Co zrobić z VIDEO ADD-ON?

jacektleniony · 14 Listopad 2007 15:00

zainstalowałem HijackThis program co mam usunąć z logu i jak to zrobić ?

prosze o odpowiedz a oto log

Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:58:31, on 2007-11-14 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\VIDEOA~1\isfmntr.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Mouse Driver\MouseDrv.exe C:\WINDOWS\vsnpstd3.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\PROGRA~1\VIDEOA~1\isfmm.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\skeys.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\taskmgr.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Program Files\Video Add-on\isfmntr.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.bearshare.com/sidebar.html?src=ssb R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.bearshare.com/sidebar.html?src=ssb R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://media.fastclick.net/w/safepop.cg … =21110&c=4 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,SKEYS,userinit.exe,SKEYS /I O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: My Global Search Bar BHO - {37B85A21-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL O2 - BHO: (no name) - {43BF8E0C-886D-4103-8DDB-2DFE0E8A0168} - C:\Program Files\Video Add-on\isfmdl.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O3 - Toolbar: My Global Search Bar - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL O4 - HKLM…\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM…\Run: [RemoteControl] “C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe” O4 - HKLM…\Run: [CreativeMouse] C:\Program Files\Mouse Driver\MouseDrv.exe O4 - HKLM…\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe O4 - HKLM…\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU…\Run: [AQQ] C:\PROGRA~1\Wapster\AQQ\AQQ.exe O4 - HKLM…\Policies\Explorer\Run: [start] C:\PROGRA~1\VIDEOA~1\isfmntr.exe O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘USŁUGA LOKALNA’) O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘USŁUGA SIECIOWA’) O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’) O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’) O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra button: Pop-Up Blocker - {84536FE2-ABCD-3586-DCAB-40E286323737} - C:\Program Files\WINnerTweak3\PopUp Blocker.exe O9 - Extra ‘Tools’ menuitem: Pop-Up Blocker - {84536FE2-ABCD-3586-DCAB-40E286323737} - C:\Program Files\WINnerTweak3\PopUp Blocker.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wpmsg - {2E0AC5A0-3597-11D6-B3ED-0001021DC1C3} - C:\Program Files\Spik\url_wpmsg.dll O22 - SharedTaskScheduler: bothrops - {1977ce08-a38f-43db-a856-f4aa6122131b} - C:\WINDOWS\system32\xovdzz.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe – End of file - 5586 bytes

LostWorld · 14 Listopad 2007 15:02

Pobierz : SmitFraudFix

Tryb numer 2 i wklejasz raport **(C:\SmitfraudFix.txt).**Oczywiście w trybie awaryjnym.

Po tym

Daj log z Combofix

Opis użycia ComboFix jest na tej stronie z linku.

Log może być długi, więc zapisz go sobie gdzieś, a potem wklej na http://wklej.org/, a tu daj tylko link.

jacektleniony · 14 Listopad 2007 16:38

http://wklej.org/id/c579d8d136 to link do logu

a zresztą poradziłem dzięki

Very Happy

Gutek · 14 Listopad 2007 17:40

Daj log z ComboFix

jacektleniony · 15 Listopad 2007 06:58

nie wiem czy to to ale daje :

Microsoft ® DrWtsn32

Wystąpił wyjątek aplikacji:

Apl: C:\WINDOWS\System32\svchost.exe (pid=1060)

Kiedy: 2007-05-11 @ 01:49:11.750

Numer wyjątku: c0000005 (naruszenie praw dostępu)

*----> Informacje o systemie <----*

Nazwa komputera:

Nazwa użytkownika: ŸŸ

Identyfikator sesji terminala: 0

Liczba procesorów: 1

Wersja systemu Windows: 5.1

*----> Lista zadań <----*

0 System Process

4 System

604 smss.exe

684 csrss.exe

708 winlogon.exe

756 services.exe

768 lsass.exe

928 svchost.exe

1024 svchost.exe

1060 svchost.exe

1108 svchost.exe

1156 svchost.exe

376 skeys.exe

1404 alg.exe

2136 ServiceLayer.exe

2896 logonui.exe

3152 drwtsn32.exe

*----> Lista modułów <----*

(0000000001000000 - 0000000001006000: C:\WINDOWS\System32\svchost.exe

(000000000ffd0000 - 000000000fff8000: C:\WINDOWS\System32\rsaenh.dll

(0000000020000000 - 00000000202d2000: C:\WINDOWS\System32\xpsp2res.dll

(000000004cbd0000 - 000000004cbe0000: C:\WINDOWS\System32\xmlprovi.dll

(000000004d530000 - 000000004d588000: C:\WINDOWS\system32\WINHTTP.dll

(0000000057de0000 - 0000000057e16000: C:\WINDOWS\System32\unimdm.tsp

(0000000057e40000 - 0000000057e50000: C:\WINDOWS\System32\ndptsp.tsp

(0000000057e60000 - 0000000057e6b000: C:\WINDOWS\System32\kmddsp.tsp

(0000000057e70000 - 0000000057e78000: C:\WINDOWS\System32\ipconf.tsp

(0000000057e80000 - 0000000057e8a000: C:\WINDOWS\System32\hidphone.tsp

(0000000057e90000 - 0000000057ed6000: C:\WINDOWS\System32\h323.tsp

(0000000059410000 - 00000000595da000: C:\WINDOWS\AppPatch\AcGenral.DLL

(0000000059930000 - 000000005999d000: C:\WINDOWS\system32\wbem\wmiprvsd.dll

(000000005a840000 - 000000005a868000: c:\windows\system32\wbem\wmisvc.dll

(000000005b1d0000 - 000000005b208000: C:\WINDOWS\System32\UxTheme.dll

(000000005b4d0000 - 000000005b4e5000: C:\WINDOWS\System32\unimdmat.dll

(000000005b500000 - 000000005b507000: C:\WINDOWS\System32\umdmxfrm.dll

(000000005cfe0000 - 000000005d006000: C:\WINDOWS\System32\ShimEng.dll

(000000005d1e0000 - 000000005d1e7000: C:\WINDOWS\System32\serwvdrv.dll

(000000005d520000 - 000000005d5b7000: C:\WINDOWS\system32\comctl32.dll

(000000005fbd0000 - 000000005fbde000: C:\WINDOWS\system32\wbem\ncprov.dll

(000000005fc00000 - 000000005fc0c000: C:\WINDOWS\system32\NCObjAPI.DLL

(0000000061ae0000 - 0000000061b09000: C:\WINDOWS\system32\modemui.dll

(0000000066780000 - 00000000667d8000: C:\WINDOWS\System32\hnetcfg.dll

(0000000066940000 - 0000000066995000: c:\windows\system32\ipnathlp.dll

(0000000068df0000 - 0000000068df9000: C:\WINDOWS\System32\HID.DLL

(000000006f8f0000 - 000000006fa00000: c:\windows\system32\ESENT.dll

(000000006ff40000 - 000000006ff94000: C:\WINDOWS\system32\NETAPI32.dll

(0000000070e00000 - 0000000070e0d000: c:\windows\system32\audiosrv.dll

(00000000719f0000 - 0000000071a30000: C:\WINDOWS\system32\mswsock.dll

(0000000071a30000 - 0000000071a38000: C:\WINDOWS\System32\wshtcpip.dll

(0000000071a40000 - 0000000071a48000: c:\windows\system32\WS2HELP.dll

(0000000071a50000 - 0000000071a67000: c:\windows\system32\WS2_32.dll

(0000000071a70000 - 0000000071a7a000: C:\WINDOWS\system32\WSOCK32.dll

(0000000071ba0000 - 0000000071bb3000: C:\WINDOWS\System32\SAMLIB.dll

(0000000071ca0000 - 0000000071ceb000: C:\WINDOWS\system32\kerberos.dll

(0000000071fb0000 - 0000000071fb7000: C:\WINDOWS\System32\uniplat.dll

(00000000721f0000 - 0000000072225000: C:\WINDOWS\System32\rasppp.dll

(0000000072280000 - 000000007228d000: c:\windows\system32\sens.dll

(0000000072380000 - 000000007239c000: C:\WINDOWS\System32\WinSCard.dll

(0000000072410000 - 0000000072440000: C:\WINDOWS\System32\rasmans.dll

(0000000072440000 - 0000000072446000: C:\WINDOWS\System32\ntlsapi.dll

(0000000072fc0000 - 0000000072fd0000: C:\WINDOWS\System32\WZCSAPI.DLL

(0000000073370000 - 00000000733af000: c:\windows\system32\tapisrv.dll

(0000000073cb0000 - 0000000073cb8000: c:\windows\system32\seclogon.dll

(0000000073cc0000 - 0000000073cd7000: C:\WINDOWS\system32\wbem\wbemcons.dll

(0000000074310000 - 000000007431b000: C:\WINDOWS\System32\WINIPSEC.DLL

(0000000074a80000 - 0000000074a88000: c:\windows\system32\POWRPROF.dll

(0000000074e80000 - 0000000074e8e000: C:\WINDOWS\system32\wbem\wbemsvc.dll

(0000000074eb0000 - 0000000074ebc000: C:\WINDOWS\system32\SSDPAPI.dll

(0000000074ef0000 - 0000000074efc000: c:\windows\pchealth\helpctr\binaries\pchsvc.dll

