[log] manager urzaden nie dziala, heur.w32

**Posty:** 8 · przez **Yadziah** 18 Maj 2009, 18:35

Witam,
Nie widze managera urzadzen, komputer mi strasznie wolno chodzi...
Zrobilem co bylo opisane w innych tematach(http://forum.programosy.pl/bad-generic-host-process-for-win32-services-vt79489.html, czyli zablokowalem porty, zrobilem tez logi :

Kod: Zaznacz wszystko: [b]SDFix: Version 1.240 [/b] Run by Jakub on 2009-05-18 at 00:31 Microsoft Windows XP [Wersja 5.1.2600] Running From: C:\SDFix [b]Checking Services [/b]: Restoring Default Security Values Restoring Default Hosts File Rebooting [b]Checking Files [/b]: No Trojan Files Found Removing Temp Files [b]ADS Check [/b]: [b]Final Check [/b]: catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-05-18 00:36:22 Windows 5.1.2600 Dodatek Service Pack 3 NTFS scanning hidden processes ... scanning hidden services & system hive ... scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 [b]Remaining Services [/b]: Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Tlen.pl\\tlen.exe"="C:\\Program Files\\Tlen.pl\\tlen.exe:*:Enabled:ipsec" "E:\\Program Files\\BitLord\\BitLord.exe"="E:\\Program Files\\BitLord\\BitLord.exe:*:Enabled:ipsec" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "E:\\Program Files\\DC++\\DCPlusPlus.exe"="E:\\Program Files\\DC++\\DCPlusPlus.exe:*:Enabled:ipsec" "C:\\Program Files\\SopCast\\SopCast.exe"="C:\\Program Files\\SopCast\\SopCast.exe:*:Enabled:SopCast Main Application" "C:\\Program Files\\SopCast\\adv\\SopAdver.exe"="C:\\Program Files\\SopCast\\adv\\SopAdver.exe:*:Enabled:SopCast Adver" "C:\\Program Files\\Adobe\\Reader 9.0\\Reader\\AcroRd32Info.exe"="C:\\Program Files\\Adobe\\Reader 9.0\\Reader\\AcroRd32Info.exe:*:Enabled:ipsec" "C:\\Program Files\\Java\\jre6\\bin\\jqsnotify.exe"="C:\\Program Files\\Java\\jre6\\bin\\jqsnotify.exe:*:Enabled:ipsec" "C:\\Program Files\\Analog Devices\\SoundMAX\\Smax4.exe"="C:\\Program Files\\Analog Devices\\SoundMAX\\Smax4.exe:*:Enabled:ipsec" "C:\\Program Files\\Analog Devices\\Core\\smax4pnp.exe"="C:\\Program Files\\Analog Devices\\Core\\smax4pnp.exe:*:Enabled:ipsec" "C:\\WINDOWS\\system32\\igfxtray.exe"="C:\\WINDOWS\\system32\\igfxtray.exe:*:Enabled:ipsec" "C:\\WINDOWS\\system32\\hkcmd.exe"="C:\\WINDOWS\\system32\\hkcmd.exe:*:Enabled:ipsec" "C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour" "C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes" "C:\\ComboFix\\NirCmd.cfexe"="C:\\ComboFix\\NirCmd.cfexe:*:Enabled:ipsec" "C:\\DOCUME~1\\Jakub\\USTAWI~1\\Temp\\jgmn.exe"="C:\\DOCUME~1\\Jakub\\USTAWI~1\\Temp\\jgmn.exe:*:Enabled:ipsec" "C:\\DOCUME~1\\Jakub\\USTAWI~1\\Temp\\winpljrhm.exe"="C:\\DOCUME~1\\Jakub\\USTAWI~1\\Temp\\winpljrhm.exe:*:Enabled:ipsec" "C:\\Documents and Settings\\Jakub\\Pulpit\\wwdc_[www.programosy.pl].exe"="C:\\Documents and Settings\\Jakub\\Pulpit\\wwdc_[www.programosy.pl].exe:*:Enabled:ipsec" "C:\\DOCUME~1\\Jakub\\USTAWI~1\\Temp\\ixdm.exe"="C:\\DOCUME~1\\Jakub\\USTAWI~1\\Temp\\ixdm.exe:*:Enabled:ipsec" "C:\\DOCUME~1\\Jakub\\USTAWI~1\\Temp\\winerpqu.exe"="C:\\DOCUME~1\\Jakub\\USTAWI~1\\Temp\\winerpqu.exe:*:Enabled:ipsec" "C:\\WINDOWS\\Explorer.EXE"="C:\\WINDOWS\\Explorer.EXE:*:Enabled:ipsec" "C:\\DOCUME~1\\Jakub\\USTAWI~1\\Temp\\winhymv.exe"="C:\\DOCUME~1\\Jakub\\USTAWI~1\\Temp\\winhymv.exe:*:Enabled:ipsec" "C:\\DOCUME~1\\Jakub\\USTAWI~1\\Temp\\winftmpig.exe"="C:\\DOCUME~1\\Jakub\\USTAWI~1\\Temp\\winftmpig.exe:*:Enabled:ipsec" "C:\\DOCUME~1\\Jakub\\USTAWI~1\\Temp\\xgcdye.exe"="C:\\DOCUME~1\\Jakub\\USTAWI~1\\Temp\\xgcdye.exe:*:Enabled:ipsec" "C:\\DOCUME~1\\Jakub\\USTAWI~1\\Temp\\winsuwu.exe"="C:\\DOCUME~1\\Jakub\\USTAWI~1\\Temp\\winsuwu.exe:*:Enabled:ipsec" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" [b]Remaining Files [/b]: [b]Files with Hidden Attributes [/b]: [b]Finished![/b]

