Problemy z plikami amvo.exe - logi

INSTALKI.pl - programy, gry, sterowniki

Logi, zabezpieczenie komputera, danych. Programy antywirusowe antyspyware, firewall itp.

Regulamin forum

1. Każdy temat powinien odzwierciedlać treść wątku.
2. W przypadku wklejania logów; należy je wykonać od razu przynajmniej z dwóch narzędzi: FRST oraz z GMER
3. Wszelkie logi proszę publikować na przeznaczonych do tego stronach a w poście wklejać tylko link.
4. Nie wskazane jest skracanie logów, należy wkleić cały - od początku, do końca.
5. Nie wskazane jest podczepianie się do tematów innych użytkowników - proszę założyć nowy temat w dziale Bezpieczeństwo, ułatwi to pomoc sprawdzającemu.
6. Osoby nie posiadające odpowiedniej wiedzy, nie powinny sprawdzać logów, ponieważ grozi to poważnym uszkodzeniem systemu lub aplikacji zainstalowanych na komputerze.
7. Należy dokładnie opisać problem, występujące objawy oraz wszelkie podjęte działania.
8. Każdy skrypt jest unikatowy, napisany dla każdego przypadku z osobna, więc nie może być stosowany przez innych.
9. W przypadku zamieszczenia zrzutu ekranu (screenshot'a) proszę korzystać z zewnętrznego serwisu oferującego hosting zdjęć.
Wyślij odpowiedź
 
picia88
  • picia88
  • Posty: 6
  • Dołączenie: 15 Mar 2008, 11:01

Problemy z plikami amvo.exe - logi

15 Mar 2008, 11:06

mam problemy z plikami amvo.exe, stosujac sie do zalecen przeskanowalem kompa ComboFixem i otrzymalem nastepujacy wynik(prosze o dalsza pomoc w postepowanium, jak naszybciej bo mam kilka projektow do zrobienia na pn a komp nie dziala tak jak powinien)


ComboFix 08-03-14.4 - Picia 2008-03-15 9:52:53.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1250.1.1045.18.1681 [GMT 1:00]
Running from: C:\Documents and Settings\Picia\Pulpit\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Autorun.inf
C:\WINDOWS\system32\amvo.exe
C:\WINDOWS\system32\amvo0.dll
C:\WINDOWS\system32\amvo1.dll
E:\Autorun.inf
F:\Autorun.inf

.
((((((((((((((((((((((((( Files Created from 2008-02-15 to 2008-03-15 )))))))))))))))))))))))))))))))
.

2008-03-15 09:33 . 2008-03-15 09:33 <DIR> d-------- C:\WINDOWS\LastGood
2008-03-15 01:41 . 2006-03-02 13:00 1,875,968 --a--c--- C:\WINDOWS\system32\dllcache\msir3jp.lex
2008-03-15 01:40 . 2006-03-02 13:00 13,463,552 --a--c--- C:\WINDOWS\system32\dllcache\hwxjpn.dll
2008-03-15 01:39 . 2004-05-13 00:39 876,653 --a--c--- C:\WINDOWS\system32\dllcache\fp4awel.dll
2008-03-15 01:37 . 2008-03-15 01:37 749 -rah----- C:\WINDOWS\WindowsShell.Manifest
2008-03-15 01:37 . 2008-03-15 01:37 749 -rah----- C:\WINDOWS\system32\wuaucpl.cpl.manifest
2008-03-15 01:37 . 2008-03-15 01:37 749 -rah----- C:\WINDOWS\system32\sapi.cpl.manifest
2008-03-15 01:37 . 2008-03-15 01:37 749 -rah----- C:\WINDOWS\system32\ncpa.cpl.manifest
2008-03-15 01:37 . 2008-03-15 01:37 488 -rah----- C:\WINDOWS\system32\logonui.exe.manifest
2008-03-15 01:33 . 2005-10-31 10:17 135,168 -ra------ C:\WINDOWS\system32\RTLCPAPI.dll
2008-03-14 23:25 . 2008-03-14 23:24 100,382 -r-hs---- C:\cayfq2.cmd
2008-03-12 17:23 . 2008-03-12 11:24 103,310 -r-hs---- C:\22wcb21o.exe
2008-03-03 18:41 . 2008-03-03 18:41 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\nView_Profiles
2008-02-29 22:28 . 2008-02-29 22:28 16,808 --a------ C:\Documents and Settings\Picia\Dane aplikacji\GDIPFONTCACHEV1.DAT
2008-02-28 12:15 . 2008-02-28 12:15 17,920 --a------ C:\WINDOWS\system32\drivers\aksusb.sys
2008-02-28 12:15 . 2008-02-12 19:20 2,645 --a------ C:\WINDOWS\system32\config.hsp
2008-02-28 12:15 . 2008-02-28 12:15 141 --a------ C:\WINDOWS\splendor.ini
2008-02-28 12:14 . 2008-02-28 12:14 <DIR> d-------- C:\Documents and Settings\Picia\WINDOWS
2008-02-28 12:14 . 1999-09-01 11:00 284,160 --a------ C:\WINDOWS\unin0415.exe
2008-02-22 20:12 . 2008-02-22 20:12 <DIR> d-------- C:\Documents and Settings\Picia\Dane aplikacji\Media Player Classic
2008-02-20 16:06 . 2007-08-18 08:54 380,928 --a------ C:\WINDOWS\system32\ac3filter.acm
2008-02-18 14:09 . 2008-02-18 14:09 <DIR> d-------- C:\Documents and Settings\Picia\.jpi_cache
2008-02-18 14:09 . 2008-02-18 14:09 <DIR> d-------- C:\Documents and Settings\Picia\.java
2008-02-16 20:11 . 2008-02-16 20:11 <DIR> d-------- C:\Program Files\MSXML 6.0
2008-02-15 19:02 . 2005-06-17 10:27 379,456 --a------ C:\WINDOWS\system32\drivers\WlanUIG.sys
2008-02-15 19:02 . 2006-01-09 11:26 261,632 --a------ C:\WINDOWS\system32\drivers\WlanUZXP.sys
2008-02-15 19:02 . 2006-01-09 11:26 31,744 --a------ C:\WINDOWS\system32\drivers\ZDPSp50a64.sys
2008-02-15 19:02 . 2007-01-10 10:14 25,214 --a------ C:\WINDOWS\WLANUTL.ICO
2008-02-15 18:29 . 2008-02-15 18:29 <DIR> d-------- C:\Documents and Settings\Picia\Dane aplikacji\Intel
2008-02-15 18:28 . 2008-02-16 00:57 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-02-15 18:28 . 2008-02-15 18:28 <DIR> d-------- C:\Program Files\Intel
2008-02-15 18:28 . 2008-02-15 18:28 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Intel
2008-02-15 18:23 . 2006-04-24 16:00 83,584 -ra------ C:\WINDOWS\system32\drivers\Rtenicxp.sys
2008-02-15 17:49 . 2007-01-10 10:14 450,560 --a------ C:\WINDOWS\system32\drivers\WlanBZXP.sys
2008-02-15 17:48 . 2005-06-17 10:26 114,688 --a------ C:\WINDOWS\system32\WLANUTL.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-15 01:02 --------- d-----w C:\Program Files\Microsoft.NET
2008-03-15 00:59 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help
2008-02-22 18:09 --------- d-----w C:\Program Files\Common Files\Adobe
2008-02-15 18:03 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-15 17:23 --------- d-----w C:\Program Files\Realtek
2008-02-15 16:55 --------- d-----w C:\Program Files\neostrada tp
2008-02-14 21:47 --------- d-----w C:\Documents and Settings\Picia\Dane aplikacji\Apple Computer
2008-02-14 21:45 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Apple Computer
2008-02-14 11:08 --------- d-----w C:\Program Files\Common Files\LightScribe
2008-02-14 11:04 --------- d-----w C:\Documents and Settings\Picia\Dane aplikacji\Ahead
2008-02-14 11:03 --------- d-----w C:\Program Files\Common Files\Ahead
2008-02-14 11:02 --------- d-----w C:\Program Files\Nero
2008-02-14 11:02 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Nero
2008-02-13 13:57 --------- d-----w C:\Program Files\Microsoft SQL Server
2008-02-13 13:54 --------- d-----w C:\Program Files\Microsoft SQL Server 2005 Mobile Edition
2008-02-13 13:54 --------- d-----w C:\Program Files\Microsoft Device Emulator
2008-02-13 00:34 --------- d-----w C:\Program Files\Media Player Classic
2008-02-13 00:31 --------- d-----w C:\Documents and Settings\Picia\Dane aplikacji\Talkback
2008-02-13 00:26 --------- d-----w C:\Documents and Settings\Picia\Dane aplikacji\Winamp
2008-02-13 00:00 --------- d-----w C:\Program Files\WIDCOMM
2008-02-12 22:38 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\XP
2008-02-12 22:36 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-02-12 22:36 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Vista64
2008-02-12 21:51 --------- d-----w C:\Program Files\SystemRequirementsLab
2008-02-12 17:51 --------- d-----w C:\Program Files\Alwil Software
2008-02-12 17:40 --------- d-----w C:\Program Files\Java
2008-02-12 16:46 --------- d-----w C:\Program Files\microsoft frontpage
2008-02-12 16:44 --------- d-----w C:\Program Files\Usługi online
2006-07-28 15:25 32,768 ----a-w C:\Documents and Settings\All Users\Dane aplikacji\EBLib.dll
2006-07-28 15:25 19,456 ----a-w C:\Documents and Settings\All Users\Dane aplikacji\LPCFilter.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 13:00 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"SkyTel"="SkyTel.EXE" [2006-05-16 12:04 2879488 C:\WINDOWS\SkyTel.exe]
"snp2std"="C:\WINDOWS\vsnp2std.exe" [2006-09-15 23:21 675840]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-02-08 22:06 7405568]
"nwiz"="nwiz.exe" [2006-02-08 22:06 1519616 C:\WINDOWS\system32\nwiz.exe]
"RTHDCPL"="RTHDCPL.EXE" [2006-04-17 07:34 16143872 C:\WINDOWS\RTHDCPL.exe]
"AzMixerSel"="C:\Program Files\Realtek\InstallShield\AzMixerSel.exe" [2005-08-25 06:21 53248]
"AGRSMMSG"="AGRSMMSG.exe" [2005-12-12 06:50 88204 C:\WINDOWS\AGRSMMSG.exe]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 15:40 155648]
"QuickTime Task"="F:\Quick time\qttask.exe" [2008-02-14 22:46 155648]
"Adobe Reader Speed Launcher"="F:\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 13:06 40048]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 13:00 15360]

