Proszę o sprawdzenie logów. W miare możliwości prosze tez o jak najbardziej łopatologiczne wytłumaczenie wszystkich czynności które później miałbym wykonać - jak widac jestem nowy na forum i pierwszy raz korzystam z takiej pomocy
Z góry wielkie dzięki- Kod: Zaznacz wszystko
ComboFix 08-10-22.05 - Andrzej 2008-10-23 8:22:11.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.697 [GMT 2:00]
Uruchomiony z: D:\instalki\ComboFix.exe
* Utworzono nowy punkt przywracania
.
((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\copy.exe
C:\host.exe
C:\WINDOWS\system32\dllcache\zipexr.dll
C:\WINDOWS\system32\soundmix.exe
D:\Autorun.inf
D:\copy.exe
D:\host.exe
E:\Autorun.inf
E:\copy.exe
E:\host.exe
H:\autorun.inf
H:\RECYCLER\autorun.exe
.
((((((((((((((((((((((((( Pliki utworzone od 2008-09-23 do 2008-10-23 )))))))))))))))))))))))))))))))
.
2008-10-22 23:00 . 2008-10-22 23:00 697 ---hs---- C:\comment.htt
2008-10-22 23:00 . 2008-10-22 23:00 72 ---hs---- C:\desktop.ini
2008-10-18 19:18 . 2008-08-14 15:46 2,181,632 -----c--- C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2008-10-18 19:18 . 2008-08-14 15:46 2,137,600 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2008-10-18 19:18 . 2008-08-14 15:46 2,059,008 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2008-10-18 19:18 . 2008-08-14 15:46 2,017,280 -----c--- C:\WINDOWS\system32\dllcache\ntkrpamp.exe
2008-10-16 22:03 . 2003-06-24 13:55 127,497 --a------ C:\WINDOWS\system32\drivers\adiusbaw.sys
2008-10-16 22:03 . 2003-08-08 18:55 11,961 --a------ C:\WINDOWS\system32\drivers\adiusbaw.cat
2008-10-16 22:03 . 2008-10-16 22:08 154 --a------ C:\WINDOWS\adidsl.ini
2008-10-16 22:03 . 2008-10-16 22:03 21 --a------ C:\WINDOWS\Fast800.ini
2008-10-16 22:02 . 2008-10-16 22:02 <DIR> d-------- C:\Program Files\SAGEM
2008-10-12 22:48 . 2008-10-12 22:48 <DIR> d-------- C:\WINDOWS\system32\LogFiles
2008-10-12 22:46 . 2008-10-12 22:46 <DIR> d-------- C:\Program Files\ArcPad 7.0
2008-10-12 22:46 . 2008-10-13 17:39 238 --a------ C:\WINDOWS\ArcPad.INI
2008-10-11 00:04 . 2008-10-11 00:04 <DIR> d-------- C:\Program Files\Common Files\ESRI
2008-10-11 00:04 . 1997-07-03 17:10 860,160 --a------ C:\WINDOWS\system32\ccsdk32.dll
2008-10-11 00:04 . 1999-04-05 02:37 420,864 --a------ C:\WINDOWS\system32\DFORRT.DLL
2008-10-11 00:04 . 1997-12-17 19:33 304,128 --a------ C:\WINDOWS\system32\IsUninst.Exe
2008-10-11 00:04 . 1997-12-19 02:42 210,944 --a------ C:\WINDOWS\system32\Msvcrt10.dll
2008-10-11 00:04 . 1998-06-24 10:57 209,192 --a------ C:\WINDOWS\system32\TABCTL32.OCX
2008-10-11 00:04 . 1998-06-24 10:55 140,096 --a------ C:\WINDOWS\system32\COMDLG32.OCX
2008-10-10 23:57 . 2008-10-10 23:57 <DIR> d-------- C:\Program Files\Common Files\Program Files
2008-10-10 23:57 . 2008-10-10 23:57 <DIR> d-------- C:\Documents and Settings\Andrzej\WINDOWS
2008-10-10 23:57 . 1997-04-08 21:08 299,520 --a------ C:\WINDOWS\uninst.exe
2008-10-10 23:13 . 2005-10-21 03:47 30,592 --------- C:\WINDOWS\system32\drivers\rndismpx.sys
2008-10-10 23:13 . 2005-10-21 03:47 12,800 --------- C:\WINDOWS\system32\drivers\usb8023x.sys
2008-10-10 23:11 . 2008-10-10 23:11 <DIR> d-------- C:\WINDOWS\Downloaded Installations
2008-10-05 23:04 . 2008-10-22 17:34 <DIR> d-------- C:\Documents and Settings\Andrzej\Dane aplikacji\gtk-2.0
2008-10-05 23:04 . 2008-10-05 23:04 <DIR> d-------- C:\Documents and Settings\Andrzej\.thumbnails
2008-10-05 23:03 . 2008-10-05 23:03 <DIR> d-------- C:\Program Files\GIMP-2.0
2008-10-05 23:03 . 2008-10-22 17:36 <DIR> d-------- C:\Documents and Settings\Andrzej\.gimp-2.2
2008-10-05 23:02 . 2008-10-05 23:02 <DIR> d-------- C:\Program Files\Common Files\GTK
2008-10-03 15:04 . 2008-10-03 15:04 <DIR> d-------- C:\Documents and Settings\Andrzej\Dane aplikacji\TransRender
2008-10-03 15:04 . 2008-10-03 15:04 <DIR> d-------- C:\Documents and Settings\Andrzej\Dane aplikacji\Temporary
2008-10-03 15:04 . 2008-10-03 15:04 <DIR> d-------- C:\Documents and Settings\Andrzej\Dane aplikacji\ConvertTemp
2008-09-28 23:44 . 2008-09-28 23:44 <DIR> d-------- C:\Program Files\PhotoFiltre
2008-09-28 21:33 . 2008-04-06 09:51 103,966 -r-hs---- C:\t.com
