Brak Dysku Exception processing message c00000a3 parameters


(Deloska1966) #1
Logi hijackthis:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 18:25:41, on 2010-02-10

Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal


Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Panda Security\Panda Antivirus Pro 2010\TPSrv.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\RUNDLL32.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\cFosSpeed\spd.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Panda Security\Panda Antivirus Pro 2010\PsCtrls.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Program Files\Panda Security\Panda Antivirus Pro 2010\PskSvc.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\Program Files\Opera\opera.exe

C:\Documents and Settings\komp\Pulpit\HiJackThis.exe


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

O2 - BHO: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: PlayBox Toolbar - {5B291E6C-9A74-4034-971B-A4B007A0B315} - C:\Program Files\PlayBox\toolbar.ni.dll

O2 - BHO: UrlHelper Class - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\MediaBar\DataMngr\IEBHO.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll

O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\komp\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll

O3 - Toolbar: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll

O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O3 - Toolbar: PlayBox Toolbar - {5B291E6C-9A74-4034-971B-A4B007A0B315} - C:\Program Files\PlayBox\toolbar.ni.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Antivirus Pro 2010\APVXDWIN.EXE" /s

O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Security\Panda Antivirus Pro 2010\Inicio.exe"

O4 - HKLM\..\Run: [DataMngr] C:\Program Files\BearShare Applications\MediaBar\DataMngr\DataMngrUI.exe

O4 - HKLM\..\Run: [GEST] m‘|Lë

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [cFosSpeed] C:\Program Files\cFosSpeed\cFosSpeed.exe

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [Gadu-Gadu 10] "C:\Program Files\Gadu-Gadu 10\gg.exe"

O4 - HKCU\..\Run: [ALLUpdate] "d:\Program Files\ALLPlayer\ALLUpdate.exe" "sleep"

O4 - HKCU\..\RunOnce: [WiseStubReboot] MSIEXEC /quiet SKIP_PPU_DRIVER_INSTALL=1 /I "C:\Program Files\Common Files\Wise Installation Wizard\WISC5C1C0F0D62F4DBF81D4D7EF397C228B_9_09_0814.MSI" TRANSFORMS="C:\Program Files\Common Files\Wise Installation Wizard\WISC5C1C0F0D62F4DBF81D4D7EF397C228B_9_09_0814.MST" WISE_SETUP_EXE_PATH="f:\driver\2k_xp\190.62\PhysX_9.09.0814_SystemSoftware.exe"

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O18 - Protocol: toolbarchrome - {718733BC-AD64-4E5F-AC18-A85FBD75D54D} - C:\Program Files\PlayBox\toolbar.ni.dll

O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Program Files\cFosSpeed\spd.exe

O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Antivirus Pro 2010\PsCtrls.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Antivirus Pro 2010\PskSvc.exe

O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Antivirus Pro 2010\TPSrv.exe


--

End of file - 7571 bytes



combofix:

ComboFix 10-02-09.04 - komp 2010-02-10 15:14:20.1.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1250.48.1045.18.3071.2532 [GMT 1:00]

Uruchomiony z: c:\documents and settings\komp\Moje dokumenty\Pobieranie\ComboFix.exe

.


((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))

.


C:\0fpdq2dw.exe

C:\1hqup.exe

C:\9d6tpg.exe

C:\autorun.inf

C:\c2e.exe

c:\docume~1\komp\USTAWI~1\Temp\cvasds0.dll

c:\docume~1\komp\USTAWI~1\Temp\cvasds1.dll

c:\documents and settings\All Users\Menu Start\HP Image Zone .lnk

C:\kmj.exe

C:\mh.exe

C:\qkm.exe

C:\sywyrl0q.exe

c:\windows\ALCMTR.EXE

C:\xmor.exe

C:\y.exe

D:\0fpdq2dw.exe

D:\1hqup.exe

D:\9d6tpg.exe

D:\9fo3ar0j.exe

D:\9xf8.exe

D:\Autorun.inf

D:\c2e.exe

D:\kmj.exe

D:\mh.exe

D:\qkm.exe

D:\sywyrl0q.exe

D:\xmor.exe

D:\y.exe


.

((((((((((((((((((((((((( Pliki utworzone od 2010-01-10 do 2010-02-10 )))))))))))))))))))))))))))))))

.


