Skocz do zawartości

amusz

Użytkownik
 Pokaż profil  Zobacz aktywność

  • Liczba zawartości

    8

  • Rejestracja

  • Ostatnia wizyta

 Typ zawartości 

Zawartość dodana przez amusz

  1. amusz
    Pamięci sprawdzałam, błędów brak. Wyjęłam jedną kość, tą Goodrama. Nowe sterowniki? Nie. Odświeżam.
  2. amusz
    Witam! Wyskoczył mi dziś niebieski ekran: Przeanalizowałam plik dump programem Debugging Tools, oto wynik: Microsoft (R) Windows Debugger Version 6.11.0001.404 X86Copyright (c) Microsoft Corporation. All rights reserved.Loading Dump File [C:\WINDOWS\Minidump\Mini052709-01.dmp]Mini Kernel Dump File: Only registers and stack trace are availableSymbol search path is: *** Invalid ******************************************************************************** Symbol loading may be unreliable without a symbol search path. ** Use .symfix to have the debugger choose a symbol path. ** After setting your symbol path, use .reload to refresh symbol locations. *****************************************************************************Executable search path is: ********************************************************************** Symbols can not be loaded because symbol path is not initialized. ** ** The Symbol Path can be set by: ** using the _NT_SYMBOL_PATH environment variable. ** using the -y <symbol_path> argument when starting the debugger. ** using .sympath and .sympath+ **********************************************************************Unable to load image ntoskrnl.exe, Win32 error 0n2*** WARNING: Unable to verify timestamp for ntoskrnl.exe*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exeWindows XP Kernel Version 2600 (Service Pack 2) MP (2 procs) Free x86 compatibleProduct: WinNt, suite: TerminalServer SingleUserTSMachine Name:Kernel base = 0x804d7000 PsLoadedModuleList = 0x8055c700Debug session time: Wed May 27 16:26:38.765 2009 (GMT+2)System Uptime: 0 days 0:00:43.453********************************************************************** Symbols can not be loaded because symbol path is not initialized. ** ** The Symbol Path can be set by: ** using the _NT_SYMBOL_PATH environment variable. ** using the -y <symbol_path> argument when starting the debugger. ** using .sympath and .sympath+ **********************************************************************Unable to load image ntoskrnl.exe, Win32 error 0n2*** WARNING: Unable to verify timestamp for ntoskrnl.exe*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exeLoading Kernel Symbols........................................................................................................................Loading User SymbolsLoading unloaded module list........................******************************************************************************** ** Bugcheck Analysis ** ********************************************************************************Use !analyze -v to get detailed debugging information.BugCheck 10000050, {bad0b148, 0, 805b9e19, 2}***** Kernel symbols are WRONG. Please fix symbols to do analysis.**************************************************************************** ****** ****** Your debugger is not using the correct symbols ****** ****** In order for this command to work properly, your symbol path ****** must point to .pdb files that have full type information. ****** ****** Certain .pdb files (such as the public OS symbols) do not ****** contain the required information. Contact the group that ****** provided you with these symbols if you need this command to ****** work. ****** ****** Type referenced: nt!_KPRCB ****** ******************************************************************************************************************************************************** ****** ****** Your debugger is not using the correct symbols ****** ****** In order for this command to work properly, your symbol path ****** must point to .pdb files that have full type information. ****** ****** Certain .pdb files (such as the public OS symbols) do not ****** contain the required information. Contact the group that ****** provided you with these symbols if you need this command to ****** work. ****** ****** Type referenced: nt!KPRCB ****** ******************************************************************************************************************************************************** ****** ****** Your debugger is not using the correct symbols ****** ****** In order for this command to work properly, your symbol path ****** must point to .pdb files that have full type information. ****** ****** Certain .pdb files (such as the public OS symbols) do not ****** contain the required information. Contact the group that ****** provided you with these symbols if you need this command to ****** work. ****** ****** Type referenced: nt!