Komp zwalnia.... wirus... logi

mister12_1994 · 13 Maj 2007 11:46

tak jak w temacie: oto logi

Logfile of HijackThis v1.99.1 Scan saved at 13:45:24, on 2007-05-13 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe E:\PowerISO\PWRISOVM.EXE C:\WINDOWS\System32\ctfmon.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\System32\svchost.exe E:\Opera\Opera.exe E:\Gadu-Gadu\gg.exe C:\Program Files\Ahead\Nero StartSmart\NeroStartSmart.exe C:\Program Files\Ahead\nero\nero.exe C:\WINDOWS\System32\wuauclt.exe C:\DOCUME~1\menager\USTAWI~1\Temp\Rar$EX03.507\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotinfolink.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM…\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM…\Run: [avgnt] “C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe” /min O4 - HKLM…\Run: [PWRISOVM.EXE] E:\PowerISO\PWRISOVM.EXE O4 - HKLM…\Run: [6435748] winupdates.exe O4 - HKLM…\RunServices: [6435748] winupdates.exe O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU…\Run: [6435748] winupdates.exe O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra ‘Tools’ menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O17 - HKLM\System\CCS\Services\Tcpip…{F4AF2E8D-1210-4C2A-899E-C4D2A80CB379}: NameServer = 194.204.152.34 217.98.63.164 O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe

slake · 13 Maj 2007 11:54

Pliki na czerwono usuń ręcznie w trybie awaryjnym z wyłączonym przywracaniem systemu,a wpisy zafixuj.

mister12_1994 · 13 Maj 2007 12:04

a jak to zrobić w tym trybie avaryjnym??

