x-kom hosting

Problem z zaporą

cubEE18
utworzono
utworzono

Witam!

Od pewnego czasu mam problem z zaporą. A mianowicie przy starcie systemu, jak się już wszystko załaduje, wyskakuje mi komunikat że zapora nie jest włączona. W services.msc mogę ją uruchomić i ustawiłem tryb uruchamiania na automatyczny + przy każdym kolejnym błędzie próbuje ją uruchomić ponownie co usuwa po cześci problem gdyż zapora po pewnym czasie się włącza sama. Jak sobie poradzić z tym problemem? Avira AntiVir Personal nic nie znajduje, spy bot też, mks online usunąłem 4 trojany (których wczesniej nic nie znajdowało?) ale problem nadal pozostaje

Log z HijackThis:

Logfile of Trend Micro HijackThis v2.0.2Scan saved at 10:05:54, on 2008-12-16Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16762)Boot mode: NormalRunning processes:H:\WINDOWS\System32\smss.exeH:\WINDOWS\system32\winlogon.exeH:\WINDOWS\system32\services.exeH:\WINDOWS\system32\lsass.exeH:\WINDOWS\system32\Ati2evxx.exeH:\WINDOWS\system32\svchost.exeH:\WINDOWS\System32\svchost.exeH:\WINDOWS\system32\Ati2evxx.exeH:\WINDOWS\system32\brsvc01a.exeH:\WINDOWS\system32\brss01a.exeH:\WINDOWS\system32\spoolsv.exeH:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exeH:\WINDOWS\Explorer.EXEH:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exeH:\WINDOWS\system32\RunDll32.exeH:\PROGRA~1\HDTUNE~1\HDTune.exeH:\Program Files\Gadu-Gadu\gg.exeH:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exeH:\Program Files\DAEMON Tools Lite\daemon.exeH:\Program Files\RivaTuner v2.20\RivaTuner.exeH:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exeH:\Program Files\Java\jre6\bin\jqs.exeH:\WINDOWS\system32\PnkBstrA.exeH:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exeH:\WINDOWS\system32\svchost.exeH:\WINDOWS\system32\SearchIndexer.exeH:\WINDOWS\system32\wuauclt.exeH:\WINDOWS\System32\svchost.exeH:\Program Files\Trend Micro\HijackThis\HijackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blankR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = ŁączaO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dllO2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - H:\PROGRA~1\SPYBOT~1\SDHelper.dllO2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - H:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Program Files\Java\jre6\bin\ssv.dllO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - H:\Program Files\Java\jre6\bin\jp2ssv.dllO2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - H:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllO4 - HKLM\..\Run: [avgnt] "H:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /minO4 - HKLM\..\Run: [sbUsb AudCtrl] RunDll32 sbusbdll.dll,RCMonitorO4 - HKLM\..\Run: [HD Tune] H:\PROGRA~1\HDTUNE~1\HDTune.exeO4 - HKLM\..\Run: [AtiPTA] atiptaxx.exeO4 - HKLM\..\Run: [RivaTunerStartupDaemon] "H:\Program Files\RivaTuner v2.20\RivaTuner.exe" /SO4 - HKLM\..\Run: [MSConfig] H:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /autoO4 - HKCU\..\Run: [Gadu-Gadu] "H:\Program Files\Gadu-Gadu\gg.exe" /trayO4 - HKCU\..\Run: [uberIcon] "H:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe"O4 - HKCU\..\Run: [DAEMON Tools Lite] "H:\Program Files\DAEMON Tools Lite\daemon.exe" -autorunO4 - Startup: RivaTuner.lnk = H:\Program Files\RivaTuner v2.20\RivaTuner.exeO4 - Startup: Skrót do taskmgr.lnk = H:\WINDOWS\system32\taskmgr.exeO4 - Startup: SpeedFan.lnk = H:\Program Files\SpeedFan\speedfan.exeO4 - Startup: TransBar.lnk = H:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exeO4 - Startup: UberIcon.lnk = H:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exeO8 - Extra context menu item: E&xport to Microsoft Excel - res://H:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre6\bin\jp2iexp.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre6\bin\jp2iexp.dllO9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dllO9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLLO9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - H:\PROGRA~1\SPYBOT~1\SDHelper.dllO9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - H:\PROGRA~1\SPYBOT~1\SDHelper.dllO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exeO16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/sit...b?1227090416234O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cabO16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v4.cabO16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1225547158375O16 - DPF: {C9A2CBF3-B7F9-463E-A690-82CC077DCFC6} (ZemiDetectHardware Control) - http://www.4story.com/Active_X/ZemiDetectHardware.cabO18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - H:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dllO23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - H:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exeO23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - H:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exeO23 - Service: Ati HotKey Poller - ATI Technologies Inc. - H:\WINDOWS\system32\Ati2evxx.exeO23 - Service: ATI Smart - Unknown owner - H:\WINDOWS\system32\ati2sgag.exeO23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - H:\WINDOWS\system32\brsvc01a.exeO23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - H:\Program Files\Java\jre6\bin\jqs.exeO23 - Service: PnkBstrA - Unknown owner - H:\WINDOWS\system32\PnkBstrA.exeO23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - H:\Program Files\CyberLink\Shared Files\RichVideo.exeO23 - Service: ServiceLayer - Nokia. - H:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe--End of file - 7386 bytes

Z góry dziękuje za pomoc :)

Gość
komentarz
komentarz

W tym logu nie widać żadnej infekcji. ;)

Daj log z ComboFixa.

