prosze o sprawdzenie

[4byss]

Po sprawdzeniu antywirem usunołem chyba z 10 wirów ale niejestem pewien czy dalej coś niesiedzi bo jak przerzucam coś z partycji na partycje to trwa to bardzo ale to bardzo długo i łapie niemiłosierną zmułe

Kod: Zaznacz wszystko

Logfile of HijackThis v1.99.1
Scan saved at 14:31:34, on 2006-09-24
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
E:\Programy\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
E:\Programy\DAEMON Tools\daemon.exe
E:\Programy\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
E:\Programy\PowerDVD\PDVDServ.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
E:\Programy\AQQ\AQQ.exe
E:\Programy\PerfectDisk\PDAgent.exe
C:\Program Files\RALINK\RT2400 Wireless LAN Card\Installer\WINXP\RaConfig.exe
E:\Programy\Logitech\MouseWare\system\em_exec.exe
E:\Programy\Alcohol 120\StarWind\StarWindService.exe
E:\Programy\PerfectDisk\PDEngine.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\Programy\SBCL v1.0h\SBCL v1.0h.exe
E:\Programy\Mozilla Firefox\firefox.exe
E:\Downloads\hijackthis_199\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Programy\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - E:\Programy\FlashGet\jccatch.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - E:\Programy\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [DAEMON Tools] "E:\Programy\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [kav] "E:\Programy\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [RemoteControl] E:\Programy\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AQQ] E:\Programy\AQQ\AQQ.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = E:\Programy\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Raconfig.lnk = C:\Program Files\RALINK\RT2400 Wireless LAN Card\Installer\WINXP\RaConfig.exe
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://E:\Programy\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ściągnij przy pomocy FlashGet'a - E:\Programy\FlashGet\jc_link.htm
O8 - Extra context menu item: Ściągnij wszystko przy pomocy FlashGet'a - E:\Programy\FlashGet\jc_all.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Ochrona WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - E:\Programy\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\Programy\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:\Programy\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:\Programy\FlashGet\flashget.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{FC203E0D-C8A4-4587-89F0-8F29D4F2E7E6}: NameServer = 85.219.244.253,212.244.133.253
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - E:\Programy\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)
O23 - Service: PDAgent - Raxco Software, Inc. - E:\Programy\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - E:\Programy\PerfectDisk\PDEngine.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - E:\Programy\Alcohol 120\StarWind\StarWindService.exe


[Aqui]

Hijack jest czysty,daj jeszze loga z silentrunners,oraz skanujesz najpierw ewido(www.ewido.net) nastepnie https://skaner.mks.com.pl/(z mks wklejasz screena z wyniku)a z Ewide wklejasz raport.
Wracasz z 3 rzeczami
Log z silent runners.raport z ewido,screen z mks.

[4byss]

- screen

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 20:54:02 2006-09-25

+ Scan result:



E:\Programy\DAEMON Tools\SetupDTSB.exe -> Adware.SaveNow : Cleaned.
D:\Mama\Mama.rar/Mama\Mama\Narzedzia\Text Pad 4.5\dodatki\img.zip/img.exe -> Not-A-Virus.Exploit.Win32.RealServer.b : Error during cleaning.
:mozilla.575:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Kamil\Cookies\kamil@2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.186:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.187:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Kamil\Cookies\kamil@adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.263:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Adocean : Cleaned.
:mozilla.264:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Adocean : Cleaned.
:mozilla.271:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Adocean : Cleaned.
:mozilla.272:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Adocean : Cleaned.
:mozilla.441:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Adocean : Cleaned.
:mozilla.442:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Adocean : Cleaned.
:mozilla.76:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Adocean : Cleaned.
:mozilla.77:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Adocean : Cleaned.
:mozilla.489:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.490:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.361:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.363:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.364:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.365:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.358:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.410:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.411:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.412:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.356:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.357:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.316:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.317:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.318:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\Kamil\Cookies\kamil@ad1.clickhype[1].txt -> TrackingCookie.Clickhype : Cleaned.
:mozilla.298:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.299:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.8:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\Kamil\Cookies\kamil@com[1].txt -> TrackingCookie.Com : Cleaned.
:mozilla.19:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Kamil\Cookies\kamil@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.388:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.389:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.390:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.391:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.313:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.314:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.646:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Findwhat : Cleaned.
:mozilla.491:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.596:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.382:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.383:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.384:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.428:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.580:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.289:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned.
C:\Documents and Settings\Kamil\Cookies\kamil@hotlog[1].txt -> TrackingCookie.Hotlog : Cleaned.
:mozilla.360:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Ivwbox : Cleaned.
C:\Documents and Settings\Kamil\Cookies\kamil@image.masterstats[1].txt -> TrackingCookie.Masterstats : Cleaned.
:mozilla.149:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.246:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Myaffiliateprogram : Cleaned.
:mozilla.223:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.224:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.684:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.685:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.686:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.694:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned.
:mozilla.695:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned.
:mozilla.549:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.550:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.551:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\Kamil\Cookies\kamil@revenue[2].txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.300:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.cenzura-spam : Cleaned.
:mozilla.301:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.cenzura-spam : Cleaned.
:mozilla.302:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.cenzura-spam : Cleaned.
:mozilla.303:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.cenzura-spam : Cleaned.
:mozilla.304:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.cenzura-spam : Cleaned.
:mozilla.305:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.cenzura-spam : Cleaned.
:mozilla.306:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.cenzura-spam : Cleaned.
:mozilla.307:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.cenzura-spam : Cleaned.
:mozilla.308:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.cenzura-spam : Cleaned.
:mozilla.309:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.cenzura-spam : Cleaned.
:mozilla.452:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.cenzura-spam : Cleaned.
:mozilla.453:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.cenzura-spam : Cleaned.
:mozilla.454:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.cenzura-spam : Cleaned.
:mozilla.286:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.287:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.647:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.648:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.649:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.290:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Spylog : Cleaned.
:mozilla.190:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.191:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.192:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.193:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.503:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.504:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.54:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.55:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.56:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.57:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.58:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
C:\Documents and Settings\Kamil\Cookies\kamil@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.315:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.431:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.359:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.291:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Yadro : Cleaned.
:mozilla.240:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.241:C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\lli7bivg.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Kamil\Cookies\kamil@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned.
D:\Mama\Moje dokumenty.rar/BNetGatewayEditor.rar/BNetGatewayEditor.exe -> Trojan.LdPinch.att : Error during cleaning.


::Report end

"Silent Runners.vbs", revision 48, http://www.silentrunners.org/
Operating System: Windows XP SP2
Output limited to non-default values, except where indicated by "{++}"


Startup items buried in registry:
---------------------------------

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"CTFMON.EXE" = "C:\WINDOWS\system32\ctfmon.exe" [MS]
"AQQ" = "E:\Programy\AQQ\AQQ.exe" ["AQQ Sp. z o.o."]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"NVMixerTray" = ""C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"" ["NVIDIA Corporation"]
"Logitech Utility" = "Logi_MwX.Exe" ["Logitech Inc."]
"DAEMON Tools" = ""E:\Programy\DAEMON Tools\daemon.exe" -lang 1033" ["DT Soft Ltd."]
"NeroFilterCheck" = "C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" ["Nero AG"]
"kav" = ""E:\Programy\Kaspersky Anti-Virus 6.0\avp.exe"" ["Kaspersky Lab"]
"(Default)" = (empty string)
"ATICCC" = ""C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"" [null data]
"RemoteControl" = "E:\Programy\PowerDVD\PDVDServ.exe" ["Cyberlink Corp."]
"SunJavaUpdateSched" = "C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe" ["Sun Microsystems, Inc."]
"!ewido" = ""E:\Programy\ewido anti-spyware 4.0\ewido.exe" /minimized" ["Anti-Malware Development a.s."]

HKLM\Software\Microsoft\Active Setup\Installed Components\
>{26923b43-4d38-484f-9b9e-de460746276c}\(Default) = "Internet Explorer"
\StubPath = "C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigIE" [MS]

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided)
-> {HKLM...CLSID} = "AcroIEHlprObj Class"
\InProcServer32\(Default) = "E:\Programy\Acrobat 7.0\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"]
{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}\(Default) = (no title provided)
-> {HKLM...CLSID} = "IeCatch5 Class"
\InProcServer32\(Default) = "E:\Programy\FlashGet\jccatch.dll" ["FlashGet"]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)
-> {HKLM...CLSID} = "SSVHelper Class"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll" ["Sun Microsystems, Inc."]

