Wyskakujące okienka z błędami - jaka jest przyczyna?

Witam. Od niedawna w Windowsie pojawia mi się kilka błędów. Gdy zamykam te błedy to Windows tak jakby mi się zacinał Pomóżcie.... już myślałem nad formatowaniem.y Szukałem już na forach, lecz nie znalazłem żadnych odpowiedzi na ten temat. pozdrawiam Łukasz [quote]Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:02:48, on 2007-12-21 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe D:\ArcaBit 2007\ArcaVir\AVMenu.exe D:\ArcaBit 2007\ArcaVir\ABregmon.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe D:\AutoConnect\AutoConnect.exe D:\BLUETOOTH PC\BTTray.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe D:\ArcaBit 2007\Common\ArcaBit.Core.Configurator2.exe D:\ArcaBit 2007\ArcaUpdate\update.exe D:\BLUETOOTH PC\bin\btwdins.exe D:\BLUETO~1\BTSTAC~1.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe D:\Alcohol 120%\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe D:\ArcaBit 2007\ArcaVir\FileMonSV.exe D:\ArcaBit 2007\ArcaVir\NetMonSV.exe D:\ArcaBit 2007\Common\TaskScheduler.exe D:\Gadu-Gadu\gg.exe C:\WINDOWS\system32\wuauclt.exe D:\ArcaBit 2007\Common\ArcaBit.Core.LoggingService.exe D:\Firefox 2.0\firefox.exe D:\hittisk\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - D:\FlashGet\jccatch.dll O2 - BHO: (no name) - {A95B2816-1D7E-4561-A202-68C0DE02353A} - C:\WINDOWS\system32\yqrviazq.dll O2 - BHO: {c3b2d10a-3b33-d01a-2ab4-001387e02c7c} - {c7c20e78-3100-4ba2-a10d-33b3a01d2b3c} - C:\WINDOWS\system32\pssyvopo.dll (file missing) O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - D:\FlashGet\getflash.dll O4 - HKLM\..\Run: [iKeyWorks] C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe O4 - HKLM\..\Run: [AvMenu] D:\ArcaBit 2007\ArcaVir\AVMenu.exe O4 - HKLM\..\Run: [ABREGMON] D:\ArcaBit 2007\ArcaVir\ABregmon.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash O4 - HKCU\..\Run: [AutoConnect] D:\AutoConnect\AutoConnect.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O8 - Extra context menu item: &Ściągnij przy pomocy FlashGet'a - D:\FlashGet\jc_link.htm O8 - Extra context menu item: &Ściągnij wszystko przy pomocy FlashGet'a - D:\FlashGet\jc_all.htm O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://D:\MSOFFI~1\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Pobierz z &BitSpirit - D:\BitSpirit\bsurl.htm O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - D:\BLUETOOTH PC\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - D:\BLUETOOTH PC\btsendto_ie.htm O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\FlashGet\FlashGet.exe O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\FlashGet\FlashGet.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{BF79B6FD-25BB-4A46-833D-CF804CBFF829}: NameServer = 194.204.159.1 217.98.63.164 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: TS_LogonListener - C:\WINDOWS\SYSTEM32\TS_LogonListener.dll O20 - Winlogon Notify: yqrviazq - C:\WINDOWS\SYSTEM32\yqrviazq.dll O23 - Service: ArcaBit FileMonitor (ABFileMon) - ArcaBit - D:\ArcaBit 2007\ArcaVir\FileMonSV.exe O23 - Service: ArcaBit NetMonitor (ABNetMon) - ArcaBit - D:\ArcaBit 2007\ArcaVir\NetMonSV.exe O23 - Service: ArcaBit.Core.Configurator - ArcaBit - D:\ArcaBit 2007\Common\ArcaBit.Core.Configurator2.exe O23 - Service: ArcaBit.Core.LoggingService - ArcaBit - D:\ArcaBit 2007\Common\ArcaBit.Core.LoggingService.exe O23 - Service: ArcaBit.TaskScheduler - ArcaBit sp. z o.o. - D:\ArcaBit 2007\Common\TaskScheduler.exe O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - D:\Ares\chatServer.exe O23 - Service: ArcaBit Update Service (AVUpdate) - ArcaBit - D:\ArcaBit 2007\ArcaUpdate\update.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - D:\BLUETOOTH PC\bin\btwdins.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Microsoft cache control (MSControlService) - Unknown owner - C:\WINDOWS\system32\windows O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Unknown owner - C:\WINDOWS -- End of file - 6340 bytes[/quote] [quote]ComboFix 07-12-21.4 - Lukasz 2007-12-21 15:53:52.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.536 [GMT 1:00] Running from: F:\ComboFix.exe * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\mljgdbc.dll C:\WINDOWS\system32\nqstv.bak1 C:\WINDOWS\system32\nqstv.bak2 C:\WINDOWS\system32\nqstv.ini C:\WINDOWS\system32\vtsqn.dll C:\WINDOWS\system32\winjgf32.dll C:\WINDOWS\system32\yqrviazq.dllbox . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\LEGACY_DOMAINSERVICE -------\DomainService ((((((((((((((((((((((((( Files Created from 2007-11-21 to 2007-12-21 ))))))))))))))))))))))))))))))) . 2007-12-21 15:38 . 2007-12-21 15:39 14,033 --a------ C:\posE01.tmp 2007-12-21 14:17 . 2007-12-21 14:17 14,033 --a------ C:\posDAA.tmp 2007-12-21 14:05 . 2007-12-21 14:05 14,033 --a------ C:\pos1CF3.tmp 2007-12-21 12:51 . 2007-12-21 12:51 14,033 --a------ C:\posBB8.tmp 2007-12-21 12:31 . 2007-12-21 12:31 d-------- C:\WINDOWS\nview 2007-12-21 12:31 . 2007-10-04 17:14 356,352 --a------ C:\WINDOWS\system32\nvudisp.exe 2007-12-21 12:31 . 2007-12-21 12:51 140,158 --a------ C:\WINDOWS\system32\nvapps.xml 2007-12-21 12:31 . 2007-10-04 17:14 17,525 --a------ C:\WINDOWS\system32\nvdisp.nvu 2007-12-21 12:28 . 2007-12-21 12:29 14,033 --a------ C:\pos88D.tmp 2007-12-21 11:17 . 2007-12-21 11:17 14,033 --a------ C:\pos1AF4.tmp 2007-12-20 18:58 . 2007-12-20 18:58 14,033 --a------ C:\pos7B3.tmp 2007-12-20 18:27 . 2007-12-21 12:48 7,168 --a------ C:\WINDOWS\system32\windows 2007-12-20 16:31 . 2007-12-20 16:31 14,033 --a------ C:\pos5D9.tmp 2007-12-20 16:09 . 2007-12-20 16:09 14,033 --a------ C:\pos3E3.tmp 2007-12-20 15:04 . 2007-12-20 15:04 14,033 --a------ C:\posF8.tmp 2007-12-20 14:38 . 2007-12-20 14:38 14,033 --a------ C:\pos171E.tmp 2007-12-20 13:10 . 2007-12-20 13:10 165,472 --a------ C:\WINDOWS\system32\yqrviazq.dll 2007-12-19 18:12 . 2007-12-20 17:26 d-------- C:\NVIDIA 2007-12-18 15:08 . 2007-12-18 15:08 d-------- C:\WINDOWS\system32\xlive 2007-12-18 14:48 . 2007-12-18 14:48 d-------- C:\Program Files\OpenAL 2007-12-18 14:48 . 2007-12-18 14:48 413,696 --a------ C:\WINDOWS\system32\wrap_oal.dll 2007-12-18 14:48 . 2007-12-18 14:48 110,592 --a------ C:\WINDOWS\system32\OpenAL32.dll 2007-12-12 17:38 . 2007-12-12 17:38 641,021 --a------ C:\WINDOWS\unins001.exe 2007-12-12 17:38 . 2007-12-12 17:38 2,585 --a------ C:\WINDOWS\unins001.dat 2007-12-12 13:31 . 2007-07-19 18:14 3,727,720 --a------ C:\WINDOWS\system32\d3dx9_35.dll 2007-12-12 13:31 . 2007-07-19 18:14 1,358,192 --a------ C:\WINDOWS\system32\D3DCompiler_35.dll 2007-12-12 13:31 . 2007-07-19 18:14 444,776 --a------ C:\WINDOWS\system32\d3dx10_35.dll 2007-12-12 13:31 . 2007-07-20 00:57 267,112 --a------ C:\WINDOWS\system32\xactengine2_9.dll 2007-12-11 16:48 . 2007-12-11 16:48 d--h----- C:\WINDOWS\system32\GroupPolicy 2007-12-09 17:05 . 2007-12-09 17:05 d-------- C:\Documents and Settings\Lukasz\Dane aplikacji\BitSpirit 2007-12-09 12:59 . 2007-12-09 13:00 468 --a------ C:\WINDOWS\system32\CoreAAC.ax 2007-12-08 16:25 . 2001-01-12 19:47 122,884 --a------ C:\WINDOWS\UnGins.exe 2007-12-08 16:13 . 2004-08-18 09:34 442,368 -ra------ C:\WINDOWS\system32\vp6vfw.dll 2007-12-08 15:29 . 