Gutek · 13 Maj 2007 12:04

Daj log z Combofix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe

mister12_1994 · 13 Maj 2007 12:08

ComboFix 07-05.13.V - Running from: “C:\Documents and Settings\menager\Pulpit” (((((((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) C:\WINDOWS\system32.exe ((((((((((((((((((((((((((((((( Files Created from 2007-04-05 to 2007-05-13 )))))))))))))))))))))))))))))))))) 2007-05-13 13:38 2007-05-13 12:20 0 --a------ C:\WINDOWS\system32\directxclickers.exe 2007-05-13 11:15 7,680 --------- C:\WINDOWS\system32\bitsprx2.dll 2007-05-13 11:15 7,168 --------- C:\WINDOWS\system32\bitsprx3.dll 2007-05-13 11:15 17,408 --a------ C:\WINDOWS\system32\qmgrprxy.dll 2007-05-13 11:12 2007-05-13 11:09 466,200 --a------ C:\WINDOWS\system32\wuapi.dll 2007-05-13 11:09 41,240 --a------ C:\WINDOWS\system32\wups.dll 2007-05-13 11:09 195,352 --a------ C:\WINDOWS\system32\wuaueng1.dll 2007-05-13 11:09 175,384 --a------ C:\WINDOWS\system32\wuauclt1.exe 2007-05-13 11:09 173,536 --a------ C:\WINDOWS\system32\wuweb.dll 2007-05-13 11:09 128,280 --a------ C:\WINDOWS\system32\wucltui.dll 2007-05-13 11:09 2007-05-13 11:07 2007-05-13 11:06 2007-05-12 15:34 0 --a------ C:\WINDOWS\system32\ftpupd.exe 2007-05-12 13:44 2007-05-12 13:43 5 --ahs---- C:\WINDOWS\system32\acdde_g.dll 2007-05-12 10:24 310,272 --------- C:\WINDOWS\system32\winhttp.dll 2007-05-11 20:42 120,832 -r-hs---- C:\WINDOWS\system32\winupdates.exe 2007-05-11 20:41 2007-05-11 19:41 19,632 --a------ C:\WINDOWS\system32\NSecurity.exe 2007-05-11 14:48 98,304 --a------ C:\WINDOWS\system32\CmdLineExt.dll 2007-05-11 14:46 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll 2007-05-11 14:15 2007-05-11 14:12 2007-05-11 14:04 682,232 --a------ C:\WINDOWS\system32\drivers\sptd.sys 2007-05-11 13:48 2007-05-11 13:46 2007-05-11 13:43 8,192 --a------ C:\WINDOWS\system32\tsbyuv.dll 2007-05-11 13:43 50,688 --a------ C:\WINDOWS\system32\vfwwdm32.dll 2007-05-11 13:43 144,768 -ra------ C:\WINDOWS\system32\drivers\PA707UCM.SYS 2007-05-11 13:42 45,568 --a------ C:\WINDOWS\system32\iyuv_32.dll 2007-05-11 13:41 2007-05-11 13:41 2007-05-11 13:39 2007-05-11 13:19 2007-05-11 11:32 53,248 --a------ C:\WINDOWS\system32\PAStiSvc.exe 2007-05-11 11:32 198,424 --a------ C:\WINDOWS\system32\iuengine.dll 2007-05-11 11:31 2007-05-11 11:18 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 21:39 43,584 --a------ C:\WINDOWS\system32\drivers\avipbb.sys 2007-05-10 21:39 28,352 --a------ C:\WINDOWS\system32\drivers\ssmdrv.sys 2007-05-10 21:39 2007-05-10 21:37 79,616 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys 2007-05-10 21:37 57,472 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys 2007-05-10 21:37 54,272 --a------ C:\WINDOWS\system32\drivers\swmidi.sys 2007-05-10 21:37 50,048 --a------ C:\WINDOWS\system32\drivers\DMusic.sys 2007-05-10 21:37 5,632 --a------ C:\WINDOWS\system32\drivers\splitter.sys 2007-05-10 21:37 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys 2007-05-10 21:37 2,816 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys 2007-05-10 21:37 159,232 --a------ C:\WINDOWS\system32\drivers\kmixer.sys 2007-05-10 21:37 122,472 --a------ C:\WINDOWS\system32\drivers\aec.sys 2007-05-10 21:36 9,728 --a------ C:\WINDOWS\system32\drivers\gameenum.sys 2007-05-10 21:36 70,144 --a------ C:\WINDOWS\system32\usbui.dll 2007-05-10 21:36 57,088 --a------ C:\WINDOWS\system32\drivers\redbook.sys 2007-05-10 21:36 27,392 --a------ C:\WINDOWS\system32\drivers\VIAAGP.SYS 2007-05-10 21:36 2,944 --a------ C:\WINDOWS\system32\drivers\msmpu401.sys 2007-05-10 21:34 9,936 --a------ C:\WINDOWS\system\LZEXPAND.DLL 2007-05-10 21:34 9,168 --a------ C:\WINDOWS\system\VER.DLL 2007-05-10 21:34 85,532 --a------ C:\WINDOWS\system32\dgsetup.dll 2007-05-10 21:34 83,456 --a------ C:\WINDOWS\system\OLECLI.DLL 2007-05-10 21:34 8,192 -ra------ C:\WINDOWS\system32\kbdhept.dll 2007-05-10 21:34 71,680 --a------ C:\WINDOWS\system32\storprop.dll 2007-05-10 21:34 70,096 --a------ C:\WINDOWS\system\AVICAP.DLL 2007-05-10 21:34 7,168 --a------ C:\WINDOWS\system32\kbdcz.dll 2007-05-10 21:34 69,712 --a------ C:\WINDOWS\system\MMSYSTEM.DLL 2007-05-10 21:34 67,072 --a------ C:\WINDOWS\NOTEPAD.EXE 2007-05-10 21:34 6,656 -ra------ C:\WINDOWS\system32\kbdhela3.dll 2007-05-10 21:34 6,656 --a------ C:\WINDOWS\system32\kbdycl.dll 2007-05-10 21:34 6,656 --a------ C:\WINDOWS\system32\kbdsl1.dll 2007-05-10 21:34 6,656 --a------ C:\WINDOWS\system32\kbdsl.dll 2007-05-10 21:34 6,656 --a------ C:\WINDOWS\system32\kbdhu.dll 2007-05-10 21:34 6,656 --a------ C:\WINDOWS\system32\kbdcz2.dll 2007-05-10 21:34 6,656 --a------ C:\WINDOWS\system32\kbdcz1.dll 2007-05-10 21:34 6,656 --a------ C:\WINDOWS\system32\kbdcr.dll 2007-05-10 21:34 6,656 --a------ C:\WINDOWS\system32\KBDAL.DLL 2007-05-10 21:34 6,656 --a------ C:\WINDOWS\system32\batt.dll 2007-05-10 21:34 6,144 -ra------ C:\WINDOWS\system32\kbdtuq.dll 2007-05-10 21:34 6,144 -ra------ C:\WINDOWS\system32\kbdtuf.dll 2007-05-10 21:34 6,144 -ra------ C:\WINDOWS\system32\kbdlv1.dll 2007-05-10 21:34 6,144 -ra------ C:\WINDOWS\system32\kbdlv.dll 2007-05-10 21:34 6,144 -ra------ C:\WINDOWS\system32\kbdhela2.dll 2007-05-10 21:34 6,144 -ra------ C:\WINDOWS\system32\kbdgkl.dll 2007-05-10 21:34 6,144 -ra------ C:\WINDOWS\system32\kbdest.dll 2007-05-10 21:34 5,632 -ra------ C:\WINDOWS\system32\kbdmon.dll 2007-05-10 21:34 5,632 -ra------ C:\WINDOWS\system32\kbdlt1.dll 2007-05-10 21:34 5,632 -ra------ C:\WINDOWS\system32\kbdlt.dll 2007-05-10 21:34 5,632 -ra------ C:\WINDOWS\system32\kbdkyr.dll 2007-05-10 21:34 5,632 -ra------ C:\WINDOWS\system32\kbdhe319.dll 2007-05-10 21:34 5,632 -ra------ C:\WINDOWS\system32\kbdhe220.dll 2007-05-10 21:34 5,632 -ra------ C:\WINDOWS\system32\kbdhe.dll 2007-05-10 21:34 5,632 -ra------ C:\WINDOWS\system32\kbdazel.dll 2007-05-10 21:34 5,632 --a------ C:\WINDOWS\system32\kbdro.dll 2007-05-10 21:34 5,632 --a------ C:\WINDOWS\system32\kbdhu1.dll 2007-05-10 21:34 5,120 --a------ C:\WINDOWS\system\SHELL.DLL 2007-05-10 21:34 33,376 --a------ C:\WINDOWS\system\COMMDLG.DLL 2007-05-10 21:34 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll 2007-05-10 21:34 24,064 --a------ C:\WINDOWS\system\OLESVR.DLL 2007-05-10 21:34 19,200 --a------ C:\WINDOWS\system\TAPI.DLL 2007-05-10 21:34 176,157 --a------ C:\WINDOWS\system32\dgrpsetu.dll 2007-05-10 21:34 15,360 --a------ C:\WINDOWS\TASKMAN.EXE 2007-05-10 21:34 13,312 --a------ C:\WINDOWS\system32\irclass.dll 2007-05-10 21:34 127,008 --a------ C:\WINDOWS\system\MSVIDEO.DLL 2007-05-10 21:34 109,488 --a------ C:\WINDOWS\system\AVIFILE.DLL 2007-05-10 21:34 103,424 --a------ C:\WINDOWS\system32\EqnClass.Dll 2007-05-10 21:34 10,496 --a------ C:\WINDOWS\system32\drivers\irenum.sys 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:33 2007-05-10 21:23 212,992 --a------ C:\WINDOWS\system32\lxallcnt.dll 2007-05-10 21:19 2007-05-10 21:18 298,496 --a------ C:\WINDOWS\unin0415.exe 2007-05-10 21:18 24,832 --a------ C:\WINDOWS\system32\drivers\usbprint.sys 2007-05-10 21:13 50,007 --a------ C:\WINDOWS\system32\drivers\adildr.sys 2007-05-10 21:13 46,892 --a------ C:\WINDOWS\system32\adadix16.dll 2007-05-10 21:13 4,981 --a------ C:\WINDOWS\system32\adadix2k.dll 2007-05-10 21:13 36,224 --a------ C:\WINDOWS\system32\drivers\isapnp.sys 2007-05-10 21:13 22,395 --a------ C:\WINDOWS\system32\drivers\fpga.bin 2007-05-10 21:13 155,648 --a------ C:\WINDOWS\system32\adadix32.dll 2007-05-10 21:13 143,360 --a------ C:\WINDOWS\autoclk.exe 2007-05-10 21:13 127,456 --a------ C:\WINDOWS\system32\ipdetect.exe 2007-05-10 21:13 127,065 --a------ C:\WINDOWS\system32\drivers\adiusbaw.sys 2007-05-10 21:13 126,976 --a------ C:\WINDOWS\system32\coclassfast.dll 2007-05-10 21:13 114,688 --a------ C:\WINDOWS\system32\unaddrv.exe 2007-05-10 21:13 1,531,904 --a------ C:\WINDOWS\adiras.exe 2007-05-10 21:13 2007-05-10 21:12 2007-05-10 21:12 2007-05-10 21:10 2,916,352 --------- C:\WINDOWS\UNNMP.exe 2007-05-10 21:09 155,648 --a------ C:\WINDOWS\system32\NeroCheck.exe 2007-05-10 21:08 997,888 --a------ C:\WINDOWS\system32\wmvdmoe2.dll 2007-05-10 21:08 981,504 --a------ C:\WINDOWS\system32\wmnetmgr.dll 2007-05-10 21:08 892,416 --a------ C:\WINDOWS\system32\wmspdmoe.dll 2007-05-10 21:08 82,432 --a------ C:\WINDOWS\system32\drmstor.dll 2007-05-10 21:08 816,264 --a------ C:\WINDOWS\system32\wmvdmod.dll 2007-05-10 21:08 81,408 --a------ C:\WINDOWS\system32\logagent.exe 2007-05-10 21:08 760,968 --a------ C:\WINDOWS\system32\wmsdmod.dll 2007-05-10 21:08 678,912 --a------ C:\WINDOWS\system32\drmv2clt.dll 2007-05-10 21:08 670,208 --a------ C:\WINDOWS\system32\wmadmoe.dll 2007-05-10 21:08 6,656 --a------ C:\WINDOWS\system32\laprxy.dll 2007-05-10 21:08 486,536 --a------ C:\WINDOWS\system32\wmspdmod.dll 2007-05-10 21:08 410,248 --a------ C:\WINDOWS\system32\wmadmod.dll 2007-05-10 21:08 384,512 --a------ C:\WINDOWS\system32\mp4sdmod.dll 2007-05-10 21:08 316,040 --a------ C:\WINDOWS\system32\mp43dmod.dll 2007-05-10 21:08 301,712 --a------ C:\WINDOWS\system32\drmclien.dll 2007-05-10 21:08 253,952 --a------ C:\WINDOWS\system32\msnetobj.dll 2007-05-10 21:08 241,664 --a------ C:\WINDOWS\system32\qasf.dll 2007-05-10 21:08 241,664 --a------ C:\WINDOWS\system32\mpg4dmod.dll 2007-05-10 21:08 232,960 --a------ C:\WINDOWS\system32\blackbox.dll 2007-05-10 21:08 218,112 --a------ C:\WINDOWS\system32\wmasf.dll 2007-05-10 21:08 143,360 --a------ C:\WINDOWS\system32\wmidx.dll 2007-05-10 21:08 1,111,040 --a------ C:\WINDOWS\system32\wmsdmoe2.dll 2007-05-10 21:08 2007-05-10 21:07 476,320 --------- C:\WINDOWS\system32\ImagXpr7.dll 2007-05-10 21:07 471,040 --------- C:\WINDOWS\system32\ImagXRA7.dll 2007-05-10 21:07 38,912 --------- C:\WINDOWS\system32\picn20.dll 2007-05-10 21:07 364,544 --------- C:\WINDOWS\system32\TwnLib4.dll 2007-05-10 21:07 262,144 --------- C:\WINDOWS\system32\ImagXR7.dll 2007-05-10 21:07 24,064 --------- C:\WINDOWS\system32\msxml3a.dll 2007-05-10 21:07 2,977,792 --------- C:\WINDOWS\UNNeroVision.exe 2007-05-10 21:07 106,496 --a------ C:\WINDOWS\system32\TwnLib20.dll 2007-05-10 21:07 1,568,768 --------- C:\WINDOWS\system32\ImagX7.dll 2007-05-10 21:07 2007-05-10 21:07 2007-05-10 21:07 2007-05-10 21:05 2007-05-10 21:03 2007-05-10 21:02 98,816 --a------ C:\WINDOWS\system32\dmstyle.dll 2007-05-10 21:02 974,848 --a------ C:\WINDOWS\system32\dxdiag.exe 2007-05-10 21:02 83,968 --a------ C:\WINDOWS\system32\drivers\nabtsfec.sys 2007-05-10 21:02 80,896 --a------ C:\WINDOWS\system32\dpvsetup.exe 2007-05-10 21:02 8,192 --a------ C:\WINDOWS\system32\d3d8thk.dll 2007-05-10 21:02 797,184 --a------ C:\WINDOWS\system32\d3dim700.dll 2007-05-10 21:02 79,360 --a------ C:\WINDOWS\system32\dpwsockx.dll 2007-05-10 21:02 77,824 --a------ C:\WINDOWS\system32\dpmodemx.dll 2007-05-10 21:02 76,800 --a------ C:\WINDOWS\system32\dmscript.dll 2007-05-10 21:02 733,184 --a------ C:\WINDOWS\system32\qedwipes.dll 2007-05-10 21:02 723,968 --a------ C:\WINDOWS\system32\dpnet.dll 2007-05-10 21:02 7,424 --a------ C:\WINDOWS\system32\drivers\mskssrv.sys 2007-05-10 21:02 68,096 --a------ C:\WINDOWS\system32\dpnhupnp.dll 2007-05-10 21:02 667,648 --a------ C:\WINDOWS\system32\dinput8.dll 2007-05-10 21:02 648,704 --a------ C:\WINDOWS\system32\dinput.dll 2007-05-10 21:02 64,512 --a------ C:\WINDOWS\system32\amstream.dll 2007-05-10 21:02 602,624 --a------ C:\WINDOWS\system32\dx7vb.dll 2007-05-10 21:02 58,368 --a------ C:\WINDOWS\system32\dmcompos.dll 2007-05-10 21:02 52,096 --a------ C:\WINDOWS\system32\drivers\msdv.sys 2007-05-10 21:02 5,504 --a------ C:\WINDOWS\system32\drivers\mstee.sys 2007-05-10 21:02 5,248 --a------ C:\WINDOWS\system32\drivers\mspclock.sys 2007-05-10 21:02 491,520 --a------ C:\WINDOWS\system32\dsdmoprp.dll 2007-05-10 21:02 48,512 --a------ C:\WINDOWS\system32\drivers\stream.sys 2007-05-10 21:02 470,528 --a------ C:\WINDOWS\system32\qdvd.dll 2007-05-10 21:02 47,104 --a------ C:\WINDOWS\system32\wstdecod.dll 2007-05-10 21:02 46,592 --a------ C:\WINDOWS\system32\dxdllreg.exe 2007-05-10 21:02 4,608 --a------ C:\WINDOWS\system32\drivers\mspqm.sys 2007-05-10 21:02 4,096 --a------ C:\WINDOWS\system32\ksuser.dll 2007-05-10 21:02 4,096 --a------ C:\WINDOWS\system32\drivers\swenum.sys 2007-05-10 21:02 381,952 --a------ C:\WINDOWS\system32\dsound.dll 2007-05-10 21:02 381,952 --a------ C:\WINDOWS\system32\dpvoice.dll 2007-05-10 21:02 354,816 --a------ C:\WINDOWS\system32\psisdecd.dll 2007-05-10 21:02 34,304 --a------ C:\WINDOWS\system32\mciqtz32.dll 2007-05-10 21:02 33,280 --a------ C:\WINDOWS\system32\dmloader.dll 2007-05-10 21:02 324,096 --a------ C:\WINDOWS\system32\mswebdvd.dll 2007-05-10 21:02 32,768 --a------ C:\WINDOWS\system32\dpnhpast.dll 2007-05-10 21:02 316,928 --a------ C:\WINDOWS\system32\qdv.dll 2007-05-10 21:02 31,744 --a------ C:\WINDOWS\system32\pid.dll 2007-05-10 21:02 3,072 --a------ C:\WINDOWS\system32\dpnlobby.dll 2007-05-10 21:02 3,072 --a------ C:\WINDOWS\system32\dpnaddr.dll 2007-05-10 21:02 292,864 --a------ C:\WINDOWS\system32\ddraw.dll 2007-05-10 21:02 28,160 --a------ C:\WINDOWS\system32\dplaysvr.exe 2007-05-10 21:02 27,136 --a------ C:\WINDOWS\system32\dmband.dll 2007-05-10 21:02 257,024 --a------ C:\WINDOWS\system32\qcap.dll 2007-05-10 21:02 24,064 --a------ C:\WINDOWS\system32\ddrawex.dll 2007-05-10 21:02 230,400 --a------ C:\WINDOWS\system32\dplayx.dll 2007-05-10 21:02 19,968 --a------ C:\WINDOWS\system32\dpvacm.dll 2007-05-10 21:02 186,880 --a------ C:\WINDOWS\system32\dsdmo.dll 2007-05-10 21:02 181,248 --a------ C:\WINDOWS\system32\dmime.dll 2007-05-10 21:02 18,944 --a------ C:\WINDOWS\system32\encapi.dll 2007-05-10 21:02 18,688 --a------ C:\WINDOWS\system32\drivers\wstcodec.sys 2007-05-10 21:02 18,432 --a------ C:\WINDOWS\system32\dswave.dll 2007-05-10 21:02 16,896 --a------ C:\WINDOWS\system32\msyuv.dll 2007-05-10 21:02 16,896 --a------ C:\WINDOWS\system32\dpnsvr.exe 2007-05-10 21:02 16,384 --a------ C:\WINDOWS\system32\drivers\ccdecode.sys 2007-05-10 21:02 15,104 --a------ C:\WINDOWS\system32\drivers\mpe.sys 2007-05-10 21:02 14,976 --a------ C:\WINDOWS\system32\drivers\streamip.sys 2007-05-10 21:02 132,608 --a------ C:\WINDOWS\system32\devenum.dll 2007-05-10 21:02 130,304 --a------ C:\WINDOWS\system32\drivers\ks.sys 2007-05-10 21:02 13,312 --a------ C:\WINDOWS\system32\msdmo.dll 2007-05-10 21:02 122,880 --a------ C:\WINDOWS\system32\dmusic.dll 2007-05-10 21:02 112,128 --a------ C:\WINDOWS\system32\dpvvox.dll 2007-05-10 21:02 11,392 --a------ C:\WINDOWS\system32\drivers\bdasup.sys 2007-05-10 21:02 100,864 --a------ C:\WINDOWS\system32\dmsynth.dll 2007-05-10 21:02 10,880 --a------ C:\WINDOWS\system32\drivers\slip.sys 2007-05-10 21:02 10,496 --a------ C:\WINDOWS\system32\drivers\dxapi.sys 2007-05-10 21:02 10,112 --a------ C:\WINDOWS\system32\drivers\ndisip.sys 2007-05-10 21:02 1,962,496 --a------ C:\WINDOWS\system32\quartz.dll 2007-05-10 21:02 1,798,144 --a------ C:\WINDOWS\system32\qedit.dll 2007-05-10 21:02 1,769,472 --a------ C:\WINDOWS\system32\dxdiagn.dll 2007-05-10 21:02 1,703,936 --a------ C:\WINDOWS\system32\d3d9.dll 2007-05-10 21:02 