
@Combo:
- Kod: Zaznacz wszystko
ComboFix 08-08-07.05 - Asia 2008-08-08 12:33:00.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.234 [GMT 2:00]
Running from: C:\Documents and Settings\Asia\Pulpit\ComboFix.exe
* Created a new restore point
[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]
.
((((((((((((((((((((((((( Files Created from 2008-07-08 to 2008-08-08 )))))))))))))))))))))))))))))))
.
2008-08-07 20:34 . 2008-08-07 20:34 <DIR> d-------- C:\Program Files\Winamp Toolbar
2008-08-07 20:34 . 2008-08-07 20:34 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar
2008-08-07 13:32 . 2008-08-07 13:32 <DIR> d-------- C:\Program Files\DAEMON Tools Lite
2008-08-07 13:29 . 2008-08-07 13:29 <DIR> d-------- C:\Documents and Settings\Marcin\Dane aplikacji\DAEMON Tools
2008-08-07 13:29 . 2008-08-07 13:29 717,296 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-08-07 13:21 . 2008-08-07 13:21 <DIR> d-------- C:\Documents and Settings\Marcin\Dane aplikacji\ATI
2008-08-07 00:02 . 2008-08-07 00:02 4,096 --a------ C:\WINDOWS\system32\crash
2008-08-06 23:01 . 2008-08-06 23:01 <DIR> d-------- C:\Documents and Settings\Asia\Dane aplikacji\ATI
2008-08-06 22:34 . 2008-08-06 22:35 <DIR> d-------- C:\WINDOWS\system32\URTTemp
2008-08-06 22:31 . 2004-09-29 07:15 516,096 --------- C:\WINDOWS\system32\ati2sgag.exe
2008-08-06 22:31 . 2004-09-29 04:58 294,912 -ra------ C:\WINDOWS\system32\atiiiexx.dll
2008-08-06 22:30 . 2008-08-06 22:37 <DIR> d-------- C:\Program Files\ATI Technologies
2008-08-06 22:30 . 2004-09-29 04:32 163,840 -ra------ C:\WINDOWS\system32\ATIDEMGR.dll
2008-08-06 22:30 . 2004-09-27 08:38 10,055 -ra------ C:\WINDOWS\system32\atifglpf.xml
2008-08-06 22:11 . 2008-08-06 22:11 294 --a------ C:\WINDOWS\system\cmicnfg.ini
2008-08-05 20:50 . 2000-09-02 01:21 159,744 --a------ C:\WINDOWS\system32\DartSock.dll
2008-08-05 20:50 . 2000-08-30 14:14 106,496 --a------ C:\WINDOWS\system32\DartWeb.dll
2008-08-05 20:50 . 2000-10-23 12:33 100,864 --a------ C:\WINDOWS\system32\eJ_Explorer.ocx
2008-08-05 20:50 . 2001-04-01 18:16 45,056 --a------ C:\WINDOWS\system32\fader.dll
2008-08-05 20:30 . 2008-08-05 20:40 1,476 --a------ C:\WINDOWS\unins000.dat
2008-08-05 00:14 . 2008-08-05 00:15 95 --a------ C:\WINDOWS\eJay_se.inf
2008-08-05 00:13 . 1997-07-19 18:15 129,808 --------- C:\WINDOWS\system32\COMDLG32.ocx
2008-08-04 22:51 . 2008-08-04 22:51 16,368 --a------ C:\Documents and Settings\Asia\Dane aplikacji\GDIPFONTCACHEV1.DAT
2008-08-03 14:33 . 2008-08-03 14:33 0 --a------ C:\WINDOWS\ativpsrm.bin
2008-07-30 22:02 . 2008-08-04 13:18 <DIR> d-------- C:\WINDOWS\system32\Adobe
2008-07-30 22:02 . 2008-06-17 15:14 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll
2008-07-30 00:05 . 2008-08-07 20:14 20 --a------ C:\WINDOWS\naglos.INI
2008-07-29 23:28 . 2008-08-08 12:19 <DIR> d-------- C:\Documents and Settings\Asia\Dane aplikacji\skypePM
2008-07-29 23:28 . 2008-07-29 23:28 56 --ah----- C:\WINDOWS\system32\ezsidmv.dat
2008-07-29 23:27 . 2008-08-08 12:39 <DIR> d-------- C:\Documents and Settings\Asia\Dane aplikacji\Skype
2008-07-29 23:26 . 2008-07-29 23:26 <DIR> d-------- C:\Program Files\Skype
2008-07-29 23:26 . 2008-07-29 23:26 <DIR> d-------- C:\Program Files\Common Files\Skype
2008-07-29 23:26 . 2008-07-29 23:26 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Skype
2008-07-29 12:00 . 2008-07-29 12:06 <DIR> d-------- C:\Documents and Settings\Asia\Dane aplikacji\Tibia
2008-07-29 02:53 . 2008-07-29 02:53 118 --a------ C:\WINDOWS\ka.ini
2008-07-29 02:51 . 2008-07-29 02:51 <DIR> d-------- C:\Program Files\Common Files\Vivendi Universal Games
2008-07-29 02:51 . 2008-07-29 02:54 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Vivendi Universal Games
2008-07-28 22:20 . 2008-08-08 12:22 <DIR> d-------- C:\Program Files\McDonaldsFairies
2008-07-28 22:19 . 2008-07-28 22:19 <DIR> d--hs---- C:\WINDOWS\ftpcache
2008-07-27 20:55 . 2008-07-27 21:00 <DIR> d-------- C:\Documents and Settings\Marcin\Dane aplikacji\Tibia