2007-12-08 15:29 d-------- C:\Program Files\uTorrent 2007-12-08 15:29 . 2007-12-19 17:23 d-------- C:\Documents and Settings\Lukasz\Dane aplikacji\uTorrent 2007-12-08 13:59 . 2007-12-08 15:29 d-------- C:\Documents and Settings\Lukasz\Dane aplikacji\Azureus 2007-12-08 13:59 . 2007-12-08 13:59 d-------- C:\Documents and Settings\All Users\Dane aplikacji\Azureus 2007-12-07 15:38 . 2007-12-14 20:59 d-------- C:\Program Files\DivX 2007-12-06 16:47 . 2007-12-06 16:47 d-------- C:\Documents and Settings\Lukasz\Dane aplikacji\Corel 2007-12-06 16:47 . 2007-12-06 16:58 56 -r-hs---- C:\WINDOWS\system32\7EDA65C1DA.sys 2007-12-06 16:46 . 2007-12-06 16:46 d-------- C:\Documents and Settings\All Users\Dane aplikacji\InstallShield 2007-12-06 16:41 . 2007-12-06 16:58 3,350 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys 2007-12-01 15:11 . 2007-05-16 16:45 3,497,832 --a------ C:\WINDOWS\system32\d3dx9_34.dll 2007-12-01 15:11 . 2007-05-16 16:45 1,124,720 --a------ C:\WINDOWS\system32\D3DCompiler_34.dll 2007-12-01 15:11 . 2007-05-16 16:45 443,752 --a------ C:\WINDOWS\system32\d3dx10_34.dll 2007-12-01 15:11 . 2007-06-20 20:46 266,088 --a------ C:\WINDOWS\system32\xactengine2_8.dll 2007-12-01 15:11 . 2007-07-20 00:54 18,280 --a------ C:\WINDOWS\system32\x3daudio1_2.dll 2007-12-01 14:58 . 2007-12-01 14:58 d-------- C:\Documents and Settings\Lukasz\Dane aplikacji\InstallShield 2007-11-28 13:13 . 2007-11-28 13:13 d--hs---- C:\found.000 . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-12-20 13:46 17,144 ----a-w C:\Documents and Settings\Lukasz\Dane aplikacji\GDIPFONTCACHEV1.DAT 2007-12-20 12:10 165,472 ----a-w C:\WINDOWS\system32\cwagdypo.dll 2007-12-18 17:17 --------- d-----w C:\Documents and Settings\Lukasz\Dane aplikacji\Skype 2007-12-17 09:57 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\ArcaBit 2007-12-09 11:57 --------- d--h--w C:\Program Files\InstallShield Installation Information 2007-12-09 10:07 359,040 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys 2007-12-08 11:52 --------- d-----w C:\Program Files\Neostrada TP 2007-12-06 15:45 --------- d-----w C:\Program Files\Common Files\InstallShield 2007-12-04 12:18 --------- d-----w C:\Documents and Settings\Lukasz\Dane aplikacji\Hamachi 2007-11-10 19:40 --------- d-----w C:\Program Files\Gadwin Systems 2007-11-10 19:17 --------- d-----w C:\Documents and Settings\Lukasz\Dane aplikacji\FastStone 2007-11-04 13:15 --------- d-----w C:\Documents and Settings\Lukasz\Dane aplikacji\Image Zone Express 2007-11-04 12:11 --------- d-----w C:\Documents and Settings\Lukasz\Dane aplikacji\HP 2007-10-29 17:20 --------- d-----w C:\Program Files\Windows Media Components 2007-10-27 12:36 --------- d-----w C:\Program Files\A4Tech 2007-10-25 12:54 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard 2007-10-25 12:54 --------- d-----w C:\Program Files\AGEIA Technologies 2007-10-22 17:53 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll 2007-10-22 17:53 --------- d--h--r C:\Documents and Settings\Lukasz\Dane aplikacji\SecuROM 2007-10-20 00:56 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll 2007-10-20 00:56 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll 2007-10-12 22:19 13,653,824 ----a-w C:\WINDOWS\system32\xlivefnt.dll 2007-10-12 22:19 10,155,840 ----a-w C:\WINDOWS\system32\xlive.dll 2007-10-04 16:14 81,920 ----a-w C:\WINDOWS\system32\nvwddi.dll 2007-10-04 16:14 81,920 ----a-w C:\WINDOWS\system32\nvmctray.dll 2007-10-04 16:14 8,491,008 ----a-w C:\WINDOWS\system32\nvcpl.dll 2007-10-04 16:14 753,664 ----a-w C:\WINDOWS\system32\nvcplui.exe 2007-10-04 16:14 6,750,208 ----a-w C:\WINDOWS\system32\nvoglnt.dll 2007-10-04 16:14 6,344,704 ----a-w C:\WINDOWS\system32\nvdisps.dll 2007-10-04 16:14 5,783,424 ----a-w C:\WINDOWS\system32\nv4_disp.dll 2007-10-04 16:14 5,509,120 ----a-w C:\WINDOWS\system32\nvdispsr.dll 2007-10-04 16:14 466,944 ----a-w C:\WINDOWS\system32\nvshell.dll 2007-10-04 16:14 458,752 ----a-w C:\WINDOWS\system32\nvmccssr.dll 2007-10-04 16:14 45,056 ----a-w C:\WINDOWS\system32\nvmccsrs.dll 2007-10-04 16:14 442,368 ----a-w C:\WINDOWS\system32\nvappbar.exe 2007-10-04 16:14 425,984 ----a-w C:\WINDOWS\system32\keystone.exe 2007-10-04 16:14 364,544 ----a-w C:\WINDOWS\system32\nvapi.dll 2007-10-04 16:14 36,864 ----a-w C:\WINDOWS\system32\nvcodins.dll 2007-10-04 16:14 36,864 ----a-w C:\WINDOWS\system32\nvcod.dll 2007-10-04 16:14 335,872 ----a-w C:\WINDOWS\system32\nvwrses.dll 2007-10-04 16:14 335,872 ----a-w C:\WINDOWS\system32\nvwrsel.dll 2007-10-04 16:14 327,680 ----a-w C:\WINDOWS\system32\nvwrsfr.dll 2007-10-04 16:14 327,680 ----a-w C:\WINDOWS\system32\nvwrsesm.dll 2007-10-04 16:14 327,680 ----a-w C:\WINDOWS\system32\nvrshe.dll 2007-10-04 16:14 327,680 ----a-w C:\WINDOWS\system32\nvrsar.dll 2007-10-04 16:14 323,584 ----a-w C:\WINDOWS\system32\nvwrspt.dll 2007-10-04 16:14 323,584 ----a-w C:\WINDOWS\system32\nvwrsit.dll 2007-10-04 16:14 319,488 ----a-w C:\WINDOWS\system32\nvwrsptb.dll 2007-10-04 16:14 319,488 ----a-w C:\WINDOWS\system32\nvwrsnl.dll 2007-10-04 16:14 315,392 ----a-w C:\WINDOWS\system32\nvwrsru.dll 2007-10-04 16:14 315,392 ----a-w C:\WINDOWS\system32\nvwrshu.dll 2007-10-04 16:14 311,296 ----a-w C:\WINDOWS\system32\nvwrsde.dll 2007-10-04 16:14 307,200 ----a-w C:\WINDOWS\system32\nvexpbar.dll 2007-10-04 16:14 303,104 ----a-w C:\WINDOWS\system32\nvwrstr.dll 2007-10-04 16:14 303,104 ----a-w C:\WINDOWS\system32\nvwrssl.dll 2007-10-04 16:14 303,104 ----a-w C:\WINDOWS\system32\nvwrsfi.dll 2007-10-04 16:14 3,629,056 ----a-w C:\WINDOWS\system32\nvvitvsr.dll 2007-10-04 16:14 3,551,232 ----a-w C:\WINDOWS\system32\nvvitvs.dll 2007-10-04 16:14 3,334,144 ----a-w C:\WINDOWS\system32\nvgames.dll 2007-10-04 16:14 3,166,208 ----a-w C:\WINDOWS\system32\nvgamesr.dll 2007-10-04 16:14 299,008 ----a-w C:\WINDOWS\system32\nvwrssk.dll 2007-10-04 16:14 299,008 ----a-w C:\WINDOWS\system32\nvwrsno.dll 2007-10-04 16:14 294,912 ----a-w C:\WINDOWS\system32\nvwrssv.dll 2007-10-04 16:14 294,912 ----a-w C:\WINDOWS\system32\nvwrspl.dll 2007-10-04 16:14 294,912 ----a-w C:\WINDOWS\system32\nvwrsda.dll 2007-10-04 16:14 290,816 ----a-w C:\WINDOWS\system32\nvwrsth.dll 2007-10-04 16:14 286,720 ----a-w C:\WINDOWS\system32\nvwrseng.dll 2007-10-04 16:14 286,720 ----a-w C:\WINDOWS\system32\nvwrscs.dll 2007-10-04 16:14 286,720 ----a-w C:\WINDOWS\system32\nvnt4cpl.dll 2007-10-04 16:14 282,624 ----a-w C:\WINDOWS\system32\nvwrsar.dll 2007-10-04 16:14 282,624 ----a-w C:\WINDOWS\system32\nvrsfr.dll 2007-10-04 16:14 282,624 ----a-w C:\WINDOWS\system32\nvrses.dll 2007-10-04 16:14 282,624 ----a-w C:\WINDOWS\system32\nvrsel.dll 2007-10-04 16:14 278,528 ----a-w C:\WINDOWS\system32\nvwrshe.dll 2007-10-04 16:14 278,528 ----a-w C:\WINDOWS\system32\nvrsit.dll 2007-10-04 16:14 278,528 ----a-w C:\WINDOWS\system32\nvrsde.dll 2007-10-04 16:14 274,432 ----a-w C:\WINDOWS\system32\nvrspt.dll 2007-10-04 16:14 274,432 ----a-w C:\WINDOWS\system32\nvrsnl.dll 2007-10-04 16:14 274,432 ----a-w C:\WINDOWS\system32\nvrsesm.dll 2007-10-04 16:14 270,336 ----a-w C:\WINDOWS\system32\nvrsru.dll 2007-10-04 16:14 266,240 ----a-w C:\WINDOWS\system32\nvrsptb.dll 2007-10-04 16:14 266,240 ----a-w C:\WINDOWS\system32\nvrsja.dll 2007-10-04 16:14 258,048 ----a-w C:\WINDOWS\system32\nvrstr.dll 2007-10-04 