avira AntiVir Guard; D:\Warzne programy\Avira\AntiVir Desktop\avguard.exe [2009-05-11 185089]R2 AntiVirWebService;Avira AntiVir WebGuard; D:\Warzne programy\Avira\AntiVir Desktop\AVWEBGRD.EXE [2009-05-12 434945]R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]S3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]S3 WMPNetworkSvc;Usługa udostępniania w sieci programu Windows Media Player; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-12-01 918016]S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]-----------------EOF-----------------

hijackthis

Logfile of Trend Micro HijackThis v2.0.2Scan saved at 19:33:27, on 2009-07-02Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeD:\Warzne programy\Avira\AntiVir Desktop\sched.exeD:\Warzne programy\Avira\AntiVir Desktop\avguard.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exeC:\Program Files\Analog Devices\SoundMAX\SMTray.exeC:\WINDOWS\System32\svchost.exeD:\Programy\Winamp\winampa.exeD:\Warzne programy\Avira\AntiVir Desktop\avgnt.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Winamp Remote\bin\OrbTray.exeC:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exeC:\Program Files\Analog Devices\SoundMAX\SMAgent.exeC:\WINDOWS\system32\svchost.exeD:\Warzne programy\Avira\AntiVir Desktop\avmailc.exeD:\Warzne programy\Avira\AntiVir Desktop\AVWEBGRD.EXEC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\wscntfy.exeC:\WINDOWS\explorer.exeD:\Programy\Fire Fox\firefox.exeD:\hijackthis\HijackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.orbitdownloader.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = ŁączaR3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dllR3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLLO2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLLO2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllO2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dllO2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLLO3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dllO3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLLO4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exeO4 - HKLM\..\Run: [WinampAgent] D:\Programy\Winamp\winampa.exeO4 - HKLM\..\Run: [avgnt] "D:\Warzne programy\Avira\AntiVir Desktop\avgnt.exe" /minO4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /backgroundO4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exeO8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.htmlO8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://D:\WARZNE~1\MICROS~1\Office12\EXCEL.EXE/3000O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\WARZNE~1\MICROS~1\Office12\REFIEBAR.DLLO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{93FEAD93-B351-48B4-A36E-CB58F7823819}: NameServer = 194.204.159.1 217.98.63.164O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - D:\Warzne programy\Avira\AntiVir Desktop\avmailc.exeO23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - D:\Warzne programy\Avira\AntiVir Desktop\sched.exeO23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - D:\Warzne programy\Avira\AntiVir Desktop\avguard.exeO23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - D:\Warzne programy\Avira\AntiVir Desktop\AVWEBGRD.EXEO23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe--End of file - 5863 bytes

