Problem z uruchomieniem rejestru, menadżera

[marcinjuve]

Panowie mam następujący problem wyskakuje mi komenda dostęp do rejestru ograniczony przez administratora, nie moge urugomic regedit, ani menadżerą . Podczas prób inastalacji programów antywirusowych zostają one wyłaczone. Diagnozowałem problem ale nie znam sie na komputerach i nie umiem sobie poradzic format systemowego dysku nie pomógł oto log

Kod: Zaznacz wszystko

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:33:09, on 2007-07-05
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\dom\Pulpit\hijackthis.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://interia.pl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe

--
End of file - 2464 bytes

dziekuje za pomoc i proszę o wyrozumiałość w stosunku do mnie jak robie cos źle

[Kuba1]

O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1

Blokada rejestru, fix w Hijackthis.

Daj loga z RSIT, i wtedy sie wszystkim zajmiemy

[marcinjuve]

prosze i dziękuje bardzo za pomoc

Kod: Zaznacz wszystko

Logfile of random's system information tool 1.06 (written by random/random)
Run by dom at 2007-07-05 22:59:31
Microsoft Windows XP Professional Dodatek Service Pack 2
System drive C: has 44 GB (87%) free of 50 GB
Total RAM: 2047 MB (83% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:59:41, on 2007-07-05
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\dom\Pulpit\RSIT.exe
C:\Program Files\trend micro\dom.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://interia.pl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe

--
End of file - 2545 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-06-25 13529088]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-06-25 86016]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-04-10 16861184]
"Alcmtr"=ALCMTR.EXE []
"UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableRegistryTools"=1
"DisableTaskMgr"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoFolderOptions"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"E:\programy\winamp278_full.exe"="E:\programy\winamp278_full.exe:*:Enabled:ipsec"
"C:\WINDOWS\Explorer.EXE"="C:\WINDOWS\Explorer.EXE:*:Enabled:ipsec"
"C:\DOCUME~1\dom\USTAWI~1\Temp\winsioyl.exe"="C:\DOCUME~1\dom\USTAWI~1\Temp\winsioyl.exe:*:Enabled:ipsec"
"C:\DOCUME~1\dom\USTAWI~1\Temp\nhbc.exe"="C:\DOCUME~1\dom\USTAWI~1\Temp\nhbc.exe:*:Enabled:ipsec"
"C:\DOCUME~1\dom\USTAWI~1\Temp\shtt.exe"="C:\DOCUME~1\dom\USTAWI~1\Temp\shtt.exe:*:Enabled:ipsec"
"C:\DOCUME~1\dom\USTAWI~1\Temp\nyjkgx.exe"="C:\DOCUME~1\dom\USTAWI~1\Temp\nyjkgx.exe:*:Enabled:ipsec"
"E:\programy\wrar362.exe"="E:\programy\wrar362.exe:*:Enabled:ipsec"
"C:\DOCUME~1\dom\USTAWI~1\Temp\winqmorl.exe"="C:\DOCUME~1\dom\USTAWI~1\Temp\winqmorl.exe:*:Enabled:ipsec"
"C:\DOCUME~1\dom\USTAWI~1\Temp\winytqpp.exe"="C:\DOCUME~1\dom\USTAWI~1\Temp\winytqpp.exe:*:Enabled:ipsec"
"C:\DOCUME~1\dom\USTAWI~1\Temp\ausdqu.exe"="C:\DOCUME~1\dom\USTAWI~1\Temp\ausdqu.exe:*:Enabled:ipsec"
"C:\DOCUME~1\dom\USTAWI~1\Temp\winhtpqkc.exe"="C:\DOCUME~1\dom\USTAWI~1\Temp\winhtpqkc.exe:*:Enabled:ipsec"
"C:\DOCUME~1\dom\USTAWI~1\Temp\winuvmrs.exe"="C:\DOCUME~1\dom\USTAWI~1\Temp\winuvmrs.exe:*:Enabled:ipsec"
"C:\DOCUME~1\dom\USTAWI~1\Temp\winhbkxp.exe"="C:\DOCUME~1\dom\USTAWI~1\Temp\winhbkxp.exe:*:Enabled:ipsec"
"C:\DOCUME~1\dom\USTAWI~1\Temp\winrreyku.exe"="C:\DOCUME~1\dom\USTAWI~1\Temp\winrreyku.exe:*:Enabled:ipsec"
"C:\DOCUME~1\dom\USTAWI~1\Temp\winwgeqt.exe"="C:\DOCUME~1\dom\USTAWI~1\Temp\winwgeqt.exe:*:Enabled:ipsec"
"C:\DOCUME~1\dom\USTAWI~1\Temp\wintatx.exe"="C:\DOCUME~1\dom\USTAWI~1\Temp\wintatx.exe:*:Enabled:ipsec"
"C:\DOCUME~1\dom\USTAWI~1\Temp\ktebl.exe"="C:\DOCUME~1\dom\USTAWI~1\Temp\ktebl.exe:*:Enabled:ipsec"
"C:\DOCUME~1\dom\USTAWI~1\Temp\vhsjm.exe"="C:\DOCUME~1\dom\USTAWI~1\Temp\vhsjm.exe:*:Enabled:ipsec"
"C:\DOCUME~1\dom\USTAWI~1\Temp\winfrfyr.exe"="C:\DOCUME~1\dom\USTAWI~1\Temp\winfrfyr.exe:*:Enabled:ipsec"
"C:\DOCUME~1\dom\USTAWI~1\Temp\winjhyc.exe"="C:\DOCUME~1\dom\USTAWI~1\Temp\winjhyc.exe:*:Enabled:ipsec"
"C:\DOCUME~1\dom\USTAWI~1\Temp\wintkpvx.exe"="C:\DOCUME~1\dom\USTAWI~1\Temp\wintkpvx.exe:*:Enabled:ipsec"
"C:\DOCUME~1\dom\USTAWI~1\Temp\winimrn.exe"="C:\DOCUME~1\dom\USTAWI~1\Temp\winimrn.exe:*:Enabled:ipsec"
"C:\DOCUME~1\dom\USTAWI~1\Temp\winwfnb.exe"="C:\DOCUME~1\dom\USTAWI~1\Temp\winwfnb.exe:*:Enabled:ipsec"
"C:\DOCUME~1\dom\USTAWI~1\Temp\winmlml.exe"="C:\DOCUME~1\dom\USTAWI~1\Temp\winmlml.exe:*:Enabled:ipsec"
"C:\DOCUME~1\dom\USTAWI~1\Temp\winygbcp.exe"="C:\DOCUME~1\dom\USTAWI~1\Temp\winygbcp.exe:*:Enabled:ipsec"
"C:\DOCUME~1\dom\USTAWI~1\Temp\winpfbskb.exe"="C:\DOCUME~1\dom\USTAWI~1\Temp\winpfbskb.exe:*:Enabled:ipsec"
"C:\WINDOWS\system32\nwiz.exe"="C:\WINDOWS\system32\nwiz.exe:*:Enabled:ipsec"
"C:\WINDOWS\system32\RUNDLL32.EXE"="C:\WINDOWS\system32\RUNDLL32.EXE:*:Enabled:ipsec"
"C:\DOCUME~1\dom\USTAWI~1\Temp\pntnje.exe"="C:\DOCUME~1\dom\USTAWI~1\Temp\pntnje.exe:*:Enabled:ipsec"
"C:\DOCUME~1\dom\USTAWI~1\Temp\aywnkl.exe"="C:\DOCUME~1\dom\USTAWI~1\Temp\aywnkl.exe:*:Enabled:ipsec"
"C:\DOCUME~1\dom\USTAWI~1\Temp\pntluv.exe"="C:\DOCUME~1\dom\USTAWI~1\Temp\pntluv.exe:*:Enabled:ipsec"
"C:\DOCUME~1\dom\USTAWI~1\Temp\avbik.exe"="C:\DOCUME~1\dom\USTAWI~1\Temp\avbik.exe:*:Enabled:ipsec"
"C:\DOCUME~1\dom\USTAWI~1\Temp\w42130.exe"="C:\DOCUME~1\dom\USTAWI~1\Temp\w42130.exe:*:Enabled:ipsec"
"C:\DOCUME~1\dom\USTAWI~1\Temp\psqv.exe"="C:\DOCUME~1\dom\USTAWI~1\Temp\psqv.exe:*:Enabled:ipsec"
"C:\DOCUME~1\dom\USTAWI~1\Temp\wingyone.exe"="C:\DOCUME~1\dom\USTAWI~1\Temp\wingyone.exe:*:Enabled:ipsec"
"C:\DOCUME~1\dom\USTAWI~1\Temp\wingyvq.exe"="C:\DOCUME~1\dom\USTAWI~1\Temp\wingyvq.exe:*:Enabled:ipsec"
"C:\WINDOWS\system32\NOTEPAD.EXE"="C:\WINDOWS\system32\NOTEPAD.EXE:*:Enabled:ipsec"
"C:\WINDOWS\system32\userinit.exe"="C:\WINDOWS\system32\userinit.exe:*:Enabled:ipsec"
"C:\WINDOWS\RTHDCPL.EXE"="C:\WINDOWS\RTHDCPL.EXE:*:Enabled:ipsec"
"C:\DOCUME~1\dom\USTAWI~1\Temp\gyok.exe"="C:\DOCUME~1\dom\USTAWI~1\Temp\gyok.exe:*:Enabled:ipsec"
"C:\DOCUME~1\dom\USTAWI~1\Temp\wlkhl.exe"="C:\DOCUME~1\dom\USTAWI~1\Temp\wlkhl.exe:*:Enabled:ipsec"
"C:\DOCUME~1\dom\USTAWI~1\Temp\winyoemke.exe"="C:\DOCUME~1\dom\USTAWI~1\Temp\winyoemke.exe:*:Enabled:ipsec"
"C:\DOCUME~1\dom\USTAWI~1\Temp\winkjhwej.exe"="C:\DOCUME~1\dom\USTAWI~1\Temp\winkjhwej.exe:*:Enabled:ipsec"
"C:\DOCUME~1\dom\USTAWI~1\Temp\w45f33.exe"="C:\DOCUME~1\dom\USTAWI~1\Temp\w45f33.exe:*:Enabled:ipsec"
"C:\DOCUME~1\dom\USTAWI~1\Temp\ppnd.exe"="C:\DOCUME~1\dom\USTAWI~1\Temp\ppnd.exe:*:Enabled:ipsec"
"C:\DOCUME~1\dom\USTAWI~1\Temp\winrkbmv.exe"="C:\DOCUME~1\dom\USTAWI~1\Temp\winrkbmv.exe:*:Enabled:ipsec"
"C:\DOCUME~1\dom\USTAWI~1\Temp\winptwba.exe"="C:\DOCUME~1\dom\USTAWI~1\Temp\winptwba.exe:*:Enabled:ipsec"
"C:\DOCUME~1\dom\USTAWI~1\Temp\drrr.exe"="C:\DOCUME~1\dom\USTAWI~1\Temp\drrr.exe:*:Enabled:ipsec"
"C:\DOCUME~1\dom\USTAWI~1\Temp\w40aba.exe"="C:\DOCUME~1\dom\USTAWI~1\Temp\w40aba.exe:*:Enabled:ipsec"
"C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe"="C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe:*:Enabled:ipsec"
"C:\DOCUME~1\dom\USTAWI~1\Temp\winvdsg.exe"="C:\DOCUME~1\dom\USTAWI~1\Temp\winvdsg.exe:*:Enabled:ipsec"
"C:\DOCUME~1\dom\USTAWI~1\Temp\mcmvss.exe"="C:\DOCUME~1\dom\USTAWI~1\Temp\mcmvss.exe:*:Enabled:ipsec"
"C:\DOCUME~1\dom\USTAWI~1\Temp\winiavn.exe"="C:\DOCUME~1\dom\USTAWI~1\Temp\winiavn.exe:*:Enabled:ipsec"
"C:\DOCUME~1\dom\USTAWI~1\Temp\wingrax.exe"="C:\DOCUME~1\dom\USTAWI~1\Temp\wingrax.exe:*:Enabled:ipsec"
"C:\DOCUME~1\dom\USTAWI~1\Temp\w47f9c.exe"="C:\DOCUME~1\dom\USTAWI~1\Temp\w47f9c.exe:*:Enabled:ipsec"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2009-01-21 17:11:48 ----A---- C:\WINDOWS\system32\SkanerOnline.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nwiz.exe
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvwssr.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvwss.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvwrszht.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvwrszhc.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvwrstr.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvwrsth.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvwrssv.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvwrssl.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvwrssk.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvwrsru.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvwrsptb.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvwrspt.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvwrspl.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvwrsno.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvwrsnl.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvwrsko.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvwrsja.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvwrsit.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvwrshu.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvwrshe.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvwrsfr.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvwrsfi.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvwrsesm.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvwrses.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvwrseng.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvwrsel.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvwrsde.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvwrsda.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvwrscs.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvwrsar.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvwimg.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvwdmcpl.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvwddi.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvvitvsr.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvvitvs.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvsvc32.exe
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvshell.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvrszht.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvrszhc.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvrstr.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvrsth.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvrssv.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvrssl.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvrssk.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvrsru.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvrsptb.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvrspt.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvrspl.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvrsno.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvrsnl.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvrsko.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvrsja.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvrsit.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvrshu.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvrshe.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvrsfr.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvrsfi.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvrsesm.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvrses.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvrseng.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvrsel.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvrsde.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvrsda.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvrscs.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvrsar.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvoglnt.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvnt4cpl.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvmoblsr.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvmobls.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvmctray.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvmccssr.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvmccss.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvmccsrs.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvmccs.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nview.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvgamesr.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvgames.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvexpbar.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvdspsch.exe