Kod: Zaznacz wszystko: OTListIt logfile created on: 2009-05-18 18:15:53 - Run 3 OTListIt2 by OldTimer - Version 2.0.15.8 Folder = C:\Documents and Settings\Jakub\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 503,36 Mb Total Physical Memory | 188,81 Mb Available Physical Memory | 37,51% Memory free 1,20 Gb Paging File | 0,94 Gb Available in Paging File | 77,99% Paging File free Paging file location(s): C:\pagefile.sys 756 1512 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 19,53 Gb Total Space | 3,38 Gb Free Space | 17,29% Space Free | Partition Type: NTFS Drive D: | 19,53 Gb Total Space | 3,29 Gb Free Space | 16,85% Space Free | Partition Type: NTFS Drive E: | 16,83 Gb Total Space | 1,02 Gb Free Space | 6,04% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: HP-78B7388B315D Current User Name: Jakub Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Output = Standard File Age = 30 Days Company Name Whitelist: On [color=orange]========== Processes (SafeList) ==========[/color] PRC - [2009-03-26 15:31:20 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe PRC - [2008-12-12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe PRC - [2009-04-06 21:47:16 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2005-01-28 13:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe PRC - [2008-04-14 19:21:16 | 01,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE PRC - [2009-03-09 17:49:18 | 00,037,888 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe PRC - [2009-04-21 15:37:30 | 00,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe PRC - [2006-03-31 16:01:48 | 00,831,578 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe PRC - [2009-04-06 21:47:16 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe PRC - [2007-01-05 17:36:48 | 00,872,448 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe PRC - [2009-04-02 16:11:02 | 00,416,040 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe PRC - [2006-06-06 10:09:58 | 00,176,128 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxtray.exe PRC - [2006-06-06 10:10:40 | 00,188,416 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxpers.exe PRC - [2006-06-06 10:06:44 | 00,151,552 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe PRC - [2005-12-12 15:00:46 | 00,088,203 | ---- | M] (Agere Systems) -- C:\WINDOWS\AGRSMMSG.exe PRC - [2009-04-02 16:10:56 | 00,656,168 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe PRC - [2009-05-18 17:55:28 | 00,010,240 | ---- | M] () -- C:\Documents and Settings\Jakub\Ustawienia lokalne\temp\dawqi.exe PRC - [2008-05-27 23:17:49 | 00,003,584 | ---- | M] () -- C:\Documents and Settings\Jakub\Pulpit\SmitfraudFix\Policies.exe PRC - [2009-01-17 16:48:08 | 05,853,672 | ---- | M] (o2.pl Sp. z o.o.) -- C:\Program Files\Tlen.pl\tlen.exe PRC - [2009-04-28 22:25:57 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2009-05-18 00:08:16 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jakub\Pulpit\OTListIt2.exe [color=orange]========== Win32 Services (SafeList) ==========[/color] SRV - [2009-03-26 15:31:20 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running]) SRV - [2008-12-12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running]) SRV - [2008-04-14 19:20:44 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running]) SRV - [2009-04-02 16:10:56 | 00,656,168 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running]) SRV - [2009-04-06 21:47:16 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running]) SRV - [2005-01-28 13:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe -- (UMWdf [Auto | Running]) [color=orange]========== Driver Services (SafeList) ==========[/color] DRV - [2007-10-01 13:27:40 | 00,281,600 | ---- | M] (Analog Devices, Inc.) -- C:\WINDOWS\system32\drivers\ADIHdAud.sys -- (ADIHdAudAddService [On_Demand | Running]) DRV - [2007-07-13 10:26:12 | 00,094,976 | ---- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\system32\drivers\AEAudio.sys -- (AEAudio [On_Demand | Running]) DRV - [2005-12-12 15:00:46 | 01,120,352 | ---- | M] (Agere Systems) -- C:\WINDOWS\system32\DRIVERS\AGRSM.sys -- (AgereSoftModem [On_Demand | Running]) DRV - [2006-04-28 17:12:40 | 00,429,184 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\system32\DRIVERS\bcmwl5.sys -- (BCM43XX [On_Demand | Running]) DRV - [2005-08-05 11:33:56 | 00,045,312 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys -- (bcm4sbxp [On_Demand | Running]) DRV - [2009-03-19 16:32:48 | 00,023,400 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running]) DRV - [2008-04-13 18:36:05 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running]) DRV - [2006-06-06 10:32:54 | 01,168,860 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\ialmnt5.sys -- (ialm [On_Demand | Running]) DRV - [2001-08-17 23:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running]) DRV - [2008-08-20 19:58:58 | 00,044,944 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running]) DRV - [2008-04-13 18:39:16 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped]) DRV - [2006-03-31 15:41:40 | 00,193,056 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\DRIVERS\SynTP.sys -- (SynTP [On_Demand | Running]) DRV - File not found -- -- (dac970nt [On_Demand | Running]) [color=orange]========== Standard Registry (SafeList) ==========[/color] [color=orange]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1659004503-861567501-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKU\S-1-5-21-1659004503-861567501-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\S-1-5-21-1659004503-861567501-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-1659004503-861567501-839522115-1003\S-1-5-21-1659004503-861567501-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1659004503-861567501-839522115-1003\S-1-5-21-1659004503-861567501-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=orange]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.10 FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009-04-06 21:47:17 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009-05-08 09:40:35 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009-05-13 22:42:22 | 00,000,000 | ---D | M] [2009-04-06 21:26:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jakub\Dane aplikacji\mozilla\Extensions [2009-04-06 21:26:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jakub\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009-04-07 06:28:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jakub\Dane aplikacji\mozilla\Firefox\Profiles\dli59swq.default\extensions [2009-05-17 17:53:21 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions [2009-04-28 22:26:03 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2009-04-06 21:47:26 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} [2009-04-28 22:25:56 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll [2009-04-28 22:25:57 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll [2006-06-03 18:43:22 | 00,000,896 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2008-04-03 19:19:08 | 00,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2008-04-16 06:08:20 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml [2007-03-31 19:11:54 | 00,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2006-06-03 18:43:22 | 00,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2008-03-28 23:36:04 | 00,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2007-01-05 13:40:56 | 00,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) O4 - HKLM..\Run: [AGRSMMSG] AGRSMMSG.exe (Agere Systems) O4 - HKLM..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation) O4 - HKLM..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation) O4 - HKLM..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation) O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.) O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Inc.) O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.) O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.) O4 - HKLM..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot (RealNetworks, Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1659004503-861567501-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1659004503-861567501-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-1659004503-861567501-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-1659004503-861567501-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1 O7 - HKU\S-1-5-21-1659004503-861567501-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1 O7 - HKU\S-1-5-21-1659004503-861567501-839522115-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} https://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB (Hewlett-Packard Online Support Services) O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class) O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab (GMNRev Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\system32\igfxdev.dll (Intel Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-04-06 19:41:01 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - * [2009-05-18 18:14:56 | 00,000,000 | ---D | M] [color=orange]========== Files/Folders - Created Within 30 Days ==========[/color] [1 C:\WINDOWS\System32\*.tmp files] [4 C:\WINDOWS\*.tmp files] [2009-05-18 18:10:54 | 00,000,000 | -HSD | C] -- C:\RECYCLER [2009-05-18 00:53:22 | 00,002,502 | ---- | C] () -- C:\WINDOWS\System32\tmp.reg [2009-05-18 00:52:53 | 00,289,144 | ---- | C] (S!Ri) -- C:\WINDOWS\System32\VCCLSID.exe [2009-05-18 00:52:53 | 00,288,417 | ---- | C] (S!Ri) -- C:\WINDOWS\System32\SrchSTS.exe [2009-05-18 00:52:53 | 00,135,168 | ---- | C] (SteelWerX) -- C:\WINDOWS\System32\swreg.exe [2009-05-18 00:52:53 | 00,087,552 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\VACFix.exe [2009-05-18 00:52:53 | 00,082,944 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\IEDFix.exe [2009-05-18 00:52:53 | 00,082,944 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\IEDFix.C.exe [2009-05-18 00:52:53 | 00,082,432 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\404Fix.exe [2009-05-18 00:52:53 | 00,080,384 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\o4Patch.exe [2009-05-18 00:52:53 | 00,079,360 | ---- | C] (SteelWerX) -- C:\WINDOWS\System32\swxcacls.exe [2009-05-18 00:52:53 | 00,078,336 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\Agent.OMZ.Fix.exe [2009-05-18 00:52:53 | 00,075,776 | ---- | C] () -- C:\WINDOWS\System32\WS2Fix.exe [2009-05-18 00:52:53 | 00,053,248 | ---- | C] (http://www.beyondlogic.org) -- C:\WINDOWS\System32\Process.exe [2009-05-18 00:52:53 | 00,051,200 | ---- | C] () -- C:\WINDOWS\System32\dumphive.exe [2009-05-18 00:52:53 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\swsc.exe [2009-05-18 00:52:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jakub\Pulpit\SmitfraudFix [2009-05-18 00:52:20 | 01,961,486 | ---- | C] () -- C:\Documents and Settings\Jakub\Pulpit\SmitfraudFix.exe [2009-05-18 00:48:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jakub\Ustawienia lokalne\temp [2009-05-18 00:35:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jakub\Dane aplikacji\WinRAR [2009-05-18 00:30:46 | 00,580,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\user32.dll [2009-05-18 00:29:32 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERUNT [2009-05-18 00:22:27 | 00,000,000 | ---D | C] -- C:\WINDOWS\pss [2009-05-18 00:08:15 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jakub\Pulpit\OTListIt2.exe [2009-05-18 00:02:15 | 00,000,000 | ---D | C] -- C:\SDFix [2009-05-18 00:01:12 | 01,607,065 | ---- | C] () -- C:\Documents and Settings\Jakub\Pulpit\SDFix.exe [2009-05-17 23:30:22 | 00,000,321 | ---- | C] () -- C:\Boot.bak [2009-05-17 23:30:17 | 00,262,400 | ---- | C] () -- C:\cmldr [2009-05-17 23:30:16 | 00,000,000 | RHSD | C] -- C:\cmdcons [2009-05-17 23:29:00 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2009-05-17 23:29:00 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2009-05-17 23:29:00 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2009-05-17 23:29:00 | 00,117,248 | ---- | C] () -- C:\WINDOWS\vFind.exe [2009-05-17 23:29:00 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2009-05-17 23:29:00 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2009-05-17 23:29:00 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2009-05-17 23:28:53 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2009-05-17 23:28:41 | 00,000,000 | ---D | C] -- C:\Qoobox [2009-05-17 23:27:37 | 03,062,481 | R--- | C] () -- C:\Documents and Settings\Jakub\Pulpit\ComboFix.exe [2009-05-17 23:14:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jakub\Pulpit\36-Hypersona-(3SIXCD001)-2009-MAEM [2009-05-15 13:04:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jakub\Pulpit\X-Men.Origins.Wolverine.2009.WORKPRINT.XviD-NoGRP [2009-05-15 12:10:15 | 00,000,000 | ---D | C] -- C:\Program Files\Softwin [2009-05-15 11:27:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jakub\Pulpit\DNB