16:14 258,048 ----a-w C:\WINDOWS\system32\nvrssl.dll 2007-10-04 16:14 258,048 ----a-w C:\WINDOWS\system32\nvrssk.dll 2007-10-04 16:14 258,048 ----a-w C:\WINDOWS\system32\nvrsko.dll 2007-10-04 16:14 258,048 ----a-w C:\WINDOWS\system32\nvrshu.dll 2007-10-04 16:14 253,952 ----a-w C:\WINDOWS\system32\nvrsth.dll 2007-10-04 16:14 253,952 ----a-w C:\WINDOWS\system32\nvrssv.dll 2007-10-04 16:14 253,952 ----a-w C:\WINDOWS\system32\nvrspl.dll 2007-10-04 16:14 253,952 ----a-w C:\WINDOWS\system32\nvrsno.dll 2007-10-04 16:14 253,952 ----a-w C:\WINDOWS\system32\nvrsda.dll 2007-10-04 16:14 249,856 ----a-w C:\WINDOWS\system32\nvrsfi.dll 2007-10-04 16:14 249,856 ----a-w C:\WINDOWS\system32\nvrscs.dll 2007-10-04 16:14 245,760 ----a-w C:\WINDOWS\system32\nvrseng.dll 2007-10-04 16:14 229,376 ----a-w C:\WINDOWS\system32\nvmccs.dll 2007-10-04 16:14 225,280 ----a-w C:\WINDOWS\system32\nvrszhc.dll 2007-10-04 16:14 212,992 ----a-w C:\WINDOWS\system32\nvwrsja.dll 2007-10-04 16:14 2,854,912 ----a-w C:\WINDOWS\system32\nvmoblsr.dll 2007-10-04 16:14 2,441,216 ----a-w C:\WINDOWS\system32\nvwssr.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A95B2816-1D7E-4561-A202-68C0DE02353A}] 2007-12-20 13:10 165472 --a------ C:\WINDOWS\system32\yqrviazq.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{c7c20e78-3100-4ba2-a10d-33b3a01d2b3c}] C:\WINDOWS\system32\pssyvopo.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Gadwin PrintScreen"="C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe" [2007-08-20 09:42] "AutoConnect"="D:\AutoConnect\AutoConnect.exe" [2004-08-28 19:27] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "iKeyWorks"="C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe" [2005-04-14 04:35] "AvMenu"="D:\ArcaBit 2007\ArcaVir\AVMenu.exe" [2007-12-05 10:24] "ABREGMON"="D:\ArcaBit 2007\ArcaVir\ABregmon.exe" [2007-07-12 09:40] "NvCplDaemon"="RUNDLL32.exe" [2004-08-03 23:44 C:\WINDOWS\system32\rundll32.exe] "nwiz"="nwiz.exe" [2007-10-04 17:14 C:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="RUNDLL32.exe" [2004-08-03 23:44 C:\WINDOWS\system32\rundll32.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-03 23:44] C:\Documents and Settings\All Users\Menu Start\Programy\AutostartBTTray.lnk - D:\BLUETOOTH PC\BTTray.exe [2005-10-09 00:16:54] DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2007-10-09 19:20:38] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\TS_LogonListener] TS_LogonListener.dll 2007-01-12 15:41 101376 C:\WINDOWS\system32\TS_LogonListener.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\yqrviazq] yqrviazq.dll 2007-12-20 13:10 165472 C:\WINDOWS\system32\yqrviazq.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^HP Digital Imaging Monitor.lnk] path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Microsoft Office.lnk] path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ABRegmon] 2007-07-12 09:40 303104 --a------ D:\ArcaBit 2007\ArcaVir\ABregmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr] ALCMTR.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcaCheck] D:\ArcaBit 2007\ArcaVir\ArcaCheck.exe /startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools-1033] D:\demon\daemon.exe -lang 1033 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DataLayer] 2005-09-06 13:45 820736 --a------ C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\himem] c:\windows\himem.exe 3fff 8ffff [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] 2005-05-11 22:12 49152 --a------ D:\HP 1410\HP Software Update\HPWuSchd2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe -start [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] C:\Program Files\Messenger\msmsgs.exe /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck] 2001-07-09 10:50 155648 --a------ C:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] nwiz.exe /install [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication] D:\Nokia PC Suite\Nokia PC Suite 6\LaunchApplication.exe -onlytray [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] RTHDCPL.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel] SkyTel.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WooCnxMon] 2003-10-16 18:07 24576 --a------ C:\PROGRA~1\NEOSTR~1\CnxMon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOTASKBARICON] 2003-10-16 18:07 53248 --------- C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH] 2003-10-16 18:07 20480 --------- C:\PROGRA~1\NEOSTR~1\Watch.exe R0 m5288;m5288;C:\WINDOWS\system32\DRIVERS\m5288.sys [2005-12-23 21:54] R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);C:\WINDOWS\system32\drivers\sfsync03.sys [2005-10-13 14:46] R1 ABTDI;ABTDI;D:\ArcaBit 2007\ArcaVir\ABTDI.sys [2007-05-08 13:45] R2 ABFileMon;ArcaBit FileMonitor;"D:\ArcaBit 2007\ArcaVir\FileMonSV.exe" [2007-10-09 11:10] R2 ArcaBit.TaskScheduler;ArcaBit.TaskScheduler;"D:\ArcaBit 2007\Common\TaskScheduler.exe" [2007-01-12 15:42] R2 AVUpdate;ArcaBit Update Service;D:\ArcaBit 2007\ArcaUpdate\update.exe [2007-02-26 15:04] R3 ABFLT;ArcaBit File Monitor Driver;D:\ARCABI~1\ArcaVir\ABFLT.sys [2007-09-12 13:37] R3 ArcaBit.Core.Configurator;ArcaBit.Core.Configurator;"D:\ArcaBit 2007\Common\ArcaBit.Core.Configurator2.exe" [2007-01-11 15:01] R3 ULI5261XP;ULi M526X Ethernet NT Driver;C:\WINDOWS\system32\DRIVERS\ULILAN51.SYS [2005-03-22 13:36] S3 Amps2prt;A4Tech PS/2 Port Mouse Driver;C:\WINDOWS\system32\DRIVERS\Amps2prt.sys [2004-03-31 18:03] S3 ArcaBit.Core.LoggingService;ArcaBit.Core.LoggingService;"D:\ArcaBit 2007\Common\ArcaBit.Core.LoggingService.exe" [2007-01-11 15:03] S3 MSControlService;Microsoft cache control;C:\WINDOWS\system32\windows [2007-12-21 12:48] S3 ps_drv;ps_drv;C:\Documents and Settings\Lukasz\ps_drv.sys [] S3 usbscan;Sterownik skanera USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 21:58] S3 USBSTOR;Sterownik magazynu masowego USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 22:08] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8990f4f8-95f2-11dc-8c08-0016179032ea}] \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe \Shell\Open(&0)\command - Recycled\ctfmon.exe . ************************************************************************** catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-12-21 15:57:59 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... C:\WINDOWS\system32\yqrviazq.dllbox 210 bytes scan completed successfully hidden files: 1 ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- PROCESS: C:\WINDOWS\system32\winlogon.exe -> C:\WINDOWS\system32\yqrviazq.dll PROCESS: C:\WINDOWS\Explorer.EXE [6.00.2900.2180] -> C:\WINDOWS\system32\yqrviazq.dll . Completion time: 2007-12-21 15:58:48 - machine was rebooted [/quote]

Odpowiedzi: 10

dziękuję Wam, a w szczególności Tobie "morda" czyszczenie EasyCleaner pomogło, już nie ma tych plików jeszcze raz dzięki wielkie, już myślałem że mnie czeka formatowanie ;/ pozdrawiam :)
sirtepek
Dodano
22.12.2007 16:37:06
Właśnie te pliki mnie trochę niepokoją. Zmieniają się ich nazwy, ale daty modyfikacji są cały czas te same. Nie wiem, co je tworzy. Ponieważ to są pliki [b]*,tmp[/b], to może użyj jakiegoś "czyściciela", który je wszystkie usunie. Może być np. "Easy Cleaner" lub coś podobnego. .