2010-02-10 13:59 . 2010-02-10 13:59	--------	d-----w-	c:\documents and settings\komp\Dane aplikacji\ArcaVirMicroScan

2010-02-10 13:56 . 2009-06-30 08:37	28552	----a-w-	c:\windows\system32\drivers\pavboot.sys

2010-02-10 13:56 . 2010-02-10 13:56	--------	d-----w-	c:\windows\LastGood

2010-02-10 13:55 . 2010-02-10 13:55	--------	d-----w-	c:\program files\Panda Security

2010-02-10 13:50 . 2010-02-10 13:50	--------	d-sh--w-	c:\documents and settings\komp\IETldCache

2010-02-10 13:47 . 2010-02-10 13:47	--------	dc-h--w-	c:\windows\ie8

2010-02-10 13:46 . 2010-02-10 13:47	--------	d--h--w-	c:\windows\msdownld.tmp

2010-02-10 13:37 . 2010-01-28 22:09	38848	----a-w-	c:\windows\system32\avastSS.scr

2010-02-10 13:37 . 2009-11-24 23:54	1280480	----a-w-	c:\windows\system32\aswBoot.exe

2010-02-10 13:37 . 2010-02-10 13:37	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\Alwil Software

2010-02-10 13:37 . 2010-02-10 14:05	--------	d-----w-	c:\program files\Alwil Software

2010-02-09 18:39 . 2010-02-10 14:16	--------	d-----w-	c:\program files\cFosSpeed

2010-02-09 18:39 . 2009-10-30 11:25	872152	----a-w-	c:\windows\system32\drivers\cfosspeed.sys

2010-02-09 18:39 . 2009-10-30 11:25	288472	----a-w-	c:\windows\system32\cfosspeed.dll

2010-02-07 19:20 . 2010-02-07 19:20	--------	d-----w-	c:\documents and settings\komp\Dane aplikacji\BESTplayer

2010-02-07 16:34 . 2010-02-07 16:34	--------	d-----w-	c:\documents and settings\komp\Dane aplikacji\Ahead

2010-02-07 10:04 . 2009-07-28 15:33	55656	----a-w-	c:\windows\system32\drivers\avgntflt.sys

2010-02-04 20:54 . 2004-09-27 13:12	78896	----a-w-	c:\windows\system32\GEARAspi.dll

2010-02-04 20:54 . 2004-09-14 09:58	13872	----a-w-	c:\windows\system32\drivers\GEARAspiWDM.sys

2010-02-04 20:54 . 2003-07-17 11:56	89216	----a-w-	c:\windows\system32\drivers\FO_PAnt.sys

2010-02-04 20:54 . 2003-07-17 11:56	139264	----a-w-	c:\windows\system32\AfpT.dll

2010-02-04 20:54 . 2002-10-09 12:53	43904	----a-w-	c:\windows\system32\drivers\AFPAnsi.sys

2010-02-04 20:54 . 2010-02-04 20:54	--------	d-----w-	c:\program files\G DATA Software

2010-02-03 19:16 . 2010-02-03 19:16	94208	--sh--r-	C:\bveijo.exe

2010-01-29 15:34 . 2010-01-29 15:34	--------	d-----w-	c:\program files\Gadu-Gadu 10

2010-01-29 15:32 . 2010-01-29 15:32	97280	--sh--r-	C:\mvmdh.exe

2010-01-28 16:55 . 2010-02-07 16:17	--------	d-----w-	c:\program files\mp3towav

2010-01-28 16:55 . 1999-09-17 09:56	118784	----a-w-	c:\windows\system32\mp3dec.dll

2010-01-28 16:43 . 2010-01-28 16:43	--------	d-----w-	c:\documents and settings\komp\Dane aplikacji\Ashampoo

2010-01-28 16:43 . 2010-01-28 16:43	--------	d-----w-	c:\documents and settings\komp\Ustawienia lokalne\Dane aplikacji\ashampoo

2010-01-28 16:43 . 2010-01-28 16:43	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\ashampoo

2010-01-28 16:43 . 2010-01-28 16:43	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\page

2010-01-28 12:46 . 2010-01-28 12:46	--------	d-----w-	c:\documents and settings\komp\Dane aplikacji\LolClient.F24C99354F615F3BAB18AE7B93E3F9B9E8784FA6.1

2010-01-27 21:26 . 2008-07-31 09:41	68616	----a-w-	c:\windows\system32\XAPOFX1_1.dll

2010-01-27 21:26 . 2008-07-31 09:40	509448	----a-w-	c:\windows\system32\XAudio2_2.dll

2010-01-27 21:26 . 2008-07-12 07:18	467984	----a-w-	c:\windows\system32\d3dx10_39.dll

2010-01-27 21:26 . 2008-07-12 07:18	3851784	----a-w-	c:\windows\system32\D3DX9_39.dll