2008-09-23 11:23 . 2008-09-23 11:23 <DIR> d-------- C:\Documents and Settings\Andrzej\Dane aplikacji\Ahead
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-23 06:20 --------- d-----w C:\Documents and Settings\Andrzej\Dane aplikacji\Skype
2008-10-23 06:19 --------- d-----w C:\Documents and Settings\Andrzej\Dane aplikacji\foobar2000
2008-10-16 20:21 --------- d-----w C:\Program Files\Neostrada TP
2008-10-16 20:03 23 ----a-w C:\WINDOWS\system32\drivers\adidsl.cfg
2008-10-16 20:02 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-25 13:02 --------- d-----w C:\Program Files\Unlocker
2008-09-23 09:22 --------- d-----w C:\Program Files\Common Files\LightScribe
2008-09-20 10:38 --------- d-----w C:\Program Files\Common Files\snpstd
2008-09-20 09:17 --------- d-----w C:\Program Files\Wirtualny Inwestor
2008-09-19 10:12 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll
2008-09-19 10:12 --------- d-----w C:\Program Files\Real
2008-09-19 10:12 --------- d-----w C:\Program Files\Google
2008-09-19 10:12 --------- d-----w C:\Program Files\Common Files\xing shared
2008-09-19 10:12 --------- d-----w C:\Program Files\Common Files\Real
2008-09-19 06:28 --------- d-----w C:\Program Files\DUALphone
2008-09-18 11:03 --------- d-----w C:\Program Files\CommView
2008-09-17 13:14 --------- d-----w C:\Documents and Settings\Andrzej\Dane aplikacji\LimeWire
2008-09-17 13:01 --------- d-----w C:\Program Files\Java
2008-09-17 13:00 --------- d-----w C:\Program Files\Common Files\Java
2008-09-17 12:57 --------- d-----w C:\Program Files\Ares
2008-09-17 10:36 --------- d-----w C:\Documents and Settings\Andrzej\Dane aplikacji\Samsung
2008-09-16 19:00 --------- d-----w C:\Program Files\SopCast
2008-09-16 18:49 --------- d-----w C:\Documents and Settings\Andrzej\Dane aplikacji\SopCast
2008-09-15 15:40 1,846,272 ----a-w C:\WINDOWS\system32\win32k.sys
2008-09-15 07:04 --------- d-----w C:\Documents and Settings\Andrzej\Dane aplikacji\AdobeUM
2008-09-14 11:38 --------- d-----w C:\Program Files\Symantec
2008-09-14 11:38 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-09-14 11:36 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Symantec
2008-09-13 21:59 --------- d-----w C:\Program Files\MSXML 4.0
2008-09-12 23:29 --------- d-----w C:\Program Files\Samsung
2008-09-12 23:21 --------- d-----w C:\Program Files\Common Files\Adobe
2008-09-12 23:20 --------- d-----w C:\Program Files\microsoft frontpage
2008-09-12 23:20 --------- d-----w C:\Documents and Settings\Andrzej\Dane aplikacji\Microsoft Web Folders
2008-09-12 22:53 --------- d-----w C:\Documents and Settings\Andrzej\Dane aplikacji\BESTplayer
2008-09-12 22:51 --------- d-----w C:\Program Files\Lexmark 2300 Series
2008-09-12 22:37 --------- d-----w C:\Documents and Settings\Andrzej\Dane aplikacji\ATI
2008-09-12 22:29 --------- d-----w C:\Program Files\Common Files\Ahead
2008-09-12 22:25 --------- d-----w C:\Program Files\Nero
2008-09-12 22:22 --------- d-----w C:\Program Files\ATI Technologies
2008-09-12 22:21 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-09-12 22:17 --------- d-----w C:\Documents and Settings\Andrzej\Dane aplikacji\Symantec
2008-09-12 22:02 --------- d-----w C:\Program Files\Analog Devices
2008-09-12 22:00 --------- d-----w C:\Program Files\Gadu-Gadu
2008-09-12 22:00 --------- d-----w C:\Documents and Settings\Andrzej\Dane aplikacji\Gadu-Gadu
2008-09-12 21:58 --------- d-----w C:\Program Files\Skype
2008-09-12 21:58 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Skype
2008-09-12 21:55 --------- d-----w C:\Program Files\foobar2000
2008-09-12 21:54 --------- d-----w C:\Program Files\ffdshow
2008-09-12 21:43 --------- d-----w C:\Program Files\Usługi online
2008-08-28 10:04 333,056 ----a-w C:\WINDOWS\system32\drivers\srv.sys
2008-08-26 08:27 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-08-14 13:46 2,181,632 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
2008-08-14 13:46 2,059,008 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
2008-01-08 15:34 53,765 ----a-w C:\Documents and Settings\Andrzej\ProWINFILE.EXE
.
