niesmiertelny agent.proxy.dd-jak go usunąc?:(logi)

[adamek]

Witam!Od tygodnia walcze z agentme.proxy.dd(bez skutku).Zabijam go killboxem,jest ok czysto,ale za 2 godz wraca.Siedzie w WINDOWS/system32 w postaci wndregmon32.dll.Naprawde on już mnie męczy,na innym forum niepomogli mi(niepotrafili),także panowie licze na was.pzdr.

[Red]

adamek zacznij od wklejenia logów do sprawdzenia ....

i napisz jaki program go znajduje

[Tom@szek]

Poczytaj i zastosuj:

http://forum.programosy.pl/hijackthis-amp-silent-runners-gtobsuga-i-umieszczanie-vt9452.html

[adamek]

Kod: Zaznacz wszystko

Logfile of HijackThis v1.99.1
Scan saved at 12:44:09, on 2006-09-26
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\netdde.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Raxco\PerfectDisk\PDSched.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\winknqkŕ.exe
C:\Program Files\Winamp\winamp.exe
E:\programy\antyviry\Do ręcznej walki z Trojanami\HijackThis-1.exe
C:\WINDOWS\System32\WScript.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://szukaj.wp.pl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wp.pl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: del.bat
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: MCPClient - C:\PROGRA~1\COMMON~1\Stardock\mcpstub.dll
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDSched.exe

"Silent Runners.vbs", revision 46, http://www.silentrunners.org/
Operating System: Windows XP SP2
Output limited to non-default values, except where indicated by "{++}"


Startup items buried in registry:
---------------------------------

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"Gadu-Gadu" = ""C:\Program Files\Gadu-Gadu\gg.exe" /tray" ["sms-express.com"]
"msnmsgr" = ""C:\Program Files\MSN Messenger\msnmsgr.exe" /background" [MS]

HKLM\Software\Microsoft\Active Setup\Installed Components\
>{26923b43-4d38-484f-9b9e-de460746276c}\(Default) = "Internet Explorer"
                                        \StubPath   = "C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigIE" [MS]

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided)
  -> {HKLM...CLSID} = "AcroIEHlprObj Class"
                   \InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"]
{A5366673-E8CA-11D3-9CD9-0090271D075B}\(Default) = (no title provided)
  -> {HKLM...CLSID} = "IeCatch2 Class"
                   \InProcServer32\(Default) = "C:\PROGRA~1\FlashGet\jccatch.dll" ["Amaze Soft"]

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Rozszerzenie CPL kadrowania wyświetlania"
  -> {HKLM...CLSID} = "Rozszerzenie CPL kadrowania wyświetlania"
                   \InProcServer32\(Default) = "deskpan.dll" [file not found]
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Rozszerzenie ikony HyperTerminalu"
  -> {HKLM...CLSID} = "HyperTerminal Icon Ext"
                   \InProcServer32\(Default) = "C:\WINDOWS\system32\hticons.dll" ["Hilgraeve, Inc."]
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"
  -> {HKLM...CLSID} = "WinRAR"
                   \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
"{ABC70703-32AF-11d4-90C4-D483A70F4825}" = "CMenuExtender"
  -> {HKLM...CLSID} = "CMenuExtender"
                   \InProcServer32\(Default) = "C:\WINDOWS\BricoPacks\Vista Inspirat\iColorFolder\CMExt.dll" ["Revenger inc."]
"{8e9d6600-f84a-11ce-8daa-00aa004a5691}" = "Shell extensions for NetWare"
  -> {HKLM...CLSID} = "NetWare Objects"
                   \InProcServer32\(Default) = "nwprovau.dll" [MS]
"{e3f2bac0-099f-11cf-8daa-00aa004a5691}" = "Shell extensions for NetWare"
  -> {HKLM...CLSID} = "NetWare UNC Folder Menu"
                   \InProcServer32\(Default) = "nwprovau.dll" [MS]
"{52c68510-09a0-11cf-8daa-00aa004a5691}" = "Shell extensions for NetWare"
  -> {HKLM...CLSID} = "NetWare Hood Verbs"
                   \InProcServer32\(Default) = "nwprovau.dll" [MS]

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\
INFECTION WARNING! "{54D9498B-CF93-414F-8984-8CE7FDE0D391}" = "ewido shell guard"
  -> {HKLM...CLSID} = "CShellExecuteHookImpl Object"
                   \InProcServer32\(Default) = "C:\Program Files\ewido anti-malware\shellhook.dll" ["TODO: <Firmenname>"]

HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\
"0aMCPClient" = "{F5DF91F9-15E9-416B-A7C3-7519B11ECBFC}"
  -> {HKLM...CLSID} = "MCPShellInstantiator Class"
                   \InProcServer32\(Default) = "C:\PROGRA~1\COMMON~1\stardock\MCPCore.dll" ["Stardock"]

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
INFECTION WARNING! AtiExtEvent\DLLName = "Ati2evxx.dll" ["ATI Technologies Inc."]
INFECTION WARNING! MCPClient\DLLName = "C:\PROGRA~1\COMMON~1\Stardock\mcpstub.dll" ["Stardock"]

HKLM\Software\Classes\Folder\shellex\ColumnHandlers\
{F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info"
  -> {HKLM...CLSID} = "PDF Shell Extension"
                   \InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."]