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvdispsr.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvdisps.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvcuda.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvcpluir.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvcplui.exe
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvcpl.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvcolor.exe
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvcodins.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvcod.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvappbar.exe
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nvapi.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\nv4_disp.dll
2008-06-25 21:57:00 ----A---- C:\WINDOWS\system32\keystone.exe
2008-04-11 21:17:50 ----A---- C:\WINDOWS\system32\SkanerOnlineUninstall.exe
2007-07-05 19:03:36 ----D---- C:\Documents and Settings\dom\Dane aplikacji\Ubisoft
2007-07-05 19:03:36 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Ubisoft
2007-07-05 18:23:39 ----D---- C:\SDFix
2007-07-05 18:08:24 ----D---- C:\Documents and Settings\dom\Dane aplikacji\Malwarebytes
2007-07-05 18:08:20 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2007-07-05 18:08:20 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
2007-07-05 18:05:44 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2007-07-05 18:05:44 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2007-07-05 18:05:44 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2007-07-05 18:05:44 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2007-07-05 18:05:44 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2007-07-05 18:05:43 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2007-07-05 18:05:43 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2007-07-05 18:05:43 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2007-07-05 18:05:43 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2007-07-05 18:05:43 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2007-07-05 18:05:42 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2007-07-05 18:05:42 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2007-07-05 18:05:42 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2007-07-05 18:05:42 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2007-07-05 18:05:42 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2007-07-05 18:05:42 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2007-07-05 18:05:41 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2007-07-05 18:05:41 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2007-07-05 18:05:41 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2007-07-05 18:05:41 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2007-07-05 18:05:41 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2007-07-05 18:05:41 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2007-07-05 18:05:40 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2007-07-05 18:05:40 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2007-07-05 18:05:40 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2007-07-05 18:05:40 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2007-07-05 18:05:40 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2007-07-05 18:05:39 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2007-07-05 18:05:39 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2007-07-05 18:05:39 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2007-07-05 18:05:39 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2007-07-05 18:05:39 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2007-07-05 18:05:38 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2007-07-05 18:05:38 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2007-07-05 18:05:38 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2007-07-05 18:05:38 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2007-07-05 18:05:38 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2007-07-05 18:05:37 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2007-07-05 18:05:37 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2007-07-05 18:05:37 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2007-07-05 18:05:36 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2007-07-05 17:59:26 ----D---- C:\WINDOWS\Logs
2007-07-05 17:41:19 ----D---- C:\Program Files\Alwil Software
2007-07-05 17:22:53 ----D---- C:\Program Files\trend micro
2007-07-05 17:22:49 ----D---- C:\rsit
2007-07-05 16:12:04 ----D---- C:\Program Files\SkanerOnline
2007-07-05 15:47:27 ----D---- C:\Program Files\Spyware Doctor
2007-07-05 15:47:27 ----D---- C:\Documents and Settings\dom\Dane aplikacji\PC Tools
2007-07-05 15:47:17 ----A---- C:\WINDOWS\system32\msvcr80.dll
2007-07-05 15:47:17 ----A---- C:\WINDOWS\system32\msvcr71.dll
2007-07-05 15:47:17 ----A---- C:\WINDOWS\system32\msvcp71.dll
2007-07-05 15:44:03 ----HD---- C:\WINDOWS\system32\GroupPolicy
2007-07-05 15:36:18 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2007-07-05 15:36:18 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2007-07-05 15:36:18 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2007-07-05 15:36:18 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2007-07-05 15:36:17 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2007-07-05 15:36:17 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2007-07-05 15:36:17 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2007-07-05 15:36:16 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2007-07-05 15:36:16 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2007-07-05 15:36:16 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2007-07-05 15:36:15 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2007-07-05 15:36:15 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2007-07-05 15:36:15 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2007-07-05 15:36:15 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2007-07-05 15:36:15 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2007-07-05 15:36:15 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2007-07-05 15:36:14 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2007-07-05 15:36:14 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2007-07-05 15:36:14 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2007-07-05 15:36:14 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2007-07-05 15:36:14 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2007-07-05 15:36:13 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2007-07-05 15:36:13 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2007-07-05 15:36:13 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2007-07-05 15:36:13 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2007-07-05 15:36:13 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2007-07-05 15:36:12 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2007-07-05 15:36:12 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2007-07-05 15:36:12 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2007-07-05 15:36:12 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2007-07-05 15:36:11 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2007-07-05 15:29:46 ----D---- C:\Program Files\Alcohol Soft
2007-07-05 14:50:43 ----SHD---- C:\RECYCLER
2007-07-05 14:35:39 ----D---- C:\Documents and Settings\dom\Dane aplikacji\Macromedia
2007-07-05 14:35:39 ----D---- C:\Documents and Settings\dom\Dane aplikacji\Adobe
2007-07-05 14:31:53 ----D---- C:\Program Files\WinRAR
2007-07-05 14:25:11 ----R---- C:\WINDOWS\system32\ChCfg.exe
2007-07-05 14:24:37 ----R---- C:\WINDOWS\SoundMan.exe
2007-07-05 14:24:36 ----R---- C:\WINDOWS\RtlUpd.exe
2007-07-05 14:24:34 ----R---- C:\WINDOWS\RTLCPL.exe
2007-07-05 14:24:24 ----R---- C:\WINDOWS\RTHDCPL.exe
2007-07-05 14:24:23 ----R---- C:\WINDOWS\MicCal.exe
2007-07-05 14:24:21 ----R---- C:\WINDOWS\alcwzrd.exe
2007-07-05 14:24:21 ----D---- C:\Program Files\Realtek
2007-07-05 14:24:12 ----R---- C:\WINDOWS\RtlExUpd.dll
2007-07-05 13:56:16 ----A---- C:\WINDOWS\system32\h323log.txt
2007-07-05 13:53:27 ----A---- C:\WINDOWS\system32\usbui.dll
2007-07-05 13:52:31 ----A---- C:\WINDOWS\imsins.BAK
2007-07-05 13:52:28 ----SHD---- C:\WINDOWS\Installer
2007-07-05 13:52:28 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2007-07-05 13:52:27 ----D---- C:\Program Files\Common Files\ODBC
2007-07-05 13:52:27 ----A---- C:\WINDOWS\ODBCINST.INI
2007-07-05 13:52:25 ----D---- C:\Program Files\Common Files\SpeechEngines