(0000000074f00000 - 0000000074f05000: C:\WINDOWS\System32\MSIDLE.DLL

(0000000074f30000 - 0000000074f39000: c:\windows\system32\ersvc.dll

(0000000074f40000 - 0000000074f49000: c:\windows\system32\dmserver.dll

(0000000074fd0000 - 0000000074fec000: C:\WINDOWS\system32\wbem\wmiutils.dll

(0000000075020000 - 0000000075039000: c:\windows\system32\trkwks.dll

(0000000075040000 - 000000007505a000: c:\windows\system32\srvsvc.dll

(0000000075060000 - 0000000075072000: C:\WINDOWS\System32\RESUTILS.DLL

(00000000750a0000 - 00000000750b3000: C:\WINDOWS\system32\MTXCLU.DLL

(00000000750e0000 - 00000000750f4000: C:\WINDOWS\system32\colbact.DLL

(0000000075150000 - 000000007517e000: c:\windows\system32\srsvc.dll

(00000000751b0000 - 00000000751de000: C:\WINDOWS\system32\wbem\repdrvfs.dll

(0000000075240000 - 0000000075277000: C:\WINDOWS\System32\Wbem\wbemcomn.dll

(00000000752c0000 - 00000000752ff000: C:\WINDOWS\System32\Wbem\esscli.dll

(0000000075300000 - 0000000075333000: c:\windows\system32\certcli.dll

(0000000075340000 - 0000000075386000: C:\WINDOWS\system32\wbem\wbemess.dll

(0000000075390000 - 00000000753fd000: C:\WINDOWS\system32\VSSAPI.DLL

(0000000075500000 - 00000000755a8000: C:\WINDOWS\System32\RASDLG.dll

(00000000755b0000 - 000000007564c000: C:\WINDOWS\system32\netcfgx.dll

(0000000075650000 - 00000000756c6000: C:\WINDOWS\System32\Wbem\FastProx.dll

(0000000075d70000 - 0000000075e01000: C:\WINDOWS\system32\mlang.dll

(0000000075e60000 - 0000000075f10000: C:\WINDOWS\System32\SXS.DLL

(0000000075f10000 - 0000000075f21000: C:\WINDOWS\System32\rastapi.dll

(0000000076050000 - 00000000760b5000: C:\WINDOWS\System32\MSVCP60.dll

(00000000760c0000 - 00000000761fa000: C:\WINDOWS\system32\comsvcs.dll

(0000000076330000 - 0000000076340000: C:\WINDOWS\System32\WINSTA.dll

(00000000763d0000 - 0000000076578000: c:\windows\system32\netshell.dll

(0000000076650000 - 00000000766d5000: C:\WINDOWS\System32\Wbem\wbemcore.dll

(0000000076770000 - 000000007677c000: C:\WINDOWS\System32\cryptdll.dll

(0000000076780000 - 0000000076793000: c:\windows\system32\NTDSAPI.dll

(00000000767a0000 - 00000000767cd000: c:\windows\system32\w32time.dll

(00000000767d0000 - 00000000767f7000: C:\WINDOWS\System32\SCHANNEL.dll

(00000000768b0000 - 0000000076932000: C:\WINDOWS\system32\CRYPTUI.dll