Ripy [2009-05-15 01:45:22 | 00,000,666 | ---- | C] () -- C:\Documents and Settings\Jakub\Pulpit\SopCast.lnk [2009-05-14 17:19:06 | 08,246,400 | ---- | C] () -- C:\Documents and Settings\Jakub\Pulpit\T Dilla - The Deal.mp3 [2009-05-13 22:57:57 | 57,966,986 | ---- | C] () -- C:\Documents and Settings\Jakub\Pulpit\Kjaerhus.AIO(2).rar [2009-05-13 22:26:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles [2009-05-13 21:33:34 | 20,580,4628 | ---- | C] () -- C:\Documents and Settings\Jakub\Pulpit\do wydrukowania.rar [2009-05-13 21:25:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jakub\Pulpit\do wydrukowania [2009-05-13 20:09:49 | 10,666,601 | ---- | C] () -- C:\Documents and Settings\Jakub\Pulpit\Course.PTR.Cubase.SX.3.Ignite.eBook-LinG.rar [2009-05-13 19:45:08 | 13,635,061 | ---- | C] () -- C:\Documents and Settings\Jakub\Pulpit\Cubase_SX_3_Power_-_The_Complete_Guide.rar [2009-05-11 23:23:19 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Softwin [2009-05-11 23:16:45 | 22,101,692 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Jakub\Pulpit\bitdefender_free_v10.exe [2009-05-11 22:47:25 | 00,000,000 | ---D | C] -- C:\Program Files\SkanerOnline [2009-05-11 22:25:10 | 34,535,872 | ---- | C] () -- C:\Documents and Settings\Jakub\Pulpit\setuppol.exe [2009-05-11 15:05:39 | 32,579,71200 | ---- | C] () -- C:\Documents and Settings\Jakub\Pulpit\Tril0gI.nrg.bc! [2009-05-11 13:52:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jakub\Pulpit\Spectrasonics Trilogy [2009-05-11 13:19:14 | 00,000,000 | ---D | C] -- C:\Program Files\Native Instruments [2009-05-11 08:10:32 | 10,502,754 | ---- | C] () -- C:\Documents and Settings\Jakub\Pulpit\u mnie balagan.mp3 [2009-05-10 15:49:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jakub\Pulpit\Akala___Ms._Dynamite_-_A_Little_Darker [2009-05-10 12:42:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jakub\Pulpit\Temate_Henson%20-%20Miejski%20Styl%20Bycia2009 [2009-05-09 12:52:52 | 00,048,640 | ---- | C] () -- C:\Documents and Settings\Jakub\Pulpit\CV English - Tomasz Nidziński.doc [2009-05-09 12:52:42 | 00,052,224 | ---- | C] () -- C:\Documents and Settings\Jakub\Pulpit\CV Polskie - Tomasz Nidziński.doc [2009-05-09 12:41:52 | 00,000,243 | ---- | C] () -- C:\Documents and Settings\Jakub\Pulpit\znalezc w necie e books.rtf [2009-05-08 12:02:20 | 13,593,164 | ---- | C] () -- C:\Documents and Settings\Jakub\Pulpit\Nidxi - Absolution.mp3 [2009-05-08 11:56:17 | 11,138,917 | ---- | C] () -- C:\Documents and Settings\Jakub\Pulpit\01 Hipster Girl (Evol Intent Remix).mp3 [2009-05-08 11:34:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jakub\Pulpit\The Spirit[2008]DvDrip[Eng]-FXG [2009-05-08 09:44:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jakub\Pulpit\Roll Deep - Return Of The Big Money Sound 2008 [2009-05-07 23:13:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jakub\Pulpit\UGKMS [2009-05-07 15:46:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jakub\Pulpit\RHYMING EXERCISE [2009-05-07 00:21:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jakub\Dane aplikacji\Apple Computer [2009-05-07 00:21:02 | 00,000,000 | ---D | C] -- C:\Program Files\iPod [2009-05-07 00:20:56 | 00,000,000 | ---D | C] -- C:\Program Files\iTunes [2009-05-07 00:20:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} [2009-05-07 00:20:30 | 00,000,000 | ---D | C] -- C:\Program Files\Bonjour [2009-05-07 00:19:47 | 00,000,000 | ---D | C] -- C:\Program Files\QuickTime [2009-05-07 00:19:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Apple Computer [2009-05-07 00:18:59 | 00,000,000 | ---D | C] -- C:\Program Files\Apple Software Update [2009-05-07 00:18:43 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE [2009-05-07 00:18:29 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple [2009-05-07 00:18:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Apple [2009-05-06 23:48:42 | 03,412,428 | ---- | C] () -- C:\Documents and Settings\Jakub\Pulpit\RBS - Odadołaka.mp3 [2009-05-05 22:48:35 | 00,000,000 | -H-D | C] -- C:\WINDOWS\PIF [2009-05-05 18:35:28 | 27,153,602 | ---- | C] () -- C:\Documents and Settings\Jakub\Pulpit\Procession.wav [2009-05-05 16:59:12 | 10,436,9104 | ---- | C] () -- C:\Documents and Settings\Jakub\Pulpit\after the movie by kaczka.wmv [2009-05-03 23:14:50 | 17,246,595 | ---- | C] (Adobe Systems, Inc.) -- C:\Documents and Settings\Jakub\Pulpit\paradigme.exe [2009-05-02 14:16:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jakub\Pulpit\_2003__The_Love_Below [2009-05-02 13:36:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jakub\Moje dokumenty\Tlen.pl [2009-05-02 12:58:19 | 00,000,736 | ---- | C] () -- C:\Documents and Settings\Jakub\Pulpit\moduly sapa.rtf [2009-04-30 17:47:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jakub\Pulpit\UGK_-_Ridin_Dirty [2009-04-29 23:40:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jakub\Pulpit\Full Metal Alchemist [2009-04-26 22:57:32 | 04,065,938 | ---- | C] () -- C:\Documents and Settings\Jakub\Pulpit\pih -veni vidi vici to dla moich ludzi.mp31240780384_[mp3.teledyski.info].mp3 [2009-04-26 21:48:51 | 00,000,000 | ---D | C] -- C:\Program Files\SopCast [2009-04-25 20:09:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jakub\Pulpit\um preserve 2008_16bits wav tracks & cover [2009-04-24 22:25:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jakub\Pulpit\Ten_Typ_Mes-Zamach_Na_Przecietnosc-PL-2009-BFPMP3 [2009-04-24 08:48:06 | 00,026,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\USBSTOR.SYS [2009-04-24 08:48:06 | 00,026,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbstor.sys [2009-04-21 15:38:12 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Jakub\Moje dokumenty\Moje wideo [2009-04-21 15:37:42 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared [2009-04-21 15:37:31 | 00,499,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp71.dll [2009-04-21 15:37:31 | 00,348,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr71.dll [2009-04-21 15:37:31 | 00,278,528 | ---- | C] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll [2009-04-21 15:37:31 | 00,000,000 | ---D | C] -- C:\Program Files\Real [2009-04-21 15:37:29 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Real [2009-04-21 15:37:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jakub\Dane aplikacji\Real [2009-04-21 14:44:56 | 00,000,301 | ---- | C] () -- C:\Documents and Settings\Jakub\Pulpit\mbank.rtf [2009-04-20 22:15:49 | 03,774,592 | ---- | C] () -- C:\Documents and Settings\Jakub\Pulpit\MLp-Beat4Battle (Battle Scratch 38).mp3 [2009-04-20 22:06:56 | 25,162,0864 | ---- | C] () -- C:\Documents and Settings\Jakub\Pulpit\MarkEG-HydraulixParty-10-04-09-MASTER.mp3 [2009-04-20 22:06:38 | 54,129,051 | ---- | C] () -- C:\Documents and Settings\Jakub\Pulpit\B_SOUL_PERFECT_STORM_MIX.mp3 [2009-04-20 21:07:31 | 07,234,007 | ---- | C] (Macromedia, Inc.) -- C:\Documents and Settings\Jakub\Pulpit\The Repool Two By MLp.exe [2009-04-20 20:55:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jakub\Pulpit\Wiley-Grime_Wave-2008-RAGEMP3 [2009-04-18 19:40:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jakub\Dane aplikacji\DC++ [2009-04-09 18:32:37 | 00,000,206 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI [2008-01-14 16:47:06 | 00,099,712 | ---- | C] () -- C:\WINDOWS\HPBroker.dll [2001-07-22 00:16:20 | 00,000,477 | ---- | C] () -- C:\WINDOWS\win.ini [2001-07-22 00:15:52 | 00,000,282 | ---- | C] () -- C:\WINDOWS\system.ini [color=orange]========== Files - Modified Within 30 Days ==========[/color] [1 C:\WINDOWS\System32\*.tmp files] [4 C:\WINDOWS\*.tmp files] [2009-05-18 17:52:01 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Jakub\Ustawienia lokalne\desktop.ini [2009-05-18 17:46:10 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2009-05-18 17:46:09 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2009-05-18 00:53:22 | 00,002,502 | ---- | M] () -- C:\WINDOWS\System32\tmp.reg [2009-05-18 00:53:20 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2009-05-18 00:52:25 | 01,961,486 | ---- | M] () -- C:\Documents and Settings\Jakub\Pulpit\SmitfraudFix.exe [2009-05-18 00:45:00 | 00,000,282 | ---- | M] () -- C:\WINDOWS\system.ini [2009-05-18 00:38:32 | 00,000,477 | ---- | M] () -- C:\WINDOWS\win.ini [2009-05-18 00:38:32 | 00,000,391 | RHS- | M] () -- C:\boot.ini [2009-05-18 00:30:46 | 00,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\user32.dll [2009-05-18 00:08:16 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jakub\Pulpit\OTListIt2.exe [2009-05-18 00:01:18 | 01,607,065 | ---- | M] () -- C:\Documents and Settings\Jakub\Pulpit\SDFix.exe [2009-05-17 23:38:02 | 00,763,990 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2009-05-17 23:38:02 | 00,356,068 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2009-05-17 23:38:02 | 00,311,938 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2009-05-17 23:38:02 | 00,049,910 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2009-05-17 23:38:02 | 00,040,326 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2009-05-17 23:27:49 | 03,062,481 | R--- | M] () -- C:\Documents and Settings\Jakub\Pulpit\ComboFix.exe [2009-05-17 22:38:17 | 32,579,71200 | ---- | M] () -- C:\Documents and Settings\Jakub\Pulpit\Tril0gI.nrg.bc! [2009-05-17 17:37:58 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2009-05-15 01:45:22 | 00,000,666 | ---- | M] () -- C:\Documents and Settings\Jakub\Pulpit\SopCast.lnk [2009-05-14 17:50:08 | 00,117,248 | ---- | M] () -- C:\WINDOWS\vFind.exe [2009-05-13 23:02:42 | 57,966,986 | ---- | M] () -- C:\Documents and Settings\Jakub\Pulpit\Kjaerhus.AIO(2).rar [2009-05-13 21:42:02 | 20,580,4628 | ---- | M] () -- C:\Documents and Settings\Jakub\Pulpit\do wydrukowania.rar [2009-05-13 20:15:29 | 10,666,601 | ---- | M] () -- C:\Documents and Settings\Jakub\Pulpit\Course.PTR.Cubase.SX.3.Ignite.eBook-LinG.rar [2009-05-13 19:51:59 | 13,635,061 | ---- | M] () -- C:\Documents and Settings\Jakub\Pulpit\Cubase_SX_3_Power_-_The_Complete_Guide.rar [2009-05-12 00:09:52 | 22,101,692 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Jakub\Pulpit\bitdefender_free_v10.exe [2009-05-11 22:29:55 | 34,535,872 | ---- | M] () -- C:\Documents and Settings\Jakub\Pulpit\setuppol.exe [2009-05-11 08:12:38 | 10,502,754 | ---- | M] () -- C:\Documents and Settings\Jakub\Pulpit\u mnie balagan.mp3 [2009-05-09 12:52:52 | 00,048,640 | ---- | M] () -- C:\Documents and Settings\Jakub\Pulpit\CV English - Tomasz Nidziński.doc [2009-05-09 12:52:45 | 00,052,224 | ---- | M] () -- C:\Documents and Settings\Jakub\Pulpit\CV Polskie - Tomasz Nidziński.doc [2009-05-09 12:41:53 | 00,000,243 | ---- | M] () -- C:\Documents and Settings\Jakub\Pulpit\znalezc w necie e books.rtf [2009-05-08 11:57:05 | 11,138,917 | ---- | M] () -- C:\Documents and Settings\Jakub\Pulpit\01 Hipster Girl (Evol Intent Remix).mp3 [2009-05-07 00:16:30 | 24,699,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe [2009-05-06 23:49:14 | 03,412,428 | ---- | M] () -- C:\Documents and Settings\Jakub\Pulpit\RBS - Odadołaka.mp3 [2009-05-05 18:53:08 | 27,153,602 | ---- | M] () -- C:\Documents and Settings\Jakub\Pulpit\Procession.wav [2009-05-05 18:07:56 | 13,593,164 | ---- | M] () -- C:\Documents and Settings\Jakub\Pulpit\Nidxi - Absolution.mp3 [2009-05-05 17:16:05 | 10,436,9104 | ---- | M] () -- C:\Documents and Settings\Jakub\Pulpit\after the movie by kaczka.wmv [2009-05-03 23:16:08 | 17,246,595 | ---- | M] (Adobe Systems, Inc.) -- C:\Documents and Settings\Jakub\Pulpit\paradigme.exe [2009-05-02 12:58:19 | 00,000,736 | ---- | M] () -- C:\Documents and Settings\Jakub\Pulpit\moduly sapa.rtf [2009-04-30 01:36:37 | 00,075,776 | ---- | M] () -- C:\WINDOWS\System32\WS2Fix.exe [2009-04-26 23:00:50 | 04,065,938 | ---- | M] () -- C:\Documents and Settings\Jakub\Pulpit\pih -veni vidi vici to dla moich ludzi.mp31240780384_[mp3.teledyski.info].mp3 [2009-04-26 21:11:39 | 00,004,232 | ---- | M] () -- C:\Documents and Settings\Jakub\Pulpit\cenzura! na allegro.rtf [2009-04-21 15:37:31 | 00,499,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp71.dll [2009-04-21 15:37:31 | 00,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr71.dll [2009-04-21 15:37:31 | 00,278,528 | ---- | M] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll [2009-04-21 14:48:38 | 00,000,301 | ---- | M] () -- C:\Documents and Settings\Jakub\Pulpit\mbank.rtf [2009-04-20 22:54:01 | 25,162,0864 | ---- | M] () -- C:\Documents and Settings\Jakub\Pulpit\MarkEG-HydraulixParty-10-04-09-MASTER.mp3 [2009-04-20 22:17:47 | 54,129,051 | ---- | M] () -- C:\Documents and Settings\Jakub\Pulpit\B_SOUL_PERFECT_STORM_MIX.mp3 [2009-04-20 22:16:09 | 03,774,592 | ---- | M] () -- C:\Documents and Settings\Jakub\Pulpit\MLp-Beat4Battle (Battle Scratch 38).mp3 [2009-04-20 21:08:02 | 07,234,007 | ---- | M] (Macromedia, Inc.) -- C:\Documents and Settings\Jakub\Pulpit\The Repool Two By MLp.exe [color=orange]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:DFC5A2B2 < End of report >

