Zainfekowana domino.exe

**Posty:** 7 · przez **paulitka17** 10 Kwi 2009, 01:04

hej jestem kobieta i zupelnie sie nie znam na kompach wiec prosze o szczegolowy opis kazdej czynnosci w pomocy przy walce z wirusami zalaczam logi

Kod: Zaznacz wszystko: ComboFix 09-04-04.01 - Robert 2009-04-10 0:42:39.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.511.121 [GMT 2:00] Uruchomiony z: c:\documents and settings\Robert\Pulpit\ComboFix.exe AV: avast! antivirus 4.8.1335 [VPS 090409-0] *On-access scanning disabled* (Updated) . ((((((((((((((((((((((((( Pliki utworzone od 2009-03-09 do 2009-04-09 ))))))))))))))))))))))))))))))) . 2009-03-30 08:09 . 2009-04-09 21:56 54,156 --ah----- c:\windows\QTFont.qfn 2009-03-30 08:09 . 2009-03-30 08:09 1,409 --a------ c:\windows\QTFont.for 2009-03-27 21:52 . 2009-03-27 21:52 <DIR> d-------- c:\documents and settings\Robert\Dane aplikacji\Samsung 2009-03-15 22:02 . 2009-03-15 22:02 169 --a------ c:\windows\RtlRack.ini . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-04-09 22:46 --------- d-----w c:\documents and settings\Robert\Dane aplikacji\Skype 2009-04-09 21:10 --------- d-----w c:\program files\neostrada tp 2009-04-09 21:10 --------- d-----w c:\documents and settings\Robert\Dane aplikacji\XnView 2009-03-27 19:39 --------- d-----w c:\program files\Nowe Gadu-Gadu 2009-03-17 07:46 --------- d-----w c:\program files\Common Files\Symantec Shared 2009-03-15 20:10 --------- d-----w c:\program files\English Translator 3 2009-03-07 11:38 33 ----a-w c:\windows\system32\drivers\adidsl.cfg 2009-03-07 11:38 --------- d--h--w c:\program files\InstallShield Installation Information 2009-03-07 11:38 --------- d-----w c:\program files\SAGEM 2009-02-23 13:52 --------- d-----w c:\program files\Samsung 2009-02-23 13:48 --------- d-----w c:\program files\Common Files\Adobe 2009-02-23 09:57 --------- d-----w c:\documents and settings\Robert\Dane aplikacji\Nowe Gadu-Gadu 2009-02-13 13:34 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Zylom 2008-09-17 18:15 20,888 -c--a-w c:\documents and settings\Robert\Dane aplikacji\GDIPFONTCACHEV1.DAT . ------- Sigcheck ------- 2002-09-29 00:00 12800 b3c95bfeef6781a82a1c429f466a3a11 c:\windows\$NtServicePackUninstall$\svchost.exe 2004-08-04 00:44 14336 ba98327e90022dbd6ee76490e0622e2e c:\windows\ServicePackFiles\i386\svchost.exe 2008-04-14 19:21 14336 8607d35d92528e2df386f19a960d23ce c:\windows\SoftwareDistribution\Download\85612d9569f9a4d033130e1ccf6503f1\svchost.exe 2004-08-04 00:44 14336 ba98327e90022dbd6ee76490e0622e2e c:\windows\system32\svchost.exe 2005-03-02 20:21 578560 6a93565be9b8422eb7538c66ac732d76 c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll 2007-03-08 17:51 579584 11abdecc02efc1d2b6a6a0fa46c26594 c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll 2002-09-29 00:00 561664 3a4892a57cfe05d61e4bbc3ec3e24a63 c:\windows\$NtServicePackUninstall$\user32.dll 2004-08-04 00:44 578560 0c81764f50f32d376e6e4b9e9f4b01a0 c:\windows\$NtUninstallKB890859$\user32.dll 2005-03-02 20:18 578560 b7eeb1a1af740306049241ddf61f21ff c:\windows\$NtUninstallKB925902$\user32.dll 2004-08-04 00:44 578560 0c81764f50f32d376e6e4b9e9f4b01a0 c:\windows\ServicePackFiles\i386\user32.dll 2008-04-14 19:20 580096 a435c5c069afd901751ac323ad238793 