Problem z [wirus?]

[HiVu]

Kod: Zaznacz wszystko

********************************************************************************
*                                                                              *
*                                 FixIEDef Log                                 *
*                              Version 1.7.22.7514                             *
*                                                                              *
********************************************************************************

Created at 22:56:27 on Monday, July 20, 2009

Time Zone            :

Logged On User       : dLs

Operating System     : Microsoft Windows XP Home Edition Dodatek Service Pack 2
OS Architecture      : X86
System Langauge      : Polish
Keyboard Layout      : Polish
Processor            : X64 AMD Athlon(tm) 7750 Dual-Core Processor

System Drive         : C:\
Windows Directory    : C:\WINDOWS
System Directory     : C:\WINDOWS\system32

System Drive Type    : Fixed
System Drive Status  : READY
System Drive Label   :
System Drive Size    : 100 GB
System Drive Free    : 70.4 GB

Total Physical Memory: 2046 MB
Free Physical Memory : 1568 MB
Total Page File      : 2046 MB
Free Page File       : 4480 MB
Total Virtual Memory : 2048 MB
Free Virtual Memory  : 1961 MB

Boot State           : Normal boot

--------------------------------------------------------------------------------

!!! userinit.exe is Clean !!!

--------------------------------------------------------------------------------

!!! Files that have been deleted !!!

No malicious files found

--------------------------------------------------------------------------------

!!! Directories that have been removed !!!

No malicious directories to be removed

--------------------------------------------------------------------------------

!!! Registry entries that have been removed !!!

No malicious Registry entries found

================================================================================

All Done :)

ShadowPuterDude

Safe Surfing!!!

Kod: Zaznacz wszystko

ComboFix 09-07-19.04 - dLs 2009-07-20 22:47.1.2 - NTFSx86
Microsoft Windows XP Home Edition  5.1.2600.2.1250.48.1045.18.2046.1568 [GMT 2:00]
Uruchomiony z: D:\ComboFix.exe

UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !!
.

(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\docume~1\dLs\USTAWI~1\Temp\install_flash_player.exe
c:\documents and settings\All Users\Dane aplikacji\10064534
c:\documents and settings\All Users\Dane aplikacji\10064534\10064534
c:\documents and settings\All Users\Dane aplikacji\10064534\10064534.exe
c:\documents and settings\dLs\Dane aplikacji\wiaserva.log
c:\documents and settings\dLs\dLs.exe
c:\documents and settings\dLs\Menu Start\Programy\Autostart\rncsys32.exe
c:\documents and settings\dLs\Menu Start\Programy\System Security
c:\documents and settings\dLs\Menu Start\Programy\System Security\System Security
c:\documents and settings\dLs\oashdihasidhasuidhiasdhiashdiuasdhasd
c:\documents and settings\dLs\Pulpit\System Security 2009.lnk
c:\windows\Installer\542561.msi
c:\windows\Installer\542562.msp
c:\windows\Installer\542563.msp
c:\windows\Installer\542564.msp
c:\windows\Installer\542565.msp
c:\windows\Installer\542566.msp
c:\windows\Installer\542567.msp
c:\windows\Installer\542568.msp
c:\windows\Installer\542569.msp
c:\windows\Installer\54256a.msp
c:\windows\Installer\54256b.msp
c:\windows\system32\ATIODCLI.exe
c:\windows\system32\ATIODE.exe
c:\windows\system32\drivers\ati64si.sys

.
(((((((((((((((((((((((((((((((((((((((   Sterowniki/Usługi   )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ATI64SI
-------\Service_ati64si


(((((((((((((((((((((((((   Pliki utworzone od 2009-06-20 do 2009-07-20  )))))))))))))))))))))))))))))))
.