2010-01-27 21:26 . 2008-07-12 07:18	1493528	----a-w-	c:\windows\system32\D3DCompiler_39.dll

2010-01-27 21:26 . 2010-01-27 21:12	38784	----a-w-	c:\documents and settings\komp\Dane aplikacji\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe

2010-01-27 21:12 . 2010-01-27 21:12	--------	d-----w-	c:\program files\Common Files\Adobe AIR

2010-01-27 21:12 . 2010-01-27 21:12	38784	----a-w-	c:\documents and settings\Default User\Dane aplikacji\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe

2010-01-27 21:12 . 2010-01-27 21:12	--------	d-----w-	C:\Riot Games

2010-01-27 19:43 . 2010-01-27 19:43	--------	d-----w-	c:\program files\Common Files\Java

2010-01-27 19:43 . 2010-01-27 19:43	--------	d-----w-	c:\program files\Java

2010-01-27 19:40 . 2010-01-27 19:40	503808	----a-w-	c:\documents and settings\komp\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-3ff2dbaa-n\msvcp71.dll

2010-01-27 19:40 . 2010-01-27 19:40	499712	----a-w-	c:\documents and settings\komp\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-3ff2dbaa-n\jmc.dll

2010-01-27 19:40 . 2010-01-27 19:40	348160	----a-w-	c:\documents and settings\komp\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-3ff2dbaa-n\msvcr71.dll

2010-01-27 19:40 . 2010-01-27 19:40	61440	----a-w-	c:\documents and settings\komp\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-10a0bb8d-n\decora-sse.dll

2010-01-27 19:40 . 2010-01-27 19:40	12800	----a-w-	c:\documents and settings\komp\Dane aplikacji\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-10a0bb8d-n\decora-d3d.dll

2010-01-27 19:40 . 2010-01-27 19:43	411368	----a-w-	c:\windows\system32\deploytk.dll

2010-01-27 19:40 . 2010-01-27 19:42	79488	----a-w-	c:\documents and settings\komp\Dane aplikacji\Sun\Java\jre1.6.0_18\gtapi.dll

2010-01-27 19:40 . 2010-01-27 19:42	152576	----a-w-	c:\documents and settings\komp\Dane aplikacji\Sun\Java\jre1.6.0_18\lzma.dll

2010-01-27 19:36 . 2010-01-27 19:36	--------	d-----w-	C:\games

2010-01-26 20:10 . 2010-01-26 20:09	100864	--sh--r-	C:\df.exe

2010-01-24 20:18 . 2010-01-24 20:18	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\Wru

2010-01-24 20:16 . 2004-06-22 19:06	1040384	----a-w-	c:\windows\system32\GnucCOM.dll

2010-01-24 20:16 . 2010-01-24 20:17	--------	d-----w-	c:\program files\Wru

2010-01-24 17:42 . 2010-01-24 17:42	--------	d-----w-	c:\program files\Paint.NET

2010-01-24 17:42 . 2010-02-07 10:36	--------	d-----w-	c:\documents and settings\komp\Ustawienia lokalne\Dane aplikacji\Paint.NET

2010-01-24 17:41 . 2010-01-24 17:41	79400	----a-w-	c:\documents and settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat

2010-01-24 17:41 . 2010-01-24 17:41	--------	d-----w-	c:\windows\system32\XPSViewer

2010-01-24 17:40 . 2010-01-24 17:40	--------	d-----w-	c:\program files\MSBuild

2010-01-24 17:40 . 2010-01-24 17:40	--------	d-----w-	c:\program files\Reference Assemblies

2010-01-24 17:40 . 2008-07-06 12:06	89088	----a-w-	c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll

2010-01-24 17:40 . 2008-07-06 12:06	89088	-c----w-	c:\windows\system32\dllcache\filterpipelineprintproc.dll

2010-01-24 17:40 . 2008-07-06 12:06	575488	-c----w-	c:\windows\system32\dllcache\xpsshhdr.dll

2010-01-24 17:40 . 2008-07-06 12:06	575488	------w-	c:\windows\system32\xpsshhdr.dll

2010-01-24 17:40 . 2008-07-06 12:06	1676288	-c----w-	c:\windows\system32\dllcache\xpssvcs.dll

2010-01-24 17:40 . 2008-07-06 12:06	1676288	------w-	c:\windows\system32\xpssvcs.dll

2010-01-24 17:40 . 2008-07-06 12:06	117760	------w-	c:\windows\system32\prntvpt.dll