2007-07-05 13:52:24 ----RD---- C:\Program Files
2007-07-05 13:52:24 ----D---- C:\Program Files\Common Files\Microsoft Shared
2007-07-05 13:52:24 ----D---- C:\Program Files\Common Files
2007-07-05 13:52:21 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2007-07-05 13:52:21 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2007-07-05 13:52:21 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2007-07-05 13:52:20 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2007-07-05 13:52:20 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2007-07-05 13:52:20 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2007-07-05 13:52:19 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2007-07-05 13:52:19 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2007-07-05 13:52:19 ----RA---- C:\WINDOWS\system32\kbdur.dll
2007-07-05 13:52:19 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2007-07-05 13:52:19 ----RA---- C:\WINDOWS\system32\kbdru.dll
2007-07-05 13:52:19 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2007-07-05 13:52:19 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2007-07-05 13:52:19 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2007-07-05 13:52:19 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2007-07-05 13:52:18 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2007-07-05 13:52:18 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2007-07-05 13:52:18 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2007-07-05 13:52:18 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2007-07-05 13:52:18 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2007-07-05 13:52:18 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2007-07-05 13:52:18 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2007-07-05 13:52:16 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2007-07-05 13:52:16 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2007-07-05 13:52:16 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2007-07-05 13:52:16 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2007-07-05 13:52:16 ----RA---- C:\WINDOWS\system32\kbdest.dll
2007-07-05 13:52:13 ----A---- C:\WINDOWS\system32\kbdycl.dll
2007-07-05 13:52:13 ----A---- C:\WINDOWS\system32\kbdsl1.dll
2007-07-05 13:52:13 ----A---- C:\WINDOWS\system32\kbdsl.dll
2007-07-05 13:52:13 ----A---- C:\WINDOWS\system32\kbdro.dll
2007-07-05 13:52:13 ----A---- C:\WINDOWS\system32\kbdhu1.dll
2007-07-05 13:52:13 ----A---- C:\WINDOWS\system32\kbdhu.dll
2007-07-05 13:52:13 ----A---- C:\WINDOWS\system32\kbdcz2.dll
2007-07-05 13:52:13 ----A---- C:\WINDOWS\system32\kbdcz1.dll
2007-07-05 13:52:13 ----A---- C:\WINDOWS\system32\kbdcz.dll
2007-07-05 13:52:13 ----A---- C:\WINDOWS\system32\kbdcr.dll
2007-07-05 13:52:13 ----A---- C:\WINDOWS\system32\KBDAL.DLL
2007-07-05 13:52:12 ----A---- C:\WINDOWS\system32\spxcoins.dll
2007-07-05 13:52:12 ----A---- C:\WINDOWS\system32\irclass.dll
2007-07-05 13:52:12 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2007-07-05 13:52:12 ----A---- C:\WINDOWS\system32\dgsetup.dll
2007-07-05 13:52:12 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2007-07-05 13:52:10 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2007-07-05 13:52:10 ----A---- C:\WINDOWS\TASKMAN.EXE
2007-07-05 13:52:10 ----A---- C:\WINDOWS\system32\batt.dll
2007-07-05 13:52:09 ----A---- C:\WINDOWS\system32\storprop.dll
2007-07-05 13:52:09 ----A---- C:\WINDOWS\NOTEPAD.EXE
2007-07-05 13:52:02 ----ASH---- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini
2007-07-05 13:52:00 ----RA---- C:\WINDOWS\SET8.tmp
2007-07-05 13:51:58 ----RA---- C:\WINDOWS\SET4.tmp
2007-07-05 13:51:56 ----RA---- C:\WINDOWS\SET3.tmp
2007-07-05 13:51:52 ----D---- C:\WINDOWS\system32\CatRoot2
2007-07-05 13:51:52 ----D---- C:\WINDOWS\system32\CatRoot
2007-07-05 13:51:46 ----SD---- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft
2007-07-05 13:51:29 ----A---- C:\WINDOWS\setuplog.txt
2007-07-05 13:51:27 ----D---- C:\Documents and Settings
2007-07-05 13:50:50 ----RSH---- C:\boot.ini
2007-07-05 13:48:47 ----SHD---- C:\System Volume Information
2007-07-05 13:47:03 ----RSHDC---- C:\WINDOWS\system32\dllcache
2007-07-05 13:47:03 ----RSD---- C:\WINDOWS\Fonts
2007-07-05 13:47:03 ----RD---- C:\WINDOWS\Web
2007-07-05 13:47:03 ----HD---- C:\WINDOWS\inf
2007-07-05 13:47:03 ----D---- C:\WINDOWS\WinSxS
2007-07-05 13:47:03 ----D---- C:\WINDOWS\twain_32
2007-07-05 13:47:03 ----D---- C:\WINDOWS\Temp
2007-07-05 13:47:03 ----D---- C:\WINDOWS\system32\wins
2007-07-05 13:47:03 ----D---- C:\WINDOWS\system32\wbem
2007-07-05 13:47:03 ----D---- C:\WINDOWS\system32\usmt
2007-07-05 13:47:03 ----D---- C:\WINDOWS\system32\spool
2007-07-05 13:47:03 ----D---- C:\WINDOWS\system32\ShellExt
2007-07-05 13:47:03 ----D---- C:\WINDOWS\system32\Setup
2007-07-05 13:47:03 ----D---- C:\WINDOWS\system32\ras
2007-07-05 13:47:03 ----D---- C:\WINDOWS\system32\oobe
2007-07-05 13:47:03 ----D---- C:\WINDOWS\system32\npp
2007-07-05 13:47:03 ----D---- C:\WINDOWS\system32\mui
2007-07-05 13:47:03 ----D---- C:\WINDOWS\system32\inetsrv
2007-07-05 13:47:03 ----D---- C:\WINDOWS\system32\IME
2007-07-05 13:47:03 ----D---- C:\WINDOWS\system32\icsxml
2007-07-05 13:47:03 ----D---- C:\WINDOWS\system32\ias
2007-07-05 13:47:03 ----D---- C:\WINDOWS\system32\export
2007-07-05 13:47:03 ----D---- C:\WINDOWS\system32\drivers
2007-07-05 13:47:03 ----D---- C:\WINDOWS\system32\dhcp
2007-07-05 13:47:03 ----D---- C:\WINDOWS\system32\config
2007-07-05 13:47:03 ----D---- C:\WINDOWS\system32\3com_dmi
2007-07-05 13:47:03 ----D---- C:\WINDOWS\system32\3076
2007-07-05 13:47:03 ----D---- C:\WINDOWS\system32\2052
2007-07-05 13:47:03 ----D---- C:\WINDOWS\system32\1054
2007-07-05 13:47:03 ----D---- C:\WINDOWS\system32\1045
2007-07-05 13:47:03 ----D---- C:\WINDOWS\system32\1042
2007-07-05 13:47:03 ----D---- C:\WINDOWS\system32\1041
2007-07-05 13:47:03 ----D---- C:\WINDOWS\system32\1037
2007-07-05 13:47:03 ----D---- C:\WINDOWS\system32\1033
2007-07-05 13:47:03 ----D---- C:\WINDOWS\system32\1031
2007-07-05 13:47:03 ----D---- C:\WINDOWS\system32\1028
2007-07-05 13:47:03 ----D---- C:\WINDOWS\system32\1025
2007-07-05 13:47:03 ----D---- C:\WINDOWS\system32
2007-07-05 13:47:03 ----D---- C:\WINDOWS\system
2007-07-05 13:47:03 ----D---- C:\WINDOWS\security
2007-07-05 13:47:03 ----D---- C:\WINDOWS\Resources
2007-07-05 13:47:03 ----D---- C:\WINDOWS\repair
2007-07-05 13:47:03 ----D---- C:\WINDOWS\Provisioning
2007-07-05 13:47:03 ----D---- C:\WINDOWS\PeerNet
2007-07-05 13:47:03 ----D---- C:\WINDOWS\pchealth
2007-07-05 13:47:03 ----D---- C:\WINDOWS\mui
2007-07-05 13:47:03 ----D---- C:\WINDOWS\msapps
2007-07-05 13:47:03 ----D---- C:\WINDOWS\msagent
2007-07-05 13:47:03 ----D---- C:\WINDOWS\Media
2007-07-05 13:47:03 ----D---- C:\WINDOWS\java
2007-07-05 13:47:03 ----D---- C:\WINDOWS\ime
2007-07-05 13:47:03 ----D---- C:\WINDOWS\Help
2007-07-05 13:47:03 ----D---- C:\WINDOWS\ehome
2007-07-05 13:47:03 ----D---- C:\WINDOWS\Driver Cache
2007-07-05 13:47:03 ----D---- C:\WINDOWS\Debug
2007-07-05 13:47:03 ----D---- C:\WINDOWS\Cursors
2007-07-05 13:47:03 ----D---- C:\WINDOWS\Connection Wizard
2007-07-05 13:47:03 ----D---- C:\WINDOWS\Config
2007-07-05 13:47:03 ----D---- C:\WINDOWS\AppPatch
2007-07-05 13:47:03 ----D---- C:\WINDOWS\addins
2007-07-05 13:47:03 ----D---- C:\WINDOWS
2007-07-05 13:12:39 ----D---- C:\Documents and Settings\dom\Dane aplikacji\Gadu-Gadu
2007-07-05 12:48:08 ----D---- C:\WINDOWS\nview
2007-07-05 12:48:08 ----A---- C:\WINDOWS\system32\nvudisp.exe
2007-07-05 12:44:00 ----D---- C:\WINDOWS\system32\WinFox
2007-07-05 12:44:00 ----D---- C:\WINDOWS\system32\WinFast
2007-07-05 12:40:30 ----D---- C:\Program Files\Gadu-Gadu
2007-07-05 12:38:07 ----A---- C:\WINDOWS\winamp.ini
2007-07-05 12:38:02 ----D---- C:\Program Files\Winamp
2007-07-05 12:37:02 ----D---- C:\WINDOWS\system32\Lang
2007-07-05 12:35:54 ----D---- C:\WINDOWS\system32\RTCOM
2007-07-05 12:35:53 ----A---- C:\WINDOWS\system32\ksuser.dll
2007-07-05 12:35:28 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2007-07-05 12:34:54 ----A---- C:\WINDOWS\HideWin.exe
2007-07-05 12:34:51 ----D---- C:\Program Files\Common Files\InstallShield
2007-07-05 12:34:41 ----D---- C:\WINDOWS\system32\ReinstallBackups
2007-07-05 12:34:38 ----DC---- C:\WINDOWS\system32\DRVSTORE
2007-07-05 12:34:35 ----HD---- C:\Program Files\InstallShield Installation Information
2007-07-05 12:34:35 ----D---- C:\Program Files\AMD
2007-07-05 12:34:17 ----D---- C:\Documents and Settings\dom\Dane aplikacji\InstallShield
2007-07-05 12:33:23 ----RA---- C:\WINDOWS\system32\nvusmb.exe
2007-07-05 12:33:11 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2007-07-05 12:27:18 ----D---- C:\Documents and Settings\dom\Dane aplikacji\Identities
2007-07-05 12:27:16 ----HD---- C:\Program Files\Uninstall Information
2007-07-05 12:27:12 ----SD---- C:\Documents and Settings\dom\Dane aplikacji\Microsoft
2007-07-05 12:27:12 ----ASH---- C:\Documents and Settings\dom\Dane aplikacji\desktop.ini
2007-07-05 12:26:36 ----D---- C:\WINDOWS\SoftwareDistribution
2007-07-05 12:26:35 ----D---- C:\WINDOWS\Prefetch
2007-07-05 12:26:34 ----SD---- C:\WINDOWS\system32\Microsoft
2007-07-05 12:26:34 ----A---- C:\WINDOWS\SchedLgU.Txt
2007-07-05 12:01:07 ----D---- C:\WINDOWS\system32\xircom
2007-07-05 12:01:07 ----D---- C:\Program Files\xerox
2007-07-05 12:01:07 ----D---- C:\Program Files\microsoft frontpage
2007-07-05 12:00:48 ----A---- C:\WINDOWS\control.ini
2007-07-05 12:00:48 ----A---- C:\AUTOEXEC.BAT
2007-07-05 12:00:39 ----A---- C:\WINDOWS\OEWABLog.txt
2007-07-05 12:00:35 ----A---- C:\WINDOWS\system32\mapi32.dll
2007-07-05 11:59:53 ----RD---- C:\WINDOWS\Offline Web Pages
2007-07-05 11:59:52 ----SD---- C:\WINDOWS\Downloaded Program Files