morda
Dodano
22.12.2007 16:18:42
oki już to zrobiłem log: [quote]ComboFix 07-12-21.4 - Lukasz 2007-12-22 14:54:36.3 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.751 [GMT 1:00] Running from: F:\ComboFix.exe Command switches used :: F:\CFScript.txt * Created a new restore point FILE C:\pos153F.tmp C:\pos1710.tmp C:\pos190F.tmp C:\pos1AEE.tmp C:\pos1CF0.tmp C:\pos1D17.tmp C:\pos1D2F.tmp C:\pos1F39.tmp C:\pos212A.tmp C:\pos3D0.tmp C:\pos5D8.tmp C:\pos7AB.tmp C:\pos881.tmp C:\posB65.tmp C:\posD8.tmp C:\posDA2.tmp C:\posDF5.tmp C:\posFFB.tmp . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\pos153F.tmp C:\pos1710.tmp C:\pos190F.tmp C:\pos1AEE.tmp C:\pos1CF0.tmp C:\pos1D17.tmp C:\pos1D2F.tmp C:\pos1F39.tmp C:\pos212A.tmp C:\pos3D0.tmp C:\pos5D8.tmp C:\pos7AB.tmp C:\pos881.tmp C:\posB65.tmp C:\posD8.tmp C:\posDA2.tmp C:\posDF5.tmp C:\posFFB.tmp . ((((((((((((((((((((((((( Files Created from 2007-11-22 to 2007-12-22 ))))))))))))))))))))))))))))))) . 2007-12-22 11:01 . 2007-12-22 11:59 14,033 --a------ C:\pos2127.tmp 2007-12-22 10:45 . 2007-12-22 10:50 14,033 --a------ C:\pos1F37.tmp 2007-12-21 18:11 . 2007-12-21 18:11 14,033 --a------ C:\pos1D27.tmp 2007-12-21 18:10 . 2007-12-21 18:11 14,033 --a------ C:\pos1D0F.tmp 2007-12-21 16:58 . 2007-12-21 16:58 14,033 --a------ C:\posFEB.tmp 2007-12-21 15:38 . 2007-12-21 15:39 14,033 --a------ C:\posDF0.tmp 2007-12-21 14:17 . 2007-12-21 14:17 14,033 --a------ C:\posD86.tmp 2007-12-21 14:05 . 2007-12-21 14:05 14,033 --a------ C:\pos1CEB.tmp 2007-12-21 12:51 . 2007-12-21 12:51 14,033 --a------ C:\posB61.tmp 2007-12-21 12:31 . 2007-12-21 12:31 d-------- C:\WINDOWS\nview 2007-12-21 12:31 . 2007-10-04 17:14 356,352 --a------ C:\WINDOWS\system32\nvudisp.exe 2007-12-21 12:31 . 2007-12-21 12:51 140,158 --a------ C:\WINDOWS\system32\nvapps.xml 2007-12-21 12:31 . 2007-10-04 17:14 17,525 --a------ C:\WINDOWS\system32\nvdisp.nvu 2007-12-21 12:28 . 2007-12-21 12:29 14,033 --a------ C:\pos873.tmp 2007-12-21 11:17 . 2007-12-21 11:17 14,033 --a------ C:\pos1AEA.tmp 2007-12-20 18:58 . 2007-12-20 18:58 14,033 --a------ C:\pos79B.tmp 2007-12-20 18:07 . 2007-12-20 18:07 14,033 --a------ C:\pos190A.tmp 2007-12-20 16:31 . 2007-12-20 16:31 14,033 --a------ C:\pos5C1.tmp 2007-12-20 16:09 . 2007-12-20 16:09 14,033 --a------ C:\pos3BF.tmp 2007-12-20 15:04 . 2007-12-20 15:04 14,033 --a------ C:\posC9.tmp 2007-12-20 14:38 . 2007-12-20 14:38 14,033 --a------ C:\pos170F.tmp 2007-12-20 13:10 . 2007-12-20 13:11 14,033 --a------ C:\pos1537.tmp 2007-12-19 18:12 . 2007-12-20 17:26 d-------- C:\NVIDIA 2007-12-18 15:08 . 2007-12-18 15:08 d-------- C:\WINDOWS\system32\xlive 2007-12-18 14:48 . 2007-12-18 14:48 d-------- C:\Program Files\OpenAL 2007-12-18 14:48 . 2007-12-18 14:48 413,696 --a------ C:\WINDOWS\system32\wrap_oal.dll 2007-12-18 14:48 . 2007-12-18 14:48 110,592 --a------ C:\WINDOWS\system32\OpenAL32.dll 2007-12-12 17:38 . 2007-12-12 17:38 641,021 --a------ C:\WINDOWS\unins001.exe 2007-12-12 17:38 . 2007-12-12 17:38 2,585 --a------ C:\WINDOWS\unins001.dat 2007-12-12 13:31 . 2007-07-19 18:14 3,727,720 --a------ C:\WINDOWS\system32\d3dx9_35.dll 2007-12-12 13:31 . 2007-07-19 18:14 1,358,192 --a------ C:\WINDOWS\system32\D3DCompiler_35.dll 2007-12-12 13:31 . 2007-07-19 18:14 444,776 --a------ C:\WINDOWS\system32\d3dx10_35.dll 2007-12-12 13:31 . 2007-07-20 00:57 267,112 --a------ C:\WINDOWS\system32\xactengine2_9.dll 2007-12-11 16:48 . 2007-12-11 16:48 d--h----- C:\WINDOWS\system32\GroupPolicy 2007-12-09 17:05 . 2007-12-09 17:05 d-------- C:\Documents and Settings\Lukasz\Dane aplikacji\BitSpirit 2007-12-09 12:59 . 2007-12-09 13:00 468 --a------ C:\WINDOWS\system32\CoreAAC.ax 2007-12-08 16:25 . 2001-01-12 19:47 122,884 --a------ C:\WINDOWS\UnGins.exe 2007-12-08 16:13 . 2004-08-18 09:34 442,368 -ra------ C:\WINDOWS\system32\vp6vfw.dll 2007-12-08 15:29 . 2007-12-08 15:29 d-------- C:\Program Files\uTorrent 2007-12-08 15:29 . 2007-12-19 17:23 d-------- C:\Documents and Settings\Lukasz\Dane aplikacji\uTorrent 2007-12-08 13:59 . 2007-12-08 15:29 d-------- C:\Documents and Settings\Lukasz\Dane aplikacji\Azureus 2007-12-08 13:59 . 2007-12-08 13:59 d-------- C:\Documents and Settings\All Users\Dane aplikacji\Azureus 2007-12-07 15:38 . 2007-12-14 20:59 d-------- C:\Program Files\DivX 2007-12-06 16:47 . 2007-12-06 16:47 d-------- C:\Documents and Settings\Lukasz\Dane aplikacji\Corel 2007-12-06 16:47 . 2007-12-06 16:58 56 -r-hs---- C:\WINDOWS\system32\7EDA65C1DA.sys 2007-12-06 16:46 . 2007-12-06 16:46 d-------- C:\Documents and Settings\All Users\Dane aplikacji\InstallShield 2007-12-06 16:41 . 2007-12-06 16:58 3,350 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys 2007-12-01 15:11 . 2007-05-16 16:45 3,497,832 --a------ C:\WINDOWS\system32\d3dx9_34.dll 2007-12-01 15:11 . 2007-05-16 16:45 1,124,720 --a------ C:\WINDOWS\system32\D3DCompiler_34.dll 2007-12-01 15:11 . 2007-05-16 16:45 443,752 --a------ C:\WINDOWS\system32\d3dx10_34.dll 2007-12-01 15:11 . 2007-06-20 20:46 266,088 --a------ C:\WINDOWS\system32\xactengine2_8.dll 2007-12-01 15:11 . 2007-07-20 00:54 18,280 --a------ C:\WINDOWS\system32\x3daudio1_2.dll 2007-12-01 14:58 . 2007-12-01 14:58 d-------- C:\Documents and Settings\Lukasz\Dane aplikacji\InstallShield 2007-11-28 13:13 . 2007-11-28 13:13 d--hs---- C:\found.000 . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-12-20 13:46 17,144 ----a-w C:\Documents and Settings\Lukasz\Dane aplikacji\GDIPFONTCACHEV1.DAT 2007-12-18 17:17 --------- d-----w C:\Documents and Settings\Lukasz\Dane aplikacji\Skype 2007-12-17 09:57 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\ArcaBit 2007-12-09 11:57 --------- d--h--w C:\Program Files\InstallShield Installation Information 2007-12-09 10:07 359,040 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys 2007-12-08 11:52 --------- d-----w C:\Program Files\Neostrada TP 2007-12-06 15:45 --------- d-----w C:\Program Files\Common Files\InstallShield 2007-12-04 12:18 --------- d-----w C:\Documents and Settings\Lukasz\Dane aplikacji\Hamachi 2007-11-10 19:40 --------- d-----w C:\Program Files\Gadwin Systems 2007-11-10 19:17 --------- d-----w C:\Documents and Settings\Lukasz\Dane aplikacji\FastStone 2007-11-04 13:15 --------- d-----w C:\Documents and Settings\Lukasz\Dane aplikacji\Image Zone Express 2007-11-04 12:11 --------- d-----w C:\Documents and Settings\Lukasz\Dane aplikacji\HP 2007-10-29 17:20 --------- d-----w C:\Program Files\Windows Media Components 2007-10-27 12:36 --------- d-----w C:\Program Files\A4Tech 2007-10-25 12:54 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard 2007-10-25 12:54 --------- d-----w C:\Program Files\AGEIA Technologies 2007-10-22 17:53 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll 2007-10-22 17:53 --------- d--h--r C:\Documents and Settings\Lukasz\Dane aplikacji\SecuROM 2007-10-20 00:56 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll 2007-10-20 00:56 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll 2007-10-12 22:19 13,653,824 ----a-w C:\WINDOWS\system32\xlivefnt.dll 2007-10-12 22:19 10,155,840 ----a-w C:\WINDOWS\system32\xlive.dll 2007-10-04 16:14 81,920 ----a-w C:\WINDOWS\system32\nvwddi.dll 2007-10-04 16:14 81,920 ----a-w C:\WINDOWS\system32\nvmctray.dll 2007-10-04 16:14 8,491,008 ----a-w C:\WINDOWS\system32\nvcpl.dll 2007-10-04 16:14 753,664 ----a-w C:\WINDOWS\system32\nvcplui.exe 2007-10-04 16:14 6,750,208 ----a-w C:\WINDOWS\system32\nvoglnt.dll 2007-10-04 16:14 6,344,704 ----a-w C:\WINDOWS\system32\nvdisps.dll 2007-10-04 16:14 5,783,424 ----a-w C:\WINDOWS\system32\nv4_disp.dll 2007-10-04 16:14 5,509,120 ----a-w C:\WINDOWS\system32\nvdispsr.dll 2007-10-04 16:14 466,944 ----a-w C:\WINDOWS\system32\nvshell.dll 2007-10-04 16:14 458,752 ----a-w C:\WINDOWS\system32\nvmccssr.dll 2007-10-04 16:14 45,056 ----a-w C:\WINDOWS\system32\nvmccsrs.dll 2007-10-04 16:14 442,368 ----a-w C:\WINDOWS\system32\nvappbar.exe 2007-10-04 16:14 425,984 ----a-w C:\WINDOWS\system32\keystone.exe 2007-10-04 16:14 364,544 ----a-w C:\WINDOWS\system32\nvapi.dll 2007-10-04 16:14 36,864 ----a-w C:\WINDOWS\system32\nvcodins.dll 2007-10-04 16:14 36,864 ----a-w C:\WINDOWS\system32\nvcod.dll 2007-10-04 16:14 335,872 ----a-w C:\WINDOWS\system32\nvwrses.dll 2007-10-04 16:14 335,872 ----a-w C:\WINDOWS\system32\nvwrsel.dll 2007-10-04 16:14 327,680 ----a-w C:\WINDOWS\system32\nvwrsfr.dll 2007-10-04 16:14 327,680 ----a-w C:\WINDOWS\system32\nvwrsesm.dll 2007-10-04 16:14 327,680 ----a-w C:\WINDOWS\system32\nvrshe.dll 2007-10-04 16:14 327,680 ----a-w C:\WINDOWS\system32\nvrsar.dll 2007-10-04 16:14 323,584 ----a-w C:\WINDOWS\system32\nvwrspt.dll 2007-10-04 16:14 323,584 ----a-w C:\WINDOWS\system32\nvwrsit.dll 2007-10-04 16:14 319,488 ----a-w C:\WINDOWS\system32\nvwrsptb.dll 2007-10-04 16:14 319,488 ----a-w C:\WINDOWS\system32\nvwrsnl.dll 2007-10-04 16:14 315,392 ----a-w C:\WINDOWS\system32\nvwrsru.dll 2007-10-04 16:14 315,392 ----a-w C:\WINDOWS\system32\nvwrshu.dll 2007-10-04 