Atak trojana - svcchosst.exe

tomh2o · 30 Maj 2007 17:43

Logfile of HijackThis v1.99.1 Scan saved at 19:39:45, on 2007-05-30 Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\WINDOWS\System32\RunDll32.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\BearShare\BearShare.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\System32\svcchosst.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Gadu-Gadu\gg.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\OGÓLNA\USTAWI~1\Temp\Rar$EX00.047\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM…\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM…\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM…\Run: [bearShare] “C:\Program Files\BearShare\BearShare.exe” /pause O4 - HKLM…\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM…\Run: [msvccc66] svcchosst.exe O4 - HKLM…\RunServices: [msvccc66] svcchosst.exe O4 - HKCU…\Run: [MSMSGS] “C:\Program Files\Messenger\msmsgs.exe” /background O4 - HKCU…\Run: [sYSTEM] winmgrd.exe O4 - HKCU…\Run: [skype] “C:\Program Files\Skype\Phone\Skype.exe” /nosplash /minimized O4 - HKCU…\Run: [Gadu-Gadu] “C:\Program Files\Gadu-Gadu\gg.exe” /tray O4 - HKCU…\RunServices: [sYSTEM] winmgrd.exe O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra ‘Tools’ menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O17 - HKLM\System\CCS\Services\Tcpip…{49635491-5898-4FD5-88EC-C0AF00571B67}: NameServer = 194.204.152.34 217.98.63.164 O17 - HKLM\System\CS1\Services\Tcpip…{49635491-5898-4FD5-88EC-C0AF00571B67}: NameServer = 194.204.152.34 217.98.63.164 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

Gutek · 30 Maj 2007 17:48

Zastosuj się do tego Tematu i zmień tytuł tematu na konkretny inaczej KOSZ

Pozdrawiam Gutek2222

użyj Windows Worms Doors Cleanera zmień znaczki z disable na enable. Po użyciu tego narzędzia wymagany jest reset sysa. w trybie awaryjnym usuń ręcznie pliki, a wpisy HJT

tomh2o · 30 Maj 2007 17:53

Sorki ale jestem zielony mozesaz mi dokładniej wytłumaczyć co mam zrobić i jak .Za poprzedni temat przepraszam.

Gutek · 30 Maj 2007 17:55

Wyłączyć Przywracanie systemu w XP TU
Zastartować do trybu awaryjnego bez internetu(opis w linku wyżej).
Zaznaczyć wskazane wpisy w Hijacku i kliknąć Fix checked. Wpisy zostaną usunięte.
Skasować z dysku pliki, które podkreśliłem na czerwono - lokazlizacja *C:\WINDOWS\system32*
Dokończyć skanerami online - Skanery do wyboru
Pokazać nowy log

wyżej Windows Worms Doors Cleanera jest opisany

tomh2o · 30 Maj 2007 18:53

Logfile of HijackThis v1.99.1 Scan saved at 20:53:27, on 2007-05-30 Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\WINDOWS\System32\RunDll32.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\BearShare\BearShare.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\System32\svcchosst.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Gadu-Gadu\gg.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system\csrrs.exe C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\OGÓLNA\USTAWI~1\Temp\Rar$EX00.391\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM…\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM…\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM…\Run: [bearShare] “C:\Program Files\BearShare\BearShare.exe” /pause O4 - HKLM…\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM…\Run: [msvccc66] svcchosst.exe O4 - HKLM…\RunServices: [msvccc66] svcchosst.exe O4 - HKCU…\Run: [MSMSGS] “C:\Program Files\Messenger\msmsgs.exe” /background O4 - HKCU…\Run: [skype] “C:\Program Files\Skype\Phone\Skype.exe” /nosplash /minimized O4 - HKCU…\Run: [Gadu-Gadu] “C:\Program Files\Gadu-Gadu\gg.exe” /tray O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra ‘Tools’ menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O17 - HKLM\System\CCS\Services\Tcpip…{49635491-5898-4FD5-88EC-C0AF00571B67}: NameServer = 194.204.152.34 217.98.63.164 O17 - HKLM\System\CS1\Services\Tcpip…{49635491-5898-4FD5-88EC-C0AF00571B67}: NameServer = 194.204.152.34 217.98.63.164 O17 - HKLM\System\CS2\Services\Tcpip…{49635491-5898-4FD5-88EC-C0AF00571B67}: NameServer = 194.204.152.34 217.98.63.164 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Windows Time Service (CSRRS) - Unknown owner - C:\WINDOWS\system\csrrs.exe

Gutek · 30 Maj 2007 18:59

Użyj Pocket Killbox. Zaznaczasz opcję Delete on Reboot oraz All Files i w polu Full Path of File to Delete wklejasz ścieżki

C:\WINDOWS\system\csrrs.exe

C:\WINDOWS\System32\svcchosst.exe

i naciskasz X czerwony. Program poprosi o reset kompa … czyli resetujesz.