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Rozszerzenie CPL kadrowania wyświetlania"
-> {HKLM...CLSID} = "Rozszerzenie CPL kadrowania wyświetlania"
\InProcServer32\(Default) = "deskpan.dll" [file not found]
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Rozszerzenie ikony HyperTerminalu"
-> {HKLM...CLSID} = "HyperTerminal Icon Ext"
\InProcServer32\(Default) = "C:\WINDOWS\system32\hticons.dll" ["Hilgraeve, Inc."]
"{32020A01-506E-484D-A2A8-BE3CF17601C3}" = "AlcoholShellEx"
-> {HKLM...CLSID} = "AlcoholShellEx"
\InProcServer32\(Default) = "E:\Programy\ALCOHO~1\axshlex.dll" ["Alcohol Soft Development Team"]
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "E:\Programy\WinRAR\rarext.dll" [null data]
"{85E0B171-04FA-11D1-B7DA-00A0C90348D6}" = "Ochrona WWW"
-> {HKLM...CLSID} = "Ochrona WWW"
\InProcServer32\(Default) = "E:\Programy\Kaspersky Anti-Virus 6.0\scieplugin.dll" ["Kaspersky Lab"]
"{21569614-B795-46b1-85F4-E737A8DC09AD}" = "Shell Search Band"
-> {HKLM...CLSID} = "Shell Search Band"
\InProcServer32\(Default) = "C:\WINDOWS\system32\browseui.dll" [MS]
"{5E2121EE-0300-11D4-8D3B-444553540000}" = "Catalyst Context Menu extension"
-> {HKLM...CLSID} = "SimpleShlExt Class"
\InProcServer32\(Default) = "C:\Program Files\ATI Technologies\ATI.ACE\atiacmxx.dll" [empty string]
"{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "E:\Programy\Microsoft Office\OFFICE11\msohev.dll" [MS]
"{e82a2d71-5b2f-43a0-97b8-81be15854de8}" = "ShellLink for Application References"
-> {HKLM...CLSID} = "ShellLink for Application References"
\InProcServer32\(Default) = "C:\WINDOWS\system32\dfshim.dll" [MS]
"{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75}" = "Shell Icon Handler for Application References"
-> {HKLM...CLSID} = "Shell Icon Handler for Application References"
\InProcServer32\(Default) = "C:\WINDOWS\system32\dfshim.dll" [MS]
"{640167b4-59b0-47a6-b335-a6b3c0695aea}" = "Portable Media Devices"
-> {HKLM...CLSID} = "Portable Media Devices"
\InProcServer32\(Default) = "C:\WINDOWS\system32\Audiodev.dll" [MS]
"{cc86590a-b60a-48e6-996b-41d25ed39a1e}" = "Portable Media Devices Menu"
-> {HKLM...CLSID} = "Portable Media Devices Menu"
\InProcServer32\(Default) = "C:\WINDOWS\system32\Audiodev.dll" [MS]

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\
INFECTION WARNING! "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}" = "ewido anti-spyware 4.0"
-> {HKLM...CLSID} = "CShellExecuteHookImpl Object"
\InProcServer32\(Default) = "E:\Programy\ewido anti-spyware 4.0\shellexecutehook.dll" ["Anti-Malware Development a.s."]

HKLM\System\CurrentControlSet\Control\Session Manager\
INFECTION WARNING! "BootExecute" = "PDBoot.exe autocheck autochk *" [file not found], [file not found], [MS], [file not found]

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
INFECTION WARNING! AtiExtEvent\DLLName = "Ati2evxx.dll" ["ATI Technologies Inc."]
INFECTION WARNING! klogon\DLLName = "C:\WINDOWS\system32\klogon.dll" ["Kaspersky Lab"]

HKLM\Software\Classes\PROTOCOLS\Filter\
INFECTION WARNING! text/xml\CLSID = "{807553E5-5146-11D5-A672-00B0D022E945}"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL" [MS]

HKLM\Software\Classes\Folder\shellex\ColumnHandlers\
{F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info"
-> {HKLM...CLSID} = "PDF Shell Extension"
\InProcServer32\(Default) = "E:\Programy\Acrobat 7.0\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."]

HKLM\Software\Classes\*\shellex\ContextMenuHandlers\
ewido anti-spyware\(Default) = "{8934FCEF-F5B8-468f-951F-78A921CD3920}"
-> {HKLM...CLSID} = "CContextScan Object"
\InProcServer32\(Default) = "E:\Programy\ewido anti-spyware 4.0\context.dll" ["Anti-Malware Development a.s."]
Kaspersky Anti-Virus\(Default) = "{dd230880-495a-11d1-b064-008048ec2fc5}"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "E:\Programy\Kaspersky Anti-Virus 6.0\shellex.dll" ["Kaspersky Lab"]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "E:\Programy\WinRAR\rarext.dll" [null data]

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\
ewido anti-spyware\(Default) = "{8934FCEF-F5B8-468f-951F-78A921CD3920}"
-> {HKLM...CLSID} = "CContextScan Object"
\InProcServer32\(Default) = "E:\Programy\ewido anti-spyware 4.0\context.dll" ["Anti-Malware Development a.s."]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "E:\Programy\WinRAR\rarext.dll" [null data]