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\
BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-04-24 23:02:56 622653]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 10:01:04 83360]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"F:\\Medal of Honor\\mohpa.exe"=
"F:\\Gadu-Gadu\\gg.exe"=
"F:\\SopCast\\SopCast.exe"=
"F:\\SopCast\\adv\\SopAdver.exe"=
"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"=
"F:\\BearShare\\BearShare.exe"=

R3 SG762_XP;SAGEM 802.11g XG762 1211B Driver;C:\WINDOWS\system32\DRIVERS\WlanBZXP.sys [2007-01-10 10:14]
S1 CPEb;CPEb;C:\WINDOWS\system32\drivers\CPEb.sys []
S3 SNP2STD;USB2.0 PC Camera (SNP2STD);C:\WINDOWS\system32\DRIVERS\snp2sxp.sys [2006-11-17 02:29]
S3 SQLWriter;SQL Server VSS Writer;"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" [2005-10-14 03:53]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e7049118-d991-11dc-a987-000e50f3cfac}]
\Shell\AutoRun\command - G:\22wcb21o.exe
\Shell\explore\Command - G:\22wcb21o.exe
\Shell\open\Command - G:\22wcb21o.exe

*Newly Created Service* - BITS
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-15 09:54:03
Windows 5.1.2600 Dodatek Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-03-15 9:54:23
ComboFix-quarantined-files.txt 2008-03-15 08:54:21
.
2008-03-14 22:48:01 --- E O F ---
 
pp3088
  • pp3088
  • Posty: 999
  • Dołączenie: 11 Sie 2006, 23:59
  • Miejscowość: Szczecin

15 Mar 2008, 11:38

Wklej do Notatnika:
File::
C:\cayfq2.cmd
C:\22wcb21o.exe


>>Plik>>Zapisz jako... >>> CFScript (najwygodniej będzie, jeśli zapiszesz w takiej lokalizacji, by ikonka CFScript.txt znalazła się obok ikonki ComboFix.exe)
Przeciągnij i upuść plik CFScript.txt na plik ComboFix.exe (czyli ikonkę CFScript.txt na ikonkę ComboFix.exe)
– podobnie jak na tym obrazku -Image
(jeśli pojawi się pytanie "1 or 2" - to wpisz 1 i naciśnij ENTER) Ma się rozpocząć usuwanie. (i powstanie log)
Potem start>>uruchom>>wpisujesz "regedit">>odnajdujesz klucz
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\
i usuwasz go.

Po restarcie usuń ręcznie folder C: \Qoobox.

Po tym nowy log z Combofix.
 
picia88
  • picia88
  • Posty: 6
  • Dołączenie: 15 Mar 2008, 11:01

15 Mar 2008, 11:43

jak zrobie to co kazesz to mam pozniej zrobic nowy scan ComboFixem i wrzucic na forum?? czy juz powinno byc dobrze??
 
picia88
  • picia88
  • Posty: 6
  • Dołączenie: 15 Mar 2008, 11:01

15 Mar 2008, 11:53

mam nadzieje ze to co jest nizej wklejone oznacza pozytywny przebieg skanowania,prawda??



ComboFix 08-03-14.4 - Picia 2008-03-15 10:45:17.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1250.1.1045.18.1547 [GMT 1:00]
Running from: C:\Documents and Settings\Picia\Pulpit\ComboFix.exe
Command switches used :: C:\Documents and Settings\Picia\Pulpit\CFScript.txt
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

FILE ::
C:\22wcb21o.exe
C:\cayfq2.cmd
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\22wcb21o.exe
C:\Autorun.inf
C:\cayfq2.cmd
C:\WINDOWS\system32\amvo.exe
C:\WINDOWS\system32\amvo1.dll
E:\Autorun.inf
F:\Autorun.inf

.
((((((((((((((((((((((((( Files Created from 2008-02-15 to 2008-03-15 )))))))))))))))))))))))))))))))
.

