- Kod: Zaznacz wszystko
iComboFix 08-12-02.02 - Ewelina 2008-12-04 10:20:20.3 - NTFSx86
Uruchomiony z: c:\documents and settings\Ewelina\Ustawienia lokalne\Dane aplikacji\Opera\Opera\profile\cache4\temporary_download\ComboFix.exe
[color=RED][b]UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !![/b][/color]
.
((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users\Dane aplikacji\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Dane aplikacji\Microsoft\Network\Downloader\qmgr1.dat
c:\windows\system32\bdxttj.dll
c:\windows\system32\bexxajwk.ini
c:\windows\system32\cKTEdMoq.ini
c:\windows\system32\cKTEdMoq.ini2
c:\windows\system32\cnhxsk.dll
c:\windows\system32\cybtslsv.ini
c:\windows\system32\dkirmevd.ini
c:\windows\system32\dpaukboo.dll
c:\windows\system32\dzimui.dll
c:\windows\system32\egneonnl.ini
c:\windows\system32\eisljhra.ini
c:\windows\system32\eivirugk.ini
c:\windows\system32\fbygow.dll
c:\windows\system32\fgankwdv.ini
c:\windows\system32\fLnmVvut.ini
c:\windows\system32\fLnmVvut.ini2
c:\windows\system32\fMoWvyay.ini
c:\windows\system32\fMoWvyay.ini2
c:\windows\system32\fqytaikq.ini
c:\windows\system32\frqyukmf.ini
c:\windows\system32\gclwvykx.ini
c:\windows\system32\gjmuoegn.ini
c:\windows\system32\gyjtflmw.ini
c:\windows\system32\hharmopj.ini
c:\windows\system32\hikqdtxb.ini
c:\windows\system32\hsmmfewy.ini
c:\windows\system32\icpabbby.ini
c:\windows\system32\igaetjgq.ini
c:\windows\system32\iigdtyjy.ini
c:\windows\system32\iiswiu.dll
c:\windows\system32\ilslxwws.dll
c:\windows\system32\imundstn.dll
c:\windows\system32\ipumfyaf.ini
c:\windows\system32\itxtxhfh.ini
c:\windows\system32\jauuoduv.ini
c:\windows\system32\jhqnrraf.dll
c:\windows\system32\jowtnujx.ini
c:\windows\system32\jrdxfywo.dll
c:\windows\system32\jsjspi.dll
c:\windows\system32\jsuwpstb.ini
c:\windows\system32\kgratx.dll
c:\windows\system32\lkfqwshi.ini
c:\windows\system32\lkvgwppo.ini
c:\windows\system32\llwonw.dll
c:\windows\system32\lqtzxe.dll
c:\windows\system32\luqghjbv.ini
c:\windows\system32\mijxooml.ini
c:\windows\system32\mitlpopt.ini
c:\windows\system32\mlulnhhb.ini
c:\windows\system32\mmljtswd.ini
c:\windows\system32\mrkxkmnj.dll
c:\windows\system32\mwjsjlho.ini
c:\windows\system32\mxborvtv.ini
c:\windows\system32\nmknbt.dll
c:\windows\system32\nnimgwqd.ini
c:\windows\system32\nqujdcay.ini
c:\windows\system32\nxxbvl.dll
c:\windows\system32\ocafhnhp.dll
c:\windows\system32\oijrymbr.ini
c:\windows\system32\ojckxifk.ini
c:\windows\system32\oklqsius.ini
c:\windows\system32\oobkuapd.ini
c:\windows\system32\oqojylqo.ini
c:\windows\system32\owegclgr.ini
c:\windows\system32\oxeckkke.ini
c:\windows\system32\pofvsnbt.ini
c:\windows\system32\PWEhknpo.ini
c:\windows\system32\PWEhknpo.ini2
c:\windows\system32\qbitdpkw.dll
c:\windows\system32\qdalrgev.dll
c:\windows\system32\qkycbapi.ini
c:\windows\system32\qsgdmyjw.ini
c:\windows\system32\rcdxyltt.dll
c:\windows\system32\rgrfvllq.ini
c:\windows\system32\rrctbr.dll
c:\windows\system32\sfhzwo.dll
c:\windows\system32\stwvDfhk.ini
c:\windows\system32\stwvDfhk.ini2
c:\windows\system32\suisqlko.dll
c:\windows\system32\swwxlsli.ini
c:\windows\system32\tktfjaaj.ini
c:\windows\system32\trsxdjrt.ini
c:\windows\system32\ttiymkgv.ini
c:\windows\system32\ufoweyky.ini
c:\windows\system32\utlgkocr.dll
c:\windows\system32\vifkxlhy.ini
c:\windows\system32\vodicyxm.ini
c:\windows\system32\vshvtqcw.ini
c:\windows\system32\vybIRtwa.ini
c:\windows\system32\vybIRtwa.ini2
c:\windows\system32\wbubhlub.ini
c:\windows\system32\winiuejn.ini
c:\windows\system32\wnnssbpx.ini
c:\windows\system32\wtwpeavv.dll
c:\windows\system32\wyrclven.ini
c:\windows\system32\xcrsmdsu.dll
c:\windows\system32\xemwatll.ini
c:\windows\system32\xfhhupuc.ini
c:\windows\system32\xIPWDfhk.ini
c:\windows\system32\xIPWDfhk.ini2
c:\windows\system32\xiqyxjas.dll
c:\windows\system32\xjparrva.dll
c:\windows\system32\xkpexspq.ini
c:\windows\system32\xmlqxikx.ini
c:\windows\system32\yacdjuqn.dll
c:\windows\system32\yohcocdo.ini
c:\windows\system32\yqlloosr.dll
c:\windows\system32\yvprbx.dll
.
---- Previous Run -------
.
c:\documents and settings\Luque\Dane aplikacji\Adobe\Player.exe.bak
c:\documents and settings\Piter\Menu Start\Programy\Autostart\userinit.exe
c:\documents and settings\Piter\svchost.exe
C:\u.exe
c:\windows\system32\~.exe
c:\windows\system32\drivers\services.exe
c:\windows\system32\kr_done1
c:\windows\system32\mcrh.tmp
----- BITS: Możliwe zainfekowane strony -----
hxxp://78.157.143.198
.