2007-07-05 11:59:52 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2007-07-05 11:59:48 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2007-07-05 11:59:43 ----HD---- C:\Program Files\WindowsUpdate
2007-07-05 11:59:40 ----D---- C:\Program Files\Usługi online
2007-07-05 11:59:27 ----D---- C:\WINDOWS\system32\DirectX
2007-07-05 11:59:10 ----A---- C:\WINDOWS\system32\atrace.dll
2007-07-05 11:59:08 ----A---- C:\WINDOWS\system32\desktop.ini
2007-07-05 11:59:08 ----A---- C:\WINDOWS\desktop.ini
2007-07-05 11:59:02 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2007-07-05 11:59:01 ----A---- C:\WINDOWS\system32\acctres.dll
2007-07-05 11:59:00 ----D---- C:\Program Files\Common Files\Services
2007-07-05 11:58:58 ----SD---- C:\WINDOWS\Tasks
2007-07-05 11:58:58 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2007-07-05 11:58:57 ----D---- C:\Program Files\Common Files\MSSoap
2007-07-05 11:58:53 ----D---- C:\WINDOWS\system32\Macromed
2007-07-05 11:58:53 ----D---- C:\WINDOWS\srchasst
2007-07-05 11:58:50 ----A---- C:\WINDOWS\system32\wuweb.dll
2007-07-05 11:58:50 ----A---- C:\WINDOWS\system32\wups.dll
2007-07-05 11:58:50 ----A---- C:\WINDOWS\system32\wucltui.dll
2007-07-05 11:58:50 ----A---- C:\WINDOWS\system32\wuauserv.dll
2007-07-05 11:58:50 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2007-07-05 11:58:50 ----A---- C:\WINDOWS\system32\wuaueng.dll
2007-07-05 11:58:50 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2007-07-05 11:58:50 ----A---- C:\WINDOWS\system32\wuauclt.exe
2007-07-05 11:58:50 ----A---- C:\WINDOWS\system32\wuapi.dll
2007-07-05 11:58:49 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2007-07-05 11:58:49 ----A---- C:\WINDOWS\system32\qmgr.dll
2007-07-05 11:58:49 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2007-07-05 11:58:49 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2007-07-05 11:58:46 ----D---- C:\Program Files\Movie Maker
2007-07-05 11:58:43 ----A---- C:\WINDOWS\system32\safrslv.dll
2007-07-05 11:58:43 ----A---- C:\WINDOWS\system32\safrdm.dll
2007-07-05 11:58:42 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2007-07-05 11:58:42 ----A---- C:\WINDOWS\system32\racpldlg.dll
2007-07-05 11:58:40 ----A---- C:\WINDOWS\system32\fltMc.exe
2007-07-05 11:58:40 ----A---- C:\WINDOWS\system32\fltlib.dll
2007-07-05 11:58:39 ----D---- C:\WINDOWS\system32\Restore
2007-07-05 11:58:39 ----A---- C:\WINDOWS\system32\srsvc.dll
2007-07-05 11:58:39 ----A---- C:\WINDOWS\system32\srrstr.dll
2007-07-05 11:58:39 ----A---- C:\WINDOWS\system32\srclient.dll
2007-07-05 11:58:38 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2007-07-05 11:58:38 ----A---- C:\WINDOWS\system32\msconf.dll
2007-07-05 11:58:38 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2007-07-05 11:58:38 ----A---- C:\WINDOWS\system32\mnmdd.dll
2007-07-05 11:58:38 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2007-07-05 11:58:38 ----A---- C:\WINDOWS\system32\ils.dll
2007-07-05 11:58:35 ----D---- C:\Program Files\NetMeeting
2007-07-05 11:58:35 ----A---- C:\WINDOWS\system32\msoert2.dll
2007-07-05 11:58:35 ----A---- C:\WINDOWS\system32\msoeacct.dll
2007-07-05 11:58:35 ----A---- C:\WINDOWS\system32\inetres.dll
2007-07-05 11:58:34 ----A---- C:\WINDOWS\system32\inetcomm.dll
2007-07-05 11:58:33 ----D---- C:\Program Files\Outlook Express
2007-07-05 11:58:33 ----A---- C:\WINDOWS\system32\schedsvc.dll
2007-07-05 11:58:33 ----A---- C:\WINDOWS\system32\mstinit.exe
2007-07-05 11:58:33 ----A---- C:\WINDOWS\system32\mstask.dll
2007-07-05 11:58:32 ----A---- C:\WINDOWS\system32\isign32.dll
2007-07-05 11:58:32 ----A---- C:\WINDOWS\system32\inetcfg.dll
2007-07-05 11:58:32 ----A---- C:\WINDOWS\system32\icwphbk.dll
2007-07-05 11:58:32 ----A---- C:\WINDOWS\system32\icwdial.dll
2007-07-05 11:58:27 ----D---- C:\Program Files\Internet Explorer
2007-07-05 11:58:27 ----D---- C:\Program Files\Common Files\System
2007-07-05 11:58:00 ----D---- C:\Program Files\ComPlus Applications
2007-07-05 11:57:58 ----A---- C:\WINDOWS\vbaddin.ini
2007-07-05 11:57:58 ----A---- C:\WINDOWS\vb.ini
2007-07-05 11:57:54 ----D---- C:\WINDOWS\Registration
2007-07-05 11:57:48 ----D---- C:\Program Files\Windows Media Player
2007-07-05 11:57:43 ----D---- C:\Program Files\Messenger
2007-07-05 11:57:39 ----D---- C:\Program Files\MSN Gaming Zone
2007-07-05 11:57:39 ----A---- C:\WINDOWS\system32\write.exe
2007-07-05 11:57:32 ----A---- C:\WINDOWS\system32\sndvol32.exe
2007-07-05 11:57:32 ----A---- C:\WINDOWS\system32\hticons.dll
2007-07-05 11:57:32 ----A---- C:\WINDOWS\system32\avwav.dll
2007-07-05 11:57:32 ----A---- C:\WINDOWS\system32\avtapi.dll
2007-07-05 11:57:32 ----A---- C:\WINDOWS\system32\avmeter.dll
2007-07-05 11:57:31 ----A---- C:\WINDOWS\system32\winchat.exe
2007-07-05 11:57:25 ----A---- C:\WINDOWS\system32\getuname.dll
2007-07-05 11:57:25 ----A---- C:\WINDOWS\system32\charmap.exe
2007-07-05 11:57:25 ----A---- C:\WINDOWS\system32\calc.exe
2007-07-05 11:57:24 ----A---- C:\WINDOWS\system32\winmine.exe
2007-07-05 11:57:24 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2007-07-05 11:57:24 ----A---- C:\WINDOWS\system32\tskill.exe
2007-07-05 11:57:24 ----A---- C:\WINDOWS\system32\sol.exe
2007-07-05 11:57:24 ----A---- C:\WINDOWS\system32\reset.exe
2007-07-05 11:57:24 ----A---- C:\WINDOWS\system32\mshearts.exe
2007-07-05 11:57:24 ----A---- C:\WINDOWS\system32\freecell.exe
2007-07-05 11:57:23 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2007-07-05 11:57:23 ----A---- C:\WINDOWS\system32\tslabels.ini
2007-07-05 11:57:23 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2007-07-05 11:57:23 ----A---- C:\WINDOWS\system32\tscon.exe
2007-07-05 11:57:23 ----A---- C:\WINDOWS\system32\shadow.exe
2007-07-05 11:57:23 ----A---- C:\WINDOWS\system32\rwinsta.exe
2007-07-05 11:57:23 ----A---- C:\WINDOWS\system32\regini.exe
2007-07-05 11:57:23 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2007-07-05 11:57:23 ----A---- C:\WINDOWS\system32\qwinsta.exe
2007-07-05 11:57:23 ----A---- C:\WINDOWS\system32\qappsrv.exe
2007-07-05 11:57:23 ----A---- C:\WINDOWS\system32\msg.exe
2007-07-05 11:57:23 ----A---- C:\WINDOWS\system32\logoff.exe
2007-07-05 11:57:23 ----A---- C:\WINDOWS\system32\cdmodem.dll
2007-07-05 11:57:22 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2007-07-05 11:57:22 ----A---- C:\WINDOWS\system32\mtxex.dll
2007-07-05 11:57:22 ----A---- C:\WINDOWS\system32\mtxdm.dll
2007-07-05 11:57:22 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2007-07-05 11:57:22 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2007-07-05 11:57:22 ----A---- C:\WINDOWS\system32\comaddin.dll
2007-07-05 11:57:21 ----A---- C:\WINDOWS\system32\stclient.dll
2007-07-05 11:57:21 ----A---- C:\WINDOWS\system32\comsnap.dll
2007-07-05 11:57:21 ----A---- C:\WINDOWS\system32\comrepl.dll
2007-07-05 11:57:17 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2007-07-05 11:57:16 ----A---- C:\WINDOWS\system32\sndrec32.exe
2007-07-05 11:57:16 ----A---- C:\WINDOWS\system32\mplay32.exe
2007-07-05 11:57:16 ----A---- C:\WINDOWS\system32\hypertrm.dll
2007-07-05 11:57:16 ----A---- C:\WINDOWS\system32\accwiz.exe
2007-07-05 11:57:15 ----D---- C:\Program Files\Windows NT
2007-07-05 11:57:15 ----A---- C:\WINDOWS\system32\mspaint.exe
2007-07-05 11:57:15 ----A---- C:\WINDOWS\system32\clipbrd.exe
2007-07-05 11:57:14 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2007-07-05 11:57:14 ----A---- C:\WINDOWS\system32\spider.exe
2007-07-05 11:57:14 ----A---- C:\WINDOWS\system32\remotepg.dll
2007-07-05 11:57:14 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2007-07-05 11:57:14 ----A---- C:\WINDOWS\system32\mstscax.dll
2007-07-05 11:57:14 ----A---- C:\WINDOWS\system32\mstsc.exe
2007-07-05 11:57:13 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2007-07-05 11:57:13 ----A---- C:\WINDOWS\system32\termsrv.dll
2007-07-05 11:57:13 ----A---- C:\WINDOWS\system32\sessmgr.exe
2007-07-05 11:57:13 ----A---- C:\WINDOWS\system32\rdshost.exe
2007-07-05 11:57:13 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2007-07-05 11:57:13 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2007-07-05 11:57:13 ----A---- C:\WINDOWS\system32\rdpclip.exe
2007-07-05 11:57:13 ----A---- C:\WINDOWS\system32\rdchost.dll
2007-07-05 11:57:13 ----A---- C:\WINDOWS\system32\qprocess.exe
2007-07-05 11:57:13 ----A---- C:\WINDOWS\system32\icaapi.dll
2007-07-05 11:57:13 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2007-07-05 11:57:12 ----D---- C:\WINDOWS\system32\MsDtc
2007-07-05 11:57:12 ----A---- C:\WINDOWS\system32\xolehlp.dll
2007-07-05 11:57:12 ----A---- C:\WINDOWS\system32\mtxoci.dll
2007-07-05 11:57:12 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2007-07-05 11:57:12 ----A---- C:\WINDOWS\system32\msdtctm.dll
2007-07-05 11:57:12 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2007-07-05 11:57:12 ----A---- C:\WINDOWS\system32\msdtclog.dll
2007-07-05 11:57:12 ----A---- C:\WINDOWS\system32\msdtc.exe
2007-07-05 11:57:11 ----D---- C:\WINDOWS\system32\Com
2007-07-05 11:57:11 ----A---- C:\WINDOWS\system32\colbact.dll
2007-07-05 11:57:11 ----A---- C:\WINDOWS\system32\clbcatex.dll
2007-07-05 11:57:11 ----A---- C:\WINDOWS\system32\catsrvps.dll
2007-07-05 11:57:10 ----A---- C:\WINDOWS\system32\comuid.dll
2007-07-05 11:57:10 ----A---- C:\WINDOWS\system32\comsvcs.dll
2007-07-05 11:57:10 ----A---- C:\WINDOWS\system32\catsrvut.dll
2007-07-05 11:57:10 ----A---- C:\WINDOWS\system32\catsrv.dll
2007-07-05 11:57:09 ----A---- C:\WINDOWS\system32\clbcatq.dll
2007-07-05 11:57:04 ----A---- C:\WINDOWS\system32\servdeps.dll
2007-07-05 11:57:04 ----A---- C:\WINDOWS\system32\mmfutil.dll
2007-07-05 11:57:04 ----A---- C:\WINDOWS\system32\licwmi.dll
2007-07-05 11:57:04 ----A---- C:\WINDOWS\system32\cmprops.dll