Daj log z Combofix

tomh2o · 30 Maj 2007 19:18

“og˘lna” - 2007-05-30 21:16:41 Dodatek Service Pack. 1 ComboFix 07-05.27.BV - Running from: “C:\Documents and Settings\og˘lna\Pulpit” ((((((((((((((((((((((((((((((( Files Created from 2007-04-28 to 2007-05-30 )))))))))))))))))))))))))))))))))) 2007-05-30 21:01 2007-05-30 20:12 2007-05-30 20:08 2007-05-30 19:10 2007-05-30 18:50 2007-05-30 18:49 421,656 --a------ C:\WINDOWS\system32\wuapi.dll 2007-05-30 18:49 39,704 --a------ C:\WINDOWS\system32\wups.dll 2007-05-30 18:49 187,160 --a------ C:\WINDOWS\system32\wuaueng1.dll 2007-05-30 18:49 170,264 --a------ C:\WINDOWS\system32\wuauclt1.exe 2007-05-30 18:49 120,288 --a------ C:\WINDOWS\system32\wuweb.dll 2007-05-30 18:49 119,576 --a------ C:\WINDOWS\system32\wucltui.dll 2007-05-29 21:13 2007-05-29 21:08 9,728 --a------ C:\WINDOWS\system32\mstinit.exe 2007-05-29 21:08 81,408 --a------ C:\WINDOWS\system32\msoert2.dll 2007-05-29 21:08 73,728 --a------ C:\WINDOWS\system32\ils.dll 2007-05-29 21:08 69,248 --a------ C:\WINDOWS\system32\drivers\sr.sys 2007-05-29 21:08 65,536 --a------ C:\WINDOWS\system32\msconf.dll 2007-05-29 21:08 63,488 --a------ C:\WINDOWS\system32\srclient.dll 2007-05-29 21:08 587,776 --a------ C:\WINDOWS\system32\inetcomm.dll 2007-05-29 21:08 32,256 --a------ C:\WINDOWS\system32\mnmdd.dll 2007-05-29 21:08 253,952 --a------ C:\WINDOWS\system32\mstask.dll 2007-05-29 21:08 24,576 --a------ C:\WINDOWS\system32\nmmkcert.dll 2007-05-29 21:08 228,864 --a------ C:\WINDOWS\system32\msoeacct.dll 2007-05-29 21:08 227,328 --a------ C:\WINDOWS\system32\srrstr.dll 2007-05-29 21:08 221,696 --a------ C:\WINDOWS\system32\qmgr.dll 2007-05-29 21:08 17,408 --a------ C:\WINDOWS\system32\qmgrprxy.dll 2007-05-29 21:08 160,256 --a------ C:\WINDOWS\system32\schedsvc.dll 2007-05-29 21:08 159,232 --a------ C:\WINDOWS\system32\srsvc.dll 2007-05-29 21:07 99,328 --a------ C:\WINDOWS\system32\clipbrd.exe 2007-05-29 21:07 9,216 --a------ C:\WINDOWS\system32\wuauserv.dll 2007-05-29 21:07 9,216 --a------ C:\WINDOWS\system32\icaapi.dll 2007-05-29 21:07 89,088 --a------ C:\WINDOWS\system32\tscfgwmi.dll 2007-05-29 21:07 75,912 --a------ C:\WINDOWS\system32\rdpwsx.dll 2007-05-29 21:07 598,016 --a------ C:\WINDOWS\system32\mstscax.dll 2007-05-29 21:07 582,656 --a------ C:\WINDOWS\system32\catsrvut.dll 2007-05-29 21:07 57,856 --a------ C:\WINDOWS\system32\licwmi.dll 2007-05-29 21:07 56,832 --a------ C:\WINDOWS\system32\remotepg.dll 2007-05-29 21:07 534,016 --a------ C:\WINDOWS\system32\spider.exe 2007-05-29 21:07 44,032 --a------ C:\WINDOWS\system32\rdpclip.exe 2007-05-29 21:07 40,960 --a------ C:\WINDOWS\system32\tscupgrd.exe 2007-05-29 21:07 390,144 --a------ C:\WINDOWS\system32\mstsc.exe 2007-05-29 21:07 359,936 --a------ C:\WINDOWS\system32\msdtcprx.dll 2007-05-29 21:07 342,016 --a------ C:\WINDOWS\system32\mspaint.exe 2007-05-29 21:07 32,768 --a------ C:\WINDOWS\system32\cfgbkend.dll 2007-05-29 21:07 201,216 --a------ C:\WINDOWS\system32\termsrv.dll 2007-05-29 21:07 14,848 --a------ C:\WINDOWS\system32\rdpsnd.dll 2007-05-29 21:07 135,680 --a------ C:\WINDOWS\system32\rdchost.dll 2007-05-29 21:07 130,048 --a------ C:\WINDOWS\system32\sessmgr.exe 2007-05-29 21:07 12,288 --a------ C:\WINDOWS\system32\rdsaddin.exe 2007-05-29 21:07 118,272 --a------ C:\WINDOWS\system32\mplay32.exe 2007-05-29 21:07 115,976 --a------ C:\WINDOWS\system32\drivers\rdpwd.sys 2007-05-29 21:07 114,968 --a------ C:\WINDOWS\system32\wuauclt.exe 2007-05-29 21:07 1,172,992 --a------ C:\WINDOWS\system32\comsvcs.dll 2007-05-29 21:07 1,081,112 --a------ C:\WINDOWS\system32\wuaueng.dll 