cubEE18
komentarz
komentarz
ComboFix 08-12-15.08 - cubE 2008-12-16 19:03:42.1 - NTFSx86Microsoft Windows XP Home Edition  5.1.2600.3.1250.48.1045.18.2047.1477 [GMT 1:00]Uruchomiony z: I:\ComboFix.exe * Utworzono nowy punkt przywracania.(((((((((((((((((((((((((((((((((((((((   Usunięto   ))))))))))))))))))))))))))))))))))))))))))))))))).h:\windows\system32\CMCT3FR.DLL.(((((((((((((((((((((((((   Pliki utworzone od 2008-11-16 do 2008-12-16  ))))))))))))))))))))))))))))))).2008-12-16 06:33 . 2008-12-16 06:33	<DIR>	d--------	h:\program files\MSXML 4.02008-12-15 21:35 . 2008-12-15 21:38	<DIR>	d--------	h:\documents and settings\cubE\Dane aplikacji\PC Suite2008-12-15 17:22 . 2008-12-15 17:22	<DIR>	d--------	h:\documents and settings\Piotrek\Phone Browser2008-12-15 17:22 . 2008-12-15 17:22	<DIR>	d--------	h:\documents and settings\Piotrek\Dane aplikacji\Nokia2008-12-15 17:22 . 2008-12-15 17:22	<DIR>	d--------	h:\documents and settings\Piotrek\Dane aplikacji\Datalayer2008-12-15 17:13 . 2008-12-15 17:13	<DIR>	d--------	h:\windows\Downloaded Installations2008-12-15 17:13 . 2008-12-15 17:13	<DIR>	d--------	h:\program files\DIFX2008-12-15 17:12 . 2008-12-15 17:12	<DIR>	d----c---	h:\windows\system32\DRVSTORE2008-12-15 17:12 . 2008-12-15 17:15	<DIR>	d--------	h:\program files\Nokia2008-12-15 17:12 . 2008-12-15 17:12	<DIR>	d--------	h:\program files\Common Files\PCSuite2008-12-15 17:12 . 2008-12-15 17:12	<DIR>	d--------	h:\program files\Common Files\Nokia2008-12-15 17:12 . 2008-12-15 17:19	<DIR>	d--------	h:\documents and settings\Piotrek\Dane aplikacji\PC Suite2008-12-15 17:12 . 2008-12-15 17:12	<DIR>	d--------	h:\documents and settings\All Users\Dane aplikacji\PC Suite2008-12-15 17:12 . 2008-12-15 17:12	<DIR>	d--------	h:\documents and settings\All Users\Dane aplikacji\Downloaded Installations2008-12-15 17:12 . 2006-03-24 08:32	127,488	--a------	h:\windows\system32\drivers\nmwcd.sys2008-12-15 17:12 . 2006-03-24 08:31	48,128	--a------	h:\windows\system32\nmwcdcls.dll2008-12-15 17:12 . 2006-03-24 08:32	31,232	--a------	h:\windows\system32\nmwcdcocls.dll2008-12-15 17:12 . 2006-03-24 08:32	13,312	--a------	h:\windows\system32\drivers\nmwcdcm.sys2008-12-15 17:12 . 2006-03-24 08:32	13,312	--a------	h:\windows\system32\drivers\nmwcdcj.sys2008-12-15 17:12 . 2006-03-24 08:32	8,704	--a------	h:\windows\system32\drivers\nmwcdc.sys2008-12-15 17:12 . 2006-03-24 08:31	4,608	--a------	h:\windows\system32\nmwcdlog.dll2008-12-15 11:22 . 2004-01-12 00:00	348,160	--a------	h:\windows\system\msvcr71.dll2008-12-15 11:03 . 2008-12-15 11:07	<DIR>	d--------	h:\program files\SkanerOnline2008-12-13 23:13 . 2008-12-16 19:06	<DIR>	d--h-----	h:\documents and settings\Administrator\Ustawienia lokalne2008-12-13 23:13 . 2008-11-01 14:41	<DIR>	d--------	h:\documents and settings\Administrator\Ulubione2008-12-13 23:13 . 2008-11-01 13:57	<DIR>	d--h-----	h:\documents and settings\Administrator\Szablony2008-12-13 23:13 . 2008-11-01 14:41	<DIR>	d--------	h:\documents and settings\Administrator\Pulpit2008-12-13 23:13 . 2008-11-01 14:41	<DIR>	d--------	h:\documents and settings\Administrator\Moje dokumenty2008-12-13 23:13 . 2008-11-01 14:41	<DIR>	dr-------	h:\documents and settings\Administrator\Menu Start2008-12-13 23:13 . 2008-11-01 14:41	<DIR>	dr-h-----	h:\documents and settings\Administrator\Dane aplikacji2008-12-13 23:13 . 2008-12-13 23:13	<DIR>	d--------	h:\documents and settings\Administrator2008-12-12 23:29 . 2008-12-12 23:29	<DIR>	d--------	h:\documents and settings\Piotrek\Dane aplikacji\Windows Search2008-12-12 17:05 . 2008-07-10 02:49	50,200	--a------	h:\windows\system32\perf-ReportServer-rsctr.dll2008-12-12 17:01 . 2008-07-10 10:49	50,200	--a------	h:\windows\system32\perf-SQLSERVERAGENT-sqlagtctr10.0.1600.22.dll2008-12-12 17:00 . 2008-07-10 10:49	79,896	--a------	h:\windows\system32\perf-MSSQLSERVER-sqlctr10.0.1600.22.dll2008-12-12 16:52 . 2008-12-12 16:52	<DIR>	d--------	h:\program files\Common Files\Merge Modules2008-12-12 16:46 . 2008-12-12 16:46	<DIR>	d--------	h:\program files\Microsoft Synchronization Services2008-12-12 16:46 . 2008-12-12 16:46	<DIR>	d--------	h:\program files\Microsoft SDKs2008-12-12 16:44 . 2008-12-12 16:44	<DIR>	d--------	h:\program files\Microsoft Analysis Services2008-12-12 16:42 . 2008-12-12 16:42	<DIR>	d--------	h:\windows\system32\RsFx2008-12-12 16:42 . 2008-12-12 16:42	<DIR>	d--------	h:\program files\Microsoft Sync Framework2008-12-12 16:40 . 2008-12-12 16:40	<DIR>	d--------	h:\program files\Microsoft SQL Server Compact Edition2008-12-12 16:39 . 2008-12-12 16:53	<DIR>	d--------	h:\program files\Microsoft Visual Studio 9.02008-12-12 16:25 . 2008-12-12 16:25	<DIR>	d--------	h:\program files\MSXML 6.02008-12-12 16:02 . 2006-06-29 13:07	14,048	---------	h:\windows\system32\spmsg2.dll2008-12-12 15:59 . 2008-12-12 16:01	<DIR>	d--------	h:\windows\system32\XPSViewer2008-12-12 15:59 . 2008-12-12 15:59	<DIR>	d--------	h:\program files\Reference Assemblies2008-12-12 15:59 . 2008-12-12 15:59	<DIR>	d--------	H:\433bdd2d99b877036472e83e2008-12-12 15:59 . 2008-07-06 13:06	1,676,288	---------	h:\windows\system32\xpssvcs.dll2008-12-12 15:59 . 2008-07-06 13:06	1,676,288	-----c---	h:\windows\system32\dllcache\xpssvcs.dll2008-12-12 15:59 . 2008-07-06 11:50	597,504	-----c---	h:\windows\system32\dllcache\printfilterpipelinesvc.exe2008-12-12 15:59 . 2008-07-06 13:06	575,488	---------	h:\windows\system32\xpsshhdr.dll2008-12-12 15:59 . 2008-07-06 13:06	575,488	-----c---	h:\windows\system32\dllcache\xpsshhdr.dll2008-12-12 15:59 . 2008-07-06 13:06	117,760	---------	h:\windows\system32\prntvpt.dll2008-12-12 15:59 . 2008-07-06 13:06	89,088	-----c---	h:\windows\system32\dllcache\filterpipelineprintproc.dll2008-12-11 23:59 . 2008-12-12 00:54	1,471	-rah-----	h:\windows\EPMBatch.ept2008-12-11 23:58 . 2008-12-11 23:58	<DIR>	d--------	h:\program files\EASEUS2008-12-11 23:50 . 2008-12-11 23:50	<DIR>	d--------	H:\Dev-Cpp2008-12-11 10:54 . 2008-12-11 10:54	<DIR>	d--------	h:\program files\Common Files\DirectX2008-12-11 08:39 . 2008-12-12 16:45	<DIR>	d--------	h:\program files\Microsoft SQL Server2008-12-10 22:07 . 2008-04-14 22:50	159,232	--a------	h:\windows\system32\ptpusd.dll2008-12-10 22:07 . 2008-04-14 00:15	15,104	--a------	h:\windows\system32\drivers\usbscan.sys2008-12-10 22:07 . 2008-04-14 00:15	15,104	--a--c---	h:\windows\system32\dllcache\usbscan.sys2008-12-10 22:07 . 2001-10-26 17:29	5,632	--a------	h:\windows\system32\ptpusb.dll2008-12-08 19:51 . 2008-12-08 19:51	<DIR>	d--------	h:\windows\system32\Futuremark2008-12-08 19:51 . 2008-12-08 19:51	<DIR>	d--------	h:\program files\Futuremark2008-12-08 19:51 . 2004-10-25 20:02	21,664	--a------	h:\windows\system32\drivers\Entech.sys2008-12-08 19:51 . 2001-11-19 18:05	3,972	---------	h:\windows\system32\drivers\PciBus.sys2008-12-08 19:41 . 2008-12-08 19:41	<DIR>	d--------	h:\program files\MadOnion.com2008-12-06 23:55 . 2008-12-07 15:29	<DIR>	d--------	h:\program files\ATITool2008-12-06 23:44 . 2008-12-06 23:44	<DIR>	d--------	h:\program files\RivaTuner v2.202008-12-06 01:18 . 2006-06-14 13:44	12,288	-ra------	h:\windows\system32\drivers\EIO_XP.sys2008-12-04 10:57 . 2008-12-04 10:57	<DIR>	d--------	h:\documents and settings\cubE\Dane aplikacji\Ahead2008-11-28 12:43 . 2005-05-04 13:39	94,208	--a------	h:\windows\system32\China.dll2008-11-25 22:15 . 2008-11-25 22:15	<DIR>	d--------	h:\documents and settings\cubE\Dane aplikacji\InstallShield2008-11-25 21:54 . 2008-11-25 21:57	<DIR>	d--------	h:\documents and settings\cubE\Dane aplikacji\Dev-Cpp2008-11-25 08:40 . 2008-11-25 08:39	410,976	--a------	h:\windows\system32\deploytk.dll2008-11-24 23:51 . 2008-04-14 00:15	10,624	--a------	h:\windows\system32\drivers\gameenum.sys2008-11-24 23:51 . 2008-04-14 00:15	10,624	--a--c---	h:\windows\system32\dllcache\gameenum.sys2008-11-24 22:48 . 2008-11-24 22:48	<DIR>	d--------	h:\documents and settings\cubE\Dane aplikacji\Leadertech2008-11-23 22:59 . 2008-10-10 04:52	4,379,984	--a------	h:\windows\system32\D3DX9_40.dll2008-11-23 22:59 . 