Wywala mnie z internetu, chociaż jest połączenie

sowa_m · 10 Grudzień 2007 22:27

Od jakiegoś czasu wolno działa mi internet lub wywala mnie z niego, chociaż jest połączenie, np. przed chwilą, gdy combofix zakończył scann, nie udało mi się ponownie wejść do neta. Ad-awere podczas skanowania wykrywa antywirusa/robaka: Malware-gen, skanowałam też pandą ze strony internetowej i nic nie wykryła, ale przy uruchamianiu pandy avast protestował. Sciągnięty audacity zamiast wiersza poleceń ma znaki zapytania (próbowałam instalować z różnych źródeł), które reagują tak, jakby wszystko było ok. O co w tym chodzi? Pomóżcie, bo przede mną egzamin przez internet!

Załączam log z combofixa:

ComboFix 07-12-10.2 - Gosia Sówka 2007-12-10 22:53:57.3 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.181 [GMT 1:00] Running from: C:\Documents and Settings\Gosia Sówka\Ustawienia lokalne\Temporary Internet Files\Content.IE5\67Q9ABCD\ComboFix[1].exe * Created a new restore point . ((((((((((((((((((((((((( Files Created from 2007-11-10 to 2007-12-10 ))))))))))))))))))))))))))))))) . 2007-12-10 21:56 . 2007-12-10 21:57 2007-12-09 00:11 . 2007-12-09 00:11 2007-12-08 23:17 . 2007-12-08 23:17 2007-12-08 23:16 . 2007-12-08 23:16 2007-12-08 20:27 . 2007-12-08 20:44 2007-12-08 20:27 . 2007-12-08 20:27 2007-12-08 01:37 . 2007-12-08 01:37 2007-12-08 01:36 . 2007-12-08 01:37 2007-12-08 01:33 . 2007-12-10 01:53 2,516 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys 2007-12-08 01:33 . 2007-12-10 01:46 88 -r-hs---- C:\WINDOWS\system32\8E8188B378.sys 2007-12-08 01:28 . 2007-12-08 01:36 2007-12-07 21:14 . 2007-12-07 21:54 2,550 --a------ C:\WINDOWS\system32\Uninstall.ico 2007-12-07 21:14 . 2007-12-07 21:54 1,406 --a------ C:\WINDOWS\system32\Help.ico 2007-12-05 23:56 . 2007-12-08 00:11 2007-12-04 16:47 . 2007-12-07 21:58 2007-12-04 15:57 . 2007-12-04 15:57 2007-12-03 23:04 . 2007-12-03 23:04 2007-12-03 23:04 . 2007-12-03 23:04 2007-12-03 22:49 . 2007-12-04 16:13 2007-11-20 22:29 . 2007-12-10 01:19 2007-11-20 22:17 . 2007-11-20 22:17 2007-11-20 22:16 . 2007-12-05 17:21 2007-11-20 22:06 . 2007-11-20 22:06 2007-11-20 22:06 . 2007-11-20 22:06 2007-11-20 21:45 . 2007-12-10 01:21 2007-11-20 21:45 . 2007-12-10 01:21 2007-11-20 21:44 . 2007-11-20 21:44 2007-11-20 21:13 . 2007-11-20 21:19 2007-11-20 21:13 . 2004-03-09 01:00 662,288 --a------ C:\WINDOWS\system32\MSCOMCT2.OCX 2007-11-20 21:13 . 1998-06-24 01:00 137,000 --a------ C:\WINDOWS\system32\MSMAPI32.OCX 2007-11-20 21:13 . 2001-10-28 17:42 116,224 --a------ C:\WINDOWS\system32\pdfcmnnt.dll 2007-11-20 21:12 . 2007-11-20 21:17 2007-11-20 21:12 . 1998-07-06 01:00 23,552 --a------ C:\WINDOWS\system32\MSMPIDE.DLL 2007-11-19 14:13 . 2007-11-19 14:13 52 --a------ C:\WINDOWS\tlknw4.ini . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-12-10 20:26 --------- d-----w C:\Program Files\Mozilla Thunderbird 2007-12-10 00:51 --------- dc----w C:\Documents and Settings\Gosia Sówka\Dane aplikacji\Corel 2007-12-08 19:02 --------- d-----w C:\Program Files\Winamp 2007-12-07 21:50 --------- d-----w C:\Program Files\WZCBDL Service 2007-12-04 14:56 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys 2007-12-04 14:55 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys 2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys 2007-12-04 14:51 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys 2007-12-04 14:49 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys 2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe 2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AVASTSS.scr 2007-11-26 11:54 --------- d-----w C:\Program Files\Common Files\Adobe 2007-11-21 20:20 --------- dc----w C:\Documents and Settings\Gosia Sówka\Dane aplikacji\Skype 2007-11-08 22:40 --------- d-----w C:\Program Files\eMule 2007-11-08 22:37 --------- d-----w C:\Program Files\Java 2007-11-08 22:33 --------- dc----w C:\Documents and Settings\Gosia Sówka\Dane aplikacji\OpenOffice.org2 2007-10-22 17:39 24,192 -c–a-w C:\Documents and Settings\Gosia Sówka\Dane aplikacji\GDIPFONTCACHEV1.DAT 2007-10-12 09:56 --------- d-----w C:\Program Files\Google 2006-11-23 00:17 11,617 -c–a-w C:\Documents and Settings\Default User\Menu Start.zip 2006-02-05 17:41 1,616,416 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat 2006-02-05 17:41 100,640 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat . ((((((((((((((((((((((((((((( snapshot@2007-12-03_23.55.00,42 ))))))))))))))))))))))))))))))))))))))))) . + 2007-12-09 14:04:45 68,608 ----a-w C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll + 2007-12-09 14:05:05 72,192 ----a-w C:\WINDOWS\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll + 2007-12-09 14:05:06 4,308,992 ----a-w C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll + 2007-12-09 14:05:10 482,304 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll + 2007-12-09 14:04:59 2,902,016 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll + 2007-12-09 14:04:34 258,048 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll + 2007-12-09 14:04:34 114,176 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll + 2007-12-09 14:05:21 260,096 ----a-w C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll + 2007-12-09 14:04:50 5,156,864 ----a-w C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll + 2007-12-09 14:04:43 10,752 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll + 2007-12-09 14:04:32 507,904 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll + 2007-12-09 14:04:37 13,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll + 2007-12-09 14:05:02 8,192 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll + 2007-12-09 14:05:03 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll + 2007-12-09 14:05:04 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll + 2007-12-09 14:04:39 413,696 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll + 2007-12-09 14:04:40 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll + 2007-12-09 14:04:41 647,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll + 2007-12-09 14:04:42 73,728 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll + 2007-12-09 14:04:38 749,568 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll + 2007-12-09 14:05:25 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll + 2007-12-09 14:05:24 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll + 2007-12-09 14:04:29 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll + 2007-12-09 14:05:23 667,648 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll + 2007-12-09 14:05:26 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll + 2007-12-09 14:04:31 12,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll + 2007-12-09 14:04:30 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll + 2007-12-09 14:04:31 7,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll + 2007-12-09 14:05:15 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll + 2007-12-09 14:04:45 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll + 2007-12-09 14:05:16 413,696 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll + 2007-12-09 14:05:11 716,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll + 2007-12-09 14:04:35 888,832 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll + 2007-12-09 14:05:00 5,001,216 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll + 2007-12-09 14:04:47 188,416 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll + 2007-12-09 14:04:46 397,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll + 2007-12-09 14:04:48 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll + 2007-12-09 14:05:19 577,536 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll + 2007-12-09 14:05:13 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll + 2007-12-09 14:05:20 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll + 2007-12-09 14:05:14 299,008 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll + 2007-12-09 14:05:15 131,072 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll + 2007-12-09 14:04:44 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll + 2007-12-09 14:04:49 114,688 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll + 2007-12-09 14:05:22 835,584 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll + 2007-12-09 14:04:52 86,016 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll + 2007-12-09 14:04:53 823,296 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll + 2007-12-09 14:04:55 5,152,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll + 2007-12-09 14:04:56 2,027,520 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll + 2007-12-09 14:05:18 2,940,928 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll + 2007-12-09 16:47:04 26,624 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\376c4d8b9411bb44afa04ade8df6785a\Accessibility.ni.dll + 2007-12-09 16:47:13 888,832 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\4793c074baa8eb5ad0d8fa67ee1e689e\AspNetMMCExt.ni.dll + 2007-12-09 16:47:16 237,568 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\1efb5ecabac8c3435bd43b29e653bbf7\CustomMarshalers.ni.dll + 2007-12-09 16:47:15 15,360 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\dfsvc\15b8f1f41de3c18564adcab8ff3812e6\dfsvc.ni.exe + 2007-12-09 16:47:23 880,640 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\ce407e0f98742b413cf889fd8ea4d583\Microsoft.Build.Engine.ni.dll + 2007-12-09 16:47:24 81,920 