2007-05-29 21:06 57,856 --a------ C:\WINDOWS\system32\drivers\redbook.sys 2007-05-29 21:06 5,888 --a------ C:\WINDOWS\system32\drivers\splitter.sys 2007-05-29 21:04 38,024 --a------ C:\WINDOWS\system32\drivers\termdd.sys 2007-05-29 21:04 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll 2007-05-29 21:04 182,400 --a------ C:\WINDOWS\system32\drivers\rdpdr.sys 2007-05-29 21:04 13,312 --a------ C:\WINDOWS\system32\irclass.dll 2007-05-29 21:03 72,192 --a------ C:\WINDOWS\system32\storprop.dll 2007-05-29 20:55 2007-05-29 20:24 2007-05-29 20:19 2007-05-29 20:19 2007-05-29 19:59 2007-05-29 19:47 974,848 --a------ C:\WINDOWS\system32\dxdiag.exe 2007-05-29 19:47 83,968 --a------ C:\WINDOWS\system32\drivers\nabtsfec.sys 2007-05-29 19:47 797,184 --a------ C:\WINDOWS\system32\d3dim700.dll 2007-05-29 19:47 79,360 --a------ C:\WINDOWS\system32\dpwsockx.dll 2007-05-29 19:47 68,096 --a------ C:\WINDOWS\system32\dpnhupnp.dll 2007-05-29 19:47 52,096 --a------ C:\WINDOWS\system32\drivers\msdv.sys 2007-05-29 19:47 48,512 --a------ C:\WINDOWS\system32\drivers\stream.sys 2007-05-29 19:47 470,528 --a------ C:\WINDOWS\system32\qdvd.dll 2007-05-29 19:47 47,104 --a------ C:\WINDOWS\system32\wstdecod.dll 2007-05-29 19:47 381,952 --a------ C:\WINDOWS\system32\dsound.dll 2007-05-29 19:47 354,816 --a------ C:\WINDOWS\system32\psisdecd.dll 2007-05-29 19:47 32,768 --a------ C:\WINDOWS\system32\dpnhpast.dll 2007-05-29 19:47 316,928 --a------ C:\WINDOWS\system32\qdv.dll 2007-05-29 19:47 292,864 --a------ C:\WINDOWS\system32\ddraw.dll 2007-05-29 19:47 230,400 --a------ C:\WINDOWS\system32\dplayx.dll 2007-05-29 19:47 181,248 --a------ C:\WINDOWS\system32\dmime.dll 2007-05-29 19:47 18,688 --a------ C:\WINDOWS\system32\drivers\wstcodec.sys 2007-05-29 19:47 16,896 --a------ C:\WINDOWS\system32\msyuv.dll 2007-05-29 19:47 16,384 --a------ C:\WINDOWS\system32\drivers\ccdecode.sys 2007-05-29 19:47 15,104 --a------ C:\WINDOWS\system32\drivers\mpe.sys 2007-05-29 19:47 14,976 --a------ C:\WINDOWS\system32\drivers\streamip.sys 2007-05-29 19:47 132,608 --a------ C:\WINDOWS\system32\devenum.dll 2007-05-29 19:47 122,880 --a------ C:\WINDOWS\system32\dmusic.dll 2007-05-29 19:47 11,392 --a------ C:\WINDOWS\system32\drivers\bdasup.sys 2007-05-29 19:47 10,880 --a------ C:\WINDOWS\system32\drivers\slip.sys 2007-05-29 19:47 10,112 --a------ C:\WINDOWS\system32\drivers\ndisip.sys 2007-05-29 19:47 1,962,496 --a------ C:\WINDOWS\system32\quartz.dll 2007-05-29 19:47 1,769,472 --a------ C:\WINDOWS\system32\dxdiagn.dll 2007-05-29 19:47 1,703,936 --a------ C:\WINDOWS\system32\d3d9.dll 2007-05-29 19:47 1,230,336 --a------ C:\WINDOWS\system32\msvidctl.dll 2007-05-29 19:47 1,201,152 --a------ C:\WINDOWS\system32\d3d8.dll 2007-05-29 19:47 1,189,888 --a------ C:\WINDOWS\system32\dx8vb.dll 2007-05-29 19:42 20,480 --a------ C:\WINDOWS\system32\wmpui.dll 2007-05-29 19:42 20,480 --a------ C:\WINDOWS\system32\wmpcore.dll 2007-05-29 19:42 20,480 --a------ C:\WINDOWS\system32\wmpcd.dll 2007-05-29 19:41 96,768 --a------ C:\WINDOWS\system32\logagent.exe 2007-05-29 19:41 940,544 --a------ C:\WINDOWS\system32\wmspdmoe.dll 2007-05-29 19:41 895,736 --a------ C:\WINDOWS\system32\wmvdmod.dll 2007-05-29 19:41 86,016 --a------ C:\WINDOWS\system32\wmpshell.dll 2007-05-29 19:41 8,192 --a------ C:\WINDOWS\system32\asferror.dll 2007-05-29 19:41 774,904 --a------ C:\WINDOWS\system32\wmsdmod.dll 2007-05-29 19:41 716,288 --a------ C:\WINDOWS\system32\wmadmoe.dll 2007-05-29 19:41 66,560 --a------ C:\WINDOWS\system32\wpdmtpus.dll 2007-05-29 19:41 61,952 --a------ C:\WINDOWS\system32\wpdconns.dll 2007-05-29 19:41 