(00000000769a0000 - 0000000076a54000: C:\WINDOWS\system32\USERENV.dll

(0000000076b00000 - 0000000076b11000: c:\windows\system32\ATL.DLL

(0000000076b20000 - 0000000076b4e000: C:\WINDOWS\System32\WINMM.dll

(0000000076b50000 - 0000000076b83000: c:\windows\system32\schedsvc.dll

(0000000076bb0000 - 0000000076bcf000: C:\WINDOWS\System32\rastls.dll

(0000000076be0000 - 0000000076beb000: c:\windows\system32\PSAPI.DLL

(0000000076bf0000 - 0000000076c1e000: c:\windows\system32\credui.dll

(0000000076c20000 - 0000000076c4e000: C:\WINDOWS\system32\WINTRUST.dll

(0000000076c80000 - 0000000076ca8000: C:\WINDOWS\system32\IMAGEHLP.dll

(0000000076cd0000 - 0000000076ce4000: C:\WINDOWS\System32\raschap.dll

(0000000076d00000 - 0000000076d12000: c:\windows\system32\cryptsvc.dll

(0000000076d20000 - 0000000076d24000: c:\windows\system32\WMI.dll

(0000000076d30000 - 0000000076d48000: C:\WINDOWS\System32\MPRAPI.dll

(0000000076d50000 - 0000000076d69000: c:\windows\system32\iphlpapi.dll

(0000000076d70000 - 0000000076d8e000: c:\windows\system32\dhcpcsvc.dll

(0000000076d90000 - 0000000076da1000: C:\WINDOWS\System32\CLUSAPI.DLL

(0000000076dd0000 - 0000000076df3000: C:\WINDOWS\system32\upnp.dll

(0000000076e00000 - 0000000076e25000: C:\WINDOWS\System32\adsldpc.dll

(0000000076e30000 - 0000000076e53000: c:\windows\system32\wkssvc.dll

(0000000076e70000 - 0000000076e7e000: c:\windows\system32\rtutils.dll

(0000000076e80000 - 0000000076e92000: C:\WINDOWS\System32\rasman.dll

(0000000076ea0000 - 0000000076ecf000: C:\WINDOWS\System32\TAPI32.dll

(0000000076ed0000 - 0000000076f0c000: C:\WINDOWS\System32\RASAPI32.dll

(0000000076f10000 - 0000000076f37000: c:\windows\system32\DNSAPI.dll

(0000000076f40000 - 0000000076f48000: c:\windows\system32\WTSAPI32.dll

(0000000076f50000 - 0000000076f7d000: C:\WINDOWS\system32\WLDAP32.dll

(0000000076fb0000 - 0000000076fb6000: C:\WINDOWS\System32\rasadhlp.dll

(0000000076fc0000 - 000000007703f000: C:\WINDOWS\System32\CLBCATQ.DLL

(0000000077040000 - 000000007710d000: C:\WINDOWS\System32\COMRes.dll

(0000000077110000 - 000000007719c000: C:\WINDOWS\system32\OLEAUT32.dll

(00000000771a0000 - 0000000077247000: C:\WINDOWS\system32\WININET.dll

(0000000077310000 - 0000000077325000: c:\windows\system32\browser.dll

(00000000773c0000 - 00000000774c2000: C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