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\bff06c22f6f26e9b15714092bd402b48\Microsoft.Build.Framework.ni.dll + 2007-12-09 16:47:35 1,687,552 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\d677ebf457060641242887efc56de3ca\Microsoft.Build.Tasks.ni.dll + 2007-12-09 16:47:39 163,840 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\ece752c846fd1c70bb4697f19b3373d0\Microsoft.Build.Utilities.ni.dll + 2007-12-09 16:47:48 1,720,320 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\067f7bbe2a4a9f75192aec9d57718423\Microsoft.VisualBasic.ni.dll + 2007-12-09 14:45:12 11,304,960 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\1926be1162545974e1227db939827690\mscorlib.ni.dll + 2007-12-09 16:47:56 1,003,520 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\a974ed3311a018e85bb06b52f483c61d\System.Configuration.ni.dll + 2007-12-09 14:46:40 6,676,480 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\010ec3c9b0f4b3076f86f7cf28f80595\System.Data.ni.dll + 2007-12-09 16:48:04 1,724,416 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Deployment\d606274dafb0af7d847b796676f001ce\System.Deployment.ni.dll + 2007-12-09 14:47:23 10,702,848 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Design\d447741459fa5dc5de04e42b9ebd8666\System.Design.ni.dll + 2007-12-09 16:48:17 512,000 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\5801c6e4978fd45a7cb2ec92bc4b3774\System.DirectoryServices.Protocols.ni.dll + 2007-12-09 16:48:12 1,216,512 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\e2fd5e4ff1c6523925916416ca5e3ff9\System.DirectoryServices.ni.dll + 2007-12-09 14:47:34 229,376 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\ea364c2d74e55db8d6d47f38b2f81f4b\System.Drawing.Design.ni.dll + 2007-12-09 14:47:31 1,601,536 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\897355b043a1d5da6d3f45814a8653b8\System.Drawing.ni.dll + 2007-12-09 16:48:22 659,456 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\39de0aacfd299123925e9bb4d3f1e378\System.EnterpriseServices.ni.dll + 2007-12-09 16:48:22 294,912 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\39de0aacfd299123925e9bb4d3f1e378\System.EnterpriseServices.Wrapper.dll + 2007-12-09 16:48:28 729,088 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Security\3bae9c5a38af01cbfc2065877623dd7a\System.Security.ni.dll + 2007-12-09 16:48:33 684,032 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\1db5bda58783ab691ff6c07938bb2b9f\System.Transactions.ni.dll + 2007-12-09 16:50:04 2,306,048 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\62cf550596f0c7bb4ff87ab1369fa481\System.Web.Mobile.ni.dll + 2007-12-09 16:50:08 237,568 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\1b279abffa46b3b52f2b99b5c0b44c36\System.Web.RegularExpressions.ni.dll + 2007-12-09 16:50:18 1,941,504 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\eefd6fc04caab6b17c6ccbc944f070bd\System.Web.Services.ni.dll + 2007-12-09 16:49:48 12,185,600 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\1087b2f6e9940c0009593233e8c97151\System.Web.ni.dll + 2007-12-09 14:48:19 13,107,200 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ebe4d0eb5a3f0cb3e62c9f652bffb61a\System.Windows.Forms.ni.dll + 2007-12-09 14:48:43 5,623,808 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\d962b33c2b049c2e908fad8411919337\System.Xml.ni.dll + 2007-12-09 14:45:57 8,130,560 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\2290e6c8c3594dcdb4fb6b231fd11578\System.ni.dll - 2007-11-27 02:58:11 140,288 ----a-w C:\WINDOWS\catchme.exe + 2007-12-09 18:04:27 142,336 ----a-w C:\WINDOWS\catchme.exe + 2007-12-08 00:38:04 19,278 ----a-r C:\WINDOWS\Installer{93A1B09E-BAFA-4628-A5B6-921CB026955A}\ARPPRODUCTICON.exe + 2005-09-23 06:28:52 72,704 ----a-w C:\WINDOWS\Microsoft.NET\Framework\NETFXSBS10.exe + 2005-09-23 06:29:04 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbs_diasymreader.dll + 2005-09-23 06:29:04 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbs_iehost.dll + 2005-09-23 06:29:04 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbs_microsoft.jscript.dll + 2005-09-23 06:29:04 5,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbs_microsoft.vsa.vb.codedomprocessor.dll + 2005-09-23 06:29:04 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbs_mscordbi.dll + 2005-09-23 06:29:04 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbs_mscorrc.dll + 2005-09-23 06:29:04 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbs_mscorsec.dll + 2005-09-23 06:29:04 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbs_system.configuration.install.dll + 2005-09-23 06:29:04 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbs_system.data.dll + 2005-09-23 06:29:04 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbs_system.enterpriseservices.dll + 