======List of files/folders modified in the last 1 months======

2007-07-05 12:37:58 ----A---- C:\WINDOWS\system.ini
2007-07-05 12:00:48 ----A---- C:\WINDOWS\win.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;Sterownik procesora AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43520]
R3 abp470n5;abp470n5; \??\C:\WINDOWS\system32\drivers\rhpr.sys []
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-04-17 4707328]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-06-25 6555168]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-01-03 105856]
R3 usbehci;Sterownik Miniport rozszerzonego kontrolera hosta USB 2.0 Microsoft; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Koncentrator z obsługą USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbohci;Sterownik Miniport otwartego kontrolera hosta USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024]
S3 GMSIPCI;GMSIPCI; \??\G:\INSTALL\GMSIPCI.SYS []
S3 IKFileFlt;File Filter Driver; C:\WINDOWS\system32\drivers\ikfileflt.sys [2007-05-23 39376]
S3 IKFileSec;File Security Driver; C:\WINDOWS\system32\drivers\ikfilesec.sys [2007-05-23 53840]
S3 IkSysFlt;System Filter Driver; C:\WINDOWS\system32\drivers\iksysflt.sys [2007-05-23 57424]
S3 IKSysSec;System Security Driver; C:\WINDOWS\system32\drivers\iksyssec.sys [2007-05-23 83024]
S3 MSICPL;MSICPL; \??\G:\install4\MSICPL.sys []
S3 NTACCESS;NTACCESS; \??\G:\NTACCESS.sys []
S3 SetupNTGLM7X;SetupNTGLM7X; \??\G:\NTGLM7X.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-06-25 159812]
S3 sdAuxService;Spyware Doctor Auxiliary Service; C:\Program Files\Spyware Doctor\svcntaux.exe [2007-07-05 708424]
S3 sdCoreService;Spyware Doctor Service; C:\Program Files\Spyware Doctor\swdsvc.exe [2007-07-05 1309264]

-----------------EOF-----------------


[wojtas]

Daj loga z combofixa ale zainstaluj wraz z nim konsolę odzyskiwania ( instrukcja programu )

[marcinjuve]

[code][ComboFix 09-07-06.02 - dom 2007-07-07 13:21.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.48.1045.18.2047.1697 [GMT 2:00]
Uruchomiony z: c:\documents and settings\dom\Pulpit\ComboFix.exe
* Utworzono nowy punkt przywracania
.