((((((((((((((((((((((((((((((((((((((( Sterowniki/Usługi )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_VFILT
((((((((((((((((((((((((( Pliki utworzone od 2008-11-04 do 2008-12-04 )))))))))))))))))))))))))))))))
.
2008-12-04 08:47 . 2008-12-04 08:47 <DIR> d-------- c:\program files\Avira
2008-12-04 08:47 . 2008-12-04 08:47 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\Avira
2008-12-02 12:10 . 2008-12-02 12:10 <DIR> d-------- c:\documents and settings\Ewelina\Dane aplikacji\BearShare
2008-12-01 09:20 . 2008-12-01 09:20 106,496 --a------ c:\windows\system32\ppmdvkmn.dll
2008-11-30 11:02 . 2008-11-30 11:02 <DIR> d--hs---- c:\windows\ftpcache
2008-11-29 20:04 . 2008-11-29 20:04 70,656 --a------ c:\windows\system32\qpsxepkx.dll
2008-11-29 08:19 . 2008-11-20 16:35 579,072 --a------ c:\windows\system32\okxnhtaq
2008-11-26 14:17 . 2008-11-26 14:17 <DIR> d-------- c:\program files\Common Files\Futuremark Shared
2008-11-26 14:11 . 2008-11-26 14:11 <DIR> d-------- c:\program files\SystemRequirementsLab
2008-11-26 14:11 . 2008-11-26 14:11 <DIR> d-------- c:\documents and settings\Luque\SystemRequirementsLab
2008-11-24 06:39 . 2008-11-24 06:39 <DIR> d-------- c:\windows\system32\Futuremark
2008-11-24 06:39 . 2008-05-29 12:33 27,672 -ra------ c:\windows\system32\drivers\Entech.sys
2008-11-24 06:39 . 2001-11-19 18:05 3,972 --------- c:\windows\system32\drivers\PciBus.sys
2008-11-24 06:38 . 2008-11-24 06:38 <DIR> d-------- c:\program files\Futuremark
2008-11-22 11:58 . 2008-11-22 11:58 <DIR> d-------- c:\program files\Auslogics
2008-11-22 11:58 . 2008-11-22 11:58 <DIR> d-------- c:\documents and settings\Wojciech Potępa\Dane aplikacji\Auslogics
2008-11-22 10:34 . 2008-11-22 10:34 104,448 --a------ c:\windows\system32\pyfdax.dll
2008-11-21 08:17 . 2008-11-21 08:17 103,936 --a------ c:\windows\system32\sfjhxf.dll
2008-11-20 18:55 . 2008-11-20 18:55 104,448 --a------ c:\windows\system32\soitxl.dll
2008-11-20 18:55 . 2008-11-20 18:55 104,448 --a------ c:\windows\system32\qakihuha.dll
2008-11-20 16:35 . 2008-11-20 16:35 180,224 --a------ c:\windows\system32\nvaux32.VIR
2008-11-20 16:35 . 2008-11-29 08:18 137,728 --a------ c:\windows\system32\aston.mt
2008-11-20 16:35 . 2008-11-29 10:10 63,488 --a------ c:\windows\system32\rigv.xl
2008-11-20 16:35 . 2008-11-29 10:10 32,768 --a------ c:\windows\system32\fxe.sp
2008-11-20 16:35 . 2008-11-29 10:10 32,768 --a------ c:\windows\system32\fjes.ra
2008-11-18 11:07 . 2008-11-18 11:07 104,448 --a------ c:\windows\system32\qrtdqs.dll
2008-11-16 11:31 . 2008-11-16 11:31 <DIR> d-------- c:\program files\Apple Software Update
2008-11-16 09:11 . 2008-12-04 08:50 86,354 --a------ c:\windows\system32\drivers\6ce7d2e2.sys
2008-11-15 12:49 . 2008-11-15 12:49 <DIR> d-------- c:\documents and settings\Luque\Dane aplikacji\TigerPlayer
2008-11-10 16:28 . 2008-11-10 16:28 104,448 --a------ c:\windows\system32\umrrboyi.dll
2008-11-09 17:32 . 2008-11-09 17:32 <DIR> d-------- c:\documents and settings\Wojciech Potępa\Dane aplikacji\ipla
2008-11-09 11:46 . 2008-11-29 17:50 4,876 --a------ c:\windows\system32\d3d9caps.dat
2008-11-08 12:45 . 2008-11-10 16:01 <DIR> d-------- c:\documents and settings\Luque\Dane aplikacji\BearShare
2008-11-05 20:48 . 2008-11-05 20:48 102,912 --a------ c:\windows\system32\zppegk.dll
2008-11-04 16:59 . 2008-11-04 16:59 68,096 --a------ c:\windows\system32\qgjteagi.dll
2008-11-04 08:48 . 2008-12-04 08:50 100,702 --a------ c:\windows\system32\drivers\f9f2f2b1.sys
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-04 09:32 --------- d-----w c:\program files\DNA
2008-12-04 09:32 --------- d-----w c:\documents and settings\Ewelina\Dane aplikacji\DNA
2008-12-04 09:24 --------- d-----w c:\program files\BitComet
2008-12-04 07:19 --------- d-----w c:\documents and settings\Wojciech Potępa\Dane aplikacji\uTorrent
2008-12-03 16:26 --------- d-----w c:\documents and settings\Luque\Dane aplikacji\Hamachi
2008-12-03 16:24 --------- d-----w c:\documents and settings\Piter\Dane aplikacji\Hamachi
2008-12-02 06:55 --------- d-----w c:\documents and settings\Piter\Dane aplikacji\ipla
2008-11-30 15:24 --------- d-----w c:\documents and settings\Piter\Dane aplikacji\Skype
2008-11-30 15:07 --------- d-----w c:\documents and settings\Piter\Dane aplikacji\skypePM
2008-11-28 21:43 --------- d-----w c:\program files\Common Files\Adobe
2008-11-26 13:17 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-25 19:22 --------- d-----w c:\program files\NAPI-PROJEKT
2008-11-24 18:40 --------- d-----w c:\program files\Gadu-Gadu
2008-11-20 15:35 579,072 ----a-w c:\windows\system32\user32.DLL
2008-11-17 15:45 --------- d-----w c:\program files\Nowe Gadu-Gadu
2008-11-11 14:53 --------- d-----w c:\documents and settings\Ewelina\Dane aplikacji\Sports Interactive
2008-11-10 15:52 --------- d-----w c:\documents and settings\Wojciech Potępa\Dane aplikacji\Sports Interactive