2008-10-10 04:52	2,036,576	--a------	h:\windows\system32\D3DCompiler_40.dll2008-11-23 22:59 . 2008-10-27 10:04	514,384	--a------	h:\windows\system32\XAudio2_3.dll2008-11-23 22:59 . 2008-10-10 04:52	452,440	--a------	h:\windows\system32\d3dx10_40.dll2008-11-23 22:59 . 2008-10-27 10:04	235,856	--a------	h:\windows\system32\xactengine3_3.dll2008-11-23 22:59 . 2008-10-27 10:04	70,992	--a------	h:\windows\system32\XAPOFX1_2.dll2008-11-23 22:59 . 2008-10-27 10:04	23,376	--a------	h:\windows\system32\X3DAudio1_5.dll2008-11-17 23:31 . 2008-11-17 23:32	<DIR>	d--------	h:\documents and settings\Piotrek\Dane aplikacji\BESTplayer2008-11-17 16:07 . 2008-11-17 16:07	<DIR>	d--------	h:\documents and settings\Piotrek\Dane aplikacji\Media Player Classic2008-11-17 16:07 . 2008-11-17 16:07	<DIR>	d--------	h:\documents and settings\Piotrek\Dane aplikacji\DivX2008-11-16 21:05 . 2008-11-16 21:07	<DIR>	d--------	h:\program files\UIU.((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   )))))))))))))))))))))))))))))))))))))))))))))))))))).2008-12-16 17:58	---------	d-----w	h:\program files\SpeedFan2008-12-16 17:30	---------	d-----w	h:\documents and settings\Piotrek\Dane aplikacji\Azureus2008-12-16 06:05	201,440	----a-w	h:\windows\system32\PnkBstrB.exe2008-12-16 06:05	138,512	----a-w	h:\windows\system32\drivers\PnkBstrK.sys2008-12-15 21:36	---------	d-----w	h:\documents and settings\All Users\Dane aplikacji\Spybot - Search & Destroy2008-12-15 20:35	---------	d-----w	h:\program files\lg_fwupdate2008-12-15 18:08	---------	d-----w	h:\program files\Vuze2008-12-14 18:25	---------	d-----w	h:\program files\Gadu-Gadu2008-12-12 22:28	---------	d-----w	h:\program files\Java2008-12-12 15:56	---------	d-----w	h:\documents and settings\All Users\Dane aplikacji\Microsoft Help2008-12-12 15:24	---------	d-----w	h:\program files\Microsoft.NET2008-12-12 14:59	---------	d-----w	h:\program files\MSBuild2008-12-12 10:45	---------	d-----w	h:\program files\NAPI-PROJEKT2008-12-12 10:45	---------	d-----w	h:\documents and settings\cubE\Dane aplikacji\uTorrent2008-12-11 22:43	---------	d-----w	h:\program files\Microsoft Bootvis2008-12-08 18:59	---------	d--h--w	h:\program files\InstallShield Installation Information2008-11-28 19:48	---------	d---a-w	h:\documents and settings\All Users\Dane aplikacji\TEMP2008-11-27 07:51	225,280	----a-w	h:\windows\system32\BootMan.exe2008-11-26 14:58	472,064	----a-w	h:\windows\system32\NTFSFormat.dll2008-11-26 14:55	65,536	----a-w	h:\windows\system32\FatCopy.dll2008-11-26 14:54	17,920	----a-w	h:\windows\system32\SectorCopy.dll2008-11-26 14:54	139,776	----a-w	h:\windows\system32\NTFSCopy.dll2008-11-26 14:52	86,016	----a-w	h:\windows\system32\ResizeNTFS.dll2008-11-26 14:51	93,184	----a-w	h:\windows\system32\Partition.dll2008-11-26 14:51	61,952	----a-w	h:\windows\system32\FatResizeMove.dll2008-11-26 14:51	45,568	----a-w	h:\windows\system32\FileSystemCheck.dll2008-11-26 14:50	180,736	----a-w	h:\windows\system32\DeviceManager.dll2008-11-26 14:49	86,528	----a-w	h:\windows\system32\NTFSLib.dll2008-11-26 14:49	31,744	----a-w	h:\windows\system32\FatLib.dll2008-11-26 14:49	22,016	----a-w	h:\windows\system32\FatFormat.dll2008-11-26 14:48	68,096	----a-w	h:\windows\system32\Device.dll2008-11-26 14:48	6,656	----a-w	h:\windows\system32\CallbackOperator.dll2008-11-26 14:48	24,576	----a-w	h:\windows\system32\NTFSFileSystemAnalyser.dll2008-11-26 14:48	21,504	----a-w	h:\windows\system32\Fixup.dll2008-11-26 14:48	14,848	----a-w	h:\windows\system32\FileSystemAnalyser.dll2008-11-26 14:48	10,752	----a-w	h:\windows\system32\DeviceAdapter.dll2008-11-26 14:47	25,088	----a-w	h:\windows\system32\FATFileSystemAnalyser.dll2008-11-26 12:45	66,872	----a-w	h:\windows\system32\PnkBstrA.exe2008-11-25 18:19	---------	d-----w	h:\documents and settings\cubE\Dane aplikacji\VSO2008-11-25 16:18	86,408	----a-w	h:\windows\system32\setupempdrv03.exe2008-11-25 16:18	8,704	----a-w	h:\windows\system32\epmntdrv.sys2008-11-25 16:18	3,072	----a-w	h:\windows\system32\EuGdiDrv.sys2008-11-25 16:18	14,848	----a-w	h:\windows\system32\EuEpmGdi.dll2008-11-17 22:04	---------	d-----w	h:\program files\Spybot - Search & Destroy2008-11-16 22:07	---------	d-----w	h:\program files\Dziobas Rar Player2008-11-13 17:51	107,888	----a-w	h:\windows\system32\CmdLineExt.dll2008-11-13 12:48	---------	d-----w	h:\documents and settings\Piotrek\Dane aplikacji\Winamp2008-11-10 14:38	---------	d-----w	h:\program files\IrfanView2008-11-10 13:37	---------	d-----w	h:\program files\WebSite PRO2008-11-09 15:20	---------	d-----w	h:\program files\Nvu2008-11-09 15:20	---------	d-----w	h:\documents and settings\Piotrek\Dane aplikacji\Nvu2008-11-08 19:58	---------	d-----w	h:\program files\Microsoft Baseline Security Analyzer 22008-11-08 19:08	---------	d-----w	h:\program files\Opera2008-11-08 14:39	---------	d-----w	h:\program files\Microsoft Works2008-11-08 14:36	---------	d-----w	h:\program files\Microsoft Visual Studio 82008-11-08 14:31	---------	d-----w	h:\program files\PowerISO2008-11-07 12:46	---------	d-----w	h:\program files\uTorrent2008-11-07 10:48	---------	d-----w	h:\program files\Common Files\InstallShield2008-11-07 10:48	---------	d-----w	h:\program files\Brother2008-11-07 10:45	---------	d-----w	h:\program files\ScanSoft2008-11-07 10:45	---------	d-----w	h:\program files\Common Files\ScanSoft Shared2008-11-07 10:45	---------	d-----w	h:\documents and settings\All Users\Dane aplikacji\ScanSoft2008-11-07 10:45	---------	d-----w	h:\documents and settings\All Users\Dane aplikacji\InstallShield2008-11-07 10:44	---------	d-----w	h:\documents and settings\All Users\Dane aplikacji\Brother2008-11-07 10:32	---------	d-----w	h:\documents and settings\All Users\Dane aplikacji\Azureus2008-11-07 10:28	---------	d-----w	h:\program files\OpenOffice.org 32008-11-06 18:33	---------	d-----w	h:\program files\VSO2008-11-06 09:05	---------	d-----w	h:\program files\MultiRes2008-11-06 09:04	472,576	----a-w	h:\windows\Radeon Omega Drivers v4.8.442 Uninstall.exe2008-11-06 09:04	---------	d-----w	h:\program files\Radeon Omega Drivers2008-11-05 13:17	---------	d-----w	h:\documents and settings\cubE\Dane aplikacji\Windows Search2008-11-02 12:26	---------	d-----w	h:\documents and settings\cubE\Dane aplikacji\Media Player Classic2008-11-02 11:53	---------	d-----w	h:\documents and settings\cubE\Dane aplikacji\CyberLink2008-11-02 11:53	---------	d-----w	h:\documents and settings\All Users\Dane aplikacji\CyberLink2008-11-01 21:03	---------	d-----w	h:\program files\Common Files\INCA Shared2008-11-01 20:11	---------	d-----w	h:\program files\CyberLink2008-11-01 19:58	---------	d-----w	h:\program files\Common Files\Ahead2008-11-01 19:57	---------	d-----w	h:\program files\Ahead2008-11-01 19:38	25,992	----a-w	h:\windows\system32\pgdfgsvc.exe2008-11-01 19:25	---------	d-----w	h:\program files\Winamp2008-11-01 19:25	---------	d-----w	h:\documents and settings\cubE\Dane aplikacji\Winamp2008-11-01 19:05	---------	d-----w	h:\documents and settings\cubE\Dane aplikacji\Talkback2008-11-01 15:16	---------	d-----w	h:\program files\Common Files\Adobe2008-11-01 15:11	---------	d-----w	h:\documents and settings\Piotrek\Dane aplikacji\OpenOffice.org2008-11-01 14:50	---------	d-----w	h:\documents and settings\Piotrek\Dane aplikacji\Talkback2008-11-01 14:48	---------	d-----w	h:\documents and settings\Piotrek\Dane aplikacji\Gadu-Gadu2008-11-01 14:41	63,966	----a-w	h:\windows\BricoPackUninst.cmd2008-11-01 14:41	6,112	----a-w	h:\windows\BricoPackFoldersDelete.cmd2008-11-01 14:41	219,648	----a-w	h:\windows\system32\uxtheme.dll2008-11-01 14:19	---------	d-----w	h:\program files\Windows Desktop Search2008-11-01 14:19	---------	d-----w	h:\documents and settings\cubE\Dane aplikacji\Windows Desktop Search2008-11-01 14:18	---------	d-----w	h:\program files\Windows Media Connect 22008-11-01 14:16	---------	d-----w	h:\documents and settings\cubE\Dane aplikacji\OpenOffice.org2008-11-01 13:41	---------	d-----w	h:\program files\Creative2008-11-01 13:35	472,576	----a-w	h:\windows\Nvidia Omega Drivers v2.169.21 Uninstall.exe2008-11-01 13:27	---------	d-----w	h:\program files\DAEMON Tools Lite2008-11-01 13:23	---------	d-----w	h:\program files\K-Lite Codec Pack2008-11-01 13:22	---------	d-----w	h:\program files\MarBit2008-11-01 13:21	---------	d-----w	h:\program files\Google2008-11-01 13:20	---------	d-----w	h:\program files\GIMP-2.0.