6,656 --a------ C:\WINDOWS\system32\laprxy.dll 2007-05-29 19:41 484,352 --a------ C:\WINDOWS\system32\Audiodev.dll 2007-05-29 19:41 47,104 --a------ C:\WINDOWS\system32\uwdf.exe 2007-05-29 19:41 413,944 --a------ C:\WINDOWS\system32\wmspdmod.dll 2007-05-29 19:41 396,528 --a------ C:\WINDOWS\system32\wmadmod.dll 2007-05-29 19:41 38,912 --a------ C:\WINDOWS\system32\wdfmgr.exe 2007-05-29 19:41 364,784 --a------ C:\WINDOWS\system32\MSSCP.dll 2007-05-29 19:41 335,872 --a------ C:\WINDOWS\system32\WMDRMdev.dll 2007-05-29 19:41 331,776 --a------ C:\WINDOWS\system32\wpdmtpdr.dll 2007-05-29 19:41 331,264 --a------ C:\WINDOWS\system32\wpdsp.dll 2007-05-29 19:41 33,792 --a------ C:\WINDOWS\system32\WMDMPS.dll 2007-05-29 19:41 315,904 --a------ C:\WINDOWS\system32\MSWMDM.dll 2007-05-29 19:41 3,371,008 --a------ C:\WINDOWS\system32\wmploc.dll 2007-05-29 19:41 290,816 --a------ C:\WINDOWS\system32\WMDRMNet.dll 2007-05-29 19:41 282,624 --a------ C:\WINDOWS\system32\wmpdxm.dll 2007-05-29 19:41 28,160 --a------ C:\WINDOWS\system32\WMDMLOG.dll 2007-05-29 19:41 25,088 --a------ C:\WINDOWS\system32\MsPMSNSv.dll 2007-05-29 19:41 224,768 --a------ C:\WINDOWS\system32\wmasf.dll 2007-05-29 19:41 189,440 --a------ C:\WINDOWS\system32\wmerror.dll 2007-05-29 19:41 18,944 --a------ C:\WINDOWS\system32\drivers\wpdusb.sys 2007-05-29 19:41 175,104 --a------ C:\WINDOWS\system32\wmpsrcwp.dll 2007-05-29 19:41 173,568 --a------ C:\WINDOWS\system32\MsPMSP.dll 2007-05-29 19:41 164,864 --a------ C:\WINDOWS\system32\cewmdm.dll 2007-05-29 19:41 150,016 --a------ C:\WINDOWS\system32\wmidx.dll 2007-05-29 19:41 15,872 --a------ C:\WINDOWS\system32\wdfapi.dll 2007-05-29 19:41 135,168 --a------ C:\WINDOWS\system32\wmpasf.dll 2007-05-29 19:41 114,176 --a------ C:\WINDOWS\system32\wpdmtp.dll 2007-05-29 19:41 1,594,880 --a------ C:\WINDOWS\system32\wmpencen.dll 2007-05-29 19:41 1,512,448 --a------ C:\WINDOWS\system32\WMVADVE.DLL 2007-05-29 19:41 1,218,808 --a------ C:\WINDOWS\system32\wmvadvd.dll 2007-05-29 19:41 1,119,744 --a------ C:\WINDOWS\system32\wmsdmoe2.dll 2007-05-29 19:41 1,027,072 --a------ C:\WINDOWS\system32\wmnetmgr.dll 2007-05-29 19:41 1,003,008 --a------ C:\WINDOWS\system32\wmvdmoe2.dll 2007-05-29 19:17 95,872 --a------ C:\WINDOWS\system32\AvastSS.scr 2007-05-29 19:17 94,552 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys 2007-05-29 19:17 85,952 --a------ C:\WINDOWS\system32\drivers\aswmon.sys 2007-05-29 19:17 43,176 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys 2007-05-29 19:17 26,888 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys 2007-05-29 19:17 23,416 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys 2007-05-29 19:16 745,600 --a------ C:\WINDOWS\system32\aswBoot.exe 2007-05-29 19:16 499,712 --a------ C:\WINDOWS\system32\MSVCP71.dll 2007-05-29 19:16 348,160 --a------ C:\WINDOWS\system32\MSVCR71.dll 2007-05-29 19:16 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll 2007-05-29 19:16 2007-05-29 19:15 2007-05-29 19:15 2007-05-29 19:15 2007-05-29 18:37 2007-05-29 18:34 2007-05-29 17:59 2007-05-28 14:38 2007-05-28 14:37 327,168 --a------ C:\WINDOWS\IsUn0415.exe 2007-05-28 14:37 2007-05-28 06:33 2007-05-28 06:29 2007-05-27 20:40 1,048,576 --ah----- C:\DOCUME~1\ola\NTUSER.DAT 2007-05-27 20:40 2007-05-27 20:40 2007-05-27 20:40 2007-05-27 20:40 2007-05-27 20:40 2007-05-27 20:40 2007-05-27 20:40 2007-05-27 20:10 2007-05-27 19:33 2007-05-27 19:33 2007-05-27 19:22 1,156 --a------ C:\WINDOWS\mozver.dat 2007-05-27 18:57 2007-05-27 18:50 2007-05-27 18:31 2007-05-27 18:29 0 --a------ C:\WINDOWS\nsreg.dat 2007-05-27 18:08 540,672 --a------ C:\WINDOWS\system32\pas.exe 2007-05-27 18:00 50,007 --a------ C:\WINDOWS\system32\drivers\adildr.sys 2007-05-27 18:00 46,892 --a------ C:\WINDOWS\system32\adadix16.dll 2007-05-27 18:00 4,981 --a------ C:\WINDOWS\system32\adadix2k.dll 2007-05-27 18:00 22,395 --a------ C:\WINDOWS\system32\drivers\fpga.bin 2007-05-27 18:00 155,648 --a------ C:\WINDOWS\system32\adadix32.dll 2007-05-27 18:00 143,360 --a------ C:\WINDOWS\autoclk.exe 2007-05-27 18:00 127,456 --a------ C:\WINDOWS\system32\ipdetect.exe 2007-05-27 18:00 127,065 --a------ C:\WINDOWS\system32\drivers\adiusbaw.sys 2007-05-27 18:00 126,976 --a------ C:\WINDOWS\system32\coclassfast.dll 2007-05-27 18:00 114,688 --a------ C:\WINDOWS\system32\unaddrv.exe 2007-05-27 18:00 1,531,904 --a------ C:\WINDOWS\adiras.exe 2007-05-27 18:00 2007-05-27 17:59 2007-05-27 17:24 2007-05-27 17:23 98,816 --a------ C:\WINDOWS\system32\dmstyle.dll 2007-05-27 17:23 80,896 --a------ C:\WINDOWS\system32\dpvsetup.exe 2007-05-27 17:23 8,192 --a------ C:\WINDOWS\system32\d3d8thk.dll 2007-05-27 17:23 77,824 --a------ C:\WINDOWS\system32\dpmodemx.dll 2007-05-27 17:23 76,800 --a------ C:\WINDOWS\system32\dmscript.dll 2007-05-27 17:23 733,184 --a------ C:\WINDOWS\system32\qedwipes.dll 2007-05-27 17:23 723,968 --a------ C:\WINDOWS\system32\dpnet.dll 2007-05-27 17:23 7,424 --a------ C:\WINDOWS\system32\drivers\mskssrv.sys 2007-05-27 17:23 667,648 --a------ C:\WINDOWS\system32\dinput8.dll 2007-05-27 17:23 648,704 --a------ C:\WINDOWS\system32\dinput.dll 2007-05-27 17:23 64,512 --a------ C:\WINDOWS\system32\amstream.dll 2007-05-27 17:23 602,624 --a------ C:\WINDOWS\system32\dx7vb.dll 2007-05-27 17:23 590,336 --a------ C:\WINDOWS\system32\d3dramp.dll 2007-05-27 17:23 58,368 --a------ C:\WINDOWS\system32\dmcompos.dll 2007-05-27 17:23 5,504 --a------ C:\WINDOWS\system32\drivers\mstee.sys 2007-05-27 17:23 5,248 --a------ C:\WINDOWS\system32\drivers\mspclock.sys 2007-05-27 17:23 491,520 --a------ C:\WINDOWS\system32\dsdmoprp.dll 2007-05-27 17:23 47,616 --a------ C:\WINDOWS\system32\d3dxof.dll 2007-05-27 17:23 467,968 --a------ C:\WINDOWS\system32\diactfrm.dll 2007-05-27 17:23 44,032 --a------ C:\WINDOWS\system32\dimap.dll 2007-05-27 17:23 436,224 --a------ C:\WINDOWS\system32\d3dim.dll 2007-05-27 17:23 4,608 --a------ C:\WINDOWS\system32\drivers\mspqm.sys 2007-05-27 17:23 4,096 --a------ C:\WINDOWS\system32\ksuser.dll 2007-05-27 17:23 4,096 --a------ C:\WINDOWS\system32\drivers\swenum.sys 2007-05-27 17:23 381,952 --a------ C:\WINDOWS\system32\dpvoice.dll 2007-05-27 17:23 350,208 --a------ C:\WINDOWS\system32\d3drm.dll 2007-05-27 17:23 34,816 --a------ C:\WINDOWS\system32\d3dpmesh.dll 2007-05-27 17:23 34,304 --a------ C:\WINDOWS\system32\mciqtz32.dll 2007-05-27 17:23 33,280 --a------ C:\WINDOWS\system32\dmloader.dll 2007-05-27 17:23 324,096 --a------ C:\WINDOWS\system32\mswebdvd.dll 2007-05-27 17:23 31,744 --a------ C:\WINDOWS\system32\pid.dll 2007-05-27 17:23 3,072 --a------ C:\WINDOWS\system32\dpnlobby.dll 2007-05-27 17:23 3,072 --a------ C:\WINDOWS\system32\dpnaddr.dll 2007-05-27 17:23 28,160 --a------ C:\WINDOWS\system32\dplaysvr.exe 2007-05-27 17:23 27,136 --a------ C:\WINDOWS\system32\dmband.dll 2007-05-27 17:23 257,024 --a------ C:\WINDOWS\system32\qcap.dll 2007-05-27 17:23 24,064 --a------ C:\WINDOWS\system32\ddrawex.dll 2007-05-27 17:23 223,232 --a------ C:\WINDOWS\system32\gcdef.dll 2007-05-27 17:23 19,968 --a------ C:\WINDOWS\system32\dpvacm.dll 2007-05-27 17:23 186,880 --a------ C:\WINDOWS\system32\dsdmo.dll 2007-05-27 17:23 18,944 --a------ C:\WINDOWS\system32\encapi.dll 2007-05-27 17:23 18,432 --a------ C:\WINDOWS\system32\dswave.dll 2007-05-27 17:23 173,056 --a------ C:\WINDOWS\system32\qasf.dll 2007-05-27 17:23 16,896 --a------ C:\WINDOWS\system32\dpnsvr.exe 2007-05-27 17:23 130,304 --a------ C:\WINDOWS\system32\drivers\ks.sys 2007-05-27 17:23 13,312 --a------ C:\WINDOWS\system32\msdmo.dll 2007-05-27 17:23 112,128 --a------ C:\WINDOWS\system32\dpvvox.dll 2007-05-27 17:23 100,864 --a------ C:\WINDOWS\system32\dmsynth.dll 2007-05-27 17:23 10,496 --a------ C:\WINDOWS\system32\drivers\dxapi.sys 2007-05-27 17:23 1,798,144 --a------ C:\WINDOWS\system32\qedit.dll 2007-05-27 17:23 1,294,336 --a------ C:\WINDOWS\system32\dsound3d.dll 2007-05-27 17:22 2007-05-27 17:21 516,096 --------- C:\WINDOWS\system32\ati2sgag.exe 2007-05-27 17:21 294,912 -ra------ C:\WINDOWS\system32\atiiiexx.dll 2007-05-27 17:21 151,552 -ra------ C:\WINDOWS\system32\ATIDEMGR.dll 2007-05-27 17:21 2007-05-27 17:16 917,504 -ra------ C:\WINDOWS\system\cmids3d.dll 2007-05-27 17:16 821,760 -ra------ C:\WINDOWS\system32\drivers\cmuda.sys 2007-05-27 17:16 712,704 -ra------ C:\WINDOWS\system32\Audio3D.dll 2007-05-27 17:16 712,704 -ra------ C:\WINDOWS\system32\a3d.dll 2007-05-27 17:16 50,048 --a------ C:\WINDOWS\system32\drivers\DMusic.sys 2007-05-27 17:16 32,768 -ra------ C:\WINDOWS\system32\udaprop.dll 2007-05-27 17:16 28,672 -ra------ C:\WINDOWS\system32\cmirmdrv.dll 2007-05-27 17:16 28,672 --a------ C:\WINDOWS\CMIRmDriver.dll 2007-05-27 17:16 266,240 --a------ C:\WINDOWS\CMIUninstall.exe 2007-05-27 17:16 233,472 -ra------ C:\WINDOWS\system32\cmirmdrv.exe 2007-05-27 17:16 225,280 --a------ C:\WINDOWS\CmiRmRedundDir.exe 2007-05-27 17:16 163,840 -ra------ C:\WINDOWS\system32\cmuda.dll 2007-05-27 17:16 1,458,176 -ra------ C:\WINDOWS\system\SmWizard.exe 2007-05-27 17:16 2007-05-27 17:16 2007-05-27 17:15 7,040 -ra------ C:\WINDOWS\system32\ntsim.sys 2007-05-27 17:15 41,984 -ra------ C:\WINDOWS\system32\drivers\fetnd5b.sys 2007-05-27 17:15 2007-05-27 17:13 5,824 --a------ C:\WINDOWS\system32\drivers\ASUSHWIO.SYS 2007-05-27 17:13 306,688 --a------ C:\WINDOWS\IsUninst.exe 2007-05-27 17:13 2007-05-27 17:10 786,432 --ah----- C:\DOCUME~1\zdanek\NTUSER.DAT 2007-05-27 17:10 1,835,008 --ah----- C:\Documents and Settings\og˘lna\NTUSER.DAT 2007-05-27 17:10 2007-05-27 17:10 2007-05-27 17:10 2007-05-27 17:10 2007-05-27 17:10 2007-05-27 17:10 2007-05-27 17:10 2007-05-27 17:10 2007-05-27 17:10 2007-05-27 17:10 2007-05-27 17:10 2007-05-27 17:10 2007-05-27 17:10 2007-05-27 17:10 2007-05-27 17:10 2007-05-27 17:08 786,432 --ah----- C:\DOCUME~1\NETWOR~1\NTUSER.DAT 2007-05-27 17:08 786,432 --ah----- C:\DOCUME~1\LOCALS~1\NTUSER.DAT 2007-05-27 17:08 2007-05-27 17:08 2007-05-27 17:08 2007-05-27 17:08 2007-05-27 17:08 2007-05-27 17:01 815,104 —h----- C:\DOCUME~1\DEFAUL~1\NTUSER.DAT 2007-05-27 17:01 112,128 --a------ C:\WINDOWS\system32\mapi32.dll 2007-05-27 17:01 0 -rahs---- C:\MSDOS.SYS 2007-05-27 17:01 0 -rahs---- C:\IO.SYS 2007-05-27 17:01 0 --a------ C:\CONFIG.SYS 2007-05-27 17:01 0 --a------ C:\AUTOEXEC.BAT 2007-05-27 17:01 2007-05-27 17:01 2007-05-27 17:00 2007-05-27 17:00 2007-05-27 17:00 2007-05-27 17:00 2007-05-27 17:00 2007-05-27 17:00 2007-05-27 16:59 81,920 --a------ C:\WINDOWS\system32\isign32.dll 2007-05-27 16:59 69,632 --a------ C:\WINDOWS\system32\icwdial.dll 2007-05-27 16:59 67,584 --a------ C:\WINDOWS\system32\acctres.dll 2007-05-27 16:59 61,440 --a------ C:\WINDOWS\system32\icwphbk.dll 2007-05-27 16:59 49,152 --a------ C:\WINDOWS\system32\inetres.dll 2007-05-27 16:59 40,960 --a------ C:\WINDOWS\system32\safrslv.dll 2007-05-27 16:59 39,424 --a------ C:\WINDOWS\system32\safrcdlg.dll 