2008-11-10 13:47 --------- d-----w c:\program files\Winamp
2008-11-08 14:13 --------- d-----w c:\program files\Google
2008-11-03 15:10 --------- d-----w c:\program files\Prawo Jazdy 2006
2008-11-02 19:12 --------- d-----w c:\documents and settings\Luque\Dane aplikacji\Sports Interactive
2008-11-02 19:11 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Sports Interactive
2008-11-02 19:03 --------- d-----w c:\program files\Sports Interactive
2008-11-02 11:21 --------- d-----w c:\program files\Opera
2008-11-02 10:18 --------- d-----w c:\program files\Live_TV
2008-11-01 07:25 244,224 ----a-w c:\windows\system32\opnkhEWP.VIR
2008-10-31 17:35 --------- d-----w c:\documents and settings\Piter\Dane aplikacji\BearShare
2008-10-29 21:13 --------- d-----w c:\documents and settings\Wojciech Potępa\Dane aplikacji\Skype
2008-10-29 20:05 --------- d-----w c:\documents and settings\Wojciech Potępa\Dane aplikacji\skypePM
2008-10-28 21:44 1,982 ----a-w c:\windows\system32\ealregsnapshot1.reg
2008-10-28 21:44 --------- d-----w c:\documents and settings\Piter\Dane aplikacji\Leadertech
2008-10-27 18:59 --------- d-----w c:\documents and settings\Wojciech Potępa\Dane aplikacji\Canon
2008-10-27 05:20 101,888 ----a-w c:\windows\system32\qltvijod.dll
2008-10-23 16:49 69,632 ----a-w c:\windows\system32\wjymdgsq.dll
2008-10-23 16:46 101,376 ----a-w c:\windows\system32\zlhfnw.dll
2008-10-22 17:07 --------- d-----w c:\program files\AbiSuite2
2008-10-22 08:52 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Microsoft Help
2008-10-21 10:36 --------- d-----w c:\program files\F-Secure Internet Security
2008-10-21 10:33 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\f-secure
2008-10-21 10:21 101,888 ----a-w c:\windows\system32\pdvnqlky.dll
2008-10-21 09:35 101,888 ----a-w c:\windows\system32\yqauffme.dll
2008-10-21 09:35 101,888 ----a-w c:\windows\system32\vwbtxu.dll
2008-10-20 17:42 --------- d-----w c:\program files\Hamachi
2008-10-20 17:41 25,280 ----a-w c:\windows\system32\drivers\hamachi.sys
2008-10-19 18:32 --------- d-----w c:\program files\Conduit
2008-10-16 17:53 --------- d-----w c:\documents and settings\Piter\Dane aplikacji\Nowe Gadu-Gadu
2008-10-16 09:36 --------- d-----w c:\documents and settings\Luque\Dane aplikacji\Skype
2008-10-16 08:27 --------- d-----w c:\documents and settings\Luque\Dane aplikacji\skypePM
2008-10-16 08:13 --------- d-----w c:\documents and settings\Luque\Dane aplikacji\Nowe Gadu-Gadu
2008-10-15 15:13 68,096 ----a-w c:\windows\system32\qllvfrgr.dll
2008-10-15 12:09 --------- d-----w c:\documents and settings\Ewelina\Dane aplikacji\Leadertech
2008-10-15 11:22 --------- d-----w c:\documents and settings\Ewelina\Dane aplikacji\DAEMON Tools
2008-10-15 07:31 --------- d-----w c:\program files\Chemix
2008-10-15 06:26 --------- d-----w c:\documents and settings\Wojciech Potępa\Dane aplikacji\DAEMON Tools
2008-10-14 20:13 --------- d-----w c:\documents and settings\Luque\Dane aplikacji\F-Secure
2008-10-14 19:36 --------- d-----w c:\documents and settings\Luque\Dane aplikacji\Ahead
2008-10-14 19:34 107,888 ----a-w c:\windows\system32\CmdLineExt.dll
2008-10-14 19:33 --------- d-----w c:\documents and settings\Luque\Dane aplikacji\Leadertech
2008-10-14 19:11 --------- d-----w c:\program files\DAEMON Tools Toolbar
2008-10-14 19:11 --------- d-----w c:\program files\DAEMON Tools Lite
2008-10-14 19:10 --------- d-----w c:\documents and settings\Luque\Dane aplikacji\DAEMON Tools
2008-10-14 19:05 717,296 ----a-w c:\windows\system32\drivers\sptd.sys
2008-10-14 19:05 --------- d-----w c:\documents and settings\Piter\Dane aplikacji\DAEMON Tools
2008-10-12 11:42 --------- d-----w c:\program files\Common Files\NSV
2008-10-11 17:24 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Trymedia
2008-10-09 15:47 --------- d-----w c:\documents and settings\Ewelina\Dane aplikacji\F-Secure
2008-10-09 12:24 --------- d-----w c:\documents and settings\Piter\Dane aplikacji\F-Secure
2008-10-09 12:19 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\fssg
2008-10-09 12:06 --------- d-----w c:\documents and settings\Piter\Dane aplikacji\TigerPlayer
2008-10-06 16:23 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\ipla
2008-10-05 16:47 --------- d-----w c:\program files\ipla
2008-10-05 15:09 --------- d---a-w c:\documents and settings\All Users\Dane aplikacji\TEMP
2008-10-05 15:09 --------- d-----w c:\program files\GameTop.com
2008-10-05 15:05 --------- d-----w c:\documents and settings\Piter\Dane aplikacji\PC Tools
2008-10-05 13:59 --------- d-----w c:\program files\Common Files\PC Tools
2008-10-04 16:03 --------- d-----w c:\documents and settings\Piter\Dane aplikacji\Canon
2008-09-30 13:20 4,608 ----a-w c:\windows\system32\w95inf32.dll
2008-09-30 13:20 2,272 ----a-w c:\windows\system32\w95inf16.dll
.