(00000000774d0000 - 000000007760c000: C:\WINDOWS\system32\ole32.dll

(0000000077610000 - 000000007767e000: c:\windows\system32\wzcsvc.dll

(0000000077680000 - 00000000776a1000: C:\WINDOWS\System32\NTMARTA.DLL

(00000000776b0000 - 00000000776c1000: c:\windows\system32\AUTHZ.dll

(00000000776d0000 - 00000000776f4000: c:\windows\system32\shsvcs.dll

(0000000077700000 - 0000000077741000: c:\windows\system32\es.dll

(0000000077910000 - 0000000077a06000: C:\WINDOWS\System32\SETUPAPI.dll

(0000000077a70000 - 0000000077b05000: C:\WINDOWS\system32\CRYPT32.dll

(0000000077b10000 - 0000000077b22000: C:\WINDOWS\system32\MSASN1.dll

(0000000077b30000 - 0000000077b52000: C:\WINDOWS\system32\Apphelp.dll

(0000000077bd0000 - 0000000077be5000: C:\WINDOWS\System32\MSACM32.dll

(0000000077bf0000 - 0000000077bf8000: C:\WINDOWS\system32\VERSION.dll

(0000000077c00000 - 0000000077c58000: C:\WINDOWS\system32\msvcrt.dll

(0000000077c60000 - 0000000077c83000: C:\WINDOWS\system32\msv1_0.dll

(0000000077cb0000 - 0000000077ce2000: C:\WINDOWS\System32\ACTIVEDS.dll

(0000000077cf0000 - 0000000077d23000: c:\windows\system32\netman.dll

(0000000077d30000 - 0000000077dc0000: C:\WINDOWS\system32\USER32.dll

(0000000077dc0000 - 0000000077e6c000: C:\WINDOWS\system32\ADVAPI32.dll

(0000000077e70000 - 0000000077f01000: C:\WINDOWS\system32\RPCRT4.dll

(0000000077f10000 - 0000000077f56000: C:\WINDOWS\system32\GDI32.dll

(0000000077f60000 - 0000000077fd6000: C:\WINDOWS\system32\SHLWAPI.dll

(0000000077fe0000 - 0000000077ff1000: c:\windows\system32\Secur32.dll

(000000007c800000 - 000000007c8fb000: C:\WINDOWS\system32\kernel32.dll

(000000007c900000 - 000000007c9b2000: C:\WINDOWS\system32\ntdll.dll

(000000007c9c0000 - 000000007d1db000: C:\WINDOWS\system32\SHELL32.dll

*----> Zrzut stanu dla wątku o identyfikatorze 0x438 <----*

eax=00000000 ebx=00000000 ecx=000004a0 edx=000b5f98 esi=000b5f88 edi=00000000

eip=7c918fea esp=0072fe4c ebp=0072fec0 iopl=0 nv up ei pl zr na po nc

cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246

*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\ntdll.dll -

funkcja: ntdll!RtlpWaitForCriticalSection

Error 0x80070057

BŁĄD ->7c918fea ff4010 inc dword ptr [eax+0x10] ds:0023:00000010=???

Error 0x80070057

*----> Wsteczne śledzenie stosu <----*

WARNING: Stack unwind information not available. Following frames may be wrong.