c:\windows\SoftwareDistribution\Download\85612d9569f9a4d033130e1ccf6503f1\user32.dll 2007-03-08 17:38 579072 a37a4637f84f8dd771274eaf8d17fa65 c:\windows\system32\user32.dll 2007-03-08 17:38 579072 a37a4637f84f8dd771274eaf8d17fa65 c:\windows\system32\dllcache\user32.dll 2002-09-29 00:00 75264 9b7d1c56cc12d806314b853bf52ecb4c c:\windows\$NtServicePackUninstall$\ws2_32.dll 2004-08-04 00:44 82944 ab82237486b727dd7dab36a76f38a3a2 c:\windows\ServicePackFiles\i386\ws2_32.dll 2008-04-14 19:20 82432 c0aa2ab856680c44739b41e01f5bd4e9 c:\windows\SoftwareDistribution\Download\85612d9569f9a4d033130e1ccf6503f1\ws2_32.dll 2004-08-04 00:44 82944 ab82237486b727dd7dab36a76f38a3a2 c:\windows\system32\ws2_32.dll 2007-06-26 16:53 668160 d3f572c8f0e4e1036bb730820c3830bb c:\windows\$hf_mig$\KB937143\SP2QFE\wininet.dll 2007-08-22 14:58 668160 07608337038c78cdaba8650089837a58 c:\windows\$hf_mig$\KB939653\SP2QFE\wininet.dll 2007-10-11 08:11 668672 334d5a77651092b0d0ee79dd9e194517 c:\windows\$hf_mig$\KB942615\SP2QFE\wininet.dll 2007-12-07 02:48 668672 5c0b1281e1245d2f4af571b21b0ab21f c:\windows\$hf_mig$\KB944533\SP2QFE\wininet.dll 2008-02-16 11:32 668672 193f94d811881d00867aeb1d6780f44f c:\windows\$hf_mig$\KB947864\SP2QFE\wininet.dll 2008-04-21 08:58 669184 e937ccfe8348f56c46c14c8a7e26f71b c:\windows\$hf_mig$\KB950759\SP2QFE\wininet.dll 2008-04-21 08:44 668672 4f1ea30f3e4fb419e1637d9eb082662f c:\windows\$hf_mig$\KB950759\SP3GDR\wininet.dll 2008-04-21 08:41 669184 a3c7b35454f87a0635c73e8cb5a36d1f c:\windows\$hf_mig$\KB950759\SP3QFE\wininet.dll 2008-06-23 18:16 669696 bc26f2968396842367b02730435dd588 c:\windows\$hf_mig$\KB953838\SP2QFE\wininet.dll 2008-06-23 17:13 668672 28fa0fd33916ebebc3e0dc1410f48651 c:\windows\$hf_mig$\KB953838\SP3GDR\wininet.dll 2008-06-23 16:57 669184 9ea369835e233f077c0d832676a29d40 c:\windows\$hf_mig$\KB953838\SP3QFE\wininet.dll 2008-08-20 07:34 670208 6ea2435cceb4088f3383b0fbed682010 c:\windows\$hf_mig$\KB956390\SP2QFE\wininet.dll 2008-08-20 07:11 668672 5e0fef34271472304f6f20d49cb80de6 c:\windows\$hf_mig$\KB956390\SP3GDR\wininet.dll 2008-08-20 07:07 669184 1a6d73367ef3b0a71c75b5d542c5878a c:\windows\$hf_mig$\KB956390\SP3QFE\wininet.dll 2002-09-29 00:00 601600 4965c02574610e9b2d1e18d63d11a772 c:\windows\$NtServicePackUninstall$\wininet.dll 2004-08-04 00:44 658944 d37dafb534ac8343d59a1b501abe852c c:\windows\$NtUninstallKB937143$\wininet.dll 2007-06-26 16:15 661504 3a4a2cd6f223f0c83ad68e6a4c566ffb c:\windows\$NtUninstallKB939653$\wininet.dll 2007-08-22 15:19 661504 ec234cc41563be7778fff21512cb0d7a c:\windows\$NtUninstallKB942615$\wininet.dll 2007-10-11 08:14 662016 242d9348069784fd3de7674516993a81 c:\windows\$NtUninstallKB944533$\wininet.dll 2007-12-07 03:08 662016 d337ab52ead29afff58bc70bda22e9a4 c:\windows\$NtUninstallKB947864$\wininet.dll 2008-02-16 11:05 662016 37c7b292d6fcd9636d42c738cd288db8 c:\windows\$NtUninstallKB950759$\wininet.dll 2008-04-21 09:03 662016 39179de4ea2dce5d646bbf3b408b50ee c:\windows\$NtUninstallKB953838$\wininet.dll 2008-06-23 17:41 662016 32dc67b19496a88850c892cadf8366e3 c:\windows\$NtUninstallKB956390$\wininet.dll 2004-08-04 00:44 658944 d37dafb534ac8343d59a1b501abe852c c:\windows\ServicePackFiles\i386\wininet.dll 2008-04-14 19:20 668672 