2010-01-24 17:40 . 2008-07-06 10:50	597504	-c----w-	c:\windows\system32\dllcache\printfilterpipelinesvc.exe

2010-01-24 17:40 . 2008-07-06 10:50	597504	------w-	c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe

2010-01-24 17:15 . 2010-01-24 17:15	--------	d-----r-	C:\AHCache

2010-01-24 09:12 . 2010-01-24 09:12	--------	d-----w-	c:\documents and settings\komp\Dane aplikacji\Gadu-Gadu

2010-01-24 09:10 . 2010-01-24 19:15	--------	d-----w-	c:\documents and settings\komp\Gadu-Gadu

2010-01-24 09:10 . 2010-01-25 19:11	--------	d-----w-	c:\program files\Gadu-Gadu

2010-01-23 20:32 . 2010-01-23 20:32	--------	d-----w-	c:\documents and settings\komp\Ustawienia lokalne\Dane aplikacji\AskToolbar

2010-01-23 20:32 . 2010-01-23 20:32	--------	d-----w-	c:\program files\PlayBox

2010-01-23 20:32 . 2010-01-23 20:32	--------	d-----w-	c:\documents and settings\komp\Dane aplikacji\PlayBox

2010-01-23 11:02 . 2009-09-04 16:29	1892184	----a-w-	c:\windows\system32\D3DX9_42.dll

2010-01-23 11:02 . 2006-11-29 12:06	3426072	----a-w-	c:\windows\system32\d3dx9_32.dll

2010-01-23 11:02 . 2006-09-28 15:05	2414360	----a-w-	c:\windows\system32\d3dx9_31.dll

2010-01-23 11:02 . 2010-01-23 11:02	--------	d-----w-	c:\windows\Logs

2010-01-23 10:59 . 2009-04-28 20:20	9200	------w-	c:\windows\system32\drivers\cdralw2k.sys

2010-01-23 10:59 . 2009-04-28 20:20	9072	------w-	c:\windows\system32\drivers\cdr4_xp.sys

2010-01-23 10:59 . 2009-04-28 20:20	129520	------w-	c:\windows\system32\pxafs.dll

2010-01-23 10:58 . 2010-02-01 20:02	--------	d-----w-	c:\documents and settings\komp\Dane aplikacji\Winamp

2010-01-20 19:42 . 2010-01-20 19:42	--------	d-----w-	c:\documents and settings\komp\Ustawienia lokalne\Dane aplikacji\Identities

2010-01-17 16:45 . 2010-01-17 16:45	--------	d-----w-	c:\documents and settings\komp\Ustawienia lokalne\Dane aplikacji\Adobe

2010-01-17 16:39 . 2010-01-17 16:39	--------	d-----w-	c:\program files\Common Files\Adobe

2010-01-16 13:44 . 2010-01-16 13:44	--------	d-----w-	c:\program files\Ask.com

2010-01-16 13:43 . 2010-01-16 14:03	--------	d-----w-	c:\documents and settings\komp\Dane aplikacji\uTorrent

2010-01-15 21:20 . 2010-01-15 21:20	--------	d-----w-	c:\documents and settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Google

2010-01-15 21:15 . 2010-01-31 15:21	--------	d-----w-	c:\documents and settings\komp\Ustawienia lokalne\Dane aplikacji\Temp

2010-01-15 21:15 . 2010-01-15 21:15	--------	d-----w-	c:\documents and settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google

2010-01-15 21:15 . 2010-02-10 13:47	--------	d-----w-	c:\program files\Google

2010-01-15 21:15 . 2010-01-27 20:24	--------	d-----w-	c:\documents and settings\komp\Ustawienia lokalne\Dane aplikacji\Google

2010-01-15 15:20 . 2005-02-11 09:24	79488	----a-w-	c:\windows\system32\drivers\k750obex.sys

2010-01-15 15:20 . 2005-02-11 09:24	6144	----a-w-	c:\windows\system32\drivers\k750cmnt.sys

2010-01-15 15:20 . 2005-02-11 09:24	6144	----a-w-	c:\windows\system32\drivers\k750cm.sys

2010-01-15 15:20 . 2005-02-11 09:22	81728	----a-w-	c:\windows\system32\drivers\k750mgmt.sys

2010-01-15 15:20 . 2005-02-11 09:21	89872	----a-w-	c:\windows\system32\drivers\k750mdm.sys

2010-01-15 15:20 . 2005-02-11 09:21	6576	----a-w-	c:\windows\system32\drivers\k750mdfl.sys