2005-09-23 06:29:04 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbs_VsaVb7rt.dll + 2005-09-23 06:29:04 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbs_wminet_utils.dll + 2005-09-23 06:28:52 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp10.dll + 2005-09-23 06:28:56 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp20_mscorwks.dll + 2005-09-23 06:28:58 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp20_perfcounter.dll + 2005-09-23 06:28:56 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\SharedReg12.dll + 2005-09-23 06:28:52 86,528 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll + 2005-09-23 06:28:36 18,944 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll + 2005-09-23 06:28:42 136,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll + 2005-09-23 06:28:44 4,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll + 2005-09-23 06:29:04 183,808 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll + 2005-09-23 06:28:28 208,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll + 2005-09-23 06:28:56 10,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll + 2005-09-23 06:28:58 138,240 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll + 2005-09-23 06:28:36 87,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\alink.dll + 2007-04-13 02:21:18 58,712 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe + 2005-09-23 06:28:32 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe + 2007-04-13 02:20:52 10,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll + 2007-04-13 02:20:52 8,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll + 2007-04-13 02:20:52 23,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll + 2007-04-13 02:20:50 75,264 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll + 2005-09-23 06:28:32 13,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe + 2007-04-13 02:20:52 32,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe + 2005-09-23 06:28:32 106,496 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe + 2007-04-13 02:20:52 33,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe + 2007-04-13 02:20:52 32,600 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe + 2007-04-13 02:20:52 507,904 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll + 2005-09-23 06:28:56 106,496 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe + 2007-04-13 02:21:16 88,576 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll + 2005-09-23 06:28:42 76,984 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\csc.exe + 2005-09-23 06:28:42 1,144,832 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscomp.dll + 2005-09-23 06:28:42 13,312 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll + 2005-09-23 06:28:58 17,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll + 2005-09-23 06:28:56 68,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll + 2005-09-23 06:28:44 31,936 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cvtres.exe + 2005-09-23 06:28:38 52,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfdll.dll + 2007-04-13 02:20:58 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe + 2005-09-23 06:29:12 547,840 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll + 2005-09-23 06:28:56 788,992 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll + 2005-09-23 06:28:50 9,216 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fusion.dll + 2007-04-13 02:21:16 9,728 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExec.exe + 2005-09-23 06:28:56 8,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll + 2005-09-23 06:28:56 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEHost.dll + 2005-09-23 06:28:56 5,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll + 2007-04-13 02:21:16 228,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ilasm.exe + 2007-04-13 02:21:16 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe + 2005-09-23 06:28:56 55,296 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll + 2005-09-23 06:28:56 72,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll + 2005-09-23 06:28:48 40,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\jsc.exe + 2005-09-23 06:01:16 609,472 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe + 2005-09-23 05:29:48 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1025.dll + 2005-09-23 05:32:24 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1028.dll + 2005-09-23 05:34:10 82,944 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1029.dll + 2005-09-23 05:34:12 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1030.dll + 2005-09-23 05:34:44 85,504 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1031.dll + 2005-09-23 05:36:24 