0457f0afd6ee10445d8cf721fb5fa4eb c:\windows\SoftwareDistribution\Download\85612d9569f9a4d033130e1ccf6503f1\wininet.dll 2008-10-16 12:39 662016 e3b72859eaebbc3d2415e85b258d98a8 c:\windows\SoftwareDistribution\Download\d94ed05a49cfc02e7454a6819fabbab5\SP2GDR\wininet.dll 2008-10-16 12:35 670208 721dd14395b1ead8d0b330f8b7b5b9f4 c:\windows\SoftwareDistribution\Download\d94ed05a49cfc02e7454a6819fabbab5\SP2QFE\wininet.dll 2008-10-16 03:02 668672 81ab7e7cebeb09bcfb8c4ae1074e1cc1 c:\windows\SoftwareDistribution\Download\d94ed05a49cfc02e7454a6819fabbab5\SP3GDR\wininet.dll 2008-10-16 03:06 669696 d9a313e9e938fcd9c63efd544c997183 c:\windows\SoftwareDistribution\Download\d94ed05a49cfc02e7454a6819fabbab5\SP3QFE\wininet.dll 2008-08-20 07:38 662016 009b6e68de2e9612b3f94cb5575962a4 c:\windows\system32\wininet.dll 2008-08-20 07:38 662016 009b6e68de2e9612b3f94cb5575962a4 c:\windows\system32\dllcache\wininet.dll 2006-04-20 14:18 360576 b2220c618b42a2212a59d91ebd6fc4b4 c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys 2007-10-30 18:53 360832 64798ecfa43d78c7178375fcdd16d8c8 c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys 2008-06-20 12:44 360960 744e57c99232201ae98c49168b918f48 c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys 2008-06-20 13:51 361600 9aefa14bd6b182d61e3119fa5f436d3d c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys 2008-06-20 13:59 361600 ad978a1b783b5719720cff204b666c8e c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys 2002-09-29 00:00 332928 244a2f9816bc9b593957281ef577d976 c:\windows\$NtServicePackUninstall$\tcpip.sys 2004-08-03 23:14 359040 9f4b36614a0fc234525ba224957de55c c:\windows\$NtUninstallKB917953$\tcpip.sys 2006-04-20 13:51 359808 1dbf125862891817f374f407626967f4 c:\windows\$NtUninstallKB941644$\tcpip.sys 2007-10-30 19:20 360064 90caff4b094573449a0872a0f919b178 c:\windows\$NtUninstallKB951748$\tcpip.sys 2004-08-03 23:14 359040 9f4b36614a0fc234525ba224957de55c c:\windows\ServicePackFiles\i386\tcpip.sys 2008-04-13 21:20 361344 93ea8d04ec73a85db02eb8805988f733 c:\windows\SoftwareDistribution\Download\85612d9569f9a4d033130e1ccf6503f1\tcpip.sys 2008-06-20 12:45 360320 2a5554fc5b1e04e131230e3ce035c3f9 c:\windows\system32\dllcache\tcpip.sys 2008-06-20 12:45 360320 2a5554fc5b1e04e131230e3ce035c3f9 c:\windows\system32\drivers\tcpip.sys 2002-09-29 00:00 519168 8b6e6bb5d451f8bbc0621203b687d993 c:\windows\$NtServicePackUninstall$\winlogon.exe 2004-08-04 00:44 504832 0344407089b08548d4feba62bb0f32d0 c:\windows\ServicePackFiles\i386\winlogon.exe 2008-04-14 19:21 510464 51fd2e13d723857b9ca239ae77150f48 c:\windows\SoftwareDistribution\Download\85612d9569f9a4d033130e1ccf6503f1\winlogon.exe 2004-08-04 00:44 504832 0344407089b08548d4feba62bb0f32d0 c:\windows\system32\winlogon.exe 2002-09-29 00:00 167552 3b350e5a2a5e951453f3993275a4523a c:\windows\$NtServicePackUninstall$\ndis.sys 2004-08-03 23:14 182912 558635d3af1c7546d26067d5d9b6959e c:\windows\ServicePackFiles\i386\ndis.sys 2008-04-13 21:20 182656 1df7f42665c94b825322fae71721130d c:\windows\SoftwareDistribution\Download\85612d9569f9a4d033130e1ccf6503f1\ndis.sys 2004-08-03 23:14 182912 558635d3af1c7546d26067d5d9b6959e c:\windows\system32\drivers\ndis.sys 2004-08-03 23:00 29056 4448006b6bc60e6c027932cfc38d6855 