2010-01-15 15:20 . 2005-02-11 09:19	55216	----a-w-	c:\windows\system32\drivers\k750bus.sys

2010-01-15 15:20 . 2005-02-11 09:19	5744	----a-w-	c:\windows\system32\drivers\k750whnt.sys

2010-01-15 15:20 . 2005-02-11 09:19	5744	----a-w-	c:\windows\system32\drivers\k750wh.sys

2010-01-15 14:06 . 2010-01-15 14:43	--------	d-----w-	c:\documents and settings\komp\Dane aplikacji\bearsharemediabartb

2010-01-15 14:06 . 2010-01-15 14:10	--------	d-----w-	c:\documents and settings\komp\Ustawienia lokalne\Dane aplikacji\BearShare

2010-01-15 14:06 . 2010-01-15 14:06	--------	d-----w-	c:\program files\BearShare Applications

2010-01-15 08:41 . 2008-12-07 19:08	795648	----a-w-	c:\windows\system32\xvidcore.dll

2010-01-15 08:41 . 2010-01-15 08:41	--------	d-----w-	c:\program files\NAPI-PROJEKT

2010-01-15 08:41 . 2007-07-05 03:33	892928	----a-w-	c:\windows\system32\iconv.dll

2010-01-15 07:22 . 2010-01-15 07:22	0	----a-w-	c:\windows\nsreg.dat

2010-01-15 07:22 . 2010-01-15 07:22	--------	d-----w-	c:\documents and settings\komp\Ustawienia lokalne\Dane aplikacji\Mozilla

2010-01-14 19:43 . 2010-01-14 19:43	--------	d--h--w-	c:\windows\system32\GroupPolicy

2010-01-14 15:14 . 2010-01-14 15:14	--------	d-----w-	c:\documents and settings\komp\Ustawienia lokalne\Dane aplikacji\cache

2010-01-14 15:12 . 2010-01-25 13:27	--------	d-----w-	c:\documents and settings\komp\Dane aplikacji\ipla

2010-01-14 15:12 . 2010-01-14 15:12	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\ipla

2010-01-14 15:12 . 2010-01-14 15:12	--------	d-----w-	c:\program files\ipla

2010-01-14 15:10 . 2010-01-15 13:44	--------	d-----w-	c:\documents and settings\komp\Dane aplikacji\Gadu-Gadu 10

2010-01-14 14:35 . 2010-01-14 14:35	--------	d-----w-	c:\documents and settings\komp\Ustawienia lokalne\Dane aplikacji\Opera

2010-01-14 14:35 . 2010-01-14 14:35	--------	d-----w-	c:\program files\Opera

2010-01-14 14:28 . 2010-01-14 14:28	--------	d-s---w-	c:\documents and settings\komp\UserData

2010-01-14 14:18 . 2010-01-14 14:18	169472	----a-w-	c:\documents and settings\komp\Dane aplikacji\Mikrotik\Winbox\3.25-673526164\wlan2.dll

2010-01-14 14:18 . 2010-01-14 14:18	10752	----a-w-	c:\documents and settings\komp\Dane aplikacji\Mikrotik\Winbox\3.25-673526164\system.dll


.

(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-02-04 20:54 . 2009-12-30 17:14	--------	d--h--w-	c:\program files\InstallShield Installation Information

2010-01-24 17:41 . 2009-12-30 13:30	22560	----a-w-	c:\documents and settings\komp\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT

2010-01-24 17:41 . 2004-08-04 10:00	88822	----a-w-	c:\windows\system32\perfc015.dat

2010-01-24 17:41 . 2004-08-04 10:00	500288	----a-w-	c:\windows\system32\perfh015.dat

2010-01-16 13:38 . 2009-12-31 13:43	--------	d-----w-	c:\documents and settings\komp\Dane aplikacji\HP

2010-01-01 10:24 . 2009-12-31 14:13	--------	d-----w-	c:\program files\Creative

2009-12-31 14:21 . 2009-12-31 14:21	--------	d-----w-	c:\documents and settings\komp\Dane aplikacji\Creative

2009-12-31 14:20 . 2009-12-31 14:20	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\Creative

2009-12-31 14:16 . 2009-12-30 17:15	--------	d-----w-	c:\program files\Common Files\InstallShield

2009-12-31 14:15 . 2009-12-31 14:15	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\muvee Technologies

2009-12-31 14:10 . 2009-12-31 14:10	129	----a-w-	c:\documents and settings\komp\Ustawienia lokalne\Dane aplikacji\fusioncache.dat