2009-07-19 11:59 . 2001-08-17 19:56   7552   -c--a-w-   c:\windows\system32\dllcache\sonypvu1.sys
2009-07-19 11:59 . 2001-08-17 19:56   7552   ----a-w-   c:\windows\system32\drivers\SONYPVU1.SYS
2009-07-19 11:59 . 2004-08-03 21:08   26496   -c--a-w-   c:\windows\system32\dllcache\usbstor.sys
2009-07-18 14:10 . 2009-07-18 14:10   --------   d-----w-   C:\Strona www
2009-07-18 14:06 . 2009-07-18 14:06   --------   d-----w-   c:\documents and settings\dLs\Ustawienia lokalne\Dane aplikacji\Help
2009-07-17 21:32 . 2009-07-17 21:32   --------   d-----w-   c:\documents and settings\dLs\Ustawienia lokalne\Dane aplikacji\Temp
2009-07-17 19:17 . 2009-07-17 19:17   98304   ----a-w-   c:\windows\system32\CmdLineExt.dll
2009-07-17 19:08 . 2009-07-17 19:08   --------   d-----w-   c:\documents and settings\dLs\.gstreamer-0.10
2009-07-17 19:07 . 2009-07-17 19:07   --------   d-----w-   c:\documents and settings\All Users\Dane aplikacji\OpenFM
2009-07-17 18:55 . 2009-07-17 18:55   --------   d-----w-   c:\windows\l2schemas
2009-07-17 18:54 . 2009-07-17 18:55   --------   d-----w-   c:\program files\Windows Sidebar
2009-07-17 11:59 . 2004-08-04 12:00   221184   ----a-w-   c:\windows\system32\wmpns.dll
2009-07-16 18:51 . 2009-07-16 19:42   --------   d-----w-   c:\documents and settings\dLs\Ustawienia lokalne\Dane aplikacji\X-ray Anti-Cheat
2009-07-16 18:51 . 2009-03-09 13:27   453456   ----a-w-   c:\windows\system32\d3dx10_41.dll
2009-07-16 18:51 . 2009-03-09 13:27   4178264   ----a-w-   c:\windows\system32\D3DX9_41.dll
2009-07-16 18:51 . 2009-03-09 13:27   1846632   ----a-w-   c:\windows\system32\D3DCompiler_41.dll
2009-07-16 18:51 . 2009-03-16 12:18   69448   ----a-w-   c:\windows\system32\XAPOFX1_3.dll
2009-07-16 18:51 . 2009-03-16 12:18   517448   ----a-w-   c:\windows\system32\XAudio2_4.dll
2009-07-16 18:51 . 2009-03-16 12:18   235352   ----a-w-   c:\windows\system32\xactengine3_4.dll
2009-07-16 18:51 . 2009-03-16 12:18   22360   ----a-w-   c:\windows\system32\X3DAudio1_6.dll
2009-07-16 18:50 . 2009-07-16 18:51   --------   d--h--w-   c:\windows\msdownld.tmp
2009-07-16 18:50 . 2009-07-16 18:51   --------   d-----w-   c:\program files\X-ray Anti-Cheat
2009-07-16 18:16 . 2009-07-16 18:16   --------   d-----w-   c:\documents and settings\dLs\Dane aplikacji\teamspeak2
2009-07-16 18:16 . 2009-07-16 18:16   --------   d-----w-   c:\program files\Teamspeak2_RC2
2009-07-16 11:11 . 2009-07-16 11:11   --------   d-----w-   c:\documents and settings\dLs\Ustawienia lokalne\Dane aplikacji\Activision
2009-07-16 10:17 . 2009-07-16 10:17   682280   ----a-w-   c:\windows\system32\pbsvc.exe
2009-07-15 20:26 . 2009-07-15 20:27   --------   d-----w-   c:\documents and settings\dLs\Ustawienia lokalne\Dane aplikacji\Dyyno Receiver
2009-07-15 13:03 . 2009-07-15 13:03   0   ----a-w-   c:\windows\nsreg.dat
2009-07-15 13:03 . 2009-07-15 13:03   --------   d-----w-   c:\documents and settings\dLs\Ustawienia lokalne\Dane aplikacji\Mozilla
2009-07-15 11:33 . 2009-07-15 11:33   --------   d-----w-   c:\windows\system32\Futuremark
2009-07-15 11:33 . 2009-07-15 11:33   --------   d-----w-   c:\program files\Common Files\Futuremark Shared
2009-07-15 11:33 . 2008-09-17 13:14   27672   ----a-r-   c:\windows\system32\drivers\Entech.sys