HKLM\Software\Classes\*\shellex\ContextMenuHandlers\
ewido\(Default) = "{57BD36D7-CE32-4600-9B1C-1A0C47EFC02E}"
  -> {HKLM...CLSID} = "Ctest Object"
                   \InProcServer32\(Default) = "C:\Program Files\ewido anti-malware\context.dll" ["ewido networks"]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
  -> {HKLM...CLSID} = "WinRAR"
                   \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\
CMenuExtender\(Default) = "{ABC70703-32AF-11d4-90C4-D483A70F4825}"
  -> {HKLM...CLSID} = "CMenuExtender"
                   \InProcServer32\(Default) = "C:\WINDOWS\BricoPacks\Vista Inspirat\iColorFolder\CMExt.dll" ["Revenger inc."]
ewido\(Default) = "{57BD36D7-CE32-4600-9B1C-1A0C47EFC02E}"
  -> {HKLM...CLSID} = "Ctest Object"
                   \InProcServer32\(Default) = "C:\Program Files\ewido anti-malware\context.dll" ["ewido networks"]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
  -> {HKLM...CLSID} = "WinRAR"
                   \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\
NetWareUNCMenu\(Default) = "{e3f2bac0-099f-11cf-8daa-00aa004a5691}"
  -> {HKLM...CLSID} = "NetWare UNC Folder Menu"
                   \InProcServer32\(Default) = "nwprovau.dll" [MS]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
  -> {HKLM...CLSID} = "WinRAR"
                   \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]


Active Desktop and Wallpaper:
-----------------------------

Active Desktop is disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

HKCU\Control Panel\Desktop\
"Wallpaper" = "C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp"


Enabled Screen Saver:
---------------------

HKCU\Control Panel\Desktop\
"SCRNSAVE.EXE" = "C:\WINDOWS\System32\logon.scr" [MS]


Startup items in "Administrator" & "All Users" startup folders:
---------------------------------------------------------------

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
INFECTION WARNING! "del.bat" [null data]


Winsock2 Service Provider DLLs:
-------------------------------

Namespace Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000004\LibraryPath = "%SystemRoot%\System32\nwprovau.dll" [MS]

Transport Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 22
%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05


Toolbars, Explorer Bars, Extensions:
------------------------------------

Toolbars

HKLM\Software\Microsoft\Internet Explorer\Toolbar\
"{E0E899AB-F487-11D5-8D29-0050BA6940E3}" = "FlashGet Bar"
  -> {HKLM...CLSID} = "FlashGet Bar"
                   \InProcServer32\(Default) = "C:\PROGRA~1\FlashGet\fgiebar.dll" ["Amaze Soft"]

Extensions (Tools menu items, main toolbar menu buttons)

HKLM\Software\Microsoft\Internet Explorer\Extensions\
{D6E814A0-E0C5-11D4-8D29-0050BA6940E3}\
"ButtonText" = "FlashGet"
"MenuText" = "&FlashGet"
"Exec" = "C:\PROGRA~1\FlashGet\flashget.exe" ["Amaze Soft"]

{FB5F1910-F110-11D2-BB9E-00C04F795683}\
"ButtonText" = "Messenger"
"MenuText" = "Windows Messenger"
"Exec" = "C:\Program Files\Messenger\msmsgs.exe" [MS]


Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------

ewido security suite control, ewido security suite control, "C:\Program Files\ewido anti-malware\ewidoctrl.exe" ["ewido networks"]
PDScheduler, PDSched, ""C:\Program Files\Raxco\PerfectDisk\PDSched.exe"" ["Raxco Software, Inc."]


----------
+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
  launch it from a command prompt or a shortcut with the -all parameter.
+ The search for DESKTOP.INI DLL launch points on all local fixed drives
  took 144 seconds.
+ The search for all Registry CLSIDs containing dormant Explorer Bars
  took 43 seconds.
---------- (total run time: 278 seconds)



/--------------------------------------------------------------\
|                  Trend Micro System Cleaner                  |
|              Copyright 2006, Trend Micro, Inc.               |
|                   http://www.antivirus.com                   |
\--------------------------------------------------------------/


2006-09-25, 16:51:09,   Auto-clean mode specified.
2006-09-25, 16:51:09,   Running scanner "E:\programy\antyviry\Do ręcznej walki z Trojanami\Systemcleaner\TSC.BIN"...
2006-09-25, 16:51:40,   Scanner "E:\programy\antyviry\Do ręcznej walki z Trojanami\Systemcleaner\TSC.BIN" has finished running.
2006-09-25, 16:51:40,   TSC Log:

Damage Cleanup Engine (DCE)  3.98(Build 1012)
Windows XP(Build 2600: Dodatek Service Pack 2)

Start time : Pn wrz 25 2006 16:51:11

Load Damage Cleanup Template (DCT) "E:\programy\antyviry\Do ręcznej walki z Trojanami\Systemcleaner\tsc.ptn" (version 788) [success]

Complete time : Pn wrz 25 2006 16:51:40
Execute pattern count(2983), Virus found count(0), Virus clean count(0), Clean failed count(0)

2006-09-25, 16:52:30,   An error was detected on "C:\System Volume Information\*.*": Odmowa dostępu.
2006-09-25, 16:52:41,   An error was detected on "D:\System Volume Information\*.*": Odmowa dostępu.
2006-09-25, 16:57:14,   Files Detected:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 9/25/2006 16:53:32
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 783 (133085 Patterns) (2006/09/23) (378300)
Command Line: E:\programy\antyviry\Do ręcznej walki z Trojanami\Systemcleaner\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=E:\programy\antyviry\Do ręcznej walki z Trojanami\Systemcleaner

C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe [PE_SALITY.AE]
C:\Program Files\Activision\Call of Duty 2\CoD2SP_s.exe [PE_SALITY.AE]
2006-09-25, 16:57:14,   Files Clean:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 9/25/2006 16:53:32
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 783 (133085 Patterns) (2006/09/23) (378300)
Command Line: E:\programy\antyviry\Do ręcznej walki z Trojanami\Systemcleaner\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=E:\programy\antyviry\Do ręcznej walki z Trojanami\Systemcleaner

Success Clean [    PE_SALITY.AE]( 6308) from C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe
Success Clean [    PE_SALITY.AE]( 6308) from C:\Program Files\Activision\Call of Duty 2\CoD2SP_s.exe
2006-09-25, 16:57:14,   Clean Fail:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 9/25/2006 16:53:32
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 783 (133085 Patterns) (2006/09/23) (378300)
Command Line: E:\programy\antyviry\Do ręcznej walki z Trojanami\Systemcleaner\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=E:\programy\antyviry\Do ręcznej walki z Trojanami\Systemcleaner