_KPRCB ****** ******************************************************************************************************************************************************** ****** ****** Your debugger is not using the correct symbols ****** ****** In order for this command to work properly, your symbol path ****** must point to .pdb files that have full type information. ****** ****** Certain .pdb files (such as the public OS symbols) do not ****** contain the required information. Contact the group that ****** provided you with these symbols if you need this command to ****** work. ****** ****** Type referenced: nt!KPRCB ****** ******************************************************************************************************************************************************** ****** ****** Your debugger is not using the correct symbols ****** ****** In order for this command to work properly, your symbol path ****** must point to .pdb files that have full type information. ****** ****** Certain .pdb files (such as the public OS symbols) do not ****** contain the required information. Contact the group that ****** provided you with these symbols if you need this command to ****** work. ****** ****** Type referenced: nt!_KPRCB ****** ******************************************************************************************************************************************************** ****** ****** Your debugger is not using the correct symbols ****** ****** In order for this command to work properly, your symbol path ****** must point to .pdb files that have full type information. ****** ****** Certain .pdb files (such as the public OS symbols) do not ****** contain the required information. Contact the group that ****** provided you with these symbols if you need this command to ****** work. ****** ****** Type referenced: nt!_KPRCB ****** ******************************************************************************************************************************************************** ****** ****** Your debugger is not using the correct symbols ****** ****** In order for this command to work properly, your symbol path ****** must point to .pdb files that have full type information. ****** ****** Certain .pdb files (such as the public OS symbols) do not ****** contain the required information. Contact the group that ****** provided you with these symbols if you need this command to ****** work. ****** ****** Type referenced: nt!_KPRCB ****** ************************************************************************************************************************************************** Symbols can not be loaded because symbol path is not initialized. ** ** The Symbol Path can be set by: ** using the _NT_SYMBOL_PATH environment variable. ** using the -y <symbol_path> argument when starting the debugger. ** using .sympath and .sympath+ ******************************************************************************************************************************************** Symbols can not be loaded because symbol path is not initialized. ** ** The Symbol Path can be set by: ** using the _NT_SYMBOL_PATH environment variable. ** using the -y <symbol_path> argument when starting the debugger. ** using .sympath and .sympath+ **********************************************************************Probably caused by : ntoskrnl.exe ( nt+e2e19 )Followup: MachineOwner--------- + zrzut z dziennika zdarzeń, może się przyda: Konfig komputera: Mobo: MSI P45 Neo3-FR Procesor: Intel Core 2 Duo E8400 3.0@3.1 GHz Pamięci: 2Gb Corsair TwinX XMS2,DDR2 PC2-6400 (800) + GoodRam 1GB 800MHz DDR 2 CL6 Grafa: ATI Radeon HD 4830 GDDR3 Dyski: WD Caviar 250GB + WD Caviar 80GB Zasilacz: Chieftec GPS 450W Monitor: SyncMaster 757DFX Proszę serdecznie o pomoc :)
  3. amusz
    Zwolnił mi internet, komputer czasem się zacina. Nigdy tak nie miałam. Podłączyłam zainfekowanego pendrive, może coś przeniósł. Poza tym ktoś używał mojego komputera i nie włączył ani antywirusa ani firewalla.