2009-07-15 11:11 . 2009-07-15 11:11   152576   ----a-w-   c:\documents and settings\dLs\Dane aplikacji\Sun\Java\jre1.6.0_14\lzma.dll
2009-07-15 11:10 . 2009-07-15 11:13   --------   d-----w-   c:\program files\SystemRequirementsLab
2009-07-15 11:10 . 2009-07-15 11:10   --------   d-----w-   c:\documents and settings\dLs\SystemRequirementsLab
2009-07-15 09:13 . 2009-07-15 11:12   --------   d-----w-   c:\program files\Java
2009-07-14 17:40 . 2009-07-14 17:40   --------   d-----w-   c:\documents and settings\All Users\Dane aplikacji\ATI
2009-07-14 17:19 . 2009-07-14 17:19   9158   ----a-r-   c:\documents and settings\dLs\Dane aplikacji\Microsoft\Installer\{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}\ARPPRODUCTICON.exe
2009-07-14 17:19 . 2009-07-14 17:19   --------   d-----w-   c:\program files\Common Files\ATI Technologies
2009-07-14 17:18 . 2009-05-15 19:05   593920   ------w-   c:\windows\system32\ati2sgag.exe
2009-07-14 17:18 . 2009-05-16 02:51   311296   ----a-w-   c:\windows\system32\atiiiexx.dll
2009-07-14 17:18 . 2009-05-16 03:39   442368   ----a-w-   c:\windows\system32\ATIDEMGX.dll
2009-07-14 17:18 . 2009-05-16 02:54   887724   ----a-w-   c:\windows\system32\ativva6x.dat
2009-07-14 17:18 . 2009-05-16 02:54   3   ----a-w-   c:\windows\system32\ativva5x.dat
2009-07-14 17:18 . 2009-04-23 19:04   189051   ----a-w-   c:\windows\system32\atiicdxx.dat
2009-07-14 17:18 . 2008-07-04 02:48   3107788   ----a-r-   c:\windows\system32\ativvaxx.dat
2009-07-14 17:17 . 2009-07-14 17:28   --------   d-----w-   c:\program files\ATI Technologies
2009-07-14 11:13 . 2009-07-14 11:13   --------   d-----w-   C:\020d8eb0ebedf067444746
2009-07-14 11:07 . 2009-07-14 11:07   --------   d-----w-   c:\windows\Sun
2009-07-14 10:51 . 2009-07-17 19:07   --------   d-----w-   c:\documents and settings\dLs\Dane aplikacji\OpenFM
2009-07-13 19:41 . 2009-07-20 14:52   --------   d-----w-   c:\documents and settings\dLs\Dane aplikacji\mIRC
2009-07-13 19:41 . 2009-07-20 14:50   --------   d-----w-   c:\program files\mIRC
2009-07-13 18:38 . 2009-07-13 18:58   --------   d-----w-   c:\windows\SxsCaPendDel
2009-07-13 18:29 . 2009-07-15 09:15   --------   d-----w-   c:\documents and settings\dLs\Dane aplikacji\Mumble
2009-07-13 18:06 . 2009-07-13 18:06   --------   d-----w-   c:\documents and settings\dLs\Dane aplikacji\Ventrilo
2009-07-13 18:06 . 2009-07-13 18:06   --------   d-----w-   c:\program files\Ventrilo
2009-07-13 18:06 . 2009-07-13 18:06   --------   d-----w-   c:\program files\Common Files\Wise Installation Wizard
2009-07-13 16:50 . 2009-07-13 18:29   --------   d-----w-   c:\program files\Mumble
2009-07-13 16:35 . 2009-07-13 16:35   --------   d-----w-   c:\documents and settings\dLs\Dane aplikacji\Nowe Gadu-Gadu
2009-07-13 16:35 . 2009-07-16 09:19   --------   d-----w-   c:\program files\Nowe Gadu-Gadu
2009-07-13 11:59 . 2009-07-13 11:59   --------   d-----w-   C:\GV-Script_COD2_W
2009-07-13 11:28 . 2009-07-13 11:28   --------   d-----w-   C:\GV-Script_COD2_L
2009-07-13 11:28 . 2009-07-13 11:28   --------   d-----w-   c:\documents and settings\dLs\Ustawienia lokalne\Dane aplikacji\GHISLER
2009-07-13 11:26 . 2009-07-13 11:26   --------   d-----w-   c:\documents and settings\dLs\Ustawienia lokalne\Dane aplikacji\Adobe
