Błąd uruchamiania przeglądarki www plus mulenie kompa

**Posty:** 51 · przez **Ice-Man** 21 Gru 2009, 13:18

Witam od weekendu dzieją się bardzo dziwne rzeczy z systemem z tego co do tej pory zauważyłem jest jakiś błąd z uruchamianiem przeglądarki www po włączeniu Mozilli i przeglądaniu stron nagle przeglądarka sama się wyłącza następnie bez restartu systemu nie można już jej uruchomić Windows też działa jakoś dwa razy wolniej.
Sprawdzałem Avastem kompa nic nie wykrył odpaliłem też SuperAnti Spyware coś usuwał ale problem jest dalej.
Umieszczam logi z OTL i HiJacka liczę na waszą pomoc bo nie tak dawno miałem system stawiany na nowo i znowu są jakieś problemy.

OTL

Kod: Zaznacz wszystko: OTL logfile created on: 2009-12-21 12:12:20 - Run 1 OTL by OldTimer - Version 3.1.19.0 Folder = D:\Dokumenty Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 72,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 87,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 35,16 Gb Total Space | 22,88 Gb Free Space | 65,07% Space Free | Partition Type: NTFS Drive D: | 39,37 Gb Total Space | 8,84 Gb Free Space | 22,46% Space Free | Partition Type: NTFS Drive E: | 147,40 Gb Total Space | 139,28 Gb Free Space | 94,49% Space Free | Partition Type: NTFS Drive F: | 147,46 Gb Total Space | 111,24 Gb Free Space | 75,44% Space Free | Partition Type: NTFS Drive G: | 170,90 Gb Total Space | 73,07 Gb Free Space | 42,76% Space Free | Partition Type: NTFS H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: PAWEL-8E2081D52 Current User Name: Pawel Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2009-12-21 12:09:15 | 00,513,536 | ---- | M] (OldTimer Tools) -- D:\Dokumenty\OTL.exe PRC - [2009-11-25 00:51:40 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe PRC - [2009-11-25 00:51:35 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe PRC - [2009-11-25 00:51:21 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe PRC - [2009-11-25 00:48:48 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe PRC - [2009-11-25 00:43:56 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe PRC - [2009-10-30 12:57:08 | 00,369,200 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe PRC - [2009-07-25 04:23:10 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2009-06-03 13:25:25 | 02,131,392 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files\Gadu-Gadu\gg.exe PRC - [2009-01-26 01:23:36 | 01,891,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-12-18 01:26:25 | 07,678,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2008-05-01 23:15:46 | 00,015,872 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerAssistant.exe PRC - [2007-09-02 12:58:52 | 00,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe PRC - [2007-08-23 16:40:48 | 00,079,136 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe PRC - [2007-08-23 16:36:30 | 00,455,968 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe PRC - [2007-06-27 18:04:00 | 01,213,736 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe PRC - [2007-06-27 18:04:00 | 00,279,848 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe PRC - [2007-06-27 18:03:40 | 00,152,872 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe PRC - [2007-06-25 07:47:24 | 01,629,480 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe PRC - [2007-06-25 07:47:12 | 01,552,680 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe PRC - [2007-06-25 07:47:02 | 01,057,064 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\InCD.exe PRC - [2007-01-30 11:54:36 | 16,116,224 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe PRC - [2006-10-31 07:35:00 | 00,155,715 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe PRC - [2006-10-05 19:56:28 | 00,280,779 | ---- | M] () -- C:\WINDOWS\VistaDrive\VistaDrive.exe PRC - [2006-07-07 11:06:08 | 00,839,680 | ---- | M] () -- C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe PRC - [2006-02-28 11:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2009-12-21 12:09:15 | 00,513,536 | ---- | M] (OldTimer Tools) -- D:\Dokumenty\OTL.exe MOD - [2008-05-01 23:15:36 | 00,004,608 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerHook.dll MOD - [2007-09-02 12:57:36 | 00,069,632 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.dll MOD - [2006-12-21 13:30:44 | 00,102,400 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files\Gadu-Gadu\ggwhook.