2008-03-15 10:32 . 2008-03-15 10:32 <DIR> d-------- C:\Program Files\MSBuild
2008-03-15 10:21 . 2008-03-15 10:21 <DIR> d-------- C:\WINDOWS\Symbols
2008-03-15 10:21 . 2008-03-15 10:32 <DIR> d-------- C:\Program Files\Microsoft Visual Studio 8
2008-03-15 10:21 . 2008-03-15 10:31 <DIR> d-------- C:\Program Files\HTML Help Workshop
2008-03-15 10:21 . 2008-03-15 10:30 <DIR> d-------- C:\Program Files\Common Files\Merge Modules
2008-03-15 10:21 . 2008-03-15 10:23 <DIR> d-------- C:\Program Files\Common Files\Business Objects
2008-03-15 10:21 . 2008-03-15 10:21 <DIR> d-------- C:\Program Files\CE Remote Tools
2008-03-15 10:21 . 2008-03-15 10:21 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\PreEmptive Solutions
2008-03-15 10:18 . 2008-03-15 10:18 <DIR> d-------- C:\WINDOWS\LastGood
2008-03-15 01:41 . 2006-03-02 13:00 1,875,968 --a--c--- C:\WINDOWS\system32\dllcache\msir3jp.lex
2008-03-15 01:40 . 2006-03-02 13:00 13,463,552 --a--c--- C:\WINDOWS\system32\dllcache\hwxjpn.dll
2008-03-15 01:39 . 2004-05-13 00:39 876,653 --a--c--- C:\WINDOWS\system32\dllcache\fp4awel.dll
2008-03-15 01:37 . 2008-03-15 01:37 749 -rah----- C:\WINDOWS\WindowsShell.Manifest
2008-03-15 01:37 . 2008-03-15 01:37 749 -rah----- C:\WINDOWS\system32\wuaucpl.cpl.manifest
2008-03-15 01:37 . 2008-03-15 01:37 749 -rah----- C:\WINDOWS\system32\sapi.cpl.manifest
2008-03-15 01:37 . 2008-03-15 01:37 749 -rah----- C:\WINDOWS\system32\ncpa.cpl.manifest
2008-03-15 01:37 . 2008-03-15 01:37 488 -rah----- C:\WINDOWS\system32\logonui.exe.manifest
2008-03-15 01:33 . 2005-10-31 10:17 135,168 -ra------ C:\WINDOWS\system32\RTLCPAPI.dll
2008-03-03 18:41 . 2008-03-03 18:41 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\nView_Profiles
2008-02-29 22:28 . 2008-02-29 22:28 16,808 --a------ C:\Documents and Settings\Picia\Dane aplikacji\GDIPFONTCACHEV1.DAT
2008-02-28 12:15 . 2008-02-28 12:15 17,920 --a------ C:\WINDOWS\system32\drivers\aksusb.sys
2008-02-28 12:15 . 2008-02-12 19:20 2,645 --a------ C:\WINDOWS\system32\config.hsp
2008-02-28 12:15 . 2008-02-28 12:15 141 --a------ C:\WINDOWS\splendor.ini
2008-02-28 12:14 . 2008-02-28 12:14 <DIR> d-------- C:\Documents and Settings\Picia\WINDOWS
2008-02-28 12:14 . 1999-09-01 11:00 284,160 --a------ C:\WINDOWS\unin0415.exe
2008-02-22 20:12 . 2008-02-22 20:12 <DIR> d-------- C:\Documents and Settings\Picia\Dane aplikacji\Media Player Classic
2008-02-20 16:06 . 2007-08-18 08:54 380,928 --a------ C:\WINDOWS\system32\ac3filter.acm
2008-02-18 14:09 . 2008-02-18 14:09 <DIR> d-------- C:\Documents and Settings\Picia\.jpi_cache
2008-02-18 14:09 . 2008-02-18 14:09 <DIR> d-------- C:\Documents and Settings\Picia\.java
2008-02-16 20:11 . 2008-02-16 20:11 <DIR> d-------- C:\Program Files\MSXML 6.0
2008-02-15 19:02 . 2005-06-17 10:27 379,456 --a------ C:\WINDOWS\system32\drivers\WlanUIG.sys
2008-02-15 19:02 . 2006-01-09 11:26 261,632 --a------ C:\WINDOWS\system32\drivers\WlanUZXP.sys
2008-02-15 19:02 . 2006-01-09 11:26 31,744 --a------ C:\WINDOWS\system32\drivers\ZDPSp50a64.sys
2008-02-15 19:02 . 2007-01-10 10:14 25,214 --a------ C:\WINDOWS\WLANUTL.ICO
2008-02-15 18:29 . 2008-02-15 18:29 <DIR> d-------- C:\Documents and Settings\Picia\Dane aplikacji\Intel
2008-02-15 18:28 . 2008-02-16 00:57 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-02-15 18:28 . 2008-02-15 18:28 <DIR> d-------- C:\Program Files\Intel
2008-02-15 18:28 . 2008-02-15 18:28 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Intel
2008-02-15 18:23 . 2006-04-24 16:00 83,584 -ra------ C:\WINDOWS\system32\drivers\Rtenicxp.sys
2008-02-15 17:49 . 2007-01-10 10:14 450,560 --a------ C:\WINDOWS\system32\drivers\WlanBZXP.sys
2008-02-15 17:48 . 2005-06-17 10:26 114,688 --a------ C:\WINDOWS\system32\WLANUTL.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-15 09:37 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help
2008-03-15 09:21 --------- d-----w C:\Program Files\Microsoft.NET
2008-02-22 18:09 --------- d-----w C:\Program Files\Common Files\Adobe
2008-02-15 18:03 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-15 17:23 --------- d-----w C:\Program Files\Realtek
2008-02-15 16:55 --------- d-----w C:\Program Files\neostrada tp
2008-02-14 21:47 --------- d-----w C:\Documents and Settings\Picia\Dane aplikacji\Apple Computer
2008-02-14 21:45 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Apple Computer
2008-02-14 11:08 --------- d-----w C:\Program Files\Common Files\LightScribe
2008-02-14 11:04 --------- d-----w C:\Documents and Settings\Picia\Dane aplikacji\Ahead
2008-02-14 11:03 --------- d-----w C:\Program Files\Common Files\Ahead
2008-02-14 11:02 --------- d-----w C:\Program Files\Nero
2008-02-14 11:02 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Nero
2008-02-13 13:57 --------- d-----w C:\Program Files\Microsoft SQL Server
2008-02-13 13:54 --------- d-----w C:\Program Files\Microsoft SQL Server 2005 Mobile Edition
2008-02-13 13:54 --------- d-----w C:\Program Files\Microsoft Device Emulator
2008-02-13 00:34 --------- d-----w C:\Program Files\Media Player Classic
2008-02-13 00:31 --------- d-----w C:\Documents and Settings\Picia\Dane aplikacji\Talkback
2008-02-13 00:26 --------- d-----w C:\Documents and Settings\Picia\Dane aplikacji\Winamp
2008-02-13 00:00 --------- d-----w C:\Program Files\WIDCOMM
2008-02-12 22:38 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\XP
2008-02-12 22:36 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-02-12 22:36 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Vista64
2008-02-12 21:51 --------- d-----w C:\Program Files\SystemRequirementsLab
2008-02-12 17:51 --------- d-----w C:\Program Files\Alwil Software
2008-02-12 17:40 --------- d-----w C:\Program Files\Java
2008-02-12 16:46 --------- d-----w C:\Program Files\microsoft frontpage
2008-02-12 16:44 --------- d-----w C:\Program Files\Usługi online
2006-07-28 15:25 32,768 ----a-w C:\Documents and Settings\All Users\Dane aplikacji\EBLib.dll
2006-07-28 15:25 19,456 ----a-w C:\Documents and Settings\All Users\Dane aplikacji\LPCFilter.sys
.