2009-07-13 11:26 . 2009-07-13 11:26   --------   d-----w-   c:\documents and settings\dLs\Dane aplikacji\AdobeUM
2009-07-13 11:26 . 2009-07-13 11:26   --------   d-----w-   c:\program files\Common Files\Adobe
2009-07-13 11:25 . 2009-07-18 14:06   --------   d-----w-   C:\totalcmd
2009-07-13 11:25 . 2008-08-08 05:04   545   ----a-w-   c:\windows\UC.PIF
2009-07-13 11:25 . 2008-08-08 05:04   545   ----a-w-   c:\windows\RAR.PIF
2009-07-13 11:25 . 2008-08-08 05:04   545   ----a-w-   c:\windows\PKZIP.PIF
2009-07-13 11:25 . 2008-08-08 05:04   545   ----a-w-   c:\windows\PKUNZIP.PIF
2009-07-13 11:25 . 2008-08-08 05:04   545   ----a-w-   c:\windows\NOCLOSE.PIF
2009-07-13 11:25 . 2008-08-08 05:04   545   ----a-w-   c:\windows\LHA.PIF
2009-07-13 11:25 . 2008-08-08 05:04   545   ----a-w-   c:\windows\ARJ.PIF
2009-07-13 10:04 . 2009-07-17 13:37   --------   d-----w-   c:\documents and settings\dLs\Ustawienia lokalne\Dane aplikacji\BraCa_Soft
2009-07-13 09:56 . 2006-06-29 11:07   14048   ------w-   c:\windows\system32\spmsg2.dll
2009-07-13 09:56 . 2009-07-13 09:56   --------   d-----w-   c:\windows\system32\pl-PL
2009-07-13 09:55 . 2009-07-17 22:06   374496   ----a-w-   c:\documents and settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
2009-07-13 09:54 . 2009-07-13 09:56   --------   d-----w-   c:\windows\system32\XPSViewer
2009-07-13 09:54 . 2009-07-13 09:54   --------   d-----w-   c:\program files\MSBuild
2009-07-13 08:43 . 2009-07-13 08:43   --------   d-----w-   c:\program files\Reference Assemblies
2009-07-13 08:43 . 2008-07-06 12:06   89088   -c----w-   c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-07-13 08:43 . 2008-07-06 12:06   117760   ------w-   c:\windows\system32\prntvpt.dll
2009-07-13 08:43 . 2008-07-06 10:50   597504   -c----w-   c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-07-13 08:43 . 2009-07-13 08:43   --------   d-----w-   C:\267beeaa2bcd4ce6c5f7d50d529c53
2009-07-13 08:43 . 2008-07-06 12:06   575488   -c----w-   c:\windows\system32\dllcache\xpsshhdr.dll
2009-07-13 08:43 . 2008-07-06 12:06   575488   ------w-   c:\windows\system32\xpsshhdr.dll
2009-07-13 08:43 . 2008-07-06 12:06   1676288   -c----w-   c:\windows\system32\dllcache\xpssvcs.dll
2009-07-13 08:43 . 2008-07-06 12:06   1676288   ------w-   c:\windows\system32\xpssvcs.dll
2009-07-13 08:37 . 2009-07-13 08:37   --------   d-----w-   c:\program files\MSXML 6.0
2009-07-13 08:22 . 2009-07-13 08:22   --------   d-----w-   C:\494a9f69f5304e30c829
2009-07-13 07:46 . 2009-07-13 07:46   --------   d-----w-   c:\documents and settings\All Users\Dane aplikacji\Sports Interactive
2009-07-13 07:38 . 2009-07-13 07:38   --------   d-----w-   c:\windows\Logs
2009-07-13 07:35 . 2009-07-13 07:35   --------   d-----w-   c:\program files\Microsoft IntelliPoint
2009-07-13 07:35 . 2009-07-13 07:38   --------   d--h--w-   c:\program files\Zero G Registry
2009-07-13 07:35 . 2009-07-13 07:35   --------   d-----w-   c:\program files\Sports Interactive
2009-07-13 07:35 . 2009-07-13 07:35   --------   d--h--w-   c:\documents and settings\dLs\InstallAnywhere
2009-07-13 07:34 . 2009-07-13 07:34   --------   d-----w-   c:\documents and settings\dLs\Dane aplikacji\Sports Interactive
2009-07-13 07:32 . 2009-07-13 07:32   --------   d-----w-   c:\documents and settings\dLs\Ustawienia lokalne\Dane aplikacji\PunkBuster