c:\windows\ServicePackFiles\i386\ip6fw.sys 2008-04-13 20:53 36608 3bb22519a194418d5fec05d800a19ad0 c:\windows\SoftwareDistribution\Download\85612d9569f9a4d033130e1ccf6503f1\ip6fw.sys 2004-08-03 23:00 29056 4448006b6bc60e6c027932cfc38d6855 c:\windows\system32\drivers\ip6fw.sys 2005-03-02 20:14 2058240 35d11fdc381536ab95e3005489131f44 c:\windows\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe 2007-02-28 18:09 2060672 2f4a36b1b03d64fb176cb0f3eb597118 c:\windows\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe 2008-08-14 15:40 2064256 bd1c2093733023e5afc1520c095c2195 c:\windows\$hf_mig$\KB956841\SP2QFE\ntkrnlpa.exe 2008-08-14 15:26 2067328 5ab2f07ad3fd76790294ddccc6e06d46 c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlpa.exe 2008-08-14 19:27 2067328 638346856e53887b0c3da62a9ab2c203 c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe 2002-09-29 00:00 1949184 79d262478c985e736deb38ce2224fc75 c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe 2004-08-04 00:38 2058112 44d1bc1b05e0c7c82e81687b79c653c7 c:\windows\$NtUninstallKB890859$\ntkrnlpa.exe 2005-03-02 20:08 2058112 0f6990820c6ce0a7a911fae5937ef1f6 c:\windows\$NtUninstallKB931784$\ntkrnlpa.exe 2007-02-28 18:04 2058880 2bdc1a6cefe320e9c39fabf1961ebb9d c:\windows\$NtUninstallKB956841$\ntkrnlpa.exe 2008-08-14 15:46 2059008 740d5209ce5ec76bb99923a710cd0a53 c:\windows\Driver Cache\i386\ntkrnlpa.exe 2004-08-04 00:38 2058112 44d1bc1b05e0c7c82e81687b79c653c7 c:\windows\ServicePackFiles\i386\ntkrnlpa.exe 2008-04-14 18:29 2067200 4bba965664faa56b187c27f4cad7e7c5 c:\windows\SoftwareDistribution\Download\85612d9569f9a4d033130e1ccf6503f1\ntkrnlpa.exe 2008-08-14 15:46 2059008 740d5209ce5ec76bb99923a710cd0a53 c:\windows\system32\ntkrnlpa.exe 2008-08-14 15:46 2059008 740d5209ce5ec76bb99923a710cd0a53 c:\windows\system32\dllcache\ntkrnlpa.exe 2005-03-02 20:14 2180864 dba3e4215279c8012b37d2135b531258 c:\windows\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe 2007-02-28 18:09 2183424 c450518ef9acc02a2d799698021e31a8 c:\windows\$hf_mig$\KB931784\SP2QFE\ntoskrnl.exe 2008-08-14 15:40 2187264 8eac2f887f5e093186a6b2e548f719ba c:\windows\$hf_mig$\KB956841\SP2QFE\ntoskrnl.exe 2008-08-14 15:26 2190464 9ce159c91e076ff6c25d055310ebb259 c:\windows\$hf_mig$\KB956841\SP3GDR\ntoskrnl.exe 2008-08-14 19:27 2190464 dcdd970025463dfc9676ebe18abd6a86 c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe 2002-09-29 00:00 2043520 ae94ae0da6ed874ce08912fc63f8c6c2 c:\windows\$NtServicePackUninstall$\ntoskrnl.exe 2004-08-04 00:39 2182272 dcf53422b7edded3b7431fbae4a7ee3f c:\windows\$NtUninstallKB890859$\ntoskrnl.exe 2005-03-02 20:09 2180608 3f3612846d67352468d2286fc23fb0c2 c:\windows\$NtUninstallKB931784$\ntoskrnl.exe 2007-02-28 18:04 2181632 c378be3a1edc5e4421d428655ac4a48c c:\windows\$NtUninstallKB956841$\ntoskrnl.exe 2008-08-14 15:46 2181632 1e808411607a060ad7c582b7556c9afa c:\windows\Driver Cache\i386\ntoskrnl.exe 2004-08-04 00:39 2182272 dcf53422b7edded3b7431fbae4a7ee3f c:\windows\ServicePackFiles\i386\ntoskrnl.exe 2008-04-14 18:30 2190336 8ca14ecf04594eabbe93c9ff2e3cbfb1 c:\windows\SoftwareDistribution\Download\85612d9569f9a4d033130e1ccf6503f1\ntoskrnl.exe 2008-08-14 15:46 2181632 1e808411607a060ad7c582b7556c9afa c:\windows\system32\ntoskrnl.exe 