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2009-12-09 14:06:42 | 00,046,456 | ---- | M] () [Disabled | Stopped] -- C:\Documents and Settings\All Users\Dane aplikacji\QuestService\questservice111.exe -- (QuestService Service) SRV - [2009-11-25 00:51:35 | 00,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus) SRV - [2009-11-25 00:51:21 | 00,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner) SRV - [2009-11-25 00:48:48 | 00,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner) SRV - [2009-11-25 00:43:56 | 00,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv) SRV - [2009-07-25 04:23:10 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2009-06-22 23:01:32 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) [Disabled | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2007-08-23 16:40:48 | 00,079,136 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService) SRV - [2007-06-29 18:16:56 | 00,800,040 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService) SRV - [2007-06-27 18:04:00 | 00,279,848 | ---- | M] (Nero AG) [On_Demand | Running] -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService) SRV - [2007-06-25 07:47:12 | 01,552,680 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe -- (InCDsrv) SRV - [2006-10-31 07:35:00 | 00,155,715 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc) SRV - [2006-02-28 11:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service) SRV - [2003-07-28 11:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2009-12-19 10:51:42 | 00,074,480 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL) DRV - [2009-12-19 10:51:41 | 00,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV) DRV - [2009-12-13 18:23:37 | 00,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2009-11-25 00:50:59 | 00,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2) DRV - [2009-11-25 00:50:12 | 00,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP) DRV - [2009-11-25 00:50:00 | 00,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2009-11-25 00:49:07 | 00,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi) DRV - [2009-11-25 00:48:57 | 00,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr) DRV - [2009-11-25 00:47:54 | 00,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2009-06-03 12:48:07 | 00,014,656 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv) DRV - [2009-02-02 05:47:50 | 00,100,736 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvatabus.sys -- (nvatabus) DRV - [2008-10-30 20:10:48 | 00,117,120 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp) DRV - [2008-05-24 21:09:10 | 00,073,728 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive) DRV - [2008-05-13 12:44:00 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM) DRV - [2008-04-15 12:00:00 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2008-04-15 12:00:00 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv) DRV - [2008-04-15 12:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink) DRV - [2007-06-25 07:47:12 | 00,038,440 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDRm.sys -- (incdrm) DRV - [2007-06-25 07:47:12 | 00,036,776 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDPass.sys -- (InCDPass) DRV - [2007-06-25 07:47:02 | 00,119,080 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\WINDOWS\system32\drivers\InCDfs.sys -- (InCDfs) DRV - [2007-03-08 00:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20) DRV - [2007-01-30 11:57:50 | 04,474,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2006-10-31 07:35:00 | 03,964,256 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2006-09-19 07:33:28 | 00,116,992 | ---- | M] (Analog Devices Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e4usbaw.sys -- (e4usbaw) DRV - [2006-09-15 07:37:54 | 00,064,000 | ---- | M] (Analog Deivces) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\e4ldr.sys -- (IKANLOADER2) General Purpose USB Driver (e4ldr.sys) DRV - [2006-06-18 20:21:32 | 00,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8) DRV - [2004-05-05 20:48:40 | 00,004,228 | ---- | M] (PowerQuest Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\PQNTDRV.sys -- (PQNTDrv) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1417001333-1979792683-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT1750559 IE - HKU\S-1-5-21-1417001333-1979792683-1801674531-1004\S-1-5-21-1417001333-1979792683-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1417001333-1979792683-1801674531-1004\S-1-5-21-1417001333-1979792683-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local FF - HKLM\software\mozilla\Firefox\Extensions\\{E63605FC-D583-4C81-867F-9457BDB3EA1B}: C:\Program Files\Web