.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-20 20:52 . 2009-07-12 23:06   24944   ----a-w-   c:\windows\system32\drivers\GVTDrv.sys
2009-07-20 20:52 . 2009-07-12 22:44   16608   ----a-w-   c:\windows\gdrv.sys
2009-07-20 20:49 . 2009-07-12 23:07   --------   d-----w-   c:\documents and settings\dLs\Dane aplikacji\Xfire
2009-07-20 20:44 . 2009-07-12 23:34   189104   ----a-w-   c:\windows\system32\PnkBstrB.exe
2009-07-20 20:21 . 2009-07-12 23:35   139584   ----a-w-   c:\windows\system32\drivers\PnkBstrK.sys
2009-07-19 22:01 . 2009-07-12 23:07   --------   d-----w-   c:\program files\Xfire
2009-07-17 18:55 . 2009-07-12 23:17   14408   ----a-w-   c:\documents and settings\dLs\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
2009-07-16 13:50 . 2009-07-12 22:39   76487   ----a-w-   c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-07-16 10:19 . 2009-07-12 23:34   75064   ----a-w-   c:\windows\system32\PnkBstrA.exe
2009-07-16 10:17 . 2009-07-12 23:35   22328   ----a-w-   c:\documents and settings\dLs\Dane aplikacji\PnkBstrK.sys
2009-07-16 10:17 . 2009-07-12 23:35   22328   ----a-w-   c:\documents and settings\dLs\Dane aplikacji\PnkBstrK.sys
2009-07-16 10:17 . 2009-07-12 22:44   --------   d--h--w-   c:\program files\InstallShield Installation Information
2009-07-16 10:06 . 2009-07-12 23:25   --------   d-----w-   c:\program files\Activision
2009-07-15 09:13 . 2004-08-04 12:00   83864   ----a-w-   c:\windows\system32\perfc015.dat
2009-07-15 09:13 . 2004-08-04 12:00   490614   ----a-w-   c:\windows\system32\perfh015.dat
2009-07-15 09:12 . 2009-07-12 23:09   152576   ----a-w-   c:\documents and settings\dLs\Dane aplikacji\Sun\Java\jre1.6.0_13\lzma.dll
2009-07-14 17:16 . 2009-07-12 23:07   664   ----a-w-   c:\windows\system32\d3d9caps.dat
2009-07-13 10:17 . 2009-07-13 10:17   58748   ----a-w-   c:\windows\Fonts\verabd.ttf
2009-07-13 10:17 . 2009-07-13 10:17   40508   ----a-w-   c:\windows\Fonts\fmthin.ttf
2009-07-12 23:17 . 2009-07-12 23:17   --------   d-----w-   c:\documents and settings\dLs\Dane aplikacji\ATI
2009-07-12 23:16 . 2009-07-12 23:16   0   ----a-w-   c:\windows\ativpsrm.bin
2009-07-12 23:09 . 2009-07-12 23:09   --------   d-----w-   c:\documents and settings\NetworkService\Dane aplikacji\Xfire
2009-07-12 23:07 . 2009-07-12 22:44   --------   d-----w-   c:\program files\Common Files\InstallShield
2009-07-12 23:07 . 2009-07-12 23:07   552   ----a-w-   c:\windows\system32\d3d8caps.dat
2009-07-12 22:58 . 2009-07-12 22:44   --------   d-----w-   c:\program files\Gigabyte
2009-07-12 22:54 . 2009-07-12 22:54   --------   d-----w-   c:\documents and settings\All Users\Dane aplikacji\InstallShield
2009-07-12 22:48 . 2009-07-12 22:45   --------   d-----w-   c:\program files\Realtek
2009-07-12 22:45 . 2009-07-12 22:45   --------   d-----w-   c:\program files\AMD
2009-07-12 22:45 . 2009-07-12 22:45   --------   d-----w-   c:\documents and settings\dLs\Dane aplikacji\InstallShield
2009-07-12 22:45 . 2009-07-12 22:45   --------   d-----w-   c:\program files\Browser Configuration Utility
2009-07-12 22:40 . 2009-07-12 22:40   --------   d-----w-   c:\program files\microsoft frontpage
2009-07-12 22:39 . 2009-07-12 22:39   --------   d-----w-   c:\program files\Usługi online
2009-07-12 22:38 . 2009-07-12 22:38   21856   ----a-w-   c:\windows\system32\emptyregdb.dat
2009-07-07 23:55 . 2009-07-07 23:55   41808   ----a-w-   c:\windows\system32\xfcodec.dll