2008-08-14 15:46 2181632 1e808411607a060ad7c582b7556c9afa c:\windows\system32\dllcache\ntoskrnl.exe 2007-06-13 15:23 1034752 029a562e81bbee088c61d418bf408f44 c:\windows\explorer.exe 2007-06-13 15:12 1034752 8db0650b211425b9cdb7d1c4a8f6b482 c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe 2002-09-29 00:00 1005568 f4af85d918e83d71341fce2aa5318181 c:\windows\$NtServicePackUninstall$\explorer.exe 2004-08-04 00:44 1033728 379098a96e6c165b659de7e4328010ea c:\windows\$NtUninstallKB938828$\explorer.exe 2004-08-04 00:44 1033728 379098a96e6c165b659de7e4328010ea c:\windows\ServicePackFiles\i386\explorer.exe 2008-04-14 19:21 1035264 c791ed9eac5e76d9525e157b1d7a599a c:\windows\SoftwareDistribution\Download\85612d9569f9a4d033130e1ccf6503f1\explorer.exe 2007-06-13 15:23 1034752 029a562e81bbee088c61d418bf408f44 c:\windows\system32\dllcache\explorer.exe 2002-09-29 00:00 101888 bf4cbefdce42a699389791647cb95ca2 c:\windows\$NtServicePackUninstall$\services.exe 2004-08-04 00:44 108544 3da8d964d2cc12ef8e8c342471a37917 c:\windows\ServicePackFiles\i386\services.exe 2008-04-14 19:21 109056 3e3ae424e27c4cefe4cab368c7b570ea c:\windows\SoftwareDistribution\Download\85612d9569f9a4d033130e1ccf6503f1\services.exe 2004-08-04 00:44 108544 3da8d964d2cc12ef8e8c342471a37917 c:\windows\system32\services.exe 2002-09-29 00:00 11776 fa2c871f57352339f0a1802bb9aea6e7 c:\windows\$NtServicePackUninstall$\lsass.exe 2004-08-04 00:44 13312 f485fefc8cc4fd29243d800be5d275d1 c:\windows\ServicePackFiles\i386\lsass.exe 2008-04-14 19:21 13312 88296f7943f30a1ee3af735440b92268 c:\windows\SoftwareDistribution\Download\85612d9569f9a4d033130e1ccf6503f1\lsass.exe 2004-08-04 00:44 13312 f485fefc8cc4fd29243d800be5d275d1 c:\windows\system32\lsass.exe 2002-09-29 00:00 13312 0c4c012b0a8960f48a666c240a7baa3d c:\windows\$NtServicePackUninstall$\ctfmon.exe 2004-08-04 00:44 15360 cbfa30492d70ce3938d8a7783d0c0436 c:\windows\ServicePackFiles\i386\ctfmon.exe 2008-04-14 19:21 15360 1bd41eda5b869afc99895c39a8de36e1 c:\windows\SoftwareDistribution\Download\85612d9569f9a4d033130e1ccf6503f1\ctfmon.exe 2004-08-04 00:44 15360 cbfa30492d70ce3938d8a7783d0c0436 c:\windows\system32\ctfmon.exe 2005-06-11 02:17 57856 ad3d9d191aea7b5445fe1d82ffbb4788 c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe 2002-09-29 00:00 51200 414af353e9eeed8637d90370fd0c3b68 c:\windows\$NtServicePackUninstall$\spoolsv.exe 2004-08-04 00:44 57856 bebe8a85954ff460374fd5a0cd21e19b c:\windows\$NtUninstallKB896423$\spoolsv.exe 2004-08-04 00:44 57856 bebe8a85954ff460374fd5a0cd21e19b c:\windows\ServicePackFiles\i386\spoolsv.exe 2008-04-14 19:21 57856 dd69ec597ab942c39b950d9c3ce1375d c:\windows\SoftwareDistribution\Download\85612d9569f9a4d033130e1ccf6503f1\spoolsv.exe 2005-06-11 01:53 57856 da81ec57acd4cdc3d4c51cf3d409af9f c:\windows\system32\spoolsv.exe 2002-09-29 00:00 22528 323d3ffcbf99c59b2d20b4c5a7ece347 c:\windows\$NtServicePackUninstall$\userinit.exe 2004-08-04 00:44 25088 bd768099b4c44aa631728cb74eb54396 c:\windows\ServicePackFiles\i386\userinit.exe 2008-04-14 19:21 26624 2a5b37d520508be6570a3ea79695f5b5 c:\windows\SoftwareDistribution\Download\85612d9569f9a4d033130e1ccf6503f1\userinit.exe 2004-08-04 00:44 25088 bd768099b4c44aa631728cb74eb54396 c:\windows\system32\userinit.exe 