2009-12-31 13:59 . 2009-12-31 13:59	--------	d-----w-	c:\documents and settings\komp\Dane aplikacji\Microsoft Web Folders

2009-12-31 13:52 . 2009-12-31 13:44	81112	----a-w-	c:\windows\hpfins05.dat

2009-12-31 13:51 . 2009-12-31 13:51	--------	d-----w-	c:\program files\Common Files\Sonic Shared

2009-12-31 13:51 . 2009-12-31 13:51	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\Sonic

2009-12-31 13:51 . 2009-12-31 13:51	--------	d-----w-	c:\program files\Common Files\HP

2009-12-31 13:49 . 2009-12-31 13:49	--------	d-----w-	c:\program files\Hewlett-Packard

2009-12-31 13:49 . 2009-12-31 13:45	--------	d-----w-	c:\program files\HP

2009-12-31 13:49 . 2009-12-31 13:49	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\HP

2009-12-30 17:39 . 2009-12-30 17:39	--------	d-----w-	c:\program files\Common Files\Wise Installation Wizard

2009-12-30 17:39 . 2009-12-30 17:39	--------	d-----w-	c:\program files\NVIDIA Corporation

2009-12-30 17:39 . 2009-12-30 17:39	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\NVIDIA Corporation

2009-12-30 17:16 . 2009-12-30 17:12	16608	----a-w-	c:\windows\gdrv.sys

2009-12-30 17:15 . 2009-12-30 17:15	--------	d-----w-	c:\program files\Realtek

2009-12-30 17:14 . 2009-12-30 17:14	--------	d-----w-	c:\program files\AMD

2009-12-30 17:13 . 2009-12-30 17:13	--------	d-----w-	c:\documents and settings\komp\Dane aplikacji\InstallShield

2009-12-30 17:07 . 2009-12-30 17:07	--------	d-----w-	c:\program files\microsoft frontpage

2009-12-30 17:06 . 2009-12-30 17:06	--------	d-----w-	c:\program files\Usługi online

2009-12-30 17:04 . 2009-12-30 17:04	21856	----a-w-	c:\windows\system32\emptyregdb.dat

2009-12-30 12:20 . 2009-12-30 12:20	--------	d-----w-	c:\program files\ffdshow

2009-12-30 12:10 . 2009-12-30 17:06	87263	----a-w-	c:\windows\pchealth\helpctr\OfflineCache\index.dat

2009-12-21 13:47 . 2009-12-21 13:47	37376	----a-w-	c:\documents and settings\komp\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll

2009-12-21 13:47 . 2009-12-21 13:47	11776	----a-w-	c:\documents and settings\komp\Dane aplikacji\Gadu-Gadu 10\_userdata\npgg.2.dll

2009-12-14 19:15 . 2009-12-14 19:15	2146304	----a-w-	c:\windows\system32\GPhotos.scr

2009-11-13 22:57 . 2009-11-13 22:57	922112	------w-	c:\windows\system32\imapi2fs.dll

2009-11-13 22:57 . 2009-11-13 22:57	426496	------w-	c:\windows\system32\imapi2.dll

.


((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  

REGEDIT4


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0974BA1E-64EC-11DE-B2A5-E43756D89593}]

2009-12-20 09:51	87480	----a-w-	c:\program files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5B291E6C-9A74-4034-971B-A4B007A0B315}]

2010-01-10 13:29	450272	----a-w-	c:\program files\PlayBox\toolbar.ni.dll


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}]

2009-12-27 13:30	504248	----a-w-	c:\program files\BearShare Applications\MediaBar\DataMngr\IEBHO.dll


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]

2009-09-02 13:56	1175944	----a-w-	c:\program files\Ask.com\GenericAskToolbar.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{0974BA1E-64EC-11DE-B2A5-E43756D89593}"= "c:\program files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll" [2009-12-20 87480]

"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-09-02 1175944]

"{5B291E6C-9A74-4034-971B-A4B007A0B315}"= "c:\program files\PlayBox\toolbar.ni.dll" [2010-01-10 450272]


[HKEY_CLASSES_ROOT\clsid\{0974ba1e-64ec-11de-b2a5-e43756d89593}]


[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]

[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]

[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]

[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]


[HKEY_CLASSES_ROOT\clsid\{5b291e6c-9a74-4034-971b-a4b007a0b315}]

[HKEY_CLASSES_ROOT\Pugi.PugiObj.1]

[HKEY_CLASSES_ROOT\TypeLib\{810FCC0F-2CA3-414a-B8C8-550910C8B664}]

[HKEY_CLASSES_ROOT\Pugi.PugiObj]