[color=red] c:\windows\system32\user32.dll ... jest zarażony !! [/color]
578,560 2005-03-02 18:21:08 c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll
579,584 2007-03-08 15:51:57 c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll
578,560 2004-08-03 22:44:14 c:\windows\$NtUninstallKB890859$\user32.dll
578,560 2005-03-02 18:18:38 c:\windows\$NtUninstallKB925902$\user32.dll
578,560 2005-03-02 18:18:38 c:\windows\$NtUninstallKB925902$\user32.dll.000
579,072 2008-11-20 15:35:35 c:\windows\system32\user32.DLL
579,072 2008-11-20 15:35:35 c:\windows\system32\dllcache\user32.dll
------- Sigcheck -------
2005-03-02 19:21 578560 6a93565be9b8422eb7538c66ac732d76 c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll
2007-03-08 16:51 579584 11abdecc02efc1d2b6a6a0fa46c26594 c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll
2004-08-03 23:44 578560 0c81764f50f32d376e6e4b9e9f4b01a0 c:\windows\$NtUninstallKB890859$\user32.dll
2005-03-02 19:18 578560 b7eeb1a1af740306049241ddf61f21ff c:\windows\$NtUninstallKB925902$\user32.dll
2008-11-20 16:35 579072 9e53caa5a0a90105ed98e3d476273505 c:\windows\system32\user32.DLL
2008-11-20 16:35 579072 9e53caa5a0a90105ed98e3d476273505 c:\windows\system32\dllcache\user32.dll
2004-08-03 23:44 82944 ab82237486b727dd7dab36a76f38a3a2 c:\windows\system32\ws2_32.dll
2004-08-03 23:44 82944 ab82237486b727dd7dab36a76f38a3a2 c:\windows\system32\dllcache\ws2_32.dll
2008-06-23 17:16 669696 bc26f2968396842367b02730435dd588 c:\windows\$hf_mig$\KB953838\SP2QFE\wininet.dll
2008-06-23 16:13 668672 28fa0fd33916ebebc3e0dc1410f48651 c:\windows\$hf_mig$\KB953838\SP3GDR\wininet.dll
2008-06-23 15:57 669184 9ea369835e233f077c0d832676a29d40 c:\windows\$hf_mig$\KB953838\SP3QFE\wininet.dll
2004-08-03 23:44 658944 d37dafb534ac8343d59a1b501abe852c c:\windows\$NtUninstallKB953838$\wininet.dll
2008-06-23 16:41 662016 32dc67b19496a88850c892cadf8366e3 c:\windows\ie8\wininet.dll
2008-03-03 19:01 830464 102afb4826c69fe386955e2e77f28040 c:\windows\system32\wininet.dll
2008-03-03 19:01 830464 102afb4826c69fe386955e2e77f28040 c:\windows\system32\dllcache\wininet.dll
2008-06-20 11:44 360960 744e57c99232201ae98c49168b918f48 c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
2008-06-20 12:51 361600 9aefa14bd6b182d61e3119fa5f436d3d c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
2008-06-20 12:59 361600 ad978a1b783b5719720cff204b666c8e c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
2004-08-03 22:14 359040 9f4b36614a0fc234525ba224957de55c c:\windows\$NtUninstallKB951748$\tcpip.sys
2008-06-20 11:45 360320 2a5554fc5b1e04e131230e3ce035c3f9 c:\windows\system32\dllcache\tcpip.sys
2008-06-20 11:45 360320 2a5554fc5b1e04e131230e3ce035c3f9 c:\windows\system32\drivers\tcpip.sys
2004-08-03 23:44 505856 25da11068eb165da00d3ed7eb3c1512e c:\windows\system32\winlogon.exe
2004-08-03 22:14 182912 558635d3af1c7546d26067d5d9b6959e c:\windows\system32\dllcache\ndis.sys
2004-08-03 22:14 182912 558635d3af1c7546d26067d5d9b6959e c:\windows\system32\drivers\ndis.sys
2004-08-03 22:00 29056 4448006b6bc60e6c027932cfc38d6855 c:\windows\system32\dllcache\ip6fw.sys
2004-08-03 22:00 29056 4448006b6bc60e6c027932cfc38d6855 c:\windows\system32\drivers\ip6fw.sys
2005-03-02 19:14 2058240 35d11fdc381536ab95e3005489131f44 c:\windows\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe
2007-02-28 17:09 2060672 2f4a36b1b03d64fb176cb0f3eb597118 c:\windows\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe
2004-08-03 23:54 2058112 44d1bc1b05e0c7c82e81687b79c653c7 c:\windows\$NtUninstallKB890859$\ntkrnlpa.exe
2005-03-02 19:08 2058112 0f6990820c6ce0a7a911fae5937ef1f6 c:\windows\$NtUninstallKB931784$\ntkrnlpa.exe
2007-02-28 17:04 2058880 2bdc1a6cefe320e9c39fabf1961ebb9d c:\windows\Driver Cache\i386\ntkrnlpa.exe
2008-08-14 14:46 2059008 740d5209ce5ec76bb99923a710cd0a53 c:\windows\SoftwareDistribution\Download\e0f2b4f68b88b3164335825c2ea24f7a\SP2GDR\ntkrnlpa.exe
2008-08-14 14:40 2064256 bd1c2093733023e5afc1520c095c2195 c:\windows\SoftwareDistribution\Download\e0f2b4f68b88b3164335825c2ea24f7a\SP2QFE\ntkrnlpa.exe
2008-08-14 14:26 2067328 5ab2f07ad3fd76790294ddccc6e06d46 c:\windows\SoftwareDistribution\Download\e0f2b4f68b88b3164335825c2ea24f7a\SP3GDR\ntkrnlpa.exe
2008-08-14 18:27 2067328 638346856e53887b0c3da62a9ab2c203 c:\windows\SoftwareDistribution\Download\e0f2b4f68b88b3164335825c2ea24f7a\SP3QFE\ntkrnlpa.exe
2007-02-28 17:04 2058880 2bdc1a6cefe320e9c39fabf1961ebb9d c:\windows\system32\ntkrnlpa.exe
2007-02-28 17:04 2058880 2bdc1a6cefe320e9c39fabf1961ebb9d c:\windows\system32\dllcache\ntkrnlpa.exe
2005-03-02 19:14 2180864 dba3e4215279c8012b37d2135b531258 c:\windows\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe
2007-02-28 17:09 2183424 c450518ef9acc02a2d799698021e31a8 c:\windows\$hf_mig$\KB931784\SP2QFE\ntoskrnl.exe
2004-08-03 23:39 2182272 dcf53422b7edded3b7431fbae4a7ee3f c:\windows\$NtUninstallKB890859$\ntoskrnl.exe
2005-03-02 19:09 2180608 3f3612846d67352468d2286fc23fb0c2 c:\windows\$NtUninstallKB931784$\ntoskrnl.exe