((((((((((((((((((((((((((((( snapshot@2008-09-20_13.37.33.00 )))))))))))))))))))))))))))))))))))))))))
.
+ 1998-11-08 14:00:00 60,416 ----a-w C:\WINDOWS\Crystal\CRXLAT32.DLL
+ 1998-11-08 14:00:00 286,720 ----a-w C:\WINDOWS\Crystal\p2bact.dll
+ 1998-11-08 14:00:00 43,520 ----a-w C:\WINDOWS\Crystal\p2bact3.dll
+ 1998-11-08 14:00:00 208,127 ----a-w C:\WINDOWS\Crystal\p2bbde.dll
+ 1998-11-08 14:00:00 101,376 ----a-w C:\WINDOWS\Crystal\p2bbtrv.dll
+ 1998-11-08 14:00:00 268,288 ----a-w C:\WINDOWS\Crystal\p2bxbse.dll
+ 1998-11-08 14:00:00 75,776 ----a-w C:\WINDOWS\Crystal\p2ctbtrv.dll
+ 1998-11-08 14:00:00 70,656 ----a-w C:\WINDOWS\Crystal\p2iract.dll
+ 1998-11-08 14:00:00 43,008 ----a-w C:\WINDOWS\Crystal\p2iract3.dll
+ 1998-11-08 14:00:00 225,280 ----a-w C:\WINDOWS\Crystal\p2ixbse.dll
+ 1998-11-08 14:00:00 102,912 ----a-w C:\WINDOWS\Crystal\p2lodbc.dll
+ 1998-11-08 14:00:00 300,544 ----a-w C:\WINDOWS\Crystal\p2molap.dll
+ 1998-11-08 14:00:00 142,848 ----a-w C:\WINDOWS\Crystal\p2sacl.dll
+ 1998-11-08 14:00:00 214,528 ----a-w C:\WINDOWS\Crystal\p2sdb2.dll
+ 1998-11-08 14:00:00 153,600 ----a-w C:\WINDOWS\Crystal\p2sexsr.dll
+ 1998-11-08 14:00:00 138,240 ----a-w C:\WINDOWS\Crystal\p2sfs.dll
+ 1998-11-08 14:00:00 173,568 ----a-w C:\WINDOWS\Crystal\p2sifmx.dll
+ 1998-11-08 14:00:00 128,512 ----a-w C:\WINDOWS\Crystal\p2smapi.dll
+ 1998-11-08 14:00:00 306,176 ----a-w C:\WINDOWS\Crystal\p2smcube.dll
+ 1998-11-08 14:00:00 252,416 ----a-w C:\WINDOWS\Crystal\p2smsiis.dll
+ 1998-11-08 14:00:00 239,616 ----a-w C:\WINDOWS\Crystal\p2solap.dll
+ 1998-11-08 14:00:00 138,240 ----a-w C:\WINDOWS\Crystal\p2soledb.dll
+ 1998-11-08 14:00:00 216,064 ----a-w C:\WINDOWS\Crystal\p2sora7.dll
+ 1998-11-08 14:00:00 806,400 ----a-w C:\WINDOWS\Crystal\p2soutlk.dll
+ 1998-11-08 14:00:00 140,800 ----a-w C:\WINDOWS\Crystal\p2srepl.dll
+ 1998-11-08 14:00:00 201,728 ----a-w C:\WINDOWS\Crystal\p2ssql.dll
+ 1998-11-08 14:00:00 160,768 ----a-w C:\WINDOWS\Crystal\p2ssyb10.dll
+ 1998-11-08 14:00:00 206,336 ----a-w C:\WINDOWS\Crystal\p2strack.dll
+ 1998-11-08 14:00:00 234,496 ----a-w C:\WINDOWS\Crystal\p2swblg.dll
+ 1998-11-08 14:00:00 55,808 ----a-w C:\WINDOWS\Crystal\u252000.dll
+ 1998-11-08 14:00:00 44,544 ----a-w C:\WINDOWS\Crystal\u25dts.dll
+ 1997-09-09 16:00:00 61,440 ----a-w C:\WINDOWS\Crystal\u25store.dll
+ 1998-11-08 14:00:00 70,144 ----a-w C:\WINDOWS\Crystal\u2dapp.dll
+ 1998-11-08 14:00:00 58,880 ----a-w C:\WINDOWS\Crystal\U2DDISK.DLL
+ 1998-11-08 14:00:00 74,240 ----a-w C:\WINDOWS\Crystal\U2DMAPI.DLL
+ 1998-11-08 14:00:00 102,912 ----a-w C:\WINDOWS\Crystal\u2dnotes.dll
+ 1998-11-08 14:00:00 95,232 ----a-w C:\WINDOWS\Crystal\u2dpost.dll
+ 1998-11-08 14:00:00 92,160 ----a-w C:\WINDOWS\Crystal\u2dvim.dll
+ 1998-11-08 14:00:00 64,000 ----a-w C:\WINDOWS\Crystal\U2FCR.DLL
+ 1998-11-08 14:00:00 71,680 ----a-w C:\WINDOWS\Crystal\U2FDIF.DLL
+ 1998-11-08 14:00:00 221,696 ----a-w C:\WINDOWS\Crystal\U2FHTML.DLL
+ 1998-11-08 14:00:00 93,184 ----a-w C:\WINDOWS\Crystal\u2fodbc.dll
+ 1998-11-08 14:00:00 67,584 ----a-w C:\WINDOWS\Crystal\u2frdef.dll
+ 1998-11-08 14:00:00 64,000 ----a-w C:\WINDOWS\Crystal\U2FREC.DLL
+ 1998-11-08 14:00:00 113,664 ----a-w C:\WINDOWS\Crystal\U2FRTF.DLL
+ 1998-11-08 14:00:00 73,728 ----a-w C:\WINDOWS\Crystal\U2FSEPV.DLL
+ 1998-11-08 14:00:00 129,024 ----a-w C:\WINDOWS\Crystal\U2FTEXT.DLL
+ 1998-11-08 14:00:00 75,264 ----a-w C:\WINDOWS\Crystal\U2FWKS.DLL
+ 1998-11-08 14:00:00 120,320 ----a-w C:\WINDOWS\Crystal\U2FWORDW.DLL
+ 1998-11-08 14:00:00 180,736 ----a-w C:\WINDOWS\Crystal\U2FXLS.DLL
+ 1998-11-08 14:00:00 56,320 ----a-w C:\WINDOWS\Crystal\u2l2000.dll
+ 1998-11-08 14:00:00 40,960 ----a-w C:\WINDOWS\Crystal\u2lbar.dll
+ 1998-11-08 14:00:00 24,576 ----a-w C:\WINDOWS\Crystal\u2lcom.dll
+ 1998-11-08 14:00:00 38,400 ----a-w C:\WINDOWS\Crystal\u2ldts.dll
+ 1998-11-08 14:00:00 36,864 ----a-w C:\WINDOWS\Crystal\u2lexch.dll
+ 1998-11-08 14:00:00 12,288 ----a-w C:\WINDOWS\Crystal\u2lfinra.dll
+ 1998-11-08 14:00:00 27,136 ----a-w C:\WINDOWS\Crystal\u2lsamp1.dll
+ 2008-08-14 13:46:46 2,137,600 ------w C:\WINDOWS\Driver Cache\i386\ntkrnlmp.exe
+ 2008-08-14 13:46:58 2,059,008 ------w C:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe
+ 2008-08-14 13:46:44 2,017,280 ------w C:\WINDOWS\Driver Cache\i386\ntkrpamp.exe
+ 2008-08-14 13:46:56 2,181,632 ------w C:\WINDOWS\Driver Cache\i386\ntoskrnl.exe
+ 2005-10-21 01:47:04 30,592 ------w C:\WINDOWS\Driver Cache\i386\rndismpx.sys
+ 2005-10-21 01:47:05 12,800 ------w C:\WINDOWS\Driver Cache\i386\usb8023x.sys
+ 2008-06-23 16:42:04 124,928 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\advpack.dll
+ 2008-06-23 16:42:04 347,136 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\dxtmsft.dll
+ 2008-06-23 16:42:05 214,528 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\dxtrans.dll
+ 2008-06-23 16:42:05 133,120 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\extmgr.dll
+ 2008-06-23 16:42:05 63,488 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\icardie.dll
+ 2008-06-23 09:23:08 70,656 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\ie4uinit.exe
+ 2008-06-23 16:42:05 153,088 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\ieakeng.dll
+ 2008-06-23 16:42:05 230,400 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\ieaksie.dll
+ 2008-06-21 05:23:54 161,792 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\ieakui.dll
+ 2008-06-23 16:42:05 383,488 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\ieapfltr.dll
+ 2008-06-23 16:42:06 384,512 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\iedkcs32.dll
+ 2008-06-23 16:42:07 6,066,176 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\ieframe.dll
+ 2008-06-23 16:42:07 44,544 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\iernonce.dll
+ 2008-06-23 16:42:08 267,776 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\iertutil.dll
+ 2008-06-23 09:20:26 13,824 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\ieudinit.exe
+ 2008-06-23 09:23:29 625,664 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\iexplore.exe
+ 2008-06-23 16:42:08 27,648 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\jsproxy.dll
+ 2008-06-23 16:42:09 459,264 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\msfeeds.dll
+ 2008-06-23 16:42:09 52,224 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\msfeedsbs.dll
+ 2008-06-24 08:42:12 3,592,192 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\mshtml.dll
+ 2008-06-23 16:42:11 477,696 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\mshtmled.dll
+ 2008-06-23 16:42:11 193,024 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\msrating.dll
+ 2008-06-23 16:42:11 671,232 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\mstime.dll
+ 2008-06-23 16:42:11 102,912 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\occache.dll
+ 2008-06-23 16:42:11 44,544 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\pngfilt.dll
+ 2007-03-06 03:28:40 216,288 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe
+ 2007-03-06 03:29:50 386,784 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\updspapi.dll
+ 2008-06-23 16:42:11 105,984 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\url.dll
+ 2008-06-23 16:42:12 1,159,680 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\urlmon.dll
+ 2008-06-23 16:42:12 233,472 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\webcheck.dll
+ 2008-06-23 16:42:13 826,368 -c----w C:\WINDOWS\ie7updates\KB956390-IE7\wininet.dll
+ 2008-10-10 21:13:00 65,536 ----a-r C:\WINDOWS\Installer\{B208806F-A231-4FA0-AB3F-5C1B8979223E}\ARPPRODUCTICON.exe
+ 2008-10-10 21:13:00 65,536 ----a-r C:\WINDOWS\Installer\{B208806F-A231-4FA0-AB3F-5C1B8979223E}\WCESMgr_ShortCut.D95548A9_C14F_4B71_A49C_4A45E1721217.exe
+ 2001-02-08 09:05:30 46,892 ----a-w C:\WINDOWS\system32\adadix16.dll
+ 2001-02-09 08:43:10 4,981 ----a-w C:\WINDOWS\system32\adadix2k.dll
+ 2002-05-09 13:12:54 155,648 ----a-w C:\WINDOWS\system32\adadix32.dll
- 2008-06-23 16:42:04 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2008-08-26 08:26:55 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2005-11-15 17:42:50 13,312 ----a-w C:\WINDOWS\system32\ceutil.dll
+ 2002-11-15 12:33:30 126,976 ----a-w C:\WINDOWS\system32\coclassfast.dll
+ 1998-12-14 15:00:00 229,888 ----a-w C:\WINDOWS\system32\crpaig32.dll
+ 1998-12-14 15:00:00 5,350,912 ----a-w C:\WINDOWS\system32\CRPE32.DLL