87,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1032.dll + 2005-09-23 02:46:14 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1033.dll + 2005-09-23 05:38:26 81,408 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1035.dll + 2005-09-23 05:38:52 86,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1036.dll + 2005-09-23 05:40:30 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1037.dll + 2005-09-23 05:40:32 83,968 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1038.dll + 2005-09-23 05:40:56 84,480 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1040.dll + 2005-09-23 05:42:58 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1041.dll + 2005-09-23 05:44:58 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1042.dll + 2005-09-23 05:46:38 83,456 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1043.dll + 2005-09-23 05:46:38 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1044.dll + 2005-09-23 05:46:40 83,456 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1045.dll + 2005-09-23 05:47:04 82,432 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1046.dll + 2005-09-23 05:47:30 82,432 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1049.dll + 2005-09-23 05:47:32 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1053.dll + 2005-09-23 05:47:32 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1055.dll + 2005-09-23 05:30:18 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.2052.dll + 2005-09-23 05:47:06 84,480 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.2070.dll + 2005-09-23 05:29:50 80,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.3076.dll + 2005-09-23 05:36:48 85,504 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.3082.dll + 2005-09-23 06:57:06 245,408 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\unicows.dll + 2007-04-13 02:21:10 413,696 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll + 2005-09-23 06:28:48 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll + 2007-04-13 02:21:10 647,168 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll + 2005-09-23 06:28:48 73,728 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll + 2007-04-13 02:21:08 749,568 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll + 2005-09-23 06:29:10 110,592 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll + 2005-09-23 06:29:10 372,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll + 2005-09-23 06:29:08 667,648 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll + 2005-09-23 06:28:30 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll + 2005-09-23 06:29:10 5,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll + 2005-09-23 06:28:30 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll + 2005-09-23 06:28:30 12,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll + 2005-09-23 06:28:30 7,168 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll + 2007-04-13 02:20:52 87,040 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll + 2005-09-23 06:28:48 69,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe + 2007-04-13 02:21:18 802,304 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll + 2005-09-23 06:28:56 73,216 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll + 2005-09-23 06:28:56 288,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll + 2007-04-13 02:21:16 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll + 2007-04-13 02:21:16 326,656 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll + 2005-09-23 06:28:56 81,408 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorld.dll + 2007-04-13 02:21:16 4,308,992 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll + 2007-04-13 02:21:16 102,912 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll + 2005-09-23 06:29:00 330,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll + 2005-09-23 06:28:56 67,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll + 2005-09-23 06:28:50 9,216 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll + 2007-04-13 02:21:18 227,328 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll + 2007-04-13 02:21:18 68,952 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe + 2005-09-23 06:28:56 10,240 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscortim.dll + 2007-04-13 02:21:12 5,634,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll + 2005-09-23 06:29:00 22,528 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll + 2007-04-13 02:21:16 99,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ngen.exe + 2007-04-13 02:21:18 15,360 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\normalization.dll + 2005-09-23 06:28:56 78,336 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll + 2007-04-13 02:21:12 