  4. amusz
    ComboFix 09-04-01.01 - User 2009-04-03 23:52:45.2 - NTFSx86Microsoft Windows XP Professional 5.1.2600.3.1250.1.1045.18.2047.1393 [GMT 2:00]Uruchomiony z: c:\documents and settings\User\Pulpit\ComboFix.exe* Utworzono nowy punkt przywracania* Resident AV is activeUWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !!.((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))).c:\windows\system32\pthreadGC2.dll.((((((((((((((((((((((((( Pliki utworzone od 2009-03-03 do 2009-04-03 ))))))))))))))))))))))))))))))).2009-04-02 01:01 . 2009-04-02 01:01 <DIR> d-------- C:\Archivos de programa2009-04-02 01:01 . 2008-01-07 14:29 352 --ah----- c:\windows\nod32fixtemdono.reg2009-04-02 00:28 . 2009-04-02 00:28 <DIR> d-------- c:\documents and settings\User\Dane aplikacji\ESET2009-04-01 21:36 . 2009-04-01 21:36 <DIR> d-------- c:\documents and settings\User\Dane aplikacji\Jetico Personal Firewall2009-04-01 19:04 . 2009-04-01 19:04 <DIR> d--h----- c:\windows\$hf_mig$2009-04-01 19:04 . 2008-10-26 14:21 1,846,656 --------- c:\windows\system32\dllcache\win32k.sys2009-04-01 18:06 . 2009-04-01 18:06 23,600 --a------ c:\windows\system32\drivers\TVICHW32.SYS2009-04-01 17:56 . 2009-04-01 17:57 <DIR> d-------- c:\program files\Debugging Tools for Windows (x86)2009-03-31 16:41 . 2009-03-31 16:48 <DIR> d-------- c:\program files\ATITool2009-03-30 13:36 . 2008-04-15 01:04 105,628 --a------ c:\windows\system32\dllcache\tabletpc.cat2009-03-30 13:36 . 2008-04-15 00:56 12,363 --a------ c:\windows\system32\dllcache\MSMSGS.CAT2009-03-30 13:31 . 2009-04-02 00:30 <DIR> d-------- c:\program files\ESET2009-03-29 22:18 . 2009-03-29 23:57 <DIR> d--hs---- C:\RECYCLER(2)2009-03-29 12:52 . 2009-03-29 12:52 <DIR> d-------- c:\program files\Sunbelt Software2009-03-29 03:43 . 2009-03-29 03:43 29 --a------ c:\windows\Image Component2009-03-29 03:28 . 2009-03-29 03:43 <DIR> d-------- c:\program files\iFoxSoft2009-03-29 03:18 . 2009-03-29 03:18 <DIR> d-------- c:\program files\IrfanView2009-03-28 14:19 . 2009-03-28 14:19 <DIR> d-------- c:\program files\AC3Filter2009-03-28 14:19 . 2008-07-09 10:05 421,888 --a------ c:\windows\system32\ac3filter.acm2009-03-28 14:18 . 2009-03-28 14:19 <DIR> d-------- c:\program files\K-Lite Codec Pack2009-03-28 14:18 . 2008-11-06 18:37 3,596,288 --a------ c:\windows\system32\qt-dx331.dll2009-03-28 14:18 . 2008-09-24 20:41 839,680 --a------ c:\windows\system32\lameACM.acm2009-03-28 14:18 . 2008-12-07 20:08 795,648 --a------ c:\windows\system32\xvidcore.dll2009-03-28 14:18 . 2008-11-06 18:33 684,032 --a------ c:\windows\system32\divx.dll2009-03-28 14:18 . 2004-01-25 18:18 217,088 --a------ c:\windows\system32\yv12vfw.dll2009-03-28 14:18 . 2008-09-16 21:23 168,448 --a------ c:\windows\system32\unrar.dll2009-03-28 14:18 . 2008-12-07 20:08 130,048 --a------ c:\windows\system32\xvidvfw.dll2009-03-28 14:18 . 2007-09-21 02:52 118,784 --a------ c:\windows\system32\ac3acm.acm2009-03-28 14:18 . 2008-12-11 02:33 86,016 --a------ c:\windows\system32\dpl100.dll2009-03-28 14:18 . 2009-03-02 20:10 67,584 --a------ c:\windows\system32\ff_vfw.dll2009-03-28 14:18 . 2007-07-10 18:10 547 --a------ c:\windows\system32\ff_vfw.dll.manifest2009-03-28 14:18 . 2008-10-03 14:30 414 --a------ c:\windows\system32\lame_acm.xml2009-03-28 00:52 . 2009-03-28 00:52 <DIR> d-------- c:\program files\LSoft Technologies Inc2009-03-28 00:52 . 2009-03-31 21:06 <DIR> d-a------ c:\documents and settings\All Users\Dane aplikacji\TEMP2009-03-28 00:46 . 2009-03-28 00:46 <DIR> d-------- c:\documents and settings\User\Dane aplikacji\FreshDiagnose2009-03-27 17:31 . 