16:14 311,296 ----a-w C:\WINDOWS\system32\nvwrsde.dll 2007-10-04 16:14 307,200 ----a-w C:\WINDOWS\system32\nvexpbar.dll 2007-10-04 16:14 303,104 ----a-w C:\WINDOWS\system32\nvwrstr.dll 2007-10-04 16:14 303,104 ----a-w C:\WINDOWS\system32\nvwrssl.dll 2007-10-04 16:14 303,104 ----a-w C:\WINDOWS\system32\nvwrsfi.dll 2007-10-04 16:14 3,629,056 ----a-w C:\WINDOWS\system32\nvvitvsr.dll 2007-10-04 16:14 3,551,232 ----a-w C:\WINDOWS\system32\nvvitvs.dll 2007-10-04 16:14 3,334,144 ----a-w C:\WINDOWS\system32\nvgames.dll 2007-10-04 16:14 3,166,208 ----a-w C:\WINDOWS\system32\nvgamesr.dll 2007-10-04 16:14 299,008 ----a-w C:\WINDOWS\system32\nvwrssk.dll 2007-10-04 16:14 299,008 ----a-w C:\WINDOWS\system32\nvwrsno.dll 2007-10-04 16:14 294,912 ----a-w C:\WINDOWS\system32\nvwrssv.dll 2007-10-04 16:14 294,912 ----a-w C:\WINDOWS\system32\nvwrspl.dll 2007-10-04 16:14 294,912 ----a-w C:\WINDOWS\system32\nvwrsda.dll 2007-10-04 16:14 290,816 ----a-w C:\WINDOWS\system32\nvwrsth.dll 2007-10-04 16:14 286,720 ----a-w C:\WINDOWS\system32\nvwrseng.dll 2007-10-04 16:14 286,720 ----a-w C:\WINDOWS\system32\nvwrscs.dll 2007-10-04 16:14 286,720 ----a-w C:\WINDOWS\system32\nvnt4cpl.dll 2007-10-04 16:14 282,624 ----a-w C:\WINDOWS\system32\nvwrsar.dll 2007-10-04 16:14 282,624 ----a-w C:\WINDOWS\system32\nvrsfr.dll 2007-10-04 16:14 282,624 ----a-w C:\WINDOWS\system32\nvrses.dll 2007-10-04 16:14 282,624 ----a-w C:\WINDOWS\system32\nvrsel.dll 2007-10-04 16:14 278,528 ----a-w C:\WINDOWS\system32\nvwrshe.dll 2007-10-04 16:14 278,528 ----a-w C:\WINDOWS\system32\nvrsit.dll 2007-10-04 16:14 278,528 ----a-w C:\WINDOWS\system32\nvrsde.dll 2007-10-04 16:14 274,432 ----a-w C:\WINDOWS\system32\nvrspt.dll 2007-10-04 16:14 274,432 ----a-w C:\WINDOWS\system32\nvrsnl.dll 2007-10-04 16:14 274,432 ----a-w C:\WINDOWS\system32\nvrsesm.dll 2007-10-04 16:14 270,336 ----a-w C:\WINDOWS\system32\nvrsru.dll 2007-10-04 16:14 266,240 ----a-w C:\WINDOWS\system32\nvrsptb.dll 2007-10-04 16:14 266,240 ----a-w C:\WINDOWS\system32\nvrsja.dll 2007-10-04 16:14 258,048 ----a-w C:\WINDOWS\system32\nvrstr.dll 2007-10-04 16:14 258,048 ----a-w C:\WINDOWS\system32\nvrssl.dll 2007-10-04 16:14 258,048 ----a-w C:\WINDOWS\system32\nvrssk.dll 2007-10-04 16:14 258,048 ----a-w C:\WINDOWS\system32\nvrsko.dll 2007-10-04 16:14 258,048 ----a-w C:\WINDOWS\system32\nvrshu.dll 2007-10-04 16:14 253,952 ----a-w C:\WINDOWS\system32\nvrsth.dll 2007-10-04 16:14 253,952 ----a-w C:\WINDOWS\system32\nvrssv.dll 2007-10-04 16:14 253,952 ----a-w C:\WINDOWS\system32\nvrspl.dll 2007-10-04 16:14 253,952 ----a-w C:\WINDOWS\system32\nvrsno.dll 2007-10-04 16:14 253,952 ----a-w C:\WINDOWS\system32\nvrsda.dll 2007-10-04 16:14 249,856 ----a-w C:\WINDOWS\system32\nvrsfi.dll 2007-10-04 16:14 249,856 ----a-w C:\WINDOWS\system32\nvrscs.dll 2007-10-04 16:14 245,760 ----a-w C:\WINDOWS\system32\nvrseng.dll 2007-10-04 16:14 229,376 ----a-w C:\WINDOWS\system32\nvmccs.dll 2007-10-04 16:14 225,280 ----a-w C:\WINDOWS\system32\nvrszhc.dll 2007-10-04 16:14 212,992 ----a-w C:\WINDOWS\system32\nvwrsja.dll 2007-10-04 16:14 2,854,912 ----a-w C:\WINDOWS\system32\nvmoblsr.dll 2007-10-04 16:14 2,441,216 ----a-w C:\WINDOWS\system32\nvwssr.dll 2007-10-04 16:14 2,371,584 ----a-w C:\WINDOWS\system32\nvwss.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Gadwin PrintScreen"="C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe" [2007-08-20 09:42] "AutoConnect"="D:\AutoConnect\AutoConnect.exe" [2004-08-28 19:27] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "iKeyWorks"="C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe" [2005-04-14 04:35] "AvMenu"="D:\ArcaBit 2007\ArcaVir\AVMenu.exe" [2007-12-05 10:24] "ABREGMON"="D:\ArcaBit 2007\ArcaVir\ABregmon.exe" [2007-07-12 09:40] "NvCplDaemon"="RUNDLL32.exe" [2004-08-03 23:44 C:\WINDOWS\system32\rundll32.exe] "nwiz"="nwiz.exe" [2007-10-04 17:14 C:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="RUNDLL32.exe" [2004-08-03 23:44 C:\WINDOWS\system32\rundll32.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-03 23:44] C:\Documents and Settings\All Users\Menu Start\Programy\AutostartBTTray.lnk - D:\BLUETOOTH PC\BTTray.exe [2005-10-09 00:16:54] DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2007-10-09 19:20:38] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\TS_LogonListener] TS_LogonListener.dll 2007-01-12 15:41 101376 C:\WINDOWS\system32\TS_LogonListener.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^HP Digital Imaging Monitor.lnk] path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Microsoft Office.lnk] path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ABRegmon] 2007-07-12 09:40 303104 --a------ D:\ArcaBit 2007\ArcaVir\ABregmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr] ALCMTR.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcaCheck] D:\ArcaBit 2007\ArcaVir\ArcaCheck.exe /startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools-1033] D:\demon\daemon.exe -lang 1033 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DataLayer] 2005-09-06 13:45 820736 --a------ C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\himem] c:\windows\himem.exe 3fff 8ffff [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] 2005-05-11 22:12 49152 --a------ D:\HP 1410\HP Software Update\HPWuSchd2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe -start [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] C:\Program Files\Messenger\msmsgs.exe /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck] 2001-07-09 10:50 155648 --a------ C:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] nwiz.exe /install [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication] D:\Nokia PC Suite\Nokia PC Suite 6\LaunchApplication.exe -onlytray [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] RTHDCPL.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel] SkyTel.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WooCnxMon] 2003-10-16 18:07 24576 --a------ C:\PROGRA~1\NEOSTR~1\CnxMon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOTASKBARICON] 2003-10-16 18:07 53248 --------- C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH] 2003-10-16 18:07 20480 --------- C:\PROGRA~1\NEOSTR~1\Watch.exe R0 m5288;m5288;C:\WINDOWS\system32\DRIVERS\m5288.sys [2005-12-23 21:54] R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);C:\WINDOWS\system32\drivers\sfsync03.sys [2005-10-13 14:46] R1 ABTDI;ABTDI;D:\ArcaBit 2007\ArcaVir\ABTDI.sys [2007-05-08 13:45] R2 ABFileMon;ArcaBit FileMonitor;"D:\ArcaBit 2007\ArcaVir\FileMonSV.exe" [2007-10-09 11:10] R2 ArcaBit.TaskScheduler;ArcaBit.TaskScheduler;"D:\ArcaBit 2007\Common\TaskScheduler.exe" [2007-01-12 15:42] R2 AVUpdate;ArcaBit Update Service;D:\ArcaBit 2007\ArcaUpdate\update.exe [2007-02-26 15:04] R3 ABFLT;ArcaBit File Monitor Driver;D:\ARCABI~1\ArcaVir\ABFLT.sys [2007-09-12 13:37] R3 ArcaBit.Core.Configurator;ArcaBit.Core.Configurator;"D:\ArcaBit 2007\Common\ArcaBit.Core.Configurator2.exe" [2007-01-11 15:01] R3 ArcaBit.Core.LoggingService;ArcaBit.Core.LoggingService;"D:\ArcaBit 2007\Common\ArcaBit.Core.LoggingService.exe" [2007-01-11 15:03] R3 ULI5261XP;ULi M526X Ethernet NT Driver;C:\WINDOWS\system32\DRIVERS\ULILAN51.SYS [2005-03-22 13:36] S3 Amps2prt;A4Tech PS/2 Port Mouse Driver;C:\WINDOWS\system32\DRIVERS\Amps2prt.sys [2004-03-31 18:03] S3 usbscan;Sterownik skanera USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 21:58] S3 USBSTOR;Sterownik magazynu masowego USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 22:08] . ************************************************************************** catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-12-22 14:56:28 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-12-22 14:56:50[/quote] już nie mam tych błedów, i jak to zrobiłem to wyskoczyło mi z 3 okienka z adware chyba programu antyvirusowego ArcaVir 2007 a i jeszcze jedno: na dysku C mam dużo plików o nazwie: pos1, pos1A, pos 1A00 i tak dalej, tych plików jest 8971 ,a rozmiar jednego pliku to ok. 12 kb. wcześniej tych plików nie miałem no i teraz nie chcę mieć bo mi zaśmiecają dysk C a i tak mam tam mało miejsca wolnego:/
sirtepek
Dodano
22.12.2007 16:07:30
Wklej do [b]Notatnika[/b]: [CODE] File:: C:\pos212A.tmp C:\pos1F39.tmp C:\pos1D2F.tmp C:\pos1D17.tmp C:\posFFB.tmp C:\posDF5.tmp C:\posDA2.tmp C:\pos1CF0.tmp C:\posB65.tmp C:\pos881.tmp C:\pos1AEE.tmp C:\pos7AB.tmp C:\pos190F.tmp C:\pos5D8.tmp C:\pos3D0.tmp C:\posD8.tmp C:\pos1710.tmp C:\pos153F.tmp [/code] [b]>>Plik>>Zapisz jako... >>> [color=red]CFScript[/color][/b] Przeciągnij i upuść plik [color=red][b]CFScript.txt[/b][/color] na plik [b]ComboFix.exe[/b] – podobnie jak na tym obrazku [b][color=blue]-->[/color][/b][img]http://img.wklej.org/images/88953CFScript-createdbyMiekiemoes.gif[/img] Ma się rozpocząć usuwanie. (i powstanie log). [b]Po restarcie[/b] usuń ręcznie folder [b]C: \[color=red]Qoobox[/color][/b]. Daj ten log, który powstanie w trakcie usuwania. .