136,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\peverify.dll + 2005-09-23 06:28:56 53,248 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe + 2005-09-23 06:28:56 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe + 2005-09-23 06:29:02 59,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe + 2005-09-23 06:28:58 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll + 2005-09-23 06:28:56 107,520 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\shfusion.dll + 2005-09-23 06:29:00 85,504 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll + 2007-04-13 02:21:18 382,464 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\SOS.dll + 2007-04-13 02:21:18 110,592 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll + 2007-04-13 02:21:18 413,696 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll + 2005-09-23 06:28:56 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll + 2007-04-13 02:21:16 2,902,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.dll + 2007-04-13 02:21:18 482,304 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll + 2007-04-13 02:21:18 716,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll + 2007-04-13 02:20:58 888,832 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll + 2007-04-13 02:21:16 5,001,216 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Design.dll + 2005-09-23 06:28:56 397,312 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll + 2007-04-13 02:21:18 188,416 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll + 2007-04-13 02:21:16 2,940,928 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.dll + 2005-09-23 06:28:56 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll + 2007-04-13 02:21:16 577,536 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll + 2007-04-13 02:21:16 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll + 2007-04-13 02:21:18 47,616 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll + 2007-04-13 02:21:18 114,176 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll + 2007-04-13 02:21:16 372,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Management.dll + 2005-09-23 06:28:56 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll + 2007-04-13 02:21:16 299,008 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll + 2005-09-23 06:28:56 131,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll + 2005-09-23 06:28:56 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Security.dll + 2005-09-23 06:28:56 114,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll + 2007-04-13 02:21:18 260,096 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll + 2007-04-13 02:21:16 5,156,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.dll + 2005-09-23 06:28:56 835,584 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll + 2005-09-23 06:28:56 86,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll + 2005-09-23 06:28:56 823,296 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll + 2007-04-13 02:21:16 5,152,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll + 2007-04-13 02:21:16 2,027,520 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.XML.dll + 2005-09-23 06:28:56 71,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL + 2007-04-13 02:21:28 1,166,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe + 2007-04-13 02:20:50 1,330,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll + 2007-04-13 02:20:52 406,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\webengine.dll + 2005-09-23 06:28:56 28,160 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll + 2006-08-02 11:39:06 73,728 ----a-w C:\WINDOWS\system32\asuninst.exe + 2007-03-19 12:57:44 655,360 ----a-w C:\WINDOWS\system32\CDDBControl.dll + 2007-03-19 12:57:46 98,304 ----a-w C:\WINDOWS\system32\CddbLangDE.dll + 2007-03-19 12:57:46 98,304 ----a-w C:\WINDOWS\system32\CddbLangES.dll + 2007-03-19 12:57:46 98,304 ----a-w C:\WINDOWS\system32\CddbLangFR.dll + 2007-03-19 12:57:46 102,400 ----a-w C:\WINDOWS\system32\CddbLangIT.dll + 2007-03-19 12:57:44 77,824 ----a-w C:\WINDOWS\system32\CddbLangJA.dll + 2007-03-19 12:57:46 98,304 ----a-w C:\WINDOWS\system32\CddbLangNL.dll + 2007-03-19 12:57:44 765,952 ----a-w C:\WINDOWS\system32\CDDBUI.dll + 2005-09-23 06:28:38 83,456 ----a-w C:\WINDOWS\system32\dfshim.dll + 2007-04-13 02:21:14 271,360 ----a-w C:\WINDOWS\system32\mscoree.dll + 2005-09-23 06:28:52 150,016 ----a-w C:\WINDOWS\system32\mscorier.dll + 2005-09-23 06:28:52 74,240 ----a-w C:\WINDOWS\system32\mscories.dll + 2005-09-23 06:29:00 6,144 ----a-w C:\WINDOWS\system32\mui\0409\mscorees.dll + 2005-09-23 06:28:56 32,768 ----a-w C:\WINDOWS\system32\netfxperf.dll - 2007-10-28 18:23:01 40,128 ----a-w C:\WINDOWS\system32\perfc009.dat + 2007-12-09 14:05:56 58,732 ----a-w C:\WINDOWS\system32\perfc009.dat - 2007-10-28 18:23:01 49,712 ----a-w C:\WINDOWS\system32\perfc015.dat + 2007-12-09 14:05:56 74,450 ----a-w C:\WINDOWS\system32\perfc015.dat - 2007-10-28 18:23:01 311,740 ----a-w C:\WINDOWS\system32\perfh009.dat + 2007-12-09 14:05:56 392,432 ----a-w C:\WINDOWS\system32\perfh009.dat - 2007-10-28 18:23:01 355,830 ----a-w C:\WINDOWS\system32\perfh015.dat + 2007-12-09 14:05:56 448,348 ----a-w C:\WINDOWS\system32\perfh015.dat + 2006-11-02 19:40:12 1,456,704 ----a-w C:\WINDOWS\system32\PSIKey.dll + 2006-11-02 19:40:12 174,656 ----a-w C:\WINDOWS\system32\PSIService.exe + 2007-12-10 20:21:03 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_5a4.dat + 2006-12-01 21:56:00 96,256 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll + 2005-09-23 06:29:16 479,232 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcm80.dll + 2005-09-23 06:29:16 548,864 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcp80.dll + 2005-09-23 06:29:16 626,688 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcr80.dll + 2006-12-01 23:25:52 1,101,824 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll + 2006-12-01 23:25:56 1,093,120 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll + 2006-12-01 23:25:58 69,632 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll + 2006-12-01 23:26:00 57,856 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll + 2006-12-01 23:08:00 40,960 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll + 2006-12-01 23:08:00 45,056 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll + 2006-12-01 23:08:00 65,536 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll + 2006-12-01 23:08:00 57,344 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll + 2006-12-01 23:08:00 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll + 2006-12-01 23:08:00 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll + 2006-12-01 23:08:00 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll + 2006-12-01 23:08:00 49,152 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll + 2006-12-01 23:08:00 49,152 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll + 2006-12-01 23:46:44 65,536 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6c18549a\vcomp.dll + 2007-12-09 14:04:34 258,048 ----a-w C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll + 2007-12-09 14:04:34 114,176 ----a-w C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll . – Snapshot reset to current date – . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “ctfmon.exe”=“C:\WINDOWS\system32\ctfmon.exe” [2004-08-04 00:44] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “D-Link Air Utility”=“C:\Program Files\D-Link\Air Utility\AirCFG.exe” [2003-06-26 17:13] “avast!”=“C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe” [2007-12-04 14:00] “NeroFilterCheck”=“C:\WINDOWS\system32\NeroCheck.exe” [2001-07-09 10:50] “SunJavaUpdateSched”=“C:\Program Files\Java\jre1.6.0\bin\jusched.exe” [2007-08-28 16:22] “WinampAgent”=“C:\Program Files\Winamp\winampa.exe” [2007-10-10 06:28] [HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] “CTFMON.EXE”=“C:\WINDOWS\system32\ctfmon.exe” [2004-08-04 00:44] C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\ Ralink Wireless Utility.lnk - C:\Program Files\RALINK\Common\RaUI.exe [2006-09-29 15:09:05] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Gosia Sówka^Menu Start^Programy^Autostart^Skrót do gg.lnk] path=C:\Documents and Settings\Gosia Sówka\Menu Start\Programy\Autostart\Skrót do gg.lnk backup=C:\WINDOWS\pss\Skrót do gg.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] 2004-08-04 00:44 15360 --a------ C:\WINDOWS\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Komunikator] E:\RYBA\tlen.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NWEReboot] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Resume copy] copyfstq.exe /startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Share-to-Web Namespace Daemon] 2002-04-17 10:42 69632 --a------ C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe R2 NIOC;NIOC Service;??\C:\WINDOWS\system32\NIOC.SYS S3 NETDLWL;D-Link Air Wireless Adapter(DL) NT Driver;C:\WINDOWS\system32\DRIVERS\NETDLWL.SYS S3 W840ND;Karta Winbond W89C840 Based PCI Fast Ethernet Adapter;C:\WINDOWS\system32\DRIVERS\W840ND.sys Start Pending2 WZCBDLService;WZCBDL Service;“C:\Program Files\WZCBDL Service\WZCBDLS.exe” . ************************************************************************** catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-12-10 22:56:24 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes … scanning hidden autostart entries … scanning hidden files … scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-12-10 22:57:37 . — E O F — 2007-12-09 14:06:41