[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{5B291E6C-9A74-4034-971B-A4B007A0B315}"= "c:\program files\PlayBox\toolbar.ni.dll" [2010-01-10 450272]

"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-09-02 1175944]


[HKEY_CLASSES_ROOT\clsid\{5b291e6c-9a74-4034-971b-a4b007a0b315}]

[HKEY_CLASSES_ROOT\Pugi.PugiObj.1]

[HKEY_CLASSES_ROOT\TypeLib\{810FCC0F-2CA3-414a-B8C8-550910C8B664}]

[HKEY_CLASSES_ROOT\Pugi.PugiObj]


[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]

[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]

[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]

[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ALLUpdate"="d:\program files\ALLPlayer\ALLUpdate.exe" [2009-06-04 869888]

"Gadu-Gadu"="c:\program files\Gadu-Gadu\gg.exe" [2008-03-20 2127296]

"Gadu-Gadu 10"="c:\program files\Gadu-Gadu 10\gg.exe" [2009-12-21 11919976]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-02-10 39408]


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"WiseStubReboot"="MSIEXEC" [X]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"GEST"="m‘|Lë" [X]

"RTHDCPL"="RTHDCPL.EXE" [2008-12-09 18063872]

"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2009-08-12 1735200]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-08-17 13877248]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-08-17 86016]

"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 49152]

"DataMngr"="c:\program files\BearShare Applications\MediaBar\DataMngr\DataMngrUI.exe" [2009-12-27 184760]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 113584]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]

"cFosSpeed"="c:\program files\cFosSpeed\cFosSpeed.exe" [2009-10-30 1047256]


[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]


c:\documents and settings\All Users\Menu Start\Programy\Autostart\

Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [2000-1-21 139316]


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]

"DisableTaskMgr"= 1 (0x1)

"DisableRegistryTools"= 1 (0x1)


[color=RED] Klucz Trybu Awaryjnego wymaga naprawy. Komputer nie może wejść w Tryb Awaryjny. [/color]


[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]

@="Driver Group"


[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys]

@="Driver"


[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]

@="DiskDrive"


[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

@="Hdc"


[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

@="Keyboard"


[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

@="Mouse"


[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

@="System"


[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

@="Volume"


[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

"FirewallOverride"=dword:00000001


[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]

"AntiVirusOverride"=dword:00000001

"AntiVirusDisableNotify"=dword:00000001

"FirewallDisableNotify"=dword:00000001

"FirewallOverride"=dword:00000001

"UpdatesDisableNotify"=dword:00000001

"UacDisableNotify"=dword:00000001


[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)


[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"d:\\Michal\\cs\\hl.exe"=

"c:\\Program Files\\Opera\\opera.exe"=

"c:\\Program Files\\BearShare Applications\\BearShare\\BearShare.exe"=

"c:\\Program Files\\Gadu-Gadu\\gg.exe"=

"c:\\Program Files\\Wru\\Wru.exe"=

"c:\\Program Files\\Gadu-Gadu 10\\gg.exe"=

"c:\\Riot Games\\League of Legends\\air\\LolClient.exe"=

"c:\\Riot Games\\League of Legends\\game\\League of Legends.exe"=

"c:\\Program Files\\NVIDIA Corporation\\nView\\nwiz.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqSTE08.exe"=

"c:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe"=

"c:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe"=

"c:\\WINDOWS\\RTHDCPL.EXE"=

"c:\\Program Files\\cFosSpeed\\cFosSpeed.exe"=


[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"8375:TCP"= 8375:TCP:League of Legends Launcher

"8375:UDP"= 8375:UDP:League of Legends Launcher

"6986:TCP"= 6986:TCP:League of Legends Launcher

"6986:UDP"= 6986:UDP:League of Legends Launcher

"6893:TCP"= 6893:TCP:League of Legends Launcher

"6893:UDP"= 6893:UDP:League of Legends Launcher

"6898:TCP"= 6898:TCP:League of Legends Launcher

"6898:UDP"= 6898:UDP:League of Legends Launcher


R0 AFPAnsi;G-DATA Ukrywacz Ansi;c:\windows\system32\drivers\AFPAnsi.sys [2010-02-04 43904]

R0 FO_PAnt;FotoOffice VirtualDisc Driver;c:\windows\system32\drivers\FO_PAnt.sys [2010-02-04 89216]

R3 abp470n5;abp470n5;\??\c:\windows\system32\drivers\fgjoon.sys --> c:\windows\system32\drivers\fgjoon.sys [?]