+ 1999-08-18 11:13:32 66,560 ----a-w C:\WINDOWS\system32\crwrap32.dll
- 2008-06-23 16:42:04 124,928 -c--a-w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2008-08-26 08:26:55 124,928 -c--a-w C:\WINDOWS\system32\dllcache\advpack.dll
- 2008-06-20 10:44:38 138,368 -c--a-w C:\WINDOWS\system32\dllcache\afd.sys
+ 2008-08-14 09:51:43 138,368 -c--a-w C:\WINDOWS\system32\dllcache\afd.sys
- 2008-06-23 16:42:04 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2008-08-26 08:26:55 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
- 2008-06-23 16:42:05 214,528 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2008-08-26 08:26:55 214,528 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
- 2008-06-23 16:42:05 133,120 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2008-08-26 08:26:55 133,120 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
- 2008-06-23 16:42:05 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
+ 2008-08-26 08:26:55 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
- 2008-06-23 09:23:08 70,656 -c--a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
+ 2008-08-25 08:42:17 70,656 -c--a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
- 2008-06-23 16:42:05 153,088 -c--a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
+ 2008-08-26 08:26:55 153,088 -c--a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
- 2008-06-23 16:42:05 230,400 -c--a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
+ 2008-08-26 08:26:56 230,400 -c--a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
- 2008-06-21 05:23:54 161,792 -c--a-w C:\WINDOWS\system32\dllcache\ieakui.dll
+ 2008-08-23 05:54:51 161,792 -c--a-w C:\WINDOWS\system32\dllcache\ieakui.dll
- 2008-06-23 16:42:05 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
+ 2008-08-26 08:26:56 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
- 2008-06-23 16:42:06 384,512 -c--a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
+ 2008-08-26 08:26:56 384,512 -c--a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
- 2008-06-23 16:42:07 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
+ 2008-10-03 17:26:30 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
- 2008-06-23 16:42:07 44,544 -c--a-w C:\WINDOWS\system32\dllcache\iernonce.dll
+ 2008-08-26 08:26:58 44,544 -c--a-w C:\WINDOWS\system32\dllcache\iernonce.dll
- 2008-06-23 16:42:08 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
+ 2008-08-26 08:26:58 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
- 2008-06-23 09:20:26 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
+ 2008-08-25 08:38:00 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
- 2008-06-23 09:23:29 625,664 -c--a-w C:\WINDOWS\system32\dllcache\iexplore.exe
+ 2008-08-23 05:56:15 635,848 -c--a-w C:\WINDOWS\system32\dllcache\iexplore.exe
- 2008-06-23 16:42:08 27,648 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2008-08-26 08:26:58 27,648 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
- 2008-06-23 16:42:09 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
+ 2008-08-26 08:26:59 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
- 2008-06-23 16:42:09 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
+ 2008-08-26 08:26:59 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
- 2008-06-24 08:42:12 3,592,192 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2008-08-27 09:27:02 3,593,216 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
- 2008-06-23 16:42:11 477,696 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2008-08-26 08:27:00 477,696 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
- 2008-06-23 16:42:11 193,024 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2008-08-26 08:27:00 193,024 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
- 2008-06-23 16:42:11 671,232 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2008-08-26 08:27:00 671,232 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
- 2008-06-23 16:42:11 102,912 -c--a-w C:\WINDOWS\system32\dllcache\occache.dll
+ 2008-08-26 08:27:00 102,912 -c--a-w C:\WINDOWS\system32\dllcache\occache.dll
- 2008-06-23 16:42:11 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2008-08-26 08:27:00 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