(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))..*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Gadu-Gadu"="h:\program files\Gadu-Gadu\gg.exe" [2008-11-01 2131392]"UberIcon"="h:\windows\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe" [2006-05-21 180224]"DAEMON Tools Lite"="h:\program files\DAEMON Tools Lite\daemon.exe" [2008-07-24 490952][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"avgnt"="h:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]"HD Tune"="h:\progra~1\HDTUNE~1\HDTune.exe" [2008-02-09 401408]"RivaTunerStartupDaemon"="h:\program files\RivaTuner v2.20\RivaTuner.exe" [2008-11-19 2727936]"MSConfig"="h:\windows\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2008-04-15 171520]"SbUsb AudCtrl"="sbusbdll.dll" [2005-05-26 h:\windows\system32\sbusbdll.dll]"AtiPTA"="atiptaxx.exe" [2006-02-22 h:\windows\system32\atiptaxx.exe]h:\documents and settings\cubE\Menu Start\Programy\Autostart\RivaTuner.lnk - h:\program files\RivaTuner v2.20\RivaTuner.exe [2008-11-19 2727936]Skr˘t do taskmgr.lnk - h:\windows\system32\taskmgr.exe [2008-04-15 185856]SpeedFan.lnk - h:\program files\SpeedFan\speedfan.exe [2008-11-21 3835904]TransBar.lnk - h:\windows\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [2005-06-01 65536]UberIcon.lnk - h:\windows\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [2006-05-21 180224][hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "h:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128][HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]--a------ 2008-01-11 22:16 39792 h:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter2.0]--------- 2005-05-17 17:42 933888 h:\program files\Brother\ControlCenter2\brctrcen.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]--a------ 2007-08-24 07:00 33648 h:\program files\Microsoft Office\Office12\GrooveMonitor.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndexSearch]--a------ 2005-03-17 14:45 40960 h:\program files\ScanSoft\PaperPort\IndexSearch.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]--a------ 2007-01-08 22:17 52256 h:\program files\CyberLink\PowerDVD\Language\Language.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LGODDFU]--a------ 2008-11-01 21:16 548864 h:\program files\lg_fwupdate\fwupdate.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]-ra------ 2001-07-09 10:50 155648 h:\windows\system32\NeroCheck.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PaperPort PTD]--a------ 2005-03-17 14:25 57393 h:\program files\ScanSoft\PaperPort\pptd40nt.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]--a------ 2006-04-26 08:29 237568 h:\progra~1\Nokia\NOKIAP~1\LAUNCH~1.EXE[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]--------- 2007-03-14 21:01 71216 h:\program files\CyberLink\PowerDVD\PDVDServ.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetDefPrt]--------- 2005-01-26 18:02 49152 h:\program files\Brother\Brmfl05a\BrStDvPt.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]-ra------ 2003-10-14 10:22 155648 h:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]--a------ 2008-11-25 08:39 136600 h:\program files\Java\jre6\bin\jusched.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]--a------ 2008-08-04 00:02 36352 h:\program files\Winamp\winampa.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{0228e555-4f9c-4e35-a3ec-b109a192b4c2}]--a------ 2005-07-15 22:48 479232 h:\program files\Google\Gmail Notifier\gnotify.exe[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\Network Diagnostic\\xpnetdiag.exe"="h:\\Program Files\\Gadu-Gadu\\gg.exe"="g:\\Wolfenstein - Enemy Territory\\ET.exe"="h:\\Program Files\\Vuze\\Azureus.exe"="h:\\Program Files\\Opera\\opera.exe"="h:\\Program Files\\uTorrent\\uTorrent.exe"="h:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="h:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"="h:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"="g:\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\XR_3DA.exe"="g:\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\dedicated\\XR_3DA.exe"="g:\\KalOnlineEngTest\\KalOnline.exe"="h:\\WINDOWS\\system32\\sessmgr.exe"=R1 EIO_XP;EIO_XP;\??\h:\windows\system32\drivers\EIO_XP.sys [2008-12-06 12288]R2 MsDtsServer100;SQL Server Integration Services 10.0;"h:\program files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe" [2008-07-10 218136]R2 ReportServer;SQL Server Reporting Services (MSSQLSERVER);"h:\program files\Microsoft SQL Server\MSRS10.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe" [2008-07-10 1106968]R3 sbusb;Sound Blaster USB Audio Driver;h:\windows\system32\DRIVERS\sbusb.sys [2008-11-01 1694592]S3 epmntdrv;epmntdrv;\??\h:\windows\system32\epmntdrv.sys [2008-12-11 8704]S3 EuGdiDrv;EuGdiDrv;\??\h:\windows\system32\EuGdiDrv.sys [2008-12-11 3072]S4 MSSQLFDLauncher;SQL Full-text Filter Daemon Launcher (MSSQLSERVER);"h:\program files\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe" -s MSSQL10.MSSQLSERVER [2008-07-10 31256]S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;"h:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE" [2008-07-10 47128]S4 RsFx0102;RsFx0102 Driver;h:\windows\system32\DRIVERS\RsFx0102.sys [2008-07-10 242712][HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J]\Shell\AutoRun\command - j:\autorun\AutoRun.exe[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{326eaca6-a816-11dd-9691-806d6172696f}]\Shell\AutoRun\command - J:\Setup.exe[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fb4931b8-aa64-11dd-9723-00304f24088b}]\Shell\AutoRun\command - M:\ln9.exe\Shell\explore\Command - M:\ln9.exe\Shell\open\Command - M:\ln9.exe*Newly Created Service* - PROCEXP90..------- Skan uzupełniający -------.uStart Page = about:blankIE: E&xport to Microsoft Excel - h:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000h:\windows\system32\SkanerOnlineUninstall.exe - h:\windows\system32\SkanerOnline.dllO16 -: {68282C51-9459-467B-95BF-3C0E89627E55}hxxp://www.mks.com.pl/skaner/SkanerOnline.cabh:\windows\Downloaded Program Files\SkanerOnline.infh:\windows\system32\ZemiDetectHardware.ocx - O16 -: {C9A2CBF3-B7F9-463E-A690-82CC077DCFC6}hxxp://www.4story.com/Active_X/ZemiDetectHardware.cabh:\windows\Downloaded Program Files\ZemiDetectHardware.infFF - ProfilePath - h:\documents and settings\cubE\Dane aplikacji\Mozilla\Firefox\Profiles\p8q0tqil.default\FF - prefs.js: network.proxy.type - 2FF - plugin: h:\program files\Opera\program\plugins\NPOFF12.DLL.**************************************************************************catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2008-12-16 19:06:22Windows 5.1.2600 Dodatek Service Pack 3 NTFSskanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ...skanowanie ukrytych plików ... skanowanie pomyślnie ukończoneukryte pliki: 0**************************************************************************.--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------- - - - - - - > 'winlogon.exe'(580)h:\windows\system32\Ati2evxx.dll- - - - - - - > 'lsass.exe'(636)h:\windows\system32\scecli.dll.Czas ukończenia: 2008-12-16 19:07:06ComboFix-quarantined-files.txt  2008-12-16 18:07:04Przed: 51 620 581 376 bajtów wolnychPo: 51,709,489,152 bajtów wolnychWindowsXP-KB310994-SP2-Home-BootDisk-PLK.exe[boot loader]timeout=2default=multi(0)disk(0)rdisk(0)partition(6)\WINDOWS[operating systems]c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdconsmulti(0)disk(0)rdisk(0)partition(6)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect337	--- E O F ---	2008-12-16 05:33:11