*** ERROR: Symbol file could not be found. Defaulted to export symbols for c:\windows\system32\wzcsvc.dll -

*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\kernel32.dll -

ChildEBP RetAddr Args to Child

0072fec0 7c90104b 000b5f88 7762c76f 000b5f88 ntdll!RtlpWaitForCriticalSection+0x5b

0072fee0 77635dbd 000b5f78 000b5f78 77635d96 ntdll!RtlEnterCriticalSection+0x46

0072fef8 7c927545 000b5f78 7c97c3a0 000c5e10 wzcsvc!SvchostPushServiceGlobals+0x351

0072ff40 7c927583 77635d96 000b5f78 00000000 ntdll!RtlUpcaseUnicodeString+0x159

0072ff60 7c927645 00000000 000b5f78 000c5e10 ntdll!RtlUpcaseUnicodeString+0x197

0072ff74 7c92761c 7c927569 00000000 000b5f78 ntdll!RtlUpcaseUnicodeString+0x259

0072ffb4 7c80b50b 00000000 00000000 00000000 ntdll!RtlUpcaseUnicodeString+0x230

0072ffec 00000000 7c910760 00000000 00000000 kernel32!GetModuleFileNameA+0x1b4

*----> Zrzut stosu <----*

000000000072fe4c 88 5f 0b 00 00 00 02 00 - 57 00 00 00 58 00 00 00 ._…W…X…

000000000072fe5c 00 00 00 00 06 00 22 00 - f8 6b 61 77 78 fe 72 00 …"…kawx.r.

000000000072fe6c 00 00 00 00 c8 05 91 7c - c0 64 0c 00 95 18 e7 76 …|.d…v

000000000072fe7c 78 5f 0b 00 00 00 02 00 - 57 00 00 00 78 5f 0b 00 x_…W…x_…

000000000072fe8c 00 00 02 00 57 00 00 00 - a8 fe 72 00 5b 1a e7 76 …W…r.[…v

000000000072fe9c 00 00 00 00 00 00 00 00 - 00 00 00 00 c0 fe 72 00 …r.

000000000072feac 04 32 63 77 00 00 00 00 - 06 00 02 00 00 00 00 00 .2cw…

000000000072febc a0 04 00 00 e0 fe 72 00 - 4b 10 90 7c 88 5f 0b 00 …r.K…|._…

000000000072fecc 6f c7 62 77 88 5f 0b 00 - 00 00 02 00 78 5f 0b 00 o.bw._…x_…

000000000072fedc 00 00 00 00 f8 fe 72 00 - bd 5d 63 77 78 5f 0b 00 …r…]cwx_…

000000000072feec 78 5f 0b 00 96 5d 63 77 - 00 00 00 00 40 ff 72 00 x_…]cw…@.r.

000000000072fefc 45 75 92 7c 78 5f 0b 00 - a0 c3 97 7c 10 5e 0c 00 Eu.|x_…|.^…

000000000072ff0c 00 00 00 00 14 00 00 00 - 01 00 00 00 00 00 00 00 …

000000000072ff1c 00 00 00 00 10 00 00 00 - 28 84 01 00 04 ff 72 00 …(…r.

000000000072ff2c 70 fa 72 00 dc ff 72 00 - 18 ee 90 7c 58 75 92 7c p.r…r…|Xu.|

000000000072ff3c 00 00 00 00 60 ff 72 00 - 83 75 92 7c 96 5d 63 77 …`.r…u.|.]cw

000000000072ff4c 78 5f 0b 00 00 00 00 00 - 00 00 00 00 a0 c3 97 7c x_…|

000000000072ff5c 80 c3 97 7c 74 ff 72 00 - 45 76 92 7c 00 00 00 00 …|t.r.Ev.|…

000000000072ff6c 78 5f 0b 00 10 5e 0c 00 - b4 ff 72 00 1c 76 92 7c x_…^…r…v.|

000000000072ff7c 69 75 92 7c 00 00 00 00 - 78 5f 0b 00 10 5e 0c 00 iu.|…x_…^…

LostWorld · 15 Listopad 2007 12:14

Nie chcemy loga z Dr.Wotsona tylko z Combofix.(opis użycia w przyklejonym temacie)