Gutek · 11 Grudzień 2007 19:48

Pobierz program SDFix

sowa_m · 12 Grudzień 2007 21:33

Dzięki za pomoc. Zastosowałam się do twoich wskazówek. Oto co otrzymałam:

SDFix: Version 1.118 Run by Administrator on 2007-12-12 at 22:07 Microsoft Windows XP [Wersja 5.1.2600] Running From: C:\SDFix Safe Mode: Checking Services: Restoring Windows Registry Values Restoring Windows Default Hosts File Rebooting… Normal Mode: Checking Files: No Trojan Files Found Removing Temp Files… ADS Check: C:\WINDOWS No streams found. C:\WINDOWS\system32 No streams found. C:\WINDOWS\system32\svchost.exe No streams found. C:\WINDOWS\system32\ntoskrnl.exe No streams found. Final Check: catchme 0.3.1262.1 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-12-12 22:13:08 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes … scanning hidden services & system hive … scanning hidden registry entries … [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Reporting\EventCache\9482f4b4-e343-43b6-b170-9a65bc822c77] “CurrentCacheFile”=“C:\WINDOWS\SoftwareDistribution\EventCache{15CF0BF3-A2ED-4B2E-B14D-AB80391AC807}.bin” [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Favorites\A\1\5\1c] “Order”=hex:08,00,00,00,02,00,00,00,0c,00,00,00,01,00,00,00,00,00,00,00 [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Twain] “y\1r?\xf3?d?B\1o? ?d?o?m?y?[\1l?n?e?”=“C:\WINDOWS\Twain_32\hpsj_0000\hpsj_0000.ds” scanning hidden files … scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 3 Remaining Services: ------------------ Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] Remaining Files: --------------- Files with Hidden Attributes: Mon 10 Dec 2007 88 …SHR — “C:\WINDOWS\system32\8E8188B378.sys” Mon 10 Dec 2007 2,516 A.SH. — “C:\WINDOWS\system32\KGyGaAvL.sys” Sun 7 May 2006 4,348 …SH. — “C:\Documents and Settings\All Users\DRM\DRMv1.bak” Mon 9 Oct 2006 401 …SH. — “C:\Documents and Settings\All Users\DRM\DRMv17.bak” Fri 28 Apr 2006 0 A…H. — “C:\Documents and Settings\Gosia S˘wka\Dane aplikacji\Microsoft\Word~WRL0004.tmp” Sun 7 May 2006 4,348 …H. — “C:\Documents and Settings\Gosia S˘wka\Moje dokumenty\Moja muzyka\Kopia zapasowa licencji\drmv1key.bak” Sat 13 Oct 2007 401 A…H. — “C:\Documents and Settings\Gosia S˘wka\Moje dokumenty\Moja muzyka\Kopia zapasowa licencji\drmv1lic.bak” Wed 5 Jul 2006 400 A.SH. — “C:\Documents and Settings\Gosia S˘wka\Moje dokumenty\Moja muzyka\Kopia zapasowa licencji\drmv2key.bak” Finished!

Co dalej? Czekam na dalsze wskazówki.

Gutek · 12 Grudzień 2007 23:51

W logacj nic nie widze

sowa_m · 13 Grudzień 2007 21:39

Dziękuję za pomoc. Zastosowałam się do twoich wskazówek. Po zastosowaniu SDFix’a wszystko wróciło do normy, a ad-aware nie znajduje żadnych robków.

Pozdrawiam