2002-09-29 00:00 201216 c4ee140f5edcf2fc20099b56ddbe5445 c:\windows\$NtServicePackUninstall$\termsrv.dll 2004-08-04 00:44 296448 2c28157229925280916b3041ccc5fe4b c:\windows\ServicePackFiles\i386\termsrv.dll 2008-04-14 19:20 296448 52e0505408edd4ab5ccc7f83b67b4299 c:\windows\SoftwareDistribution\Download\85612d9569f9a4d033130e1ccf6503f1\termsrv.dll 2004-08-04 00:44 296448 2c28157229925280916b3041ccc5fe4b c:\windows\system32\termsrv.dll 2007-04-16 18:11 1014784 d8acc0b8c46fc756e3f64c14eaf9ce8f c:\windows\$hf_mig$\KB935839\SP2QFE\kernel32.dll 2002-09-29 00:00 958976 8d452c28d7cad9b5bbdb3c41730305e9 c:\windows\$NtServicePackUninstall$\kernel32.dll 2004-08-04 00:44 1012224 578bb2f44597cb53451ded99013573f3 c:\windows\$NtUninstallKB935839$\kernel32.dll 2004-08-04 00:44 1012224 578bb2f44597cb53451ded99013573f3 c:\windows\ServicePackFiles\i386\kernel32.dll 2008-04-14 19:20 1018368 fce4ecc34a36edacf03dbe8de5e28910 c:\windows\SoftwareDistribution\Download\85612d9569f9a4d033130e1ccf6503f1\kernel32.dll 2007-04-16 17:54 1013248 c0aafee37ee787d9609d9fe00fa427f8 c:\windows\system32\kernel32.dll 2007-04-16 17:54 1013248 c0aafee37ee787d9609d9fe00fa427f8 c:\windows\system32\dllcache\kernel32.dll 2002-09-29 00:00 14848 cf06ff4307712677dd2ea86921ccd52f c:\windows\$NtServicePackUninstall$\powrprof.dll 2004-08-04 00:44 17408 b20bb2a65349ef132fa7f2eb51a29e5c c:\windows\ServicePackFiles\i386\powrprof.dll 2008-04-14 19:20 17408 414c17a2958aedac700bbaafbf999f94 c:\windows\SoftwareDistribution\Download\85612d9569f9a4d033130e1ccf6503f1\powrprof.dll 2004-08-04 00:44 17408 b20bb2a65349ef132fa7f2eb51a29e5c c:\windows\system32\powrprof.dll 2002-09-29 00:00 103936 b85f29a061f7d554c8f8092ade4ec107 c:\windows\$NtServicePackUninstall$\imm32.dll 2004-08-04 00:44 110080 bdb679c04273b19bf46bd0d591fdeec3 c:\windows\ServicePackFiles\i386\imm32.dll 2008-04-14 19:20 110080 2e9a03268e609917b83921ee16fd9cfb c:\windows\SoftwareDistribution\Download\85612d9569f9a4d033130e1ccf6503f1\imm32.dll 2004-08-04 00:44 110080 bdb679c04273b19bf46bd0d591fdeec3 c:\windows\system32\imm32.dll . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-03-12 153136] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2007-07-13 22234920] "Odkurzacz-MCD"="c:\program files\Odkurzacz\odk_mcd.exe" [2007-05-03 264704] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-13 1694208] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000] "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-09 153136] "WOOWATCH"="c:\progra~1\NEOSTR~1\Watch.exe" [2004-08-23 20480] "WOOTASKBARICON"="c:\progra~1\NEOSTR~1\GestMaj.exe" [2004-10-14 32768] "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 185896] "OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 75304] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-03-28 413696] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-03-30 267048] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-05-13 185896] "PCSuiteTrayApplication"="c:\progra~1\Nokia\NOKIAP~1\LAUNCH~1.EXE" [2006-06-15 229376] "SoundMan"="SOUNDMAN.EXE" [2005-09-22 c:\windows\soundman.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-04 15360] c:\documents and settings\All Users\Menu Start\Programy\Autostart\ Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "wuauserv"=2 (0x2) [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\BitComet\\BitComet.