2009-03-27 17:37 <DIR> d-------- c:\program files\ALLPlayer2009-03-27 15:05 . 2009-03-27 17:30 <DIR> d-------- c:\program files\QuickTime Alternative2009-03-27 15:05 . 2009-03-27 17:30 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\Apple Computer2009-03-27 14:35 . 2009-03-27 14:35 <DIR> d-------- c:\windows\system32\xircom2009-03-27 14:35 . 2009-03-27 14:35 <DIR> d-------- c:\windows\system32\oobe2009-03-27 14:35 . 2009-03-27 14:35 <DIR> d-------- c:\windows\srchasst2009-03-27 14:35 . 2009-03-27 14:35 <DIR> d-------- c:\windows\msagent2009-03-27 14:35 . 2009-03-27 14:35 <DIR> d-------- c:\program files\microsoft frontpage2009-03-26 16:50 . 2009-03-26 16:50 <DIR> d-------- c:\documents and settings\User\Dane aplikacji\Lost Marble2009-03-26 16:36 . 2009-03-26 16:36 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware2009-03-26 16:36 . 2009-03-26 16:36 <DIR> d-------- c:\documents and settings\User\Dane aplikacji\Malwarebytes2009-03-26 16:36 . 2009-03-26 16:36 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\Malwarebytes2009-03-26 16:36 . 2009-02-11 11:19 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys2009-03-26 16:36 . 2009-02-11 11:19 15,504 --a------ c:\windows\system32\drivers\mbam.sys2009-03-25 15:14 . 2009-03-25 15:14 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\ATI2009-03-25 15:12 . 2009-03-25 16:49 <DIR> d-------- c:\program files\ATI2009-03-25 15:11 . 2009-02-25 16:15 593,920 --------- c:\windows\system32\ati2sgag.exe2009-03-25 15:10 . 2009-03-25 15:10 <DIR> d-------- C:\ATI2009-03-25 14:44 . 2004-05-15 05:27 15,195 --a------ c:\windows\system32\delrad.exe2009-03-25 14:29 . 2009-03-25 14:49 <DIR> d-------- c:\program files\Driver Cleaner2009-03-21 22:52 . 2009-03-21 22:52 <DIR> d-------- c:\documents and settings\User\Dane aplikacji\Ubisoft2009-03-20 16:19 . 2009-03-20 16:19 165 --a------ c:\windows\system32\drivers\fwdrv.err2009-03-18 00:26 . 2009-03-18 00:26 <DIR> d-------- c:\documents and settings\User\WINDOWS2009-03-17 23:04 . 2009-03-17 23:04 <DIR> d-------- c:\documents and settings\User\Dane aplikacji\DAEMON Tools2009-03-08 15:30 . 2009-03-08 15:30 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\POP3Profiles2009-03-08 01:04 . 2003-10-15 21:53 193,536 --a------ c:\program files\RefreshLock.exe2009-03-08 01:02 . 2009-03-08 01:03 350 --a------ c:\windows\RefreshLock.ini2009-03-07 23:58 . 2009-03-07 23:58 126,976 --a------ c:\windows\War3Unin.exe2009-03-07 23:58 . 2009-03-07 23:58 13,873 --a------ c:\windows\War3Unin.dat2009-03-07 23:58 . 2009-03-07 23:58 2,829 --a------ c:\windows\War3Unin.pif2009-03-07 20:46 . 2009-03-07 20:47 <DIR> d-------- c:\program files\NAPI-PROJEKT2009-03-07 16:14 . 2009-03-07 16:14 <DIR> d-------- c:\documents and settings\User\Dane aplikacji\Ashampoo2009-03-06 02:58 . 2009-03-06 02:58 <DIR> d-------- c:\documents and settings\User\Dane aplikacji\ATI2009-03-06 02:57 . 2009-03-25 15:12 <DIR> d-------- c:\program files\ATI Technologies2009-03-04 22:36 . 2009-03-04 22:36 <DIR> d-------- c:\program files\Innovative Solutions2009-03-03 18:41 . 2008-07-12 09:18 3,851,784 --a------ c:\windows\system32\D3DX9_39.dll2009-03-03 18:41 . 2008-07-12 09:18 1,493,528 --a------ c:\windows\system32\D3DCompiler_39.dll2009-03-03 18:41 . 2008-07-31 11:40 509,448 --a------ c:\windows\system32\XAudio2_2.dll2009-03-03 18:41 . 2008-07-12 09:18 467,984 --a------ c:\windows\system32\d3dx10_39.dll2009-03-03 18:41 . 2008-07-31 11:41 238,088 --a------ c:\windows\system32\xactengine3_2.dll2009-03-03 18:41 . 2008-07-31 11:41 68,616 --a------ c:\windows\system32\XAPOFX1_1.dll2009-03-03 18:40 . 