2006-09-25, 16:57:14,   Scanner "E:\programy\antyviry\Do ręcznej walki z Trojanami\Systemcleaner\VSCANTM.BIN" has finished running.
2006-09-25, 16:57:20,   Files Detected:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 9/25/2006 16:57:16
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 783 (133085 Patterns) (2006/09/23) (378300)
Command Line: E:\programy\antyviry\Do ręcznej walki z Trojanami\Systemcleaner\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 D:\*.* /P=E:\programy\antyviry\Do ręcznej walki z Trojanami\Systemcleaner

127 files have been read.
127 files have been checked.
70 files have been scanned.
70 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 9/25/2006 16:57:20
---------*---------*---------*---------*---------*---------*---------*---------*
2006-09-25, 16:57:20,   Files Clean:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 9/25/2006 16:57:15
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 783 (133085 Patterns) (2006/09/23) (378300)
Command Line: E:\programy\antyviry\Do ręcznej walki z Trojanami\Systemcleaner\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 D:\*.* /P=E:\programy\antyviry\Do ręcznej walki z Trojanami\Systemcleaner

127 files have been read.
127 files have been checked.
70 files have been scanned.
70 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 9/25/2006 16:57:20   2 seconds (2.55 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2006-09-25, 16:57:20,   Clean Fail:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 9/25/2006 16:57:15
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 783 (133085 Patterns) (2006/09/23) (378300)
Command Line: E:\programy\antyviry\Do ręcznej walki z Trojanami\Systemcleaner\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 D:\*.* /P=E:\programy\antyviry\Do ręcznej walki z Trojanami\Systemcleaner

127 files have been read.
127 files have been checked.
70 files have been scanned.
70 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 9/25/2006 16:57:20   2 seconds (2.55 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2006-09-25, 16:57:20,   Scanner "E:\programy\antyviry\Do ręcznej walki z Trojanami\Systemcleaner\VSCANTM.BIN" has finished running.
2006-09-25, 17:03:21,   Files Detected:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 9/25/2006 16:57:20
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 783 (133085 Patterns) (2006/09/23) (378300)
Command Line: E:\programy\antyviry\Do ręcznej walki z Trojanami\Systemcleaner\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 E:\*.* /P=E:\programy\antyviry\Do ręcznej walki z Trojanami\Systemcleaner

E:\programy\tellmemoredlasredniozaawansowanych\CRACK DO TELL ME MORE\tmm.exe [PE_SALITY.AE]
E:\programy\Akwarium\FISH.SCR [PE_SALITY.AE]
E:\programy\Traktor DJ Studio 2\TraktorDJStudio2.exe [PE_SALITY.AE]
E:\programy\Traktor DJ Studio 2\UNWISE.EXE [PE_SALITY.AE]
E:\programy\antyviry\Do ręcznej walki z Trojanami\HijackThis-1.exe [PE_SALITY.AE]
E:\programy\antyviry\Do ręcznej walki z Trojanami\KillBox.exe [PE_SALITY.AE]
E:\programy\antyviry\Do ręcznej walki z Trojanami\gmer.exe [PE_SALITY.AE]
E:\programy\Progsy i inne\Everesthome\everest.exe [PE_SALITY.AE]
E:\programy\Progsy i inne\PerfectDisk 7.0 Build 31 Full Retail\Raxco PerfectDisk 7 Build 31 Full Retail Version\Raxco PerfectDisk 7 Build 31 Full Retail Version\Common\Raxco\AutoUpd.exe [PE_SALITY.AE]
E:\programy\Progsy i inne\PerfectDisk 7.0 Build 31 Full Retail\Raxco PerfectDisk 7 Build 31 Full Retail Version\Raxco PerfectDisk 7 Build 31 Full Retail Version\program files\Raxco\PerfectDisk\PDCmd.exe [PE_SALITY.AE]
E:\programy\Progsy i inne\PerfectDisk 7.0 Build 31 Full Retail\Raxco PerfectDisk 7 Build 31 Full Retail Version\Raxco PerfectDisk 7 Build 31 Full Retail Version\program files\Raxco\PerfectDisk\PDEngine.exe [PE_SALITY.AE]
E:\programy\Progsy i inne\PerfectDisk 7.0 Build 31 Full Retail\Raxco PerfectDisk 7 Build 31 Full Retail Version\Raxco PerfectDisk 7 Build 31 Full Retail Version\program files\Raxco\PerfectDisk\PDExchange.exe [PE_SALITY.AE]
E:\programy\Progsy i inne\PerfectDisk 7.0 Build 31 Full Retail\Raxco PerfectDisk 7 Build 31 Full Retail Version\Raxco PerfectDisk 7 Build 31 Full Retail Version\program files\Raxco\PerfectDisk\PDSched.exe [PE_SALITY.AE]
E:\programy\Progsy i inne\PerfectDisk 7.0 Build 31 Full Retail\Raxco PerfectDisk 7 Build 31 Full Retail Version\Raxco PerfectDisk 7 Build 31 Full Retail Version\program files\Raxco\PerfectDisk\PerfectDisk.exe [PE_SALITY.AE]
E:\programy\Progsy i inne\PerfectDisk 7.0 Build 31 Full Retail\Raxco PerfectDisk 7 Build 31 Full Retail Version\Raxco PerfectDisk 7 Build 31 Full Retail Version\setup.exe [PE_SALITY.AE]
E:\programy\Progsy i inne\kodeki\AC3Filter\dialog_patch.exe [PE_SALITY.AE]
E:\programy\Progsy i inne\kodeki\DivX.Pro.5.1.1 + keygen\DivX.Pro.5.1.1 + keygen\DivX.Pro.v5.1.Keygen.only-SSG\keygen.exe [PE_SALITY.AE]
E:\programy\Progsy i inne\Stery\C-MEDIA_XP_2K_ME_98(UDA041_build04L)\Play3D\CmiPlay3D.exe [PE_SALITY.AE]
E:\programy\Progsy i inne\Stery\C-MEDIA_XP_2K_ME_98(UDA041_build04L)\Driver\WIN_98\CMIRMDRV.EXE [PE_SALITY.AE]
E:\programy\Progsy i inne\Stery\C-MEDIA_XP_2K_ME_98(UDA041_build04L)\Driver\WIN_98\SmWizard.exe [PE_SALITY.AE]
E:\programy\Progsy i inne\Stery\C-MEDIA_XP_2K_ME_98(UDA041_build04L)\Driver\WDM\CMIRMDRV.EXE [PE_SALITY.AE]
E:\programy\Progsy i inne\Stery\C-MEDIA_XP_2K_ME_98(UDA041_build04L)\Driver\WDM\SmWizard.exe [PE_SALITY.AE]
E:\programy\Progsy i inne\Stery\C-MEDIA_XP_2K_ME_98(UDA041_build04L)\Setup.exe [PE_SALITY.AE]
E:\programy\Progsy i inne\Stery\C-MEDIA_XP_2K_ME_98(UDA041_build04L)\_ISDel.exe [PE_SALITY.AE]
E:\programy\IKONY\MULEVEL.EXE [PE_SALITY.AE]
E:\programy\Nowe z netu\Winamp.Pro.v5.092.Multilanguage.Incl.Keygen-NGEN\nowe skiny do winampa\Patriotic_Dreams.exe [PE_SALITY.AE]
E:\programy\Nowe z netu\Winamp.Pro.v5.092.Multilanguage.Incl.Keygen-NGEN\nowe skiny do winampa\Three_Line_Star.exe [PE_SALITY.AE]
E:\programy\Nowe z netu\Winamp.Pro.v5.092.Multilanguage.Incl.Keygen-NGEN\nowe skiny do winampa\WiJiWaNg_AVS_Pack.exe [PE_SALITY.AE]
E:\programy\Nowe z netu\Winamp.Pro.v5.092.Multilanguage.Incl.Keygen-NGEN\nowe skiny do winampa\WiJiWaNg_AVS_Pack_2.exe [PE_SALITY.AE]
E:\programy\Nowe z netu\Winamp.Pro.v5.092.Multilanguage.Incl.Keygen-NGEN\Patriotic_Dreams.exe [PE_SALITY.AE]
E:\programy\revelation\revelation\Revelation.exe [PE_SALITY.AE]
E:\programy\Internetowe\EyeInstaller.exe [PE_SALITY.AE]
E:\programy\Internetowe\ggbkiller2v1_94.exe [PE_SALITY.AE]
E:\programy\Rafi(Koło)\Rafi progr\iview397_[www.amnezja.org].exe [PE_SALITY.AE]
E:\programy\Rafi(Koło)\Rafi progr\VideoCalc.exe [PE_SALITY.AE]
E:\programy\msoffice_2003_SP1_ PL\cd1\FILES\PFILES\COMMON\MSSHARED\DBREP\WZCNFLCT.EXE [PE_SALITY.AE]
E:\programy\Przyspieszenie windowsa\pagedfrg.exe [PE_SALITY.AE]
E:\programy\Wygląd xp\3dcur95\MULEVEL.EXE [PE_SALITY.AE]
E:\programy\Wygląd xp\DesktopX 3.1 Enterprise.exe [PE_SALITY.AE]
2006-09-25, 17:03:21,   Files Clean:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 9/25/2006 16:57:20
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 783 (133085 Patterns) (2006/09/23) (378300)
Command Line: E:\programy\antyviry\Do ręcznej walki z Trojanami\Systemcleaner\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 E:\*.* /P=E:\programy\antyviry\Do ręcznej walki z Trojanami\Systemcleaner

Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\tellmemoredlasredniozaawansowanych\CRACK DO TELL ME MORE\tmm.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Akwarium\FISH.SCR
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Traktor DJ Studio 2\TraktorDJStudio2.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Traktor DJ Studio 2\UNWISE.EXE
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\antyviry\Do ręcznej walki z Trojanami\HijackThis-1.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\antyviry\Do ręcznej walki z Trojanami\KillBox.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\antyviry\Do ręcznej walki z Trojanami\gmer.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Progsy i inne\Everesthome\everest.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Progsy i inne\PerfectDisk 7.0 Build 31 Full Retail\Raxco PerfectDisk 7 Build 31 Full Retail Version\Raxco PerfectDisk 7 Build 31 Full Retail Version\Common\Raxco\AutoUpd.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Progsy i inne\PerfectDisk 7.0 Build 31 Full Retail\Raxco PerfectDisk 7 Build 31 Full Retail Version\Raxco PerfectDisk 7 Build 31 Full Retail Version\program files\Raxco\PerfectDisk\PDCmd.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Progsy i inne\PerfectDisk 7.0 Build 31 Full Retail\Raxco PerfectDisk 7 Build 31 Full Retail Version\Raxco PerfectDisk 7 Build 31 Full Retail Version\program files\Raxco\PerfectDisk\PDEngine.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Progsy i inne\PerfectDisk 7.0 Build 31 Full Retail\Raxco PerfectDisk 7 Build 31 Full Retail Version\Raxco PerfectDisk 7 Build 31 Full Retail Version\program files\Raxco\PerfectDisk\PDExchange.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Progsy i inne\PerfectDisk 7.0 Build 31 Full Retail\Raxco PerfectDisk 7 Build 31 Full Retail Version\Raxco PerfectDisk 7 Build 31 Full Retail Version\program files\Raxco\PerfectDisk\PDSched.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Progsy i inne\PerfectDisk 7.0 Build 31 Full Retail\Raxco PerfectDisk 7 Build 31 Full Retail Version\Raxco PerfectDisk 7 Build 31 Full Retail Version\program files\Raxco\PerfectDisk\PerfectDisk.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Progsy i inne\PerfectDisk 7.0 Build 31 Full Retail\Raxco PerfectDisk 7 Build 31 Full Retail Version\Raxco PerfectDisk 7 Build 31 Full Retail Version\setup.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Progsy i inne\kodeki\AC3Filter\dialog_patch.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Progsy i inne\kodeki\DivX.Pro.5.1.1 + keygen\DivX.Pro.5.1.1 + keygen\DivX.Pro.v5.1.Keygen.only-SSG\keygen.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Progsy i inne\Stery\C-MEDIA_XP_2K_ME_98(UDA041_build04L)\Play3D\CmiPlay3D.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Progsy i inne\Stery\C-MEDIA_XP_2K_ME_98(UDA041_build04L)\Driver\WIN_98\CMIRMDRV.EXE
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Progsy i inne\Stery\C-MEDIA_XP_2K_ME_98(UDA041_build04L)\Driver\WIN_98\SmWizard.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Progsy i inne\Stery\C-MEDIA_XP_2K_ME_98(UDA041_build04L)\Driver\WDM\CMIRMDRV.EXE
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Progsy i inne\Stery\C-MEDIA_XP_2K_ME_98(UDA041_build04L)\Driver\WDM\SmWizard.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Progsy i inne\Stery\C-MEDIA_XP_2K_ME_98(UDA041_build04L)\Setup.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Progsy i inne\Stery\C-MEDIA_XP_2K_ME_98(UDA041_build04L)\_ISDel.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\IKONY\MULEVEL.EXE
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Nowe z netu\Winamp.Pro.v5.092.Multilanguage.Incl.Keygen-NGEN\nowe skiny do winampa\Patriotic_Dreams.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Nowe z netu\Winamp.Pro.v5.092.Multilanguage.Incl.Keygen-NGEN\nowe skiny do winampa\Three_Line_Star.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Nowe z netu\Winamp.Pro.v5.092.Multilanguage.Incl.Keygen-NGEN\nowe skiny do winampa\WiJiWaNg_AVS_Pack.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Nowe z netu\Winamp.Pro.v5.092.Multilanguage.Incl.Keygen-NGEN\nowe skiny do winampa\WiJiWaNg_AVS_Pack_2.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Nowe z netu\Winamp.Pro.v5.092.Multilanguage.Incl.Keygen-NGEN\Patriotic_Dreams.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\revelation\revelation\Revelation.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Internetowe\EyeInstaller.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Internetowe\ggbkiller2v1_94.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Rafi(Koło)\Rafi progr\iview397_[www.amnezja.org].exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Rafi(Koło)\Rafi progr\VideoCalc.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\msoffice_2003_SP1_ PL\cd1\FILES\PFILES\COMMON\MSSHARED\DBREP\WZCNFLCT.EXE
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Przyspieszenie windowsa\pagedfrg.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Wygląd xp\3dcur95\MULEVEL.EXE
2006-09-25, 17:03:21,   Clean Fail:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 9/25/2006 16:57:20
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 783 (133085 Patterns) (2006/09/23) (378300)
Command Line: E:\programy\antyviry\Do ręcznej walki z Trojanami\Systemcleaner\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 E:\*.* /P=E:\programy\antyviry\Do ręcznej walki z Trojanami\Systemcleaner