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "c:\\Program Files\\Real\\RealPlayer\\realplay.exe"= "c:\\Program Files\\NAPI-PROJEKT\\napisy.exe"= "c:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"= "c:\\Program Files\\Windows Media Player\\wmplayer.exe"= "c:\\Program Files\\BearShare\\BearShare.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Nowe Gadu-Gadu\\gg.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "26835:TCP"= 26835:TCP:BitComet 26835 TCP "26835:UDP"= 26835:UDP:BitComet 26835 UDP R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);c:\windows\system32\drivers\sfsync03.sys [2005-10-13 35328] R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-04-03 114768] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-04-03 20560] R3 e4usbaw;USB ADSL2 WAN Adapter;c:\windows\system32\drivers\e4usbaw.sys [2009-03-07 116992] S2 IKANLOADER2;General Purpose USB Driver (e4ldr.sys);c:\windows\system32\drivers\e4ldr.sys [2009-03-07 64000] S3 vmfilter303;vmfilter303;c:\windows\system32\drivers\vmfilter303.sys [2007-09-01 428160] . Zawartość folderu 'Zaplanowane zadania' 2009-03-19 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34] . . ------- Skan uzupełniający ------- . uStart Page = hxxp://www.neostrada.pl IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm IE: &D&ownload all video with BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm IE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000 IE: Easy-WebPrint – Dodaj do listy drukowania - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html IE: Easy-WebPrint – Drukuj - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html IE: Easy-WebPrint – Drukuj z dużą szybkością - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html IE: Easy-WebPrint – Podgląd - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html IE: { - c:\program files\Messenger\msmsgs.exe TCP: {BF156C09-1523-4AE4-99C1-57410FEFAEA3} = 194.204.159.1 217.98.63.164 DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab FF - ProfilePath - c:\documents and settings\Robert\Dane aplikacji\Mozilla\Firefox\Profiles\pkn96peq.default\ FF - prefs.js: browser.startup.homepage - wp.pl . ************************************************************************** catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-04-10 00:46:14 Windows 5.1.2600 Dodatek Service Pack 2 NTFS skanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ... ************************************************************************** . --------------------- ZABLOKOWANE KLUCZE REJESTRU --------------------- [HKEY_USERS\S-1-5-21-1343024091-1532298954-725345543-1003\Software\Microsoft\SystemCertificates\AddressBook*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) . --------------------- Pliki DLL ładowane pod uruchomionymi procesami --------------------- - - - - - - - > 'winlogon.exe'(488) c:\windows\system32\Ati2evxx.dll . Czas ukończenia: 2009-04-10 0:52:32 ComboFix-quarantined-files.txt 2009-04-09 22:51:08 ComboFix2.txt 2009-04-09 22:31:14 Przed: 4 016 828 416 bajtów wolnych Po: 4,004,704,256 bajtów wolnych 279 --- E O F --- 2008-12-13 15:55:35