((((((((((((((((((((((((( Pliki utworzone od 2007-06-07 do 2007-07-07 )))))))))))))))))))))))))))))))
.

2009-03-15 10:25 . 2009-03-15 10:25 56268 ----a-w- c:\windows\system32\drivers\scdemu.sys
2009-01-21 15:11 . 2009-01-21 15:11 473600 ----a-w- c:\windows\system32\SkanerOnline.dll
2008-04-11 19:17 . 2008-04-11 19:17 89088 ----a-w- c:\windows\system32\SkanerOnlineUninstall.exe
2007-07-06 08:59 . 2007-07-06 08:59 -------- d-----w- c:\program files\PowerISO
2007-07-06 08:31 . 2007-07-06 08:31 -------- d-----w- c:\program files\7-Zip
2007-07-05 17:03 . 2007-07-05 17:03 -------- d-----w- c:\documents and settings\dom\Dane aplikacji\Ubisoft
2007-07-05 17:03 . 2007-07-05 17:03 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Ubisoft
2007-07-05 16:23 . 2008-11-06 00:03 -------- d-----w- C:\SDFix
2007-07-05 16:08 . 2007-07-05 16:08 -------- d-----w- c:\documents and settings\dom\Dane aplikacji\Malwarebytes
2007-07-05 16:08 . 2009-06-17 09:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2007-07-05 16:08 . 2009-06-17 09:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2007-07-05 16:08 . 2007-07-05 16:08 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2007-07-05 16:08 . 2007-07-05 16:08 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Malwarebytes
2007-07-05 15:59 . 2007-07-05 15:59 -------- d-----w- c:\windows\Logs
2007-07-05 15:41 . 2007-07-05 15:41 -------- d-----w- c:\program files\Alwil Software
2007-07-05 15:22 . 2007-07-05 20:59 -------- d-----w- c:\program files\trend micro
2007-07-05 15:22 . 2007-07-05 15:23 -------- d-----w- C:\rsit
2007-07-05 14:12 . 2007-07-05 14:49 -------- d-----w- c:\program files\SkanerOnline
2007-07-05 13:47 . 2007-05-23 14:58 29264 ----a-w- c:\windows\system32\drivers\kcom.sys
2007-07-05 13:47 . 2007-05-23 14:58 83024 ----a-w- c:\windows\system32\drivers\iksyssec.sys
2007-07-05 13:47 . 2007-05-23 14:58 57424 ----a-w- c:\windows\system32\drivers\iksysflt.sys
2007-07-05 13:47 . 2007-05-23 14:58 53840 ----a-w- c:\windows\system32\drivers\ikfilesec.sys
2007-07-05 13:47 . 2007-05-23 14:58 39376 ----a-w- c:\windows\system32\drivers\ikfileflt.sys
2007-07-05 13:47 . 2007-07-05 15:40 -------- d-----w- c:\program files\Spyware Doctor
2007-07-05 13:47 . 2007-07-05 13:47 -------- d-----w- c:\documents and settings\dom\Dane aplikacji\PC Tools
2007-07-05 13:47 . 2005-09-23 05:29 626688 ----a-w- c:\windows\system32\msvcr80.dll
2007-07-05 13:47 . 2005-07-06 15:13 499712 ----a-w- c:\windows\system32\msvcp71.dll
2007-07-05 13:47 . 2005-07-06 15:13 348160 ----a-w- c:\windows\system32\msvcr71.dll
2007-07-05 13:44 . 2007-07-05 13:44 -------- d--h--w- c:\windows\system32\GroupPolicy
2007-07-05 13:29 . 2004-04-30 07:37 160640 ----a-w- c:\windows\system32\drivers\a347bus.sys
2007-07-05 13:29 . 2004-04-30 07:33 5248 ----a-w- c:\windows\system32\drivers\a347scsi.sys
2007-07-05 13:29 . 2007-07-05 13:29 -------- d-----w- c:\program files\Alcohol Soft
2007-07-05 12:25 . 2006-08-01 07:02 49152 ------r- c:\windows\system32\ChCfg.exe
2007-07-05 12:24 . 2006-07-21 08:14 159744 ------r- c:\windows\SoundMan.exe
2007-07-05 12:24 . 2008-04-02 01:27 1196032 ------r- c:\windows\RtlUpd.exe
2007-07-05 12:24 . 2007-03-23 11:19 9715200 ------r- c:\windows\RTLCPL.exe
2007-07-05 12:24 . 2008-04-17 08:33 4707328 ------r- c:\windows\system32\drivers\RtkHDAud.sys
2007-07-05 12:24 . 2008-04-10 08:52 16861184 ------r- c:\windows\RTHDCPL.exe
2007-07-05 12:24 . 2007-06-28 08:44 2165760 ------r- c:\windows\MicCal.exe
2007-07-05 12:24 . 2007-07-05 12:24 -------- d-----w- c:\program files\Realtek
2007-07-05 12:24 . 2006-05-04 08:26 2808832 ------r- c:\windows\alcwzrd.exe
2007-07-05 12:24 . 2008-03-05 10:07 520192 ------r- c:\windows\RtlExUpd.dll