2009-03-11 18:37 <DIR> d-------- c:\windows\Logs2009-03-03 18:16 . 2009-03-03 18:16 <DIR> d-------- c:\documents and settings\User\Dane aplikacji\EFSoftware.(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))).2009-04-03 20:03 --------- d-----w c:\program files\SpeedFan2009-04-01 22:59 --------- d-----w c:\documents and settings\User\Dane aplikacji\uTorrent2009-04-01 22:25 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\ESET2009-03-31 20:24 --------- d-----w c:\documents and settings\User\Dane aplikacji\Tlen.pl2009-03-29 01:42 --------- d--h--w c:\program files\InstallShield Installation Information2009-03-27 15:16 --------- d-----w c:\program files\Last.fm2009-03-27 11:49 --------- d-----w c:\documents and settings\User\Dane aplikacji\Skype2009-03-27 11:40 --------- d-----w c:\documents and settings\User\Dane aplikacji\skypePM2009-03-20 20:27 --------- d-----w c:\program files\Winamp2009-03-20 20:26 --------- d-----w c:\documents and settings\User\Dane aplikacji\Winamp2009-03-17 21:04 716,272 ----a-w c:\windows\system32\drivers\sptd.sys2009-03-07 22:19 --------- d-----w c:\program files\Unlocker2009-03-01 22:00 --------- d-----w c:\program files\Allok MOV Converter2009-03-01 21:04 --------- d-----w c:\program files\SystemRequirementsLab2009-03-01 21:01 410,984 ----a-w c:\windows\system32\deploytk.dll2009-03-01 21:01 --------- d-----w c:\program files\Java2009-03-01 16:43 --------- d-----w c:\program files\SubEdit-Player2009-03-01 14:06 --------- d-----w c:\documents and settings\User\Dane aplikacji\fretsonfire2009-02-28 20:58 --------- d-----w c:\program files\FirefoxPreloader2009-02-28 00:47 --------- d-----w c:\program files\Starter2009-02-27 23:10 --------- d-----w c:\program files\FastStone Capture2009-02-27 23:10 --------- d-----w c:\documents and settings\User\Dane aplikacji\FastStone2009-02-27 20:56 --------- d-----w c:\program files\Common Files\Skype2009-02-27 20:56 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Skype2009-02-27 20:56 --------- d-----r c:\program files\Skype2009-02-26 23:07 --------- d-----w c:\program files\cpuz_1502009-02-26 19:27 --------- d-----w c:\program files\A4Tech2009-02-26 17:43 --------- d-----w c:\program files\Common Files\Ahead2009-02-26 17:43 --------- d-----w c:\program files\Ahead2009-02-26 17:25 --------- d-----w c:\program files\Tlen.pl2009-02-26 17:23 --------- d-----w c:\program files\uTorrent2009-02-26 16:12 --------- d-----w c:\documents and settings\User\Dane aplikacji\Gadu-Gadu2009-02-26 16:11 --------- d-----w c:\program files\Gadu-Gadu2009-02-26 16:09 --------- d-----w c:\program files\Google2009-02-26 16:08 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Last.fm2009-02-26 15:32 --------- d-----w c:\program files\Microsoft.NET2009-02-26 15:22 --------- d-----w c:\program files\Alcohol Soft2009-02-26 15:18 --------- d-----w c:\program files\CCleaner2009-02-26 14:36 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Tlen.pl2009-02-26 01:19 --------- d-----w c:\program files\Setup Files2009-02-26 01:14 --------- d-----w c:\program files\Common Files\InstallShield2009-02-26 00:55 --------- d-----w c:\program files\MSI2009-02-26 00:34 --------- d-----w c:\program files\Intel2009-02-26 00:28 --------- d-----w c:\program files\Usługi online2009-02-26 00:26 --------- d-----w c:\program files\Windows Media Connect 22009-02-25 22:58 3,565,568 ----a-w c:\windows\system32\drivers\ati2mtag.sys2009-02-25 21:42 442,368 ----a-w c:\windows\system32\ATIDEMGX.dll2009-02-25 21:41 325,120 ----a-w c:\windows\system32\ati2dvag.dll2009-02-25 21:30 