1,294,336 --a------ C:\WINDOWS\system32\dsound3d.dll 2007-05-10 21:02 1,230,336 --a------ C:\WINDOWS\system32\msvidctl.dll 2007-05-10 21:02 1,201,152 --a------ C:\WINDOWS\system32\d3d8.dll 2007-05-10 21:02 1,189,888 --a------ C:\WINDOWS\system32\dx8vb.dll 2007-05-10 20:58 2007-05-10 20:57 516,096 --------- C:\WINDOWS\system32\ati2sgag.exe 2007-05-10 20:57 294,912 -ra------ C:\WINDOWS\system32\atiiiexx.dll 2007-05-10 20:57 151,552 -ra------ C:\WINDOWS\system32\ATIDEMGR.dll 2007-05-10 20:57 2007-05-10 20:55 23,040 -ra------ C:\WINDOWS\system32\drivers\GVCplDrv.sys 2007-05-10 20:54 655,596 --a------ C:\WINDOWS\system32\drivers\ALCXWDM.SYS 2007-05-10 20:54 57,344 --a------ C:\WINDOWS\system32\drivers\drmk.sys 2007-05-10 20:54 46,592 --a------ C:\WINDOWS\SOUNDMAN.EXE 2007-05-10 20:54 208,896 --------- C:\WINDOWS\alcupd.exe 2007-05-10 20:54 19,072 --a------ C:\WINDOWS\system32\drivers\usbehci.sys 2007-05-10 20:54 135,168 --------- C:\WINDOWS\alcrmv.exe 2007-05-10 20:54 135,040 --a------ C:\WINDOWS\system32\drivers\portcls.sys 2007-05-10 20:54 2007-05-10 20:54 2007-05-10 20:54 2007-05-10 20:54 2007-05-10 20:54 2007-05-10 20:52 306,688 --a------ C:\WINDOWS\IsUninst.exe 2007-05-10 20:52 3,279 --a------ C:\WINDOWS\system32\drivers\VIAPFD.SYS 2007-05-10 20:52 27,904 --a------ C:\WINDOWS\system32\drivers\VIAAGP1.SYS 2007-05-10 20:52 2007-05-10 20:52 2007-05-10 20:51 24,064 --a------ C:\WINDOWS\autoload.exe 2007-05-10 20:50 1,310,720 --ah----- C:\DOCUME~1\menager\NTUSER.DAT 2007-05-10 20:50 2007-05-10 20:50 2007-05-10 20:50 2007-05-10 20:50 2007-05-10 20:50 2007-05-10 20:50 2007-05-10 20:50 2007-05-10 20:50 2007-05-10 20:49 237,568 --ah----- C:\DOCUME~1\NETWOR~1\NTUSER.DAT 2007-05-10 20:49 237,568 --ah----- C:\DOCUME~1\LOCALS~1\NTUSER.DAT 2007-05-10 20:49 2007-05-10 20:49 2007-05-10 20:49 2007-05-10 20:49 2007-05-10 20:49 2007-05-10 20:49 2007-05-10 20:45 237,568 —h----- C:\DOCUME~1\DEFAUL~1\NTUSER.DAT 2007-05-10 20:45 112,128 --a------ C:\WINDOWS\system32\mapi32.dll 2007-05-10 20:45 0 -rahs---- C:\MSDOS.SYS 2007-05-10 20:45 0 -rahs---- C:\IO.SYS 2007-05-10 20:45 0 --a------ C:\CONFIG.SYS 2007-05-10 20:45 0 --a------ C:\AUTOEXEC.BAT 2007-05-10 20:45 2007-05-10 20:45 2007-05-10 20:44 2007-05-10 20:43 360,448 --a------ C:\WINDOWS\system32\qmgr.dll 2007-05-10 20:43 2007-05-10 20:43 2007-05-10 20:43 2007-05-10 20:43 2007-05-10 20:43 2007-05-10 20:42 90,624 --a------ C:\WINDOWS\system32\msoert2.dll 2007-05-10 20:42 9,728 --a------ C:\WINDOWS\system32\mstinit.exe 2007-05-10 20:42 81,920 --a------ C:\WINDOWS\system32\isign32.dll 2007-05-10 20:42 73,728 --a------ C:\WINDOWS\system32\ils.dll 2007-05-10 20:42 70,400 --a------ C:\WINDOWS\system32\drivers\sr.sys 2007-05-10 20:42 69,632 --a------ C:\WINDOWS\system32\icwdial.dll 2007-05-10 20:42 67,584 --a------ C:\WINDOWS\system32\acctres.dll 2007-05-10 20:42 65,536 --a------ C:\WINDOWS\system32\msconf.dll 2007-05-10 20:42 61,952 --a------ C:\WINDOWS\system32\srclient.dll 2007-05-10 20:42 61,440 --a------ C:\WINDOWS\system32\icwphbk.dll 2007-05-10 20:42 593,920 --a------ C:\WINDOWS\system32\inetcomm.dll 2007-05-10 20:42 49,152 --a------ C:\WINDOWS\system32\inetres.dll 2007-05-10 20:42 40,960 --a------ C:\WINDOWS\system32\safrslv.dll 2007-05-10 20:42 39,424 --a------ C:\WINDOWS\system32\safrcdlg.dll 2007-05-10 20:42 33,792 --a------ C:\WINDOWS\system32\racpldlg.dll 2007-05-10 20:42 32,768 --a------ C:\WINDOWS\system32\mnmsrvc.exe 2007-05-10 20:42 32,384 --a------ C:\WINDOWS\system32\mnmdd.dll 2007-05-10 20:42 28,672 --a------ C:\WINDOWS\system32\isrdbg32.dll 2007-05-10 20:42 270,336 --a------ C:\WINDOWS\system32\inetcfg.dll 2007-05-10 20:42 26,624 --a------ C:\WINDOWS\system32\safrdm.dll 2007-05-10 20:42 253,440 --a------ C:\WINDOWS\system32\mstask.dll 2007-05-10 20:42 24,576 --a------ C:\WINDOWS\system32\nmmkcert.dll 2007-05-10 20:42 228,864 --a------ C:\WINDOWS\system32\msoeacct.dll 2007-05-10 20:42 219,136 --a------ C:\WINDOWS\system32\srrstr.dll 2007-05-10 20:42 16,384 --a------ C:\WINDOWS\system32\icfgnt5.dll 2007-05-10 20:42 159,744 --a------ C:\WINDOWS\system32\schedsvc.dll 2007-05-10 20:42 155,648 --a------ C:\WINDOWS\system32\srsvc.dll 2007-05-10 20:42 12,288 --a------ C:\WINDOWS\system32\nmevtmsg.dll 2007-05-10 20:42 11,264 --a------ C:\WINDOWS\system32\atrace.dll 2007-05-10 20:42 2007-05-10 20:42 2007-05-10 20:42 2007-05-10 20:42 2007-05-10 20:42 2007-05-10 20:41 21,856 --a------ C:\WINDOWS\system32\emptyregdb.dat 2007-05-10 20:41 2007-05-10 20:41 2007-05-10 20:41 2007-05-10 20:40 99,328 --a------ C:\WINDOWS\system32\clipbrd.exe 2007-05-10 20:40 9,728 --a------ C:\WINDOWS\system32\xolehlp.dll 2007-05-10 20:40 9,728 --a------ C:\WINDOWS\system32\reset.exe 2007-05-10 20:40 89,600 --a------ C:\WINDOWS\system32\tscfgwmi.dll 2007-05-10 20:40 869,376 --a------ C:\WINDOWS\system32\msdtctm.dll 2007-05-10 20:40 85,504 --a------ C:\WINDOWS\system32\catsrvps.dll 2007-05-10 20:40 83,968 --a------ C:\WINDOWS\system32\mtxoci.dll 2007-05-10 20:40 82,432 --a------ C:\WINDOWS\system32\comrepl.dll 2007-05-10 20:40 80,896 --a------ C:\WINDOWS\system32\charmap.exe 2007-05-10 20:40 8,704 --a------ C:\WINDOWS\system32\icaapi.dll 2007-05-10 20:40 73,864 --a------ C:\WINDOWS\system32\rdpwsx.dll 2007-05-10 20:40 73,216 --a------ C:\WINDOWS\system32\avwav.dll 2007-05-10 20:40 61,952 --a------ C:\WINDOWS\system32\rdshost.exe 2007-05-10 20:40 605,696 --a------ C:\WINDOWS\system32\getuname.dll 2007-05-10 20:40 6,144 --a------ C:\WINDOWS\system32\msdtc.exe 2007-05-10 20:40 583,168 --a------ C:\WINDOWS\system32\catsrvut.dll 2007-05-10 20:40 57,344 --a------ C:\WINDOWS\system32\sol.exe 2007-05-10 20:40 57,344 --a------ C:\WINDOWS\system32\licwmi.dll 2007-05-10 20:40 56,832 --a------ C:\WINDOWS\system32\remotepg.dll 2007-05-10 20:40 56,832 --a------ C:\WINDOWS\system32\colbact.dll 2007-05-10 20:40 55,808 --a------ C:\WINDOWS\system32\freecell.exe 2007-05-10 20:40 54,784 --a------ C:\WINDOWS\system32\msdtclog.dll 2007-05-10 20:40 54,272 --a------ C:\WINDOWS\system32\stclient.dll 2007-05-10 20:40 534,016 --a------ C:\WINDOWS\system32\spider.exe 2007-05-10 20:40 53,248 --a------ C:\WINDOWS\system32\servdeps.dll 2007-05-10 20:40 503,296 --a------ C:\WINDOWS\system32\mstscax.dll 2007-05-10 20:40 5,632 --a------ C:\WINDOWS\system32\write.exe 2007-05-10 20:40 5,120 --a------ C:\WINDOWS\system32\dcomcnfg.exe 2007-05-10 20:40 495,616 --a------ C:\WINDOWS\system32\comuid.dll 2007-05-10 20:40 494,592 --a------ C:\WINDOWS\system32\hypertrm.dll 2007-05-10 20:40 468,480 --a------ C:\WINDOWS\system32\clbcatq.dll 2007-05-10 20:40 44,544 --a------ C:\WINDOWS\system32\hticons.dll 2007-05-10 20:40 41,984 --a------ C:\WINDOWS\system32\rdpclip.exe 2007-05-10 20:40 40,448 --a------ C:\WINDOWS\system32\tscupgrd.exe 2007-05-10 20:40 4,608 --a------ C:\WINDOWS\system32\rdpcfgex.dll 2007-05-10 20:40 4,096 --a------ C:\WINDOWS\system32\wuauserv.dll 2007-05-10 20:40 4,096 --a------ C:\WINDOWS\system32\mtxex.dll 2007-05-10 20:40 387,072 --a------ C:\WINDOWS\system32\mstsc.exe 2007-05-10 20:40 37,896 --a------ C:\WINDOWS\system32\drivers\termdd.sys 2007-05-10 20:40 360,960 --a------ C:\WINDOWS\system32\msdtcprx.dll 2007-05-10 20:40 35,328 --a------ C:\WINDOWS\system32\winchat.exe 2007-05-10 20:40 342,016 --a------ C:\WINDOWS\system32\mspaint.exe 2007-05-10 20:40 33,792 --a------ C:\WINDOWS\system32\regini.exe 2007-05-10 20:40 32,768 --a------ C:\WINDOWS\system32\cfgbkend.dll 2007-05-10 20:40 25,600 --a------ C:\WINDOWS\system32\comaddin.dll 2007-05-10 20:40 25,088 --a------ C:\WINDOWS\system32\mtxlegih.dll 2007-05-10 20:40 231,424 --a------ C:\WINDOWS\system32\avtapi.dll 2007-05-10 20:40 22,528 --a------ C:\WINDOWS\system32\qwinsta.exe 2007-05-10 20:40 22,528 --a------ C:\WINDOWS\system32\msg.exe 2007-05-10 20:40 215,040 --a------ C:\WINDOWS\system32\catsrv.dll 2007-05-10 20:40 20,480 --a------ C:\WINDOWS\system32\mtxdm.dll 2007-05-10 20:40 20,232 --a------ C:\WINDOWS\system32\drivers\tdtcp.sys 2007-05-10 20:40 198,656 --a------ C:\WINDOWS\system32\termsrv.dll 2007-05-10 20:40 19,456 --a------ C:\WINDOWS\system32\qprocess.exe 2007-05-10 20:40 183,296 --a------ C:\WINDOWS\system32\accwiz.exe 2007-05-10 20:40 181,632 --a------ C:\WINDOWS\system32\drivers\rdpdr.sys 2007-05-10 20:40 177,152 --a------ C:\WINDOWS\system32\cmprops.dll 2007-05-10 20:40 17,920 --a------ C:\WINDOWS\system32\tsshutdn.exe 2007-05-10 20:40 17,408 --a------ C:\WINDOWS\system32\qappsrv.exe 2007-05-10 20:40 16,896 --a------ C:\WINDOWS\system32\mmfutil.dll 2007-05-10 20:40 16,384 --a------ C:\WINDOWS\system32\tskill.exe 2007-05-10 20:40 16,384 --a------ C:\WINDOWS\system32\rwinsta.exe 2007-05-10 20:40 16,384 --a------ C:\WINDOWS\system32\avmeter.dll 2007-05-10 20:40 151,040 --a------ C:\WINDOWS\system32\msdtcuiu.dll 2007-05-10 20:40 15,872 --a------ C:\WINDOWS\system32\logoff.exe 2007-05-10 20:40 15,872 --a------ C:\WINDOWS\system32\cdmodem.dll 2007-05-10 20:40 15,360 --a------ C:\WINDOWS\system32\tsdiscon.exe 2007-05-10 20:40 15,360 --a------ C:\WINDOWS\system32\tscon.exe 2007-05-10 20:40 15,360 --a------ C:\WINDOWS\system32\shadow.exe 2007-05-10 20:40 147,456 --a------ C:\WINDOWS\system32\comsnap.dll 2007-05-10 20:40 14,848 --a------ C:\WINDOWS\system32\rdpsnd.dll 2007-05-10 20:40 139,264 --a------ C:\WINDOWS\system32\sndvol32.exe 2007-05-10 20:40 134,656 --a------ C:\WINDOWS\system32\rdchost.dll 2007-05-10 20:40 131,072 --a------ C:\WINDOWS\system32\sessmgr.exe 2007-05-10 20:40 128,000 --a------ C:\WINDOWS\system32\mshearts.exe 2007-05-10 20:40 125,440 --a------ C:\WINDOWS\system32\sndrec32.exe 2007-05-10 20:40 125,208 --a------ C:\WINDOWS\system32\wuauclt.exe 2007-05-10 20:40 12,288 --a------ C:\WINDOWS\system32\rdsaddin.exe 2007-05-10 20:40 119,808 --a------ C:\WINDOWS\system32\winmine.exe 2007-05-10 20:40 118,272 --a------ C:\WINDOWS\system32\mplay32.exe 2007-05-10 20:40 115,200 --a------ C:\WINDOWS\system32\calc.exe 2007-05-10 20:40 11,144 --a------ C:\WINDOWS\system32\drivers\tdpipe.sys 2007-05-10 20:40 107,912 --a------ C:\WINDOWS\system32\drivers\rdpwd.sys 2007-05-10 20:40 100,864 --a------ C:\WINDOWS\system32\clbcatex.dll 2007-05-10 20:40 1,343,768 --a------ C:\WINDOWS\system32\wuaueng.dll 2007-05-10 20:40 1,225 --a------ C:\WINDOWS\system32\usrlogon.cmd 2007-05-10 20:40 1,139,200 --a------ C:\WINDOWS\system32\comsvcs.dll 2007-05-10 20:40 2007-05-10 20:40 2007-05-10 20:40 2007-05-10 20:40 2007-05-10 20:40 (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-05-11 17:05:57 163,644 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys 2007-05-10 19:19:05 67,298 ----a-w C:\WINDOWS\system32\perfc015.dat 2007-05-10 19:19:05 436,322 ----a-w C:\WINDOWS\system32\perfh015.dat 2007-05-10 18:43:33 -------- d-----w C:\Program Files\Usługi online 2007-04-09 12:27:07 31,548 ----a-w C:\WINDOWS\system32\drivers\scdemu.sys (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] “NeroFilterCheck”=“C:\WINDOWS\system32\NeroCheck.exe” “avgnt”="“C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe” /min" “PWRISOVM.EXE”=“E:\PowerISO\PWRISOVM.EXE” “6435748”=“winupdates.exe” [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “NeroFilterCheck”=“C:\WINDOWS\system32\NeroCheck.exe” [2001-07-09 10:50] “avgnt”=“C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe” [2007-04-02 10:35] “PWRISOVM.EXE”=“E:\PowerISO\PWRISOVM.EXE” [2007-04-09 14:23] “6435748”=“winupdates.exe” [2007-05-11 20:42 C:\WINDOWS\system32\winupdates.exe]) [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “CTFMON.EXE”=“C:\WINDOWS\System32\ctfmon.exe” [2001-10-26 19:29] “6435748”=“winupdates.exe” [2007-05-11 20:42 C:\WINDOWS\system32\winupdates.exe]) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] “CTFMON.EXE”=“C:\WINDOWS\System32\ctfmon.exe” “6435748”=“winupdates.exe” [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices] “6435748”=“winupdates.exe” [HKEY_USERS.default\software\microsoft\windows\currentversion\run] @="" “ATICCC”="“C:\Program Files\ATI Technologies\ATI.ACE\cli.exe” runtime" “Network Security”=“C:\WINDOWS\System32\NSecurity.exe” HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa Authentication Packages msv1_0\0\0 Security Packages kerberos\0msv1_0\0schannel\0wdigest\0\0 Notification Packages scecli\0\0 HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\c:^documents and settings^all users^menu start^programy^autostart^ati catalyst system tray.lnk C:\PROGRA~1\ATITEC~1\ATI.ACE\CLI.exe SystemTray HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\c:^documents and settings^all users^menu start^programy^autostart^microsoft office.lnk E:\MICROS~1\Office\OSA9.EXE -b -l HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\aticcc “C:\Program Files\ATI Technologies\ATI.ACE\cli.exe” runtime HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\atipta C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxsupmon C:\WINDOWS\System32\LXSUPMON.EXE RUN HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\soundman SOUNDMAN.EXE [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost] LocalService Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0 NetworkService DnsCache\0\0 rpcss RpcSs\0\0 imgsvc StiSvc\0\0 termsvcs TermService\0\0 HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost ******************************************************************** catchme 0.3.660 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-05-13 14:07:59 Windows 5.1.2600 NTFS scanning hidden processes … scanning hidden services … scanning hidden autostart entries … scanning hidden files … scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 ******************************************************************** Completion time: 2007-05-13 14:08:03 C:\ComboFix-quarantined-files.txt … 2007-05-13 14:08

Złączono Posta : 13.05.2007 (Nie) 15:48

a to nowe logi:

Logfile of HijackThis v1.99.1 Scan saved at 15:47:31, on 2007-05-13 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe E:\PowerISO\PWRISOVM.EXE C:\WINDOWS\System32\ctfmon.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\wuauclt.exe E:\Opera\Opera.exe E:\Gadu-Gadu\gg.exe E:\Foobar\foobar2000.exe C:\WINDOWS\System32\taskmgr.exe C:\DOCUME~1\menager\USTAWI~1\Temp\Rar$EX03.510\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotinfolink.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM…\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM…\Run: [avgnt] “C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe” /min O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O17 - HKLM\System\CCS\Services\Tcpip…{F4AF2E8D-1210-4C2A-899E-C4D2A80CB379}: NameServer = 194.204.152.34 217.98.63.164 O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe

Gutek · 13 Maj 2007 15:25

Pobierz The Avenger. Wypakuj => uruchom => zaznacz opcję Input script manually => kliknij w taką lupkę => w okienku, które się otworzy wklej:

kliknij klawisz Done => teraz kliknij na zielone światełko => powinna pojawić się pewna informacja i kliknij OK (teraz restart).

mister12_1994 · 13 Maj 2007 16:21

tak zrobiłem… co mam jeszcze zrobić??