Ktos przejrzał loga? Ja nawet nie wiem czego w nim szukać :)

Gość
komentarz
komentarz

Za dużo to tu do usuwania nie ma.

Wklej do Notatnika:

Folder::H:\433bdd2d99b877036472e83eRegistry::[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"AtiPTA"=-[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher][-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndexSearch][-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut][-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LGODDFU][-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck][-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PaperPort PTD][-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl][-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate][-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched][-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent][-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{0228e555-4f9c-4e35-a3ec-b109a192b4c2}][-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J][-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{326eaca6-a816-11dd-9691-806d6172696f}][-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fb4931b8-aa64-11dd-9723-00304f24088b}]

>>Plik>>Zapisz jako... >>> CFScript

Przeciągnij i upuść plik CFScript.txt na plik ComboFix.exe

-->cfscriptb5b4me3.gif

Ma się rozpocząć usuwanie. (i powstanie log).Daj ten log, który powstanie w trakcie usuwania.

Jeśli pójdzie dobrze, to: Po restarcie usuń ręcznie folder C:\Qoobox.

cubEE18
komentarz
komentarz

Zrobiłem tak jak mówiłeś, nasunąłem ten plik tekstowy, coś tam działał (usuwał etapami), potem usunąłem ten folder H:\Qoobox