2009-07-06 15:10 . 2009-07-12 22:45   5788672   ----a-w-   c:\windows\system32\drivers\RtkHDAud.sys
2009-07-02 17:11 . 2009-07-12 22:45   18665472   ----a-w-   c:\windows\RTHDCPL.EXE
2009-06-26 12:37 . 2009-07-12 22:45   40960   ----a-w-   c:\windows\system32\RtkCoInstXP.dll
2009-06-24 08:43 . 2009-07-12 22:45   831488   ----a-w-   c:\windows\RtlExUpd.dll
2009-06-22 15:39 . 2009-07-12 22:45   1482752   ----a-w-   c:\windows\RtlUpd.exe
2009-05-28 09:23 . 2009-05-28 09:23   42088   ----a-w-   c:\documents and settings\dLs\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll
2009-05-21 09:33 . 2009-07-12 23:09   410984   ----a-w-   c:\windows\system32\deploytk.dll
2009-05-16 03:58 . 2008-07-04 06:33   4069888   ----a-w-   c:\windows\system32\drivers\ati2mtag.sys
2009-05-16 03:38 . 2008-07-04 03:23   335872   ----a-w-   c:\windows\system32\ati2dvag.dll
2009-05-16 03:18 . 2008-07-04 03:14   204800   ----a-w-   c:\windows\system32\atipdlxx.dll
2009-05-16 03:17 . 2008-07-04 03:14   155648   ----a-w-   c:\windows\system32\Oemdspif.dll
2009-05-16 03:17 . 2008-07-04 03:14   26112   ----a-w-   c:\windows\system32\Ati2mdxx.exe
2009-05-16 03:17 . 2008-07-04 03:13   43520   ----a-w-   c:\windows\system32\ati2edxx.dll
2009-05-16 03:17 . 2008-07-04 03:13   155648   ----a-w-   c:\windows\system32\ati2evxx.dll
2009-05-16 03:15 . 2008-07-04 03:12   602112   ----a-w-   c:\windows\system32\ati2evxx.exe
2009-05-16 03:14 . 2008-07-04 03:10   53248   ----a-w-   c:\windows\system32\ATIDDC.DLL
2009-05-16 03:07 . 2008-07-04 03:00   2987136   ----a-w-   c:\windows\system32\ati3duag.dll
2009-05-16 02:55 . 2009-05-16 02:55   11423744   ----a-w-   c:\windows\system32\atioglxx.dll
2009-05-16 02:54 . 2008-07-04 02:49   2122624   ----a-w-   c:\windows\system32\ativvaxx.dll
2009-05-16 02:38 . 2009-05-16 02:38   49664   ----a-w-   c:\windows\system32\atimpc32.dll
2009-05-16 02:38 . 2008-07-04 02:34   49664   ----a-w-   c:\windows\system32\amdpcom32.dll
2009-05-16 02:33 . 2008-07-04 02:30   479232   ----a-w-   c:\windows\system32\atikvmag.dll
2009-05-16 02:31 . 2008-07-04 02:29   139264   ----a-w-   c:\windows\system32\atiadlxx.dll
2009-05-16 02:31 . 2008-07-04 02:28   17408   ----a-w-   c:\windows\system32\atitvo32.dll
2009-05-16 02:30 . 2008-07-04 02:28   53248   ----a-w-   c:\windows\system32\drivers\ati2erec.dll
2009-05-16 02:26 . 2008-07-04 03:06   376832   ----a-w-   c:\windows\system32\atiok3x2.dll
2009-05-16 02:24 . 2008-07-04 02:22   651264   ----a-w-   c:\windows\system32\ati2cqag.dll
2009-05-16 01:35 . 2009-05-16 01:35   45056   ----a-w-   c:\windows\system32\aticalrt.dll
2009-05-16 01:34 . 2009-05-16 01:34   45056   ----a-w-   c:\windows\system32\aticalcl.dll
2009-05-16 01:33 . 2009-05-16 01:33   3158016   ----a-w-   c:\windows\system32\aticaldd.dll
2009-05-05 19:33 . 2009-05-05 19:33   118784   ----a-w-   c:\windows\system32\atibtmon.exe
2008-12-18 00:26 . 2009-07-15 13:03   67688   ----a-w-   c:\program files\mozilla firefox\components\jar50.dll
2008-12-18 00:26 . 2009-07-15 13:03   54368   ----a-w-   c:\program files\mozilla firefox\components\jsd3250.dll
2008-12-18 00:26 . 2009-07-15 13:03   34944   ----a-w-   c:\program files\mozilla firefox\components\myspell.dll
2008-12-18 00:26 . 2009-07-15 13:03   46712   ----a-w-   c:\program files\mozilla firefox\components\spellchk.dll
2008-12-18 00:26 . 2009-07-15 13:03   172136   ----a-w-   c:\program files\mozilla firefox\components\xpinstal.dll
.