ComboFix

ComboFix 09-07-01.04 - Patryk 2009-07-02 19:21.1 - NTFSx86Microsoft Windows XP Professional  5.1.2600.3.1250.48.1045.18.768.573 [GMT 2:00]Uruchomiony z: c:\documents and settings\Patryk\Pulpit\ComboFix.exeAV: AntiVir Desktop *On-access scanning disabled* (Updated) {C19476D9-52BC-4E93-8AF3-CCF59F7AE8FE}.(((((((((((((((((((((((((((((((((((((((   Usunięto   ))))))))))))))))))))))))))))))))))))))))))))))))).c:\windows\system32\AutoRun.infc:\windows\system32\msssc.dll.(((((((((((((((((((((((((   Pliki utworzone od 2009-06-02 do 2009-07-02  ))))))))))))))))))))))))))))))).2009-07-02 15:35 . 2009-07-02 15:35	--------	d-----w-	c:\documents and settings\Patryk\Ustawienia lokalne\Dane aplikacji\vdownloader2009-07-02 15:21 . 2009-07-02 15:28	--------	d-----w-	c:\documents and settings\Patryk\Dane aplikacji\DMCache2009-07-02 15:03 . 2009-07-02 15:03	--------	d-----w-	C:\downloads2009-07-02 15:03 . 2009-07-02 15:03	--------	d-----w-	c:\documents and settings\Patryk\Dane aplikacji\GrabPro2009-07-02 15:03 . 2009-07-02 16:02	--------	d-----w-	c:\documents and settings\Patryk\Dane aplikacji\Orbit2009-06-29 18:37 . 2009-06-29 18:37	--------	d-sh--w-	c:\documents and settings\Patryk\IECompatCache2009-06-28 23:37 . 2009-07-02 17:03	--------	d---a-w-	c:\documents and settings\All Users\Dane aplikacji\TEMP2009-06-27 17:04 . 2009-06-27 17:04	--------	d-sh--w-	c:\documents and settings\Patryk\PrivacIE2009-06-27 15:49 . 1998-04-23 22:00	368912	----a-w-	c:\windows\system32\vbar332.dll2009-06-27 15:49 . 2009-06-27 15:49	--------	d-----w-	c:\program files\directx2009-06-27 14:27 . 2009-06-27 14:27	--------	d-sh--w-	c:\documents and settings\NetworkService\IETldCache2009-06-27 14:26 . 2009-06-27 14:26	--------	d-sh--w-	c:\documents and settings\Patryk\IETldCache2009-06-27 14:06 . 2009-06-02 10:12	102912	-c----w-	c:\windows\system32\dllcache\iecompat.dll2009-06-27 14:04 . 2009-06-27 14:04	--------	d-----w-	c:\windows\ie8updates2009-06-27 14:02 . 2009-04-30 21:17	12800	-c----w-	c:\windows\system32\dllcache\xpshims.dll2009-06-27 14:02 . 2009-04-30 21:17	246272	-c----w-	c:\windows\system32\dllcache\ieproxy.dll2009-06-27 13:24 . 2009-06-27 14:01	--------	dc-h--w-	c:\windows\ie82009-06-27 09:16 . 2009-06-27 09:16	--------	d-----w-	c:\documents and settings\Patryk\Ustawienia lokalne\Dane aplikacji\Winamp Toolbar2009-06-25 12:51 . 2009-06-25 12:51	--------	d-----w-	c:\program files\MSXML 4.02009-06-24 20:28 . 2009-06-24 20:29	--------	d-----w-	c:\documents and settings\Patryk\Ustawienia lokalne\Dane aplikacji\Adobe2009-06-24 20:27 . 2009-06-24 20:28	--------	d-----w-	c:\program files\Common Files\Adobe2009-06-24 19:07 . 2006-10-26 17:58	30512	----a-w-	c:\windows\system32\mdimon.dll2009-06-24 19:06 . 2009-06-24 19:06	--------	d-----w-	c:\program files\Microsoft Works2009-06-24 19:04 . 2009-06-24 19:04	--------	d-----w-	c:\program files\Microsoft.NET2009-06-24 19:03 . 2009-06-24 19:03	--------	d-----w-	c:\windows\SHELLNEW2009-06-24 19:02 . 2009-06-24 19:02	--------	d-----w-	c:\documents and settings\Patryk\Ustawienia lokalne\Dane aplikacji\Microsoft Help2009-06-24 19:02 . 2009-06-24 19:07	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\Microsoft Help2009-06-24 16:40 . 2009-06-24 16:40	--------	d-----w-	c:\program files\Hewlett-Packard2009-06-24 16:40 . 2009-06-24 16:40	--------	d-----w-	c:\program files\Common Files\Hewlett-Packard2009-06-24 16:39 . 2009-06-24 16:39	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\Hewlett-Packard2009-06-24 16:39 . 2007-03-28 12:01	117760	----a-w-	c:\windows\system32\hpzll5ha.dll2009-06-24 16:38 . 2008-04-13 22:15	15104	-c--a-w-	c:\windows\system32\dllcache\usbscan.sys2009-06-24 16:38 . 2008-04-13 22:15	15104	----a-w-	c:\windows\system32\drivers\usbscan.sys2009-06-24 16:35 . 