2007-05-27 16:59 33,792 --a------ C:\WINDOWS\system32\racpldlg.dll 2007-05-27 16:59 32,768 --a------ C:\WINDOWS\system32\mnmsrvc.exe 2007-05-27 16:59 28,672 --a------ C:\WINDOWS\system32\isrdbg32.dll 2007-05-27 16:59 270,336 --a------ C:\WINDOWS\system32\inetcfg.dll 2007-05-27 16:59 26,624 --a------ C:\WINDOWS\system32\safrdm.dll 2007-05-27 16:59 16,384 --a------ C:\WINDOWS\system32\icfgnt5.dll 2007-05-27 16:59 12,288 --a------ C:\WINDOWS\system32\nmevtmsg.dll 2007-05-27 16:59 11,264 --a------ C:\WINDOWS\system32\atrace.dll 2007-05-27 16:59 2007-05-27 16:59 2007-05-27 16:59 2007-05-27 16:59 2007-05-27 16:59 2007-05-27 16:58 9,728 --a------ C:\WINDOWS\system32\xolehlp.dll 2007-05-27 16:58 9,728 --a------ C:\WINDOWS\system32\reset.exe 2007-05-27 16:58 869,376 --a------ C:\WINDOWS\system32\msdtctm.dll 2007-05-27 16:58 83,968 --a------ C:\WINDOWS\system32\mtxoci.dll 2007-05-27 16:58 80,896 --a------ C:\WINDOWS\system32\charmap.exe 2007-05-27 16:58 73,216 --a------ C:\WINDOWS\system32\avwav.dll 2007-05-27 16:58 61,952 --a------ C:\WINDOWS\system32\rdshost.exe 2007-05-27 16:58 605,696 --a------ C:\WINDOWS\system32\getuname.dll 2007-05-27 16:58 57,344 --a------ C:\WINDOWS\system32\sol.exe 2007-05-27 16:58 55,808 --a------ C:\WINDOWS\system32\freecell.exe 2007-05-27 16:58 5,632 --a------ C:\WINDOWS\system32\write.exe 2007-05-27 16:58 494,592 --a------ C:\WINDOWS\system32\hypertrm.dll 2007-05-27 16:58 44,544 --a------ C:\WINDOWS\system32\hticons.dll 2007-05-27 16:58 4,608 --a------ C:\WINDOWS\system32\rdpcfgex.dll 2007-05-27 16:58 35,328 --a------ C:\WINDOWS\system32\winchat.exe 2007-05-27 16:58 33,792 --a------ C:\WINDOWS\system32\regini.exe 2007-05-27 16:58 231,424 --a------ C:\WINDOWS\system32\avtapi.dll 2007-05-27 16:58 23,640 --a------ C:\WINDOWS\system32\emptyregdb.dat 2007-05-27 16:58 22,528 --a------ C:\WINDOWS\system32\qwinsta.exe 2007-05-27 16:58 22,528 --a------ C:\WINDOWS\system32\msg.exe 2007-05-27 16:58 20,232 --a------ C:\WINDOWS\system32\drivers\tdtcp.sys 2007-05-27 16:58 19,456 --a------ C:\WINDOWS\system32\qprocess.exe 2007-05-27 16:58 183,296 --a------ C:\WINDOWS\system32\accwiz.exe 2007-05-27 16:58 17,920 --a------ C:\WINDOWS\system32\tsshutdn.exe 2007-05-27 16:58 17,408 --a------ C:\WINDOWS\system32\qappsrv.exe 2007-05-27 16:58 16,384 --a------ C:\WINDOWS\system32\tskill.exe 2007-05-27 16:58 16,384 --a------ C:\WINDOWS\system32\rwinsta.exe 2007-05-27 16:58 16,384 --a------ C:\WINDOWS\system32\avmeter.dll 2007-05-27 16:58 151,040 --a------ C:\WINDOWS\system32\msdtcuiu.dll 2007-05-27 16:58 15,872 --a------ C:\WINDOWS\system32\logoff.exe 2007-05-27 16:58 15,872 --a------ C:\WINDOWS\system32\cdmodem.dll 2007-05-27 16:58 15,360 --a------ C:\WINDOWS\system32\tsdiscon.exe 2007-05-27 16:58 15,360 --a------ C:\WINDOWS\system32\tscon.exe 2007-05-27 16:58 15,360 --a------ C:\WINDOWS\system32\shadow.exe 2007-05-27 16:58 139,264 --a------ C:\WINDOWS\system32\sndvol32.exe 2007-05-27 16:58 128,000 --a------ C:\WINDOWS\system32\mshearts.exe 2007-05-27 16:58 125,440 --a------ C:\WINDOWS\system32\sndrec32.exe 2007-05-27 16:58 119,808 --a------ C:\WINDOWS\system32\winmine.exe 2007-05-27 16:58 115,200 --a------ C:\WINDOWS\system32\calc.exe 2007-05-27 16:58 11,144 --a------ C:\WINDOWS\system32\drivers\tdpipe.sys 2007-05-27 16:58 1,225 --a------ C:\WINDOWS\system32\usrlogon.cmd 2007-05-27 16:58 2007-05-27 16:58 2007-05-27 16:58 2007-05-27 16:58 2007-05-27 16:58 2007-05-27 16:58 2007-05-27 16:58 2007-05-27 16:57 85,504 --a------ C:\WINDOWS\system32\catsrvps.dll 2007-05-27 16:57 82,432 --a------ C:\WINDOWS\system32\comrepl.dll 