((((((((((((((((((((((((((((( snapshot@2008-03-15_ 9.54.12,96 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-03-15 09:32:06 110,592 ----a-w C:\WINDOWS\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\adodb.dll
+ 2008-03-15 09:23:50 81,920 ----a-w C:\WINDOWS\assembly\GAC\CrystalDecisions.Enterprise.Desktop.Report\10.2.3600.0__692fbea5521e1304\CrystalDecisions.Enterprise.Desktop.Report.dll
+ 2008-03-15 09:23:50 45,056 ----a-w C:\WINDOWS\assembly\GAC\CrystalDecisions.Enterprise.Framework\10.2.3600.0__692fbea5521e1304\CrystalDecisions.Enterprise.Framework.dll
+ 2008-03-15 09:23:50 86,016 ----a-w C:\WINDOWS\assembly\GAC\CrystalDecisions.Enterprise.InfoStore\10.2.3600.0__692fbea5521e1304\CrystalDecisions.Enterprise.InfoStore.dll
+ 2008-03-15 09:23:50 32,768 ----a-w C:\WINDOWS\assembly\GAC\CrystalDecisions.Enterprise.PluginManager\10.2.3600.0__692fbea5521e1304\CrystalDecisions.Enterprise.PluginManager.dll
+ 2008-03-15 09:23:50 6,656 ----a-w C:\WINDOWS\assembly\GAC\CrystalDecisions.Enterprise.Viewing.ReportSource\10.2.3600.0__692fbea5521e1304\CrystalDecisions.Enterprise.Viewing.ReportSource.dll
+ 2008-03-15 09:32:39 4,608 ----a-w C:\WINDOWS\assembly\GAC\Extensibility\7.0.3300.0__b03f5f7f11d50a3a\extensibility.dll
+ 2008-03-15 09:32:08 8,007,680 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
+ 2008-03-15 09:32:06 13,312 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.stdformat.dll
+ 2008-03-15 09:33:38 69,632 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.VisualStudio.CommandBars\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.CommandBars.dll
+ 2008-03-15 09:31:49 8,704 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.VisualStudio.Designer.Interfaces\1.0.5000.0__b03f5f7f11d50a3a\microsoft.visualstudio.designer.interfaces.dll
+ 2008-03-15 09:31:54 106,496 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.VisualStudio.VCCodeModel\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.VCCodeModel.dll
+ 2008-03-15 09:31:54 12,288 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.VisualStudio.VCProject\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.VCProject.dll
+ 2008-03-15 09:31:55 139,264 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.VisualStudio.VCProjectEngine\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.VCProjectEngine.dll
+ 2008-03-15 09:32:06 4,096 ----a-w C:\WINDOWS\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\msdatasrc.dll
+ 2008-03-15 09:32:07 16,384 ----a-w C:\WINDOWS\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll
+ 2008-03-15 09:31:54 53,248 ----a-w C:\WINDOWS\assembly\GAC\VSLangProj\7.0.3300.0__b03f5f7f11d50a3a\VSLangProj.dll
+ 2008-03-15 09:31:28 19,968 ----a-w C:\WINDOWS\assembly\GAC\VSLangProj2\7.0.5000.0__b03f5f7f11d50a3a\VSLangProj2.dll
+ 2008-03-15 09:32:56 73,728 ----a-w C:\WINDOWS\assembly\GAC\VSLangProj80\8.0.0.0__b03f5f7f11d50a3a\VSLangProj80.dll
+ 2008-03-15 09:30:00 49,152 ----a-w C:\WINDOWS\assembly\GAC\VsWebSite.Interop\8.0.0.0__b03f5f7f11d50a3a\VsWebSite.Interop.dll
+ 2008-03-15 09:31:55 93,696 ----a-w C:\WINDOWS\assembly\GAC_32\Microsoft.VisualC.VSCodeParser\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.VSCodeParser.dll
+ 2008-03-15 09:32:39 815,104 ----a-w C:\WINDOWS\assembly\GAC_32\Microsoft.VisualStudio.Modeling.Diagrams.GraphObject\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Modeling.Diagrams.GraphObject.dll
+ 2008-03-15 09:32:19 1,662,976 ----a-w C:\WINDOWS\assembly\GAC_32\mscorcfg\2.0.0.0__b03f5f7f11d50a3a\mscorcfg.dll
+ 2008-03-15 09:31:56 12,800 ----a-w C:\WINDOWS\assembly\GAC_32\soapsudscode\2.0.0.0__b03f5f7f11d50a3a\SoapSudsCode.dll
+ 2008-03-15 09:29:42 53,248 ----a-w C:\WINDOWS\assembly\GAC_32\WebDev.WebHost\8.0.0.0__b03f5f7f11d50a3a\WebDev.WebHost.dll
+ 2008-03-15 09:32:46 102,400 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CppCodeProvider\8.0.0.0__b03f5f7f11d50a3a\CppCodeProvider.dll
+ 2008-03-15 09:23:38 14,336 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CRVsPackageLib\10.2.3600.0__692fbea5521e1304\CRVsPackageLib.dll
+ 2008-03-15 09:23:39 90,112 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CrystalDecisions.CrystalReports.Design\10.2.3600.0__692fbea5521e1304\CrystalDecisions.CrystalReports.Design.dll
+ 2008-03-15 09:23:47 376,832 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CrystalDecisions.CrystalReports.Engine\10.2.3600.0__692fbea5521e1304\CrystalDecisions.CrystalReports.Engine.dll
+ 2008-03-15 09:23:50 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CrystalDecisions.Data.AdoDotNetInterop\10.2.3600.0__692fbea5521e1304\CrystalDecisions.Data.AdoDotNetInterop.dll
+ 2008-03-15 09:23:48 19,456 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CrystalDecisions.KeyCode\10.2.3600.0__692fbea5521e1304\CrystalDecisions.KeyCode.dll
+ 2008-03-15 09:23:48 65,536 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CrystalDecisions.ReportAppServer.ClientDoc\10.2.3600.0__692fbea5521e1304\CrystalDecisions.ReportAppServer.ClientDoc.dll
+ 2008-03-15 09:23:48 49,152 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CrystalDecisions.ReportAppServer.CommLayer\10.2.3600.0__692fbea5521e1304\CrystalDecisions.ReportAppServer.CommLayer.dll
+ 2008-03-15 09:23:48 135,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CrystalDecisions.ReportAppServer.CommonControls\10.2.3600.0__692fbea5521e1304\CrystalDecisions.ReportAppServer.CommonControls.dll
+ 2008-03-15 09:23:49 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CrystalDecisions.ReportAppServer.CommonObjectModel\10.2.3600.0__692fbea5521e1304\CrystalDecisions.ReportAppServer.CommonObjectModel.dll
+ 2008-03-15 09:23:49 159,744 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CrystalDecisions.ReportAppServer.Controllers\10.2.3600.0__692fbea5521e1304\CrystalDecisions.ReportAppServer.Controllers.dll
+ 2008-03-15 09:23:49 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CrystalDecisions.ReportAppServer.CubeDefModel\10.2.3600.0__692fbea5521e1304\CrystalDecisions.ReportAppServer.CubeDefModel.dll
+ 2008-03-15 09:23:49 225,280 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CrystalDecisions.ReportAppServer.DataDefModel\10.2.3600.0__692fbea5521e1304\CrystalDecisions.ReportAppServer.DataDefModel.dll
+ 2008-03-15 09:23:50 49,152 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CrystalDecisions.ReportAppServer.DataSetConversion\10.2.3600.0__692fbea5521e1304\CrystalDecisions.ReportAppServer.DataSetConversion.dll
+ 2008-03-15 09:23:50 5,120 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CrystalDecisions.ReportAppServer.ObjectFactory\10.2.3600.0__692fbea5521e1304\CrystalDecisions.ReportAppServer.ObjectFactory.dll
+ 2008-03-15 09:23:50 315,392 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CrystalDecisions.ReportAppServer.ReportDefModel\10.2.3600.0__692fbea5521e1304\CrystalDecisions.ReportAppServer.ReportDefModel.dll
+ 2008-03-15 09:23:50 15,872 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CrystalDecisions.ReportAppServer.XmlSerialize\10.2.3600.0__692fbea5521e1304\CrystalDecisions.ReportAppServer.XmlSerialize.dll
+ 2008-03-15 09:23:46 102,400 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CrystalDecisions.ReportSource\10.2.3600.0__692fbea5521e1304\CrystalDecisions.ReportSource.dll
+ 2008-03-15 09:23:46 692,224 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CrystalDecisions.Shared\10.2.3600.0__692fbea5521e1304\CrystalDecisions.Shared.dll
+ 2008-03-15 09:23:38 303,104 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CrystalDecisions.VSDesigner\10.2.3600.0__692fbea5521e1304\CrystalDecisions.VSDesigner.dll
+ 2008-03-15 09:23:48 323,584 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CrystalDecisions.Web\10.2.3600.0__692fbea5521e1304\CrystalDecisions.Web.dll
+ 2008-03-15 09:23:48 245,760 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CrystalDecisions.Windows.Forms\10.2.3600.0__692fbea5521e1304\CrystalDecisions.Windows.Forms.dll
+ 2008-03-15 09:32:47 7,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\MFCMIFC80\1.0.0.0__b03f5f7f11d50a3a\mfcmifc80.dll
+ 2008-03-15 09:32:42 106,496 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Conversion\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Conversion.dll
+ 2008-03-15 09:31:31 860,160 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.CompactFramework.Build.Tasks\8.0.0.0__b03f5f7f11d50a3a\Microsoft.CompactFramework.Build.Tasks.dll
+ 2008-03-15 09:24:24 131,072 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.CompactFramework.Design.Model\8.0.0.0__b03f5f7f11d50a3a\Microsoft.CompactFramework.Design.Model.dll
+ 2008-03-15 09:24:22 192,512 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.CompactFramework.Design.PocketPC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.CompactFramework.Design.PocketPC.dll
+ 2008-03-15 09:24:24 73,728 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.CompactFramework.Design.PocketPC2004\8.0.0.0__b03f5f7f11d50a3a\Microsoft.CompactFramework.Design.PocketPC2004.dll
+ 2008-03-15 09:28:14 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.CompactFramework.Design.PocketPCV1\8.0.0.0__b03f5f7f11d50a3a\Microsoft.CompactFramework.Design.PocketPCV1.dll
+ 2008-03-15 09:24:24 159,744 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.CompactFramework.Design.SmartPhone\8.0.0.0__b03f5f7f11d50a3a\Microsoft.CompactFramework.Design.SmartPhone.dll
+ 2008-03-15 09:24:24 73,728 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.CompactFramework.Design.SmartPhone2004\8.0.0.0__b03f5f7f11d50a3a\Microsoft.CompactFramework.Design.SmartPhone2004.dll
+ 2008-03-15 09:24:23 180,224 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.CompactFramework.Design.WindowsCE\8.0.0.0__b03f5f7f11d50a3a\Microsoft.CompactFramework.Design.WindowsCE.dll
+ 2008-03-15 09:24:22 684,032 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.CompactFramework.Design\8.0.0.0__b03f5f7f11d50a3a\Microsoft.CompactFramework.Design.dll
+ 2008-03-15 09:32:54 3,612,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.ReportViewer.Common\8.0.0.0__b03f5f7f11d50a3a\Microsoft.ReportViewer.Common.dll
+ 2008-03-15 09:32:16 94,208 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.ReportViewer.Design\8.0.0.0__b03f5f7f11d50a3a\Microsoft.ReportViewer.Design.dll
+ 2008-03-15 09:32:56 49,152 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.ReportViewer.ProcessingObjectModel\8.0.0.0__b03f5f7f11d50a3a\Microsoft.ReportViewer.ProcessingObjectModel.dll
+ 2008-03-15 09:32:17 114,688 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.ReportViewer.WebDesign\8.0.0.0__b03f5f7f11d50a3a\Microsoft.ReportViewer.WebDesign.dll