2007-03-08 19:20	21568	----a-w-	c:\windows\system32\drivers\HPZius12.sys2009-06-24 16:35 . 2007-03-08 19:20	16496	----a-w-	c:\windows\system32\drivers\HPZipr12.sys2009-06-24 16:35 . 2007-03-08 19:20	49920	----a-w-	c:\windows\system32\drivers\HPZid412.sys2009-06-24 16:35 . 2007-03-31 05:07	267864	----a-w-	c:\windows\system32\hpzids01.dll2009-06-24 16:35 . 2009-06-24 16:35	--------	dc----w-	c:\windows\system32\DRVSTORE2009-06-24 16:35 . 2007-03-18 06:11	675840	----a-w-	c:\windows\system32\hpowiax3.dll2009-06-24 16:35 . 2007-03-18 06:11	303104	----a-w-	c:\windows\system32\hpovst10.dll2009-06-24 16:35 . 2007-03-18 06:11	569344	----a-w-	c:\windows\system32\hpotscl3.dll2009-06-24 16:35 . 2007-03-08 19:20	364544	----a-w-	c:\windows\system32\hppldcoi.dll2009-06-24 16:35 . 2007-03-08 19:20	309760	----a-w-	c:\windows\system32\difxapi.dll2009-06-24 16:34 . 2009-06-24 16:34	--------	d-----w-	c:\program files\HP2009-06-24 16:34 . 2008-04-13 22:15	26368	-c--a-w-	c:\windows\system32\dllcache\usbstor.sys2009-06-24 16:34 . 2008-04-13 22:17	25856	-c--a-w-	c:\windows\system32\dllcache\usbprint.sys2009-06-24 16:34 . 2008-04-13 22:17	25856	----a-w-	c:\windows\system32\drivers\usbprint.sys2009-06-24 16:34 . 2008-04-13 22:15	32128	-c--a-w-	c:\windows\system32\dllcache\usbccgp.sys2009-06-24 16:34 . 2008-04-13 22:15	32128	----a-w-	c:\windows\system32\drivers\usbccgp.sys2009-06-24 16:32 . 2009-06-24 16:41	126170	----a-w-	c:\windows\hpoins14.dat2009-06-24 16:32 . 2007-09-21 12:12	1996	------w-	c:\windows\hpomdl14.dat2009-06-23 22:21 . 2009-06-23 22:21	--------	d-----w-	c:\documents and settings\Patryk\.gstreamer-0.102009-06-23 22:20 . 2009-06-24 19:08	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\OpenFM2009-06-23 22:19 . 2009-06-23 22:19	--------	d-----w-	c:\documents and settings\Patryk\Dane aplikacji\OpenFM2009-06-23 21:17 . 2009-07-01 15:19	--------	d-----w-	c:\documents and settings\Patryk\Ustawienia lokalne\Dane aplikacji\WarRockDF2009-06-23 21:00 . 2009-06-23 21:01	--------	d-----w-	c:\documents and settings\Patryk\Dane aplikacji\Ventrilo2009-06-23 21:00 . 2009-06-23 21:00	5120	----a-r-	c:\documents and settings\Patryk\Dane aplikacji\Microsoft\Installer\{789289CA-F73A-4A16-A331-54D498CE069F}\Icon789289CA.exe2009-06-23 20:59 . 2009-06-23 20:59	--------	d-----w-	c:\program files\Common Files\Wise Installation Wizard2009-06-23 18:25 . 2008-04-14 21:50	26624	----a-w-	c:\documents and settings\LocalService\Dane aplikacji\Microsoft\UPnP Device Host\upnphost\udhisapi.dll2009-06-23 17:15 . 2009-06-25 21:07	23968	----a-w-	c:\documents and settings\Patryk\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT2009-06-23 13:30 . 2008-06-14 17:36	273024	-c----w-	c:\windows\system32\dllcache\bthport.sys2009-06-23 13:30 . 2008-06-14 17:36	273024	------w-	c:\windows\system32\drivers\bthport.sys2009-06-23 13:11 . 2009-02-09 11:26	2190336	-c----w-	c:\windows\system32\dllcache\ntoskrnl.exe2009-06-23 13:11 . 2009-02-09 11:26	2146816	-c----w-	c:\windows\system32\dllcache\ntkrnlmp.exe2009-06-23 13:11 . 2009-02-09 11:26	2025472	-c----w-	c:\windows\system32\dllcache\ntkrpamp.exe2009-06-23 13:01 . 2008-10-24 11:21	455296	-c----w-	c:\windows\system32\dllcache\mrxsmb.sys2009-06-23 12:13 . 2009-06-27 14:07	--------	d--h--w-	c:\windows\$hf_mig$2009-06-23 09:01 . 2001-08-17 21:59	3072	----a-w-	c:\windows\system32\drivers\audstub.sys2009-06-23 09:01 . 2008-04-14 21:35	58880	----a-w-	c:\windows\system32\drivers\redbook.sys2009-06-23 09:00 . 2008-04-14 00:15	10624	----a-w-	c:\windows\system32\drivers\gameenum.sys2009-06-23 09:00 . 2008-04-14 22:50	4274816	----a-w-	c:\windows\system32\nv4_disp.dll2009-06-23 09:00 . 2008-04-13 22:04	1897408	----a-w-	c:\windows\system32\drivers\nv4_mini.sys2009-06-23 09:00 . 