.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-16 12:18 . 2007-07-05 16:05 69448 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2009-03-16 12:18 . 2007-07-05 16:05 517448 ----a-w- c:\windows\system32\XAudio2_4.dll
2009-03-16 12:18 . 2007-07-05 16:05 235352 ----a-w- c:\windows\system32\xactengine3_4.dll
2009-03-16 12:18 . 2007-07-05 16:05 22360 ----a-w- c:\windows\system32\X3DAudio1_6.dll
2009-03-09 13:27 . 2007-07-05 16:05 453456 ----a-w- c:\windows\system32\d3dx10_41.dll
2009-03-09 13:27 . 2007-07-05 16:05 4178264 ----a-w- c:\windows\system32\D3DX9_41.dll
2009-03-09 13:27 . 2007-07-05 16:05 1846632 ----a-w- c:\windows\system32\D3DCompiler_41.dll
2008-10-27 08:04 . 2007-07-05 16:05 514384 ----a-w- c:\windows\system32\XAudio2_3.dll
2008-10-27 08:04 . 2007-07-05 16:05 235856 ----a-w- c:\windows\system32\xactengine3_3.dll
2008-10-27 08:04 . 2007-07-05 16:05 23376 ----a-w- c:\windows\system32\X3DAudio1_5.dll
2008-10-27 08:04 . 2007-07-05 16:05 70992 ----a-w- c:\windows\system32\XAPOFX1_2.dll
2008-10-10 02:52 . 2007-07-05 16:05 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
2008-10-10 02:52 . 2007-07-05 16:05 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2008-10-10 02:52 . 2007-07-05 16:05 2036576 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2008-07-30 04:20 . 2007-07-05 16:05 68616 ----a-w- c:\windows\system32\XAPOFX1_1.dll
2008-07-30 04:20 . 2007-07-05 16:05 509448 ----a-w- c:\windows\system32\XAudio2_2.dll
2008-07-30 04:20 . 2007-07-05 16:05 238088 ----a-w- c:\windows\system32\xactengine3_2.dll
2008-07-10 09:01 . 2007-07-05 16:05 467984 ----a-w- c:\windows\system32\d3dx10_39.dll
2008-07-10 09:00 . 2007-07-05 16:05 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2008-07-10 09:00 . 2007-07-05 16:05 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2008-07-09 13:59 . 2007-07-05 10:33 446464 ----a-w- c:\windows\system32\NVUNINST.EXE
2008-05-30 12:19 . 2007-07-05 16:05 507400 ----a-w- c:\windows\system32\XAudio2_1.dll
2008-05-30 12:18 . 2007-07-05 16:05 238088 ----a-w- c:\windows\system32\xactengine3_1.dll
2008-05-30 12:17 . 2007-07-05 16:05 65032 ----a-w- c:\windows\system32\XAPOFX1_0.dll
2008-05-30 12:17 . 2007-07-05 16:05 25608 ----a-w- c:\windows\system32\X3DAudio1_4.dll
2008-05-30 12:11 . 2007-07-05 16:05 467984 ----a-w- c:\windows\system32\d3dx10_38.dll
2008-05-30 12:11 . 2007-07-05 16:05 3850760 ----a-w- c:\windows\system32\D3DX9_38.dll
2008-05-30 12:11 . 2007-07-05 16:05 1491992 ----a-w- c:\windows\system32\D3DCompiler_38.dll
2008-03-05 14:03 . 2007-07-05 16:05 479752 ----a-w- c:\windows\system32\XAudio2_0.dll
2008-03-05 14:03 . 2007-07-05 16:05 238088 ----a-w- c:\windows\system32\xactengine3_0.dll
2008-03-05 14:00 . 2007-07-05 16:05 25608 ----a-w- c:\windows\system32\X3DAudio1_3.dll
2008-03-05 13:56 . 2007-07-05 16:05 1420824 ----a-w- c:\windows\system32\D3DCompiler_37.dll
2008-03-05 13:56 . 2007-07-05 16:05 3786760 ----a-w- c:\windows\system32\D3DX9_37.dll
2008-02-05 21:07 . 2007-07-05 16:05 462864 ----a-w- c:\windows\system32\d3dx10_37.dll
2008-01-10 06:30 . 2007-07-05 10:33 442368 ----a-r- c:\windows\system32\nvusmb.exe
2008-01-03 14:10 . 2007-07-05 10:31 105856 ----a-r- c:\windows\system32\drivers\Rtenicxp.sys
2007-10-22 01:39 . 2007-07-05 16:05 267272 ----a-w- c:\windows\system32\xactengine2_10.dll
2007-10-22 01:37 . 2007-07-05 13:36 17928 ----a-w- c:\windows\system32\X3DAudio1_2.dll
2007-10-12 13:14 . 2007-07-05 16:05 3734536 ----a-w- c:\windows\system32\d3dx9_36.dll
2007-10-12 13:14 . 2007-07-05 16:05 1374232 ----a-w- c:\windows\system32\D3DCompiler_36.dll
2007-10-02 07:56 . 2007-07-05 16:05 444776 ----a-w- c:\windows\system32\d3dx10_36.dll
2007-07-19 22:57 . 2007-07-05 16:05 267112 ----a-w- c:\windows\system32\xactengine2_9.dll
2007-07-19 16:14 . 2007-07-05 16:05 444776 ----a-w- c:\windows\system32\d3dx10_35.dll
2007-07-19 16:14 . 2007-07-05 16:05 1358192 ----a-w- c:\windows\system32\D3DCompiler_35.dll
2007-07-19 16:14 . 2007-07-05 16:05 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2007-07-05 15:15 . 2007-07-05 10:38 -------- d-----w- c:\program files\Winamp
2007-07-05 12:24 . 2007-07-05 10:34 -------- d--h--w- c:\program files\InstallShield Installation Information
2007-07-05 11:13 . 2001-10-26 14:15 49492 ----a-w- c:\windows\system32\perfc015.dat
2007-07-05 11:13 . 2001-10-26 14:15 355486 ----a-w- c:\windows\system32\perfh015.dat
2007-07-05 11:12 . 2007-07-05 11:12 -------- d-----w- c:\documents and settings\dom\Dane aplikacji\Gadu-Gadu
2007-07-05 10:40 . 2007-07-05 10:40 -------- d-----w- c:\program files\Gadu-Gadu
2007-07-05 10:34 . 2007-07-05 10:34 315392 ----a-w- c:\windows\HideWin.exe
2007-07-05 10:34 . 2007-07-05 10:34 -------- d-----w- c:\program files\Common Files\InstallShield
2007-07-05 10:34 . 2007-07-05 10:34 -------- d-----w- c:\program files\AMD
2007-07-05 10:34 . 2007-07-05 10:34 -------- d-----w- c:\documents and settings\dom\Dane aplikacji\InstallShield
2007-07-05 10:01 . 2007-07-05 10:01 -------- d-----w- c:\program files\microsoft frontpage
2007-07-05 10:00 . 2007-07-05 10:00 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2007-07-05 09:59 . 2007-07-05 09:59 -------- d-----w- c:\program files\Usługi online
2007-07-05 09:58 . 2007-07-05 09:58 21856 ----a-w- c:\windows\system32\emptyregdb.dat
2007-05-31 17:30 . 2007-07-05 13:36 266088 ----a-w- c:\windows\system32\xactengine2_8.dll
2007-05-16 14:45 . 2007-07-05 13:36 443752 ----a-w- c:\windows\system32\d3dx10_34.dll
2007-05-16 14:45 . 2007-07-05 13:36 1124720 ----a-w- c:\windows\system32\D3DCompiler_34.dll
2007-05-16 14:45 . 2007-07-05 13:36 3497832 ----a-w- c:\windows\system32\d3dx9_34.dll
.

((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-06-25 13529088]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-06-25 86016]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2009-03-15 258048]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2008-06-25 1712128]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2008-04-10 16861184]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
"UacDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"UacDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\nwiz.exe"=
"c:\\WINDOWS\\RTHDCPL.EXE"=
"c:\\Program Files\\Malwarebytes' Anti-Malware\\mbam.exe"=
"c:\\Program Files\\PowerISO\\PWRISOVM.EXE"=

R3 abp470n5;abp470n5;\??\c:\windows\system32\drivers\rhpr.sys --> c:\windows\system32\drivers\rhpr.sys [?]
S3 sdAuxService;Spyware Doctor Auxiliary Service;c:\program files\Spyware Doctor\svcntaux.exe [2007-07-05 708424]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\g:\ntglm7x.sys --> g:\NTGLM7X.sys [?]
.
- - - - USUNIĘTO PUSTE WPISY - - - -

HKLM-Run-UnlockerAssistant - c:\program files\Unlocker\UnlockerAssistant.exe


.
------- Skan uzupełniający -------
.
uStart Page = hxxp://interia.pl/
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-07-07 13:23
Windows 5.1.2600 Dodatek Service Pack 2 NTFS

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ...

skanowanie pomyślnie ukończone
ukryte pliki: 0

**************************************************************************
.
Czas ukończenia: 2007-07-07 13:24
ComboFix-quarantined-files.txt 2007-07-07 11:24

Przed: 44 067 516 416 bajtów wolnych
Po: 44 858 167 296 bajtów wolnych

WindowsXP-KB310994-SP2-Pro-BootDisk-PLK.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /usepmtimer

186
/code]

[wojtas]

daj w tagi code