Pomocy!!!

**Posty:** 18165 · przez **wojtas** 18 Maj 2009, 20:18

Uruchom OTListIt2 i w oknie Custom Scans/Fixes wklej :

:OTLI
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O7 - HKU\S-1-5-21-1659004503-861567501-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\S-1-5-21-1659004503-861567501-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1

:Files
C:\RECYCLER
C:\WINDOWS\System32\tmp.reg
C:\WINDOWS\System32\VCCLSID.exe
C:\WINDOWS\System32\SrchSTS.exe
C:\WINDOWS\System32\swreg.exe
C:\WINDOWS\System32\VACFix.exe
C:\WINDOWS\System32\IEDFix.exe
C:\WINDOWS\System32\IEDFix.C.exe
C:\WINDOWS\System32\404Fix.exe
C:\WINDOWS\System32\o4Patch.exe
C:\WINDOWS\System32\swxcacls.exe
C:\WINDOWS\System32\Agent.OMZ.Fix.exe
C:\WINDOWS\System32\WS2Fix.exe
C:\WINDOWS\System32\Process.exe
C:\WINDOWS\System32\dumphive.exe
C:\WINDOWS\System32\swsc.exe
C:\Documents and Settings\Jakub\Pulpit\SmitfraudFix

:Commands
[emptytemp]
[start explorer]
[Reboot]

Kliknij w Run Fix. I potwierdz reset kompa .

1. Ściągnij OTMoveIt i go włacz i odpal go z opcji CleanUp
2. wykonaj optymalizację windowsa
3.sciagnij ATF_Cleaner
zaznacz
Windows Temp
All users Temp
Temporary internet files
Recycle Bin
i wcisnij EMPTY SELECTED
4.Wyłącz przywracanie systemu ( właściwości mój komputer-zakładka przywracanie - wyłącz przywracanie na wszystkich dyskach). Po chwili włącz je powrotem
5. Wykonaj skan Dr. Web CureIt
6. Przeskanuj obszar mojego komputera http://www.kaspersky.pl/virusscanner.html (uruchom przez IE) Daj raport z niego na forum.

i tym:

Malwarebytes Anti-Malware.

Jeśli masz Adobe Reader to zaaktualizuj go do najnowszej wersji

**Posty:** 8 · przez **Yadziah** 18 Maj 2009, 22:10

zrobilem all oprocz punktow 5 i 6

nie moge sciagnac na dysk tego programu jak i np bitdefendera, po prostu dochodzi do 99% (tak jakby specjalnie nie mozna bylo sciagnac ?)
strona kasperskiego wogole mi sie nie odpala
Kaspersky Virus Removal Tool nie moge sciagnac

Znalazlem gdzie indziej ze powinienem odpalic System Repair Engineer wiec odpalilem i mam loga :

Kod: Zaznacz wszystko: 2009-05-18,22:02:15 System Repair Engineer 2.7.0.1210 Smallfrogs (http://www.KZTechs.com) Windows XP Professional Dodatek Service Pack 3 (Build 2600) - Administrative User - Completed Functions Allowed Follow item(s) have been selected: All Boot Items (Including Registry, Startup Folders, Services and so on) Browser Add-ons Running Processes (Including process model information) File Associations Winsock Provider Autorun.Inf HOSTS File Process Privileges Scan Scheduled Tasks API HOOK Hidden Process Boot Items Registry [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <Adobe Reader Speed Launcher><"C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"> [Adobe Systems Incorporated] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher] <Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Component Publisher] <UIHost><logonui.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] <{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] <PostBootReminder><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher] <CDBurn><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher] <WebCheck><%SystemRoot%\system32\webcheck.dll> [(Verified)Microsoft Windows Component Publisher] <SysTray><%systemroot%\system32\stobject.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain] <WinlogonNotify: crypt32chain><crypt32.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet] <WinlogonNotify: cryptnet><cryptnet.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll] <WinlogonNotify: cscdll><cscdll.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy] <WinlogonNotify: dimsntfy><%SystemRoot%\System32\dimsntfy.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] <WinlogonNotify: igfxcui><igfxdev.dll> [(Verified)Microsoft Windows Hardware Compatibility Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp] <WinlogonNotify: ScCertProp><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule] <WinlogonNotify: Schedule><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy] <WinlogonNotify: sclgntfy><sclgntfy.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn] <WinlogonNotify: SensLogn><WlNotify.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv] <WinlogonNotify: termsrv><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon] <WinlogonNotify: wlballoon><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher] <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] <Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}] <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] <Dostosowywanie przeglądarki><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] <Książka adresowa 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] <Aktualizacja pulpitu Windows><regsvr32.exe /s /n /i:U shell32.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] <Internet Explorer 6><%SystemRoot%\system32\ie4uinit.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <AGRSMMSG><; AGRSMMSG.exe> [Agere Systems] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <CTFMON.EXE><; C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <igfxhkcmd><; C:\WINDOWS\system32\hkcmd.exe> [Intel Corporation] <igfxpers><; C:\WINDOWS\system32\igfxpers.exe> [Intel Corporation] <igfxtray><; C:\WINDOWS\system32\igfxtray.exe> [Intel Corporation] <iTunesHelper><; "C:\Program Files\iTunes\iTunesHelper.exe"> [Apple Inc.] <QuickTime Task><; "C:\Program Files\QuickTime\qttask.exe" -atboottime> [Apple Inc.] <SoundMAXPnP><; C:\Program Files\Analog Devices\Core\smax4pnp.exe> [Analog Devices, Inc.] <SunJavaUpdateSched><; "C:\Program Files\Java\jre6\bin\jusched.exe"> [Sun Microsystems, Inc.] <SynTPEnh><; C:\Program Files\Synaptics\SynTP\SynTPEnh.exe> [Synaptics, Inc.] <TkBellExe><; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> [RealNetworks, Inc.] ================================== Startup Folders N/A ================================== Services [Apple Mobile Device / Apple Mobile Device][Running/Auto Start] <"C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"><Apple Inc.> [Bonjour Service / Bonjour Service][Running/Auto Start] <"C:\Program Files\Bonjour\mDNSResponder.exe"><Apple Inc.> [Dostęp do urządzeń interfejsu HID / HidServ][Stopped/Disabled] <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A> [Usługa iPod / iPod Service][Stopped/Manual Start] <"C:\Program Files\iPod\bin\iPodService.exe"><Apple Inc.> [Java Quick Starter / JavaQuickStarterService][Running/Auto Start] <"C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"><Sun Microsystems, Inc.> ================================== Drivers [ADI UAA Function Driver for High Definition Audio Service / ADIHdAudAddService][Running/Manual Start] <system32\drivers\ADIHdAud.sys><Analog Devices, Inc.> [AE Audio Service / AEAudio][Running/Manual Start] <system32\drivers\AEAudio.sys><Andrea Electronics Corporation> [Agere Systems Soft Modem / AgereSoftModem][Running/Manual Start] <system32\DRIVERS\AGRSM.sys><Agere Systems> [Sterownik karty sieciowej Broadcom 802.11 / BCM43XX][Running/Manual Start] <system32\DRIVERS\bcmwl5.sys><Broadcom Corporation> [Broadcom 440x 10/100 Integrated Controller / bcm4sbxp][Running/Manual Start] <system32\DRIVERS\bcm4sbxp.sys><Broadcom Corporation> [dac970nt / dac970nt][Running/Manual Start] <\??\C:\WINDOWS\system32\drivers\kkghpn.sys><N/A> [GEAR ASPI Filter Driver / GEARAspiWDM][Running/Manual Start] <system32\DRIVERS\GEARAspiWDM.sys><GEAR Software Inc.> [Sterownik magistrali Microsoft UAA dla High Definition Audio / HDAudBus][Running/Manual Start] <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider> [ialm / ialm][Running/Manual Start] <system32\DRIVERS\ialmnt5.sys><Intel Corporation> [Sterownik bezpośredniego połączenia kablowego / Ptilink][Running/Manual Start] <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.> [PxHelp20 / PxHelp20][Running/Boot Start] <\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions> [Secdrv / Secdrv][Stopped/Manual Start] <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.> [Synaptics TouchPad Driver / SynTP][Running/Manual Start] <system32\DRIVERS\SynTP.sys><Synaptics, Inc.> ================================== Browser Add-ons [Adobe PDF Link Helper] {18DF081C-E8AD-4283-A596-FA578C2EBDC3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll, (Signed) Adobe Systems Incorporated> [Java(tm) Plug-In 2 SSV Helper] {DBC80044-A445-435b-BC74-9C25C1C588A9} <C:\Program Files\Java\jre6\bin\jp2ssv.dll, Sun Microsystems, Inc.> [JQSIEStartDetectorImpl Class] {E7E6F031-17CE-4C07-BC86-EABFE594F69C} <C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll, Sun Microsystems, Inc.> [] {e2e2dd38-d088-4134-82b7-f2ba38496583} <%windir%\Network Diagnostic\xpnetdiag.exe, (Signed) N/A> [Messenger] {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, N/A> [Hewlett-Packard Online Support Services] {1851174C-97BD-4217-A0CC-E908F60D5B7A} <C:\WINDOWS\Downloaded Program Files\HPISDataManager.dll, (Signed) Hewlett-Packard> [MksSkanerOnline Class] {68282C51-9459-467B-95BF-3C0E89627E55} <C:\WINDOWS\system32\SkanerOnline.dll, MKS Sp. z o. o.> [GMNRev Class] {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} <C:\Program Files\HP\Common\HPGMNRev.dll, (Signed) Hewlett-Packard> [Java Plug-in 1.6.0_13] {8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, > [Java Plug-in 1.6.0_13] {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, > [Java Plug-in 1.6.0_13] {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\npjpi160_13.dll, (Signed) Sun Microsystems, Inc.> [Hewlett-Packard Online Support Services] {1851174C-97BD-4217-A0CC-E908F60D5B7A} <C:\WINDOWS\Downloaded Program Files\HPISDataManager.dll, (Signed) Hewlett-Packard> [Adobe PDF Link Helper] {18DF081C-E8AD-4283-A596-FA578C2EBDC3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll, (Signed) Adobe Systems Incorporated> [QuickTime Object] {4063BE15-3B08-470D-A0D5-B37161CFFD69} <C:\Program Files\QuickTime\QTPlugin.ocx, (Signed) Apple Inc.> [Microsoft Terminal Services Client Control (redist)] {4eb89ff4-7f78-4a0f-8b8d-2bf02e94e4b2} <%systemroot%\system32\mstscax.dll, (Signed) N/A> [Microsoft Terminal Services Client Control (redist)] {4EDCB26C-D24C-4e72-AF07-B576699AC0DE} <%systemroot%\system32\mstscax.dll, (Signed) N/A> [DeviceEnum Class] {54BE6B6F-3056-470B-97E1-BB92E051B6C4} <C:\Program Files\HP\Common\HPDeviceDetection.dll, (Signed) Hewlett-Packard> [MksSkanerOnline Class] {68282C51-9459-467B-95BF-3C0E89627E55} <C:\WINDOWS\system32\SkanerOnline.dll, MKS Sp. z o. o.> [Microsoft Terminal Services Client Control (redist)] {7390f3d8-0439-4c05-91e3-cf5cb290c3d0} <%systemroot%\system32\mstscax.dll, (Signed) N/A> [GMNRev Class] {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} <C:\Program Files\HP\Common\HPGMNRev.dll, (Signed) Hewlett-Packard> [Microsoft Terminal Services Client Control (redist)] {7584c670-2274-4efb-b00b-d6aaba6d3850} <%systemroot%\system32\mstscax.dll, (Signed) N/A> [Microsoft Terminal Services Client Control (redist)] {9059f30f-4eb1-4bd2-9fdc-36f43a218f4a} <%systemroot%\system32\mstscax.dll, (Signed) N/A> [] {CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7} <, > [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash6.ocx, (Signed) Macromedia, Inc.> [Java(tm) Plug-In 2 SSV Helper] {DBC80044-A445-435B-BC74-9C25C1C588A9} <C:\Program Files\Java\jre6\bin\jp2ssv.dll, Sun Microsystems, Inc.> [] {E2E2DD38-D088-4134-82B7-F2BA38496583} <, > [JQSIEStartDetectorImpl Class] {E7E6F031-17CE-4C07-BC86-EABFE594F69C} <C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll, Sun Microsystems, Inc.> [] {FB5F1910-F110-11D2-BB9E-00C04F795683} <, > ================================== Running Processes [PID: 776 / SYSTEM][\SystemRoot\System32\smss.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 848 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 872 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [PID: 916 / SYSTEM][C:\WINDOWS\system32\services.exe] [(Verified) Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] [PID: 928 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [PID: 1084 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 1164 / USŁUGA SIECIOWA][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 1196 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2] [PID: 1248 / USŁUGA SIECIOWA][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 1344 / USŁUGA LOKALNA][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 1696 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2] [PID: 1900 / Jakub][C:\WINDOWS\Explorer.EXE] [(Verified) Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\Program Files\SubEdit-Player\codec\MatroskaSplitter\mmfinfo.dll] [N/A, ] [C:\Program Files\SubEdit-Player\codec\MatroskaSplitter\mkunicode.dll] [N/A, ] [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 9.1.0.2009022700] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.762] [C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll] [Malwarebytes Corporation, 1, 1, 0, 0] [C:\Program Files\WinRAR\rarext.dll] [N/A, ] [C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 3.0.0.4609] [C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2] [PID: 744 / USŁUGA LOKALNA][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 840 / SYSTEM][C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe] [Apple Inc., 2.12.36.0] [PID: 852 / SYSTEM][C:\Program Files\Bonjour\mDNSResponder.exe] [Apple Inc., 1,0,6,2] [PID: 1228 / SYSTEM][C:\Program Files\Java\jre6\bin\jqs.exe] [Sun Microsystems, Inc., 6.0.130.3] [C:\Program Files\Java\jre6\bin\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [PID: 1360 / USŁUGA LOKALNA][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)] [PID: 1288 / SYSTEM][C:\WINDOWS\system32\wbem\wmiapsrv.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [PID: 232 / Jakub][C:\Program Files\Mozilla Firefox\firefox.exe] [Mozilla Corporation, 1.9.0.10] [C:\Program Files\Mozilla Firefox\xul.dll] [Mozilla Foundation, 1.9.0.10] [C:\Program Files\Mozilla Firefox\sqlite3.dll] [sqlite.org, 3.5.9] [C:\Program Files\Mozilla Firefox\MOZCRT19.dll] [Mozilla Foundation, 8.00.0000] [C:\Program Files\Mozilla Firefox\js3250.dll] [Netscape Communications Corporation, 4.0] [C:\Program Files\Mozilla Firefox\nspr4.dll] [Mozilla Foundation, 4.7.3] [C:\Program Files\Mozilla Firefox\smime3.dll] [Mozilla Foundation, 3.12.2.0 Basic ECC] [C:\Program Files\Mozilla Firefox\nss3.dll] [Mozilla Foundation, 3.12.2.0 Basic ECC] [C:\Program Files\Mozilla Firefox\nssutil3.dll] [Mozilla Foundation, 3.12.2.0 Basic ECC] [C:\Program Files\Mozilla Firefox\plc4.dll] [Mozilla Foundation, 4.7.3] [C:\Program Files\Mozilla Firefox\plds4.dll] [Mozilla Foundation, 4.7.3] [C:\Program Files\Mozilla Firefox\ssl3.dll] [Mozilla Foundation, 3.12.2.0 Basic ECC] [C:\Program Files\Mozilla Firefox\xpcom.dll] [Mozilla Foundation, 1.9.0.10] [C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll] [Mozilla Foundation, 1.9.0.10] [C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2] [C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll] [Mozilla Foundation, 1.9.0.10] [C:\Program Files\Mozilla Firefox\softokn3.dll] [Mozilla Foundation, 3.12.2.0 Basic ECC] [C:\Program Files\Mozilla Firefox\nssdbm3.dll] [Mozilla Foundation, 3.12.2.0 Basic ECC] [C:\Program Files\Mozilla Firefox\freebl3.dll] [Mozilla Foundation, 3.12.2.0 Basic ECC] [C:\Program Files\Mozilla Firefox\nssckbi.dll] [Mozilla Foundation, 1.73] [PID: 1092 / SYSTEM][C:\WINDOWS\system32\wuauclt.exe] [(Verified) Microsoft Corporation, 7.2.6001.788 (winmain_oob/wu_wsuswlc(wmbla).081016-1330)] [PID: 3056 / Jakub][C:\DOCUME~1\Jakub\USTAWI~1\Temp\fmcd.exe] [N/A, ] [C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2] [PID: 3856 / Jakub][C:\Documents and Settings\Jakub\Pulpit\kztechssuite\SREngLdr.EXE] [Smallfrogs Studio, 2.7.0.1210] [PID: 3864 / Jakub][C:\Documents and Settings\Jakub\Pulpit\kztechssuite\SREe7af4be4.EXE] [Smallfrogs Studio, 2.7.0.1210] [C:\Documents and Settings\Jakub\Pulpit\kztechssuite\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15] [C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2] ================================== File Associations .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .EXE OK. ["%1" %*] .COM OK. ["%1" %*] .PIF OK. ["%1" %*] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %*] .SCR OK. ["%1" /S] .CHM OK. ["C:\WINDOWS\hh.exe" %1] .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1] .INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] .LNK OK. [{00021401-0000-0000-C000-000000000046}] ================================== Winsock Provider N/A ================================== Autorun.Inf N/A ================================== HOSTS File 127.0.0.1 localhost ================================== Process Privileges Scan Special Privileges Enabled: SeLoadDriverPrivilege [PID = 3056, C:\DOCUME~1\JAKUB\USTAWI~1\TEMP\FMCD.EXE] Special Privileges Enabled: SeLoadDriverPrivilege [PID = 3856, C:\DOCUMENTS AND SETTINGS\JAKUB\PULPIT\KZTECHSSUITE\SRENGLDR.EXE] ================================== Scheduled Tasks N/A ================================== API HOOK N/A ================================== Hidden Process N/A ==================================