Gutek · 13 Maj 2007 16:22

Nowy log z Combo wrzucić

mister12_1994 · 13 Maj 2007 16:28

ComboFix 07-05.13.V - Running from: “C:\Documents and Settings\menager” ((((((((((((((((((((((((((((((( Files Created from 2007-04-05 to 2007-05-13 )))))))))))))))))))))))))))))))))) 2007-05-13 18:18 2007-05-13 17:02 2007-05-13 15:41 524,288 --ah----- C:\DOCUME~1\ADMINI~1\NTUSER.DAT 2007-05-13 15:41 2007-05-13 15:41 2007-05-13 15:41 2007-05-13 15:41 2007-05-13 15:41 2007-05-13 15:41 2007-05-13 15:41 2007-05-13 14:08 49,152 --a------ C:\WINDOWS\nircmd.exe 2007-05-13 13:38 2007-05-13 12:20 0 --a------ C:\WINDOWS\system32\directxclickers.exe 2007-05-13 11:15 7,680 --------- C:\WINDOWS\system32\bitsprx2.dll 2007-05-13 11:15 7,168 --------- C:\WINDOWS\system32\bitsprx3.dll 2007-05-13 11:15 331,776 --a------ C:\WINDOWS\system32\winhttp.dll 2007-05-13 11:15 17,408 --a------ C:\WINDOWS\system32\qmgrprxy.dll 2007-05-13 11:12 2007-05-13 11:09 466,200 --a------ C:\WINDOWS\system32\wuapi.dll 2007-05-13 11:09 41,240 --a------ C:\WINDOWS\system32\wups.dll 2007-05-13 11:09 195,352 --a------ C:\WINDOWS\system32\wuaueng1.dll 2007-05-13 11:09 175,384 --a------ C:\WINDOWS\system32\wuauclt1.exe 2007-05-13 11:09 173,536 --a------ C:\WINDOWS\system32\wuweb.dll 2007-05-13 11:09 128,280 --a------ C:\WINDOWS\system32\wucltui.dll 2007-05-13 11:09 2007-05-13 11:07 2007-05-11 20:41 2007-05-11 19:41 19,632 --a------ C:\WINDOWS\system32\NSecurity.exe 2007-05-11 14:48 98,304 --a------ C:\WINDOWS\system32\CmdLineExt.dll 2007-05-11 14:46 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll 2007-05-11 14:15 2007-05-11 14:12 2007-05-11 14:04 682,232 --a------ C:\WINDOWS\system32\drivers\sptd.sys 2007-05-11 13:48 2007-05-11 13:46 2007-05-11 13:43 8,192 --a------ C:\WINDOWS\system32\tsbyuv.dll 2007-05-11 13:43 50,688 --a------ C:\WINDOWS\system32\vfwwdm32.dll 2007-05-11 13:43 144,768 -ra------ C:\WINDOWS\system32\drivers\PA707UCM.SYS 2007-05-11 13:42 45,568 --a------ C:\WINDOWS\system32\iyuv_32.dll 2007-05-11 13:41 2007-05-11 13:41 2007-05-11 13:39 2007-05-11 13:19 2007-05-11 11:32 53,248 --a------ C:\WINDOWS\system32\PAStiSvc.exe 2007-05-11 11:32 198,424 --a------ C:\WINDOWS\system32\iuengine.dll 2007-05-11 11:31 2007-05-11 11:18 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 21:39 43,584 --a------ C:\WINDOWS\system32\drivers\avipbb.sys 2007-05-10 21:39 28,352 --a------ C:\WINDOWS\system32\drivers\ssmdrv.sys 2007-05-10 21:39 2007-05-10 21:37 79,616 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys 2007-05-10 21:37 57,472 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys 2007-05-10 21:37 54,272 --a------ C:\WINDOWS\system32\drivers\swmidi.sys 2007-05-10 21:37 50,048 --a------ C:\WINDOWS\system32\drivers\DMusic.sys 2007-05-10 21:37 5,632 --a------ C:\WINDOWS\system32\drivers\splitter.sys 2007-05-10 21:37 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys 2007-05-10 21:37 2,816 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys 2007-05-10 21:37 159,232 --a------ C:\WINDOWS\system32\drivers\kmixer.sys 2007-05-10 21:37 122,472 --a------ C:\WINDOWS\system32\drivers\aec.sys 2007-05-10 21:36 9,728 --a------ C:\WINDOWS\system32\drivers\gameenum.sys 2007-05-10 21:36 70,144 --a------ C:\WINDOWS\system32\usbui.dll 2007-05-10 21:36 57,088 --a------ C:\WINDOWS\system32\drivers\redbook.sys 2007-05-10 21:36 27,392 --a------ C:\WINDOWS\system32\drivers\VIAAGP.SYS 2007-05-10 21:36 2,944 --a------ C:\WINDOWS\system32\drivers\msmpu401.sys 2007-05-10 21:34 9,936 --a------ C:\WINDOWS\system\LZEXPAND.DLL 2007-05-10 21:34 9,168 --a------ C:\WINDOWS\system\VER.DLL 2007-05-10 21:34 85,532 --a------ C:\WINDOWS\system32\dgsetup.dll 2007-05-10 21:34 83,456 --a------ C:\WINDOWS\system\OLECLI.DLL 2007-05-10 21:34 8,192 -ra------ C:\WINDOWS\system32\kbdhept.dll 2007-05-10 21:34 71,680 --a------ C:\WINDOWS\system32\storprop.dll 2007-05-10 21:34 70,096 --a------ C:\WINDOWS\system\AVICAP.DLL 2007-05-10 21:34 7,168 --a------ C:\WINDOWS\system32\kbdcz.dll 2007-05-10 21:34 69,712 --a------ C:\WINDOWS\system\MMSYSTEM.DLL 2007-05-10 21:34 67,072 --a------ C:\WINDOWS\NOTEPAD.EXE 2007-05-10 21:34 6,656 -ra------ C:\WINDOWS\system32\kbdhela3.dll 2007-05-10 21:34 6,656 --a------ C:\WINDOWS\system32\kbdycl.dll 2007-05-10 21:34 6,656 --a------ C:\WINDOWS\system32\kbdsl1.dll 2007-05-10 21:34 6,656 --a------ C:\WINDOWS\system32\kbdsl.dll 2007-05-10 21:34 6,656 --a------ C:\WINDOWS\system32\kbdhu.dll 2007-05-10 21:34 6,656 --a------ C:\WINDOWS\system32\kbdcz2.dll 2007-05-10 21:34 6,656 --a------ C:\WINDOWS\system32\kbdcz1.dll 2007-05-10 21:34 6,656 --a------ C:\WINDOWS\system32\kbdcr.dll 2007-05-10 21:34 6,656 --a------ C:\WINDOWS\system32\KBDAL.DLL 2007-05-10 21:34 6,656 --a------ C:\WINDOWS\system32\batt.dll 2007-05-10 21:34 6,144 -ra------ C:\WINDOWS\system32\kbdtuq.dll 2007-05-10 21:34 6,144 -ra------ C:\WINDOWS\system32\kbdtuf.dll 2007-05-10 21:34 6,144 -ra------ C:\WINDOWS\system32\kbdlv1.dll 2007-05-10 21:34 6,144 -ra------ C:\WINDOWS\system32\kbdlv.dll 2007-05-10 21:34 6,144 -ra------ C:\WINDOWS\system32\kbdhela2.dll 2007-05-10 21:34 6,144 -ra------ C:\WINDOWS\system32\kbdgkl.dll 2007-05-10 21:34 6,144 -ra------ C:\WINDOWS\system32\kbdest.dll 2007-05-10 21:34 5,632 -ra------ C:\WINDOWS\system32\kbdmon.dll 2007-05-10 21:34 5,632 -ra------ C:\WINDOWS\system32\kbdlt1.dll 2007-05-10 21:34 5,632 -ra------ C:\WINDOWS\system32\kbdlt.dll 2007-05-10 21:34 5,632 -ra------ C:\WINDOWS\system32\kbdkyr.dll 2007-05-10 21:34 5,632 -ra------ C:\WINDOWS\system32\kbdhe319.dll 2007-05-10 21:34 5,632 -ra------ C:\WINDOWS\system32\kbdhe220.dll 2007-05-10 21:34 5,632 -ra------ C:\WINDOWS\system32\kbdhe.dll 2007-05-10 21:34 5,632 -ra------ C:\WINDOWS\system32\kbdazel.dll 2007-05-10 21:34 5,632 --a------ C:\WINDOWS\system32\kbdro.dll 2007-05-10 21:34 5,632 --a------ C:\WINDOWS\system32\kbdhu1.dll 2007-05-10 21:34 5,120 --a------ C:\WINDOWS\system\SHELL.DLL 2007-05-10 21:34 33,376 --a------ C:\WINDOWS\system\COMMDLG.DLL 2007-05-10 21:34 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll 2007-05-10 21:34 24,064 --a------ C:\WINDOWS\system\OLESVR.DLL 2007-05-10 21:34 19,200 --a------ C:\WINDOWS\system\TAPI.DLL 2007-05-10 21:34 176,157 --a------ C:\WINDOWS\system32\dgrpsetu.dll 2007-05-10 21:34 15,360 --a------ C:\WINDOWS\TASKMAN.EXE 2007-05-10 21:34 13,312 --a------ C:\WINDOWS\system32\irclass.dll 2007-05-10 21:34 127,008 --a------ C:\WINDOWS\system\MSVIDEO.DLL 2007-05-10 21:34 109,488 --a------ C:\WINDOWS\system\AVIFILE.DLL 2007-05-10 21:34 103,424 --a------ C:\WINDOWS\system32\EqnClass.Dll 2007-05-10 21:34 10,496 --a------ C:\WINDOWS\system32\drivers\irenum.sys 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:33 2007-05-10 21:23 212,992 --a------ C:\WINDOWS\system32\lxallcnt.dll 2007-05-10 21:19 2007-05-10 21:18 298,496 --a------ C:\WINDOWS\unin0415.exe 2007-05-10 21:18 24,832 --a------ C:\WINDOWS\system32\drivers\usbprint.sys 2007-05-10 21:13 50,007 --a------ C:\WINDOWS\system32\drivers\adildr.sys 2007-05-10 21:13 46,892 --a------ C:\WINDOWS\system32\adadix16.dll 2007-05-10 21:13 4,981 --a------ C:\WINDOWS\system32\adadix2k.dll 2007-05-10 21:13 36,224 --a------ C:\WINDOWS\system32\drivers\isapnp.sys 2007-05-10 21:13 22,395 --a------ C:\WINDOWS\system32\drivers\fpga.bin 2007-05-10 21:13 155,648 --a------ C:\WINDOWS\system32\adadix32.dll 2007-05-10 21:13 143,360 --a------ C:\WINDOWS\autoclk.exe 2007-05-10 21:13 127,456 --a------ C:\WINDOWS\system32\ipdetect.exe 2007-05-10 21:13 127,065 --a------ C:\WINDOWS\system32\drivers\adiusbaw.sys 2007-05-10 21:13 126,976 --a------ C:\WINDOWS\system32\coclassfast.dll 2007-05-10 21:13 114,688 --a------ C:\WINDOWS\system32\unaddrv.exe 2007-05-10 21:13 1,531,904 --a------ C:\WINDOWS\adiras.exe 2007-05-10 21:13 2007-05-10 21:12 2007-05-10 21:12 2007-05-10 21:10 2,916,352 --------- C:\WINDOWS\UNNMP.exe 2007-05-10 21:09 155,648 --a------ C:\WINDOWS\system32\NeroCheck.exe 2007-05-10 21:08 997,888 --a------ C:\WINDOWS\system32\wmvdmoe2.dll 2007-05-10 21:08 981,504 --a------ C:\WINDOWS\system32\wmnetmgr.dll 2007-05-10 21:08 892,416 --a------ C:\WINDOWS\system32\wmspdmoe.dll 2007-05-10 21:08 82,432 --a------ C:\WINDOWS\system32\drmstor.dll 2007-05-10 21:08 816,264 --a------ C:\WINDOWS\system32\wmvdmod.dll 2007-05-10 21:08 81,408 --a------ C:\WINDOWS\system32\logagent.exe 2007-05-10 21:08 760,968 --a------ C:\WINDOWS\system32\wmsdmod.dll 2007-05-10 21:08 678,912 --a------ C:\WINDOWS\system32\drmv2clt.dll 2007-05-10 21:08 670,208 --a------ C:\WINDOWS\system32\wmadmoe.dll 2007-05-10 21:08 6,656 --a------ C:\WINDOWS\system32\laprxy.dll 2007-05-10 21:08 486,536 --a------ C:\WINDOWS\system32\wmspdmod.dll 2007-05-10 21:08 410,248 --a------ C:\WINDOWS\system32\wmadmod.dll 2007-05-10 21:08 384,512 --a------ C:\WINDOWS\system32\mp4sdmod.dll 2007-05-10 21:08 316,040 --a------ C:\WINDOWS\system32\mp43dmod.dll 2007-05-10 21:08 301,712 --a------ C:\WINDOWS\system32\drmclien.dll 2007-05-10 21:08 253,952 --a------ C:\WINDOWS\system32\msnetobj.dll 2007-05-10 21:08 241,664 --a------ C:\WINDOWS\system32\qasf.dll 2007-05-10 21:08 241,664 --a------ C:\WINDOWS\system32\mpg4dmod.dll 2007-05-10 21:08 232,960 --a------ C:\WINDOWS\system32\blackbox.dll 2007-05-10 21:08 218,112 --a------ C:\WINDOWS\system32\wmasf.dll 2007-05-10 21:08 143,360 --a------ C:\WINDOWS\system32\wmidx.dll 2007-05-10 21:08 1,111,040 --a------ C:\WINDOWS\system32\wmsdmoe2.dll 2007-05-10 21:08 2007-05-10 21:07 476,320 --------- C:\WINDOWS\system32\ImagXpr7.dll 2007-05-10 21:07 471,040 --------- C:\WINDOWS\system32\ImagXRA7.dll 2007-05-10 21:07 38,912 --------- C:\WINDOWS\system32\picn20.dll 2007-05-10 21:07 364,544 --------- C:\WINDOWS\system32\TwnLib4.dll 2007-05-10 21:07 262,144 --------- C:\WINDOWS\system32\ImagXR7.dll 2007-05-10 21:07 24,064 --------- C:\WINDOWS\system32\msxml3a.dll 2007-05-10 21:07 2,977,792 --------- C:\WINDOWS\UNNeroVision.exe 2007-05-10 21:07 106,496 --a------ C:\WINDOWS\system32\TwnLib20.dll 2007-05-10 21:07 1,568,768 --------- C:\WINDOWS\system32\ImagX7.dll 2007-05-10 21:07 2007-05-10 21:07 2007-05-10 21:07 2007-05-10 21:05 2007-05-10 21:03 2007-05-10 21:02 98,816 --a------ C:\WINDOWS\system32\dmstyle.dll 2007-05-10 21:02 974,848 --a------ C:\WINDOWS\system32\dxdiag.exe 2007-05-10 21:02 83,968 --a------ C:\WINDOWS\system32\drivers\nabtsfec.sys 2007-05-10 21:02 80,896 --a------ C:\WINDOWS\system32\dpvsetup.exe 2007-05-10 21:02 8,192 --a------ C:\WINDOWS\system32\d3d8thk.dll 2007-05-10 21:02 797,184 --a------ C:\WINDOWS\system32\d3dim700.dll 2007-05-10 21:02 79,360 --a------ C:\WINDOWS\system32\dpwsockx.dll 2007-05-10 21:02 77,824 --a------ C:\WINDOWS\system32\dpmodemx.dll 2007-05-10 21:02 76,800 --a------ C:\WINDOWS\system32\dmscript.dll 2007-05-10 21:02 733,184 --a------ C:\WINDOWS\system32\qedwipes.dll 2007-05-10 21:02 723,968 --a------ C:\WINDOWS\system32\dpnet.dll 2007-05-10 21:02 7,424 --a------ C:\WINDOWS\system32\drivers\mskssrv.sys 2007-05-10 21:02 68,096 --a------ C:\WINDOWS\system32\dpnhupnp.dll 2007-05-10 21:02 667,648 --a------ C:\WINDOWS\system32\dinput8.dll 2007-05-10 21:02 648,704 --a------ C:\WINDOWS\system32\dinput.dll 2007-05-10 21:02 64,512 --a------ C:\WINDOWS\system32\amstream.dll 2007-05-10 21:02 602,624 --a------ C:\WINDOWS\system32\dx7vb.dll 2007-05-10 21:02 58,368 --a------ C:\WINDOWS\system32\dmcompos.dll 2007-05-10 21:02 52,096 --a------ C:\WINDOWS\system32\drivers\msdv.sys 2007-05-10 21:02 5,504 --a------ C:\WINDOWS\system32\drivers\mstee.sys 2007-05-10 21:02 5,248 --a------ C:\WINDOWS\system32\drivers\mspclock.sys 2007-05-10 21:02 491,520 --a------ C:\WINDOWS\system32\dsdmoprp.dll 2007-05-10 21:02 48,512 --a------ C:\WINDOWS\system32\drivers\stream.sys 2007-05-10 21:02 470,528 --a------ C:\WINDOWS\system32\qdvd.dll 2007-05-10 21:02 47,104 --a------ C:\WINDOWS\system32\wstdecod.dll 2007-05-10 21:02 46,592 --a------ C:\WINDOWS\system32\dxdllreg.exe 2007-05-10 21:02 4,608 --a------ C:\WINDOWS\system32\drivers\mspqm.sys 2007-05-10 21:02 4,096 --a------ C:\WINDOWS\system32\ksuser.dll 2007-05-10 21:02 4,096 --a------ C:\WINDOWS\system32\drivers\swenum.sys 2007-05-10 21:02 381,952 --a------ C:\WINDOWS\system32\dsound.dll 2007-05-10 21:02 381,952 --a------ C:\WINDOWS\system32\dpvoice.dll 2007-05-10 21:02 354,816 --a------ C:\WINDOWS\system32\psisdecd.dll 2007-05-10 21:02 34,304 --a------ C:\WINDOWS\system32\mciqtz32.dll 2007-05-10 21:02 33,280 --a------ C:\WINDOWS\system32\dmloader.dll 2007-05-10 21:02 324,096 --a------ C:\WINDOWS\system32\mswebdvd.dll 2007-05-10 21:02 32,768 --a------ C:\WINDOWS\system32\dpnhpast.dll 2007-05-10 21:02 316,928 --a------ C:\WINDOWS\system32\qdv.dll 2007-05-10 21:02 31,744 --a------ C:\WINDOWS\system32\pid.dll 2007-05-10 21:02 3,072 --a------ C:\WINDOWS\system32\dpnlobby.dll 2007-05-10 21:02 3,072 --a------ C:\WINDOWS\system32\dpnaddr.dll 2007-05-10 21:02 292,864 --a------ C:\WINDOWS\system32\ddraw.dll 2007-05-10 21:02 28,160 --a------ C:\WINDOWS\system32\dplaysvr.exe 2007-05-10 21:02 27,136 --a------ C:\WINDOWS\system32\dmband.dll 2007-05-10 21:02 257,024 --a------ C:\WINDOWS\system32\qcap.dll 2007-05-10 21:02 24,064 --a------ C:\WINDOWS\system32\ddrawex.dll 2007-05-10 21:02 230,400 --a------ C:\WINDOWS\system32\dplayx.dll 2007-05-10 21:02 19,968 --a------ C:\WINDOWS\system32\dpvacm.dll 2007-05-10 21:02 186,880 --a------ C:\WINDOWS\system32\dsdmo.dll 2007-05-10 21:02 181,248 --a------ C:\WINDOWS\system32\dmime.dll 2007-05-10 21:02 18,944 --a------ C:\WINDOWS\system32\encapi.dll 2007-05-10 21:02 18,688 --a------ C:\WINDOWS\system32\drivers\wstcodec.sys 2007-05-10 21:02 18,432 --a------ C:\WINDOWS\system32\dswave.dll 2007-05-10 21:02 16,896 --a------ C:\WINDOWS\system32\msyuv.dll 2007-05-10 21:02 16,896 --a------ C:\WINDOWS\system32\dpnsvr.exe 2007-05-10 21:02 16,384 --a------ C:\WINDOWS\system32\drivers\ccdecode.sys 2007-05-10 21:02 15,104 --a------ C:\WINDOWS\system32\drivers\mpe.sys 2007-05-10 21:02 14,976 --a------ C:\WINDOWS\system32\drivers\streamip.sys 2007-05-10 21:02 132,608 --a------ C:\WINDOWS\system32\devenum.dll 2007-05-10 21:02 130,304 --a------ C:\WINDOWS\system32\drivers\ks.sys 2007-05-10 21:02 13,312 --a------ C:\WINDOWS\system32\msdmo.dll 2007-05-10 21:02 122,880 --a------ C:\WINDOWS\system32\dmusic.dll 2007-05-10 21:02 112,128 --a------ C:\WINDOWS\system32\dpvvox.dll 2007-05-10 21:02 11,392 --a------ C:\WINDOWS\system32\drivers\bdasup.sys 2007-05-10 21:02 100,864 --a------ C:\WINDOWS\system32\dmsynth.dll 2007-05-10 21:02 10,880 --a------ C:\WINDOWS\system32\drivers\slip.sys 2007-05-10 21:02 10,496 --a------ C:\WINDOWS\system32\drivers\dxapi.sys 2007-05-10 21:02 10,112 --a------ C:\WINDOWS\system32\drivers\ndisip.sys 2007-05-10 21:02 1,962,496 --a------ C:\WINDOWS\system32\quartz.dll 2007-05-10 21:02 1,798,144 --a------ C:\WINDOWS\system32\qedit.dll 2007-05-10 21:02 1,769,472 --a------ C:\WINDOWS\system32\dxdiagn.dll 2007-05-10 21:02 1,703,936 --a------ C:\WINDOWS\system32\d3d9.dll 2007-05-10 21:02 1,294,336 --a------ C:\WINDOWS\system32\dsound3d.dll 2007-05-10 21:02 1,230,336 --a------ C:\WINDOWS\system32\msvidctl.dll 2007-05-10 21:02 1,201,152 --a------ C:\WINDOWS\system32\d3d8.dll 2007-05-10 21:02 1,189,888 --a------ C:\WINDOWS\system32\dx8vb.dll 2007-05-10 20:58 2007-05-10 20:57 516,096 --------- C:\WINDOWS\system32\ati2sgag.exe 2007-05-10 20:57 294,912 -ra------ C:\WINDOWS\system32\atiiiexx.dll 2007-05-10 20:57 151,552 -ra------ C:\WINDOWS\system32\ATIDEMGR.dll 2007-05-10 20:57 2007-05-10 20:55 23,040 -ra------ C:\WINDOWS\system32\drivers\GVCplDrv.sys 2007-05-10 20:54 655,596 --a------ C:\WINDOWS\system32\drivers\ALCXWDM.SYS 2007-05-10 20:54 57,344 --a------ C:\WINDOWS\system32\drivers\drmk.sys 2007-05-10 20:54 46,592 --a------ C:\WINDOWS\SOUNDMAN.EXE 2007-05-10 20:54 208,896 --------- C:\WINDOWS\alcupd.exe 2007-05-10 20:54 19,072 --a------ C:\WINDOWS\system32\drivers\usbehci.sys 2007-05-10 20:54 135,168 --------- C:\WINDOWS\alcrmv.exe 2007-05-10 20:54 135,040 --a------ C:\WINDOWS\system32\drivers\portcls.sys 2007-05-10 20:54 2007-05-10 20:54 2007-05-10 20:54 2007-05-10 20:54 2007-05-10 20:54 2007-05-10 20:52 306,688 --a------ C:\WINDOWS\IsUninst.exe 2007-05-10 20:52 3,279 --a------ C:\WINDOWS\system32\drivers\VIAPFD.SYS 2007-05-10 20:52 27,904 --a------ C:\WINDOWS\system32\drivers\VIAAGP1.SYS 2007-05-10 20:52 2007-05-10 20:52 2007-05-10 20:51 24,064 --a------ C:\WINDOWS\autoload.exe 2007-05-10 20:50 1,310,720 --ah----- C:\DOCUME~1\menager\NTUSER.DAT 2007-05-10 20:50 2007-05-10 20:50 2007-05-10 20:50 2007-05-10 20:50 2007-05-10 20:50 2007-05-10 20:50 2007-05-10 20:50 2007-05-10 20:50 2007-05-10 20:49 237,568 --ah----- C:\DOCUME~1\NETWOR~1\NTUSER.DAT 2007-05-10 20:49 237,568 --ah----- C:\DOCUME~1\LOCALS~1\NTUSER.DAT 2007-05-10 20:49 2007-05-10 20:49 2007-05-10 20:49 2007-05-10 20:49 2007-05-10 20:49 2007-05-10 20:49 2007-05-10 20:45 237,568 —h----- C:\DOCUME~1\DEFAUL~1\NTUSER.DAT 2007-05-10 20:45 112,128 --a------ C:\WINDOWS\system32\mapi32.dll 2007-05-10 20:45 0 -rahs---- C:\MSDOS.SYS 2007-05-10 20:45 0 -rahs---- C:\IO.SYS 2007-05-10 20:45 0 --a------ C:\CONFIG.SYS 2007-05-10 20:45 0 --a------ C:\AUTOEXEC.BAT 2007-05-10 20:45 2007-05-10 20:45 2007-05-10 20:44 2007-05-10 20:43 360,448 --a------ C:\WINDOWS\system32\qmgr.dll 2007-05-10 20:43 2007-05-10 20:43 2007-05-10 20:43 2007-05-10 20:43 2007-05-10 20:43 2007-05-10 20:42 90,624 --a------ C:\WINDOWS\system32\msoert2.dll 2007-05-10 20:42 9,728 --a------ C:\WINDOWS\system32\mstinit.exe 2007-05-10 20:42 81,920 --a------ C:\WINDOWS\system32\isign32.dll 2007-05-10 20:42 73,728 --a------ C:\WINDOWS\system32\ils.dll 2007-05-10 20:42 70,400 --a------ C:\WINDOWS\system32\drivers\sr.sys 2007-05-10 20:42 69,632 --a------ C:\WINDOWS\system32\icwdial.dll 2007-05-10 20:42 67,584 --a------ C:\WINDOWS\system32\acctres.dll 2007-05-10 20:42 65,536 --a------ C:\WINDOWS\system32\msconf.dll 2007-05-10 20:42 61,952 --a------ C:\WINDOWS\system32\srclient.dll 2007-05-10 20:42 61,440 --a------ C:\WINDOWS\system32\icwphbk.dll 2007-05-10 20:42 593,920 --a------ C:\WINDOWS\system32\inetcomm.dll 2007-05-10 20:42 49,152 --a------ C:\WINDOWS\system32\inetres.dll 2007-05-10 20:42 40,960 --a------ C:\WINDOWS\system32\safrslv.dll 2007-05-10 20:42 39,424 --a------ C:\WINDOWS\system32\safrcdlg.dll 2007-05-10 20:42 33,792 --a------ C:\WINDOWS\system32\racpldlg.dll 2007-05-10 20:42 32,768 --a------ C:\WINDOWS\system32\mnmsrvc.exe 2007-05-10 20:42 32,384 --a------ C:\WINDOWS\system32\mnmdd.dll 2007-05-10 20:42 28,672 --a------ C:\WINDOWS\system32\isrdbg32.dll 2007-05-10 20:42 270,336 --a------ C:\WINDOWS\system32\inetcfg.dll 2007-05-10 20:42 26,624 --a------ C:\WINDOWS\system32\safrdm.dll 2007-05-10 20:42 253,440 --a------ C:\WINDOWS\system32\mstask.dll 2007-05-10 20:42 24,576 --a------ C:\WINDOWS\system32\nmmkcert.dll 2007-05-10 20:42 228,864 --a------ C:\WINDOWS\system32\msoeacct.dll 2007-05-10 20:42 219,136 --a------ C:\WINDOWS\system32\srrstr.dll 2007-05-10 20:42 16,384 --a------ C:\WINDOWS\system32\icfgnt5.dll 2007-05-10 20:42 159,744 --a------ C:\WINDOWS\system32\schedsvc.dll 2007-05-10 20:42 155,648 --a------ C:\WINDOWS\system32\srsvc.dll 2007-05-10 20:42 12,288 --a------ C:\WINDOWS\system32\nmevtmsg.dll 2007-05-10 20:42 11,264 --a------ C:\WINDOWS\system32\atrace.dll 2007-05-10 20:42 2007-05-10 20:42 2007-05-10 20:42 2007-05-10 20:42 2007-05-10 20:42 2007-05-10 20:41 21,856 --a------ C:\WINDOWS\system32\emptyregdb.dat 2007-05-10 20:41 2007-05-10 20:41 2007-05-10 20:41 2007-05-10 20:40 99,328 --a------ C:\WINDOWS\system32\clipbrd.exe 2007-05-10 20:40 9,728 --a------ C:\WINDOWS\system32\xolehlp.dll 2007-05-10 20:40 9,728 --a------ C:\WINDOWS\system32\reset.exe 2007-05-10 20:40 89,600 --a------ C:\WINDOWS\system32\tscfgwmi.dll 2007-05-10 20:40 869,376 --a------ C:\WINDOWS\system32\msdtctm.dll 2007-05-10 20:40 85,504 --a------ C:\WINDOWS\system32\catsrvps.dll 2007-05-10 20:40 83,968 --a------ C:\WINDOWS\system32\mtxoci.dll 2007-05-10 20:40 82,432 --a------ C:\WINDOWS\system32\comrepl.dll 2007-05-10 20:40 80,896 --a------ C:\WINDOWS\system32\charmap.exe 2007-05-10 20:40 8,704 --a------ C:\WINDOWS\system32\icaapi.dll 2007-05-10 20:40 73,864 --a------ C:\WINDOWS\system32\rdpwsx.dll 2007-05-10 20:40 73,216 --a------ C:\WINDOWS\system32\avwav.dll 2007-05-10 20:40 61,952 --a------ C:\WINDOWS\system32\rdshost.exe 2007-05-10 20:40 605,696 --a------ C:\WINDOWS\system32\getuname.dll 2007-05-10 20:40 6,144 --a------ C:\WINDOWS\system32\msdtc.exe 2007-05-10 20:40 583,168 --a------ C:\WINDOWS\system32\catsrvut.dll 2007-05-10 20:40 57,344 --a------ C:\WINDOWS\system32\sol.exe 2007-05-10 20:40 57,344 --a------ C:\WINDOWS\system32\licwmi.dll 2007-05-10 20:40 56,832 --a------ C:\WINDOWS\system32\remotepg.dll 2007-05-10 20:40 56,832 --a------ C:\WINDOWS\system32\colbact.dll 2007-05-10 20:40 55,808 --a------ C:\WINDOWS\system32\freecell.exe 2007-05-10 20:40 54,784 --a------ C:\WINDOWS\system32\msdtclog.dll 2007-05-10 20:40 54,272 --a------ C:\WINDOWS\system32\stclient.dll 2007-05-10 20:40 534,016 --a------ C:\WINDOWS\system32\spider.exe 2007-05-10 20:40 53,248 --a------ C:\WINDOWS\system32\servdeps.dll 2007-05-10 20:40 503,296 --a------ C:\WINDOWS\system32\mstscax.dll 2007-05-10 20:40 5,632 --a------ C:\WINDOWS\system32\write.exe 2007-05-10 20:40 5,120 --a------ C:\WINDOWS\system32\dcomcnfg.exe 2007-05-10 20:40 495,616 --a------ C:\WINDOWS\system32\comuid.dll 2007-05-10 20:40 494,592 --a------ C:\WINDOWS\system32\hypertrm.dll 2007-05-10 20:40 468,480 --a------ C:\WINDOWS\system32\clbcatq.dll 2007-05-10 20:40 44,544 --a------ C:\WINDOWS\system32\hticons.dll 2007-05-10 20:40 41,984 --a------ C:\WINDOWS\system32\rdpclip.exe 2007-05-10 20:40 40,448 --a------ C:\WINDOWS\system32\tscupgrd.exe 2007-05-10 20:40 4,608 --a------ C:\WINDOWS\system32\rdpcfgex.dll 2007-05-10 20:40 4,096 --a------ C:\WINDOWS\system32\wuauserv.dll 2007-05-10 20:40 4,096 --a------ C:\WINDOWS\system32\mtxex.dll 2007-05-10 20:40 387,072 --a------ C:\WINDOWS\system32\mstsc.exe 2007-05-10 20:40 37,896 --a------ C:\WINDOWS\system32\drivers\termdd.sys 2007-05-10 20:40 360,960 --a------ C:\WINDOWS\system32\msdtcprx.dll 2007-05-10 20:40 35,328 --a------ C:\WINDOWS\system32\winchat.exe 2007-05-10 20:40 342,016 --a------ C:\WINDOWS\system32\mspaint.exe 2007-05-10 20:40 33,792 --a------ C:\WINDOWS\system32\regini.exe 2007-05-10 20:40 32,768 --a------ C:\WINDOWS\system32\cfgbkend.dll 2007-05-10 20:40 25,600 --a------ C:\WINDOWS\system32\comaddin.dll 2007-05-10 20:40 25,088 --a------ C:\WINDOWS\system32\mtxlegih.dll 2007-05-10 20:40 231,424 --a------ C:\WINDOWS\system32\avtapi.dll 2007-05-10 20:40 22,528 --a------ C:\WINDOWS\system32\qwinsta.exe 2007-05-10 20:40 22,528 --a------ C:\WINDOWS\system32\msg.exe 2007-05-10 20:40 215,040 --a------ C:\WINDOWS\system32\catsrv.dll 2007-05-10 20:40 20,480 --a------ C:\WINDOWS\system32\mtxdm.dll 2007-05-10 20:40 20,232 --a------ C:\WINDOWS\system32\drivers\tdtcp.sys 2007-05-10 20:40 198,656 --a------ C:\WINDOWS\system32\termsrv.dll 2007-05-10 20:40 19,456 --a------ C:\WINDOWS\system32\qprocess.exe 2007-05-10 20:40 183,296 --a------ C:\WINDOWS\system32\accwiz.exe 2007-05-10 20:40 181,632 --a------ C:\WINDOWS\system32\drivers\rdpdr.sys 2007-05-10 20:40 177,152 --a------ C:\WINDOWS\system32\cmprops.dll 2007-05-10 20:40 17,920 --a------ C:\WINDOWS\system32\tsshutdn.exe 2007-05-10 20:40 17,408 --a------ C:\WINDOWS\system32\qappsrv.exe 2007-05-10 20:40 16,896 --a------ C:\WINDOWS\system32\mmfutil.dll 2007-05-10 20:40 16,384 --a------ C:\WINDOWS\system32\tskill.exe 2007-05-10 20:40 16,384 --a------ C:\WINDOWS\system32\rwinsta.exe 2007-05-10 20:40 16,384 --a------ C:\WINDOWS\system32\avmeter.dll 2007-05-10 20:40 151,040 --a------ C:\WINDOWS\system32\msdtcuiu.dll 2007-05-10 20:40 15,872 --a------ C:\WINDOWS\system32\logoff.exe 2007-05-10 20:40 15,872 --a------ C:\WINDOWS\system32\cdmodem.dll 2007-05-10 20:40 15,360 --a------ C:\WINDOWS\system32\tsdiscon.exe 2007-05-10 20:40 15,360 --a------ C:\WINDOWS\system32\tscon.exe 2007-05-10 20:40 15,360 --a------ C:\WINDOWS\system32\shadow.exe 2007-05-10 20:40 147,456 --a------ C:\WINDOWS\system32\comsnap.dll 2007-05-10 20:40 14,848 --a------ C:\WINDOWS\system32\rdpsnd.dll 2007-05-10 20:40 139,264 --a------ C:\WINDOWS\system32\sndvol32.exe 2007-05-10 20:40 134,656 --a------ C:\WINDOWS\system32\rdchost.dll 2007-05-10 20:40 131,072 --a------ C:\WINDOWS\system32\sessmgr.exe 2007-05-10 20:40 128,000 --a------ C:\WINDOWS\system32\mshearts.exe 2007-05-10 20:40 125,440 --a------ C:\WINDOWS\system32\sndrec32.exe 2007-05-10 20:40 125,208 --a------ C:\WINDOWS\system32\wuauclt.exe 2007-05-10 20:40 12,288 --a------ C:\WINDOWS\system32\rdsaddin.exe 2007-05-10 20:40 119,808 --a------ C:\WINDOWS\system32\winmine.exe 2007-05-10 20:40 118,272 --a------ C:\WINDOWS\system32\mplay32.exe 2007-05-10 20:40 115,200 --a------ C:\WINDOWS\system32\calc.exe 2007-05-10 20:40 11,144 --a------ C:\WINDOWS\system32\drivers\tdpipe.sys 2007-05-10 20:40 107,912 --a------ C:\WINDOWS\system32\drivers\rdpwd.sys 2007-05-10 20:40 100,864 --a------ C:\WINDOWS\system32\clbcatex.dll 2007-05-10 20:40 1,343,768 --a------ C:\WINDOWS\system32\wuaueng.dll 2007-05-10 20:40 1,225 --a------ C:\WINDOWS\system32\usrlogon.cmd 2007-05-10 20:40 1,139,200 --a------ C:\WINDOWS\system32\comsvcs.dll 2007-05-10 20:40 2007-05-10 20:40 2007-05-10 20:40 2007-05-10 20:40 2007-05-10 20:40 (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-05-11 17:05:57 163,644 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys 2007-05-10 19:19:05 67,298 ----a-w C:\WINDOWS\system32\perfc015.dat 2007-05-10 19:19:05 436,322 ----a-w C:\WINDOWS\system32\perfh015.dat 2007-05-10 18:43:33 -------- d-----w C:\Program Files\Usługi online 2007-04-09 12:27:07 31,548 ----a-w C:\WINDOWS\system32\drivers\scdemu.sys (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] “NeroFilterCheck”=“C:\WINDOWS\system32\NeroCheck.exe” “avgnt”="“C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe” /min" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “NeroFilterCheck”=“C:\WINDOWS\system32\NeroCheck.exe” [2001-07-09 10:50] “avgnt”=“C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe” [2007-04-02 10:35] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “CTFMON.EXE”=“C:\WINDOWS\System32\ctfmon.exe” [2001-10-26 19:29] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] “CTFMON.EXE”=“C:\WINDOWS\System32\ctfmon.exe” [HKEY_USERS.default\software\microsoft\windows\currentversion\run] @="" “ATICCC”="“C:\Program Files\ATI Technologies\ATI.ACE\cli.exe” runtime" “Network Security”=“C:\WINDOWS\System32\NSecurity.exe” HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa Authentication Packages msv1_0\0\0 Security Packages kerberos\0msv1_0\0schannel\0wdigest\0\0 Notification Packages scecli\0\0 HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\c:^documents and settings^all users^menu start^programy^autostart^ati catalyst system tray.lnk C:\PROGRA~1\ATITEC~1\ATI.ACE\CLI.exe SystemTray HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\c:^documents and settings^all users^menu start^programy^autostart^microsoft office.lnk E:\MICROS~1\Office\OSA9.EXE -b -l HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\aticcc “C:\Program Files\ATI Technologies\ATI.ACE\cli.exe” runtime HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\atipta C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxsupmon C:\WINDOWS\System32\LXSUPMON.EXE RUN HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\soundman SOUNDMAN.EXE [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost] LocalService Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0 NetworkService DnsCache\0\0 rpcss RpcSs\0\0 imgsvc StiSvc\0\0 termsvcs TermService\0\0 HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost ******************************************************************** catchme 0.3.660 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-05-13 18:26:21 Windows 5.1.2600 NTFS scanning hidden processes … scanning hidden services … scanning hidden autostart entries … scanning hidden files … scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 ******************************************************************** Completion time: 2007-05-13 18:26:25 C:\ComboFix-quarantined-files.txt … 2007-05-13 18:26 C:\ComboFix2.txt … 2007-05-13 14:08

Gutek · 13 Maj 2007 16:43

usuń The Avenger

mister12_1994 · 14 Maj 2007 05:36

zrobiłem

Złączono Posta : 14.05.2007 (Pon) 7:59

daje nowe logi:

ComboFix 07-05.13.V - Running from: “C:\Documents and Settings\menager\Pulpit” (((((((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) C:\WINDOWS\system32.exe ((((((((((((((((((((((((((((((( Files Created from 2007-04-05 to 2007-05-14 )))))))))))))))))))))))))))))))))) 2007-05-14 07:35 60,416 --a------ C:\WINDOWS\system32\drivers\apvpjqcw.sys 2007-05-14 07:35 126,976 --a------ C:\zip.exe 2007-05-14 07:35 1,080 --a------ C:\xnqgblvw.bat 2007-05-13 18:18 2007-05-13 17:02 2007-05-13 15:41 524,288 --ah----- C:\DOCUME~1\ADMINI~1\NTUSER.DAT 2007-05-13 15:41 2007-05-13 15:41 2007-05-13 15:41 2007-05-13 15:41 2007-05-13 15:41 2007-05-13 15:41 2007-05-13 15:41 2007-05-13 14:08 49,152 --a------ C:\WINDOWS\nircmd.exe 2007-05-13 13:38 2007-05-13 12:20 0 --a------ C:\WINDOWS\system32\directxclickers.exe 2007-05-13 11:15 7,680 --------- C:\WINDOWS\system32\bitsprx2.dll 2007-05-13 11:15 7,168 --------- C:\WINDOWS\system32\bitsprx3.dll 2007-05-13 11:15 331,776 --a------ C:\WINDOWS\system32\winhttp.dll 2007-05-13 11:15 17,408 --a------ C:\WINDOWS\system32\qmgrprxy.dll 2007-05-13 11:12 2007-05-13 11:09 466,200 --a------ C:\WINDOWS\system32\wuapi.dll 2007-05-13 11:09 41,240 --a------ C:\WINDOWS\system32\wups.dll 2007-05-13 11:09 195,352 --a------ C:\WINDOWS\system32\wuaueng1.dll 2007-05-13 11:09 175,384 --a------ C:\WINDOWS\system32\wuauclt1.exe 2007-05-13 11:09 173,536 --a------ C:\WINDOWS\system32\wuweb.dll 2007-05-13 11:09 128,280 --a------ C:\WINDOWS\system32\wucltui.dll 2007-05-13 11:09 2007-05-13 11:07 2007-05-11 20:41 2007-05-11 19:41 19,632 --a------ C:\WINDOWS\system32\NSecurity.exe 2007-05-11 14:48 98,304 --a------ C:\WINDOWS\system32\CmdLineExt.dll 2007-05-11 14:46 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll 2007-05-11 14:15 2007-05-11 14:12 2007-05-11 14:04 682,232 --a------ C:\WINDOWS\system32\drivers\sptd.sys 2007-05-11 13:48 2007-05-11 13:46 2007-05-11 13:43 8,192 --a------ C:\WINDOWS\system32\tsbyuv.dll 2007-05-11 13:43 50,688 --a------ C:\WINDOWS\system32\vfwwdm32.dll 2007-05-11 13:43 144,768 -ra------ C:\WINDOWS\system32\drivers\PA707UCM.SYS 2007-05-11 13:42 45,568 --a------ C:\WINDOWS\system32\iyuv_32.dll 2007-05-11 13:41 2007-05-11 13:41 2007-05-11 13:39 2007-05-11 13:19 2007-05-11 11:32 53,248 --a------ C:\WINDOWS\system32\PAStiSvc.exe 2007-05-11 11:32 198,424 --a------ C:\WINDOWS\system32\iuengine.dll 2007-05-11 11:31 2007-05-11 11:18 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 21:39 43,584 --a------ C:\WINDOWS\system32\drivers\avipbb.sys 2007-05-10 21:39 28,352 --a------ C:\WINDOWS\system32\drivers\ssmdrv.sys 2007-05-10 21:39 2007-05-10 21:37 79,616 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys 2007-05-10 21:37 57,472 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys 2007-05-10 21:37 54,272 --a------ C:\WINDOWS\system32\drivers\swmidi.sys 2007-05-10 21:37 50,048 --a------ C:\WINDOWS\system32\drivers\DMusic.sys 2007-05-10 21:37 5,632 --a------ C:\WINDOWS\system32\drivers\splitter.sys 2007-05-10 21:37 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys 2007-05-10 21:37 2,816 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys 2007-05-10 21:37 159,232 --a------ C:\WINDOWS\system32\drivers\kmixer.sys 2007-05-10 21:37 122,472 --a------ C:\WINDOWS\system32\drivers\aec.sys 2007-05-10 21:36 9,728 --a------ C:\WINDOWS\system32\drivers\gameenum.sys 2007-05-10 21:36 70,144 --a------ C:\WINDOWS\system32\usbui.dll 2007-05-10 21:36 57,088 --a------ C:\WINDOWS\system32\drivers\redbook.sys 2007-05-10 21:36 27,392 --a------ C:\WINDOWS\system32\drivers\VIAAGP.SYS 2007-05-10 21:36 2,944 --a------ C:\WINDOWS\system32\drivers\msmpu401.sys 2007-05-10 21:34 9,936 --a------ C:\WINDOWS\system\LZEXPAND.DLL 2007-05-10 21:34 9,168 --a------ C:\WINDOWS\system\VER.DLL 2007-05-10 21:34 85,532 --a------ C:\WINDOWS\system32\dgsetup.dll 2007-05-10 21:34 83,456 --a------ C:\WINDOWS\system\OLECLI.DLL 2007-05-10 21:34 8,192 -ra------ C:\WINDOWS\system32\kbdhept.dll 2007-05-10 21:34 71,680 --a------ C:\WINDOWS\system32\storprop.dll 2007-05-10 21:34 70,096 --a------ C:\WINDOWS\system\AVICAP.DLL 2007-05-10 21:34 7,168 --a------ C:\WINDOWS\system32\kbdcz.dll 2007-05-10 21:34 69,712 --a------ C:\WINDOWS\system\MMSYSTEM.DLL 2007-05-10 21:34 67,072 --a------ C:\WINDOWS\NOTEPAD.EXE 2007-05-10 21:34 6,656 -ra------ C:\WINDOWS\system32\kbdhela3.dll 2007-05-10 21:34 6,656 --a------ C:\WINDOWS\system32\kbdycl.dll 2007-05-10 21:34 6,656 --a------ C:\WINDOWS\system32\kbdsl1.dll 2007-05-10 21:34 6,656 --a------ C:\WINDOWS\system32\kbdsl.dll 2007-05-10 21:34 6,656 --a------ C:\WINDOWS\system32\kbdhu.dll 2007-05-10 21:34 6,656 --a------ C:\WINDOWS\system32\kbdcz2.dll 2007-05-10 21:34 6,656 --a------ C:\WINDOWS\system32\kbdcz1.dll 2007-05-10 21:34 6,656 --a------ C:\WINDOWS\system32\kbdcr.dll 2007-05-10 21:34 6,656 --a------ C:\WINDOWS\system32\KBDAL.DLL 2007-05-10 21:34 6,656 --a------ C:\WINDOWS\system32\batt.dll 2007-05-10 21:34 6,144 -ra------ C:\WINDOWS\system32\kbdtuq.dll 2007-05-10 21:34 6,144 -ra------ C:\WINDOWS\system32\kbdtuf.dll 2007-05-10 21:34 6,144 -ra------ C:\WINDOWS\system32\kbdlv1.dll 2007-05-10 21:34 6,144 -ra------ C:\WINDOWS\system32\kbdlv.dll 2007-05-10 21:34 6,144 -ra------ C:\WINDOWS\system32\kbdhela2.dll 2007-05-10 21:34 6,144 -ra------ C:\WINDOWS\system32\kbdgkl.dll 2007-05-10 21:34 6,144 -ra------ C:\WINDOWS\system32\kbdest.dll 2007-05-10 21:34 5,632 -ra------ C:\WINDOWS\system32\kbdmon.dll 2007-05-10 21:34 5,632 -ra------ C:\WINDOWS\system32\kbdlt1.dll 2007-05-10 21:34 5,632 -ra------ C:\WINDOWS\system32\kbdlt.dll 2007-05-10 21:34 5,632 -ra------ C:\WINDOWS\system32\kbdkyr.dll 2007-05-10 21:34 5,632 -ra------ C:\WINDOWS\system32\kbdhe319.dll 2007-05-10 21:34 5,632 -ra------ C:\WINDOWS\system32\kbdhe220.dll 2007-05-10 21:34 5,632 -ra------ C:\WINDOWS\system32\kbdhe.dll 2007-05-10 21:34 5,632 -ra------ C:\WINDOWS\system32\kbdazel.dll 2007-05-10 21:34 5,632 --a------ C:\WINDOWS\system32\kbdro.dll 2007-05-10 21:34 5,632 --a------ C:\WINDOWS\system32\kbdhu1.dll 2007-05-10 21:34 5,120 --a------ C:\WINDOWS\system\SHELL.DLL 2007-05-10 21:34 33,376 --a------ C:\WINDOWS\system\COMMDLG.DLL 2007-05-10 21:34 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll 2007-05-10 21:34 24,064 --a------ C:\WINDOWS\system\OLESVR.DLL 2007-05-10 21:34 19,200 --a------ C:\WINDOWS\system\TAPI.DLL 2007-05-10 21:34 176,157 --a------ C:\WINDOWS\system32\dgrpsetu.dll 2007-05-10 21:34 15,360 --a------ C:\WINDOWS\TASKMAN.EXE 2007-05-10 21:34 13,312 --a------ C:\WINDOWS\system32\irclass.dll 2007-05-10 21:34 127,008 --a------ C:\WINDOWS\system\MSVIDEO.DLL 2007-05-10 21:34 109,488 --a------ C:\WINDOWS\system\AVIFILE.DLL 2007-05-10 21:34 103,424 --a------ C:\WINDOWS\system32\EqnClass.Dll 2007-05-10 21:34 10,496 --a------ C:\WINDOWS\system32\drivers\irenum.sys 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:33 2007-05-10 21:23 212,992 --a------ C:\WINDOWS\system32\lxallcnt.dll 2007-05-10 21:19 2007-05-10 21:18 298,496 --a------ C:\WINDOWS\unin0415.exe 2007-05-10 21:18 24,832 --a------ C:\WINDOWS\system32\drivers\usbprint.sys 2007-05-10 21:13 50,007 --a------ C:\WINDOWS\system32\drivers\adildr.sys 2007-05-10 21:13 46,892 --a------ C:\WINDOWS\system32\adadix16.dll 2007-05-10 21:13 4,981 --a------ C:\WINDOWS\system32\adadix2k.dll 2007-05-10 21:13 36,224 --a------ C:\WINDOWS\system32\drivers\isapnp.sys 2007-05-10 21:13 22,395 --a------ C:\WINDOWS\system32\drivers\fpga.bin 2007-05-10 21:13 155,648 --a------ C:\WINDOWS\system32\adadix32.dll 2007-05-10 21:13 143,360 --a------ C:\WINDOWS\autoclk.exe 2007-05-10 21:13 127,456 --a------ C:\WINDOWS\system32\ipdetect.exe 2007-05-10 21:13 127,065 --a------ C:\WINDOWS\system32\drivers\adiusbaw.sys 2007-05-10 21:13 126,976 --a------ C:\WINDOWS\system32\coclassfast.dll 2007-05-10 21:13 114,688 --a------ C:\WINDOWS\system32\unaddrv.exe 2007-05-10 21:13 1,531,904 --a------ C:\WINDOWS\adiras.exe 2007-05-10 21:13 2007-05-10 21:12 2007-05-10 21:12 2007-05-10 21:10 2,916,352 --------- C:\WINDOWS\UNNMP.exe 2007-05-10 21:09 155,648 --a------ C:\WINDOWS\system32\NeroCheck.exe 2007-05-10 21:08 997,888 --a------ C:\WINDOWS\system32\wmvdmoe2.dll 2007-05-10 21:08 981,504 --a------ C:\WINDOWS\system32\wmnetmgr.dll 2007-05-10 21:08 892,416 --a------ C:\WINDOWS\system32\wmspdmoe.dll 2007-05-10 21:08 82,432 --a------ C:\WINDOWS\system32\drmstor.dll 2007-05-10 21:08 816,264 --a------ C:\WINDOWS\system32\wmvdmod.dll 2007-05-10 21:08 81,408 --a------ C:\WINDOWS\system32\logagent.exe 2007-05-10 21:08 760,968 --a------ C:\WINDOWS\system32\wmsdmod.dll 2007-05-10 21:08 678,912 --a------ C:\WINDOWS\system32\drmv2clt.dll 2007-05-10 21:08 670,208 --a------ C:\WINDOWS\system32\wmadmoe.dll 2007-05-10 21:08 6,656 --a------ C:\WINDOWS\system32\laprxy.dll 2007-05-10 21:08 486,536 --a------ C:\WINDOWS\system32\wmspdmod.dll 2007-05-10 21:08 410,248 --a------ C:\WINDOWS\system32\wmadmod.dll 2007-05-10 21:08 384,512 --a------ C:\WINDOWS\system32\mp4sdmod.dll 2007-05-10 21:08 316,040 --a------ C:\WINDOWS\system32\mp43dmod.dll 2007-05-10 21:08 301,712 --a------ C:\WINDOWS\system32\drmclien.dll 2007-05-10 21:08 253,952 --a------ C:\WINDOWS\system32\msnetobj.dll 2007-05-10 21:08 241,664 --a------ C:\WINDOWS\system32\qasf.dll 2007-05-10 21:08 241,664 --a------ C:\WINDOWS\system32\mpg4dmod.dll 2007-05-10 21:08 232,960 --a------ C:\WINDOWS\system32\blackbox.dll 2007-05-10 21:08 218,112 --a------ C:\WINDOWS\system32\wmasf.dll 2007-05-10 21:08 143,360 --a------ C:\WINDOWS\system32\wmidx.dll 2007-05-10 21:08 1,111,040 --a------ C:\WINDOWS\system32\wmsdmoe2.dll 2007-05-10 21:08 2007-05-10 21:07 476,320 --------- C:\WINDOWS\system32\ImagXpr7.dll 2007-05-10 21:07 471,040 --------- C:\WINDOWS\system32\ImagXRA7.dll 2007-05-10 21:07 38,912 --------- C:\WINDOWS\system32\picn20.dll 2007-05-10 21:07 364,544 --------- C:\WINDOWS\system32\TwnLib4.dll 2007-05-10 21:07 262,144 --------- C:\WINDOWS\system32\ImagXR7.dll 2007-05-10 21:07 24,064 --------- C:\WINDOWS\system32\msxml3a.dll 2007-05-10 21:07 2,977,792 --------- C:\WINDOWS\UNNeroVision.exe 2007-05-10 21:07 106,496 --a------ C:\WINDOWS\system32\TwnLib20.dll 2007-05-10 21:07 1,568,768 --------- C:\WINDOWS\system32\ImagX7.dll 2007-05-10 21:07 2007-05-10 21:07 2007-05-10 21:07 2007-05-10 21:05 2007-05-10 21:03 2007-05-10 21:02 98,816 --a------ C:\WINDOWS\system32\dmstyle.dll 2007-05-10 21:02 974,848 --a------ C:\WINDOWS\system32\dxdiag.exe 2007-05-10 21:02 83,968 --a------ C:\WINDOWS\system32\drivers\nabtsfec.sys 2007-05-10 21:02 80,896 --a------ C:\WINDOWS\system32\dpvsetup.exe 2007-05-10 21:02 8,192 --a------ C:\WINDOWS\system32\d3d8thk.dll 2007-05-10 21:02 797,184 --a------ C:\WINDOWS\system32\d3dim700.dll 2007-05-10 21:02 79,360 --a------ C:\WINDOWS\system32\dpwsockx.dll 2007-05-10 21:02 77,824 --a------ C:\WINDOWS\system32\dpmodemx.dll 2007-05-10 21:02 76,800 --a------ C:\WINDOWS\system32\dmscript.dll 2007-05-10 21:02 733,184 --a------ C:\WINDOWS\system32\qedwipes.dll 2007-05-10 21:02 723,968 --a------ C:\WINDOWS\system32\dpnet.dll 2007-05-10 21:02 7,424 --a------ C:\WINDOWS\system32\drivers\mskssrv.sys 2007-05-10 21:02 68,096 --a------ C:\WINDOWS\system32\dpnhupnp.dll 2007-05-10 21:02 667,648 --a------ C:\WINDOWS\system32\dinput8.dll 2007-05-10 21:02 648,704 --a------ C:\WINDOWS\system32\dinput.dll 2007-05-10 21:02 64,512 --a------ C:\WINDOWS\system32\amstream.dll 2007-05-10 21:02 602,624 --a------ C:\WINDOWS\system32\dx7vb.dll 2007-05-10 21:02 58,368 --a------ C:\WINDOWS\system32\dmcompos.dll 2007-05-10 21:02 52,096 --a------ C:\WINDOWS\system32\drivers\msdv.sys 2007-05-10 21:02 5,504 --a------ C:\WINDOWS\system32\drivers\mstee.sys 2007-05-10 21:02 5,248 --a------ C:\WINDOWS\system32\drivers\mspclock.sys 2007-05-10 21:02 491,520 --a------ C:\WINDOWS\system32\dsdmoprp.dll 2007-05-10 21:02 48,512 --a------ C:\WINDOWS\system32\drivers\stream.sys 2007-05-10 21:02 470,528 --a------ C:\WINDOWS\system32\qdvd.dll 2007-05-10 21:02 47,104 --a------ C:\WINDOWS\system32\wstdecod.dll 2007-05-10 21:02 46,592 --a------ C:\WINDOWS\system32\dxdllreg.exe 2007-05-10 21:02 4,608 --a------ C:\WINDOWS\system32\drivers\mspqm.sys 2007-05-10 21:02 4,096 --a------ C:\WINDOWS\system32\ksuser.dll 2007-05-10 21:02 4,096 --a------ C:\WINDOWS\system32\drivers\swenum.sys 2007-05-10 21:02 381,952 --a------ C:\WINDOWS\system32\dsound.dll 2007-05-10 21:02 381,952 --a------ C:\WINDOWS\system32\dpvoice.dll 2007-05-10 21:02 354,816 --a------ C:\WINDOWS\system32\psisdecd.dll 2007-05-10 21:02 34,304 --a------ C:\WINDOWS\system32\mciqtz32.dll 2007-05-10 21:02 33,280 --a------ C:\WINDOWS\system32\dmloader.dll 2007-05-10 21:02 324,096 --a------ C:\WINDOWS\system32\mswebdvd.dll 2007-05-10 21:02 32,768 --a------ C:\WINDOWS\system32\dpnhpast.dll 2007-05-10 21:02 316,928 --a------ C:\WINDOWS\system32\qdv.dll 2007-05-10 21:02 31,744 --a------ C:\WINDOWS\system32\pid.dll 2007-05-10 21:02 3,072 --a------ C:\WINDOWS\system32\dpnlobby.dll 2007-05-10 21:02 3,072 --a------ C:\WINDOWS\system32\dpnaddr.dll 2007-05-10 21:02 292,864 --a------ C:\WINDOWS\system32\ddraw.dll 2007-05-10 21:02 28,160 --a------ C:\WINDOWS\system32\dplaysvr.exe 2007-05-10 21:02 27,136 --a------ C:\WINDOWS\system32\dmband.dll 2007-05-10 21:02 257,024 --a------ C:\WINDOWS\system32\qcap.dll 2007-05-10 21:02 24,064 --a------ C:\WINDOWS\system32\ddrawex.dll 2007-05-10 21:02 230,400 --a------ C:\WINDOWS\system32\dplayx.dll 2007-05-10 21:02 19,968 --a------ C:\WINDOWS\system32\dpvacm.dll 2007-05-10 21:02 186,880 --a------ C:\WINDOWS\system32\dsdmo.dll 2007-05-10 21:02 181,248 --a------ C:\WINDOWS\system32\dmime.dll 2007-05-10 21:02 18,944 --a------ C:\WINDOWS\system32\encapi.dll 2007-05-10 21:02 18,688 --a------ C:\WINDOWS\system32\drivers\wstcodec.sys 2007-05-10 21:02 18,432 --a------ C:\WINDOWS\system32\dswave.dll 2007-05-10 21:02 16,896 --a------ C:\WINDOWS\system32\msyuv.dll 2007-05-10 21:02 16,896 --a------ C:\WINDOWS\system32\dpnsvr.exe 2007-05-10 21:02 16,384 --a------ C:\WINDOWS\system32\drivers\ccdecode.sys 2007-05-10 21:02 15,104 --a------ C:\WINDOWS\system32\drivers\mpe.sys 2007-05-10 21:02 14,976 --a------ C:\WINDOWS\system32\drivers\streamip.sys 2007-05-10 21:02 132,608 --a------ C:\WINDOWS\system32\devenum.dll 2007-05-10 21:02 130,304 --a------ C:\WINDOWS\system32\drivers\ks.sys 2007-05-10 21:02 13,312 --a------ C:\WINDOWS\system32\msdmo.dll 2007-05-10 21:02 122,880 --a------ C:\WINDOWS\system32\dmusic.dll 2007-05-10 21:02 112,128 --a------ C:\WINDOWS\system32\dpvvox.dll 2007-05-10 21:02 11,392 --a------ C:\WINDOWS\system32\drivers\bdasup.sys 2007-05-10 21:02 100,864 --a------ C:\WINDOWS\system32\dmsynth.dll 2007-05-10 21:02 10,880 --a------ C:\WINDOWS\system32\drivers\slip.sys 2007-05-10 21:02 10,496 --a------ C:\WINDOWS\system32\drivers\dxapi.sys 2007-05-10 21:02 10,112 --a------ C:\WINDOWS\system32\drivers\ndisip.sys 2007-05-10 21:02 1,962,496 --a------ C:\WINDOWS\system32\quartz.dll 2007-05-10 21:02 1,798,144 --a------ C:\WINDOWS\system32\qedit.dll 2007-05-10 21:02 1,769,472 --a------ C:\WINDOWS\system32\dxdiagn.dll 2007-05-10 21:02 1,703,936 --a------ C:\WINDOWS\system32\d3d9.dll 2007-05-10 21:02 1,294,336 --a------ C:\WINDOWS\system32\dsound3d.dll 2007-05-10 21:02 1,230,336 --a------ C:\WINDOWS\system32\msvidctl.dll 2007-05-10 21:02 1,201,152 --a------ C:\WINDOWS\system32\d3d8.dll 2007-05-10 21:02 1,189,888 --a------ C:\WINDOWS\system32\dx8vb.dll 2007-05-10 20:58 2007-05-10 20:57 516,096 --------- C:\WINDOWS\system32\ati2sgag.exe 2007-05-10 20:57 294,912 -ra------ C:\WINDOWS\system32\atiiiexx.dll 2007-05-10 20:57 151,552 -ra------ C:\WINDOWS\system32\ATIDEMGR.dll 2007-05-10 20:57 2007-05-10 20:55 23,040 -ra------ C:\WINDOWS\system32\drivers\GVCplDrv.sys 2007-05-10 20:54 655,596 --a------ C:\WINDOWS\system32\drivers\ALCXWDM.SYS 2007-05-10 20:54 57,344 --a------ C:\WINDOWS\system32\drivers\drmk.sys 2007-05-10 20:54 46,592 --a------ C:\WINDOWS\SOUNDMAN.EXE 2007-05-10 20:54 208,896 --------- C:\WINDOWS\alcupd.exe 2007-05-10 20:54 19,072 --a------ C:\WINDOWS\system32\drivers\usbehci.sys 2007-05-10 20:54 135,168 --------- C:\WINDOWS\alcrmv.exe 2007-05-10 20:54 135,040 --a------ C:\WINDOWS\system32\drivers\portcls.sys 2007-05-10 20:54 2007-05-10 20:54 2007-05-10 20:54 2007-05-10 20:54 2007-05-10 20:54 2007-05-10 20:52 306,688 --a------ C:\WINDOWS\IsUninst.exe 2007-05-10 20:52 3,279 --a------ C:\WINDOWS\system32\drivers\VIAPFD.SYS 2007-05-10 20:52 27,904 --a------ C:\WINDOWS\system32\drivers\VIAAGP1.SYS 2007-05-10 20:52 2007-05-10 20:52 2007-05-10 20:51 24,064 --a------ C:\WINDOWS\autoload.exe 2007-05-10 20:50 1,572,864 --ah----- C:\DOCUME~1\menager\NTUSER.DAT 2007-05-10 20:50 2007-05-10 20:50 2007-05-10 20:50 2007-05-10 20:50 2007-05-10 20:50 2007-05-10 20:50 2007-05-10 20:50 2007-05-10 20:50 2007-05-10 20:49 237,568 --ah----- C:\DOCUME~1\NETWOR~1\NTUSER.DAT 2007-05-10 20:49 237,568 --ah----- C:\DOCUME~1\LOCALS~1\NTUSER.DAT 2007-05-10 20:49 2007-05-10 20:49 2007-05-10 20:49 2007-05-10 20:49 2007-05-10 20:49 2007-05-10 20:49 2007-05-10 20:45 237,568 —h----- C:\DOCUME~1\DEFAUL~1\NTUSER.DAT 2007-05-10 20:45 112,128 --a------ C:\WINDOWS\system32\mapi32.dll 2007-05-10 20:45 0 -rahs---- C:\MSDOS.SYS 2007-05-10 20:45 0 -rahs---- C:\IO.SYS 2007-05-10 20:45 0 --a------ C:\CONFIG.SYS 2007-05-10 20:45 0 --a------ C:\AUTOEXEC.BAT 2007-05-10 20:45 2007-05-10 20:45 2007-05-10 20:44 2007-05-10 20:43 360,448 --a------ C:\WINDOWS\system32\qmgr.dll 2007-05-10 20:43 2007-05-10 20:43 2007-05-10 20:43 2007-05-10 20:43 2007-05-10 20:43 2007-05-10 20:42 90,624 --a------ C:\WINDOWS\system32\msoert2.dll 2007-05-10 20:42 9,728 --a------ C:\WINDOWS\system32\mstinit.exe 2007-05-10 20:42 81,920 --a------ C:\WINDOWS\system32\isign32.dll 2007-05-10 20:42 73,728 --a------ C:\WINDOWS\system32\ils.dll 2007-05-10 20:42 70,400 --a------ C:\WINDOWS\system32\drivers\sr.sys 2007-05-10 20:42 69,632 --a------ C:\WINDOWS\system32\icwdial.dll 2007-05-10 20:42 67,584 --a------ C:\WINDOWS\system32\acctres.dll 2007-05-10 20:42 65,536 --a------ C:\WINDOWS\system32\msconf.dll 2007-05-10 20:42 61,952 --a------ C:\WINDOWS\system32\srclient.dll 2007-05-10 20:42 61,440 --a------ C:\WINDOWS\system32\icwphbk.dll 2007-05-10 20:42 593,920 --a------ C:\WINDOWS\system32\inetcomm.dll 2007-05-10 20:42 49,152 --a------ C:\WINDOWS\system32\inetres.dll 2007-05-10 20:42 40,960 --a------ C:\WINDOWS\system32\safrslv.dll 2007-05-10 20:42 39,424 --a------ C:\WINDOWS\system32\safrcdlg.dll 2007-05-10 20:42 33,792 --a------ C:\WINDOWS\system32\racpldlg.dll 2007-05-10 20:42 32,768 --a------ C:\WINDOWS\system32\mnmsrvc.exe 2007-05-10 20:42 32,384 --a------ C:\WINDOWS\system32\mnmdd.dll 2007-05-10 20:42 28,672 --a------ C:\WINDOWS\system32\isrdbg32.dll 2007-05-10 20:42 270,336 --a------ C:\WINDOWS\system32\inetcfg.dll 2007-05-10 20:42 26,624 --a------ C:\WINDOWS\system32\safrdm.dll 2007-05-10 20:42 253,440 --a------ C:\WINDOWS\system32\mstask.dll 2007-05-10 20:42 24,576 --a------ C:\WINDOWS\system32\nmmkcert.dll 2007-05-10 20:42 228,864 --a------ C:\WINDOWS\system32\msoeacct.dll 2007-05-10 20:42 219,136 --a------ C:\WINDOWS\system32\srrstr.dll 2007-05-10 20:42 16,384 --a------ C:\WINDOWS\system32\icfgnt5.dll 2007-05-10 20:42 159,744 --a------ C:\WINDOWS\system32\schedsvc.dll 2007-05-10 20:42 155,648 --a------ C:\WINDOWS\system32\srsvc.dll 2007-05-10 20:42 12,288 --a------ C:\WINDOWS\system32\nmevtmsg.dll 2007-05-10 20:42 11,264 --a------ C:\WINDOWS\system32\atrace.dll 2007-05-10 20:42 2007-05-10 20:42 2007-05-10 20:42 2007-05-10 20:42 2007-05-10 20:42 2007-05-10 20:41 21,856 --a------ C:\WINDOWS\system32\emptyregdb.dat 2007-05-10 20:41 2007-05-10 20:41 2007-05-10 20:41 2007-05-10 20:40 99,328 --a------ C:\WINDOWS\system32\clipbrd.exe 2007-05-10 20:40 9,728 --a------ C:\WINDOWS\system32\xolehlp.dll 2007-05-10 20:40 9,728 --a------ C:\WINDOWS\system32\reset.exe 2007-05-10 20:40 89,600 --a------ C:\WINDOWS\system32\tscfgwmi.dll 2007-05-10 20:40 869,376 --a------ C:\WINDOWS\system32\msdtctm.dll 2007-05-10 20:40 85,504 --a------ C:\WINDOWS\system32\catsrvps.dll 2007-05-10 20:40 83,968 --a------ C:\WINDOWS\system32\mtxoci.dll 2007-05-10 20:40 82,432 --a------ C:\WINDOWS\system32\comrepl.dll 2007-05-10 20:40 80,896 --a------ C:\WINDOWS\system32\charmap.exe 2007-05-10 20:40 8,704 --a------ C:\WINDOWS\system32\icaapi.dll 2007-05-10 20:40 73,864 --a------ C:\WINDOWS\system32\rdpwsx.dll 2007-05-10 20:40 73,216 --a------ C:\WINDOWS\system32\avwav.dll 2007-05-10 20:40 61,952 --a------ C:\WINDOWS\system32\rdshost.exe 2007-05-10 20:40 605,696 --a------ C:\WINDOWS\system32\getuname.dll 2007-05-10 20:40 6,144 --a------ C:\WINDOWS\system32\msdtc.exe 2007-05-10 20:40 583,168 --a------ C:\WINDOWS\system32\catsrvut.dll 2007-05-10 20:40 57,344 --a------ C:\WINDOWS\system32\sol.exe 2007-05-10 20:40 57,344 --a------ C:\WINDOWS\system32\licwmi.dll 2007-05-10 20:40 56,832 --a------ C:\WINDOWS\system32\remotepg.dll 2007-05-10 20:40 56,832 --a------ C:\WINDOWS\system32\colbact.dll 2007-05-10 20:40 55,808 --a------ C:\WINDOWS\system32\freecell.exe 2007-05-10 20:40 54,784 --a------ C:\WINDOWS\system32\msdtclog.dll 2007-05-10 20:40 54,272 --a------ C:\WINDOWS\system32\stclient.dll 2007-05-10 20:40 534,016 --a------ C:\WINDOWS\system32\spider.exe 2007-05-10 20:40 53,248 --a------ C:\WINDOWS\system32\servdeps.dll 2007-05-10 20:40 503,296 --a------ C:\WINDOWS\system32\mstscax.dll 2007-05-10 20:40 5,632 --a------ C:\WINDOWS\system32\write.exe 2007-05-10 20:40 5,120 --a------ C:\WINDOWS\system32\dcomcnfg.exe 2007-05-10 20:40 495,616 --a------ C:\WINDOWS\system32\comuid.dll 2007-05-10 20:40 494,592 --a------ C:\WINDOWS\system32\hypertrm.dll 2007-05-10 20:40 468,480 --a------ C:\WINDOWS\system32\clbcatq.dll 2007-05-10 20:40 44,544 --a------ C:\WINDOWS\system32\hticons.dll 2007-05-10 20:40 41,984 --a------ C:\WINDOWS\system32\rdpclip.exe 2007-05-10 20:40 40,448 --a------ C:\WINDOWS\system32\tscupgrd.exe 2007-05-10 20:40 4,608 --a------ C:\WINDOWS\system32\rdpcfgex.dll 2007-05-10 20:40 4,096 --a------ C:\WINDOWS\system32\wuauserv.dll 2007-05-10 20:40 4,096 --a------ C:\WINDOWS\system32\mtxex.dll 2007-05-10 20:40 387,072 --a------ C:\WINDOWS\system32\mstsc.exe 2007-05-10 20:40 37,896 --a------ C:\WINDOWS\system32\drivers\termdd.sys 2007-05-10 20:40 360,960 --a------ C:\WINDOWS\system32\msdtcprx.dll 2007-05-10 20:40 35,328 --a------ C:\WINDOWS\system32\winchat.exe 2007-05-10 20:40 342,016 --a------ C:\WINDOWS\system32\mspaint.exe 2007-05-10 20:40 33,792 --a------ C:\WINDOWS\system32\regini.exe 2007-05-10 20:40 32,768 --a------ C:\WINDOWS\system32\cfgbkend.dll 2007-05-10 20:40 25,600 --a------ C:\WINDOWS\system32\comaddin.dll 2007-05-10 20:40 25,088 --a------ C:\WINDOWS\system32\mtxlegih.dll 2007-05-10 20:40 231,424 --a------ C:\WINDOWS\system32\avtapi.dll 2007-05-10 20:40 22,528 --a------ C:\WINDOWS\system32\qwinsta.exe 2007-05-10 20:40 22,528 --a------ C:\WINDOWS\system32\msg.exe 2007-05-10 20:40 215,040 --a------ C:\WINDOWS\system32\catsrv.dll 2007-05-10 20:40 20,480 --a------ C:\WINDOWS\system32\mtxdm.dll 2007-05-10 20:40 20,232 --a------ C:\WINDOWS\system32\drivers\tdtcp.sys 2007-05-10 20:40 198,656 --a------ C:\WINDOWS\system32\termsrv.dll 2007-05-10 20:40 19,456 --a------ C:\WINDOWS\system32\qprocess.exe 2007-05-10 20:40 183,296 --a------ C:\WINDOWS\system32\accwiz.exe 2007-05-10 20:40 181,632 --a------ C:\WINDOWS\system32\drivers\rdpdr.sys 2007-05-10 20:40 177,152 --a------ C:\WINDOWS\system32\cmprops.dll 2007-05-10 20:40 17,920 --a------ C:\WINDOWS\system32\tsshutdn.exe 2007-05-10 20:40 17,408 --a------ C:\WINDOWS\system32\qappsrv.exe 2007-05-10 20:40 16,896 --a------ C:\WINDOWS\system32\mmfutil.dll 2007-05-10 20:40 16,384 --a------ C:\WINDOWS\system32\tskill.exe 2007-05-10 20:40 16,384 --a------ C:\WINDOWS\system32\rwinsta.exe 2007-05-10 20:40 16,384 --a------ C:\WINDOWS\system32\avmeter.dll 2007-05-10 20:40 151,040 --a------ C:\WINDOWS\system32\msdtcuiu.dll 2007-05-10 20:40 15,872 --a------ C:\WINDOWS\system32\logoff.exe 2007-05-10 20:40 15,872 --a------ C:\WINDOWS\system32\cdmodem.dll 2007-05-10 20:40 15,360 --a------ C:\WINDOWS\system32\tsdiscon.exe 2007-05-10 20:40 15,360 --a------ C:\WINDOWS\system32\tscon.exe 2007-05-10 20:40 15,360 --a------ C:\WINDOWS\system32\shadow.exe 2007-05-10 20:40 147,456 --a------ C:\WINDOWS\system32\comsnap.dll 2007-05-10 20:40 14,848 --a------ C:\WINDOWS\system32\rdpsnd.dll 2007-05-10 20:40 139,264 --a------ C:\WINDOWS\system32\sndvol32.exe 2007-05-10 20:40 134,656 --a------ C:\WINDOWS\system32\rdchost.dll 2007-05-10 20:40 131,072 --a------ C:\WINDOWS\system32\sessmgr.exe 2007-05-10 20:40 128,000 --a------ C:\WINDOWS\system32\mshearts.exe 2007-05-10 20:40 125,440 --a------ C:\WINDOWS\system32\sndrec32.exe 2007-05-10 20:40 125,208 --a------ C:\WINDOWS\system32\wuauclt.exe 2007-05-10 20:40 12,288 --a------ C:\WINDOWS\system32\rdsaddin.exe 2007-05-10 20:40 119,808 --a------ C:\WINDOWS\system32\winmine.exe 2007-05-10 20:40 118,272 --a------ C:\WINDOWS\system32\mplay32.exe 2007-05-10 20:40 115,200 --a------ C:\WINDOWS\system32\calc.exe 2007-05-10 20:40 11,144 --a------ C:\WINDOWS\system32\drivers\tdpipe.sys 2007-05-10 20:40 107,912 --a------ C:\WINDOWS\system32\drivers\rdpwd.sys 2007-05-10 20:40 100,864 --a------ C:\WINDOWS\system32\clbcatex.dll 2007-05-10 20:40 1,343,768 --a------ C:\WINDOWS\system32\wuaueng.dll 2007-05-10 20:40 1,225 --a------ C:\WINDOWS\system32\usrlogon.cmd 2007-05-10 20:40 1,139,200 --a------ C:\WINDOWS\system32\comsvcs.dll 2007-05-10 20:40 2007-05-10 20:40 2007-05-10 20:40 2007-05-10 20:40 2007-05-10 20:40 (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-05-11 17:05:57 163,644 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys 2007-05-10 19:19:05 67,298 ----a-w C:\WINDOWS\system32\perfc015.dat 2007-05-10 19:19:05 436,322 ----a-w C:\WINDOWS\system32\perfh015.dat 2007-05-10 18:43:33 -------- d-----w C:\Program Files\Usługi online 2007-04-09 12:27:07 31,548 ----a-w C:\WINDOWS\system32\drivers\scdemu.sys (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] “NeroFilterCheck”=“C:\WINDOWS\system32\NeroCheck.exe” “avgnt”="“C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe” /min" “iaylupdw”=“C:\xnqgblvw.bat” [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “NeroFilterCheck”=“C:\WINDOWS\system32\NeroCheck.exe” [2001-07-09 10:50] “avgnt”=“C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe” [2007-04-02 10:35] “iaylupdw”=“C:\xnqgblvw.bat” [2007-05-14 07:35] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “CTFMON.EXE”=“C:\WINDOWS\System32\ctfmon.exe” [2001-10-26 19:29] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] “CTFMON.EXE”=“C:\WINDOWS\System32\ctfmon.exe” [HKEY_USERS.default\software\microsoft\windows\currentversion\run] @="" “ATICCC”="“C:\Program Files\ATI Technologies\ATI.ACE\cli.exe” runtime" “Network Security”=“C:\WINDOWS\System32\NSecurity.exe” HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa Authentication Packages msv1_0\0\0 Security Packages kerberos\0msv1_0\0schannel\0wdigest\0\0 Notification Packages scecli\0\0 HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\c:^documents and settings^all users^menu start^programy^autostart^ati catalyst system tray.lnk C:\PROGRA~1\ATITEC~1\ATI.ACE\CLI.exe SystemTray HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\c:^documents and settings^all users^menu start^programy^autostart^microsoft office.lnk E:\MICROS~1\Office\OSA9.EXE -b -l HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\aticcc “C:\Program Files\ATI Technologies\ATI.ACE\cli.exe” runtime HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\atipta C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxsupmon C:\WINDOWS\System32\LXSUPMON.EXE RUN HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\soundman SOUNDMAN.EXE [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost] LocalService Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0 NetworkService DnsCache\0\0 rpcss RpcSs\0\0 imgsvc StiSvc\0\0 termsvcs TermService\0\0 HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost ******************************************************************** catchme 0.3.660 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-05-14 07:56:06 Windows 5.1.2600 NTFS scanning hidden processes … scanning hidden services … scanning hidden autostart entries … scanning hidden files … scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 ******************************************************************** Completion time: 2007-05-14 7:56:11 C:\ComboFix-quarantined-files.txt … 2007-05-14 07:56