morda
Dodano
22.12.2007 15:13:24
juz zrobilem te czyszczenie ,, mordy ,,, pozdrawiam i dziękuję :) zobaczymy czy pomogło jak narazie błedow nie miałem daje log: [quote]ComboFix 07-12-21.4 - Lukasz 2007-12-22 12:37:51.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.532 [GMT 1:00] Running from: F:\ComboFix.exe Command switches used :: F:\CFScript.txt * Created a new restore point FILE C:\pos171E.tmp C:\pos1AF4.tmp C:\pos1CF3.tmp C:\pos3E3.tmp C:\pos5D9.tmp C:\pos7B3.tmp C:\pos88D.tmp C:\posBB8.tmp C:\posDAA.tmp C:\posE01.tmp C:\posF8.tmp C:\WINDOWS\system32\cwagdypo.dll C:\WINDOWS\system32\yqrviazq.dll C:\WINDOWS\system32\yqrviazq.dllbox . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\pos171E.tmp C:\pos1AF4.tmp C:\pos1CF3.tmp C:\pos3E3.tmp C:\pos5D9.tmp C:\pos7B3.tmp C:\pos88D.tmp C:\posBB8.tmp C:\posDAA.tmp C:\posE01.tmp C:\posF8.tmp C:\WINDOWS\system32\cwagdypo.dll C:\WINDOWS\system32\yqrviazq.dll C:\WINDOWS\system32\yqrviazq.dllbox . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\ps_drv ((((((((((((((((((((((((( Files Created from 2007-11-22 to 2007-12-22 ))))))))))))))))))))))))))))))) . 2007-12-22 11:01 . 2007-12-22 11:59 14,033 --a------ C:\pos212A.tmp 2007-12-22 10:45 . 2007-12-22 10:50 14,033 --a------ C:\pos1F39.tmp 2007-12-21 18:11 . 2007-12-21 18:11 14,033 --a------ C:\pos1D2F.tmp 2007-12-21 18:10 . 2007-12-21 18:11 14,033 --a------ C:\pos1D17.tmp 2007-12-21 16:58 . 2007-12-21 16:58 14,033 --a------ C:\posFFB.tmp 2007-12-21 15:38 . 2007-12-21 15:39 14,033 --a------ C:\posDF5.tmp 2007-12-21 14:17 . 2007-12-21 14:17 14,033 --a------ C:\posDA2.tmp 2007-12-21 14:05 . 2007-12-21 14:05 14,033 --a------ C:\pos1CF0.tmp 2007-12-21 12:51 . 2007-12-21 12:51 14,033 --a------ C:\posB65.tmp 2007-12-21 12:31 . 2007-12-21 12:31 d-------- C:\WINDOWS\nview 2007-12-21 12:31 . 2007-10-04 17:14 356,352 --a------ C:\WINDOWS\system32\nvudisp.exe 2007-12-21 12:31 . 2007-12-21 12:51 140,158 --a------ C:\WINDOWS\system32\nvapps.xml 2007-12-21 12:31 . 2007-10-04 17:14 17,525 --a------ C:\WINDOWS\system32\nvdisp.nvu 2007-12-21 12:28 . 2007-12-21 12:29 14,033 --a------ C:\pos881.tmp 2007-12-21 11:17 . 2007-12-21 11:17 14,033 --a------ C:\pos1AEE.tmp 2007-12-20 18:58 . 2007-12-20 18:58 14,033 --a------ C:\pos7AB.tmp 2007-12-20 18:07 . 2007-12-20 18:07 14,033 --a------ C:\pos190F.tmp 2007-12-20 16:31 . 2007-12-20 16:31 14,033 --a------ C:\pos5D8.tmp 2007-12-20 16:09 . 2007-12-20 16:09 14,033 --a------ C:\pos3D0.tmp 2007-12-20 15:04 . 2007-12-20 15:04 14,033 --a------ C:\posD8.tmp 2007-12-20 14:38 . 2007-12-20 14:38 14,033 --a------ C:\pos1710.tmp 2007-12-20 13:10 . 2007-12-20 13:11 14,033 --a------ C:\pos153F.tmp 2007-12-19 18:12 . 2007-12-20 17:26 d-------- C:\NVIDIA 2007-12-18 15:08 . 2007-12-18 15:08 d-------- C:\WINDOWS\system32\xlive 2007-12-18 14:48 . 2007-12-18 14:48 d-------- C:\Program Files\OpenAL 2007-12-18 14:48 . 2007-12-18 14:48 413,696 --a------ C:\WINDOWS\system32\wrap_oal.dll 2007-12-18 14:48 . 2007-12-18 14:48 110,592 --a------ C:\WINDOWS\system32\OpenAL32.dll 2007-12-12 17:38 . 2007-12-12 17:38 641,021 --a------ C:\WINDOWS\unins001.exe 2007-12-12 17:38 . 2007-12-12 17:38 2,585 --a------ C:\WINDOWS\unins001.dat 2007-12-12 13:31 . 2007-07-19 18:14 3,727,720 --a------ C:\WINDOWS\system32\d3dx9_35.dll 2007-12-12 13:31 . 2007-07-19 18:14 1,358,192 --a------ C:\WINDOWS\system32\D3DCompiler_35.dll 2007-12-12 13:31 . 2007-07-19 18:14 444,776 --a------ C:\WINDOWS\system32\d3dx10_35.dll 2007-12-12 13:31 . 2007-07-20 00:57 267,112 --a------ C:\WINDOWS\system32\xactengine2_9.dll 2007-12-11 16:48 . 2007-12-11 16:48 d--h----- C:\WINDOWS\system32\GroupPolicy 2007-12-09 17:05 . 2007-12-09 17:05 d-------- C:\Documents and Settings\Lukasz\Dane aplikacji\BitSpirit 2007-12-09 12:59 . 2007-12-09 13:00 468 --a------ C:\WINDOWS\system32\CoreAAC.ax 2007-12-08 16:25 . 2001-01-12 19:47 122,884 --a------ C:\WINDOWS\UnGins.exe 2007-12-08 16:13 . 2004-08-18 09:34 442,368 -ra------ C:\WINDOWS\system32\vp6vfw.dll 2007-12-08 15:29 . 2007-12-08 15:29 d-------- C:\Program Files\uTorrent 2007-12-08 15:29 . 2007-12-19 17:23 d-------- C:\Documents and Settings\Lukasz\Dane aplikacji\uTorrent 2007-12-08 13:59 . 2007-12-08 15:29 d-------- C:\Documents and Settings\Lukasz\Dane aplikacji\Azureus 2007-12-08 13:59 . 2007-12-08 13:59 d-------- C:\Documents and Settings\All Users\Dane aplikacji\Azureus 2007-12-07 15:38 . 2007-12-14 20:59 d-------- C:\Program Files\DivX 2007-12-06 16:47 . 2007-12-06 16:47 d-------- C:\Documents and Settings\Lukasz\Dane aplikacji\Corel 2007-12-06 16:47 . 2007-12-06 16:58 56 -r-hs---- C:\WINDOWS\system32\7EDA65C1DA.sys 2007-12-06 16:46 . 2007-12-06 16:46 d-------- C:\Documents and Settings\All Users\Dane aplikacji\InstallShield 2007-12-06 16:41 . 2007-12-06 16:58 3,350 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys 2007-12-01 15:11 . 2007-05-16 16:45 3,497,832 --a------ C:\WINDOWS\system32\d3dx9_34.dll 2007-12-01 15:11 . 2007-05-16 16:45 1,124,720 --a------ C:\WINDOWS\system32\D3DCompiler_34.dll 2007-12-01 15:11 . 2007-05-16 16:45 443,752 --a------ C:\WINDOWS\system32\d3dx10_34.dll 2007-12-01 15:11 . 2007-06-20 20:46 266,088 --a------ C:\WINDOWS\system32\xactengine2_8.dll 2007-12-01 15:11 . 2007-07-20 00:54 18,280 --a------ C:\WINDOWS\system32\x3daudio1_2.dll 2007-12-01 14:58 . 2007-12-01 14:58 d-------- C:\Documents and Settings\Lukasz\Dane aplikacji\InstallShield 2007-11-28 13:13 . 2007-11-28 13:13 d--hs---- C:\found.000 . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-12-20 13:46 17,144 ----a-w C:\Documents and Settings\Lukasz\Dane aplikacji\GDIPFONTCACHEV1.DAT 2007-12-18 17:17 --------- d-----w C:\Documents and Settings\Lukasz\Dane aplikacji\Skype 2007-12-17 09:57 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\ArcaBit 2007-12-09 11:57 --------- d--h--w C:\Program Files\InstallShield Installation Information 2007-12-09 10:07 359,040 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys 2007-12-08 11:52 --------- d-----w C:\Program Files\Neostrada TP 2007-12-06 15:45 --------- d-----w C:\Program Files\Common Files\InstallShield 2007-12-04 12:18 --------- d-----w C:\Documents and Settings\Lukasz\Dane aplikacji\Hamachi 2007-11-10 19:40 --------- d-----w C:\Program Files\Gadwin Systems 2007-11-10 19:17 --------- d-----w C:\Documents and Settings\Lukasz\Dane aplikacji\FastStone 2007-11-04 13:15 --------- d-----w C:\Documents and Settings\Lukasz\Dane aplikacji\Image Zone Express 2007-11-04 12:11 --------- d-----w C:\Documents and Settings\Lukasz\Dane aplikacji\HP 2007-10-29 17:20 --------- d-----w C:\Program Files\Windows Media Components 2007-10-27 12:36 --------- d-----w C:\Program Files\A4Tech 2007-10-25 12:54 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard 2007-10-25 12:54 --------- d-----w C:\Program Files\AGEIA Technologies 2007-10-22 17:53 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll 2007-10-22 17:53 --------- d--h--r C:\Documents and Settings\Lukasz\Dane aplikacji\SecuROM 2007-10-20 00:56 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll 2007-10-20 00:56 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll 2007-10-12 22:19 13,653,824 ----a-w C:\WINDOWS\system32\xlivefnt.dll 2007-10-12 22:19 10,155,840 ----a-w C:\WINDOWS\system32\xlive.dll 2007-10-04 16:14 81,920 ----a-w C:\WINDOWS\system32\nvwddi.dll 2007-10-04 16:14 81,920 ----a-w C:\WINDOWS\system32\nvmctray.dll 2007-10-04 16:14 8,491,008 ----a-w C:\WINDOWS\system32\nvcpl.dll 2007-10-04 16:14 753,664 ----a-w C:\WINDOWS\system32\nvcplui.exe 2007-10-04 16:14 6,750,208 ----a-w C:\WINDOWS\system32\nvoglnt.dll 2007-10-04 16:14 6,344,704 ----a-w C:\WINDOWS\system32\nvdisps.dll 2007-10-04 16:14 5,783,424 ----a-w C:\WINDOWS\system32\nv4_disp.dll 2007-10-04 16:14 5,509,120 ----a-w C:\WINDOWS\system32\nvdispsr.dll 2007-10-04 16:14 466,944 ----a-w C:\WINDOWS\system32\nvshell.dll 2007-10-04 16:14 458,752 ----a-w C:\WINDOWS\system32\nvmccssr.dll 2007-10-04 16:14 45,056 ----a-w C:\WINDOWS\system32\nvmccsrs.dll 2007-10-04 16:14 442,368 ----a-w C:\WINDOWS\system32\nvappbar.exe 2007-10-04 16:14 425,984 ----a-w C:\WINDOWS\system32\keystone.exe 2007-10-04 16:14 364,544 ----a-w C:\WINDOWS\system32\nvapi.dll 2007-10-04 16:14 36,864 ----a-w C:\WINDOWS\system32\nvcodins.dll 2007-10-04 16:14 36,864 ----a-w C:\WINDOWS\system32\nvcod.dll 2007-10-04 16:14 335,872 ----a-w C:\WINDOWS\system32\nvwrses.dll 2007-10-04 16:14 335,872 ----a-w C:\WINDOWS\system32\nvwrsel.dll 2007-10-04 16:14 327,680 ----a-w C:\WINDOWS\system32\nvwrsfr.dll 2007-10-04 16:14 327,680 ----a-w C:\WINDOWS\system32\nvwrsesm.dll 2007-10-04 16:14 327,680 ----a-w C:\WINDOWS\system32\nvrshe.dll 2007-10-04 16:14 327,680 ----a-w C:\WINDOWS\system32\nvrsar.dll 2007-10-04 16:14 323,584 ----a-w C:\WINDOWS\system32\nvwrspt.dll 2007-10-04 16:14 323,584 ----a-w C:\WINDOWS\system32\nvwrsit.dll 2007-10-04 16:14 319,488 ----a-w C:\WINDOWS\system32\nvwrsptb.dll 2007-10-04 16:14 319,488 ----a-w C:\WINDOWS\system32\nvwrsnl.dll 2007-10-04 16:14 315,392 ----a-w C:\WINDOWS\system32\nvwrsru.dll 2007-10-04 16:14 315,392 ----a-w C:\WINDOWS\system32\nvwrshu.dll 2007-10-04 16:14 311,296 ----a-w C:\WINDOWS\system32\nvwrsde.dll 2007-10-04 16:14 307,200 ----a-w C:\WINDOWS\system32\nvexpbar.dll 2007-10-04 16:14 303,104 ----a-w C:\WINDOWS\system32\nvwrstr.dll 2007-10-04 16:14 303,104 ----a-w C:\WINDOWS\system32\nvwrssl.dll 2007-10-04 16:14 303,104 ----a-w C:\WINDOWS\system32\nvwrsfi.dll 2007-10-04 16:14 3,629,056 ----a-w C:\WINDOWS\system32\nvvitvsr.dll 2007-10-04 16:14 3,551,232 ----a-w C:\WINDOWS\system32\nvvitvs.dll 2007-10-04 16:14 3,334,144 ----a-w C:\WINDOWS\system32\nvgames.dll 2007-10-04 16:14 3,166,208 ----a-w C:\WINDOWS\system32\nvgamesr.dll 2007-10-04 16:14 299,008 ----a-w C:\WINDOWS\system32\nvwrssk.dll 2007-10-04 16:14 299,008 ----a-w C:\WINDOWS\system32\nvwrsno.dll 2007-10-04 16:14 294,912 ----a-w C:\WINDOWS\system32\nvwrssv.dll 2007-10-04 16:14 294,912 ----a-w C:\WINDOWS\system32\nvwrspl.dll 2007-10-04 16:14 294,912 ----a-w C:\WINDOWS\system32\nvwrsda.dll 2007-10-04 16:14 290,816 ----a-w C:\WINDOWS\system32\nvwrsth.dll 2007-10-04 16:14 286,720 ----a-w C:\WINDOWS\system32\nvwrseng.dll 2007-10-04 16:14 286,720 ----a-w C:\WINDOWS\system32\nvwrscs.dll 2007-10-04 16:14 286,720 ----a-w C:\WINDOWS\system32\nvnt4cpl.dll 2007-10-04 16:14 282,624 ----a-w C:\WINDOWS\system32\nvwrsar.dll 2007-10-04 16:14 282,624 ----a-w C:\WINDOWS\system32\nvrsfr.dll 2007-10-04 16:14 282,624 ----a-w C:\WINDOWS\system32\nvrses.dll 2007-10-04 16:14 282,624 ----a-w C:\WINDOWS\system32\nvrsel.dll 2007-10-04 16:14 278,528 ----a-w C:\WINDOWS\system32\nvwrshe.dll 2007-10-04 16:14 278,528 ----a-w C:\WINDOWS\system32\nvrsit.dll 2007-10-04 16:14 278,528 ----a-w C:\WINDOWS\system32\nvrsde.dll 2007-10-04 16:14 274,432 ----a-w C:\WINDOWS\system32\nvrspt.dll 2007-10-04 16:14 274,432 ----a-w C:\WINDOWS\system32\nvrsnl.dll 2007-10-04 16:14 274,432 ----a-w C:\WINDOWS\system32\nvrsesm.dll 2007-10-04 16:14 270,336 ----a-w C:\WINDOWS\system32\nvrsru.dll 2007-10-04 16:14 266,240 ----a-w C:\WINDOWS\system32\nvrsptb.dll 2007-10-04 16:14 266,240 ----a-w C:\WINDOWS\system32\nvrsja.dll 2007-10-04 16:14 258,048 ----a-w C:\WINDOWS\system32\nvrstr.dll 2007-10-04 16:14 258,048 ----a-w C:\WINDOWS\system32\nvrssl.dll 2007-10-04 16:14 258,048 ----a-w C:\WINDOWS\system32\nvrssk.dll 2007-10-04 16:14 258,048 ----a-w C:\WINDOWS\system32\nvrsko.dll 2007-10-04 16:14 258,048 ----a-w C:\WINDOWS\system32\nvrshu.dll 2007-10-04 16:14 253,952 ----a-w C:\WINDOWS\system32\nvrsth.dll 2007-10-04 16:14 253,952 ----a-w C:\WINDOWS\system32\nvrssv.dll 2007-10-04 16:14 253,952 ----a-w C:\WINDOWS\system32\nvrspl.dll 2007-10-04 16:14 253,952 ----a-w C:\WINDOWS\system32\nvrsno.dll 2007-10-04 16:14 253,952 ----a-w C:\WINDOWS\system32\nvrsda.dll 2007-10-04 16:14 249,856 ----a-w C:\WINDOWS\system32\nvrsfi.dll 2007-10-04 16:14 249,856 ----a-w C:\WINDOWS\system32\nvrscs.dll 2007-10-04 16:14 245,760 ----a-w C:\WINDOWS\system32\nvrseng.dll 2007-10-04 16:14 229,376 ----a-w C:\WINDOWS\system32\nvmccs.dll 2007-10-04 16:14 225,280 ----a-w C:\WINDOWS\system32\nvrszhc.dll 2007-10-04 16:14 212,992 ----a-w C:\WINDOWS\system32\nvwrsja.dll 2007-10-04 16:14 2,854,912 ----a-w C:\WINDOWS\system32\nvmoblsr.dll 2007-10-04 16:14 2,441,216 ----a-w C:\WINDOWS\system32\nvwssr.dll 2007-10-04 16:14 2,371,584 ----a-w C:\WINDOWS\system32\nvwss.dll . ((((((((((((((((((((((((((((( snapshot@2007-12-21_15.58.05.43 ))))))))))))))))))))))))))))))))))))))))) . - 2007-12-21 14:43:21 40,128 ----a-w C:\WINDOWS\system32\perfc009.dat + 2007-12-22 11:35:20 40,128 ----a-w C:\WINDOWS\system32\perfc009.dat - 2007-12-21 14:43:21 49,712 ----a-w C:\WINDOWS\system32\perfc015.dat + 2007-12-22 11:35:20 49,712 ----a-w C:\WINDOWS\system32\perfc015.dat - 2007-12-21 14:43:21 311,740 ----a-w C:\WINDOWS\system32\perfh009.dat + 2007-12-22 11:35:20 311,740 ----a-w C:\WINDOWS\system32\perfh009.dat - 2007-12-21 14:43:21 355,830 ----a-w C:\WINDOWS\system32\perfh015.dat + 2007-12-22 11:35:20 355,830 ----a-w C:\WINDOWS\system32\perfh015.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Gadwin PrintScreen"="C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe" [2007-08-20 09:42] "AutoConnect"="D:\AutoConnect\AutoConnect.exe" [2004-08-28 19:27] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "iKeyWorks"="C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe" [2005-04-14 04:35] "AvMenu"="D:\ArcaBit 2007\ArcaVir\AVMenu.exe" [2007-12-05 10:24] "ABREGMON"="D:\ArcaBit 2007\ArcaVir\ABregmon.exe" [2007-07-12 09:40] "NvCplDaemon"="RUNDLL32.exe" [2004-08-03 23:44 C:\WINDOWS\system32\rundll32.exe] "nwiz"="nwiz.exe" [2007-10-04 17:14 C:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="RUNDLL32.exe" [2004-08-03 23:44 C:\WINDOWS\system32\rundll32.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-03 23:44] C:\Documents and Settings\All Users\Menu Start\Programy\AutostartBTTray.lnk - D:\BLUETOOTH PC\BTTray.exe [2005-10-09 00:16:54] DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2007-10-09 19:20:38] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\TS_LogonListener] TS_LogonListener.dll 2007-01-12 15:41 101376 C:\WINDOWS\system32\TS_LogonListener.