**Posty:** 18165 · przez **wojtas** 18 Maj 2009, 22:13

a jak sytuacja z kompem??

**Posty:** 8 · przez **Yadziah** 18 Maj 2009, 22:20

jak daje ctrl alt delete to manager zadan jest nie aktywny, nie mozna kliknac sciana

**Posty:** 18165 · przez **wojtas** 18 Maj 2009, 22:22

zobacz tu:

http://www.searchengines.pl/index.php?showtopic=79791&st=0#entry495933

**Posty:** 8 · przez **Yadziah** 18 Maj 2009, 22:33

dalej mks vir wykrywa mi virusa ...

FixPolicies nie naprawil nic ...

sproboje na pen drive wrzucic Dr. Web CureIt i kasperskiego ... moze tak cos da ..

Dodano Dzisiaj, 00:00:
Dr Web skanuje jednak ...leczy mi chyba wszystkie mozliwe pliki .exe na dysku...jutro dam update co sie dzieje dalej ...

**Posty:** 18165 · przez **wojtas** 19 Maj 2009, 07:55

daj raport z weba i loga z combofixa http://download.bleepingcomputer.com/sUBs/ComboFix.exe

**Posty:** 8 · przez **Yadziah** 19 Maj 2009, 19:27

Kod: Zaznacz wszystko: windstr.exe;c:\documents and settings\jakub\ustawienia lokalne\temp;Prawdopodobnie DLOADER.Trojan;; reader_sl.exe;c:\program files\adobe\reader 9.0\reader;Win32.Sector.17;Wyleczony.; smax4pnp.exe;c:\program files\analog devices\core;Win32.Sector.17;Wyleczony.; realsched.exe;c:\program files\common files\real\update_ob;Win32.Sector.17;Wyleczony.; ituneshelper.exe;c:\program files\itunes;Win32.Sector.17;Wyleczony.; jusched.exe;c:\program files\java\jre6\bin;Win32.Sector.17;Wyleczony.; qttask.exe;c:\program files\quicktime;Win32.Sector.17;Wyleczony.; syntpenh.exe;c:\program files\synaptics\syntp;Win32.Sector.17;Wyleczony.; agrsmmsg.exe;c:\windows;Win32.Sector.17;Wyleczony.; hkcmd.exe;c:\windows\system32;Win32.Sector.17;Wyleczony.; igfxpers.exe;c:\windows\system32;Win32.Sector.17;Wyleczony.; igfxtray.exe;c:\windows\system32;Win32.Sector.17;Wyleczony.; DifXInstall32.exe;C:\Documents and Settings\All Users\Dane aplikacji\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86;Win32.Sector.17;Wyleczony.; paradigme.exe;C:\Documents and Settings\Jakub\Pulpit;Win32.Sector.17;Wyleczony.; setuppol.exe;C:\Documents and Settings\Jakub\Pulpit;Win32.Sector.17;Wyleczony.; sp38056.exe;C:\Documents and Settings\Jakub\Pulpit;Win32.Sector.17;Wyleczony.; CxtMgrDlg.exe;C:\Documents and Settings\Jakub\Pulpit\kztechssuite;Win32.Sector.17;Wyleczony.; FileDigitalSignVerify.EXE;C:\Documents and Settings\Jakub\Pulpit\kztechssuite;Win32.Sector.17;Wyleczony.; PendMove.exe;C:\Documents and Settings\Jakub\Pulpit\kztechssuite;Win32.Sector.17;Wyleczony.; RenamePlus.EXE;C:\Documents and Settings\Jakub\Pulpit\kztechssuite;Win32.Sector.17;Wyleczony.; SREngLdr.EXE;C:\Documents and Settings\Jakub\Pulpit\kztechssuite;Win32.Sector.17;Wyleczony.; TrayToolTipFix.exe;C:\Documents and Settings\Jakub\Pulpit\kztechssuite;Win32.Sector.17;Wyleczony.; WICleanupC.EXE;C:\Documents and Settings\Jakub\Pulpit\kztechssuite;Win32.Sector.17;Wyleczony.; WICleanupUI.EXE;C:\Documents and Settings\Jakub\Pulpit\kztechssuite;Win32.Sector.17;Wyleczony.; windstr.exe;C:\Documents and Settings\Jakub\Ustawienia lokalne\temp;Prawdopodobnie DLOADER.Trojan;; A3DUtility.exe;C:\Program Files\Adobe\Reader 9.0\Reader;Win32.Sector.17;Wyleczony.; AcroBroker.exe;C:\Program Files\Adobe\Reader 9.0\Reader;Win32.Sector.17;Wyleczony.; AcroRd32.exe;C:\Program Files\Adobe\Reader 9.0\Reader;Win32.Sector.17;Wyleczony.; AcroTextExtractor.exe;C:\Program Files\Adobe\Reader 9.0\Reader;Win32.Sector.17;Wyleczony.; LogTransport2.exe;C:\Program Files\Adobe\Reader 9.0\Reader;Win32.Sector.17;Wyleczony.; PDFPrevHndlrShim.exe;C:\Program Files\Adobe\Reader 9.0\Reader;Win32.Sector.17;Wyleczony.; reader_sl.exe;C:\Program Files\Adobe\Reader 9.0\Reader;Win32.Sector.17;Wyleczony.; Setup.exe;C:\Program Files\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A91000000001};Win32.Sector.17;Wyleczony.; AEEnable.exe;C:\Program Files\Analog Devices\SoundMAX;Win32.Sector.17;Wyleczony.; SMax4.exe;C:\Program Files\Analog Devices\SoundMAX;Win32.Sector.17;Wyleczony.; SMWizard.exe;C:\Program Files\Analog Devices\SoundMAX;Win32.Sector.17;Wyleczony.; Adobe_Updater.exe;C:\Program Files\Common Files\Adobe\Updater6;Win32.Sector.17;Wyleczony.; gconsync.exe;C:\Program Files\Common Files\Apple\Mobile Device Support\bin;Win32.Sector.17;Wyleczony.; OutlookSyncClient.exe;C:\Program Files\Common Files\Apple\Mobile Device Support\bin;Win32.Sector.17;Wyleczony.; IDriver.exe;C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32;Win32.Sector.17;Wyleczony.; IDriver2.exe;C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32;Win32.Sector.17;Wyleczony.; IKernel.exe;C:\Program Files\Common Files\InstallShield\Engine\6\Intel 32;Win32.Sector.17;Wyleczony.; iPAQDetection2.exe;C:\Program Files\HP\Common;Win32.Sector.17;Wyleczony.; setup.exe;C:\Program Files\InstallShield Installation Information\{9A6F0720-739C-408B-966F-93091631A918};Win32.Sector.17;Wyleczony.; setup.exe;C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C};Win32.Sector.17;Wyleczony.; iTunesPhotoProcessor.exe;C:\Program Files\iTunes;Win32.Sector.17;Wyleczony.; jqsnotify.exe;C:\Program Files\Java\jre6\bin;Win32.Sector.17;Wyleczony.; jureg.exe;C:\Program Files\Java\jre6\bin;Win32.Sector.17;Wyleczony.; kinit.exe;C:\Program Files\Java\jre6\bin;Win32.Sector.17;Wyleczony.; klist.exe;C:\Program Files\Java\jre6\bin;Win32.Sector.17;Wyleczony.; pack200.exe;C:\Program Files\Java\jre6\bin;Win32.Sector.17;Wyleczony.; policytool.exe;C:\Program Files\Java\jre6\bin;Win32.Sector.17;Wyleczony.; rmid.exe;C:\Program Files\Java\jre6\bin;Win32.Sector.17;Wyleczony.; tnameserv.exe;C:\Program Files\Java\jre6\bin;Win32.Sector.17;Wyleczony.; mbam.exe;C:\Program Files\Malwarebytes' Anti-Malware;Win32.Sector.17;Wyleczony.; mbamgui.exe;C:\Program Files\Malwarebytes' Anti-Malware;Win32.Sector.17;Wyleczony.; ExportController.exe;C:\Program Files\QuickTime\QTSystem;Win32.Sector.17;Wyleczony.; QuickTimeUpdateHelper.exe;C:\Program Files\QuickTime\QTSystem;Win32.Sector.17;Wyleczony.; SopCast.exe;C:\Program Files\SopCast;Win32.Sector.17;Wyleczony.; sopvod.exe;C:\Program Files\SopCast;Win32.Sector.17;Wyleczony.; uninst.exe;C:\Program Files\SopCast;Win32.Sector.17;Wyleczony.; SopAdver.exe;C:\Program Files\SopCast\adv;Win32.Sector.17;Wyleczony.; XCrashReport.exe;C:\Program Files\SopCast\CrashReport;Win32.Sector.17;Wyleczony.; StreamServer.exe;C:\Program Files\SopCast\StreamServer;Win32.Sector.17;Wyleczony.; SopChecker.exe;C:\Program Files\SopCast\update;Win32.Sector.17;Wyleczony.; UNZIP.EXE;C:\Program Files\SopCast\update;Win32.Sector.17;Wyleczony.; makeavis.exe;C:\Program Files\SubEdit-Player\codec\ffdshow;Win32.Sector.17;Wyleczony.; dsmux.exe;C:\Program Files\SubEdit-Player\codec\MatroskaSplitter;Win32.Sector.17;Wyleczony.; gdsmux.exe;C:\Program Files\SubEdit-Player\codec\MatroskaSplitter;Win32.Sector.17;Wyleczony.; mkv2vfr.exe;C:\Program Files\SubEdit-Player\codec\MatroskaSplitter;Win32.Sector.17;Wyleczony.; InstNT.exe;C:\Program Files\Synaptics\SynTP;Win32.Sector.17;Wyleczony.; SynTPLpr.exe;C:\Program Files\Synaptics\SynTP;Win32.Sector.17;Wyleczony.; Tutorial.exe;C:\Program Files\Synaptics\SynTP;Win32.Sector.17;Wyleczony.; InstNT.exe;C:\Program Files\Synaptics\SynTP\Media;Win32.Sector.17;Wyleczony.; Setup.exe;C:\Program Files\Synaptics\SynTP\Media;Win32.Sector.17;Wyleczony.; SynTPEnh.exe;C:\Program Files\Synaptics\SynTP\Media;Win32.Sector.17;Wyleczony.; SynTPLpr.exe;C:\Program Files\Synaptics\SynTP\Media;Win32.Sector.17;Wyleczony.; uninstall.exe;C:\Program Files\Tlen.pl;Win32.Sector.17;Wyleczony.; UninstWA.exe;C:\Program Files\Winamp;Win32.Sector.17;Wyleczony.; winampa.exe;C:\Program Files\Winamp;Win32.Sector.17;Wyleczony.; dlimport.exe;C:\Program Files\Windows Media Player;Odmiana wirusa Win32.Sector.5;Przeniesiony.; wmsetsdk.exe;C:\Program Files\Windows Media Player;Win32.Sector.17;Wyleczony.; Dc7.exe;C:\RECYCLER\S-1-5-21-1659004503-861567501-839522115-1003;Win32.Sector.17;Wyleczony.; Dc9.exe;C:\RECYCLER\S-1-5-21-1659004503-861567501-839522115-1003;Win32.Sector.17;Wyleczony.; agrsmdel.exe;C:\swsetup\MultiMODEMInstl\Agere;Win32.Sector.17;Wyleczony.; AGRSMMsg.exe;C:\swsetup\MultiMODEMInstl\Agere;Win32.Sector.17;Wyleczony.; setup.exe;C:\swsetup\MultiMODEMInstl\Agere;Win32.Sector.17;Wyleczony.; agrsmdel.exe;C:\swsetup\MultiMODEMInstl\Agere\MOH;Win32.Sector.17;Wyleczony.; LtMoh.exe;C:\swsetup\MultiMODEMInstl\Agere\MOH;Win32.Sector.17;Wyleczony.; setup.exe;C:\swsetup\MultiMODEMInstl\Agere\MOH;Win32.Sector.17;Wyleczony.; HXFSetup.exe;C:\swsetup\MultiMODEMInstl\Conexant;Win32.Sector.17;Wyleczony.; Setup.exe;C:\swsetup\MultiMODEMInstl\Conexant;Win32.Sector.17;Wyleczony.; Setup.exe;C:\swsetup\MultiMODEMInstl\Conexant\NETWAITING;Win32.Sector.17;Wyleczony.; setup.exe;C:\swsetup\SP27697A;Win32.Sector.17;Wyleczony.; setup.exe;C:\swsetup\SP27697A\BACS;Win32.Sector.17;Wyleczony.; setup.exe;C:\swsetup\sp32299;Win32.Sector.17;Wyleczony.; Setup.exe;C:\swsetup\SP32555;Win32.Sector.17;Wyleczony.; AEEnable.exe;C:\swsetup\SP32593;Win32.Sector.17;Wyleczony.; DevSetup.exe;C:\swsetup\SP32593;Win32.Sector.17;Wyleczony.; setup.exe;C:\swsetup\SP32593;Win32.Sector.17;Wyleczony.; SMax4PNP.exe;C:\swsetup\SP32593\SMAXWDM\W2K_XP;Win32.Sector.17;Wyleczony.; SMHelp.exe;C:\swsetup\SP32593\SM_Comn\Help;Win32.Sector.17;Wyleczony.; SMWizard.exe;C:\swsetup\SP32593\SM_Micro\Wizards;Win32.Sector.17;Wyleczony.; SMax4.exe;C:\swsetup\SP32593\SM_Panel\Sys;Win32.Sector.17;Wyleczony.; CleanUp.exe;C:\swsetup\SP32593\Sys;Win32.Sector.17;Wyleczony.; DSndUp.exe;C:\swsetup\SP32593\Sys;Win32.Sector.17;Wyleczony.; agrsmdel.exe;C:\swsetup\SP32644A;Win32.Sector.17;Wyleczony.; AGRSMMsg.exe;C:\swsetup\SP32644A;Win32.Sector.17;Wyleczony.; HXFSetup.exe;C:\swsetup\SP32644A;Win32.Sector.17;Wyleczony.; setup.exe;C:\swsetup\SP32644A;Win32.Sector.17;Wyleczony.; setup.exe;C:\swsetup\SP32646\Disk1;Win32.Sector.17;Wyleczony.; InstNT.exe;C:\swsetup\SP32647;Win32.Sector.17;Wyleczony.; Setup.exe;C:\swsetup\SP32647;Win32.Sector.17;Wyleczony.; SynTPEnh.exe;C:\swsetup\SP32647;Win32.Sector.17;Wyleczony.; SynTPLpr.exe;C:\swsetup\SP32647;Win32.Sector.17;Wyleczony.; Tutorial.exe;C:\swsetup\SP32647;Win32.Sector.17;Wyleczony.; setup.exe;C:\swsetup\SP32733A;Win32.Sector.17;Wyleczony.; setup.exe;C:\swsetup\SP32733A\BACS;Win32.Sector.17;Wyleczony.; setup.exe;C:\swsetup\SP32733A\Drivers\DrvInst\IA32;Win32.Sector.17;Wyleczony.; bcmwls32.exe;C:\swsetup\SP33008A;Win32.Sector.17;Wyleczony.; bcmwlu00.exe;C:\swsetup\SP33008A;Win32.Sector.17;Wyleczony.; is.exe;C:\swsetup\SP33008A;Win32.Sector.17;Wyleczony.; setup.exe;C:\swsetup\SP33008A;Win32.Sector.17;Wyleczony.; Setup.exe;C:\swsetup\SP33188;Win32.Sector.17;Wyleczony.; hkcmd.exe;C:\swsetup\SP33188\Win2000;Win32.Sector.17;Wyleczony.; ialmudlg.exe;C:\swsetup\SP33188\Win2000;Win32.Sector.17;Wyleczony.; igfxcfg.exe;C:\swsetup\SP33188\Win2000;Win32.Sector.17;Wyleczony.; igfxext.exe;C:\swsetup\SP33188\Win2000;Win32.Sector.17;Wyleczony.; igfxpers.exe;C:\swsetup\SP33188\Win2000;Win32.Sector.17;Wyleczony.; igfxsrvc.exe;C:\swsetup\SP33188\Win2000;Win32.Sector.17;Wyleczony.; igfxtray.exe;C:\swsetup\SP33188\Win2000;Win32.Sector.17;Wyleczony.; igfxzoom.exe;C:\swsetup\SP33188\Win2000;Win32.Sector.17;Wyleczony.; AEEnable.exe;C:\swsetup\SP37155;Win32.Sector.17;Wyleczony.; DevSetup.exe;C:\swsetup\SP37155;Win32.Sector.17;Wyleczony.; setup.exe;C:\swsetup\SP37155;Win32.Sector.17;Wyleczony.; SMax4PNP.exe;C:\swsetup\SP37155\SMAXWDM\W2K_XP;Win32.Sector.17;Wyleczony.; SMHelp.exe;C:\swsetup\SP37155\SM_Comn\Help;Win32.Sector.17;Wyleczony.; SMWizard.exe;C:\swsetup\SP37155\SM_Micro\Wizards;Win32.Sector.17;Wyleczony.; SMax4.exe;C:\swsetup\SP37155\SM_Panel\Sys;Win32.Sector.17;Wyleczony.; CleanUp.exe;C:\swsetup\SP37155\Sys;Win32.Sector.17;Wyleczony.; DSndUp.exe;C:\swsetup\SP37155\Sys;Win32.Sector.17;Wyleczony.; Autorun.exe;C:\swsetup\sp38056a;Win32.Sector.17;Wyleczony.; iProInst.exe;C:\swsetup\sp38056a\XP\Apps\x32;Win32.Sector.17;Wyleczony.; iconvrtr.exe;C:\swsetup\sp38056a\XP\Apps\x32\iProData;Win32.Sector.17;Wyleczony.; A0000013.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000014.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000024.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000033.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000035.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000036.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000037.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000040.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000042.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000045.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000046.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000051.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000112.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000116.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000129.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000131.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000201.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000203.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000204.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000205.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000206.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000207.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000208.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000209.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000210.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000211.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000212.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000213.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000214.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000240.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000245.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000253.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000269.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000270.EXE;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000271.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000272.EXE;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000273.EXE;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000274.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000275.EXE;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000276.EXE;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000279.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000280.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000281.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000282.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000283.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000284.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000285.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000286.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000287.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000288.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000289.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000290.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000291.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000294.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000295.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000296.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000299.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000300.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000301.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000302.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000306.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000307.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000308.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000309.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000310.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000311.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000312.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000313.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000314.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000319.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000320.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000323.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000324.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000326.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000328.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000329.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000330.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000331.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000332.EXE;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000333.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000334.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000335.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000336.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000337.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000338.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000339.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000340.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000341.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000342.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000343.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000344.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000345.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000346.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000378.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Odmiana wirusa Win32.Sector.5;Przeniesiony.; A0000380.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000382.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000383.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000384.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000385.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000386.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000387.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000388.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000389.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000390.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000391.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000392.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000393.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000394.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000395.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000396.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000397.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000398.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000399.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000400.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000401.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000408.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000409.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000410.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000411.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000412.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000413.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000415.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000416.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000417.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000418.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000419.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000421.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000422.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000423.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000424.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000425.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000427.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000430.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000431.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000433.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000435.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000436.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000437.