ComboFix 08-12-15.08 - cubE 2008-12-17 21:42:21.2 - NTFSx86Microsoft Windows XP Home Edition  5.1.2600.3.1250.1.1045.18.2047.1370 [GMT 1:00]Uruchomiony z: I:\ComboFix.exeUżyto następujących komend :: h:\documents and settings\cubE\Pulpit\CFScript.txt * Utworzono nowy punkt przywracania.(((((((((((((((((((((((((((((((((((((((   Usunięto   ))))))))))))))))))))))))))))))))))))))))))))))))).H:\433bdd2d99b877036472e83e . . . . nie udało się usunąć.(((((((((((((((((((((((((   Pliki utworzone od 2008-11-17 do 2008-12-17  ))))))))))))))))))))))))))))))).2008-12-17 18:09 . 2008-12-17 18:15	<DIR>	d--------	h:\program files\coolpro22008-12-17 16:31 . 2008-12-17 16:31	<DIR>	d--------	h:\documents and settings\Piotrek\Dane aplikacji\skypePM2008-12-17 16:31 . 2008-12-17 16:31	56	--ah-----	h:\windows\system32\ezsidmv.dat2008-12-17 16:29 . 2008-12-17 16:29	<DIR>	d--------	h:\program files\Skype2008-12-17 16:29 . 2008-12-17 16:29	<DIR>	d--------	h:\program files\Common Files\Skype2008-12-17 16:29 . 2008-12-17 21:29	<DIR>	d--------	h:\documents and settings\Piotrek\Dane aplikacji\Skype2008-12-17 16:28 . 2008-12-17 16:29	<DIR>	d--------	h:\documents and settings\All Users\Dane aplikacji\Skype2008-12-17 11:38 . 2008-12-17 11:38	<DIR>	d--------	h:\program files\iPod2008-12-17 11:38 . 2008-12-17 11:46	<DIR>	d--------	h:\documents and settings\Piotrek\Dane aplikacji\Apple Computer2008-12-17 11:38 . 2008-04-17 13:12	107,368	--a------	h:\windows\system32\GEARAspi.dll2008-12-17 11:38 . 2008-04-17 13:12	15,464	--a------	h:\windows\system32\drivers\GEARAspiWDM.sys2008-12-17 11:37 . 2008-12-17 11:38	<DIR>	d--------	h:\program files\iTunes2008-12-17 11:37 . 2008-12-17 11:37	<DIR>	d--------	h:\program files\Bonjour2008-12-17 11:37 . 2008-12-17 11:38	<DIR>	d--------	h:\documents and settings\All Users\Dane aplikacji\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}2008-12-17 11:36 . 2008-12-17 11:37	<DIR>	d--------	h:\program files\QuickTime2008-12-17 11:36 . 2008-12-17 11:36	<DIR>	d--------	h:\program files\Apple Software Update2008-12-17 11:36 . 2008-12-17 11:37	<DIR>	d--------	h:\documents and settings\All Users\Dane aplikacji\Apple Computer2008-12-17 11:35 . 2008-12-17 11:38	<DIR>	d--------	h:\program files\Common Files\Apple2008-12-17 11:35 . 2008-12-17 11:35	<DIR>	d--------	h:\documents and settings\All Users\Dane aplikacji\Apple2008-12-17 00:25 . 2008-12-17 00:25	<DIR>	d--------	h:\windows\system32\IOSUBSYS2008-12-16 06:33 . 2008-12-16 06:33	<DIR>	d--------	h:\program files\MSXML 4.02008-12-15 21:35 . 2008-12-15 21:38	<DIR>	d--------	h:\documents and settings\cubE\Dane aplikacji\PC Suite2008-12-15 17:22 . 2008-12-17 18:21	<DIR>	d--------	h:\documents and settings\Piotrek\Phone Browser2008-12-15 17:22 . 2008-12-15 17:22	<DIR>	d--------	h:\documents and settings\Piotrek\Dane aplikacji\Nokia2008-12-15 17:22 . 2008-12-15 17:22	<DIR>	d--------	h:\documents and settings\Piotrek\Dane aplikacji\Datalayer2008-12-15 17:13 . 2008-12-15 17:13	<DIR>	d--------	h:\windows\Downloaded Installations2008-12-15 17:13 . 2008-12-15 17:13	<DIR>	d--------	h:\program files\DIFX2008-12-15 17:12 . 2008-12-17 11:38	<DIR>	d----c---	h:\windows\system32\DRVSTORE2008-12-15 17:12 . 2008-12-15 17:15	<DIR>	d--------	h:\program files\Nokia2008-12-15 17:12 . 2008-12-15 17:12	<DIR>	d--------	h:\program files\Common Files\PCSuite2008-12-15 17:12 . 2008-12-15 17:12	<DIR>	d--------	h:\program files\Common Files\Nokia2008-12-15 17:12 . 2008-12-15 17:19	<DIR>	d--------	h:\documents and settings\Piotrek\Dane aplikacji\PC Suite2008-12-15 17:12 . 2008-12-15 17:12	<DIR>	d--------	h:\documents and settings\All Users\Dane aplikacji\PC Suite2008-12-15 17:12 . 2008-12-15 17:12	<DIR>	d--------	h:\documents and settings\All Users\Dane aplikacji\Downloaded Installations2008-12-15 17:12 . 2006-03-24 08:32	127,488	--a------	h:\windows\system32\drivers\nmwcd.sys2008-12-15 17:12 . 2006-03-24 08:31	48,128	--a------	h:\windows\system32\nmwcdcls.dll2008-12-15 17:12 . 2006-03-24 08:32	31,232	--a------	h:\windows\system32\nmwcdcocls.dll2008-12-15 17:12 . 2006-03-24 08:32	13,312	--a------	h:\windows\system32\drivers\nmwcdcm.sys2008-12-15 17:12 . 2006-03-24 08:32	13,312	--a------	h:\windows\system32\drivers\nmwcdcj.sys2008-12-15 17:12 . 2006-03-24 08:32	8,704	--a------	h:\windows\system32\drivers\nmwcdc.sys2008-12-15 17:12 . 2006-03-24 08:31	4,608	--a------	h:\windows\system32\nmwcdlog.dll2008-12-15 11:22 . 2004-01-12 00:00	348,160	--a------	h:\windows\system\msvcr71.dll2008-12-15 11:03 . 2008-12-15 11:07	<DIR>	d--------	h:\program files\SkanerOnline2008-12-13 23:13 . 2008-12-17 21:44	<DIR>	d--h-----	h:\documents and settings\Administrator\Ustawienia lokalne2008-12-13 23:13 . 2008-11-01 14:41	<DIR>	d--------	h:\documents and settings\Administrator\Ulubione2008-12-13 23:13 . 2008-11-01 13:57	<DIR>	d--h-----	h:\documents and settings\Administrator\Szablony2008-12-13 23:13 . 2008-11-01 14:41	<DIR>	d--------	h:\documents and settings\Administrator\Pulpit2008-12-13 23:13 . 2008-11-01 14:41	<DIR>	d--------	h:\documents and settings\Administrator\Moje dokumenty2008-12-13 23:13 . 2008-11-01 14:41	<DIR>	dr-------	h:\documents and settings\Administrator\Menu Start2008-12-13 23:13 . 2008-11-01 14:41	<DIR>	dr-h-----	h:\documents and settings\Administrator\Dane aplikacji2008-12-13 23:13 . 2008-12-13 23:13	<DIR>	d--------	h:\documents and settings\Administrator2008-12-12 23:29 . 2008-12-12 23:29	<DIR>	d--------	h:\documents and settings\Piotrek\Dane aplikacji\Windows Search2008-12-12 22:47 . 2008-12-12 22:47	3,751,995	--a------	h:\windows\system32\GPhotos.scr2008-12-12 17:05 . 2008-07-10 02:49	50,200	--a------	h:\windows\system32\perf-ReportServer-rsctr.dll2008-12-12 17:01 . 2008-07-10 10:49	50,200	--a------	h:\windows\system32\perf-SQLSERVERAGENT-sqlagtctr10.0.1600.22.dll2008-12-12 17:00 . 2008-07-10 10:49	79,896	--a------	h:\windows\system32\perf-MSSQLSERVER-sqlctr10.0.1600.22.dll2008-12-12 16:52 . 2008-12-12 16:52	<DIR>	d--------	h:\program files\Common Files\Merge Modules2008-12-12 16:46 . 2008-12-12 16:46	<DIR>	d--------	h:\program files\Microsoft Synchronization Services2008-12-12 16:46 . 2008-12-12 16:46	<DIR>	d--------	h:\program files\Microsoft SDKs2008-12-12 16:44 . 2008-12-12 16:44	<DIR>	d--------	h:\program files\Microsoft Analysis Services2008-12-12 16:42 . 2008-12-12 16:42	<DIR>	d--------	h:\windows\system32\RsFx2008-12-12 16:42 . 2008-12-12 16:42	<DIR>	d--------	h:\program files\Microsoft Sync Framework2008-12-12 16:40 . 2008-12-12 16:40	<DIR>	d--------	h:\program files\Microsoft SQL Server Compact Edition2008-12-12 16:39 . 2008-12-12 16:53	<DIR>	d--------	h:\program files\Microsoft Visual Studio 9.02008-12-12 16:25 . 2008-12-12 16:25	<DIR>	d--------	h:\program files\MSXML 6.02008-12-12 16:02 . 2006-06-29 13:07	14,048	---------	h:\windows\system32\spmsg2.dll2008-12-12 15:59 . 2008-12-12 16:01	<DIR>	d--------	h:\windows\system32\XPSViewer2008-12-12 15:59 . 2008-12-12 15:59	<DIR>	d--------	h:\program files\Reference Assemblies2008-12-12 15:59 . 2008-12-12 15:59	<DIR>	d--------	H:\433bdd2d99b877036472e83e2008-12-12 15:59 . 2008-07-06 13:06	1,676,288	---------	h:\windows\system32\xpssvcs.dll2008-12-12 15:59 . 2008-07-06 13:06	1,676,288	-----c---	h:\windows\system32\dllcache\xpssvcs.dll2008-12-12 15:59 . 2008-07-06 11:50	597,504	-----c---	h:\windows\system32\dllcache\printfilterpipelinesvc.exe2008-12-12 15:59 . 2008-07-06 13:06	575,488	---------	h:\windows\system32\xpsshhdr.dll2008-12-12 15:59 . 2008-07-06 13:06	575,488	-----c---	h:\windows\system32\dllcache\xpsshhdr.dll2008-12-12 15:59 . 2008-07-06 13:06	117,760	---------	h:\windows\system32\prntvpt.dll2008-12-12 15:59 . 2008-07-06 13:06	89,088	-----c---	h:\windows\system32\dllcache\filterpipelineprintproc.dll2008-12-11 23:59 . 2008-12-12 00:54	1,471	-rah-----	h:\windows\EPMBatch.ept2008-12-11 23:58 . 2008-12-11 23:58	<DIR>	d--------	h:\program files\EASEUS2008-12-11 23:50 . 2008-12-11 23:50	<DIR>	d--------	H:\Dev-Cpp2008-12-11 10:54 . 2008-12-11 10:54	<DIR>	d--------	h:\program files\Common Files\DirectX2008-12-11 08:39 . 2008-12-12 16:45	<DIR>	d--------	h:\program files\Microsoft SQL Server2008-12-10 22:07 . 2008-04-14 22:50	159,232	--a------	h:\windows\system32\ptpusd.dll2008-12-10 22:07 . 2008-04-14 00:15	15,104	--a------	h:\windows\system32\drivers\usbscan.sys2008-12-10 22:07 . 2008-04-14 00:15	15,104	--a--c---	h:\windows\system32\dllcache\usbscan.sys2008-12-10 22:07 . 2001-10-26 17:29	5,632	--a------	h:\windows\system32\ptpusb.dll2008-12-08 19:51 . 2008-12-08 19:51	<DIR>	d--------	h:\windows\system32\Futuremark2008-12-08 19:51 . 2008-12-08 19:51	<DIR>	d--------	h:\program files\Futuremark2008-12-08 19:51 . 2004-10-25 20:02	21,664	--a------	h:\windows\system32\drivers\Entech.sys2008-12-08 19:51 . 2001-11-19 18:05	3,972	---------	h:\windows\system32\drivers\PciBus.sys2008-12-08 19:41 . 2008-12-08 19:41	<DIR>	d--------	h:\program files\MadOnion.com2008-12-06 23:55 . 2008-12-07 15:29	<DIR>	d--------	h:\program files\ATITool2008-12-06 23:44 . 2008-12-06 23:44	<DIR>	d--------	h:\program files\RivaTuner v2.202008-12-06 01:18 . 2006-06-14 13:44	12,288	-ra------	h:\windows\system32\drivers\EIO_XP.sys2008-12-04 10:57 . 2008-12-04 10:57	<DIR>	d--------	h:\documents and settings\cubE\Dane aplikacji\Ahead2008-11-28 12:43 . 2005-05-04 13:39	94,208	--a------	h:\windows\system32\China.dll2008-11-25 22:15 . 2008-11-25 22:15	<DIR>	d--------	h:\documents and settings\cubE\Dane aplikacji\InstallShield2008-11-25 21:54 . 2008-11-25 21:57	<DIR>	d--------	h:\documents and settings\cubE\Dane aplikacji\Dev-Cpp2008-11-25 08:40 . 2008-11-25 08:39	410,976	--a------	h:\windows\system32\deploytk.dll2008-11-24 23:51 . 