- 2006-03-02 12:00:00 30,080 -c--a-w C:\WINDOWS\system32\dllcache\rndismp.sys
+ 2005-10-21 01:47:04 30,592 -c--a-w C:\WINDOWS\system32\dllcache\rndismp.sys
- 2006-03-02 12:00:00 336,256 -c--a-w C:\WINDOWS\system32\dllcache\srv.sys
+ 2008-08-28 10:04:17 333,056 -c--a-w C:\WINDOWS\system32\dllcache\srv.sys
- 2008-06-23 16:42:11 105,984 -c--a-w C:\WINDOWS\system32\dllcache\url.dll
+ 2008-08-26 08:27:01 105,984 -c--a-w C:\WINDOWS\system32\dllcache\url.dll
- 2008-06-23 16:42:12 1,159,680 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2008-08-26 08:27:01 1,159,680 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
- 2006-03-02 12:00:00 12,672 -c--a-w C:\WINDOWS\system32\dllcache\usb8023.sys
+ 2005-10-21 01:47:05 12,800 -c--a-w C:\WINDOWS\system32\dllcache\usb8023.sys
- 2008-06-23 16:42:12 233,472 -c--a-w C:\WINDOWS\system32\dllcache\webcheck.dll
+ 2008-08-26 08:27:01 233,472 -c--a-w C:\WINDOWS\system32\dllcache\webcheck.dll
- 2006-03-02 12:00:00 1,836,160 -c--a-w C:\WINDOWS\system32\dllcache\win32k.sys
+ 2008-09-15 15:40:58 1,846,272 -c--a-w C:\WINDOWS\system32\dllcache\win32k.sys
- 2008-06-23 16:42:13 826,368 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2008-08-26 08:27:02 826,368 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2003-07-17 14:48:44 46,167 ----a-w C:\WINDOWS\system32\drivers\adildr.sys
- 2008-06-20 10:44:38 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
+ 2008-08-14 09:51:43 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
+ 2001-05-24 14:24:40 22,395 ----a-w C:\WINDOWS\system32\drivers\fpga.bin
- 2006-03-02 12:00:00 30,080 ----a-w C:\WINDOWS\system32\drivers\rndismp.sys
+ 2005-10-21 01:47:04 30,592 ----a-w C:\WINDOWS\system32\drivers\rndismp.sys
- 2006-03-02 12:00:00 12,672 ----a-w C:\WINDOWS\system32\drivers\usb8023.sys
+ 2005-10-21 01:47:05 12,800 ----a-w C:\WINDOWS\system32\drivers\usb8023.sys
- 2008-06-23 16:42:04 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
+ 2008-08-26 08:26:55 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
- 2008-06-23 16:42:05 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
+ 2008-08-26 08:26:55 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
- 2008-06-23 16:42:05 133,120 ----a-w C:\WINDOWS\system32\extmgr.dll
+ 2008-08-26 08:26:55 133,120 ----a-w C:\WINDOWS\system32\extmgr.dll
- 2008-09-12 23:49:20 113,376 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2008-10-19 16:36:28 123,728 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
- 2008-06-23 16:42:05 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
+ 2008-08-26 08:26:55 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
- 2008-06-23 09:23:08 70,656 ----a-w C:\WINDOWS\system32\ie4uinit.exe
+ 2008-08-25 08:42:17 70,656 ----a-w C:\WINDOWS\system32\ie4uinit.exe
- 2008-06-23 16:42:05 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll
+ 2008-08-26 08:26:55 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll
- 2008-06-23 16:42:05 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll
+ 2008-08-26 08:26:56 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll
- 2008-06-21 05:23:54 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll
+ 2008-08-23 05:54:51 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll
- 2008-06-23 16:42:05 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
+ 2008-08-26 08:26:56 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
- 2008-06-23 16:42:06 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll
+ 2008-08-26 08:26:56 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll
- 2008-06-23 16:42:07 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
+ 2008-10-03 17:26:30 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
- 2008-06-23 16:42:07 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll
+ 2008-08-26 08:26:58 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll
- 2008-06-23 16:42:08 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
+ 2008-08-26 08:26:58 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
- 2008-06-23 09:20:26 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
+ 2008-08-25 08:38:00 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