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000438.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000439.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000440.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000441.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000442.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000443.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000445.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000447.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000448.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000449.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000450.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000451.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000457.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000458.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000459.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000460.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000461.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000462.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000463.exe;C:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; a2h2.com;D:\;Trojan.PWS.Wsgame.4983;Usunięty.; The Brain that wouldn_t Die.exe;D:\;Win32.Sector.17;Wyleczony.; ur0.com;D:\;Trojan.PWS.Wsgame.4983;Usunięty.; w98.com;D:\;Trojan.PWS.Wsgame.4983;Usunięty.; DaemonTools.exe;D:\emulator\Tekken 3;Win32.Sector.17;Wyleczony.; ePSXe.exe;D:\emulator\Tekken 3\epsxe160;Win32.Sector.17;Wyleczony.; 3DLOOPER.exe;D:\Hip hop\3DLOOPER.By.Turntablist.Eko.&.MLp;Win32.Sector.17;Wyleczony.; sf2sony20.exe;D:\Sony\Shared Plug-Ins\Utilities\Migration Tools;Win32.Sector.17;Wyleczony.; forge70.exe;D:\Sony\Sound Forge 7.0;Win32.Sector.17;Wyleczony.; InstMsi-x86a.exe;D:\Sony Setup\Sound Forge 7.0;Win32.Sector.17;Wyleczony.; InstMsi-x86w.exe;D:\Sony Setup\Sound Forge 7.0;Win32.Sector.17;Wyleczony.; Setup.exe;D:\Sony Setup\Sound Forge 7.0;Win32.Sector.17;Wyleczony.; wmfdist2.exe;D:\Sony Setup\Sound Forge 7.0;Win32.Sector.17;Wyleczony.; A0000020.exe;D:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000026.exe;D:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000043.exe;D:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000062.exe;D:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000063.exe;D:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000066.exe;D:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000067.exe;D:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000069.exe;D:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000070.exe;D:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000071.exe;D:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000146.exe;D:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000150.exe;D:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000156.exe;D:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000166.exe;D:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000167.exe;D:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000170.exe;D:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000171.exe;D:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000172.exe;D:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000173.exe;D:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000174.exe;D:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000184.exe;D:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000189.exe;D:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000198.exe;D:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000217.exe;D:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000218.exe;D:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000225.exe;D:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000226.exe;D:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000228.exe;D:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000230.exe;D:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000232.exe;D:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000480.com;D:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Trojan.PWS.Wsgame.4983;Usunięty.; A0000481.com;D:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Trojan.PWS.Wsgame.4983;Usunięty.; A0000482.com;D:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Trojan.PWS.Wsgame.4983;Usunięty.; A0103439.bat;D:\System Volume Information\_restore{8F7B9DCB-38CA-4FA8-AE26-9C6FE4391A3A}\RP570;Trojan.PWS.Wsgame.4983;Usunięty.; A0103516.com;D:\System Volume Information\_restore{8F7B9DCB-38CA-4FA8-AE26-9C6FE4391A3A}\RP570;Trojan.PWS.Wsgame.4983;Usunięty.; A0103542.com;D:\System Volume Information\_restore{8F7B9DCB-38CA-4FA8-AE26-9C6FE4391A3A}\RP570;Trojan.PWS.Wsgame.4983;Usunięty.; A0103569.cmd;D:\System Volume Information\_restore{8F7B9DCB-38CA-4FA8-AE26-9C6FE4391A3A}\RP571;Trojan.PWS.Wsgame.4983;Usunięty.; A0103688.cmd;D:\System Volume Information\_restore{8F7B9DCB-38CA-4FA8-AE26-9C6FE4391A3A}\RP571;Trojan.PWS.Wsgame.4983;Usunięty.; A0104774.bat;D:\System Volume Information\_restore{8F7B9DCB-38CA-4FA8-AE26-9C6FE4391A3A}\RP572;Trojan.PWS.Wsgame.4983;Usunięty.; A0107034.cmd;D:\System Volume Information\_restore{8F7B9DCB-38CA-4FA8-AE26-9C6FE4391A3A}\RP576;Trojan.PWS.Wsgame.4983;Usunięty.; A0107071.cmd;D:\System Volume Information\_restore{8F7B9DCB-38CA-4FA8-AE26-9C6FE4391A3A}\RP576;Trojan.PWS.Wsgame.4983;Usunięty.; A0111480.exe;D:\System Volume Information\_restore{8F7B9DCB-38CA-4FA8-AE26-9C6FE4391A3A}\RP579;Trojan.PWS.Wsgame.10863;Usunięty.; A0111499.exe;D:\System Volume Information\_restore{8F7B9DCB-38CA-4FA8-AE26-9C6FE4391A3A}\RP579;Trojan.PWS.Wsgame.10863;Usunięty.; A0111519.exe;D:\System Volume Information\_restore{8F7B9DCB-38CA-4FA8-AE26-9C6FE4391A3A}\RP579;Trojan.PWS.Wsgame.10863;Usunięty.; A0111548.com;D:\System Volume Information\_restore{8F7B9DCB-38CA-4FA8-AE26-9C6FE4391A3A}\RP579;Trojan.PWS.Wsgame.4983;Usunięty.; A0111570.com;D:\System Volume Information\_restore{8F7B9DCB-38CA-4FA8-AE26-9C6FE4391A3A}\RP579;Trojan.PWS.Wsgame.4983;Usunięty.; A0111655.exe;D:\System Volume Information\_restore{8F7B9DCB-38CA-4FA8-AE26-9C6FE4391A3A}\RP580;Trojan.PWS.Wsgame.4983;Usunięty.; A0111675.exe;D:\System Volume Information\_restore{8F7B9DCB-38CA-4FA8-AE26-9C6FE4391A3A}\RP580;Trojan.PWS.Wsgame.4983;Usunięty.; a2h2.com;E:\;Trojan.PWS.Wsgame.4983;Usunięty.; ur0.com;E:\;Trojan.PWS.Wsgame.4983;Usunięty.; w98.com;E:\;Trojan.PWS.Wsgame.4983;Usunięty.; Cepsetup.exe;E:\Cool_Edit_Pro_2.0\Cool Edit Pro 2.0;Win32.Sector.17;Wyleczony.; CoolEditPro2 registration.exe;E:\Cool_Edit_Pro_2.0\Cool Edit Pro 2.0\crack;Win32.Sector.17;Wyleczony.; audio.exe;E:\instalki;Win32.Sector.17;Wyleczony.; audio2.exe;E:\instalki;Win32.Sector.17;Wyleczony.; battery.exe;E:\instalki;Win32.Sector.17;Wyleczony.; chipset.exe;E:\instalki;Win32.Sector.17;Wyleczony.; lan.exe;E:\instalki;Win32.Sector.17;Wyleczony.; modem.exe;E:\instalki;Win32.Sector.17;Wyleczony.; storage.exe;E:\instalki;Win32.Sector.17;Wyleczony.; touch pad.exe;E:\instalki;Win32.Sector.17;Wyleczony.; vga.exe;E:\instalki;Win32.Sector.17;Wyleczony.; wlan.exe;E:\instalki;Win32.Sector.17;Wyleczony.; chipset.exe;E:\instalki\nx7400;Win32.Sector.17;Wyleczony.; lan.exe;E:\instalki\nx7400;Win32.Sector.17;Wyleczony.; matrix_storage_manager.exe;E:\instalki\nx7400;Win32.Sector.17;Wyleczony.; vga.exe;E:\instalki\nx7400;Win32.Sector.17;Wyleczony.; DaemonTools.exe;E:\instalki\virtual cd;Win32.Sector.17;Wyleczony.; BitLord.exe;E:\Program Files\BitLord;Win32.Sector.17;Wyleczony.; uninst.exe;E:\Program Files\BitLord;Win32.Sector.17;Wyleczony.; 88_Fingaz_Vol.2.exe;E:\Program Files\BitLord\Downloads\Scratch Loops\Nowy folder;Win32.Sector.17;Wyleczony.; 88_Fingaz_VOL_1.exe;E:\Program Files\BitLord\Downloads\Scratch Loops\Nowy folder;Win32.Sector.17;Wyleczony.; annunaki1.exe;E:\Program Files\BitLord\Downloads\Scratch Loops\Nowy folder;Win32.Sector.17;Wyleczony.; ck6.exe;E:\Program Files\BitLord\Downloads\Scratch Loops\Nowy folder;Win32.Sector.17;Wyleczony.; coldkutmix.exe;E:\Program Files\BitLord\Downloads\Scratch Loops\Nowy folder;Win32.Sector.17;Wyleczony.; Cold_Kut_vol_3.exe;E:\Program Files\BitLord\Downloads\Scratch Loops\Nowy folder;Win32.Sector.17;Wyleczony.; Crooked_eyes_Nikone.exe;E:\Program Files\BitLord\Downloads\Scratch Loops\Nowy folder;Win32.Sector.17;Wyleczony.; CS_1.exe;E:\Program Files\BitLord\Downloads\Scratch Loops\Nowy folder;Win32.Sector.17;Wyleczony.; CS_2.exe;E:\Program Files\BitLord\Downloads\Scratch Loops\Nowy folder;Win32.Sector.17;Wyleczony.; D4.exe;E:\Program Files\BitLord\Downloads\Scratch Loops\Nowy folder;Win32.Sector.17;Wyleczony.; dissonancelooper.exe;E:\Program Files\BitLord\Downloads\Scratch Loops\Nowy folder;Win32.Sector.17;Wyleczony.; Jan Looper.exe;E:\Program Files\BitLord\Downloads\Scratch Loops\Nowy folder;Win32.Sector.17;Wyleczony.; Kratz_TV_looper.exe;E:\Program Files\BitLord\Downloads\Scratch Loops\Nowy folder;Win32.Sector.17;Wyleczony.; scratchyloops2.exe;E:\Program Files\BitLord\Downloads\Scratch Loops\Nowy folder;Win32.Sector.17;Wyleczony.; SECTOR_1.exe;E:\Program Files\BitLord\Downloads\Scratch Loops\Nowy folder;Win32.Sector.17;Wyleczony.; Snatch_1.exe;E:\Program Files\BitLord\Downloads\Scratch Loops\Nowy folder;Win32.Sector.17;Wyleczony.; TheRedJacketLooper2.exe;E:\Program Files\BitLord\Downloads\Scratch Loops\Nowy folder;Win32.Sector.17;Wyleczony.; tsplayer.exe;E:\Program Files\BitLord\Downloads\Scratch Loops\Nowy folder;Win32.Sector.17;Wyleczony.; DCPlusPlus.exe;E:\Program Files\DC++;Win32.Sector.17;Wyleczony.; magnet.exe;E:\Program Files\DC++;Win32.Sector.17;Wyleczony.; uninstall.exe;E:\Program Files\DC++;Win32.Sector.17;Wyleczony.; A0000015.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000016.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000017.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000021.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000023.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000025.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000028.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000031.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000032.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000034.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000047.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000049.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000050.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000052.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000053.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000055.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000057.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000058.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000059.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000073.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000074.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000075.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000076.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000077.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000078.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000079.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000080.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000081.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000082.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000083.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000093.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000095.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000101.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000103.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000104.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000105.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000106.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000113.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000118.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000119.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000130.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000136.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000137.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000138.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000139.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000141.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000142.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000143.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000144.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000145.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000147.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000148.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000149.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000151.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000152.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000153.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000154.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000155.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000157.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000159.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000160.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000161.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000162.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000163.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000179.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000180.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000181.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000182.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000183.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000185.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000186.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000187.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000188.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000190.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000191.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000192.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000193.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000194.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000195.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000196.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000197.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000199.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000202.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000220.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000222.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000224.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000227.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000229.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000231.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000233.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000235.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000236.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000237.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000238.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000249.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000251.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000258.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000260.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000261.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000262.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000263.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000277.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000304.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000305.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000347.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000351.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000353.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000354.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000355.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000357.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000359.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000360.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000361.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000366.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000368.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000369.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000372.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000373.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000379.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000381.exe;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Win32.Sector.17;Wyleczony.; A0000483.com;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Trojan.PWS.Wsgame.4983;Usunięty.; A0000484.com;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Trojan.PWS.Wsgame.4983;Usunięty.; A0000485.com;E:\System Volume Information\_restore{7F858B83-DC90-4789-841D-ED38AACD5424}\RP1;Trojan.PWS.Wsgame.4983;Usunięty.; A0103441.bat;E:\System Volume Information\_restore{8F7B9DCB-38CA-4FA8-AE26-9C6FE4391A3A}\RP570;Trojan.PWS.Wsgame.4983;Usunięty.; A0103518.com;E:\System Volume Information\_restore{8F7B9DCB-38CA-4FA8-AE26-9C6FE4391A3A}\RP570;Trojan.PWS.Wsgame.4983;Usunięty.; A0103544.com;E:\System Volume Information\_restore{8F7B9DCB-38CA-4FA8-AE26-9C6FE4391A3A}\RP570;Trojan.PWS.Wsgame.4983;Usunięty.; A0103571.cmd;E:\System Volume Information\_restore{8F7B9DCB-38CA-4FA8-AE26-9C6FE4391A3A}\RP571;Trojan.PWS.Wsgame.4983;Usunięty.; A0103690.cmd;E:\System Volume Information\_restore{8F7B9DCB-38CA-4FA8-AE26-9C6FE4391A3A}\RP571;Trojan.PWS.Wsgame.4983;Usunięty.; A0107036.cmd;E:\System Volume Information\_restore{8F7B9DCB-38CA-4FA8-AE26-9C6FE4391A3A}\RP576;Trojan.PWS.Wsgame.4983;Usunięty.; A0107073.cmd;E:\System Volume Information\_restore{8F7B9DCB-38CA-4FA8-AE26-9C6FE4391A3A}\RP576;Trojan.PWS.Wsgame.4983;Usunięty.; A0111482.exe;E:\System Volume Information\_restore{8F7B9DCB-38CA-4FA8-AE26-9C6FE4391A3A}\RP579;Trojan.PWS.Wsgame.10863;Usunięty.; A0111501.exe;E:\System Volume Information\_restore{8F7B9DCB-38CA-4FA8-AE26-9C6FE4391A3A}\RP579;Trojan.PWS.Wsgame.10863;Usunięty.; A0111521.exe;E:\System Volume Information\_restore{8F7B9DCB-38CA-4FA8-AE26-9C6FE4391A3A}\RP579;Trojan.PWS.Wsgame.10863;Usunięty.; A0111550.com;E:\System Volume Information\_restore{8F7B9DCB-38CA-4FA8-AE26-9C6FE4391A3A}\RP579;Trojan.PWS.Wsgame.4983;Usunięty.; A0111572.com;E:\System Volume Information\_restore{8F7B9DCB-38CA-4FA8-AE26-9C6FE4391A3A}\RP579;Trojan.PWS.Wsgame.4983;Usunięty.; A0111657.exe;E:\System Volume Information\_restore{8F7B9DCB-38CA-4FA8-AE26-9C6FE4391A3A}\RP580;Trojan.PWS.Wsgame.4983;Usunięty.; A0111677.exe;E:\System Volume Information\_restore{8F7B9DCB-38CA-4FA8-AE26-9C6FE4391A3A}\RP580;Trojan.PWS.Wsgame.4983;Usunięty.; analogwarefare.exe;E:\z dysku c\looperki;Win32.Sector.17;Wyleczony.; B_Ju_Looper_Vol_1.exe;E:\z dysku c\looperki;Win32.Sector.17;Wyleczony.; City Looper.exe;E:\z dysku c\looperki;Win32.Sector.17;Wyleczony.; Darkomen.exe;E:\z dysku c\looperki;Win32.Sector.17;Wyleczony.; Dirty Deeds.exe;E:\z dysku c\looperki;Win32.Sector.17;Wyleczony.; EKOSEASTAIM_LOOPER.exe;E:\z dysku c\looperki;Win32.Sector.17;Wyleczony.; Hismastervoice.exe;E:\z dysku c\looperki;Win32.Sector.17;Wyleczony.; j-one_-_wildstyle_looper.exe;E:\z dysku c\looperki;Win32.Sector.17;Wyleczony.; j-one_-_wildstyle_looper2.exe;E:\z dysku c\looperki;Win32.Sector.17;Wyleczony.; looper_grasshopper.exe;E:\z dysku c\looperki;Win32.Sector.17;Wyleczony.; QFOLOOPER.exe;E:\z dysku c\looperki;Win32.Sector.17;Wyleczony.; Shades of Digital.exe;E:\z dysku c\looperki;Win32.Sector.17;Wyleczony.; SUCKERLOOPER.exe;E:\z dysku c\looperki;Win32.Sector.17;Wyleczony.; THE CRETIN LOPPER by kraps.exe;E:\z dysku c\looperki;Win32.Sector.17;Wyleczony.; setupswish2001.exe;E:\z dysku c\Swish 2.0 + Crack + Manual;Win32.Sector.17;Wyleczony.; Swish 2.0 KeyGen.exe;E:\z dysku c\Swish 2.0 + Crack + Manual;Win32.Sector.17;Wyleczony.;