2001-08-17 20:13	27165	----a-w-	c:\windows\system32\drivers\fetnd5.sys2009-06-23 09:00 . 2008-04-14 22:50	77312	----a-w-	c:\windows\system32\usbui.dll.((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   )))))))))))))))))))))))))))))))))))))))))))))))))))).2009-06-29 07:42 . 2009-06-23 08:26	--------	d-----w-	c:\documents and settings\Patryk\Dane aplikacji\Winamp2009-06-26 13:45 . 2009-06-23 08:17	--------	d-----w-	c:\documents and settings\Patryk\Dane aplikacji\Nowe Gadu-Gadu2009-06-23 20:38 . 2009-06-23 07:08	86327	----a-w-	c:\windows\pchealth\helpctr\OfflineCache\index.dat2009-06-23 20:03 . 2009-06-23 08:41	--------	d-----w-	c:\documents and settings\Patryk\Dane aplikacji\Comodo2009-06-23 14:04 . 2001-10-26 16:15	83988	----a-w-	c:\windows\system32\perfc015.dat2009-06-23 14:04 . 2001-10-26 16:15	490808	----a-w-	c:\windows\system32\perfh015.dat2009-06-23 08:48 . 2009-06-23 08:47	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\Avira2009-06-23 08:44 . 2009-06-23 08:29	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\OrbNetworks2009-06-23 08:43 . 2009-06-23 08:42	--------	d-----w-	c:\program files\AskSBar2009-06-23 08:41 . 2009-06-23 08:41	249592	----a-w-	c:\windows\system32\cssdll32.dll2009-06-23 08:41 . 2009-06-23 08:41	--------	d-----w-	c:\program files\COMODO2009-06-23 08:29 . 2009-06-23 08:29	--------	d-----w-	c:\program files\Winamp Toolbar2009-06-23 08:29 . 2009-06-23 08:29	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\Winamp Toolbar2009-06-23 08:29 . 2009-06-23 08:29	--------	d-----w-	c:\program files\Winamp Remote2009-06-23 08:07 . 2009-06-23 08:07	64200	----a-w-	c:\documents and settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat2009-06-23 08:07 . 2009-06-23 08:07	--------	d-----w-	c:\program files\MSBuild2009-06-23 08:07 . 2009-06-23 08:07	--------	d-----w-	c:\program files\Reference Assemblies2009-06-23 07:39 . 2009-06-23 07:39	0	----a-w-	c:\windows\nsreg.dat2009-06-23 07:31 . 2009-06-23 07:31	23	----a-w-	c:\windows\system32\drivers\adidsl.cfg2009-06-23 07:31 . 2009-06-23 07:23	--------	d--h--w-	c:\program files\InstallShield Installation Information2009-06-23 07:30 . 2009-06-23 07:30	--------	d-----w-	c:\program files\SAGEM2009-06-23 07:23 . 2009-06-23 07:23	--------	d-----w-	c:\program files\Analog Devices2009-06-23 07:23 . 2009-06-23 07:23	--------	d-----w-	c:\program files\Common Files\InstallShield2009-06-23 07:16 . 2009-06-23 07:16	--------	d-----w-	c:\documents and settings\Patryk\Dane aplikacji\Tibia2009-06-23 07:09 . 2009-06-23 07:09	--------	d-----w-	c:\program files\microsoft frontpage2009-06-23 07:07 . 2009-06-23 07:07	--------	d-----w-	c:\program files\Usługi online2009-06-23 07:05 . 2009-06-23 07:05	21856	----a-w-	c:\windows\system32\emptyregdb.dat2009-06-23 07:04 . 2009-06-23 07:04	--------	d-----w-	c:\program files\Windows Media Connect 22009-05-28 09:23 . 2009-05-28 09:23	42088	----a-w-	c:\documents and settings\Patryk\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll2009-05-28 08:34 . 2009-05-28 08:34	11264	----a-w-	c:\documents and settings\Patryk\Dane aplikacji\Nowe Gadu-Gadu\_userdata\npgg.1.dll2009-05-13 05:06 . 2008-09-19 21:03	915456	----a-w-	c:\windows\system32\wininet.dll2009-05-07 15:34 . 2008-04-14 21:50	347648	----a-w-	c:\windows\system32\localspl.dll2009-04-19 19:51 . 2008-04-14 20:35	1847424	----a-w-	c:\windows\system32\win32k.sys2009-04-15 14:54 . 2008-04-14 21:50	585216	----a-w-	c:\windows\system32\rpcrt4.dll.(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))..