+ 2008-03-15 09:32:55 532,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.ReportViewer.WebForms\8.0.0.0__b03f5f7f11d50a3a\Microsoft.ReportViewer.WebForms.dll
+ 2008-03-15 09:32:56 331,776 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.ReportViewer.WinForms\8.0.0.0__b03f5f7f11d50a3a\Microsoft.ReportViewer.WinForms.dll
+ 2008-03-15 09:31:55 49,152 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC.VSCodeProvider\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.VSCodeProvider.dll
+ 2008-03-15 09:31:49 106,496 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualStudio.Configuration\2.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Configuration.dll
+ 2008-03-15 09:33:32 49,152 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualStudio.DebuggerVisualizers\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.DebuggerVisualizers.dll
+ 2008-03-15 09:31:49 434,176 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualStudio.Design\2.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Design.dll
+ 2008-03-15 09:24:24 45,056 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualStudio.DeviceConnectivity.Interop\1.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.DeviceConnectivity.Interop.dll
+ 2008-03-15 09:31:58 1,859,584 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualStudio.Editors\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Editors.dll
+ 2008-03-15 09:32:05 905,216 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualStudio.EnterpriseTools.ClassDesigner\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.EnterpriseTools.ClassDesigner.dll
+ 2008-03-15 09:32:39 462,848 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualStudio.EnterpriseTools.Shell\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.EnterpriseTools.Shell.dll
+ 2008-03-15 09:32:04 1,499,136 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualStudio.EnterpriseTools.TypeSystem\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.EnterpriseTools.TypeSystem.dll
+ 2008-03-15 09:32:39 77,824 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualStudio.EnterpriseTools\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.EnterpriseTools.dll
+ 2008-03-15 09:33:31 24,576 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualStudio.HostingProcess.Utilities.Sync\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.HostingProcess.Utilities.Sync.dll
+ 2008-03-15 09:33:31 49,152 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualStudio.HostingProcess.Utilities\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.HostingProcess.Utilities.dll
+ 2008-03-15 09:33:38 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualStudio.ManagedInterfaces\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.ManagedInterfaces.dll
+ 2008-03-15 09:32:40 1,290,240 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualStudio.Modeling.ArtifactMapper.VSHost\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Modeling.ArtifactMapper.VSHost.dll
+ 2008-03-15 09:32:40 266,240 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualStudio.Modeling.ArtifactMapper\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Modeling.ArtifactMapper.dll
+ 2008-03-15 09:32:40 651,264 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualStudio.Modeling.Diagrams\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Modeling.Diagrams.dll
+ 2008-03-15 09:32:40 761,856 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualStudio.Modeling\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Modeling.dll
+ 2008-03-15 09:31:50 344,064 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualStudio.Package.LanguageService\2.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Package.LanguageService.dll
+ 2008-03-15 09:31:50 4,096 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualStudio.ProjectAggregator\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.ProjectAggregator.dll
+ 2008-03-15 09:32:01 806,912 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualStudio.Publish\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Publish.dll
+ 2008-03-15 09:31:50 249,856 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualStudio.Shell.Design\2.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Shell.Design.dll
+ 2008-03-15 09:31:15 15,872 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualStudio.TemplateWizardInterface\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.TemplateWizardInterface.dll
+ 2008-03-15 09:32:53 315,392 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualStudio.VirtualTreeGrid\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.VirtualTreeGrid.dll
+ 2008-03-15 09:31:49 360,448 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualStudio.Windows.Forms\2.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Windows.Forms.dll
+ 2008-03-15 09:29:34 73,728 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualStudio.WizardFramework\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.WizardFramework.Dll
+ 2008-03-15 09:31:50 294,912 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualStudio\2.0.0.0__b03f5f7f11d50a3a\microsoft.visualstudio.dll
+ 2008-03-15 09:31:51 4,202,496 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VSDesigner\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VSDesigner.dll
+ 2008-03-15 09:31:36 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\msddslmp\8.0.0.0__b03f5f7f11d50a3a\msddslmp.dll
+ 2008-03-15 09:31:36 139,264 ----a-w C:\WINDOWS\assembly\GAC_MSIL\msddsp\8.0.0.0__b03f5f7f11d50a3a\msddsp.dll
+ 2008-03-15 09:36:57 17,920 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\21ce2aa5af6b294b9a13f079645cfbb2\Microsoft.VisualC.ni.dll
+ 2008-03-15 09:36:56 1,003,520 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\msvcm80\9b8343b754df0f468cb3817da8eeae2a\msvcm80.ni.dll
+ 2005-09-23 06:01:18 68,280 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\al.exe
+ 2005-09-23 05:56:22 106,496 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Conversion.dll
+ 2005-09-23 05:56:16 860,160 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.CompactFramework.Build.Tasks.dll
+ 2005-09-23 05:56:16 118,784 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\WebDev.WebServer.EXE
+ 2005-09-23 01:55:58 8,704 ----a-w C:\WINDOWS\system32\1033\vsjitdebuggerui.dll
- 2006-03-02 12:00:00 2,804,224 -c--a-w C:\WINDOWS\system32\dllcache\msi.dll
+ 2005-05-04 13:45:32 2,890,240 -c--a-w C:\WINDOWS\system32\dllcache\msi.dll
- 2006-03-02 12:00:00 77,312 -c--a-w C:\WINDOWS\system32\dllcache\msiexec.exe
+ 2005-05-04 13:45:36 78,848 -c--a-w C:\WINDOWS\system32\dllcache\msiexec.exe
- 2006-03-02 12:00:00 331,264 -c--a-w C:\WINDOWS\system32\dllcache\msihnd.dll
+ 2005-05-04 13:45:36 271,360 -c--a-w C:\WINDOWS\system32\dllcache\msihnd.dll
- 2006-03-02 12:00:00 884,736 -c--a-w C:\WINDOWS\system32\dllcache\msimsg.dll
+ 2005-05-04 13:45:36 884,736 -c--a-w C:\WINDOWS\system32\dllcache\msimsg.dll
- 2006-03-02 12:00:00 44,032 -c--a-w C:\WINDOWS\system32\dllcache\msisip.dll
+ 2005-05-04 13:45:36 15,360 -c--a-w C:\WINDOWS\system32\dllcache\msisip.dll
- 2006-03-02 12:00:00 36,864 -c--a-w C:\WINDOWS\system32\dllcache\wups.dll
+ 2007-07-30 18:18:40 33,624 -c--a-w C:\WINDOWS\system32\dllcache\wups.dll
+ 2005-09-23 08:20:28 837,904 ----a-w C:\WINDOWS\system32\hha.dll
- 2006-03-02 12:00:00 2,804,224 ----a-w C:\WINDOWS\system32\msi.dll
+ 2005-05-04 13:45:32 2,890,240 ----a-w C:\WINDOWS\system32\msi.dll
- 2006-03-02 12:00:00 77,312 ----a-w C:\WINDOWS\system32\msiexec.exe
+ 2005-05-04 13:45:36 78,848 ----a-w C:\WINDOWS\system32\msiexec.exe
- 2006-03-02 12:00:00 331,264 ----a-w C:\WINDOWS\system32\msihnd.dll
+ 2005-05-04 13:45:36 271,360 ----a-w C:\WINDOWS\system32\msihnd.dll
- 2006-03-02 12:00:00 884,736 ----a-w C:\WINDOWS\system32\msimsg.dll
+ 2005-05-04 13:45:36 884,736 ----a-w C:\WINDOWS\system32\msimsg.dll
- 2006-03-02 12:00:00 44,032 ----a-w C:\WINDOWS\system32\msisip.dll
+ 2005-05-04 13:45:36 15,360 ----a-w C:\WINDOWS\system32\msisip.dll
- 2006-03-02 12:00:00 36,864 ----a-w C:\WINDOWS\system32\wups.dll
+ 2007-07-30 18:18:40 33,624 ----a-w C:\WINDOWS\system32\wups.dll
+ 2008-03-15 09:16:40 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_648.dat
+ 2005-09-22 22:48:08 1,015,808 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.DebugCRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_f75eb16c\msvcm80d.dll
+ 2005-09-22 22:48:08 1,028,096 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.DebugCRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_f75eb16c\msvcp80d.dll
+ 2005-09-22 22:48:08 1,171,456 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.DebugCRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_f75eb16c\msvcr80d.dll
+ 2005-09-23 00:16:02 2,375,680 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.DebugMFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_c8452471\mfc80d.dll
+ 2005-09-23 00:16:06 2,379,264 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.DebugMFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_c8452471\mfc80ud.dll
+ 2005-09-23 00:16:10 114,688 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.DebugMFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_c8452471\mfcm80d.dll
+ 2005-09-23 00:16:12 102,400 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.DebugMFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_c8452471\mfcm80ud.dll
+ 2005-09-23 00:35:10 102,400 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.DebugOpenMP_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_66b81908\vcompd.dll
+ 2005-09-23 00:35:10 65,536 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0ee63867\vcomp.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 13:00 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"SkyTel"="SkyTel.EXE" [2006-05-16 12:04 2879488 C:\WINDOWS\SkyTel.exe]
"snp2std"="C:\WINDOWS\vsnp2std.exe" [2006-09-15 23:21 675840]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-02-08 22:06 7405568]
"nwiz"="nwiz.exe" [2006-02-08 22:06 1519616 C:\WINDOWS\system32\nwiz.exe]
"RTHDCPL"="RTHDCPL.EXE" [2006-04-17 07:34 16143872 C:\WINDOWS\RTHDCPL.exe]
"AzMixerSel"="C:\Program Files\Realtek\InstallShield\AzMixerSel.exe" [2005-08-25 06:21 53248]
"AGRSMMSG"="AGRSMMSG.exe" [2005-12-12 06:50 88204 C:\WINDOWS\AGRSMMSG.exe]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 15:40 155648]
"QuickTime Task"="F:\Quick time\qttask.exe" [2008-02-14 22:46 155648]
"Adobe Reader Speed Launcher"="F:\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 13:06 40048]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 13:00 15360]