Dodano Dzisiaj, 20:36:
combofix log http://www.wklej.org/id/92769/

**Posty:** 18165 · przez **wojtas** 19 Maj 2009, 23:05

Otworz notatnik i wklej w nim to:

File::
c:\windows\system32\drivers\65519022.sys

Folder:
c:\DOCUME~1\Jakub\USTAWI~1\Temp

Registry:
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"=-
"DisableRegistryTools"=-

Driver::
is-HQMB1drv
DAC970NT

>>Plik>>Zapisz jako... >>> CFScript
Przeciągnij i upuść plik CFScript.txt na plik ComboFix.exe
-->

Ma się rozpocząć usuwanie. (i powstanie log).Daj ten log, który powstanie w trakcie usuwania
oraz jeszcze raz skanuj webem

**Posty:** 8 · przez **Yadziah** 19 Maj 2009, 23:23

Kod: Zaznacz wszystko: ComboFix 09-05-19.02 - Jakub 2009-05-19 23:15.4 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1250.48.1045.18.503.301 [GMT 2:00] Uruchomiony z: c:\documents and settings\Jakub\Pulpit\ComboFix.exe Użyto następujących komend :: c:\documents and settings\Jakub\Pulpit\CFScript.txt FILE :: c:\windows\system32\drivers\65519022.sys . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\drivers\65519022.sys . ((((((((((((((((((((((((((((((((((((((( Sterowniki/Usługi ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_DAC970NT -------\Legacy_IS-HQMB1DRV -------\Service_is-HQMB1drv ((((((((((((((((((((((((( Pliki utworzone od 2009-04-19 do 2009-05-19 ))))))))))))))))))))))))))))))) . 2009-05-18 22:31 . 2009-05-19 21:17 7045152 --sha-w c:\windows\system32\drivers\fidbox.dat 2009-05-18 20:41 . 2009-05-18 20:41 -------- d-----w c:\documents and settings\Jakub\DoctorWeb 2009-05-18 19:20 . 2009-05-18 19:20 -------- d-----w c:\documents and settings\Jakub\Dane aplikacji\Malwarebytes 2009-05-18 19:20 . 2009-04-06 13:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys 2009-05-18 19:20 . 2009-04-06 13:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys 2009-05-18 19:20 . 2009-05-18 19:20 -------- d-----w c:\documents and settings\All Users\Dane aplikacji\Malwarebytes 2009-05-18 19:20 . 2009-05-18 19:20 -------- d-----w c:\program files\Malwarebytes' Anti-Malware 2009-05-17 22:30 . 2009-05-17 22:30 580096 -c--a-w c:\windows\system32\dllcache\user32.dll 2009-05-17 22:29 . 2009-05-17 22:29 -------- d-----w c:\windows\ERUNT 2009-05-15 10:10 . 2009-05-15 10:10 -------- d-----w c:\program files\Softwin 2009-05-13 20:26 . 2009-05-13 20:26 -------- d-----w c:\windows\system32\LogFiles 2009-05-11 21:23 . 2009-05-18 20:07 -------- d-----w c:\program files\Common Files\Softwin 2009-05-11 20:47 . 2009-05-11 21:00 -------- d-----w c:\program files\SkanerOnline 2009-05-11 11:19 . 2009-05-11 11:19 -------- d-----w c:\program files\Native Instruments 2009-05-06 22:18 . 2009-05-06 22:18 -------- d-----w c:\documents and settings\All Users\Dane aplikacji\Apple 2009-05-06 22:17 . 2009-05-06 22:21 -------- d-----w c:\documents and settings\Jakub\Ustawienia lokalne\Dane aplikacji\Apple Computer 2009-05-05 20:48 . 2009-05-05 20:48 -------- d--h--w c:\windows\PIF 2009-04-26 19:48 . 2009-05-14 23:45 -------- d-----w c:\program files\SopCast 2009-04-25 19:55 . 2009-04-25 19:55 -------- d-----w c:\documents and settings\Jakub\Ustawienia lokalne\Dane aplikacji\Identities 2009-04-24 06:48 . 2008-04-13 18:45 26368 -c--a-w c:\windows\system32\dllcache\usbstor.sys 2009-04-21 13:37 . 2009-04-21 13:37 -------- d-----w c:\program files\Common Files\xing shared 2009-04-21 13:37 . 2009-04-21 13:37 -------- d-----w c:\program files\Real 2009-04-21 13:37 . 2009-04-21 13:37 348160 ----a-w c:\windows\system32\msvcr71.dll 2009-04-21 13:37 . 2009-04-21 13:37 499712 ----a-w c:\windows\system32\msvcp71.dll 2009-04-21 13:37 . 2009-04-21 13:37 -------- d-----w c:\program files\Common Files\Real . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-05-19 21:17 . 2009-05-18 22:31 85724 --sha-w c:\windows\system32\drivers\fidbox.idx 2009-05-17 21:53 . 2009-05-06 22:20 -------- d-----w c:\program files\iTunes 2009-05-17 21:38 . 2001-10-26 16:15 49910 ----a-w c:\windows\system32\perfc015.dat 2009-05-17 21:38 . 2001-10-26 16:15 356068 ----a-w c:\windows\system32\perfh015.dat 2009-05-11 21:16 . 2009-05-06 22:19 -------- d-----w c:\program files\QuickTime 2009-05-11 21:15 . 2009-04-06 19:36 -------- d-----w c:\program files\MozBackup 2009-05-11 21:05 . 2009-05-06 22:18 -------- d-----w c:\program files\Apple Software Update 2009-05-06 22:21 . 2009-05-06 22:21 -------- d-----w c:\program files\iPod 2009-05-06 22:21 . 2009-05-06 22:18 -------- d-----w c:\program files\Common Files\Apple 2009-05-06 22:20 . 2009-05-06 22:20 -------- d-----w c:\program files\Bonjour 2009-04-13 19:43 . 2009-04-13 19:42 -------- d-----w c:\program files\NAPI-PROJEKT 2009-04-07 18:28 . 2009-04-07 04:34 -------- d-----w c:\program files\SubEdit-Player 2009-04-07 16:43 . 2009-04-06 18:10 -------- d-----w c:\program files\Broadcom 2009-04-07 16:42 . 2009-04-06 18:13 -------- d--h--w c:\program files\InstallShield Installation Information 2009-04-07 16:36 . 2009-04-06 18:11 -------- d-----w c:\program files\Common Files\InstallShield 2009-04-07 15:46 . 2009-04-06 17:53 -------- d-----w c:\program files\Intel 2009-04-07 15:31 . 2009-04-07 15:31 12328 ----a-w c:\documents and settings\Jakub\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT 2009-04-07 14:57 . 2009-04-07 14:57 -------- d-----w c:\program files\Microsoft Silverlight 2009-04-07 04:34 . 2009-04-07 04:32 -------- d-----w c:\program files\Winamp 2009-04-07 04:27 . 2009-04-06 20:17 -------- d-----w c:\program files\NOS 2009-04-06 20:47 . 2009-04-06 20:47 -------- d-----w c:\program files\Tlen.pl 2009-04-06 20:36 . 2009-04-06 20:36 -------- d-----w c:\program files\Common Files\Adobe AIR 2009-04-06 20:32 . 2009-04-06 20:28 -------- d-----w c:\program files\Common Files\Adobe 2009-04-06 19:47 . 2009-04-06 19:47 410984 ----a-w c:\windows\system32\deploytk.dll 2009-04-06 19:47 . 2009-04-06 19:47 -------- d-----w c:\program files\Java 2009-04-06 19:26 . 2009-04-06 19:26 0 ----a-w c:\windows\nsreg.dat 2009-04-06 19:09 . 2009-04-06 19:09 -------- d-----w c:\program files\HP 2009-04-06 19:05 . 2009-04-06 19:05 -------- d-----w c:\program files\Analog Devices 2009-04-06 18:16 . 2009-04-06 18:16 -------- d-----w c:\program files\Synaptics 2009-04-06 18:13 . 2009-04-06 18:13 -------- d-----w c:\program files\Hewlett-Packard 2009-04-06 17:41 . 2009-04-06 17:41 -------- d-----w c:\program files\microsoft frontpage 2009-04-06 17:39 . 2009-04-06 17:39 -------- d-----w c:\program files\Usługi online 2009-04-06 17:37 . 2009-04-06 17:37 21856 ----a-w c:\windows\system32\emptyregdb.dat 2009-03-19 14:32 . 2009-05-06 22:21 23400 ----a-w c:\windows\system32\drivers\GEARAspiWDM.sys 2009-03-06 14:22 . 2004-08-03 22:44 285696 ----a-w c:\windows\system32\pdh.dll 2009-02-20 08:12 . 2004-08-03 22:44 668672 ----a-w c:\windows\system32\wininet.dll 2009-02-20 08:11 . 2004-08-03 22:44 81920 ----a-w c:\windows\system32\ieencode.dll . ((((((((((((((((((((((((((((( SnapShot@2009-05-19_17.17.31 ))))))))))))))))))))))))))))))))))))))))) . + 2009-05-19 21:18 . 2009-05-19 21:18 16384 c:\windows\Temp\Perflib_Perfdata_2ec.dat + 2009-05-19 21:18 . 2009-05-19 21:18 16384 c:\windows\Temp\Perflib_Perfdata_2a4.dat + 2009-05-19 20:20 . 2009-05-19 20:20 295606 c:\windows\Installer\{AC76BA86-7AD7-2447-0000-900000000003}\ARPPRODUCTICON.exe . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-05-19 113520] "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-06-06 77824] "igfxpers"="c:\windows\system32\igfxpers.exe" [2006-06-06 118784] "igfxtray"="c:\windows\system32\igfxtray.exe" [2006-06-06 94208] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-05-18 416040] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-05-18 491520] "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2009-05-18 942080] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-18 218520] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-05-18 839770] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-05-18 271888] "AGRSMMSG"="AGRSMMSG.exe" - c:\windows\AGRSMMSG.exe [2005-12-12 88203] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\Jakub\Menu Start\Programy\Autostart\ is-HQMB1.lnk - c:\documents and settings\Jakub\Pulpit\Virus Removal Tool\is-HQMB1\startup.exe [2009-5-19 65536] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "DisableTaskMgr"= 1 (0x1) "DisableRegistryTools"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 "UacDisableNotify"=dword:00000001 "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "AntiVirusOverride"=dword:00000001 "AntiVirusDisableNotify"=dword:00000001 "FirewallDisableNotify"=dword:00000001 "FirewallOverride"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 "UacDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Tlen.pl\\tlen.exe"= "e:\\Program Files\\BitLord\\BitLord.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "e:\\Program Files\\DC++\\DCPlusPlus.exe"= "c:\\Program Files\\SopCast\\SopCast.exe"= "c:\\Program Files\\SopCast\\adv\\SopAdver.exe"= "c:\\Program Files\\Adobe\\Reader 9.0\\Reader\\AcroRd32Info.exe"= "c:\\Program Files\\Java\\jre6\\bin\\jqsnotify.exe"= "c:\\Program Files\\Analog Devices\\SoundMAX\\Smax4.exe"= "c:\\Program Files\\Analog Devices\\Core\\smax4pnp.exe"= "c:\\WINDOWS\\system32\\igfxtray.exe"= "c:\\WINDOWS\\system32\\hkcmd.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\ComboFix\\NirCmd.cfexe"= "c:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"= "c:\\Program Files\\Winamp\\winampa.exe"= "c:\\Program Files\\iTunes\\iTunesHelper.exe"= "c:\\Program Files\\Adobe\\Reader 9.0\\Reader\\AcroRd32.exe"= "c:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "c:\\Documents and Settings\\Jakub\\Pulpit\\Virus Removal Tool\\is-HQMB1\\is-HQMB1.exe"= "c:\\WINDOWS\\system32\\CF6769.exe"= "c:\\ComboFix\\NirCmdC.cfexe"= "c:\\DOCUME~1\\Jakub\\USTAWI~1\\Temp\\winiihv.exe"= R3 dac970nt;dac970nt;\??\c:\windows\system32\drivers\kkghpn.sys --> c:\windows\system32\drivers\kkghpn.sys [?] S3 AVPsys;AVPsys;c:\windows\system32\drivers\cdaudio.sys [2001-08-17 18688] --- Inne Usługi/Sterowniki w Pamięci --- *NewlyCreated* - DAC970NT . . ------- Skan uzupełniający ------- . uStart Page = about:blank uInternet Settings,ProxyOverride = *.local DPF: {68282C51-9459-467B-95BF-3C0E89627E55} - hxxp://www.mks.com.pl/skaner/SkanerOnline.cab FF - ProfilePath - c:\documents and settings\Jakub\Dane aplikacji\Mozilla\Firefox\Profiles\dli59swq.default\ FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-05-19 23:18 Windows 5.1.2600 Dodatek Service Pack 3 NTFS skanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ... skanowanie pomyślnie ukończone ukryte pliki: 0 ************************************************************************** . ------------------------ Pozostałe uruchomione procesy ------------------------ . c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Java\jre6\bin\jqs.exe c:\windows\system32\wdfmgr.exe c:\windows\system32\wbem\wmiapsrv.exe c:\windows\system32\netsh.exe c:\docume~1\Jakub\USTAWI~1\temp\winiihv.exe . ************************************************************************** . Czas ukończenia: 2009-05-19 23:22 - komputer został uruchomiony ponownie ComboFix-quarantined-files.txt 2009-05-19 21:22 ComboFix2.txt 2009-05-19 17:21 Przed: 4 816 236 544 bajtów wolnych Po: 4 804 509 696 bajtów wolnych 201 --- E O F --- 2009-05-14 14:27

**Posty:** 18165 · przez **wojtas** 19 Maj 2009, 23:28

przeskanuj kompa jeszcze raz webem :

Otworz notatnik i wklej w nim to:

File::
c:\windows\system32\drivers\kkghpn.sys

Folder::
c:\DOCUME~1\Jakub\USTAWI~1\Temp

Registry::
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"=-
"DisableRegistryTools"=-

Driver::
dac970nt

>>Plik>>Zapisz jako... >>> CFScript
Przeciągnij i upuść plik CFScript.txt na plik ComboFix.exe
-->

Ma się rozpocząć usuwanie. (i powstanie log).Daj ten log, który powstanie w trakcie usuwania.