*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  REGEDIT4[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}]2009-06-23 08:43	66912	----a-w-	c:\program files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]"Orb"="c:\program files\Winamp Remote\bin\OrbTray.exe" [2008-04-01 507904][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Smapp"="c:\program files\Analog Devices\SoundMAX\SMTray.exe" [2002-11-08 98304]"WinampAgent"="d:\programy\Winamp\winampa.exe" [2009-04-10 37888]"avgnt"="d:\warzne programy\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]"nltide_2"="shell32" [X]c:\documents and settings\All Users\Menu Start\Programy\Autostart\DSLMON.lnk - c:\program files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2009-6-23 966756][HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\system32\\sessmgr.exe"="c:\\Program Files\\Winamp Remote\\bin\\Orb.exe"="c:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"="c:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"="d:\\Programy\\Nowe Gadu-Gadu\\gg.exe"="d:\\Warzne programy\\Micro soft office\\Office12\\OUTLOOK.EXE"="d:\\Gry\\MobileForces\\System\\MobileForces.exe"=[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]"8461:TCP"= 8461:TCP:GoD High Port"8462:TCP"= 8462:TCP:GoD Low PortR2 AntiVirMailService;Avira AntiVir MailGuard;d:\warzne programy\Avira\AntiVir Desktop\avmailc.exe [2009-06-23 194817]R2 AntiVirSchedulerService;Avira AntiVir Scheduler;d:\warzne programy\Avira\AntiVir Desktop\sched.exe [2009-06-23 108289]R2 AntiVirWebService;Avira AntiVir WebGuard;d:\warzne programy\Avira\AntiVir Desktop\avwebgrd.exe [2009-06-23 434945][HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12hpdevmgmt	REG_MULTI_SZ   	hpqcxs08[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP..------- Skan uzupełniający -------.uStart Page = hxxp://search.orbitdownloader.comIE: &Winamp Search - c:\documents and settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.htmlIE: E&ksportuj do programu Microsoft Excel - d:\warzne~1\MICROS~1\Office12\EXCEL.EXE/3000LSP: d:\warzne programy\Avira\AntiVir Desktop\avsda.dllTCP: {93FEAD93-B351-48B4-A36E-CB58F7823819} = 194.204.159.1 217.98.63.164FF - ProfilePath - c:\documents and settings\Patryk\Dane aplikacji\Mozilla\Firefox\Profiles\kncdu6ab.default\FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query=FF - prefs.js: browser.search.selectedEngine - GoogleFF - prefs.js: browser.startup.homepage - hxxp://search.orbitdownloader.comFF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampab&query=FF - component: c:\documents and settings\Patryk\Dane aplikacji\Mozilla\Firefox\Profiles\kncdu6ab.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dllFF - plugin: c:\documents and settings\Patryk\Dane aplikacji\Nowe Gadu-Gadu\_userdata\npgg.1.dllFF - plugin: d:\programy\Fire Fox\plugins\NPAskSBr.dll.**************************************************************************catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2009-07-02 19:23Windows 5.1.2600 Dodatek Service Pack 3 NTFSskanowanie ukrytych procesów ...  skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ...  skanowanie pomyślnie ukończoneukryte pliki: 0**************************************************************************.--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------- - - - - - - > 'lsass.exe'(756)d:\warzne programy\Avira\AntiVir Desktop\avsda.dll.Czas ukończenia: 2009-07-02 19:24ComboFix-quarantined-files.txt  2009-07-02 17:24Przed: 3 495 170 048 bajtów wolnychPo: 3 720 904 704 bajtów wolnychWindowsXP-KB310994-SP2-Pro-BootDisk-PLK.exe[boot loader]timeout=2default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS[operating systems]c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdconsmulti(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect209	--- E O F ---	2009-06-27 14:07

Gość
komentarz
komentarz

Odinstauj ten program:

c:\program files\AskSBar

Poza tym - OK. :)

.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.