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\
BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-04-24 23:02:56 622653]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 10:01:04 83360]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"F:\\Medal of Honor\\mohpa.exe"=
"F:\\Gadu-Gadu\\gg.exe"=
"F:\\SopCast\\SopCast.exe"=
"F:\\SopCast\\adv\\SopAdver.exe"=
"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"=
"F:\\BearShare\\BearShare.exe"=

R3 SG762_XP;SAGEM 802.11g XG762 1211B Driver;C:\WINDOWS\system32\DRIVERS\WlanBZXP.sys [2007-01-10 10:14]
S1 CPEb;CPEb;C:\WINDOWS\system32\drivers\CPEb.sys []
S3 SNP2STD;USB2.0 PC Camera (SNP2STD);C:\WINDOWS\system32\DRIVERS\snp2sxp.sys [2006-11-17 02:29]
S3 SQLWriter;SQL Server VSS Writer;"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" [2005-10-14 03:53]
S4 msvsmon80;Visual Studio 2005 Remote Debugger;"C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe" /service msvsmon80 []

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e7049118-d991-11dc-a987-000e50f3cfac}]
\Shell\AutoRun\command - G:\cayfq2.cmd
\Shell\explore\Command - G:\cayfq2.cmd
\Shell\open\Command - G:\cayfq2.cmd

.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-15 10:46:38
Windows 5.1.2600 Dodatek Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-03-15 10:47:02
ComboFix-quarantined-files.txt 2008-03-15 09:47:00
ComboFix2.txt 2008-03-15 08:54:24
.
2008-03-14 22:48:01 --- E O F ---
 
picia88
  • picia88
  • Posty: 6
  • Dołączenie: 15 Mar 2008, 11:01

15 Mar 2008, 11:55

powiem tylko tyle.....WIELKIE DZIEKI!!!!!!! wszystko dziala jak piowinno;], pozdro
 
picia88
  • picia88
  • Posty: 6
  • Dołączenie: 15 Mar 2008, 11:01

16 Mar 2008, 11:38

sorki... ale czy moge prosic o kolejny log poniewaz ponownie pojawil sie u mnie ten wirus....


ComboFix 08-03-14.4 - Picia 2008-03-16 10:34:27.3 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1250.1.1045.18.1622 [GMT 1:00]
Running from: C:\Documents and Settings\Picia\Pulpit\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Autorun.inf
C:\WINDOWS\system32\amvo.exe
C:\WINDOWS\system32\amvo1.dll
E:\Autorun.inf
F:\Autorun.inf

.
((((((((((((((((((((((((( Files Created from 2008-02-16 to 2008-03-16 )))))))))))))))))))))))))))))))
.

2008-03-16 10:30 . 2008-03-16 10:30 <DIR> d-------- C:\WINDOWS\LastGood
2008-03-15 15:09 . 2005-10-31 10:17 135,168 -r------- C:\WINDOWS\system32\RtlCPAPI.dll
2008-03-15 15:07 . 2005-05-03 10:43 69,632 -r------- C:\WINDOWS\Alcmtr.exe
2008-03-15 10:32 . 2008-03-15 10:32 <DIR> d-------- C:\Program Files\MSBuild
2008-03-15 10:21 . 2008-03-15 10:21 <DIR> d-------- C:\WINDOWS\Symbols
2008-03-15 10:21 . 2008-03-15 10:32 <DIR> d-------- C:\Program Files\Microsoft Visual Studio 8
2008-03-15 10:21 . 2008-03-15 10:31 <DIR> d-------- C:\Program Files\HTML Help Workshop
2008-03-15 10:21 . 2008-03-15 10:30 <DIR> d-------- C:\Program Files\Common Files\Merge Modules
2008-03-15 10:21 . 2008-03-15 10:23 <DIR> d-------- C:\Program Files\Common Files\Business Objects
2008-03-15 10:21 . 2008-03-15 10:21 <DIR> d-------- C:\Program Files\CE Remote Tools
2008-03-15 10:21 . 2008-03-15 10:21 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\PreEmptive Solutions
2008-03-15 01:41 . 2006-03-02 13:00 1,875,968 --a--c--- C:\WINDOWS\system32\dllcache\msir3jp.lex
2008-03-15 01:40 . 2006-03-02 13:00 13,463,552 --a--c--- C:\WINDOWS\system32\dllcache\hwxjpn.dll
2008-03-15 01:39 . 2004-05-13 00:39 876,653 --a--c--- C:\WINDOWS\system32\dllcache\fp4awel.dll
2008-03-15 01:37 . 2008-03-15 01:37 749 -rah----- C:\WINDOWS\WindowsShell.Manifest
2008-03-15 01:37 . 2008-03-15 01:37 749 -rah----- C:\WINDOWS\system32\wuaucpl.cpl.manifest
2008-03-15 01:37 . 2008-03-15 01:37 749 -rah----- C:\WINDOWS\system32\sapi.cpl.manifest
2008-03-15 01:37 . 2008-03-15 01:37 749 -rah----- C:\WINDOWS\system32\ncpa.cpl.manifest
2008-03-15 01:37 . 2008-03-15 01:37 488 -rah----- C:\WINDOWS\system32\logonui.exe.manifest
2008-03-03 18:41 . 2008-03-03 18:41 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\nView_Profiles
2008-02-29 22:28 . 2008-02-29 22:28 16,808 --a------ C:\Documents and Settings\Picia\Dane aplikacji\GDIPFONTCACHEV1.DAT
2008-02-28 12:15 . 2008-02-28 12:15 17,920 --a------ C:\WINDOWS\system32\drivers\aksusb.sys
2008-02-28 12:15 . 2008-02-12 19:20 2,645 --a------ C:\WINDOWS\system32\config.hsp
2008-02-28 12:15 . 2008-02-28 12:15 141 --a------ C:\WINDOWS\splendor.ini
2008-02-28 12:14 . 2008-02-28 12:14 <DIR> d-------- C:\Documents and Settings\Picia\WINDOWS
2008-02-28 12:14 . 1999-09-01 11:00 284,160 --a------ C:\WINDOWS\unin0415.exe
2008-02-22 20:12 . 2008-02-22 20:12 <DIR> d-------- C:\Documents and Settings\Picia\Dane aplikacji\Media Player Classic
2008-02-20 16:06 . 2007-08-18 08:54 380,928 --a------ C:\WINDOWS\system32\ac3filter.acm
2008-02-18 14:09 . 2008-02-18 14:09 <DIR> d-------- C:\Documents and Settings\Picia\.jpi_cache
2008-02-18 14:09 . 2008-02-18 14:09 <DIR> d-------- C:\Documents and Settings\Picia\.java
2008-02-16 20:11 . 2008-02-16 20:11 <DIR> d-------- C:\Program Files\MSXML 6.0