i jeszcze hijackthis

Logfile of HijackThis v1.99.1 Scan saved at 07:58:50, on 2007-05-14 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\System32\svchost.exe E:\Opera\Opera.exe C:\WINDOWS\System32\wuauclt.exe C:\WINDOWS\explorer.exe C:\DOCUME~1\menager\USTAWI~1\Temp\Rar$EX00.585\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotinfolink.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM…\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM…\Run: [avgnt] “C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe” /min O4 - HKLM…\Run: [iaylupdw] C:\xnqgblvw.bat O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O17 - HKLM\System\CCS\Services\Tcpip…{F4AF2E8D-1210-4C2A-899E-C4D2A80CB379}: NameServer = 194.204.152.34 217.98.63.164 O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe

Złączono Posta : 14.05.2007 (Pon) 14:03

i jest jeszcze jedna sprawa…

mianowicie:mam internet z neostrady, i nie łącze się przez aplikacje z płyty tylko przez start i połącz z…

gdy po starcie windowsa najeżdzam na połącz z komp sie zawiesza na 2-3 minutu i nie da sie nic zrobić…

jest na to metoda

Gutek · 14 Maj 2007 13:31

zrób to jeszcze raz i wklej wynik z Avengera

mister12_1994 · 14 Maj 2007 14:23

jak mam to zrobić??