2006-09-25, 17:03:22,   Scanner "E:\programy\antyviry\Do ręcznej walki z Trojanami\Systemcleaner\VSCANTM.BIN" has finished running.


/--------------------------------------------------------------\
|                  Trend Micro System Cleaner                  |
|              Copyright 2006, Trend Micro, Inc.               |
|                   http://www.antivirus.com                   |
\--------------------------------------------------------------/


2006-09-26, 12:45:16,   Auto-clean mode specified.
2006-09-26, 12:45:16,   Running scanner "E:\programy\antyviry\Do ręcznej walki z Trojanami\Systemcleaner\TSC.BIN"...
2006-09-26, 12:46:01,   Scanner "E:\programy\antyviry\Do ręcznej walki z Trojanami\Systemcleaner\TSC.BIN" has finished running.
2006-09-26, 12:46:01,   TSC Log:

Damage Cleanup Engine (DCE)  3.98(Build 1012)
Windows XP(Build 2600: Dodatek Service Pack 2)

Start time : Wt wrz 26 2006 12:45:19

Load Damage Cleanup Template (DCT) "E:\programy\antyviry\Do ręcznej walki z Trojanami\Systemcleaner\tsc.ptn" (version 788) [success]

Complete time : Wt wrz 26 2006 12:46:01
Execute pattern count(2983), Virus found count(0), Virus clean count(0), Clean failed count(0)

2006-09-26, 12:46:20,   An error was detected on "C:\System Volume Information\*.*": Odmowa dostępu.
2006-09-26, 12:46:33,   An error was detected on "D:\System Volume Information\*.*": Odmowa dostępu.
2006-09-26, 12:52:34,   Files Detected:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 9/26/2006 12:47:43
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 783 (133085 Patterns) (2006/09/23) (378300)
Command Line: E:\programy\antyviry\Do ręcznej walki z Trojanami\Systemcleaner\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=E:\programy\antyviry\Do ręcznej walki z Trojanami\Systemcleaner

C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\winknqkŕ.exe [TROJ_AGENT.CSE]
C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe [PE_SALITY.AE]
C:\Program Files\Activision\Call of Duty 2\CoD2SP_s.exe [PE_SALITY.AE]
2006-09-26, 12:52:34,   Files Clean:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 9/26/2006 12:47:43
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 783 (133085 Patterns) (2006/09/23) (378300)
Command Line: E:\programy\antyviry\Do ręcznej walki z Trojanami\Systemcleaner\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=E:\programy\antyviry\Do ręcznej walki z Trojanami\Systemcleaner

Success Clean [    PE_SALITY.AE]( 6308) from C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe
Success Clean [    PE_SALITY.AE]( 6308) from C:\Program Files\Activision\Call of Duty 2\CoD2SP_s.exe
2006-09-26, 12:52:34,   Clean Fail:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 9/26/2006 12:47:43
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 783 (133085 Patterns) (2006/09/23) (378300)
Command Line: E:\programy\antyviry\Do ręcznej walki z Trojanami\Systemcleaner\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=E:\programy\antyviry\Do ręcznej walki z Trojanami\Systemcleaner

2006-09-26, 12:52:34,   Scanner "E:\programy\antyviry\Do ręcznej walki z Trojanami\Systemcleaner\VSCANTM.BIN" has finished running.
2006-09-26, 12:52:47,   Files Detected:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 9/26/2006 12:52:38
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 783 (133085 Patterns) (2006/09/23) (378300)
Command Line: E:\programy\antyviry\Do ręcznej walki z Trojanami\Systemcleaner\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 D:\*.* /P=E:\programy\antyviry\Do ręcznej walki z Trojanami\Systemcleaner