Search Operator\4.1.0.2080\FF [2009-12-20 20:17:24 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{8141440E-08F0-4339-9959-5C31C6A69F23}: C:\Program Files\Automated Content Enhancer\4.1.0.5290\FF [2009-12-20 20:17:29 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{E889F097-B0BE-471B-89AD-B86B6F04B506}: C:\Program Files\Customized Platform Advancer\4.1.0.1960\FF [2009-12-20 20:17:35 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-11-22 23:31:49 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-11-22 23:31:47 | 00,000,000 | ---D | M] [2009-06-03 13:07:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Pawel\Dane aplikacji\Mozilla\Extensions [2009-12-21 11:32:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Pawel\Dane aplikacji\Mozilla\Firefox\Profiles\mtkqubr8.pawel\extensions [2009-06-26 09:33:06 | 00,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Pawel\Dane aplikacji\Mozilla\Firefox\Profiles\mtkqubr8.pawel\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2009-06-16 19:18:13 | 00,000,000 | ---D | M] (BS Player Toolbar) -- C:\Documents and Settings\Pawel\Dane aplikacji\Mozilla\Firefox\Profiles\mtkqubr8.pawel\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} [2009-10-31 21:25:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Pawel\Dane aplikacji\Mozilla\Firefox\Profiles\mtkqubr8.pawel\extensions\firefox@tvunetworks.com [2009-12-21 11:32:53 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2009-12-20 23:22:34 | 00,000,000 | ---D | M] (QuestService) -- C:\Program Files\Mozilla Firefox\extensions\{AAF6454A-4000-4015-84C1-6CD844C06B19} [2009-11-22 23:14:07 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla(2).org [2009-11-22 23:31:50 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org [2008-12-18 01:26:26 | 00,067,688 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\jar50.dll [2008-12-18 01:26:26 | 00,054,368 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\jsd3250.dll [2008-12-18 01:26:26 | 00,034,944 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\myspell.dll [2008-12-18 01:26:26 | 00,046,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\spellchk.dll [2008-12-18 01:26:26 | 00,172,136 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\xpinstal.dll [2006-06-03 17:39:49 | 00,000,904 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2008-06-07 01:50:04 | 00,001,419 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2007-03-31 18:10:44 | 00,000,926 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2006-06-03 17:39:49 | 00,000,866 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2009-12-20 23:22:36 | 00,002,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\questservice111.xml [2008-03-29 22:06:54 | 00,001,198 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2007-01-05 12:40:09 | 00,001,693 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: (742 bytes) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Automated Content Enhancer) - {1D74E9DD-8987-448b-B2CB-67FFF2B8A932} - C:\Program Files\Automated Content Enhancer\4.1.0.5290\ACEIEAddOn.dll () O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll (www.flashget.com) O2 - BHO: (Customized Platform Advancer) - {42C7C39F-3128-4a17-BDB7-91C46032B5B9} - C:\Program Files\Customized Platform Advancer\4.1.0.1960\CPAIEAddOn.dll () O2 - BHO: (Content Management Wizard) - {B72681C0-A222-4b21-A0E2-53A5A5CA3D41} - C:\Program Files\Content Management Wizard\1.1.0.1990\CMWIE.dll () O2 - BHO: (Textual Content Provider) - {CAC89FF9-34A9-4431-8CFE-292A47F843BC} - C:\Program Files\Textual Content Provider\1.1.0.1810\TCPIE.dll () O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (FlashFXP Helper for Internet Explorer) - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\Program Files\FlashFXP\IEFlash.dll (IniCom Networks, Inc.) O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) O2 - BHO: (Web Search Operator) - {EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431} - C:\Program Files\Web Search Operator\4.1.0.2080\WSO.dll () O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll (www.flashget.com) O2 - BHO: (BS Player Toolbar) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_0.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (BS Player Toolbar) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_0.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-1417001333-1979792683-1801674531-1004\..\Toolbar\WebBrowser: (no name) - {D45817B8-3EAD-4D1D-8FCA-EC63A8E35DE2} - No CLSID value found. O3 - HKU\S-1-5-21-1417001333-1979792683-1801674531-1004\..