2007-02-28 17:04 2181632 c378be3a1edc5e4421d428655ac4a48c c:\windows\Driver Cache\i386\ntoskrnl.exe
2008-08-14 14:46 2181632 1e808411607a060ad7c582b7556c9afa c:\windows\SoftwareDistribution\Download\e0f2b4f68b88b3164335825c2ea24f7a\SP2GDR\ntoskrnl.exe
2008-08-14 14:40 2187264 8eac2f887f5e093186a6b2e548f719ba c:\windows\SoftwareDistribution\Download\e0f2b4f68b88b3164335825c2ea24f7a\SP2QFE\ntoskrnl.exe
2008-08-14 14:26 2190464 9ce159c91e076ff6c25d055310ebb259 c:\windows\SoftwareDistribution\Download\e0f2b4f68b88b3164335825c2ea24f7a\SP3GDR\ntoskrnl.exe
2008-08-14 18:27 2190464 dcdd970025463dfc9676ebe18abd6a86 c:\windows\SoftwareDistribution\Download\e0f2b4f68b88b3164335825c2ea24f7a\SP3QFE\ntoskrnl.exe
2007-02-28 17:04 2181632 c378be3a1edc5e4421d428655ac4a48c c:\windows\system32\ntoskrnl.exe
2007-02-28 17:04 2181632 c378be3a1edc5e4421d428655ac4a48c c:\windows\system32\dllcache\ntoskrnl.exe
2007-06-13 14:23 1036800 421f5b217986acdd7016b6deb039a7b8 c:\windows\explorer.exe
2007-06-13 14:12 1034752 8db0650b211425b9cdb7d1c4a8f6b482 c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
2004-08-03 23:44 1033728 379098a96e6c165b659de7e4328010ea c:\windows\$NtUninstallKB938828$\explorer.exe
2004-08-03 23:44 110080 ba79ea13e862177aa55843006e7f39cb c:\windows\system32\services.exe
2004-08-03 23:44 14336 786c044e17041dbc105656202708c14d c:\windows\system32\lsass.exe
2004-08-03 23:44 15360 cbfa30492d70ce3938d8a7783d0c0436 c:\windows\system32\ctfmon.exe
2004-08-03 23:44 15360 cbfa30492d70ce3938d8a7783d0c0436 c:\windows\system32\dllcache\ctfmon.exe
2005-06-11 01:17 57856 ad3d9d191aea7b5445fe1d82ffbb4788 c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
2004-08-03 23:44 57856 bebe8a85954ff460374fd5a0cd21e19b c:\windows\$NtUninstallKB896423$\spoolsv.exe
2005-06-11 00:53 58368 3513a57ec257df60f641d20031acb383 c:\windows\system32\spoolsv.exe
2004-08-03 23:44 25088 bd768099b4c44aa631728cb74eb54396 c:\windows\system32\userinit.exe
2004-08-03 23:44 25088 bd768099b4c44aa631728cb74eb54396 c:\windows\system32\dllcache\userinit.exe
2004-08-03 23:44 296448 2c28157229925280916b3041ccc5fe4b c:\windows\system32\termsrv.dll
2004-08-03 23:44 296448 2c28157229925280916b3041ccc5fe4b c:\windows\system32\dllcache\termsrv.dll
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BitComet"="c:\program files\BitComet\BitComet.exe" [2008-12-03 2514744]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]
"Gadu-Gadu"="c:\program files\Gadu-Gadu\gg.exe" [2008-03-20 2127296]
"BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2008-11-12 342336]
"ares"="c:\program files\Ares\Ares.exe" [2008-11-23 880640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 185896]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 75304]
"QuickTime Task"="c:\program files\MpcStar\Codecs\QuickTime\qttask.exe" [2008-05-27 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-07-30 289064]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2003-12-13 33792]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-09-01 185896]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-10-01 111936]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"EditLevel"= 0 (0x0)
"NoCommonGroups"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=bylmnk.dll joqjpf.dll fbygow.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.tscc"= c:\progra~1\MpcStar\Codecs\tscc\tsccvid.dll
"vidc.yv12"= c:\progra~1\ACEMEG~1\SystemS\ATI\atiyuv12.DLL
"vidc.divx"= c:\progra~1\ACEMEG~1\SystemS\DivX\DivX520.dll
"wave2"= alcxnt.dll
"aux1"= alcxnt.dll
"mixer1"= alcxnt.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^ComproRemote.lnk]
path=c:\documents and settings\All Users\Menu Start\Programy\Autostart\ComproRemote.lnk
backup=c:\windows\pss\ComproRemote.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^ComproScheduler.lnk]
path=c:\documents and settings\All Users\Menu Start\Programy\Autostart\ComproScheduler.lnk
backup=c:\windows\pss\ComproScheduler.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^ComproSchedulerDTV.lnk]
path=c:\documents and settings\All Users\Menu Start\Programy\Autostart\ComproSchedulerDTV.lnk
backup=c:\windows\pss\ComproSchedulerDTV.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^TweakYC.lnk]
path=c:\documents and settings\All Users\Menu Start\Programy\Autostart\TweakYC.lnk
backup=c:\windows\pss\TweakYC.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
-ra------ 2005-11-28 06:52 77824 c:\windows\system32\hkcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
-ra------ 2005-11-28 06:55 118784 c:\windows\system32\igfxpers.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
-ra------ 2005-11-28 06:55 98304 c:\windows\system32\igfxtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
--a------ 2007-01-08 21:17 52256 c:\program files\CyberLink\PowerDVD\Language\Language.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2007-03-01 13:57 153136 c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nowe Gadu-Gadu]