2008-04-14 00:15	10,624	--a------	h:\windows\system32\drivers\gameenum.sys2008-11-24 23:51 . 2008-04-14 00:15	10,624	--a--c---	h:\windows\system32\dllcache\gameenum.sys2008-11-24 22:48 . 2008-11-24 22:48	<DIR>	d--------	h:\documents and settings\cubE\Dane aplikacji\Leadertech2008-11-23 22:59 . 2008-10-10 04:52	4,379,984	--a------	h:\windows\system32\D3DX9_40.dll2008-11-23 22:59 . 2008-10-10 04:52	2,036,576	--a------	h:\windows\system32\D3DCompiler_40.dll2008-11-23 22:59 . 2008-10-27 10:04	514,384	--a------	h:\windows\system32\XAudio2_3.dll2008-11-23 22:59 . 2008-10-10 04:52	452,440	--a------	h:\windows\system32\d3dx10_40.dll2008-11-23 22:59 . 2008-10-27 10:04	235,856	--a------	h:\windows\system32\xactengine3_3.dll2008-11-23 22:59 . 2008-10-27 10:04	70,992	--a------	h:\windows\system32\XAPOFX1_2.dll2008-11-23 22:59 . 2008-10-27 10:04	23,376	--a------	h:\windows\system32\X3DAudio1_5.dll2008-11-17 23:31 . 2008-11-17 23:32	<DIR>	d--------	h:\documents and settings\Piotrek\Dane aplikacji\BESTplayer2008-11-17 16:07 . 2008-11-17 16:07	<DIR>	d--------	h:\documents and settings\Piotrek\Dane aplikacji\Media Player Classic2008-11-17 16:07 . 2008-11-17 16:07	<DIR>	d--------	h:\documents and settings\Piotrek\Dane aplikacji\DivX.((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   )))))))))))))))))))))))))))))))))))))))))))))))))))).2008-12-17 20:45	---------	d-----w	h:\program files\SpeedFan2008-12-17 20:34	---------	d-----w	h:\documents and settings\Piotrek\Dane aplikacji\Azureus2008-12-17 13:19	201,440	----a-w	h:\windows\system32\PnkBstrB.exe2008-12-17 13:19	138,512	----a-w	h:\windows\system32\drivers\PnkBstrK.sys2008-12-16 23:25	---------	d-----w	h:\program files\Google2008-12-15 21:36	---------	d-----w	h:\documents and settings\All Users\Dane aplikacji\Spybot - Search & Destroy2008-12-15 20:35	---------	d-----w	h:\program files\lg_fwupdate2008-12-15 18:08	---------	d-----w	h:\program files\Vuze2008-12-14 18:25	---------	d-----w	h:\program files\Gadu-Gadu2008-12-12 22:28	---------	d-----w	h:\program files\Java2008-12-12 15:56	---------	d-----w	h:\documents and settings\All Users\Dane aplikacji\Microsoft Help2008-12-12 15:24	---------	d-----w	h:\program files\Microsoft.NET2008-12-12 14:59	---------	d-----w	h:\program files\MSBuild2008-12-12 10:45	---------	d-----w	h:\program files\NAPI-PROJEKT2008-12-12 10:45	---------	d-----w	h:\documents and settings\cubE\Dane aplikacji\uTorrent2008-12-11 22:43	---------	d-----w	h:\program files\Microsoft Bootvis2008-12-08 18:59	---------	d--h--w	h:\program files\InstallShield Installation Information2008-11-28 19:48	---------	d---a-w	h:\documents and settings\All Users\Dane aplikacji\TEMP2008-11-27 07:51	225,280	----a-w	h:\windows\system32\BootMan.exe2008-11-26 14:58	472,064	----a-w	h:\windows\system32\NTFSFormat.dll2008-11-26 14:55	65,536	----a-w	h:\windows\system32\FatCopy.dll2008-11-26 14:54	17,920	----a-w	h:\windows\system32\SectorCopy.dll2008-11-26 14:54	139,776	----a-w	h:\windows\system32\NTFSCopy.dll2008-11-26 14:52	86,016	----a-w	h:\windows\system32\ResizeNTFS.dll2008-11-26 14:51	93,184	----a-w	h:\windows\system32\Partition.dll2008-11-26 14:51	61,952	----a-w	h:\windows\system32\FatResizeMove.dll2008-11-26 14:51	45,568	----a-w	h:\windows\system32\FileSystemCheck.dll2008-11-26 14:50	180,736	----a-w	h:\windows\system32\DeviceManager.dll2008-11-26 14:49	86,528	----a-w	h:\windows\system32\NTFSLib.dll2008-11-26 14:49	31,744	----a-w	h:\windows\system32\FatLib.dll2008-11-26 14:49	22,016	----a-w	h:\windows\system32\FatFormat.dll2008-11-26 14:48	68,096	----a-w	h:\windows\system32\Device.dll2008-11-26 14:48	6,656	----a-w	h:\windows\system32\CallbackOperator.dll2008-11-26 14:48	24,576	----a-w	h:\windows\system32\NTFSFileSystemAnalyser.dll2008-11-26 14:48	21,504	----a-w	h:\windows\system32\Fixup.dll2008-11-26 14:48	14,848	----a-w	h:\windows\system32\FileSystemAnalyser.dll2008-11-26 14:48	10,752	----a-w	h:\windows\system32\DeviceAdapter.dll2008-11-26 14:47	25,088	----a-w	h:\windows\system32\FATFileSystemAnalyser.dll2008-11-26 12:45	66,872	----a-w	h:\windows\system32\PnkBstrA.exe2008-11-25 18:19	---------	d-----w	h:\documents and settings\cubE\Dane aplikacji\VSO2008-11-25 16:18	86,408	----a-w	h:\windows\system32\setupempdrv03.exe2008-11-25 16:18	8,704	----a-w	h:\windows\system32\epmntdrv.sys2008-11-25 16:18	3,072	----a-w	h:\windows\system32\EuGdiDrv.sys2008-11-25 16:18	14,848	----a-w	h:\windows\system32\EuEpmGdi.dll2008-11-17 22:04	---------	d-----w	h:\program files\Spybot - Search & Destroy2008-11-16 22:07	---------	d-----w	h:\program files\Dziobas Rar Player2008-11-16 20:07	---------	d-----w	h:\program files\UIU2008-11-13 17:51	107,888	----a-w	h:\windows\system32\CmdLineExt.dll2008-11-13 12:48	---------	d-----w	h:\documents and settings\Piotrek\Dane aplikacji\Winamp2008-11-10 14:38	---------	d-----w	h:\program files\IrfanView2008-11-10 13:37	---------	d-----w	h:\program files\WebSite PRO2008-11-09 15:20	---------	d-----w	h:\program files\Nvu2008-11-09 15:20	---------	d-----w	h:\documents and settings\Piotrek\Dane aplikacji\Nvu2008-11-08 19:58	---------	d-----w	h:\program files\Microsoft Baseline Security Analyzer 22008-11-08 19:08	---------	d-----w	h:\program files\Opera2008-11-08 14:39	---------	d-----w	h:\program files\Microsoft Works2008-11-08 14:36	---------	d-----w	h:\program files\Microsoft Visual Studio 82008-11-08 14:31	---------	d-----w	h:\program files\PowerISO2008-11-07 12:46	---------	d-----w	h:\program files\uTorrent2008-11-07 10:48	---------	d-----w	h:\program files\Common Files\InstallShield2008-11-07 10:48	---------	d-----w	h:\program files\Brother2008-11-07 10:45	---------	d-----w	h:\program files\ScanSoft2008-11-07 10:45	---------	d-----w	h:\program files\Common Files\ScanSoft Shared2008-11-07 10:45	---------	d-----w	h:\documents and settings\All Users\Dane aplikacji\ScanSoft2008-11-07 10:45	---------	d-----w	h:\documents and settings\All Users\Dane aplikacji\InstallShield2008-11-07 10:44	---------	d-----w	h:\documents and settings\All Users\Dane aplikacji\Brother2008-11-07 10:32	---------	d-----w	h:\documents and settings\All Users\Dane aplikacji\Azureus2008-11-07 10:28	---------	d-----w	h:\program files\OpenOffice.org 32008-11-06 18:33	---------	d-----w	h:\program files\VSO2008-11-06 09:05	---------	d-----w	h:\program files\MultiRes2008-11-06 09:04	472,576	----a-w	h:\windows\Radeon Omega Drivers v4.8.442 Uninstall.exe2008-11-06 09:04	---------	d-----w	h:\program files\Radeon Omega Drivers2008-11-05 13:17	---------	d-----w	h:\documents and settings\cubE\Dane aplikacji\Windows Search2008-11-02 12:26	---------	d-----w	h:\documents and settings\cubE\Dane aplikacji\Media Player Classic2008-11-02 11:53	---------	d-----w	h:\documents and settings\cubE\Dane aplikacji\CyberLink2008-11-02 11:53	---------	d-----w	h:\documents and settings\All Users\Dane aplikacji\CyberLink2008-11-01 21:03	---------	d-----w	h:\program files\Common Files\INCA Shared2008-11-01 20:11	---------	d-----w	h:\program files\CyberLink2008-11-01 19:58	---------	d-----w	h:\program files\Common Files\Ahead2008-11-01 19:57	---------	d-----w	h:\program files\Ahead2008-11-01 19:38	25,992	----a-w	h:\windows\system32\pgdfgsvc.exe2008-11-01 19:25	---------	d-----w	h:\program files\Winamp2008-11-01 19:25	---------	d-----w	h:\documents and settings\cubE\Dane aplikacji\Winamp2008-11-01 19:05	---------	d-----w	h:\documents and settings\cubE\Dane aplikacji\Talkback2008-11-01 15:16	---------	d-----w	h:\program files\Common Files\Adobe2008-11-01 15:11	---------	d-----w	h:\documents and settings\Piotrek\Dane aplikacji\OpenOffice.org2008-11-01 14:50	---------	d-----w	h:\documents and settings\Piotrek\Dane aplikacji\Talkback2008-11-01 14:48	---------	d-----w	h:\documents and settings\Piotrek\Dane aplikacji\Gadu-Gadu2008-11-01 14:41	63,966	----a-w	h:\windows\BricoPackUninst.cmd2008-11-01 14:41	6,112	----a-w	h:\windows\BricoPackFoldersDelete.cmd2008-11-01 14:41	219,648	----a-w	h:\windows\system32\uxtheme.dll2008-11-01 14:19	---------	d-----w	h:\program files\Windows Desktop Search2008-11-01 14:19	---------	d-----w	h:\documents and settings\cubE\Dane aplikacji\Windows Desktop Search2008-11-01 14:18	---------	d-----w	h:\program files\Windows Media Connect 22008-11-01 14:16	---------	d-----w	h:\documents and settings\cubE\Dane aplikacji\OpenOffice.org2008-11-01 13:41	---------	d-----w	h:\program files\Creative2008-11-01 13:35	472,576	----a-w	h:\windows\Nvidia Omega Drivers v2.169.21 Uninstall.exe2008-11-01 13:27	---------	d-----w	h:\program files\DAEMON Tools Lite2008-11-01 13:23	---------	d-----w	h:\program files\K-Lite Codec Pack2008-11-01 13:22	---------	d-----w	h:\program files\MarBit.(((((((((((((((((((((((((((((   snapshot@2008-12-16_19.06.41,96   ))))))))))))))))))))))))))))))))))))))))).