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^HP Digital Imaging Monitor.lnk] path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Microsoft Office.lnk] path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ABRegmon] 2007-07-12 09:40 303104 --a------ D:\ArcaBit 2007\ArcaVir\ABregmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr] ALCMTR.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcaCheck] D:\ArcaBit 2007\ArcaVir\ArcaCheck.exe /startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools-1033] D:\demon\daemon.exe -lang 1033 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DataLayer] 2005-09-06 13:45 820736 --a------ C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\himem] c:\windows\himem.exe 3fff 8ffff [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] 2005-05-11 22:12 49152 --a------ D:\HP 1410\HP Software Update\HPWuSchd2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe -start [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] C:\Program Files\Messenger\msmsgs.exe /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck] 2001-07-09 10:50 155648 --a------ C:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] nwiz.exe /install [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication] D:\Nokia PC Suite\Nokia PC Suite 6\LaunchApplication.exe -onlytray [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] RTHDCPL.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel] SkyTel.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WooCnxMon] 2003-10-16 18:07 24576 --a------ C:\PROGRA~1\NEOSTR~1\CnxMon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOTASKBARICON] 2003-10-16 18:07 53248 --------- C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH] 2003-10-16 18:07 20480 --------- C:\PROGRA~1\NEOSTR~1\Watch.exe R0 m5288;m5288;C:\WINDOWS\system32\DRIVERS\m5288.sys [2005-12-23 21:54] R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);C:\WINDOWS\system32\drivers\sfsync03.sys [2005-10-13 14:46] R1 ABTDI;ABTDI;D:\ArcaBit 2007\ArcaVir\ABTDI.sys [2007-05-08 13:45] R2 ABFileMon;ArcaBit FileMonitor;"D:\ArcaBit 2007\ArcaVir\FileMonSV.exe" [2007-10-09 11:10] R2 ArcaBit.TaskScheduler;ArcaBit.TaskScheduler;"D:\ArcaBit 2007\Common\TaskScheduler.exe" [2007-01-12 15:42] R2 AVUpdate;ArcaBit Update Service;D:\ArcaBit 2007\ArcaUpdate\update.exe [2007-02-26 15:04] R3 ABFLT;ArcaBit File Monitor Driver;D:\ARCABI~1\ArcaVir\ABFLT.sys [2007-09-12 13:37] R3 ArcaBit.Core.Configurator;ArcaBit.Core.Configurator;"D:\ArcaBit 2007\Common\ArcaBit.Core.Configurator2.exe" [2007-01-11 15:01] R3 ULI5261XP;ULi M526X Ethernet NT Driver;C:\WINDOWS\system32\DRIVERS\ULILAN51.SYS [2005-03-22 13:36] S3 Amps2prt;A4Tech PS/2 Port Mouse Driver;C:\WINDOWS\system32\DRIVERS\Amps2prt.sys [2004-03-31 18:03] S3 ArcaBit.Core.LoggingService;ArcaBit.Core.LoggingService;"D:\ArcaBit 2007\Common\ArcaBit.Core.LoggingService.exe" [2007-01-11 15:03] S3 usbscan;Sterownik skanera USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 21:58] S3 USBSTOR;Sterownik magazynu masowego USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 22:08] . ************************************************************************** catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-12-22 12:41:32 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . [/quote]
sirtepek
Dodano
22.12.2007 13:48:17
Update BIOS-u ( o ile możliwy ) - ACPI, rzut okiem w FAQ w dziale XP przyklejony - pamiec nie może być read/written - pozwoli Ci wybrać drogę do uściślenia przyczyny pojawiania isę komunikatu ( czasem jest to czysta losówka - nieależna od niczego poza kaprysem systemu i wtedy trzba go polubić ), chyba jakieś sfc /scannow też by isę z cmd przydało, a na pewno by nie zaszkodziło ( oczywiście po czyszczeniu, o ktorym morda napisął ).
Rebe
Dodano
22.12.2007 09:08:46
Ja, dla odmiany, zajmę się tylko logami, bo masz dwie infekcje: VUNDO oraz infekcję na pendrive. Wklej do [b]Notatnika[/b]: [CODE] File:: C:\posE01.tmp C:\posDAA.tmp C:\pos1CF3.tmp C:\posBB8.tmp C:\pos88D.tmp C:\pos1AF4.tmp C:\pos7B3.tmp C:\pos5D9.tmp C:\pos3E3.tmp C:\posF8.tmp C:\pos171E.tmp C:\WINDOWS\system32\yqrviazq.dll C:\WINDOWS\system32\cwagdypo.dll C:\WINDOWS\system32\yqrviazq.dllbox Folder:: C:\WINDOWS\system32\windows Driver:: MSControlService ps_drv Registry:: [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8990f4f8-95f2-11dc-8c08-0016179032ea}] [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A95B2816-1D7E-4561-A202-68C0DE02353A}] [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{c7c20e78-3100-4ba2-a10d-33b3a01d2b3c}] [-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\yqrviazq] [/code] [b]>>Plik>>Zapisz jako... >>> [color=red]CFScript[/color][/b] (najwygodniej będzie, jeśli zapiszesz w takiej lokalizacji, by ikonka [b]CFScript.txt[/b] znalazła się obok ikonki [b]ComboFix.exe[/b]) Przeciągnij i upuść plik [color=red][b]CFScript.txt[/b][/color] na plik [b]ComboFix.exe[/b] (czyli ikonkę [b]CFScript.txt[/b] na ikonkę [b]ComboFix.exe[/b]) – podobnie jak na tym obrazku [b][color=blue]-->[/color][/b][img]http://img.wklej.org/images/88953CFScript-createdbyMiekiemoes.gif[/img] Ma się rozpocząć usuwanie. (i powstanie log). [b]Po restarcie[/b] usuń ręcznie folder [b]C: \[color=red]Qoobox[/color][/b]. Daj ten log, który powstanie w trakcie usuwania. Infekcje raczej nie mają nic wspólnego z pokazanymi błędami, ale chyba warto się pozbyć tych infekcji. Przynajmniej nie będą zaciemniały sprawy dla kogoś, kto zechce Ci pomagać wprzy tych błędach. .
morda
Dodano
21.12.2007 23:33:17
Kilka screenów: [URL=http://www.fotosik.pl/showFullSize.php?id=0a640d081623264b][IMG]http://images32.fotosik.pl/84/0a640d081623264bm.jpg[/IMG][/URL] [URL=http://www.fotosik.pl/showFullSize.php?id=63ffad3d88d3dad9][IMG]http://images25.fotosik.pl/128/63ffad3d88d3dad9m.jpg[/IMG][/URL] [URL=http://www.fotosik.pl/showFullSize.php?id=24f38c4cf756c0cc][IMG]http://images31.fotosik.pl/84/24f38c4cf756c0ccm.jpg[/IMG][/URL] podgląd zdarzeń: [URL=http://www.fotosik.pl/showFullSize.php?id=a258d92f16c7f18b][IMG]http://images33.fotosik.pl/84/a258d92f16c7f18bm.jpg[/IMG][/URL]
sirtepek
Dodano
21.12.2007 18:41:04
Kilka screenów: [URL=http://www.fotosik.pl/showFullSize.php?id=0a640d081623264b][IMG]http://images32.fotosik.pl/84/0a640d081623264bm.jpg[/IMG][/URL] [URL=http://www.fotosik.pl/showFullSize.php?id=63ffad3d88d3dad9][IMG]http://images25.fotosik.pl/128/63ffad3d88d3dad9m.jpg[/IMG][/URL] [URL=http://www.fotosik.pl/showFullSize.php?id=24f38c4cf756c0cc][IMG]http://images31.fotosik.pl/84/24f38c4cf756c0ccm.jpg[/IMG][/URL] podgląd zdarzeń: [URL=http://www.fotosik.pl/showFullSize.php?id=a258d92f16c7f18b][IMG]http://images33.fotosik.pl/84/a258d92f16c7f18bm.jpg[/IMG][/URL]
sirtepek
Dodano
21.12.2007 18:40:15
A treść tych błedów to gdzie ? PS. Na logi - przynajmniej inne niz systemowe - nie mam zwyczaju spoglądać.
Rebe
Dodano
21.12.2007 18:25:20
sirtepek
Dodano:
21.12.2007 17:18:52
Komentarzy:
10
Strona 1 / 1