\Toolbar\WebBrowser: (BS Player Toolbar) - {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - C:\Program Files\BS_Player\tbBS_0.dll (Conduit Ltd.) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software) O4 - HKLM..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe (Nero AG) O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe (Nero AG) O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe () O4 - HKLM..\Run: [VistaDrive] C:\WINDOWS\VistaDrive\VistaDrive.exe () O4 - HKU\.DEFAULT..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe () O4 - HKU\S-1-5-18..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe () O4 - HKU\S-1-5-20..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe () O4 - HKU\S-1-5-21-1417001333-1979792683-1801674531-1004..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG) O4 - HKU\S-1-5-21-1417001333-1979792683-1801674531-1004..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-1417001333-1979792683-1801674531-1004..\Run: [EPSON Stylus D92 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBZE.EXE (SEIKO EPSON CORPORATION) O4 - HKU\S-1-5-21-1417001333-1979792683-1801674531-1004..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.) O4 - HKU\S-1-5-21-1417001333-1979792683-1801674531-1004..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company) O4 - HKU\S-1-5-21-1417001333-1979792683-1801674531-1004..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe () O4 - HKU\.DEFAULT..\RunOnce: [_nltide_2] File not found O4 - HKU\.DEFAULT..\RunOnce: [_nltide_3] C:\WINDOWS\System32\advpack.dll (Microsoft Corporation) O4 - HKU\S-1-5-18..\RunOnce: [_nltide_2] File not found O4 - HKU\S-1-5-18..\RunOnce: [_nltide_3] C:\WINDOWS\System32\advpack.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [_nltide_2] File not found O4 - HKU\S-1-5-20..\RunOnce: [_nltide_3] C:\WINDOWS\System32\advpack.dll (Microsoft Corporation) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1417001333-1979792683-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: &Ściągnij przy pomocy FlashGet'a - C:\Program Files\FlashGet\JC_LINK.HTM () O8 - Extra context menu item: &Ściągnij wszystko przy pomocy FlashGet'a - C:\Program Files\FlashGet\JC_ALL.HTM () O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com) O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-03 12:28:21 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - comfile [open] -- "%1" %* O35 - exefile [open] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2009-12-21 12:00:20 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Pawel\Recent [2009-12-20 20:18:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Pawel\Ustawienia lokalne\Dane aplikacji\Textual Content Provider [2009-12-20 20:18:12 | 00,000,000 | ---D | C] -- C:\Program Files\QuestService [2009-12-20 20:18:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\QuestService [2009-12-20 20:18:04 | 00,000,000 | ---D | C] -- C:\Program Files\Textual Content Provider [2009-12-20 20:17:56 | 00,000,000 | ---D | C] -- C:\Program Files\Content Management Wizard [2009-12-20 20:17:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Pawel\Ustawienia lokalne\Dane aplikacji\Internet Today [2009-12-20 20:17:46 | 00,000,000 | ---D | C] -- C:\Program Files\Internet Today [2009-12-20 20:17:35 | 00,000,000 | ---D | C] -- C:\Program Files\Customized Platform Advancer [2009-12-20 20:17:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Pawel\Ustawienia lokalne\Dane aplikacji\Customized Platform Advancer [2009-12-20 20:17:29 | 00,000,000 | ---D | C] -- C:\Program Files\Automated Content Enhancer [2009-12-20 20:17:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Pawel\Ustawienia lokalne\Dane aplikacji\Automated Content Enhancer [2009-12-20 20:17:24 | 00,000,000 | ---D | C] -- C:\Program Files\Web Search Operator [2009-12-20 20:17:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Pawel\Ustawienia lokalne\Dane aplikacji\Web Search Operator [2009-12-20 20:17:10 | 00,000,000 | ---D | C] -- C:\Program Files\HottieStar Toolbar [2009-12-20 20:16:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Pawel\Ustawienia lokalne\Dane aplikacji\HottieStar Toolbar [2009-12-17 23:27:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\SUPERAntiSpyware.com [2009-12-17 23:27:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Pawel\Dane aplikacji\SUPERAntiSpyware.com [2009-12-17 23:27:29 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware [2009-12-13 18:48:18 | 