2008-07-27 14:08 . 2008-08-06 22:23 10 --a------ C:\WINDOWS\WININIT.INI
2008-07-27 13:32 . 2008-07-27 13:32 <DIR> d-------- C:\ATI
2008-07-27 13:28 . 2004-08-03 23:08 26,496 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys
2008-07-27 11:49 . 2008-07-27 11:49 <DIR> d-------- C:\Program Files\WinISO
2008-07-27 11:39 . 2008-07-27 11:39 427 --a------ C:\WINDOWS\ODBC.INI
2008-07-27 11:38 . 2008-07-27 11:38 <DIR> d-------- C:\WINDOWS\ShellNew
2008-07-27 10:53 . 2008-08-08 12:25 <DIR> d-------- C:\Program Files\Winamp
2008-07-27 10:33 . 2008-07-27 10:33 <DIR> d-------- C:\Documents and Settings\Asia\Dane aplikacji\Talkback
2008-07-27 10:31 . 2008-07-27 10:31 0 --a------ C:\WINDOWS\nsreg.dat
2008-07-27 10:18 . 2008-07-27 10:18 <DIR> d-------- C:\Program Files\PhotoFiltre
2008-07-27 10:09 . 2007-09-04 17:56 164,352 --a------ C:\WINDOWS\system32\unrar.dll
2008-07-27 10:07 . 2008-07-27 10:08 <DIR> d-------- C:\Program Files\K-Lite Codec Pack
2008-07-27 10:07 . 2004-01-11 23:00 348,160 --a------ C:\WINDOWS\system32\msvcr71.dll
2008-07-27 10:04 . 2008-08-06 22:56 <DIR> d-------- C:\Program Files\NAPI-PROJEKT
2008-07-27 10:03 . 2008-07-27 10:03 <DIR> d-------- C:\Program Files\MarBit
2008-07-27 09:56 . 2004-08-04 00:44 130,048 --a------ C:\WINDOWS\system32\ksproxy.ax
2008-07-27 09:56 . 2004-08-04 00:44 130,048 --a--c--- C:\WINDOWS\system32\dllcache\ksproxy.ax
2008-07-27 09:56 . 2004-08-03 23:08 60,288 --a------ C:\WINDOWS\system32\drivers\drmk.sys
2008-07-27 09:56 . 2004-08-03 23:08 60,288 --a--c--- C:\WINDOWS\system32\dllcache\drmk.sys
2008-07-27 09:56 . 2004-08-04 00:44 4,096 --a------ C:\WINDOWS\system32\ksuser.dll
2008-07-27 09:56 . 2004-08-04 00:44 4,096 --a--c--- C:\WINDOWS\system32\dllcache\ksuser.dll
2008-07-27 09:44 . 2008-07-27 09:45 <DIR> d-------- C:\Program Files\Gadu-Gadu
2008-07-26 22:07 . 2008-07-26 22:07 <DIR> d---s---- C:\Documents and Settings\Asia\UserData
2008-07-26 21:20 . 2008-07-27 14:44 <DIR> d-------- C:\Documents and Settings\Asia\Gadu-Gadu
2008-07-26 19:19 . 2008-08-08 12:34 <DIR> d--h----- C:\Documents and Settings\Marcin\Ustawienia lokalne
2008-07-26 19:19 . 2008-07-26 19:20 <DIR> dr------- C:\Documents and Settings\Marcin\Ulubione
2008-07-26 19:19 . 2008-07-26 15:29 <DIR> d--h----- C:\Documents and Settings\Marcin\Szablony
2008-07-26 19:19 . 2008-08-07 13:56 <DIR> d-------- C:\Documents and Settings\Marcin\Pulpit
2008-07-26 19:19 . 2008-08-07 13:43 <DIR> dr------- C:\Documents and Settings\Marcin\Moje dokumenty
2008-07-26 19:19 . 2008-07-26 17:19 <DIR> dr------- C:\Documents and Settings\Marcin\Menu Start
2008-07-26 19:19 . 2008-08-07 13:21 <DIR> dr-h----- C:\Documents and Settings\Marcin\Dane aplikacji
2008-07-26 19:19 . 2008-08-07 13:59 <DIR> d-------- C:\Documents and Settings\Marcin
2008-07-26 18:20 . 1998-01-23 14:15 304,640 --a------ C:\WINDOWS\IsUn0415.exe
2008-07-26 18:19 . 2008-07-26 18:19 <DIR> d-------- C:\Documents and Settings\Asia\WINDOWS
2008-07-26 18:10 . 2008-07-26 18:10 <DIR> d-------- C:\Program Files\SAGEM WiFi manager
2008-07-26 18:10 . 2008-07-26 18:10 <DIR> d-------- C:\Program Files\SAGEM
2008-07-26 18:10 . 2005-07-13 16:38 81,920 --a------ C:\WINDOWS\system32\ZDPN50.dll
2008-07-26 18:10 . 2005-07-13 16:38 17,151 --a------ C:\WINDOWS\system32\ZDPNDIS5.sys
2008-07-26 18:08 . 2005-07-13 16:37 260,608 --a------ C:\WINDOWS\system32\drivers\WlanUZXP.sys
2008-07-26 16:52 . 2008-08-06 22:32 <DIR> d--h----- C:\Program Files\InstallShield Installation Information
2008-07-26 16:52 . 2005-06-17 10:26 114,688 --a------ C:\WINDOWS\system32\WLANUTL.dll
2008-07-26 16:52 . 2005-06-17 10:26 61,440 --a------ C:\WINDOWS\system32\W32N50.dll
2008-07-26 16:48 . 2008-07-26 16:48 <DIR> d-------- C:\Program Files\DirectX
2008-07-26 16:38 . 2008-08-06 20:11 96,976 --a------ C:\WINDOWS\system32\drivers\klin.dat
2008-07-26 16:38 . 2008-07-26 17:41 87,855 --a------ C:\WINDOWS\system32\drivers\klick.dat