204,800 ----a-w c:\windows\system32\atipdlxx.dll2009-02-25 21:30 11,841,536 ----a-w c:\windows\system32\atioglxx.dll2009-02-25 21:29 43,520 ----a-w c:\windows\system32\ati2edxx.dll2009-02-25 21:29 26,112 ----a-w c:\windows\system32\Ati2mdxx.exe2009-02-25 21:29 155,648 ----a-w c:\windows\system32\Oemdspif.dll2009-02-25 21:29 155,648 ----a-w c:\windows\system32\ati2evxx.dll2009-02-25 21:27 602,112 ----a-w c:\windows\system32\ati2evxx.exe2009-02-25 21:26 53,248 ----a-w c:\windows\system32\ATIDDC.DLL2009-02-25 21:16 3,817,984 ----a-w c:\windows\system32\ati3duag.dll2009-02-25 21:09 307,200 ----a-w c:\windows\system32\atiiiexx.dll2009-02-25 21:06 356,352 ----a-w c:\windows\eSellerateEngine.dll2009-02-25 21:06 --------- d-----w c:\program files\QO Labs2009-02-25 21:01 --------- d-----w c:\documents and settings\User\Dane aplikacji\Media Player Classic2009-02-25 20:59 2,670,080 ----a-w c:\windows\system32\ativvaxx.dll2009-02-25 20:44 49,664 ----a-w c:\windows\system32\amdpcom32.dll2009-02-25 20:40 475,136 ----a-w c:\windows\system32\atikvmag.dll2009-02-25 20:38 17,408 ----a-w c:\windows\system32\atitvo32.dll2009-02-25 20:38 126,976 ----a-w c:\windows\system32\atiadlxx.dll2009-02-25 20:37 53,248 ----a-w c:\windows\system32\drivers\ati2erec.dll2009-02-25 20:35 290,816 ----a-w c:\windows\system32\atiok3x2.dll2009-02-25 20:32 626,688 ----a-w c:\windows\system32\ati2cqag.dll2009-02-25 20:32 45,056 ----a-w c:\windows\system32\aticalrt.dll2009-02-25 20:32 45,056 ----a-w c:\windows\system32\aticalcl.dll2009-02-25 20:30 3,227,648 ----a-w c:\windows\system32\aticaldd.dll2009-02-25 20:15 --------- d-----w c:\program files\Common Files\LogiShrd2009-02-25 20:07 --------- d-----w c:\program files\Realtek2009-02-25 20:06 --------- d-----w c:\documents and settings\User\Dane aplikacji\InstallShield2009-02-25 19:46 --------- d-----w c:\program files\Lavalys2009-02-25 19:35 --------- d-----w c:\documents and settings\User\Dane aplikacji\HP2009-02-25 19:30 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\WEBREG2009-02-25 19:28 --------- d-----w c:\program files\HP2009-02-25 19:28 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\HP Product Assistant2009-02-25 19:28 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\HP2009-02-25 19:27 --------- d-----w c:\program files\Common Files\HP2009-02-25 19:24 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Hewlett-Packard2009-02-25 18:54 138,240 ----a-w c:\windows\system32\drivers\hdaudbus.sys2009-01-05 15:16 34,816 ----a-w c:\windows\system32\RtkCoInstXP.dll2008-07-19 00:28 113,664 ----a-w c:\windows\inf\hdaudio.sys.------- Sigcheck -------2007-07-11 07:06 642560 ce594e18fe0d0af804f1f3694921ce62 c:\windows\system32\user32.dll2008-06-16 15:28 361344 030dc4d48cc2b894fee2f390d8e66ad5 c:\windows\system32\drivers\tcpip.sys2008-06-16 15:28 549888 335813eacd16e84f3047a3326f6e5473 c:\windows\system32\winlogon.exe2008-07-19 02:33 2032128 2bc05e243b86aa8e569ee3c5d8b3c424 c:\windows\system32\ntkrnlpa.exe2008-07-07 11:44 2153472 04404b7f25984558ad3390bf84c4eb95 c:\windows\system32\ntoskrnl.exe2008-06-27 17:36 1424896 4ec7ed41d95d18b3cd1a2bd9dfefb591 c:\windows\explorer.exe.((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))..