+ 2008-10-17 01:03:34	3,593,216	-c----w	h:\windows\ie7updates\KB960714-IE7\mshtml.dll+ 2007-03-06 03:28:39	216,288	-c----w	h:\windows\ie7updates\KB960714-IE7\spuninst\spuninst.exe+ 2007-03-06 03:29:49	386,784	-c----w	h:\windows\ie7updates\KB960714-IE7\spuninst\updspapi.dll+ 2008-12-17 10:38:28	102,400	----a-r	h:\windows\Installer\{318AB667-3230-41B5-A617-CB3BF748D371}\iTunesIco.exe+ 2008-12-17 10:36:13	27,136	----a-r	h:\windows\Installer\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}\AppleSoftwareUpdateIco.exe+ 2008-12-17 10:37:36	86,016	----a-r	h:\windows\Installer\{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}\PrntWzrdIco.exe- 2008-10-17 01:03:34	3,593,216	-c--a-w	h:\windows\system32\dllcache\mshtml.dll+ 2008-12-13 06:39:17	3,593,216	-c--a-w	h:\windows\system32\dllcache\mshtml.dll+ 2008-08-29 09:18:58	87,336	----a-w	h:\windows\system32\dns-sd.exe+ 2008-08-29 08:53:50	61,440	----a-w	h:\windows\system32\dnssd.dll- 2007-03-07 23:51:00	43,528	------w	h:\windows\system32\drivers\PxHelp20.sys+ 2008-07-31 22:17:04	43,872	----a-w	h:\windows\system32\drivers\pxhelp20.sys+ 2008-04-17 12:12:54	107,368	-c--a-w	h:\windows\system32\DRVSTORE\GEARAspiWD_D213663B6381F01E45A131159A9DEFE018321CB3\x86\GEARAspi.dll+ 2008-04-17 12:12:54	15,464	-c--a-w	h:\windows\system32\DRVSTORE\GEARAspiWD_D213663B6381F01E45A131159A9DEFE018321CB3\x86\GEARAspiWDM.sys+ 2008-11-07 13:23:30	32,000	-c--a-w	h:\windows\system32\DRVSTORE\usbaapl_246F92BBD6449C86FC3F3F28C40D59AC1F69C558\usbaapl.sys- 2008-10-17 01:03:34	3,593,216	----a-w	h:\windows\system32\mshtml.dll+ 2008-12-13 06:39:17	3,593,216	----a-w	h:\windows\system32\mshtml.dll- 2007-03-07 23:51:00	547,576	------w	h:\windows\system32\px.dll+ 2008-07-31 22:17:04	588,272	------w	h:\windows\system32\px.dll- 2007-03-07 23:51:00	510,712	------w	h:\windows\system32\pxdrv.dll+ 2008-07-31 22:17:04	543,216	------w	h:\windows\system32\pxdrv.dll- 2007-03-07 23:51:00	72,440	------w	h:\windows\system32\pxhpinst.exe+ 2008-07-31 22:17:04	72,176	------w	h:\windows\system32\pxhpinst.exe- 2007-03-07 23:51:00	187,128	------w	h:\windows\system32\pxmas.dll+ 2008-07-31 22:17:04	186,864	------w	h:\windows\system32\pxmas.dll- 2007-03-07 23:51:00	379,640	------w	h:\windows\system32\pxwave.dll+ 2008-07-31 22:17:04	379,376	------w	h:\windows\system32\pxwave.dll- 2007-03-07 23:51:00	39,672	------w	h:\windows\system32\vxblock.dll+ 2008-07-31 22:17:04	88,560	------w	h:\windows\system32\vxblock.dll.(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))..*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Gadu-Gadu"="h:\program files\Gadu-Gadu\gg.exe" [2008-11-01 2131392]"UberIcon"="h:\windows\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe" [2006-05-21 180224]"DAEMON Tools Lite"="h:\program files\DAEMON Tools Lite\daemon.exe" [2008-07-24 490952][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"avgnt"="h:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]"HD Tune"="h:\progra~1\HDTUNE~1\HDTune.exe" [2008-02-09 401408]"RivaTunerStartupDaemon"="h:\program files\RivaTuner v2.20\RivaTuner.exe" [2008-11-19 2727936]"QuickTime Task"="h:\program files\QuickTime\QTTask.exe" [2008-11-04 413696]"iTunesHelper"="h:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]"SbUsb AudCtrl"="sbusbdll.dll" [2005-05-26 h:\windows\system32\sbusbdll.dll]h:\documents and settings\cubE\Menu Start\Programy\Autostart\RivaTuner.lnk - h:\program files\RivaTuner v2.20\RivaTuner.exe [2008-11-19 2727936]Skr˘t do taskmgr.lnk - h:\windows\system32\taskmgr.exe [2008-04-15 185856]SpeedFan.lnk - h:\program files\SpeedFan\speedfan.exe [2008-11-21 3835904]TransBar.lnk - h:\windows\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [2005-06-01 65536]UberIcon.lnk - h:\windows\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [2006-05-21 180224][hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "h:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128][HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter2.0]--------- 2005-05-17 17:42 933888 h:\program files\Brother\ControlCenter2\brctrcen.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]--a------ 2007-08-24 07:00 33648 h:\program files\Microsoft Office\Office12\GrooveMonitor.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]--a------ 2006-04-26 08:29 237568 h:\progra~1\Nokia\NOKIAP~1\LAUNCH~1.EXE[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetDefPrt]--------- 2005-01-26 18:02 49152 h:\program files\Brother\Brmfl05a\BrStDvPt.exe[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\Network Diagnostic\\xpnetdiag.exe"="h:\\Program Files\\Gadu-Gadu\\gg.exe"="g:\\Wolfenstein - Enemy Territory\\ET.exe"="h:\\Program Files\\Vuze\\Azureus.exe"="h:\\Program Files\\Opera\\opera.exe"="h:\\Program Files\\uTorrent\\uTorrent.exe"="h:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="h:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"="h:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"="g:\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\XR_3DA.exe"="g:\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\dedicated\\XR_3DA.exe"="g:\\KalOnlineEngTest\\KalOnline.exe"="h:\\WINDOWS\\system32\\sessmgr.exe"="h:\\Program Files\\Bonjour\\mDNSResponder.exe"="h:\\Program Files\\iTunes\\iTunes.exe"="h:\\Program Files\\Skype\\Phone\\Skype.exe"=R?2 ReportServer;SQL Server Reporting Services (MSSQLSERVER);"h:\program files\Microsoft SQL Server\MSRS10.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe" [2008-07-10 1106968]R1 EIO_XP;EIO_XP;\??\h:\windows\system32\drivers\EIO_XP.sys [2008-12-06 12288]R2 MsDtsServer100;SQL Server Integration Services 10.0;"h:\program files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe" [2008-07-10 218136]R3 sbusb;Sound Blaster USB Audio Driver;h:\windows\system32\DRIVERS\sbusb.sys [2008-11-01 1694592]S3 epmntdrv;epmntdrv;\??\h:\windows\system32\epmntdrv.sys [2008-12-11 8704]S3 EuGdiDrv;EuGdiDrv;\??\h:\windows\system32\EuGdiDrv.sys [2008-12-11 3072]S4 MSSQLFDLauncher;SQL Full-text Filter Daemon Launcher (MSSQLSERVER);"h:\program files\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe" -s MSSQL10.MSSQLSERVER [2008-07-10 31256]S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;"h:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE" [2008-07-10 47128]S4 RsFx0102;RsFx0102 Driver;h:\windows\system32\DRIVERS\RsFx0102.sys [2008-07-10 242712].Zawartość folderu 'Zaplanowane zadania'2008-12-17 h:\windows\Tasks\AppleSoftwareUpdate.job- h:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]..------- Skan uzupełniający -------.uStart Page = about:blankIE: Add to Google Photos Screensa&ver - h:\windows\system32\GPhotos.scr/200IE: E&xport to Microsoft Excel - h:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000h:\windows\system32\SkanerOnlineUninstall.exe - h:\windows\system32\SkanerOnline.dllO16 -: {68282C51-9459-467B-95BF-3C0E89627E55}hxxp://www.mks.com.pl/skaner/SkanerOnline.cabh:\windows\Downloaded Program Files\SkanerOnline.infh:\windows\system32\ZemiDetectHardware.ocx - O16 -: {C9A2CBF3-B7F9-463E-A690-82CC077DCFC6}hxxp://www.4story.com/Active_X/ZemiDetectHardware.cabh:\windows\Downloaded Program Files\ZemiDetectHardware.infFF - ProfilePath - h:\documents and settings\cubE\Dane aplikacji\Mozilla\Firefox\Profiles\p8q0tqil.default\FF - prefs.js: network.proxy.type - 2FF - plugin: h:\program files\Opera\program\plugins\NPOFF12.DLL.**************************************************************************catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2008-12-17 21:45:36Windows 5.1.2600 Dodatek Service Pack 3 NTFSskanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ...skanowanie ukrytych plików ... skanowanie pomyślnie ukończoneukryte pliki: 0**************************************************************************.--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------- - - - - - - > 'winlogon.exe'(588)h:\windows\system32\Ati2evxx.dll- - - - - - - > 'lsass.exe'(644)h:\windows\system32\scecli.dll.------------------------ Pozostałe uruchomione procesy ------------------------.h:\windows\system32\ati2evxx.exeh:\windows\system32\ati2evxx.exeh:\windows\system32\brss01a.exeh:\program files\Avira\AntiVir PersonalEdition Classic\sched.exeh:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exeh:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeh:\program files\Bonjour\mDNSResponder.exeh:\program files\Java\jre6\bin\jqs.exeh:\windows\system32\rundll32.exeh:\program files\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\Binn\sqlservr.exeh:\program files\Microsoft SQL Server\MSAS10.MSSQLSERVER\OLAP\bin\msmdsrv.exeh:\windows\system32\PnkBstrA.exeh:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exeh:\program files\iPod\bin\iPodService.exeh:\program files\Microsoft Visual Studio 9.0\Common7\IDE\devenv.exe.**************************************************************************.Czas ukończenia: 2008-12-17 21:49:32 - komputer został uruchomiony ponownieComboFix-quarantined-files.txt  2008-12-17 20:49:29ComboFix2.txt  2008-12-16 18:07:07Przed: 50 283 679 744 bajtów wolnychPo: 50,485,477,376 bajtów wolnych381	--- E O F ---	2008-12-17 20:35:15
Malwarebytes' Anti-Malware 1.31Wersja bazy definicji: 1512Windows 5.1.2600 Dodatek Service Pack 32008-12-18 01:08:57mbam-log-2008-12-18 (01-08-57).txtTyp skanowania: Pełne skanowanie (C:\|D:\|E:\|F:\|G:\|H:\|I:\|)Przeskanowane obiekty: 187184Upłynęło: 55 minute(s), 33 second(s)Zainfekowane procesy w pamięci: 0Zainfekowane moduły pamięci: 0Zainfekowane klucze rejestru: 0Zainfekowane wartości rejestru: 0Zainfekowane pliki rejestru: 0Zainfekowane foldery: 0Zainfekowane pliki: 0Zainfekowane procesy w pamięci:(Nie wykryto groźnych plików)Zainfekowane moduły pamięci:(Nie wykryto groźnych plików)Zainfekowane klucze rejestru:(Nie wykryto groźnych plików)Zainfekowane wartości rejestru:(Nie wykryto groźnych plików)Zainfekowane pliki rejestru:(Nie wykryto groźnych plików)Zainfekowane foldery:(Nie wykryto groźnych plików)Zainfekowane pliki:(Nie wykryto groźnych plików)
Gość
komentarz
komentarz

Wywal ten folder ---> H:\433bdd2d99b877036472e83e

To wszystko. :)

cubEE18
komentarz
komentarz
Wywal ten folder ---> H:\433bdd2d99b877036472e83e

To wszystko. :)

to nie takie łatwe bo nie mam dostępu zeby go usunąć

Mateusz J.
komentarz
komentarz

Ja bym ten folder zostawił w spokoju.

Nie wygląda on na szkodliwy.

cubEE18
komentarz
komentarz
Ja bym ten folder zostawił w spokoju.

Nie wygląda on na szkodliwy.

fileASSASINEM usunąłem wszystkie pliki z niego, ale samego folderu i podfolderów usunąć nie mogę

EDIT:

problem z zaporą nadal jest..

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.