+ 1996-11-17 23:00:00 18,944 ----a-w C:\WINDOWS\system32\IMPLODE.DLL
+ 2001-07-27 11:25:20 127,456 ----a-w C:\WINDOWS\system32\ipdetect.exe
- 2008-06-23 16:42:08 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2008-08-26 08:26:58 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
- 2008-08-26 11:28:14 16,208,504 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2008-10-07 19:19:40 16,721,856 ----a-w C:\WINDOWS\system32\MRT.exe
- 2008-06-23 16:42:09 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
+ 2008-08-26 08:26:59 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
- 2008-06-23 16:42:09 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
+ 2008-08-26 08:26:59 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
- 2008-06-24 08:42:12 3,592,192 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2008-08-27 09:27:02 3,593,216 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2008-06-23 16:42:11 477,696 ----a-w C:\WINDOWS\system32\mshtmled.dll
+ 2008-08-26 08:27:00 477,696 ----a-w C:\WINDOWS\system32\mshtmled.dll
+ 1999-03-10 20:12:44 1,056,768 ----a-w C:\WINDOWS\system32\msjet35.dll
+ 1997-06-22 23:00:00 123,664 ----a-w C:\WINDOWS\system32\msjint35.dll
+ 1997-06-22 23:00:00 24,848 ----a-w C:\WINDOWS\system32\msjter35.dll
- 2008-06-23 16:42:11 193,024 ----a-w C:\WINDOWS\system32\msrating.dll
+ 2008-08-26 08:27:00 193,024 ----a-w C:\WINDOWS\system32\msrating.dll
+ 1998-04-23 23:00:00 252,176 ----a-w C:\WINDOWS\system32\msrd2x35.dll
+ 1999-03-10 20:12:44 417,792 ----a-w C:\WINDOWS\system32\msrepl35.dll
+ 1997-06-22 23:00:00 165,648 ----a-w C:\WINDOWS\system32\mstext35.dll
- 2008-06-23 16:42:11 671,232 ----a-w C:\WINDOWS\system32\mstime.dll
+ 2008-08-26 08:27:00 671,232 ----a-w C:\WINDOWS\system32\mstime.dll
+ 1997-06-22 23:00:00 287,504 ----a-w C:\WINDOWS\system32\msxbse35.dll
- 2008-06-23 16:42:11 102,912 ----a-w C:\WINDOWS\system32\occache.dll
+ 2008-08-26 08:27:00 102,912 ----a-w C:\WINDOWS\system32\occache.dll
+ 1998-05-31 13:58:14 72,704 ----a-w C:\WINDOWS\system32\odbctl32.dll
+ 1998-11-08 14:00:00 59,392 ----a-w C:\WINDOWS\system32\p2bbnd.dll
+ 1998-12-14 15:00:00 152,576 ----a-w C:\WINDOWS\system32\P2BDAO.DLL
+ 1998-12-14 15:00:00 81,408 ----a-w C:\WINDOWS\system32\P2CTDAO.DLL
+ 1998-12-14 15:00:00 112,640 ----a-w C:\WINDOWS\system32\P2IRDAO.DLL
+ 1998-11-08 14:00:00 138,752 ----a-w C:\WINDOWS\system32\p2sevt.dll
+ 1998-11-08 14:00:00 189,952 ----a-w C:\WINDOWS\system32\p2smon.dll
+ 1998-12-14 15:00:00 207,360 ----a-w C:\WINDOWS\system32\p2sodbc.dll
- 2008-09-14 14:30:03 52,900 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-10-10 21:17:22 52,900 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2008-09-14 14:30:03 67,298 ----a-w C:\WINDOWS\system32\perfc015.dat
+ 2008-10-10 21:17:22 67,298 ----a-w C:\WINDOWS\system32\perfc015.dat
- 2008-09-14 14:30:03 380,486 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-10-10 21:17:22 380,486 ----a-w C:\WINDOWS\system32\perfh009.dat
- 2008-09-14 14:30:03 436,322 ----a-w C:\WINDOWS\system32\perfh015.dat
+ 2008-10-10 21:17:22 436,322 ----a-w C:\WINDOWS\system32\perfh015.dat
- 2008-06-23 16:42:11 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2008-08-26 08:27:00 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2005-11-15 17:42:24 122,880 ----a-w C:\WINDOWS\system32\rapi.dll
- 2007-11-30 12:40:46 19,320 ------w C:\WINDOWS\system32\spmsg.dll
+ 2007-11-30 11:21:28 19,320 ------w C:\WINDOWS\system32\spmsg.dll
+ 1997-01-15 23:00:00 71,680 ----a-w C:\WINDOWS\system32\st5unst.exe
+ 2002-08-15 15:36:38 135,168 ----a-w C:\WINDOWS\system32\unaddrv.exe
- 2008-06-23 16:42:11 105,984 ----a-w C:\WINDOWS\system32\url.dll
+ 2008-08-26 08:27:01 105,984 ----a-w C:\WINDOWS\system32\url.dll
- 2008-06-23 16:42:12 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2008-08-26 08:27:01 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 1998-06-17 23:00:00 89,360 ----a-w C:\WINDOWS\system32\vb5db.dll
+ 1997-01-15 23:00:00 29,696 ----a-w C:\WINDOWS\system32\vb5stkit.dll
+ 1998-06-17 23:00:00 102,912 ----a-w C:\WINDOWS\system32\VB6STKIT.DLL
- 2008-06-23 16:42:12 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2008-08-26 08:27:01 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
.