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\
Kaspersky Anti-Virus\(Default) = "{dd230880-495a-11d1-b064-008048ec2fc5}"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "E:\Programy\Kaspersky Anti-Virus 6.0\shellex.dll" ["Kaspersky Lab"]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "E:\Programy\WinRAR\rarext.dll" [null data]


Active Desktop and Wallpaper:
-----------------------------

Active Desktop is disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

HKCU\Control Panel\Desktop\
"Wallpaper" = "C:\WINDOWS\web\wallpaper\Idylla.bmp"


Enabled Screen Saver:
---------------------

HKCU\Control Panel\Desktop\
"SCRNSAVE.EXE" = "C:\WINDOWS\System32\logon.scr" [MS]


Startup items in "Kamil" & "All Users" startup folders:
-------------------------------------------------------

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
"Adobe Gamma Loader" -> shortcut to: "C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe" ["Adobe Systems, Inc."]
"Adobe Reader Speed Launch" -> shortcut to: "E:\Programy\Acrobat 7.0\Reader\reader_sl.exe" ["Adobe Systems Incorporated"]
"Raconfig" -> shortcut to: "C:\Program Files\RALINK\RT2400 Wireless LAN Card\Installer\WINXP\RaConfig.exe" ["Ralink Technology, Corp."]


Winsock2 Service Provider DLLs:
-------------------------------

Namespace Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]

Transport Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 11
%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05


Toolbars, Explorer Bars, Extensions:
------------------------------------

Toolbars

HKLM\Software\Microsoft\Internet Explorer\Toolbar\
"{E0E899AB-F487-11D5-8D29-0050BA6940E3}" = "FlashGet Bar"
-> {HKLM...CLSID} = "FlashGet Bar"
\InProcServer32\(Default) = "E:\Programy\FlashGet\fgiebar.dll" ["Amaze Soft"]

Extensions (Tools menu items, main toolbar menu buttons)

HKLM\Software\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\
"MenuText" = "Sun Java Console"
"CLSIDExtension" = "{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}"
-> {HKCU...CLSID} = "Java Plug-in"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll" ["Sun Microsystems, Inc."]
-> {HKLM...CLSID} = "Java Plug-in 1.5.0_06"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll" ["Sun Microsystems, Inc."]

{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E}\
"ButtonText" = "Ochrona WWW"

{92780B25-18CC-41C8-B9BE-3C9C571A8263}\
"ButtonText" = "Badanie"

{D6E814A0-E0C5-11D4-8D29-0050BA6940E3}\
"ButtonText" = "FlashGet"
"MenuText" = "&FlashGet"
"Exec" = "E:\Programy\FlashGet\flashget.exe" ["FlashGet.com"]


Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------

Ati HotKey Poller, Ati HotKey Poller, "C:\WINDOWS\system32\Ati2evxx.exe" ["ATI Technologies Inc."]
ewido anti-spyware 4.0 guard, ewido anti-spyware 4.0 guard, "E:\Programy\ewido anti-spyware 4.0\guard.exe" ["Anti-Malware Development a.s."]
Kaspersky Anti-Virus 6.0, AVP, ""E:\Programy\Kaspersky Anti-Virus 6.0\avp.exe" -r" ["Kaspersky Lab"]
Machine Debug Manager, MDM, ""C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"" [MS]
PDAgent, PDAgent, "E:\Programy\PerfectDisk\PDAgent.exe" ["Raxco Software, Inc."]
PDEngine, PDEngine, "E:\Programy\PerfectDisk\PDEngine.exe" ["Raxco Software, Inc."]
StarWind iSCSI Service, StarWindService, "E:\Programy\Alcohol 120\StarWind\StarWindService.exe" ["Rocket Division Software"]
Windows User Mode Driver Framework, UMWdf, "C:\WINDOWS\system32\wdfmgr.exe" [MS]


Print Monitors:
---------------

HKLM\System\CurrentControlSet\Control\Print\Monitors\
Microsoft Document Imaging Writer Monitor\Driver = "mdimon.dll" [MS]


----------
+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ To search all directories of local fixed drives for DESKTOP.INI
DLL launch points and all Registry CLSIDs for dormant Explorer Bars,
use the -supp parameter or answer "No" at the first message box.
---------- (total run time: 37 seconds, including 4 seconds for message boxes)

[Red]

To jest fałszywy alarm programu antywirusowego.Prosze nie usuwac tego co widac...

[4byss]

Czyli reszta już jest czysta ?

[Red]

tak