*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="c:\program files\Google\Gmail Notifier\gnotify.exe" [2005-07-15 479232]"iKeyWorks"="c:\progra~1\A4Tech\Keyboard\Ikeymain.exe" [2006-09-07 65536]"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2008-10-24 1451264]c:\documents and settings\All Users\Menu Start\Programy\Autostart\Firefox Preloader.lnk - c:\program files\FirefoxPreloader\FirefoxPreloader.exe [2009-02-28 98304][HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"DisableStatusMessages"= 1 (0x1)[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]"NoSMMyPictures"= 1 (0x1)"NoSMConfigurePrograms"= 1 (0x1)"NoResolveTrack"= 1 (0x1)[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]"NoSMHelp"= 1 (0x1)"NoSMMyPictures"= 1 (0x1)"NoSMConfigurePrograms"= 1 (0x1)"NoResolveTrack"= 1 (0x1)[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]"msacm.ac3filter"= ac3filter.acm[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSConfig]--a------ 2008-06-16 15:28 196096 c:\windows\system32\msconfig.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]--a------ 2009-02-25 16:38 61440 c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]-r------- 2005-05-03 12:43 69632 c:\windows\Alcmtr.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]-r------- 2008-02-13 08:31 16857600 c:\windows\RTHDCPL.exe[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]"EnableFirewall"= 0 (0x0)[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\system32\\sessmgr.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="c:\\Program Files\\uTorrent\\uTorrent.exe"="e:\\Prince of Persia\\Prince of Persia.exe"="e:\\Prince of Persia\\PrinceOfPersia_Launcher.exe"="c:\\Program Files\\Skype\\Phone\\Skype.exe"="c:\\Program Files\\Tlen.pl\\tlen.exe"=[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]"AllowInboundEchoRequest"= 1 (0x1)R2 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2008-10-24 468224]R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2009-03-26 179856]R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2009-03-26 15504]S1 atitray;atitray;\??\c:\program files\Radeon Omega Drivers\v4.8.442\ATI Tray Tools\atitray.sys --> c:\program files\Radeon Omega Drivers\v4.8.442\ATI Tray Tools\atitray.sys [?]S3 DualCoreCenter;DualCoreCenter;c:\program files\MSI\DualCoreCenter\NTGLM7X.sys [2009-02-26 28160]S3 FLASHSYS;FLASHSYS;c:\program files\MSI\DualCoreCenter\FlashSys.sys [2009-02-26 9216]S3 RushTopDevice2;RushTopDevice2;c:\program files\MSI\DualCoreCenter\RushTop.sys [2009-02-26 56320][HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc..------- Skan uzupełniający -------.uStart Page = about:blankIE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000FF - ProfilePath - c:\documents and settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\fwkqs88f.default\FF - prefs.js: browser.startup.homepage -FF - component: c:\documents and settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\fwkqs88f.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\components\ipc.dllFF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll.**************************************************************************catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2009-04-03 23:53:29Windows 5.1.2600 Dodatek Service Pack 3 NTFSskanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ...skanowanie ukrytych plików ... skanowanie pomyślnie ukończoneukryte pliki: 0**************************************************************************.--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------- - - - - - - > 'winlogon.exe'(988)c:\windows\system32\sfc_os.dllc:\windows\system32\Ati2evxx.dllc:\windows\system32\cscui.dllc:\windows\system32\COMRes.dll- - - - - - - > 'lsass.exe'(1044)c:\windows\system32\scecli.dll.Czas ukończenia: 2009-04-03 23:54:05ComboFix-quarantined-files.txt 2009-04-03 21:54:00Przed: 5 831 073 792 bajtów wolnychPo: 6,032,998,400 bajtów wolnych282
×
×
  • Dodaj nową pozycję...