-- Migawka wyzerowana --
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 15360]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2006-06-12 20002856]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-10-18 68856]
"H/PC Connection Agent"="D:\avisynth\wcescomm.exe" [2005-11-15 1200128]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-08-04 1667584]
"eMuleAutoStart"="D:\eMule\emule.exe" [2008-08-01 5480448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-10-14 1388544]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-06 61440]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"InCD"="C:\Program Files\Nero\Nero 7\InCD\InCD.exe" [2006-05-30 542208]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe" [2006-09-07 15872]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-09-19 185896]
"snpstd"="C:\WINDOWS\vsnpstd.exe" [2003-12-31 40960]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 15360]
C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-24 29696]
ATI CATALYST - pasek zadaä.lnk - C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe [2005-08-06 61440]
DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2008-10-16 962661]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 65588]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Gadu-Gadu\\gg.exe"=
"D:\\eMule\\emule.exe"=
"C:\\Program Files\\Ares\\Ares.exe"=
"C:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"C:\\Program Files\\SopCast\\SopCast.exe"=
"C:\\totalcmd\\TOTALCMD.EXE"=
"D:\avisynth\rapimgr.exe"= D:\avisynth\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"D:\avisynth\wcescomm.exe"= D:\avisynth\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"D:\avisynth\WCESMgr.exe"= D:\avisynth\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"2106:TCP"= 2106:TCP:Ares
"2106:UDP"= 2106:UDP:Ares 2
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
R1 ts_lb;ts_lb;C:\WINDOWS\system32\drivers\ts_lb.sys [2007-06-19 24096]
S3 CV2K1;CommView Network Monitor;C:\WINDOWS\system32\DRIVERS\cv2k1.sys [2006-12-07 19240]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM);C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 58320]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 8304]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 94000]
S3 ZDCndis5;ZDCndis5 Protocol Driver;C:\WINDOWS\system32\ZDCndis5.SYS [ ]
.
.
------- Skan uzupełniający -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.onet.pl/
O17 -: HKLM\CCS\Interface\{C8DA2B16-5167-4BEE-A063-164174D0F3C0}: NameServer = 83.238.255.76 213.241.79.37
O16 -: {92ECE6FA-AC2E-4042-BFAE-0C8608E52A43} - hxxps://www.bph.pl/sezam/components/SignActivX.cab
C:\WINDOWS\Downloaded Program Files\SignActivX.ocx
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-23 08:23:41
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
skanowanie ukrytych procesów ...
skanowanie ukrytych wpisów autostartu ...
skanowanie ukrytych plików ...
skanowanie pomyślnie ukończone
ukryte pliki: 0
**************************************************************************
.
Czas ukończenia: 2008-10-23 8:24:49
ComboFix-quarantined-files.txt 2008-10-23 06:24:46
ComboFix2.txt 2008-10-01 06:18:29
ComboFix3.txt 2008-09-20 11:37:53
Przed: 235 585 536 bajtów wolnych
Po: 496,656,384 bajtów wolnych
WindowsXP-KB310994-SP2-Pro-BootDisk-PLK.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
479 --- E O F --- 2008-10-18 20:16:40
- Kod: Zaznacz wszystko
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:36:28, on 2008-10-23
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\avisynth\wcescomm.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
D:\avisynth\rapimgr.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL (file missing)
O1 - Hosts: 61.129.115.198 www.xldd.com
O1 - Hosts: 61.129.115.198 www.ojiang.com
O1 - Hosts: 61.129.115.198 www.shuixian.net
O1 - Hosts: 61.129.115.198 www.xlarea.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "D:\avisynth\wcescomm.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [eMuleAutoStart] D:\eMule\emule.exe -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: ATI CATALYST – pasek zadań.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\avisynth\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\avisynth\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\avisynth\INetRepl.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {92ECE6FA-AC2E-4042-BFAE-0C8608E52A43} (SignActivX Control) - https://www.bph.pl/sezam/components/SignActivX.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C8DA2B16-5167-4BEE-A063-164174D0F3C0}: NameServer = 83.238.255.76 213.241.79.37
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: lxcg_device - - C:\WINDOWS\system32\lxcgcoms.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
--
End of file - 7262 bytes
w życiu bym nie doszedl do tego sam