S2 gupdate;Usługa Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-15 135664]

.

Zawartość folderu 'Zaplanowane zadania'


2010-02-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-15 21:15]


2010-02-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-15 21:15]


2010-02-09 c:\windows\Tasks\HPpromotions journeysoftware.job

- c:\program files\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe [2005-04-22 16:36]


2010-02-10 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job

- c:\program files\Ask.com\UpdateTask.exe [2009-09-02 13:56]

.

.

------- Skan uzupełniający -------

.

uStart Page = hxxp://www.google.com/

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

Handler: toolbarchrome - {718733BC-AD64-4e5f-AC18-A85FBD75D54D} - c:\program files\PlayBox\toolbar.ni.dll

FF - ProfilePath - c:\documents and settings\komp\Dane aplikacji\Mozilla\Firefox\Profiles\jzzt2o41.default\

FF - prefs.js: browser.search.selectedEngine - Ask.com

FF - prefs.js: browser.startup.homepage - hxxp://www.google.pl/

FF - prefs.js: keyword.URL - hxxp://supertoolbar.ask.com/redirect?client=ff&src=kw&tb=UT2V5&o=15158&locale=en_US&q=

FF - plugin: c:\documents and settings\komp\Dane aplikacji\Gadu-Gadu 10\_userdata\npgg.2.dll

FF - plugin: c:\documents and settings\komp\Dane aplikacji\Mozilla\plugins\np-mswmp.dll

FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll

FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\npwachk.dll

.

- - - - USUNIĘTO PUSTE WPISY - - - -


HKCU-Run-uTorrent - d:\program files\uTorrent\uTorrent.exe

AddRemove-Video To MP3 Maker_is1 - c:\program files\AV2MP3\unins000.exe

AddRemove-uTorrent - d:\program files\uTorrent\uTorrent.exe




**************************************************************************


catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2010-02-10 15:16

Windows 5.1.2600 Dodatek Service Pack 3 NTFS


skanowanie ukrytych procesów ...  


skanowanie ukrytych wpisów autostartu ... 


skanowanie ukrytych plików ...  


skanowanie pomyślnie ukończone

ukryte pliki: 0


**************************************************************************

.

Czas ukończenia: 2010-02-10 15:18:04

ComboFix-quarantined-files.txt 2010-02-10 14:18


Przed: 137 643 098 112 bajtów wolnych

Po: 137 712 472 064 bajtów wolnych


WindowsXP-KB310994-SP2-Pro-BootDisk-PLK.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /usepmtimer


- - End Of File - - 768E7D9D0B321360ADE649ECD6BB8843

Z gory dzieki;]


(deFco247) #2

Zawartość logów wklejasz na wklej.org, wklej.to lub nopaste.pl, a w poście dajesz link.

Jest to infekcja Sality, która niszczy wszystkie pliki .exe i .dll na dysku, więc jej całkowite usuniecie jest b. trudne.

Do ponownego postawienia systemu może być potrzebna płytka z systemem.

Pobierz i nagraj na płytkę na niezainfekowanym komputerze DR Web LiveCD.

Włóż płytkę do zainfekowanego komputera, zakładając, że wcześniej ustawiłeś w BIOS-ie na startowanie kompa z CD/DVD, więc po restarcie powinien się uruchomić się skaner.

Wykonujesz pełny skan, leczysz co się da, reszta do usunięcia.

Skanujesz tyle razy, aż skaner nic nie znajdzie.

Jeśli po usuwaniu system się nie uruchomi, wkładasz do komputera płytkę z systemem i wykonujesz instalację nakładkową Windows.

Po ewentualnej instalacji nakładkowej wyłącz i włącz Przywracanie systemu na wszystkich dyskach. Instrukcja XP lub Vista.

Wykonaj pełny skan DR WEB CureIt.

Jeśli skaner nic nie znajdzie, dla pewności podaj log z Combofix (pobierz go na nowo) i wyłącz ponownie przywracanie systemu włączone przez Combofixa.


(Deloska1966) #3

Czy lepiej jak sformatuje kompa?


(deFco247) #4

Jak chcesz formatować, to wszystkie dyski i partycje bez wyjątku bez wykonywania kopii danych, szczególnie programów, instalatorów itp. Zachować można jedynie pliki multimedialne (filmy i muzyka).

Przed przeniesieniem plików ze starego komputera przeskanuj nośnik z nimi Dr.Web CureIt.


(Deloska1966) #5

no Ok dzieki tak zrobie :slight_smile:


(lazikar) #6

losii , proszę wklejać logi zgodnie z zasadami.