274 files have been read.
274 files have been checked.
150 files have been scanned.
150 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 9/26/2006 12:52:47
---------*---------*---------*---------*---------*---------*---------*---------*
2006-09-26, 12:52:47,   Files Clean:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 9/26/2006 12:52:38
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 783 (133085 Patterns) (2006/09/23) (378300)
Command Line: E:\programy\antyviry\Do ręcznej walki z Trojanami\Systemcleaner\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 D:\*.* /P=E:\programy\antyviry\Do ręcznej walki z Trojanami\Systemcleaner

274 files have been read.
274 files have been checked.
150 files have been scanned.
150 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 9/26/2006 12:52:47   7 seconds (7.17 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2006-09-26, 12:52:47,   Clean Fail:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 9/26/2006 12:52:38
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 783 (133085 Patterns) (2006/09/23) (378300)
Command Line: E:\programy\antyviry\Do ręcznej walki z Trojanami\Systemcleaner\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 D:\*.* /P=E:\programy\antyviry\Do ręcznej walki z Trojanami\Systemcleaner

274 files have been read.
274 files have been checked.
150 files have been scanned.
150 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 9/26/2006 12:52:47   7 seconds (7.17 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2006-09-26, 12:52:47,   Scanner "E:\programy\antyviry\Do ręcznej walki z Trojanami\Systemcleaner\VSCANTM.BIN" has finished running.
2006-09-26, 13:00:54,   Files Detected:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 9/26/2006 12:52:48
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 783 (133085 Patterns) (2006/09/23) (378300)
Command Line: E:\programy\antyviry\Do ręcznej walki z Trojanami\Systemcleaner\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 E:\*.* /P=E:\programy\antyviry\Do ręcznej walki z Trojanami\Systemcleaner

E:\programy\tellmemoredlasredniozaawansowanych\CRACK DO TELL ME MORE\tmm.exe [PE_SALITY.AE]
E:\programy\Akwarium\FISH.SCR [PE_SALITY.AE]
E:\programy\Traktor DJ Studio 2\TraktorDJStudio2.exe [PE_SALITY.AE]
E:\programy\Traktor DJ Studio 2\UNWISE.EXE [PE_SALITY.AE]
E:\programy\antyviry\Do ręcznej walki z Trojanami\HijackThis-1.exe [PE_SALITY.AE]
E:\programy\antyviry\Do ręcznej walki z Trojanami\KillBox.exe [PE_SALITY.AE]
E:\programy\antyviry\Do ręcznej walki z Trojanami\gmer.exe [PE_SALITY.AE]
E:\programy\Progsy i inne\Everesthome\everest.exe [PE_SALITY.AE]
E:\programy\Progsy i inne\PerfectDisk 7.0 Build 31 Full Retail\Raxco PerfectDisk 7 Build 31 Full Retail Version\Raxco PerfectDisk 7 Build 31 Full Retail Version\Common\Raxco\AutoUpd.exe [PE_SALITY.AE]
E:\programy\Progsy i inne\PerfectDisk 7.0 Build 31 Full Retail\Raxco PerfectDisk 7 Build 31 Full Retail Version\Raxco PerfectDisk 7 Build 31 Full Retail Version\program files\Raxco\PerfectDisk\PDCmd.exe [PE_SALITY.AE]
E:\programy\Progsy i inne\PerfectDisk 7.0 Build 31 Full Retail\Raxco PerfectDisk 7 Build 31 Full Retail Version\Raxco PerfectDisk 7 Build 31 Full Retail Version\program files\Raxco\PerfectDisk\PDEngine.exe [PE_SALITY.AE]
E:\programy\Progsy i inne\PerfectDisk 7.0 Build 31 Full Retail\Raxco PerfectDisk 7 Build 31 Full Retail Version\Raxco PerfectDisk 7 Build 31 Full Retail Version\program files\Raxco\PerfectDisk\PDExchange.exe [PE_SALITY.AE]
E:\programy\Progsy i inne\PerfectDisk 7.0 Build 31 Full Retail\Raxco PerfectDisk 7 Build 31 Full Retail Version\Raxco PerfectDisk 7 Build 31 Full Retail Version\program files\Raxco\PerfectDisk\PDSched.exe [PE_SALITY.AE]
E:\programy\Progsy i inne\PerfectDisk 7.0 Build 31 Full Retail\Raxco PerfectDisk 7 Build 31 Full Retail Version\Raxco PerfectDisk 7 Build 31 Full Retail Version\program files\Raxco\PerfectDisk\PerfectDisk.exe [PE_SALITY.AE]
E:\programy\Progsy i inne\PerfectDisk 7.0 Build 31 Full Retail\Raxco PerfectDisk 7 Build 31 Full Retail Version\Raxco PerfectDisk 7 Build 31 Full Retail Version\setup.exe [PE_SALITY.AE]
E:\programy\Progsy i inne\kodeki\AC3Filter\dialog_patch.exe [PE_SALITY.AE]
E:\programy\Progsy i inne\kodeki\DivX.Pro.5.1.1 + keygen\DivX.Pro.5.1.1 + keygen\DivX.Pro.v5.1.Keygen.only-SSG\keygen.exe [PE_SALITY.AE]
E:\programy\Progsy i inne\Stery\C-MEDIA_XP_2K_ME_98(UDA041_build04L)\Play3D\CmiPlay3D.exe [PE_SALITY.AE]
E:\programy\Progsy i inne\Stery\C-MEDIA_XP_2K_ME_98(UDA041_build04L)\Driver\WIN_98\CMIRMDRV.EXE [PE_SALITY.AE]
E:\programy\Progsy i inne\Stery\C-MEDIA_XP_2K_ME_98(UDA041_build04L)\Driver\WIN_98\SmWizard.exe [PE_SALITY.AE]
E:\programy\Progsy i inne\Stery\C-MEDIA_XP_2K_ME_98(UDA041_build04L)\Driver\WDM\CMIRMDRV.EXE [PE_SALITY.AE]
E:\programy\Progsy i inne\Stery\C-MEDIA_XP_2K_ME_98(UDA041_build04L)\Driver\WDM\SmWizard.exe [PE_SALITY.AE]
E:\programy\Progsy i inne\Stery\C-MEDIA_XP_2K_ME_98(UDA041_build04L)\Setup.exe [PE_SALITY.AE]
E:\programy\Progsy i inne\Stery\C-MEDIA_XP_2K_ME_98(UDA041_build04L)\_ISDel.exe [PE_SALITY.AE]
E:\programy\IKONY\MULEVEL.EXE [PE_SALITY.AE]
E:\programy\Nowe z netu\Winamp.Pro.v5.092.Multilanguage.Incl.Keygen-NGEN\nowe skiny do winampa\Patriotic_Dreams.exe [PE_SALITY.AE]
E:\programy\Nowe z netu\Winamp.Pro.v5.092.Multilanguage.Incl.Keygen-NGEN\nowe skiny do winampa\Three_Line_Star.exe [PE_SALITY.AE]
E:\programy\Nowe z netu\Winamp.Pro.v5.092.Multilanguage.Incl.Keygen-NGEN\nowe skiny do winampa\WiJiWaNg_AVS_Pack.exe [PE_SALITY.AE]
E:\programy\Nowe z netu\Winamp.Pro.v5.092.Multilanguage.Incl.Keygen-NGEN\nowe skiny do winampa\WiJiWaNg_AVS_Pack_2.exe [PE_SALITY.AE]
E:\programy\Nowe z netu\Winamp.Pro.v5.092.Multilanguage.Incl.Keygen-NGEN\Patriotic_Dreams.exe [PE_SALITY.AE]
E:\programy\revelation\revelation\Revelation.exe [PE_SALITY.AE]
E:\programy\Internetowe\EyeInstaller.exe [PE_SALITY.AE]
E:\programy\Internetowe\ggbkiller2v1_94.exe [PE_SALITY.AE]
E:\programy\Rafi(Koło)\Rafi progr\iview397_[www.amnezja.org].exe [PE_SALITY.AE]
E:\programy\Rafi(Koło)\Rafi progr\VideoCalc.exe [PE_SALITY.AE]
E:\programy\msoffice_2003_SP1_ PL\cd1\FILES\PFILES\COMMON\MSSHARED\DBREP\WZCNFLCT.EXE [PE_SALITY.AE]
E:\programy\Przyspieszenie windowsa\pagedfrg.exe [PE_SALITY.AE]
E:\programy\Wygląd xp\3dcur95\MULEVEL.EXE [PE_SALITY.AE]
E:\programy\Wygląd xp\DesktopX 3.1 Enterprise.exe [PE_SALITY.AE]
E:\programy\Wygląd xp\keygen.exe [PE_SALITY.AE]
E:\programy\InterQuest Faces v3.0\Language Packs\FACES espaĄol.exe [PE_SALITY.AE]
E:\programy\InterQuest Faces v3.0\Language Packs\FACES français.exe [PE_SALITY.AE]
E:\programy\InterQuest Faces v3.0\Language Packs\Instalación del Faces.exe [PE_SALITY.AE]
E:\programy\InterQuest Faces v3.0\Language Packs\Installer Faces.exe [PE_SALITY.AE]
E:\programy\InterQuest Faces v3.0\Language Packs\select.exe [PE_SALITY.AE]
E:\programy\InterQuest Faces v3.0\Install Faces.exe [PE_SALITY.AE]
E:\programy\InterQuest Faces v3.0\FACES English.exe [PE_SALITY.AE]
E:\Obrazy gier\Call of duty 2\DEViANCE\CoD2SP_s.exe [PE_SALITY.AE]
E:\Obrazy gier\Call of duty 2\DEViANCE\deviance.exe [PE_SALITY.AE]
E:\Obrazy gier\Call of duty 2\DirectX\dxsetup.exe [PE_SALITY.AE]
2006-09-26, 13:00:54,   Files Clean:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 9/26/2006 12:52:48
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 783 (133085 Patterns) (2006/09/23) (378300)
Command Line: E:\programy\antyviry\Do ręcznej walki z Trojanami\Systemcleaner\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 E:\*.* /P=E:\programy\antyviry\Do ręcznej walki z Trojanami\Systemcleaner

Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\tellmemoredlasredniozaawansowanych\CRACK DO TELL ME MORE\tmm.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Akwarium\FISH.SCR
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Traktor DJ Studio 2\TraktorDJStudio2.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Traktor DJ Studio 2\UNWISE.EXE
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\antyviry\Do ręcznej walki z Trojanami\HijackThis-1.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\antyviry\Do ręcznej walki z Trojanami\KillBox.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\antyviry\Do ręcznej walki z Trojanami\gmer.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Progsy i inne\Everesthome\everest.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Progsy i inne\PerfectDisk 7.0 Build 31 Full Retail\Raxco PerfectDisk 7 Build 31 Full Retail Version\Raxco PerfectDisk 7 Build 31 Full Retail Version\Common\Raxco\AutoUpd.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Progsy i inne\PerfectDisk 7.0 Build 31 Full Retail\Raxco PerfectDisk 7 Build 31 Full Retail Version\Raxco PerfectDisk 7 Build 31 Full Retail Version\program files\Raxco\PerfectDisk\PDCmd.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Progsy i inne\PerfectDisk 7.0 Build 31 Full Retail\Raxco PerfectDisk 7 Build 31 Full Retail Version\Raxco PerfectDisk 7 Build 31 Full Retail Version\program files\Raxco\PerfectDisk\PDEngine.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Progsy i inne\PerfectDisk 7.0 Build 31 Full Retail\Raxco PerfectDisk 7 Build 31 Full Retail Version\Raxco PerfectDisk 7 Build 31 Full Retail Version\program files\Raxco\PerfectDisk\PDExchange.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Progsy i inne\PerfectDisk 7.0 Build 31 Full Retail\Raxco PerfectDisk 7 Build 31 Full Retail Version\Raxco PerfectDisk 7 Build 31 Full Retail Version\program files\Raxco\PerfectDisk\PDSched.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Progsy i inne\PerfectDisk 7.0 Build 31 Full Retail\Raxco PerfectDisk 7 Build 31 Full Retail Version\Raxco PerfectDisk 7 Build 31 Full Retail Version\program files\Raxco\PerfectDisk\PerfectDisk.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Progsy i inne\PerfectDisk 7.0 Build 31 Full Retail\Raxco PerfectDisk 7 Build 31 Full Retail Version\Raxco PerfectDisk 7 Build 31 Full Retail Version\setup.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Progsy i inne\kodeki\AC3Filter\dialog_patch.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Progsy i inne\kodeki\DivX.Pro.5.1.1 + keygen\DivX.Pro.5.1.1 + keygen\DivX.Pro.v5.1.Keygen.only-SSG\keygen.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Progsy i inne\Stery\C-MEDIA_XP_2K_ME_98(UDA041_build04L)\Play3D\CmiPlay3D.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Progsy i inne\Stery\C-MEDIA_XP_2K_ME_98(UDA041_build04L)\Driver\WIN_98\CMIRMDRV.EXE
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Progsy i inne\Stery\C-MEDIA_XP_2K_ME_98(UDA041_build04L)\Driver\WIN_98\SmWizard.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Progsy i inne\Stery\C-MEDIA_XP_2K_ME_98(UDA041_build04L)\Driver\WDM\CMIRMDRV.EXE
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Progsy i inne\Stery\C-MEDIA_XP_2K_ME_98(UDA041_build04L)\Driver\WDM\SmWizard.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Progsy i inne\Stery\C-MEDIA_XP_2K_ME_98(UDA041_build04L)\Setup.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Progsy i inne\Stery\C-MEDIA_XP_2K_ME_98(UDA041_build04L)\_ISDel.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\IKONY\MULEVEL.EXE
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Nowe z netu\Winamp.Pro.v5.092.Multilanguage.Incl.Keygen-NGEN\nowe skiny do winampa\Patriotic_Dreams.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Nowe z netu\Winamp.Pro.v5.092.Multilanguage.Incl.Keygen-NGEN\nowe skiny do winampa\Three_Line_Star.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Nowe z netu\Winamp.Pro.v5.092.Multilanguage.Incl.Keygen-NGEN\nowe skiny do winampa\WiJiWaNg_AVS_Pack.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Nowe z netu\Winamp.Pro.v5.092.Multilanguage.Incl.Keygen-NGEN\nowe skiny do winampa\WiJiWaNg_AVS_Pack_2.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Nowe z netu\Winamp.Pro.v5.092.Multilanguage.Incl.Keygen-NGEN\Patriotic_Dreams.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\revelation\revelation\Revelation.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Internetowe\EyeInstaller.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Internetowe\ggbkiller2v1_94.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Rafi(Koło)\Rafi progr\iview397_[www.amnezja.org].exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Rafi(Koło)\Rafi progr\VideoCalc.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\msoffice_2003_SP1_ PL\cd1\FILES\PFILES\COMMON\MSSHARED\DBREP\WZCNFLCT.EXE
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Przyspieszenie windowsa\pagedfrg.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Wygląd xp\3dcur95\MULEVEL.EXE
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Wygląd xp\DesktopX 3.1 Enterprise.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\Wygląd xp\keygen.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\InterQuest Faces v3.0\Language Packs\FACES espaĄol.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\InterQuest Faces v3.0\Language Packs\FACES français.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\InterQuest Faces v3.0\Language Packs\Instalación del Faces.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\InterQuest Faces v3.0\Language Packs\Installer Faces.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\InterQuest Faces v3.0\Language Packs\select.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\InterQuest Faces v3.0\Install Faces.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\programy\InterQuest Faces v3.0\FACES English.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\Obrazy gier\Call of duty 2\DEViANCE\CoD2SP_s.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\Obrazy gier\Call of duty 2\DEViANCE\deviance.exe
Success Clean [    PE_SALITY.AE]( 6308) from E:\Obrazy gier\Call of duty 2\DirectX\dxsetup.exe
2006-09-26, 13:00:54,   Clean Fail:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 9/26/2006 12:52:48
VSAPI Engine Version : 8.000-1001
VSCANTM Version : 1.1-1001
Virus Pattern Version : 783 (133085 Patterns) (2006/09/23) (378300)
Command Line: E:\programy\antyviry\Do ręcznej walki z Trojanami\Systemcleaner\VSCANTM.BIN /NBPM /S /CLEANALL /DCEGENCLEAN /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 E:\*.* /P=E:\programy\antyviry\Do ręcznej walki z Trojanami\Systemcleaner