**Posty:** 8 · przez **Yadziah** 20 Maj 2009, 17:12

Kod: Zaznacz wszystko: ComboFix 09-05-19.02 - Jakub 2009-05-20 17:04.5 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1250.48.1045.18.503.327 [GMT 2:00] Uruchomiony z: c:\documents and settings\Jakub\Pulpit\ComboFix.exe Użyto następujących komend :: c:\documents and settings\Jakub\Pulpit\CFScript.txt FILE :: c:\windows\system32\drivers\kkghpn.sys . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\docume~1\Jakub\USTAWI~1\Temp c:\docume~1\Jakub\USTAWI~1\Temp\Av-test.txt c:\docume~1\Jakub\USTAWI~1\Temp\winiihv.exe c:\docume~1\Jakub\USTAWI~1\Temp\winlcalj.exe . ((((((((((((((((((((((((((((((((((((((( Sterowniki/Usługi ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_DAC970NT -------\Service_dac970nt ((((((((((((((((((((((((( Pliki utworzone od 2009-04-20 do 2009-05-20 ))))))))))))))))))))))))))))))) . 2009-05-18 22:31 . 2009-05-19 21:17 7045152 --sha-w c:\windows\system32\drivers\fidbox.dat 2009-05-18 20:41 . 2009-05-18 20:41 -------- d-----w c:\documents and settings\Jakub\DoctorWeb 2009-05-18 19:20 . 2009-05-18 19:20 -------- d-----w c:\documents and settings\Jakub\Dane aplikacji\Malwarebytes 2009-05-18 19:20 . 2009-04-06 13:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys 2009-05-18 19:20 . 2009-04-06 13:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys 2009-05-18 19:20 . 2009-05-18 19:20 -------- d-----w c:\documents and settings\All Users\Dane aplikacji\Malwarebytes 2009-05-18 19:20 . 2009-05-18 19:20 -------- d-----w c:\program files\Malwarebytes' Anti-Malware 2009-05-17 22:30 . 2009-05-17 22:30 580096 -c--a-w c:\windows\system32\dllcache\user32.dll 2009-05-17 22:29 . 2009-05-17 22:29 -------- d-----w c:\windows\ERUNT 2009-05-15 10:10 . 2009-05-15 10:10 -------- d-----w c:\program files\Softwin 2009-05-13 20:26 . 2009-05-13 20:26 -------- d-----w c:\windows\system32\LogFiles 2009-05-11 21:23 . 2009-05-18 20:07 -------- d-----w c:\program files\Common Files\Softwin 2009-05-11 20:47 . 2009-05-11 21:00 -------- d-----w c:\program files\SkanerOnline 2009-05-11 11:19 . 2009-05-11 11:19 -------- d-----w c:\program files\Native Instruments 2009-05-06 22:18 . 2009-05-06 22:18 -------- d-----w c:\documents and settings\All Users\Dane aplikacji\Apple 2009-05-06 22:17 . 2009-05-06 22:21 -------- d-----w c:\documents and settings\Jakub\Ustawienia lokalne\Dane aplikacji\Apple Computer 2009-05-05 20:48 . 2009-05-05 20:48 -------- d--h--w c:\windows\PIF 2009-04-26 19:48 . 2009-05-14 23:45 -------- d-----w c:\program files\SopCast 2009-04-25 19:55 . 2009-04-25 19:55 -------- d-----w c:\documents and settings\Jakub\Ustawienia lokalne\Dane aplikacji\Identities 2009-04-24 06:48 . 2008-04-13 18:45 26368 -c--a-w c:\windows\system32\dllcache\usbstor.sys 2009-04-21 13:37 . 2009-04-21 13:37 -------- d-----w c:\program files\Common Files\xing shared 2009-04-21 13:37 . 2009-04-21 13:37 -------- d-----w c:\program files\Real 2009-04-21 13:37 . 2009-04-21 13:37 348160 ----a-w c:\windows\system32\msvcr71.dll 2009-04-21 13:37 . 2009-04-21 13:37 499712 ----a-w c:\windows\system32\msvcp71.dll 2009-04-21 13:37 . 2009-04-21 13:37 -------- d-----w c:\program files\Common Files\Real . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-05-19 21:17 . 2009-05-18 22:31 85724 --sha-w c:\windows\system32\drivers\fidbox.idx 2009-05-17 21:53 . 2009-05-06 22:20 -------- d-----w c:\program files\iTunes 2009-05-17 21:38 . 2001-10-26 16:15 49910 ----a-w c:\windows\system32\perfc015.dat 2009-05-17 21:38 . 2001-10-26 16:15 356068 ----a-w c:\windows\system32\perfh015.dat 2009-05-11 21:16 . 2009-05-06 22:19 -------- d-----w c:\program files\QuickTime 2009-05-11 21:15 . 2009-04-06 19:36 -------- d-----w c:\program files\MozBackup 2009-05-11 21:05 . 2009-05-06 22:18 -------- d-----w c:\program files\Apple Software Update 2009-05-06 22:21 . 2009-05-06 22:21 -------- d-----w c:\program files\iPod 2009-05-06 22:21 . 2009-05-06 22:18 -------- d-----w c:\program files\Common Files\Apple 2009-05-06 22:20 . 2009-05-06 22:20 -------- d-----w c:\program files\Bonjour 2009-04-13 19:43 . 2009-04-13 19:42 -------- d-----w c:\program files\NAPI-PROJEKT 2009-04-07 18:28 . 2009-04-07 04:34 -------- d-----w c:\program files\SubEdit-Player 2009-04-07 16:43 . 2009-04-06 18:10 -------- d-----w c:\program files\Broadcom 2009-04-07 16:42 . 2009-04-06 18:13 -------- d--h--w c:\program files\InstallShield Installation Information 2009-04-07 16:36 . 2009-04-06 18:11 -------- d-----w c:\program files\Common Files\InstallShield 2009-04-07 15:46 . 2009-04-06 17:53 -------- d-----w c:\program files\Intel 2009-04-07 15:31 . 2009-04-07 15:31 12328 ----a-w c:\documents and settings\Jakub\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT 2009-04-07 14:57 . 2009-04-07 14:57 -------- d-----w c:\program files\Microsoft Silverlight 2009-04-07 04:34 . 2009-04-07 04:32 -------- d-----w c:\program files\Winamp 2009-04-07 04:27 . 2009-04-06 20:17 -------- d-----w c:\program files\NOS 2009-04-06 20:47 . 2009-04-06 20:47 -------- d-----w c:\program files\Tlen.pl 2009-04-06 20:36 . 2009-04-06 20:36 -------- d-----w c:\program files\Common Files\Adobe AIR 2009-04-06 20:32 . 2009-04-06 20:28 -------- d-----w c:\program files\Common Files\Adobe 2009-04-06 19:47 . 2009-04-06 19:47 410984 ----a-w c:\windows\system32\deploytk.dll 2009-04-06 19:47 . 2009-04-06 19:47 -------- d-----w c:\program files\Java 2009-04-06 19:26 . 2009-04-06 19:26 0 ----a-w c:\windows\nsreg.dat 2009-04-06 19:09 . 2009-04-06 19:09 -------- d-----w c:\program files\HP 2009-04-06 19:05 . 2009-04-06 19:05 -------- d-----w c:\program files\Analog Devices 2009-04-06 18:16 . 2009-04-06 18:16 -------- d-----w c:\program files\Synaptics 2009-04-06 18:13 . 2009-04-06 18:13 -------- d-----w c:\program files\Hewlett-Packard 2009-04-06 17:41 . 2009-04-06 17:41 -------- d-----w c:\program files\microsoft frontpage 2009-04-06 17:39 . 2009-04-06 17:39 -------- d-----w c:\program files\Usługi online 2009-04-06 17:37 . 2009-04-06 17:37 21856 ----a-w c:\windows\system32\emptyregdb.dat 2009-03-19 14:32 . 2009-05-06 22:21 23400 ----a-w c:\windows\system32\drivers\GEARAspiWDM.sys 2009-03-06 14:22 . 2004-08-03 22:44 285696 ----a-w c:\windows\system32\pdh.dll 2009-02-20 08:12 . 2004-08-03 22:44 668672 ----a-w c:\windows\system32\wininet.dll 2009-02-20 08:11 . 2004-08-03 22:44 81920 ----a-w c:\windows\system32\ieencode.dll . ((((((((((((((((((((((((((((( SnapShot@2009-05-19_17.17.31 ))))))))))))))))))))))))))))))))))))))))) . + 2009-05-20 15:07 . 2009-05-20 15:07 16384 c:\windows\Temp\Perflib_Perfdata_70c.dat + 2009-05-20 15:07 . 2009-05-20 15:07 16384 c:\windows\Temp\Perflib_Perfdata_308.dat + 2009-05-19 20:20 . 2009-05-19 20:20 295606 c:\windows\Installer\{AC76BA86-7AD7-2447-0000-900000000003}\ARPPRODUCTICON.exe . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-05-19 105328] "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-06-06 77824] "igfxpers"="c:\windows\system32\igfxpers.exe" [2006-06-06 118784] "igfxtray"="c:\windows\system32\igfxtray.exe" [2006-06-06 94208] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-05-18 420136] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-05-18 487424] "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2009-05-18 950272] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-18 226712] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-05-18 831578] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-05-18 275984] "AGRSMMSG"="AGRSMMSG.exe" - c:\windows\AGRSMMSG.exe [2005-12-12 88203] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\Jakub\Menu Start\Programy\Autostart\ is-HQMB1.lnk - c:\documents and settings\Jakub\Pulpit\Virus Removal Tool\is-HQMB1\startup.exe [2009-5-19 65536] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "DisableTaskMgr"= 1 (0x1) "DisableRegistryTools"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 "UacDisableNotify"=dword:00000001 "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "AntiVirusOverride"=dword:00000001 "AntiVirusDisableNotify"=dword:00000001 "FirewallDisableNotify"=dword:00000001 "FirewallOverride"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 "UacDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Tlen.pl\\tlen.exe"= "e:\\Program Files\\BitLord\\BitLord.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "e:\\Program Files\\DC++\\DCPlusPlus.exe"= "c:\\Program Files\\SopCast\\SopCast.exe"= "c:\\Program Files\\SopCast\\adv\\SopAdver.exe"= "c:\\Program Files\\Adobe\\Reader 9.0\\Reader\\AcroRd32Info.exe"= "c:\\Program Files\\Java\\jre6\\bin\\jqsnotify.exe"= "c:\\Program Files\\Analog Devices\\SoundMAX\\Smax4.exe"= "c:\\Program Files\\Analog Devices\\Core\\smax4pnp.exe"= "c:\\WINDOWS\\system32\\igfxtray.exe"= "c:\\WINDOWS\\system32\\hkcmd.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\ComboFix\\NirCmd.cfexe"= "c:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"= "c:\\Program Files\\Winamp\\winampa.exe"= "c:\\Program Files\\iTunes\\iTunesHelper.exe"= "c:\\Program Files\\Adobe\\Reader 9.0\\Reader\\AcroRd32.exe"= "c:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "c:\\Documents and Settings\\Jakub\\Pulpit\\Virus Removal Tool\\is-HQMB1\\is-HQMB1.exe"= "c:\\ComboFix\\NirCmdC.cfexe"= "c:\\Documents and Settings\\Jakub\\Pulpit\\launch.exe"= "c:\\WINDOWS\\system32\\CF19635.exe"= S3 AVPsys;AVPsys;c:\windows\system32\drivers\cdaudio.sys [2001-08-17 18688] --- Inne Usługi/Sterowniki w Pamięci --- *NewlyCreated* - DAC970NT . . ------- Skan uzupełniający ------- . uStart Page = about:blank uInternet Settings,ProxyOverride = *.local DPF: {68282C51-9459-467B-95BF-3C0E89627E55} - hxxp://www.mks.com.pl/skaner/SkanerOnline.cab FF - ProfilePath - c:\documents and settings\Jakub\Dane aplikacji\Mozilla\Firefox\Profiles\dli59swq.default\ FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-05-20 17:07 Windows 5.1.2600 Dodatek Service Pack 3 NTFS skanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ... skanowanie pomyślnie ukończone ukryte pliki: 0 ************************************************************************** . ------------------------ Pozostałe uruchomione procesy ------------------------ . c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Java\jre6\bin\jqs.exe c:\windows\system32\wdfmgr.exe c:\windows\system32\wbem\wmiapsrv.exe c:\docume~1\Jakub\USTAWI~1\Temp\winfuji.exe . ************************************************************************** . Czas ukończenia: 2009-05-20 17:11 - komputer został uruchomiony ponownie ComboFix-quarantined-files.txt 2009-05-20 15:11 ComboFix2.txt 2009-05-19 21:22 ComboFix3.txt 2009-05-19 17:21 Przed: 5 233 729 536 bajtów wolnych Po: 5 199 941 632 bajtów wolnych 200 --- E O F --- 2009-05-14 14:27

Dodano Dzisiaj, 18:26:
heh dopiero teraz zobaczylem ze nie moge wejsc do rejestu - zostalo to wylaczone przez administratora sieci :cry:

**Posty:** 18165 · przez **wojtas** 20 Maj 2009, 19:19

czytaj to:;

http://www.searchengines.pl/Infekcje-plikow-wykonywalnych-exe-dll-scr-t122692.html

czyli :

Usuwanie infekcji plików wykonywalnych bez formatu

**Posty:** 8 · przez **Yadziah** 24 Maj 2009, 14:32

wyczyszczone przez boot cd z avirą, pozniej lecialem Dr. Web CureIt'em, FixPolicies naprawil mi ze moge wejsc w menago urzadzen i rejstr...czesc plikow exe zostala usunieta kompletnie i nie dziala mi kilka programow...

**Posty:** 18165 · przez **wojtas** 24 Maj 2009, 20:41

przeinstaluj te programy...

Kto jest na forum