Gutek · 14 Maj 2007 14:31

Wklej log z Avenger.txt. - lokalizacja

mister12_1994 · 14 Maj 2007 15:58

mam dwa…

to pierwszy:

a to drugi:

////////////////////////////////////////// Avenger Pre-Processor log ////////////////////////////////////////// Syntax error in line — does not appear to be a valid registry path. Line will be ignored. Error code: 0 Line: HKCU\software\microsoft\windows\currentversion\run" | “6435748 Syntax error in line — does not appear to be a valid registry path. Line will be ignored. Error code: 0 Line: HKCU\software\microsoft\windows\currentversion\runservices” | "6435748 ////////////////////////////////////////// Logfile of The Avenger version 1, by Swandog46 Running from registry key: \Registry\Machine\System\CurrentControlSet\Services\uwvlvdsp ******************* Script file located at: ??\C:\Program Files\siijxutc.txt Script file opened successfully. Script file read successfully Backups directory opened successfully at C:\Avenger ******************* Beginning to process script file: File C:\WINDOWS\system32\ftpupd.exe deleted successfully. File C:\WINDOWS\system32\acdde_g.dll deleted successfully. File C:\WINDOWS\system32\winupdates.exe deleted successfully. Folder C:\WINDOWS\pss deleted successfully. Could not delete registry value HKLM\software\microsoft\windows\currentversion\run|6435748 Deletion of registry value HKLM\software\microsoft\windows\currentversion\run|6435748 failed! Status: 0xc0000034 Could not delete registry value HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|6435748 Deletion of registry value HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|6435748 failed! Status: 0xc0000034 Completed script processing. ******************* Finished! Terminate.