--a------ 2008-10-10 10:50 6500960 c:\program files\Nowe Gadu-Gadu\gg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
--a------ 2007-03-14 20:01 71216 c:\program files\CyberLink\PowerDVD\PDVDServ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
-ra------ 2008-09-29 16:57 21755688 c:\program files\Skype\Phone\Skype.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2008-09-01 16:42 185896 c:\program files\Common Files\Real\Update_OB\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
--a------ 2005-05-03 17:43 69632 c:\windows\Alcmtr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
--a------ 2008-05-07 14:39 16862208 c:\windows\RTHDCPL.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\EA Sports\\FIFA 08\\FIFA08.exe"=
"c:\\Program Files\\Sports Interactive\\Football Manager 2008\\fm.exe"=
"c:\\Program Files\\Nowe Gadu-Gadu\\gg.exe"=
"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\Ares\\Ares.exe"=
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Gadu-Gadu\\gg.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\Program Files\\FIFA09.exe"=
"c:\\Program Files\\Hamachi\\hamachi.exe"=
"c:\\Program Files\\Sports Interactive\\Football Manager 2009 Demo\\fm.exe"=
"c:\\Documents and Settings\\Piter\\Pulpit\\Skype.exe"=
"c:\\Program Files\\BitComet\\BitComet.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Ares Destiny\\AresDestiny.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"12475:TCP"= 12475:TCP:BitComet 12475 TCP
"12475:UDP"= 12475:UDP:BitComet 12475 UDP
"8461:TCP"= 8461:TCP:GoD High Port
"8462:TCP"= 8462:TCP:GoD Low Port
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"20950:TCP"= 20950:TCP:TORRENT
"49438:TCP"= 49438:TCP:torrent
"9433:TCP"= 9433:TCP:BitComet 9433 TCP
"9433:UDP"= 9433:UDP:BitComet 9433 UDP
.
Zawartość folderu 'Zaplanowane zadania'
2008-12-01 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]
.
- - - - USUNIĘTO PUSTE WPISY - - - -
BHO-{00000000-0000-0000-0281-0cb39c4bca6e} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0000-0000-0542-567e79f147ef} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0000-0000-09f0-b762347e6457} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0000-0000-10ab-0531323e7f06} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0000-0000-13f0-b762347e6457} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0000-0000-1581-0cb39c4bca6e} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0000-0000-26f0-b762347e6457} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0000-0000-2a42-567e79f147ef} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0000-0000-2b81-0cb39c4bca6e} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0000-0000-4cf0-b762347e6457} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0000-0000-82ab-0531323e7f06} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0000-0000-ac81-0cb39c4bca6e} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0000-0001-98f0-b762347e6457} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0000-0002-82ab-0531323e7f06} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0000-0002-98f0-b762347e6457} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0000-0002-ac81-0cb39c4bca6e} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0000-0004-98f0-b762347e6457} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0000-0009-82ab-0531323e7f06} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0000-0009-ac81-0cb39c4bca6e} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0000-0013-82ab-0531323e7f06} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0000-0013-ac81-0cb39c4bca6e} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0000-0026-aa42-567e79f147ef} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0000-0027-98f0-b762347e6457} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0000-004d-ac81-0cb39c4bca6e} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0000-004f-82ab-0531323e7f06} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0000-009a-ac81-0cb39c4bca6e} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0000-009d-98f0-b762347e6457} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0000-0134-ac81-0cb39c4bca6e} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0000-013a-98f0-b762347e6457} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0000-026b-aa42-567e79f147ef} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0000-04d2-ac81-0cb39c4bca6e} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0000-04d7-aa42-567e79f147ef} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0000-09a5-ac81-0cb39c4bca6e} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0000-09d5-98f0-b762347e6457} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0000-134a-ac81-0cb39c4bca6e} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0000-13ab-98f0-b762347e6457} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0000-2694-ac81-0cb39c4bca6e} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