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-15 14:07 --------- d-----w C:\Program Files\Realtek
2008-03-15 09:37 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help
2008-03-15 09:21 --------- d-----w C:\Program Files\Microsoft.NET
2008-02-22 18:09 --------- d-----w C:\Program Files\Common Files\Adobe
2008-02-15 18:03 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-15 17:29 --------- d-----w C:\Documents and Settings\Picia\Dane aplikacji\Intel
2008-02-15 17:28 --------- d-----w C:\Program Files\Intel
2008-02-15 17:28 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Intel
2008-02-15 16:55 --------- d-----w C:\Program Files\neostrada tp
2008-02-14 21:47 --------- d-----w C:\Documents and Settings\Picia\Dane aplikacji\Apple Computer
2008-02-14 21:45 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Apple Computer
2008-02-14 11:08 --------- d-----w C:\Program Files\Common Files\LightScribe
2008-02-14 11:04 --------- d-----w C:\Documents and Settings\Picia\Dane aplikacji\Ahead
2008-02-14 11:03 --------- d-----w C:\Program Files\Common Files\Ahead
2008-02-14 11:02 --------- d-----w C:\Program Files\Nero
2008-02-14 11:02 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Nero
2008-02-13 13:57 --------- d-----w C:\Program Files\Microsoft SQL Server
2008-02-13 13:54 --------- d-----w C:\Program Files\Microsoft SQL Server 2005 Mobile Edition
2008-02-13 13:54 --------- d-----w C:\Program Files\Microsoft Device Emulator
2008-02-13 00:34 --------- d-----w C:\Program Files\Media Player Classic
2008-02-13 00:31 --------- d-----w C:\Documents and Settings\Picia\Dane aplikacji\Talkback
2008-02-13 00:26 --------- d-----w C:\Documents and Settings\Picia\Dane aplikacji\Winamp
2008-02-13 00:00 --------- d-----w C:\Program Files\WIDCOMM
2008-02-12 22:38 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\XP
2008-02-12 22:36 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-02-12 22:36 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Vista64
2008-02-12 21:51 --------- d-----w C:\Program Files\SystemRequirementsLab
2008-02-12 17:51 --------- d-----w C:\Program Files\Alwil Software
2008-02-12 17:40 --------- d-----w C:\Program Files\Java
2008-02-12 16:46 --------- d-----w C:\Program Files\microsoft frontpage
2008-02-12 16:44 --------- d-----w C:\Program Files\Usługi online
2006-07-28 15:25 32,768 ----a-w C:\Documents and Settings\All Users\Dane aplikacji\EBLib.dll
2006-07-28 15:25 19,456 ----a-w C:\Documents and Settings\All Users\Dane aplikacji\LPCFilter.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 13:00 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"SkyTel"="SkyTel.EXE" [2006-05-16 12:04 2879488 C:\WINDOWS\SkyTel.exe]
"snp2std"="C:\WINDOWS\vsnp2std.exe" [2006-09-15 23:21 675840]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-02-08 22:06 7405568]
"nwiz"="nwiz.exe" [2006-02-08 22:06 1519616 C:\WINDOWS\system32\nwiz.exe]
"AzMixerSel"="C:\Program Files\Realtek\InstallShield\AzMixerSel.exe" [2005-08-25 06:21 53248]
"AGRSMMSG"="AGRSMMSG.exe" [2005-12-12 06:50 88204 C:\WINDOWS\AGRSMMSG.exe]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 15:40 155648]
"QuickTime Task"="F:\Quick time\qttask.exe" [2008-02-14 22:46 155648]
"Adobe Reader Speed Launcher"="F:\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 13:06 40048]
"RTHDCPL"="RTHDCPL.EXE" [2006-04-17 07:34 16143872 C:\WINDOWS\RTHDCPL.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 13:00 15360]

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\
BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-04-24 23:02:56 622653]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 10:01:04 83360]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"F:\\Medal of Honor\\mohpa.exe"=
"F:\\Gadu-Gadu\\gg.exe"=
"F:\\SopCast\\SopCast.exe"=
"F:\\SopCast\\adv\\SopAdver.exe"=
"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"=
"F:\\BearShare\\BearShare.exe"=

R3 SG762_XP;SAGEM 802.11g XG762 1211B Driver;C:\WINDOWS\system32\DRIVERS\WlanBZXP.sys [2007-01-10 10:14]
S1 CPEb;CPEb;C:\WINDOWS\system32\drivers\CPEb.sys []
S3 SNP2STD;USB2.0 PC Camera (SNP2STD);C:\WINDOWS\system32\DRIVERS\snp2sxp.sys [2006-11-17 02:29]
S3 SQLWriter;SQL Server VSS Writer;"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" [2005-10-14 03:53]
S4 msvsmon80;Visual Studio 2005 Remote Debugger;"C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe" /service msvsmon80 []

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e7049118-d991-11dc-a987-000e50f3cfac}]
\Shell\AutoRun\command - G:\xp19.com
\Shell\explore\Command - G:\xp19.com
\Shell\open\Command - G:\xp19.com

.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-16 10:36:14
Windows 5.1.2600 Dodatek Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-03-16 10:36:46
ComboFix-quarantined-files.txt 2008-03-16 09:36:32
.
2008-03-15 14:13:01 --- E O F ---
 
picia88
  • picia88
  • Posty: 6
  • Dołączenie: 15 Mar 2008, 11:01

16 Mar 2008, 11:55

jezeli ten raport jest taki sam jak poprzedni to moge uzyc tych samych polecen co za pierwszym razem prawda??
 
pp3088
  • pp3088
  • Posty: 999
  • Dołączenie: 11 Sie 2006, 23:59
  • Miejscowość: Szczecin

16 Mar 2008, 12:31

Potem start>>uruchom>>wpisujesz "regedit">>odnajdujesz klucz
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\
i usuwasz go.

Zrobiłaś to?
 
gwiazda
  • gwiazda
  • Posty: 1
  • Dołączenie: 08 Lut 2010, 22:38

Re: prosze o pomoc i podanie log

09 Lut 2010, 19:19

Mam problem z komputerem czy ktoś może mi pomóc?
Jaki program muszę zaistalować aby pozbyć się tego błędu??
Program nie drukuje...
See the end of this message for details on invoking
just-in-time (JIT) debugging instead of this dialog box.

************** Exception Text **************
System.IO.FileNotFoundException: Could not load file or assembly 'CrystalDecisions.Windows.Forms, Version=10.2.3600.0, Culture=neutral, PublicKeyToken=692fbea5521e1304' or one of its dependencies. Nie można odnaleźć określonego pliku.
File name: 'CrystalDecisions.Windows.Forms, Version=10.2.3600.0, Culture=neutral, PublicKeyToken=692fbea5521e1304'
at Reports.FRStandardReport.InitializeComponent()
at Reports.FRStandardReport..ctor()
at Reports.Functions.GrafikMiesieczny()
at GUI.Grafiki.GrafikMiesieczny_Click(Object sender, EventArgs e)
at System.Windows.Forms.ToolStripItem.RaiseEvent(Object key, EventArgs e)
at System.Windows.Forms.ToolStripMenuItem.OnClick(EventArgs e)
at System.Windows.Forms.ToolStripItem.HandleClick(EventArgs e)
at System.Windows.Forms.ToolStripItem.HandleMouseUp(MouseEventArgs e)
at System.Windows.Forms.ToolStripItem.FireEventInteractive(EventArgs e, ToolStripItemEventType met)
at System.Windows.Forms.ToolStripItem.FireEvent(EventArgs e, ToolStripItemEventType met)
at System.Windows.Forms.ToolStrip.OnMouseUp(MouseEventArgs mea)
at System.Windows.Forms.ToolStripDropDown.OnMouseUp(MouseEventArgs mea)
at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)
at System.Windows.Forms.Control.WndProc(Message& m)
at System.Windows.Forms.ScrollableControl.WndProc(Message& m)
at System.Windows.Forms.ToolStrip.WndProc(Message& m)
at System.Windows.Forms.ToolStripDropDown.WndProc(Message& m)
at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)
at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)
at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)

WRN: Assembly binding logging is turned OFF.
To enable assembly bind failure logging, set the registry value [HKLM\Software\Microsoft\Fusion!EnableLog] (DWORD) to 1.
Note: There is some performance penalty associated with assembly bind failure logging.
To turn this feature off, remove the registry value [HKLM\Software\Microsoft\Fusion!EnableLog].