2007-05-27 16:57 6,144 --a------ C:\WINDOWS\system32\msdtc.exe 2007-05-27 16:57 56,832 --a------ C:\WINDOWS\system32\colbact.dll 2007-05-27 16:57 54,784 --a------ C:\WINDOWS\system32\msdtclog.dll 2007-05-27 16:57 54,272 --a------ C:\WINDOWS\system32\stclient.dll 2007-05-27 16:57 53,248 --a------ C:\WINDOWS\system32\servdeps.dll 2007-05-27 16:57 5,120 --a------ C:\WINDOWS\system32\dcomcnfg.exe 2007-05-27 16:57 495,616 --a------ C:\WINDOWS\system32\comuid.dll 2007-05-27 16:57 468,480 --a------ C:\WINDOWS\system32\clbcatq.dll 2007-05-27 16:57 4,096 --a------ C:\WINDOWS\system32\mtxex.dll 2007-05-27 16:57 25,600 --a------ C:\WINDOWS\system32\comaddin.dll 2007-05-27 16:57 25,088 --a------ C:\WINDOWS\system32\mtxlegih.dll 2007-05-27 16:57 215,040 --a------ C:\WINDOWS\system32\catsrv.dll 2007-05-27 16:57 20,480 --a------ C:\WINDOWS\system32\mtxdm.dll 2007-05-27 16:57 177,152 --a------ C:\WINDOWS\system32\cmprops.dll 2007-05-27 16:57 16,896 --a------ C:\WINDOWS\system32\mmfutil.dll 2007-05-27 16:57 147,456 --a------ C:\WINDOWS\system32\comsnap.dll 2007-05-27 16:57 100,864 --a------ C:\WINDOWS\system32\clbcatex.dll 2007-05-27 16:57 2007-05-27 16:55 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys 2007-05-27 16:53 70,096 --a------ C:\WINDOWS\system\AVICAP.DLL 2007-05-27 16:53 176,157 --a------ C:\WINDOWS\system32\dgrpsetu.dll 2007-05-27 16:53 103,424 --a------ C:\WINDOWS\system32\EqnClass.Dll 2007-05-27 16:53 10,496 --a------ C:\WINDOWS\system32\drivers\irenum.sys 2007-05-27 16:53 2007-05-27 16:53 2007-05-27 16:53 2007-05-27 16:53 2007-05-27 16:53 2007-05-27 16:53 2007-05-27 16:53 2007-05-27 16:53 2007-05-27 16:53 2007-05-27 16:53 2007-05-27 16:53 2007-05-27 16:53 2007-05-27 16:53 2007-05-27 16:53 2007-05-27 16:52 2007-05-27 16:52 2007-05-27 16:52 2007-05-27 16:52 2007-05-27 16:52 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 2007-05-27 16:48 (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-05-29 19:17:30 67,078 ----a-w C:\WINDOWS\system32\perfc015.dat 2007-05-29 19:17:30 435,978 ----a-w C:\WINDOWS\system32\perfh015.dat 2007-05-27 14:58:32 -------- d-----w C:\Program Files\Usługi online (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {53707962-6F74-2D53-2644-206D7942484F}=C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2005-05-31 01:04] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “Cmaudio”=“cmicnfg.cpl” [] “ATIPTA”=“C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe” [2004-08-25 12:52] “BearShare”=“C:\Program Files\BearShare\BearShare.exe” [2005-08-04 10:51] “avast!”=“C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe” [2007-04-30 17:42] “msvccc66”=“svcchosst.exe” [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “MSMSGS”=“C:\Program Files\Messenger\msmsgs.exe” [2002-08-20 15:08] “Skype”=“C:\Program Files\Skype\Phone\Skype.exe” [2007-05-18 13:19] “Gadu-Gadu”=“C:\Program Files\Gadu-Gadu\gg.exe” [2007-05-10 16:36] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices] “msvccc66”=svcchosst.exe HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost *netsvcs* ******************************************************************** catchme 0.3.692 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-05-30 21:17:22 Windows 5.1.2600 Dodatek Service Pack. 1 FAT NTAPI scanning hidden processes … scanning hidden services … scanning hidden autostart entries … scanning hidden files … scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 ******************************************************************** Completion time: 2007-05-30 21:17:24 — E O F —

Gutek · 30 Maj 2007 21:03

Już jest Ok