Gutek · 14 Maj 2007 16:01

A daj log z como jeszcze raz wygeneruj teraz

mister12_1994 · 14 Maj 2007 17:01

ComboFix 07-05.13.V - Running from: “C:\Documents and Settings\menager\Pulpit” ((((((((((((((((((((((((((((((( Files Created from 2007-04-05 to 2007-05-14 )))))))))))))))))))))))))))))))))) 2007-05-14 16:22 60,416 --a------ C:\WINDOWS\system32\drivers\rsjevbew.sys 2007-05-14 16:22 126,976 --a------ C:\zip.exe 2007-05-14 16:22 1,080 --a------ C:\hjtqebsp.bat 2007-05-14 14:00 0 --a------ C:\WINDOWS\system32\winupdates.exe 2007-05-14 13:58 2007-05-13 17:02 2007-05-13 15:41 524,288 --ah----- C:\DOCUME~1\ADMINI~1\NTUSER.DAT 2007-05-13 15:41 2007-05-13 15:41 2007-05-13 15:41 2007-05-13 15:41 2007-05-13 15:41 2007-05-13 15:41 2007-05-13 15:41 2007-05-13 14:08 49,152 --a------ C:\WINDOWS\nircmd.exe 2007-05-13 13:38 2007-05-13 11:15 7,680 --------- C:\WINDOWS\system32\bitsprx2.dll 2007-05-13 11:15 7,168 --------- C:\WINDOWS\system32\bitsprx3.dll 2007-05-13 11:15 331,776 --a------ C:\WINDOWS\system32\winhttp.dll 2007-05-13 11:15 17,408 --a------ C:\WINDOWS\system32\qmgrprxy.dll 2007-05-13 11:12 2007-05-13 11:09 466,200 --a------ C:\WINDOWS\system32\wuapi.dll 2007-05-13 11:09 41,240 --a------ C:\WINDOWS\system32\wups.dll 2007-05-13 11:09 195,352 --a------ C:\WINDOWS\system32\wuaueng1.dll 2007-05-13 11:09 175,384 --a------ C:\WINDOWS\system32\wuauclt1.exe 2007-05-13 11:09 173,536 --a------ C:\WINDOWS\system32\wuweb.dll 2007-05-13 11:09 128,280 --a------ C:\WINDOWS\system32\wucltui.dll 2007-05-13 11:09 2007-05-13 11:07 2007-05-11 20:41 2007-05-11 14:48 98,304 --a------ C:\WINDOWS\system32\CmdLineExt.dll 2007-05-11 14:46 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll 2007-05-11 14:15 2007-05-11 14:12 2007-05-11 14:04 682,232 --a------ C:\WINDOWS\system32\drivers\sptd.sys 2007-05-11 13:48 2007-05-11 13:46 2007-05-11 13:43 8,192 --a------ C:\WINDOWS\system32\tsbyuv.dll 2007-05-11 13:43 50,688 --a------ C:\WINDOWS\system32\vfwwdm32.dll 2007-05-11 13:43 144,768 -ra------ C:\WINDOWS\system32\drivers\PA707UCM.SYS 2007-05-11 13:42 45,568 --a------ C:\WINDOWS\system32\iyuv_32.dll 2007-05-11 13:41 2007-05-11 13:41 2007-05-11 13:39 2007-05-11 13:19 2007-05-11 11:32 53,248 --a------ C:\WINDOWS\system32\PAStiSvc.exe 2007-05-11 11:32 198,424 --a------ C:\WINDOWS\system32\iuengine.dll 2007-05-11 11:31 2007-05-11 11:18 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 22:28 2007-05-10 21:39 43,584 --a------ C:\WINDOWS\system32\drivers\avipbb.sys 2007-05-10 21:39 28,352 --a------ C:\WINDOWS\system32\drivers\ssmdrv.sys 2007-05-10 21:39 2007-05-10 21:37 79,616 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys 2007-05-10 21:37 57,472 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys 2007-05-10 21:37 54,272 --a------ C:\WINDOWS\system32\drivers\swmidi.sys 2007-05-10 21:37 50,048 --a------ C:\WINDOWS\system32\drivers\DMusic.sys 2007-05-10 21:37 5,632 --a------ C:\WINDOWS\system32\drivers\splitter.sys 2007-05-10 21:37 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys 2007-05-10 21:37 2,816 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys 2007-05-10 21:37 159,232 --a------ C:\WINDOWS\system32\drivers\kmixer.sys 2007-05-10 21:37 122,472 --a------ C:\WINDOWS\system32\drivers\aec.sys 2007-05-10 21:36 9,728 --a------ C:\WINDOWS\system32\drivers\gameenum.sys 2007-05-10 21:36 70,144 --a------ C:\WINDOWS\system32\usbui.dll 2007-05-10 21:36 57,088 --a------ C:\WINDOWS\system32\drivers\redbook.sys 2007-05-10 21:36 27,392 --a------ C:\WINDOWS\system32\drivers\VIAAGP.SYS 2007-05-10 21:36 2,944 --a------ C:\WINDOWS\system32\drivers\msmpu401.sys 2007-05-10 21:34 9,936 --a------ C:\WINDOWS\system\LZEXPAND.DLL 2007-05-10 21:34 9,168 --a------ C:\WINDOWS\system\VER.DLL 2007-05-10 21:34 85,532 --a------ C:\WINDOWS\system32\dgsetup.dll 2007-05-10 21:34 83,456 --a------ C:\WINDOWS\system\OLECLI.DLL 2007-05-10 21:34 8,192 -ra------ C:\WINDOWS\system32\kbdhept.dll 2007-05-10 21:34 71,680 --a------ C:\WINDOWS\system32\storprop.dll 2007-05-10 21:34 70,096 --a------ C:\WINDOWS\system\AVICAP.DLL 2007-05-10 21:34 7,168 --a------ C:\WINDOWS\system32\kbdcz.dll 2007-05-10 21:34 69,712 --a------ C:\WINDOWS\system\MMSYSTEM.DLL 2007-05-10 21:34 67,072 --a------ C:\WINDOWS\NOTEPAD.EXE 2007-05-10 21:34 6,656 -ra------ C:\WINDOWS\system32\kbdhela3.dll 2007-05-10 21:34 6,656 --a------ C:\WINDOWS\system32\kbdycl.dll 2007-05-10 21:34 6,656 --a------ C:\WINDOWS\system32\kbdsl1.dll 2007-05-10 21:34 6,656 --a------ C:\WINDOWS\system32\kbdsl.dll 2007-05-10 21:34 6,656 --a------ C:\WINDOWS\system32\kbdhu.dll 2007-05-10 21:34 6,656 --a------ C:\WINDOWS\system32\kbdcz2.dll 2007-05-10 21:34 6,656 --a------ C:\WINDOWS\system32\kbdcz1.dll 2007-05-10 21:34 6,656 --a------ C:\WINDOWS\system32\kbdcr.dll 2007-05-10 21:34 6,656 --a------ C:\WINDOWS\system32\KBDAL.DLL 2007-05-10 21:34 6,656 --a------ C:\WINDOWS\system32\batt.dll 2007-05-10 21:34 6,144 -ra------ C:\WINDOWS\system32\kbdtuq.dll 2007-05-10 21:34 6,144 -ra------ C:\WINDOWS\system32\kbdtuf.dll 2007-05-10 21:34 6,144 -ra------ C:\WINDOWS\system32\kbdlv1.dll 2007-05-10 21:34 6,144 -ra------ C:\WINDOWS\system32\kbdlv.dll 2007-05-10 21:34 6,144 -ra------ C:\WINDOWS\system32\kbdhela2.dll 2007-05-10 21:34 6,144 -ra------ C:\WINDOWS\system32\kbdgkl.dll 2007-05-10 21:34 6,144 -ra------ C:\WINDOWS\system32\kbdest.dll 2007-05-10 21:34 5,632 -ra------ C:\WINDOWS\system32\kbdmon.dll 2007-05-10 21:34 5,632 -ra------ C:\WINDOWS\system32\kbdlt1.dll 2007-05-10 21:34 5,632 -ra------ C:\WINDOWS\system32\kbdlt.dll 2007-05-10 21:34 5,632 -ra------ C:\WINDOWS\system32\kbdkyr.dll 2007-05-10 21:34 5,632 -ra------ C:\WINDOWS\system32\kbdhe319.dll 2007-05-10 21:34 5,632 -ra------ C:\WINDOWS\system32\kbdhe220.dll 2007-05-10 21:34 5,632 -ra------ C:\WINDOWS\system32\kbdhe.dll 2007-05-10 21:34 5,632 -ra------ C:\WINDOWS\system32\kbdazel.dll 2007-05-10 21:34 5,632 --a------ C:\WINDOWS\system32\kbdro.dll 2007-05-10 21:34 5,632 --a------ C:\WINDOWS\system32\kbdhu1.dll 2007-05-10 21:34 5,120 --a------ C:\WINDOWS\system\SHELL.DLL 2007-05-10 21:34 33,376 --a------ C:\WINDOWS\system\COMMDLG.DLL 2007-05-10 21:34 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll 2007-05-10 21:34 24,064 --a------ C:\WINDOWS\system\OLESVR.DLL 2007-05-10 21:34 19,200 --a------ C:\WINDOWS\system\TAPI.DLL 2007-05-10 21:34 176,157 --a------ C:\WINDOWS\system32\dgrpsetu.dll 2007-05-10 21:34 15,360 --a------ C:\WINDOWS\TASKMAN.EXE 2007-05-10 21:34 13,312 --a------ C:\WINDOWS\system32\irclass.dll 2007-05-10 21:34 127,008 --a------ C:\WINDOWS\system\MSVIDEO.DLL 2007-05-10 21:34 109,488 --a------ C:\WINDOWS\system\AVIFILE.DLL 2007-05-10 21:34 103,424 --a------ C:\WINDOWS\system32\EqnClass.Dll 2007-05-10 21:34 10,496 --a------ C:\WINDOWS\system32\drivers\irenum.sys 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:34 2007-05-10 21:33 2007-05-10 21:23 212,992 --a------ C:\WINDOWS\system32\lxallcnt.dll 2007-05-10 21:19 2007-05-10 21:18 298,496 --a------ C:\WINDOWS\unin0415.exe 2007-05-10 21:18 24,832 --a------ C:\WINDOWS\system32\drivers\usbprint.sys 2007-05-10 21:13 50,007 --a------ C:\WINDOWS\system32\drivers\adildr.sys 2007-05-10 21:13 46,892 --a------ C:\WINDOWS\system32\adadix16.dll 2007-05-10 21:13 4,981 --a------ C:\WINDOWS\system32\adadix2k.dll 2007-05-10 21:13 36,224 --a------ C:\WINDOWS\system32\drivers\isapnp.sys 2007-05-10 21:13 22,395 --a------ C:\WINDOWS\system32\drivers\fpga.bin 2007-05-10 21:13 155,648 --a------ C:\WINDOWS\system32\adadix32.dll 2007-05-10 21:13 143,360 --a------ C:\WINDOWS\autoclk.exe 2007-05-10 21:13 127,456 --a------ C:\WINDOWS\system32\ipdetect.exe 2007-05-10 21:13 127,065 --a------ C:\WINDOWS\system32\drivers\adiusbaw.sys 2007-05-10 21:13 126,976 --a------ C:\WINDOWS\system32\coclassfast.dll 2007-05-10 21:13 114,688 --a------ C:\WINDOWS\system32\unaddrv.exe 2007-05-10 21:13 1,531,904 --a------ C:\WINDOWS\adiras.exe 2007-05-10 21:13 2007-05-10 21:12 2007-05-10 21:12 2007-05-10 21:10 2,916,352 --------- C:\WINDOWS\UNNMP.exe 2007-05-10 21:09 155,648 --a------ C:\WINDOWS\system32\NeroCheck.exe 2007-05-10 21:08 997,888 --a------ C:\WINDOWS\system32\wmvdmoe2.dll 2007-05-10 21:08 981,504 --a------ C:\WINDOWS\system32\wmnetmgr.dll 2007-05-10 21:08 892,416 --a------ C:\WINDOWS\system32\wmspdmoe.dll 2007-05-10 21:08 82,432 --a------ C:\WINDOWS\system32\drmstor.dll 2007-05-10 21:08 816,264 --a------ C:\WINDOWS\system32\wmvdmod.dll 2007-05-10 21:08 81,408 --a------ C:\WINDOWS\system32\logagent.exe 2007-05-10 21:08 760,968 --a------ C:\WINDOWS\system32\wmsdmod.dll 2007-05-10 21:08 678,912 --a------ C:\WINDOWS\system32\drmv2clt.dll 2007-05-10 21:08 670,208 --a------ C:\WINDOWS\system32\wmadmoe.dll 2007-05-10 21:08 6,656 --a------ C:\WINDOWS\system32\laprxy.dll 2007-05-10 21:08 486,536 --a------ C:\WINDOWS\system32\wmspdmod.dll 2007-05-10 21:08 410,248 --a------ C:\WINDOWS\system32\wmadmod.dll 2007-05-10 21:08 384,512 --a------ C:\WINDOWS\system32\mp4sdmod.dll 2007-05-10 21:08 316,040 --a------ C:\WINDOWS\system32\mp43dmod.dll 2007-05-10 21:08 301,712 --a------ C:\WINDOWS\system32\drmclien.dll 2007-05-10 21:08 253,952 --a------ C:\WINDOWS\system32\msnetobj.dll 2007-05-10 21:08 241,664 --a------ C:\WINDOWS\system32\qasf.dll 2007-05-10 21:08 241,664 --a------ C:\WINDOWS\system32\mpg4dmod.dll 2007-05-10 21:08 232,960 --a------ C:\WINDOWS\system32\blackbox.dll 2007-05-10 21:08 218,112 --a------ C:\WINDOWS\system32\wmasf.dll 2007-05-10 21:08 143,360 --a------ C:\WINDOWS\system32\wmidx.dll 2007-05-10 21:08 1,111,040 --a------ C:\WINDOWS\system32\wmsdmoe2.dll 2007-05-10 21:08 2007-05-10 21:07 476,320 --------- C:\WINDOWS\system32\ImagXpr7.dll 2007-05-10 21:07 471,040 --------- C:\WINDOWS\system32\ImagXRA7.dll 2007-05-10 21:07 38,912 --------- C:\WINDOWS\system32\picn20.dll 2007-05-10 21:07 364,544 --------- C:\WINDOWS\system32\TwnLib4.dll 2007-05-10 21:07 262,144 --------- C:\WINDOWS\system32\ImagXR7.dll 2007-05-10 21:07 24,064 --------- C:\WINDOWS\system32\msxml3a.dll 2007-05-10 21:07 2,977,792 --------- C:\WINDOWS\UNNeroVision.exe 2007-05-10 21:07 106,496 --a------ C:\WINDOWS\system32\TwnLib20.dll 2007-05-10 21:07 1,568,768 --------- C:\WINDOWS\system32\ImagX7.dll 2007-05-10 21:07 2007-05-10 21:07 2007-05-10 21:07 2007-05-10 21:05 2007-05-10 21:03 2007-05-10 21:02 98,816 --a------ C:\WINDOWS\system32\dmstyle.dll 2007-05-10 21:02 974,848 --a------ C:\WINDOWS\system32\dxdiag.exe 2007-05-10 21:02 83,968 --a------ C:\WINDOWS\system32\drivers\nabtsfec.sys 2007-05-10 21:02 80,896 --a------ C:\WINDOWS\system32\dpvsetup.exe 2007-05-10 21:02 8,192 --a------ C:\WINDOWS\system32\d3d8thk.dll 2007-05-10 21:02 797,184 --a------ C:\WINDOWS\system32\d3dim700.dll 2007-05-10 21:02 79,360 --a------ C:\WINDOWS\system32\dpwsockx.dll 2007-05-10 21:02 77,824 --a------ C:\WINDOWS\system32\dpmodemx.dll 2007-05-10 21:02 76,800 --a------ C:\WINDOWS\system32\dmscript.dll 2007-05-10 21:02 733,184 --a------ C:\WINDOWS\system32\qedwipes.dll 2007-05-10 21:02 723,968 --a------ C:\WINDOWS\system32\dpnet.dll 2007-05-10 21:02 7,424 --a------ C:\WINDOWS\system32\drivers\mskssrv.sys 2007-05-10 21:02 68,096 --a------ C:\WINDOWS\system32\dpnhupnp.dll 2007-05-10 21:02 667,648 --a------ C:\WINDOWS\system32\dinput8.dll 2007-05-10 21:02 648,704 --a------ C:\WINDOWS\system32\dinput.dll 2007-05-10 21:02 64,512 --a------ C:\WINDOWS\system32\amstream.dll 2007-05-10 21:02 602,624 --a------ C:\WINDOWS\system32\dx7vb.dll 2007-05-10 21:02 58,368 --a------ C:\WINDOWS\system32\dmcompos.dll 2007-05-10 21:02 52,096 --a------ C:\WINDOWS\system32\drivers\msdv.sys 2007-05-10 21:02 5,504 --a------ C:\WINDOWS\system32\drivers\mstee.sys 2007-05-10 21:02 5,248 --a------ C:\WINDOWS\system32\drivers\mspclock.sys 2007-05-10 21:02 491,520 --a------ C:\WINDOWS\system32\dsdmoprp.dll 2007-05-10 21:02 48,512 --a------ C:\WINDOWS\system32\drivers\stream.sys 2007-05-10 21:02 470,528 --a------ C:\WINDOWS\system32\qdvd.dll 2007-05-10 21:02 47,104 --a------ C:\WINDOWS\system32\wstdecod.dll 2007-05-10 21:02 46,592 --a------ C:\WINDOWS\system32\dxdllreg.exe 2007-05-10 21:02 4,608 --a------ C:\WINDOWS\system32\drivers\mspqm.sys 2007-05-10 21:02 4,096 --a------ C:\WINDOWS\system32\ksuser.dll 2007-05-10 21:02 4,096 --a------ C:\WINDOWS\system32\drivers\swenum.sys 2007-05-10 21:02 381,952 --a------ C:\WINDOWS\system32\dsound.dll 2007-05-10 21:02 381,952 --a------ C:\WINDOWS\system32\dpvoice.dll 2007-05-10 21:02 354,816 --a------ C:\WINDOWS\system32\psisdecd.dll 2007-05-10 21:02 34,304 --a------ C:\WINDOWS\system32\mciqtz32.dll 2007-05-10 21:02 33,280 --a------ C:\WINDOWS\system32\dmloader.dll 2007-05-10 21:02 324,096 --a------ C:\WINDOWS\system32\mswebdvd.dll 2007-05-10 21:02 32,768 --a------ C:\WINDOWS\system32\dpnhpast.dll 2007-05-10 21:02 316,928 --a------ C:\WINDOWS\system32\qdv.dll 2007-05-10 21:02 31,744 --a------ C:\WINDOWS\system32\pid.dll 2007-05-10 21:02 3,072 --a------ C:\WINDOWS\system32\dpnlobby.dll 2007-05-10 21:02 3,072 --a------ C:\WINDOWS\system32\dpnaddr.dll 2007-05-10 21:02 292,864 --a------ C:\WINDOWS\system32\ddraw.dll 2007-05-10 21:02 28,160 --a------ C:\WINDOWS\system32\dplaysvr.exe 2007-05-10 21:02 27,136 --a------ C:\WINDOWS\system32\dmband.dll 2007-05-10 21:02 257,024 --a------ C:\WINDOWS\system32\qcap.dll 2007-05-10 21:02 24,064 --a------ C:\WINDOWS\system32\ddrawex.dll 2007-05-10 21:02 230,400 --a------ C:\WINDOWS\system32\dplayx.dll 2007-05-10 21:02 19,968 --a------ C:\WINDOWS\system32\dpvacm.dll 2007-05-10 21:02 186,880 --a------ C:\WINDOWS\system32\dsdmo.dll 2007-05-10 21:02 181,248 --a------ C:\WINDOWS\system32\dmime.dll 2007-05-10 21:02 18,944 --a------ C:\WINDOWS\system32\encapi.dll 2007-05-10 21:02 18,688 --a------ C:\WINDOWS\system32\drivers\wstcodec.sys 2007-05-10 21:02 18,432 --a------ C:\WINDOWS\system32\dswave.dll 2007-05-10 21:02 16,896 --a------ C:\WINDOWS\system32\msyuv.dll 2007-05-10 21:02 16,896 --a------ C:\WINDOWS\system32\dpnsvr.exe 2007-05-10 21:02 16,384 --a------ C:\WINDOWS\system32\drivers\ccdecode.sys 2007-05-10 21:02 15,104 --a------ C:\WINDOWS\system32\drivers\mpe.sys 2007-05-10 21:02 14,976 --a------ C:\WINDOWS\system32\drivers\streamip.sys 2007-05-10 21:02 132,608 --a------ C:\WINDOWS\system32\devenum.dll 2007-05-10 21:02 130,304 --a------ C:\WINDOWS\system32\drivers\ks.sys 2007-05-10 21:02 13,312 --a------ C:\WINDOWS\system32\msdmo.dll 2007-05-10 21:02 122,880 --a------ C:\WINDOWS\system32\dmusic.dll 2007-05-10 21:02 112,128 --a------ C:\WINDOWS\system32\dpvvox.dll 2007-05-10 21:02 11,392 --a------ C:\WINDOWS\system32\drivers\bdasup.sys 2007-05-10 21:02 100,864 --a------ C:\WINDOWS\system32\dmsynth.dll 2007-05-10 21:02 10,880 --a------ C:\WINDOWS\system32\drivers\slip.sys 2007-05-10 21:02 10,496 --a------ C:\WINDOWS\system32\drivers\dxapi.sys 2007-05-10 21:02 10,112 --a------ C:\WINDOWS\system32\drivers\ndisip.sys 2007-05-10 21:02 1,962,496 --a------ C:\WINDOWS\system32\quartz.dll 2007-05-10 21:02 1,798,144 --a------ C:\WINDOWS\system32\qedit.dll 2007-05-10 21:02 1,769,472 --a------ C:\WINDOWS\system32\dxdiagn.dll 2007-05-10 21:02 1,703,936 --a------ C:\WINDOWS\system32\d3d9.dll 2007-05-10 21:02 1,294,336 --a------ C:\WINDOWS\system32\dsound3d.dll 2007-05-10 21:02 1,230,336 --a------ C:\WINDOWS\system32\msvidctl.dll 2007-05-10 21:02 1,201,152 --a------ C:\WINDOWS\system32\d3d8.dll 2007-05-10 21:02 1,189,888 --a------ C:\WINDOWS\system32\dx8vb.dll 2007-05-10 20:58 2007-05-10 20:57 516,096 --------- C:\WINDOWS\system32\ati2sgag.exe 2007-05-10 20:57 294,912 -ra------ C:\WINDOWS\system32\atiiiexx.dll 2007-05-10 20:57 151,552 -ra------ C:\WINDOWS\system32\ATIDEMGR.dll 2007-05-10 20:57 2007-05-10 20:55 23,040 -ra------ C:\WINDOWS\system32\drivers\GVCplDrv.sys 2007-05-10 20:54 655,596 --a------ C:\WINDOWS\system32\drivers\ALCXWDM.SYS 2007-05-10 20:54 57,344 --a------ C:\WINDOWS\system32\drivers\drmk.sys 2007-05-10 20:54 46,592 --a------ C:\WINDOWS\SOUNDMAN.EXE 2007-05-10 20:54 208,896 --------- C:\WINDOWS\alcupd.exe 2007-05-10 20:54 19,072 --a------ C:\WINDOWS\system32\drivers\usbehci.sys 2007-05-10 20:54 135,168 --------- C:\WINDOWS\alcrmv.exe 2007-05-10 20:54 135,040 --a------ C:\WINDOWS\system32\drivers\portcls.sys 2007-05-10 20:54 2007-05-10 20:54 2007-05-10 20:54 2007-05-10 20:54 2007-05-10 20:54 2007-05-10 20:52 306,688 --a------ C:\WINDOWS\IsUninst.exe 2007-05-10 20:52 3,279 --a------ C:\WINDOWS\system32\drivers\VIAPFD.SYS 2007-05-10 20:52 27,904 --a------ C:\WINDOWS\system32\drivers\VIAAGP1.SYS 2007-05-10 20:52 2007-05-10 20:52 2007-05-10 20:51 24,064 --a------ C:\WINDOWS\autoload.exe 2007-05-10 20:50 1,572,864 --ah----- C:\DOCUME~1\menager\NTUSER.DAT 2007-05-10 20:50 2007-05-10 20:50 2007-05-10 20:50 2007-05-10 20:50 2007-05-10 20:50 2007-05-10 20:50 2007-05-10 20:50 2007-05-10 20:50 2007-05-10 20:49 237,568 --ah----- C:\DOCUME~1\NETWOR~1\NTUSER.DAT 2007-05-10 20:49 237,568 --ah----- C:\DOCUME~1\LOCALS~1\NTUSER.DAT 2007-05-10 20:49 2007-05-10 20:49 2007-05-10 20:49 2007-05-10 20:49 2007-05-10 20:49 2007-05-10 20:49 2007-05-10 20:45 237,568 —h----- C:\DOCUME~1\DEFAUL~1\NTUSER.DAT 2007-05-10 20:45 112,128 --a------ C:\WINDOWS\system32\mapi32.dll 2007-05-10 20:45 0 -rahs---- C:\MSDOS.SYS 2007-05-10 20:45 0 -rahs---- C:\IO.SYS 2007-05-10 20:45 0 --a------ C:\CONFIG.SYS 2007-05-10 20:45 0 --a------ C:\AUTOEXEC.BAT 2007-05-10 20:45 2007-05-10 20:45 2007-05-10 20:44 2007-05-10 20:43 360,448 --a------ C:\WINDOWS\system32\qmgr.dll 2007-05-10 20:43 2007-05-10 20:43 2007-05-10 20:43 2007-05-10 20:43 2007-05-10 20:43 2007-05-10 20:42 90,624 --a------ C:\WINDOWS\system32\msoert2.dll 2007-05-10 20:42 9,728 --a------ C:\WINDOWS\system32\mstinit.exe 2007-05-10 20:42 81,920 --a------ C:\WINDOWS\system32\isign32.dll 2007-05-10 20:42 73,728 --a------ C:\WINDOWS\system32\ils.dll 2007-05-10 20:42 70,400 --a------ C:\WINDOWS\system32\drivers\sr.sys 2007-05-10 20:42 69,632 --a------ C:\WINDOWS\system32\icwdial.dll 2007-05-10 20:42 67,584 --a------ C:\WINDOWS\system32\acctres.dll 2007-05-10 20:42 65,536 --a------ C:\WINDOWS\system32\msconf.dll 2007-05-10 20:42 61,952 --a------ C:\WINDOWS\system32\srclient.dll 2007-05-10 20:42 61,440 --a------ C:\WINDOWS\system32\icwphbk.dll 2007-05-10 20:42 593,920 --a------ C:\WINDOWS\system32\inetcomm.dll 2007-05-10 20:42 49,152 --a------ C:\WINDOWS\system32\inetres.dll 2007-05-10 20:42 40,960 --a------ C:\WINDOWS\system32\safrslv.dll 2007-05-10 20:42 39,424 --a------ C:\WINDOWS\system32\safrcdlg.dll 2007-05-10 20:42 33,792 --a------ C:\WINDOWS\system32\racpldlg.dll 2007-05-10 20:42 32,768 --a------ C:\WINDOWS\system32\mnmsrvc.exe 2007-05-10 20:42 32,384 --a------ C:\WINDOWS\system32\mnmdd.dll 2007-05-10 20:42 28,672 --a------ C:\WINDOWS\system32\isrdbg32.dll 2007-05-10 20:42 270,336 --a------ C:\WINDOWS\system32\inetcfg.dll 2007-05-10 20:42 26,624 --a------ C:\WINDOWS\system32\safrdm.dll 2007-05-10 20:42 253,440 --a------ C:\WINDOWS\system32\mstask.dll 2007-05-10 20:42 24,576 --a------ C:\WINDOWS\system32\nmmkcert.dll 2007-05-10 20:42 228,864 --a------ C:\WINDOWS\system32\msoeacct.dll 2007-05-10 20:42 219,136 --a------ C:\WINDOWS\system32\srrstr.dll 2007-05-10 20:42 16,384 --a------ C:\WINDOWS\system32\icfgnt5.dll 2007-05-10 20:42 159,744 --a------ C:\WINDOWS\system32\schedsvc.dll 2007-05-10 20:42 155,648 --a------ C:\WINDOWS\system32\srsvc.dll 2007-05-10 20:42 12,288 --a------ C:\WINDOWS\system32\nmevtmsg.dll 2007-05-10 20:42 11,264 --a------ C:\WINDOWS\system32\atrace.dll 2007-05-10 20:42 2007-05-10 20:42 2007-05-10 20:42 2007-05-10 20:42 2007-05-10 20:42 2007-05-10 20:41 21,856 --a------ C:\WINDOWS\system32\emptyregdb.dat 2007-05-10 20:41 2007-05-10 20:41 2007-05-10 20:41 2007-05-10 20:40 99,328 --a------ C:\WINDOWS\system32\clipbrd.exe 2007-05-10 20:40 9,728 --a------ C:\WINDOWS\system32\xolehlp.dll 2007-05-10 20:40 9,728 --a------ C:\WINDOWS\system32\reset.exe 2007-05-10 20:40 89,600 --a------ C:\WINDOWS\system32\tscfgwmi.dll 2007-05-10 20:40 869,376 --a------ C:\WINDOWS\system32\msdtctm.dll 2007-05-10 20:40 85,504 --a------ C:\WINDOWS\system32\catsrvps.dll 2007-05-10 20:40 83,968 --a------ C:\WINDOWS\system32\mtxoci.dll 2007-05-10 20:40 82,432 --a------ C:\WINDOWS\system32\comrepl.dll 2007-05-10 20:40 80,896 --a------ C:\WINDOWS\system32\charmap.exe 2007-05-10 20:40 8,704 --a------ C:\WINDOWS\system32\icaapi.dll 2007-05-10 20:40 73,864 --a------ C:\WINDOWS\system32\rdpwsx.dll 2007-05-10 20:40 73,216 --a------ C:\WINDOWS\system32\avwav.dll 2007-05-10 20:40 61,952 --a------ C:\WINDOWS\system32\rdshost.exe 2007-05-10 20:40 605,696 --a------ C:\WINDOWS\system32\getuname.dll 2007-05-10 20:40 6,144 --a------ C:\WINDOWS\system32\msdtc.exe 2007-05-10 20:40 583,168 --a------ C:\WINDOWS\system32\catsrvut.dll 2007-05-10 20:40 57,344 --a------ C:\WINDOWS\system32\sol.exe 2007-05-10 20:40 57,344 --a------ C:\WINDOWS\system32\licwmi.dll 2007-05-10 20:40 56,832 --a------ C:\WINDOWS\system32\remotepg.dll 2007-05-10 20:40 56,832 --a------ C:\WINDOWS\system32\colbact.dll 2007-05-10 20:40 55,808 --a------ C:\WINDOWS\system32\freecell.exe 2007-05-10 20:40 54,784 --a------ C:\WINDOWS\system32\msdtclog.dll 2007-05-10 20:40 54,272 --a------ C:\WINDOWS\system32\stclient.dll 2007-05-10 20:40 534,016 --a------ C:\WINDOWS\system32\spider.exe 2007-05-10 20:40 53,248 --a------ C:\WINDOWS\system32\servdeps.dll 2007-05-10 20:40 503,296 --a------ C:\WINDOWS\system32\mstscax.dll 2007-05-10 20:40 5,632 --a------ C:\WINDOWS\system32\write.exe 2007-05-10 20:40 5,120 --a------ C:\WINDOWS\system32\dcomcnfg.exe 2007-05-10 20:40 495,616 --a------ C:\WINDOWS\system32\comuid.dll 2007-05-10 20:40 494,592 --a------ C:\WINDOWS\system32\hypertrm.dll 2007-05-10 20:40 468,480 --a------ C:\WINDOWS\system32\clbcatq.dll 2007-05-10 20:40 44,544 --a------ C:\WINDOWS\system32\hticons.dll 2007-05-10 20:40 41,984 --a------ C:\WINDOWS\system32\rdpclip.exe 2007-05-10 20:40 40,448 --a------ C:\WINDOWS\system32\tscupgrd.exe 2007-05-10 20:40 4,608 --a------ C:\WINDOWS\system32\rdpcfgex.dll 2007-05-10 20:40 4,096 --a------ C:\WINDOWS\system32\wuauserv.dll 2007-05-10 20:40 4,096 --a------ C:\WINDOWS\system32\mtxex.dll 2007-05-10 20:40 387,072 --a------ C:\WINDOWS\system32\mstsc.exe 2007-05-10 20:40 37,896 --a------ C:\WINDOWS\system32\drivers\termdd.sys 2007-05-10 20:40 360,960 --a------ C:\WINDOWS\system32\msdtcprx.dll 2007-05-10 20:40 35,328 --a------ C:\WINDOWS\system32\winchat.exe 2007-05-10 20:40 342,016 --a------ C:\WINDOWS\system32\mspaint.exe 2007-05-10 20:40 33,792 --a------ C:\WINDOWS\system32\regini.exe 2007-05-10 20:40 32,768 --a------ C:\WINDOWS\system32\cfgbkend.dll 2007-05-10 20:40 25,600 --a------ C:\WINDOWS\system32\comaddin.dll 2007-05-10 20:40 25,088 --a------ C:\WINDOWS\system32\mtxlegih.dll 2007-05-10 20:40 231,424 --a------ C:\WINDOWS\system32\avtapi.dll 2007-05-10 20:40 22,528 --a------ C:\WINDOWS\system32\qwinsta.exe 2007-05-10 20:40 22,528 --a------ C:\WINDOWS\system32\msg.exe 2007-05-10 20:40 215,040 --a------ C:\WINDOWS\system32\catsrv.dll 2007-05-10 20:40 20,480 --a------ C:\WINDOWS\system32\mtxdm.dll 2007-05-10 20:40 20,232 --a------ C:\WINDOWS\system32\drivers\tdtcp.sys 2007-05-10 20:40 198,656 --a------ C:\WINDOWS\system32\termsrv.dll 2007-05-10 20:40 19,456 --a------ C:\WINDOWS\system32\qprocess.exe 2007-05-10 20:40 183,296 --a------ C:\WINDOWS\system32\accwiz.exe 2007-05-10 20:40 181,632 --a------ C:\WINDOWS\system32\drivers\rdpdr.sys 2007-05-10 20:40 177,152 --a------ C:\WINDOWS\system32\cmprops.dll 2007-05-10 20:40 17,920 --a------ C:\WINDOWS\system32\tsshutdn.exe 2007-05-10 20:40 17,408 --a------ C:\WINDOWS\system32\qappsrv.exe 2007-05-10 20:40 16,896 --a------ C:\WINDOWS\system32\mmfutil.dll 2007-05-10 20:40 16,384 --a------ C:\WINDOWS\system32\tskill.exe 2007-05-10 20:40 16,384 --a------ C:\WINDOWS\system32\rwinsta.exe 2007-05-10 20:40 16,384 --a------ C:\WINDOWS\system32\avmeter.dll 2007-05-10 20:40 151,040 --a------ C:\WINDOWS\system32\msdtcuiu.dll 2007-05-10 20:40 15,872 --a------ C:\WINDOWS\system32\logoff.exe 2007-05-10 20:40 15,872 --a------ C:\WINDOWS\system32\cdmodem.dll 2007-05-10 20:40 15,360 --a------ C:\WINDOWS\system32\tsdiscon.exe 2007-05-10 20:40 15,360 --a------ C:\WINDOWS\system32\tscon.exe 2007-05-10 20:40 15,360 --a------ C:\WINDOWS\system32\shadow.exe 2007-05-10 20:40 147,456 --a------ C:\WINDOWS\system32\comsnap.dll 2007-05-10 20:40 14,848 --a------ C:\WINDOWS\system32\rdpsnd.dll 2007-05-10 20:40 139,264 --a------ C:\WINDOWS\system32\sndvol32.exe 2007-05-10 20:40 134,656 --a------ C:\WINDOWS\system32\rdchost.dll 2007-05-10 20:40 131,072 --a------ C:\WINDOWS\system32\sessmgr.exe 2007-05-10 20:40 128,000 --a------ C:\WINDOWS\system32\mshearts.exe 2007-05-10 20:40 125,440 --a------ C:\WINDOWS\system32\sndrec32.exe 2007-05-10 20:40 125,208 --a------ C:\WINDOWS\system32\wuauclt.exe 2007-05-10 20:40 12,288 --a------ C:\WINDOWS\system32\rdsaddin.exe 2007-05-10 20:40 119,808 --a------ C:\WINDOWS\system32\winmine.exe 2007-05-10 20:40 118,272 --a------ C:\WINDOWS\system32\mplay32.exe 2007-05-10 20:40 115,200 --a------ C:\WINDOWS\system32\calc.exe 2007-05-10 20:40 11,144 --a------ C:\WINDOWS\system32\drivers\tdpipe.sys 2007-05-10 20:40 107,912 --a------ C:\WINDOWS\system32\drivers\rdpwd.sys 2007-05-10 20:40 100,864 --a------ C:\WINDOWS\system32\clbcatex.dll 2007-05-10 20:40 1,343,768 --a------ C:\WINDOWS\system32\wuaueng.dll 2007-05-10 20:40 1,225 --a------ C:\WINDOWS\system32\usrlogon.cmd 2007-05-10 20:40 1,139,200 --a------ C:\WINDOWS\system32\comsvcs.dll 2007-05-10 20:40 2007-05-10 20:40 2007-05-10 20:40 2007-05-10 20:40 2007-05-10 20:40 (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-05-11 17:05:57 163,644 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys 2007-05-10 19:19:05 67,298 ----a-w C:\WINDOWS\system32\perfc015.dat 2007-05-10 19:19:05 436,322 ----a-w C:\WINDOWS\system32\perfh015.dat 2007-05-10 18:43:33 -------- d-----w C:\Program Files\Usługi online 2007-04-09 12:27:07 31,548 ----a-w C:\WINDOWS\system32\drivers\scdemu.sys (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] “NeroFilterCheck”=“C:\WINDOWS\system32\NeroCheck.exe” “avgnt”="“C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe” /min" “KernelFaultCheck”=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,\ “cdqgdcca”=“C:\hjtqebsp.bat” [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “NeroFilterCheck”=“C:\WINDOWS\system32\NeroCheck.exe” [2001-07-09 10:50] “avgnt”=“C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe” [2007-04-02 10:35] “KernelFaultCheck”="%systemroot%\system32\dumprep 0 -k" [] “cdqgdcca”=“C:\hjtqebsp.bat” [2007-05-14 16:22] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “CTFMON.EXE”=“C:\WINDOWS\System32\ctfmon.exe” [2001-10-26 19:29] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] “CTFMON.EXE”=“C:\WINDOWS\System32\ctfmon.exe” [HKEY_USERS.default\software\microsoft\windows\currentversion\run] @="" “ATICCC”="“C:\Program Files\ATI Technologies\ATI.ACE\cli.exe” runtime" “Network Security”=“C:\WINDOWS\System32\NSecurity.exe” HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa Authentication Packages msv1_0\0\0 Security Packages kerberos\0msv1_0\0schannel\0wdigest\0\0 Notification Packages scecli\0\0 HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\c:^documents and settings^all users^menu start^programy^autostart^ati catalyst system tray.lnk C:\PROGRA~1\ATITEC~1\ATI.ACE\CLI.exe SystemTray HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\c:^documents and settings^all users^menu start^programy^autostart^microsoft office.lnk E:\MICROS~1\Office\OSA9.EXE -b -l HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\aticcc “C:\Program Files\ATI Technologies\ATI.ACE\cli.exe” runtime HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\atipta C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxsupmon C:\WINDOWS\System32\LXSUPMON.EXE RUN HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\soundman SOUNDMAN.EXE [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost] LocalService Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0 NetworkService DnsCache\0\0 rpcss RpcSs\0\0 imgsvc StiSvc\0\0 termsvcs TermService\0\0 HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost ******************************************************************** catchme 0.3.660 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-05-14 19:00:54 Windows 5.1.2600 NTFS scanning hidden processes … scanning hidden services … scanning hidden autostart entries … scanning hidden files … scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 ******************************************************************** Completion time: 2007-05-14 19:00:58 C:\ComboFix-quarantined-files.txt … 2007-05-14 19:00 C:\ComboFix2.txt … 2007-05-14 07:56

Gutek · 14 Maj 2007 17:12

a to co za driver?

Pobierz Gmer

Rootkit=>szukaj=>bez zaznaczania pokaż wszystko=> Ctrl + V do posta wklej
Rootkit => zaznaczone tylko Pokazuj wszystko + Usługi => Szukaj => Kopiuj => Ctrl + V do posta wklej

do kasacji

Użyj SmitFraudFix wybierz opcji nr 2

mister12_1994 · 14 Maj 2007 17:28

nie wiem

Gutek · 14 Maj 2007 17:33

Daj logi z Gmera