2008-07-26 16:37 . 2008-07-26 16:37 <DIR> d-------- C:\Program Files\Kaspersky Lab
2008-07-26 16:37 . 2008-08-08 12:38 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab
2008-07-26 16:37 . 2008-08-08 12:37 2,472,992 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-07-26 16:37 . 2008-08-08 12:35 229,408 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2008-07-26 16:37 . 2008-08-08 12:37 22,496 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2008-07-26 16:37 . 2008-08-08 12:35 3,960 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.idx
2008-07-26 16:32 . 2008-07-26 16:32 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-06 20:36 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-07-26 15:46 11,376 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2008-07-26 15:11 472,576 ----a-w C:\WINDOWS\Radeon Omega Drivers v4.8.442 Uninstall.exe
2008-07-26 13:33 --------- d-----w C:\Program Files\microsoft frontpage
2008-07-26 13:32 --------- d-----w C:\Program Files\Usługi online
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "C:\Program Files\Winamp Toolbar\winamptb.dll" [2008-07-16 22:51 1266992]
[HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2007-01-30 16:58 1716224]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-06-03 15:08 21718312]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-08-04 00:55 1667584]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2008-04-25 18:21 201992]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:44 15360]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2004-09-29 10:37 28672]
C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\
SAGEM Wi-Fi 11g USB adapter LAN Utility.lnk - C:\Program Files\SAGEM WiFi manager\WLANUTL.exe [2008-07-26 18:10:51 835584]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.YV12"= yv12vfw.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^ATI CATALYST System Tray.lnk]
path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\ATI CATALYST System Tray.lnk
backup=C:\WINDOWS\pss\ATI CATALYST System Tray.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
--a------ 2004-09-29 10:37 28672 C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtiPTA]
--a------ 2004-09-29 07:15 344064 C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\Gadu-Gadu\\gg.exe"=
"C:\\WINDOWS\\system32\\sessmgr.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
R0 klbg;Kaspersky Lab Boot Guard Driver;C:\WINDOWS\system32\drivers\klbg.sys [2008-01-29 18:29]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;C:\WINDOWS\system32\DRIVERS\klfltdev.sys [2008-03-13 19:02]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [2008-03-25 20:07]
R3 SG760_XP;SAGEM 802.11g XG760 1211 Driver;C:\WINDOWS\system32\DRIVERS\WlanUZXP.sys [2005-07-13 16:37]
S3 ZDCndis5;ZDCndis5 Protocol Driver;C:\WINDOWS\system32\ZDCndis5.SYS []
.
- - - - ORPHANS REMOVED - - - -
MSConfigStartUp-Cmaudio - cmicnfg.cpl
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\Asia\Dane aplikacji\Mozilla\Firefox\Profiles\b8e39pc2.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-08 12:38:05
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\ati2evxx.exe
.
**************************************************************************
.
Completion time: 2008-08-08 12:40:14 - machine was rebooted
ComboFix-quarantined-files.txt 2008-08-08 10:40:10
Pre-Run: 2,532,376,576 bajtów wolnych
Post-Run: 2,606,596,096 bajt˘w wolnych
188
@HiJack
- Kod: Zaznacz wszystko
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:45:12, on 2008-08-08
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.neostrada.pl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: SAGEM Wi-Fi 11g USB adapter LAN Utility.lnk = ?
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Statystyki ochrony WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
--
End of file - 3687 bytes
Przy robieniu logów wyłączałem antywirka (Kaspersky Internet Security 2009) bo blokował combofixa. Z góry dzięki za pomoc