0000-27d7-82ab-0531323e7f06} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0000-4d29-ac81-0cb39c4bca6e} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0000-4d72-aa42-567e79f147ef} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0000-4fae-82ab-0531323e7f06} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0001-4ead-98f0-b762347e6457} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0002-4d29-ac81-0cb39c4bca6e} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0003-4d72-aa42-567e79f147ef} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0004-4fae-82ab-0531323e7f06} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0006-4ead-98f0-b762347e6457} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0009-4d29-ac81-0cb39c4bca6e} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0010-4fae-82ab-0531323e7f06} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0012-4d29-ac81-0cb39c4bca6e} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0021-4fae-82ab-0531323e7f06} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0024-4d29-ac81-0cb39c4bca6e} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0033-4ead-98f0-b762347e6457} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0048-4d29-ac81-0cb39c4bca6e} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0075-4d72-aa42-567e79f147ef} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0091-4d29-ac81-0cb39c4bca6e} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-00ce-4ead-98f0-b762347e6457} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-00eb-4d72-aa42-567e79f147ef} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0123-4d29-ac81-0cb39c4bca6e} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0211-4fae-82ab-0531323e7f06} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-03ae-4d72-aa42-567e79f147ef} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0422-4fae-82ab-0531323e7f06} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-048f-4d29-ac81-0cb39c4bca6e} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-075c-4d72-aa42-567e79f147ef} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-091f-4d29-ac81-0cb39c4bca6e} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-0eb9-4d72-aa42-567e79f147ef} - c:\windows\system32\yhjfuown.dll
BHO-{00000000-33b2-4ead-98f0-b762347e6457} - c:\windows\system32\yhjfuown.dll
BHO-{00000001-1089-4fae-82ab-0531323e7f06} - c:\windows\system32\yhjfuown.dll
BHO-{00000002-0eb9-4d72-aa42-567e79f147ef} - c:\windows\system32\yhjfuown.dll
BHO-{00000002-33b2-4ead-98f0-b762347e6457} - c:\windows\system32\yhjfuown.dll
BHO-{00000005-0eb9-4d72-aa42-567e79f147ef} - c:\windows\system32\yhjfuown.dll
BHO-{00000009-48f8-4d29-ac81-0cb39c4bca6e} - c:\windows\system32\yhjfuown.dll
BHO-{0000000a-0eb9-4d72-aa42-567e79f147ef} - c:\windows\system32\yhjfuown.dll
BHO-{0000000b-33b2-4ead-98f0-b762347e6457} - c:\windows\system32\yhjfuown.dll
BHO-{00000013-48f8-4d29-ac81-0cb39c4bca6e} - c:\windows\system32\yhjfuown.dll
BHO-{00000014-0eb9-4d72-aa42-567e79f147ef} - c:\windows\system32\yhjfuown.dll
BHO-{00000026-48f8-4d29-ac81-0cb39c4bca6e} - c:\windows\system32\yhjfuown.dll
BHO-{00000045-1089-4fae-82ab-0531323e7f06} - c:\windows\system32\yhjfuown.dll
BHO-{0000004c-48f8-4d29-ac81-0cb39c4bca6e} - c:\windows\system32\yhjfuown.dll
BHO-{0000005e-33b2-4ead-98f0-b762347e6457} - c:\windows\system32\yhjfuown.dll
BHO-{0000008b-1089-4fae-82ab-0531323e7f06} - c:\windows\system32\yhjfuown.dll
BHO-{00000099-48f8-4d29-ac81-0cb39c4bca6e} - c:\windows\system32\yhjfuown.dll
BHO-{000000a1-0eb9-4d72-aa42-567e79f147ef} - c:\windows\system32\yhjfuown.dll
BHO-{000000BC-33B2-4EAD-98F0-B762347E6457} - c:\windows\system32\yhjfuown.dll
BHO-{00000132-48F8-4D29-AC81-0CB39C4BCA6e} - c:\windows\system32\yhjfuown.dll
BHO-{00000178-33B2-4EAD-98F0-B762347E6457} - c:\windows\system32\yhjfuown.dll
BHO-{00000264-48F8-4D29-AC81-0CB39C4BCA6e} - c:\windows\system32\yhjfuown.dll
BHO-{00000285-0EB9-4D72-AA42-567E79F147Ef} - c:\windows\system32\yhjfuown.dll
BHO-{000004C8-48F8-4D29-AC81-0CB39C4BCA6e} - c:\windows\system32\yhjfuown.dll
BHO-{000008B2-1089-4FAE-82AB-0531323E7F06} - c:\windows\system32\yhjfuown.dll
BHO-{00000990-48F8-4D29-AC81-0CB39C4BCA6e} - c:\windows\system32\yhjfuown.dll
BHO-{00000BC6-33B2-4EAD-98F0-B762347E6457} - c:\windows\system32\yhjfuown.dll
BHO-{00001320-48F8-4D29-AC81-0CB39C4BCA6e} - c:\windows\system32\yhjfuown.dll
BHO-{0000178C-33B2-4EAD-98F0-B762347E6457} - c:\windows\system32\yhjfuown.dll
BHO-{00002641-48F8-4D29-AC81-0CB39C4BCA6e} - c:\windows\system32\yhjfuown.dll
BHO-{00002F18-33B2-4EAD-98F0-B762347E6457} - c:\windows\system32\yhjfuown.dll
BHO-{00004591-1089-4FAE-82AB-0531323E7F06} - c:\windows\system32\yhjfuown.dll
BHO-{00004C82-48F8-4D29-AC81-0CB39C4BCA6e} - c:\windows\system32\yhjfuown.dll
BHO-{00005E30-33B2-4EAD-98F0-B762347E6457} - c:\windows\system32\yhjfuown.dll
BHO-{00009905-48F8-4D29-AC81-0CB39C4BCA6e} - c:\windows\system32\yhjfuown.dll