************** Loaded Assemblies **************
mscorlib
Assembly Version: 2.0.0.0
Win32 Version: 2.0.50727.3053 (netfxsp.050727-3000)
CodeBase: file:///c:/WINDOWS/Microsoft.NET/Framework/v2.0.50727/mscorlib.dll
----------------------------------------
GUI
Assembly Version: 1.0.0.0
Win32 Version: 1.0.0.0
CodeBase: file:///C:/Documents%20and%20Settings/Dz_Podsan/Ustawienia%20lokalne/Apps/2.0/1VHB4XKX.6BC/1O0JVDD0.W9G/gui...tion_be2d3f6015e2a9b3_0001.0000_a1d98ee49838fa48/GUI.exe
----------------------------------------
System.Windows.Forms
Assembly Version: 2.0.0.0
Win32 Version: 2.0.50727.3053 (netfxsp.050727-3000)
CodeBase: file:///C:/WINDOWS/assembly/GAC_MSIL/System.Windows.Forms/2.0.0.0__b77a5c561934e089/System.Windows.Forms.dll
----------------------------------------
System
Assembly Version: 2.0.0.0
Win32 Version: 2.0.50727.3053 (netfxsp.050727-3000)
CodeBase: file:///C:/WINDOWS/assembly/GAC_MSIL/System/2.0.0.0__b77a5c561934e089/System.dll
----------------------------------------
System.Drawing
Assembly Version: 2.0.0.0
Win32 Version: 2.0.50727.3053 (netfxsp.050727-3000)
CodeBase: file:///C:/WINDOWS/assembly/GAC_MSIL/System.Drawing/2.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll
----------------------------------------
SourceGrid
Assembly Version: 4.11.2887.1415
Win32 Version: 4.11.2887.1415
CodeBase: file:///C:/Documents%20and%20Settings/Dz_Podsan/Ustawienia%20lokalne/Apps/2.0/1VHB4XKX.6BC/1O0JVDD0.W9G/gui...tion_be2d3f6015e2a9b3_0001.0000_a1d98ee49838fa48/SourceGrid.DLL
----------------------------------------
WeifenLuo.WinFormsUI.Docking
Assembly Version: 2.2.2864.18696
Win32 Version: 2.2.0.0
CodeBase: file:///C:/Documents%20and%20Settings/Dz_Podsan/Ustawienia%20lokalne/Apps/2.0/1VHB4XKX.6BC/1O0JVDD0.W9G/gui...tion_be2d3f6015e2a9b3_0001.0000_a1d98ee49838fa48/WeifenLuo.WinFormsUI.Docking.DLL
----------------------------------------
DevAge.Windows.Forms
Assembly Version: 4.10.2845.21698
Win32 Version: 4.10.2845.21698
CodeBase: file:///C:/Documents%20and%20Settings/Dz_Podsan/Ustawienia%20lokalne/Apps/2.0/1VHB4XKX.6BC/1O0JVDD0.W9G/gui...tion_be2d3f6015e2a9b3_0001.0000_a1d98ee49838fa48/DevAge.Windows.Forms.DLL
----------------------------------------
DevAge.Core
Assembly Version: 4.10.2845.21697
Win32 Version: 4.10.2845.21697
CodeBase: file:///C:/Documents%20and%20Settings/Dz_Podsan/Ustawienia%20lokalne/Apps/2.0/1VHB4XKX.6BC/1O0JVDD0.W9G/gui...tion_be2d3f6015e2a9b3_0001.0000_a1d98ee49838fa48/DevAge.Core.DLL
----------------------------------------
System.Configuration
Assembly Version: 2.0.0.0
Win32 Version: 2.0.50727.3053 (netfxsp.050727-3000)
CodeBase: file:///C:/WINDOWS/assembly/GAC_MSIL/System.Configuration/2.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll
----------------------------------------
DALC
Assembly Version: 1.0.0.0
Win32 Version: 1.0.0.0
CodeBase: file:///C:/Documents%20and%20Settings/Dz_Podsan/Ustawienia%20lokalne/Apps/2.0/1VHB4XKX.6BC/1O0JVDD0.W9G/gui...tion_be2d3f6015e2a9b3_0001.0000_a1d98ee49838fa48/DALC.DLL
----------------------------------------
Common
Assembly Version: 1.0.0.0
Win32 Version: 1.0.0.0
CodeBase: file:///C:/Documents%20and%20Settings/Dz_Podsan/Ustawienia%20lokalne/Apps/2.0/1VHB4XKX.6BC/1O0JVDD0.W9G/gui...tion_be2d3f6015e2a9b3_0001.0000_a1d98ee49838fa48/Common.DLL
----------------------------------------
System.Deployment
Assembly Version: 2.0.0.0
Win32 Version: 2.0.50727.3053 (netfxsp.050727-3000)
CodeBase: file:///C:/WINDOWS/assembly/GAC_MSIL/System.Deployment/2.0.0.0__b03f5f7f11d50a3a/System.Deployment.dll
----------------------------------------
System.Xml
Assembly Version: 2.0.0.0
Win32 Version: 2.0.50727.3053 (netfxsp.050727-3000)
CodeBase: file:///C:/WINDOWS/assembly/GAC_MSIL/System.Xml/2.0.0.0__b77a5c561934e089/System.Xml.dll
----------------------------------------
System.Data.SQLite
Assembly Version: 1.0.65.0
Win32 Version: 1.0.65.0
CodeBase: file:///C:/Documents%20and%20Settings/Dz_Podsan/Ustawienia%20lokalne/Apps/2.0/1VHB4XKX.6BC/1O0JVDD0.W9G/gui...tion_be2d3f6015e2a9b3_0001.0000_a1d98ee49838fa48/System.Data.SQLite.DLL
----------------------------------------
System.Data
Assembly Version: 2.0.0.0
Win32 Version: 2.0.50727.3053 (netfxsp.050727-3000)
CodeBase: file:///C:/WINDOWS/assembly/GAC_32/System.Data/2.0.0.0__b77a5c561934e089/System.Data.dll
----------------------------------------
System.Transactions
Assembly Version: 2.0.0.0
Win32 Version: 2.0.50727.3053 (netfxsp.050727-3000)
CodeBase: file:///C:/WINDOWS/assembly/GAC_32/System.Transactions/2.0.0.0__b77a5c561934e089/System.Transactions.dll
----------------------------------------
System.EnterpriseServices
Assembly Version: 2.0.0.0
Win32 Version: 2.0.50727.3053 (netfxsp.050727-3000)
CodeBase: file:///C:/WINDOWS/assembly/GAC_32/System.EnterpriseServices/2.0.0.0__b03f5f7f11d50a3a/System.EnterpriseServices.dll
----------------------------------------
DataSynchronization
Assembly Version: 1.0.0.0
Win32 Version: 1.0.0.0
CodeBase: file:///C:/Documents%20and%20Settings/Dz_Podsan/Ustawienia%20lokalne/Apps/2.0/1VHB4XKX.6BC/1O0JVDD0.W9G/gui...tion_be2d3f6015e2a9b3_0001.0000_a1d98ee49838fa48/DataSynchronization.DLL
----------------------------------------
MySql.Data
Assembly Version: 5.2.6.0
Win32 Version: 5.2.6.0
CodeBase: file:///C:/Documents%20and%20Settings/Dz_Podsan/Ustawienia%20lokalne/Apps/2.0/1VHB4XKX.6BC/1O0JVDD0.W9G/gui...tion_be2d3f6015e2a9b3_0001.0000_a1d98ee49838fa48/MySql.Data.DLL
----------------------------------------
DataLayer
Assembly Version: 1.0.0.0
Win32 Version: 1.0.0.0
CodeBase: file:///C:/Documents%20and%20Settings/Dz_Podsan/Ustawienia%20lokalne/Apps/2.0/1VHB4XKX.6BC/1O0JVDD0.W9G/gui...tion_be2d3f6015e2a9b3_0001.0000_a1d98ee49838fa48/DataLayer.DLL
----------------------------------------
Reports
Assembly Version: 1.0.0.0
Win32 Version: 1.0.0.0
CodeBase: file:///C:/Documents%20and%20Settings/Dz_Podsan/Ustawienia%20lokalne/Apps/2.0/1VHB4XKX.6BC/1O0JVDD0.W9G/gui...tion_be2d3f6015e2a9b3_0001.0000_a1d98ee49838fa48/Reports.DLL
----------------------------------------

************** JIT Debugging **************
To enable just-in-time (JIT) debugging, the .config file for this
application or computer (machine.config) must have the
jitDebugging value set in the system.windows.forms section.
The application must also be compiled with debugging
enabled.

For example:

<configuration>
<system.windows.forms jitDebugging="true" />
</configuration>

When JIT debugging is enabled, any unhandled exception
will be sent to the JIT debugger registered on the computer
rather than be handled by this dialog box.
 
mateo8898
  • mateo8898
  • Posty: 15377
  • Dołączenie: 15 Maj 2009, 14:55

Re: prosze o pomoc i podanie log

09 Lut 2010, 20:18

A co to ma wspólnego z tym działem?? Napisz w odpowiednim dziale i opisz dokładniej problem.
Wyślij odpowiedź
Switch to full style

Powered by phpBB © phpBB Group.

phpBB Mobile / SEO by Artodia.

Strona główna