Kod: Zaznacz wszystko: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 00:37:54, on 2009-04-10 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\WgaTray.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Skype\Phone\Skype.exe C:\PROGRA~1\NEOSTR~1\TaskBarIcon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\System32\FTRTSVC.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\Nowe Gadu-Gadu\gg.exe C:\Program Files\Nowe Gadu-Gadu\spellchecker_gg.exe C:\WINDOWS\explorer.exe C:\Documents and Settings\Robert\Pulpit\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL R3 - URLSearchHook: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - (no file) O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: My Global Search Bar BHO - {37B85A21-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (file missing) O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: My Global Search Bar - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (file missing) O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [Odkurzacz-MCD] C:\Program Files\Odkurzacz\odk_mcd.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint – Dodaj do listy drukowania - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint – Drukuj - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint – Drukuj z dużą szybkością - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint – Podgląd - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{BF156C09-1523-4AE4-99C1-57410FEFAEA3}: NameServer = 194.204.159.1 217.98.63.164 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Urządzenie mobilne Apple (Apple Mobile Device) - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Usługa iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe O24 - Desktop Component 0: (no name) - (no file) -- End of file - 8069 bytes

Dodano Dzisiaj, 01:09:
błagam o pomoc

((

**Posty:** 18165 · przez **wojtas** 10 Kwi 2009, 15:58

opisz dokładnie co sie dzieje z kompem.

**Posty:** 7 · przez **paulitka17** 10 Kwi 2009, 16:16

komp dziala normalnie nie zawiesza sie nie zamula tyle tylko ze jak wczoraj skanowalam go to pojawilo sie kilka wirusow wymienic jakie??

**Posty:** 18165 · przez **wojtas** 11 Kwi 2009, 00:12

tak czekamy na informacje.. w jakich plikach itp

**Posty:** 7 · przez **paulitka17** 11 Kwi 2009, 10:05

jak skanowalam kompa to wyszlo mi 6 wirusow
Program Files/Vimicro/VM303B/Domino.exe
Program Files/Vimicro/VM303B/VMSnap3.exe
System Volume Information A0143346.exe
System Volume Information A0143347.exe
Windows/Vimicro/VM303B/Domino.exe
Windows/Vimicro/VM303B/VMSnap3.exe

w raporcie avasta 4 poczatkowe pozycje zostaly usuniete a 2 ostatnie pisalo ze plik zostal zaobserwowany drugi raz jak skanowalam to wirusy pojawialy sie w tych samych plikach tj w system volume bo w programach files juz nie wykrylo usunelam te wirusy ponownie i juz wiecej nic nie skanowalam. pobralam te dwa programy skanujace combo i hijack i czekam na pomoc

**Posty:** 18165 · przez **wojtas** 11 Kwi 2009, 10:58

Wyłącz przywracanie systemu ( właściwości mój komputer-zakładka przywracanie - wyłącz przywracanie na wszystkich dyskach). Po chwili włącz je powrotem

a te pliki przesaknuj tu

http://virusscan.jotti.org/
http://www.virustotal.com/

i daj raporty ze skanow

**Posty:** 7 · przez **paulitka17** 11 Kwi 2009, 11:01

ja wiem ze jestem tempa ale pojecia nie mam jak przeskanowac te pliki

**Posty:** 18165 · przez **wojtas** 11 Kwi 2009, 11:03

wejdz na stone.., dajesz przegladaj szukasz tego domino i dajesz submit i czekasz na raport.. i

**Posty:** 7 · przez **paulitka17** 11 Kwi 2009, 12:10

hmm ale jak mam to poszukac??

**Posty:** 4459 · przez **jarski185** 11 Kwi 2009, 12:22

uzyj przycisku przegladaj, wskaz lokalizacje na swoim dysku, poczekaj na wynik, zaznacz, skopiuj, wklej

**Posty:** 7 · przez **paulitka17** 11 Kwi 2009, 12:52

nie ma tych plikow

**Posty:** 4459 · przez **jarski185** 11 Kwi 2009, 12:54

to musialy zostac usuniete, przerzucone do kwarantanny

**Posty:** 7 · przez **paulitka17** 11 Kwi 2009, 12:56

i co teraz?

Dodano Dzisiaj, 14:14:
skanowalam jeszcze raz komputer i nie wykrylo mi zadnego wirusa, w kwarantannie mam tylko 2 pliki systemowe wsock32.dll i 2 kernel32.dll w WINDOWS\system32 oraz jeden plik zarazony MediaBar.dll w PROGRAMY\BEARSH~1\BEARSH~2

**Posty:** 18165 · przez **wojtas** 11 Kwi 2009, 19:55

sciagnij wsock32.dll i kernel32.dll z neta i wrzuc jest co system32 i potem cala kwarantanne oproznij

Kto jest na forum