BHO-{0000A168-0EB9-4D72-AA42-567E79F147Ef} - c:\windows\system32\yhjfuown.dll
BHO-{0001320A-48F8-4D29-AC81-0CB39C4BCA6e} - c:\windows\system32\yhjfuown.dll
BHO-{00022C89-1089-4FAE-82AB-0531323E7F06} - c:\windows\system32\yhjfuown.dll
BHO-{00026415-48F8-4D29-AC81-0CB39C4BCA6e} - c:\windows\system32\yhjfuown.dll
BHO-{0002F187-33B2-4EAD-98F0-B762347E6457} - c:\windows\system32\yhjfuown.dll
BHO-{0004C82A-48F8-4D29-AC81-0CB39C4BCA6e} - c:\windows\system32\yhjfuown.dll
BHO-{00050B47-0EB9-4D72-AA42-567E79F147Ef} - c:\windows\system32\yhjfuown.dll
BHO-{0005E30E-33B2-4EAD-98F0-B762347E6457} - c:\windows\system32\yhjfuown.dll
BHO-{000A168F-0EB9-4D72-AA42-567E79F147Ef} - c:\windows\system32\yhjfuown.dll
BHO-{001320A8-48F8-4D29-AC81-0CB39C4BCA6e} - c:\windows\system32\yhjfuown.dll
BHO-{00142D1E-0EB9-4D72-AA42-567E79F147Ef} - c:\windows\system32\yhjfuown.dll
BHO-{0022C894-1089-4FAE-82AB-0531323E7F06} - c:\windows\system32\gfeeuvsm.dll
BHO-{00264151-48F8-4D29-AC81-0CB39C4BCA6e} - c:\windows\system32\gfeeuvsm.dll
BHO-{002F1877-33B2-4EAD-98F0-B762347E6457} - c:\windows\system32\gfeeuvsm.dll
BHO-{004C82A3-48F8-4D29-AC81-0CB39C4BCA6e} - c:\windows\system32\gfeeuvsm.dll
BHO-{008B2251-1089-4FAE-82AB-0531323E7F06} - c:\windows\system32\gfeeuvsm.dll
BHO-{00990546-48F8-4D29-AC81-0CB39C4BCA6e} - c:\windows\system32\gfeeuvsm.dll
BHO-{011644A3-1089-4FAE-82AB-0531323E7F06} - c:\windows\system32\gfeeuvsm.dll
BHO-{01320A8D-48F8-4D29-AC81-0CB39C4BCA6e} - c:\windows\system32\gfeeuvsm.dll
BHO-{0178C3B8-33B2-4EAD-98F0-B762347E6457} - c:\windows\system32\gfeeuvsm.dll
BHO-{0700EB00-F49C-47DA-8777-A6D37FD101A7} - c:\windows\system32\khfDvwts.dll
BHO-{20B96CEC-E9C7-4D32-8F03-39C59581AA17} - c:\windows\system32\yayvWoMf.dll
BHO-{3FA7DE87-271F-4E53-A27D-334D58D61000} - c:\windows\system32\tuvVmnLf.dll
BHO-{4B3408FA-9FD6-4EE4-93A9-29E0F771EF54} - c:\windows\system32\qoMdETKc.dll
BHO-{54975995-6e64-4fce-b072-7841982308de} - c:\windows\system32\opnkhEWP.dll
BHO-{8FCFAE2D-18BF-4AE9-8C1A-835CA4EC858A} - c:\windows\system32\khfDWPIx.dll
BHO-{ae534fc2-54b2-4f1a-969a-9aed32ecc7e3} - c:\windows\system32\fbygow.dll
BHO-{EEBDAC78-6721-4347-95AE-100C0756C4F3} - c:\windows\system32\awtRIbyv.dll
BHO-{FDED8846-95B0-4005-9E39-9F1720B6815E} - c:\windows\system32\rqRKCttu.dll
ShellExecuteHooks-{FDED8846-95B0-4005-9E39-9F1720B6815E} - c:\windows\system32\rqRKCttu.dll
SSODL-sCzDrx-{9420C3A1-3E8A-690B-4DBD-BC1293A664A2} - c:\windows\system32\ap.dll
Notify-rqRKCttu - rqRKCttu.dll
MSConfigStartUp-QuickTime Task - c:\windows\system32\qttask.exe
MSConfigStartUp-swg - c:\program files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
.
------- Skan uzupełniający -------
.
FireFox -: Profile - c:\documents and settings\Ewelina\Dane aplikacji\Mozilla\Firefox\Profiles\icsp1s7t.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://google.atcomet.com/b/
FF -: plugin - c:\program files\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll
FF -: plugin - c:\program files\DNA\plugins\npbtdna.dll
FF -: plugin - c:\program files\iTunes\Mozilla Plugins\npitunes.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npqtplugin8.dll
FF -: plugin - c:\program files\MpcStar\Codecs\QuickTime\Plugins\npqtplugin.dll
FF -: plugin - c:\program files\MpcStar\Codecs\QuickTime\Plugins\npqtplugin2.dll
FF -: plugin - c:\program files\MpcStar\Codecs\QuickTime\Plugins\npqtplugin3.dll
FF -: plugin - c:\program files\MpcStar\Codecs\QuickTime\Plugins\npqtplugin4.dll
FF -: plugin - c:\program files\MpcStar\Codecs\QuickTime\Plugins\npqtplugin5.dll
FF -: plugin - c:\program files\MpcStar\Codecs\QuickTime\Plugins\npqtplugin6.dll
FF -: plugin - c:\program files\MpcStar\Codecs\QuickTime\Plugins\npqtplugin7.dll
FF -: plugin - c:\program files\MpcStar\Codecs\QuickTime\Plugins\npqtplugin8.dll
FF -: plugin - c:\program files\MpcStar\Codecs\Real\browser\plugins\nppl3260.dll
FF -: plugin - c:\program files\MpcStar\Codecs\Real\browser\plugins\nprpjplug.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-04 10:31:46
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
skanowanie ukrytych procesów ...
skanowanie ukrytych wpisów autostartu ...
skanowanie ukrytych plików ...
skanowanie pomyślnie ukończone
ukryte pliki: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\6ce7d2e2]
"ImagePath"="\SystemRoot\System32\drivers\6ce7d2e2.sys"
--
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\f9f2f2b1]
"ImagePath"="\SystemRoot\System32\drivers\f9f2f2b1.sys"
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
.
**************************************************************************
.
Czas ukończenia: 2008-12-04 10:34:14 - komputer został uruchomiony ponownie [Ewelina]
ComboFix-quarantined-files.txt 2008-12-04 09:34:11
Przed: 4,211,531,776 bajtów wolnych
Po: 8,368,304,128 bajtów wolnych
621 --- E O F --- 2008-10-08 09:38:45
Sorry nie wiedzialam jak wkleić
proszę o pomoc 
codzi co comboefixa - jeszcze raz zainstalować? tylko ze ja wogóle zadnych ikonek ani na pilpicie ani w folderach nie mogę przesuwać 