2006-09-26, 13:00:54,   Scanner "E:\programy\antyviry\Do ręcznej walki z Trojanami\Systemcleaner\VSCANTM.BIN" has finished running.


[ Dodano: Dzisiaj o 13:20 ]
zawsze robie scan po update

[ Dodano: Dzisiaj o 13:21 ]
evido:)

[Red]

wylacz przywracanie systemu ,wejdz w tryb awaryjny windowsa f8 i usuwasz

C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\winknqkŕ.exe

Start >>> Uruchom >>> cmd

Wpisz następujące komendy, każdą potwierdzając za pomocą ENTER:

RD /S /Q "C:\Documents and settings\Nazwa twojego konta\Ustawienia lokalne\Temp"
RD /S /Q "C:\Documents and settings\Nazwa twojego konta\Ustawienia lokalne\Temporary internet files"

Start >>> Uruchom >>> cmd
i wpisz :

RD /S /Q C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\winknqkŕ.exe

exit


Sciagnij ewido i przeskanuj nim kompa wklej wynik na forum:

http://www.ewido.net/en/

Dodatkowo sciagnij:
http://www.f-secure.com/exclude/blacklight/index.shtml
zastosuj .Zrestartuj kompa i sprawdz jak sytuacja.

Do usuniecia rowniez :

O4 - Global Startup: del.bat

[adamek]

Thx.Jest dobrze.
zrobiłem scan tymi programami i pustka:]
P.S
Dam wam znac za pare godz. czy znowu się pojawia w system32 po czasie jak to robił:)