(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
"Google Update"="c:\documents and settings\dLs\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe" [2009-07-12 133104]
"Nowe Gadu-Gadu"="c:\program files\Nowe Gadu-Gadu\gg.exe" [2009-07-14 10707560]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-08-03 1667584]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2007-07-28 1230848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EasyTuneVI"="c:\program files\GIGABYTE\ET6\ETcall.exe" [2007-07-26 20480]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-17 221184]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-17 81920]
"GBTUpd"="c:\program files\GIGABYTE\GBTUpd\PreRun.exe" [2008-04-03 297480]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2007-02-05 849280]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-05-20 98304]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-21 148888]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2009-07-02 18665472]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360]

c:\documents and settings\dLs\Menu Start\Programy\Autostart\
Xfire.lnk - c:\program files\Xfire\Xfire.exe [2009-7-8 3190096]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Xfire\\Xfire.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\Sports Interactive\\Football Manager 2009\\fm.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\Documents and Settings\\dLs\\Ustawienia lokalne\\Dane aplikacji\\Dyyno Receiver\\DPPM.exe"=
"c:\\Program Files\\Nowe Gadu-Gadu\\gg.exe"=
"c:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaWmp.exe"=
"c:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaW.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"9023:TCP"= 9023:TCP:9023
"9023:UDP"= 9023:UDP:9023

R2 ES lite Service;ES lite Service for program management.;c:\program files\Gigabyte\EasySaver\essvr.exe [2009-07-13 68136]
R3 AtiHdmiService;ATI Function Driver for HDMI Service;c:\windows\system32\drivers\AtiHdmi.sys [2009-07-13 93696]
R3 GVTDrv;GVTDrv;c:\windows\system32\drivers\GVTDrv.sys [2009-07-13 24944]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2009-07-13 1684736]
S3 cpuz130;cpuz130;\??\c:\docume~1\dLs\USTAWI~1\Temp\cpuz130\cpuz_x32.sys --> c:\docume~1\dLs\USTAWI~1\Temp\cpuz130\cpuz_x32.sys [?]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D58F39FF-953E-4F45-898F-59F243B9A523}]
"c:\program files\Windows Sidebar\sidebar.exe" /RegServer
.
Zawartość folderu 'Zaplanowane zadania'

2009-07-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1708537768-2077806209-839522115-1004Core.job
- c:\documents and settings\dLs\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2009-07-12 22:51]

2009-07-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1708537768-2077806209-839522115-1004UA.job
- c:\documents and settings\dLs\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2009-07-12 22:51]
.
- - - - USUNIĘTO PUSTE WPISY - - - -

HKLM-Run-10064534 - c:\documents and settings\All Users\Dane aplikacji\10064534\10064534.exe
HKLM-Run-Regedit32 - c:\windows\system32\regedit.exe


.
------- Skan uzupełniający -------
.
uInternet Connection Wizard,ShellNext = iexplore
DPF: {4E218431-2F07-40BD-A9D3-035324C1F13F} - hxxp://webserver.dyyno.com/tng/dyyno-client/DyynoCAB.CAB
FF - ProfilePath - c:\documents and settings\dLs\Dane aplikacji\Mozilla\Firefox\Profiles\vy48qnhe.default\
FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-20 22:52
Windows 5.1.2600 Dodatek Service Pack 2 NTFS

skanowanie ukrytych procesów ... 

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ... 


c:\windows\system32\GVTunner.ref 4 bytes

skanowanie pomyślnie ukończone
ukryte pliki: 1

**************************************************************************
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------

[HKEY_USERS\S-1-5-21-1708537768-2077806209-839522115-1004\Software\G*e*n*i*e*"!\FM Genie Scout 2009 XE]
"GameDir"="c:\\Documents and Settings\\dLs\\Moje dokumenty\\Sports Interactive\\Football Manager 2009\\games"
"ShortlistDir"=""
"ScreenshotsDir"="c:\\Documents and Settings\\dLs\\Moje dokumenty\\Sports Interactive\\Football Manager 2009"
"SaveDir"="c:\\Documents and Settings\\dLs\\Moje dokumenty\\Sports Interactive\\Football Manager 2009\\"
"HistoryDir"="c:\\DOCUME~1\\dLs\\USTAWI~1\\Temp\\Rar$EX00.906\\FM Genie Scout 2009 XE\\History Points"
"LangDB"="c:\\Program Files\\Sports Interactive\\Football Manager 2009\\data\\updates\\update-930\\db\\930\\lang_db.dat"
"LastSaveGame"=""
"Language"="English"
"LoadLangDB"=dword:00000001
"CompressHistoryPoints"=dword:00000000
"HighlightedAttributes"=dword:00000000
"MinCondition"=dword:00000050
"GraphStep"=dword:00000000
"SkinName"="Champions League"
"LastUpdateCheck"=dword:00000000
"HighQualityGUI"=dword:00000001
"AutomaticallyUpdateCheck"=dword:00000001
"AdvancedGeneration"=dword:00000000
"TranslateStaffSkills"=dword:00000001
"TranslatePlayerSkills"=dword:00000001
"TranslatePositions"=dword:00000001
"ShowHistory"=dword:00000001
"Version"=dword:00000067
"UniqueID"="54-F035-2E13"
"Currency"=dword:00000056
"UseProxy"=dword:00000000
"ProxyHost"=""
"ProxyPort"=""
"UseAuthentication"=dword:00000000
"UserName"=""
"UserPassword"=""
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------

- - - - - - - > 'winlogon.exe'(728)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(2540)
c:\program files\Xfire\xfire_toucan_37966.dll
c:\windows\system32\msi.dll
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\windows\system32\ati2evxx.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
c:\program files\Gigabyte\GBTUpd\RunUpd.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\Gigabyte\ET6\GUI.exe
c:\documents and settings\dLs\Ustawienia lokalne\Dane aplikacji\Google\Update\1.2.183.7\GoogleCrashHandler.exe
c:\program files\Nowe Gadu-Gadu\spellchecker_gg.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\documents and settings\dLs\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
c:\documents and settings\dLs\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
.
**************************************************************************
.
Czas ukończenia: 2009-07-20 22:53 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt  2009-07-20 20:53

Przed: 72 957 927 424 bajtów wolnych
Po: 73 837 637 632 bajtów wolnych

355


Wychodzę z gry , blue screen informujący o tym ze do wszystkich moich haseł wszyscy maja dostęp . Samo pobierający się anty wir . Podałem log z bombofixa zaraz wrzucę resztę .