03,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll [2009-12-13 18:48:18 | 00,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll [2009-12-13 18:48:18 | 00,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll [2009-12-13 18:48:17 | 02,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll [2009-12-13 18:48:17 | 00,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll [2009-12-13 18:48:17 | 00,068,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll [2009-12-13 18:48:17 | 00,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll [2009-12-13 18:47:15 | 00,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies [2009-12-13 18:47:15 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\AGEIA [2009-12-13 18:47:00 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard [2009-12-13 18:46:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Pawel\Moje dokumenty\My Games [2009-12-13 18:23:30 | 00,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite [2009-12-13 18:23:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Pawel\Dane aplikacji\DAEMON Tools Lite [2009-12-13 18:23:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2009-12-13 18:15:11 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\EZB Systems [2009-12-13 18:15:10 | 00,000,000 | ---D | C] -- C:\Program Files\UltraISO [2009-12-13 18:15:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Pawel\Moje dokumenty\My ISO Files [2009-12-12 16:09:39 | 00,000,000 | ---D | C] -- C:\Rapidleech PlugMod v41 [2009-12-01 23:51:43 | 00,000,000 | ---D | C] -- C:\Program Files\AIDA32 - Personal System Information [2009-12-01 23:28:11 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2009-11-28 18:46:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Pawel\Moje dokumenty\KONAMI [2009-11-28 18:39:38 | 00,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll [2009-11-28 18:39:37 | 00,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll [2009-11-28 18:39:37 | 00,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll [2009-11-28 18:39:37 | 00,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll [2009-11-28 18:39:37 | 00,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll [2009-11-28 18:39:31 | 00,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll [2009-11-28 18:39:31 | 00,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll [2009-11-28 18:39:30 | 02,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll [2009-11-28 18:39:29 | 02,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_25.dll [2009-11-28 18:39:29 | 02,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll [2009-11-28 18:39:29 | 02,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll [2009-11-28 18:39:29 | 00,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll [2009-11-28 18:39:28 | 02,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll [2009-11-25 13:42:42 | 01,447,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll [2009-11-25 13:42:42 | 01,172,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml3.dll [2009-06-30 18:13:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\BS_Player [2009-06-30 18:13:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Apple [2009-06-03 14:21:39 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft [2009-06-03 12:28:17 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft [2009-06-03 12:28:17 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft [2009-06-03 12:28:03 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\Documents and Settings\Pawel\*.tmp files -> C:\Documents and Settings\Pawel\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2009-12-21 12:06:19 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2009-12-21 12:06:15 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2009-12-21 12:06:13 | 00,081,496 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2009-12-21 12:06:08 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2009-12-21 12:05:25 | 05,505,024 | ---- | M] () -- C:\Documents and Settings\Pawel\NTUSER.DAT [2009-12-21 12:05:10 | 00,000,188 | -HS- | M] () -- C:\Documents and Settings\Pawel\ntuser.ini [2009-12-21 11:48:40 | 00,000,507 | ---- | M] () -- C:\WINDOWS\win.ini [2009-12-21 11:48:40 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini [2009-12-21 11:48:40 | 00,000,223 | RHS- | M] () -- C:\boot.ini [2009-12-20 21:02:08 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2009-12-20 20:57:29 | 00,121,344 | ---- | M] () -- C:\Documents and Settings\Pawel\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-12-20 17:06:10 | 00,218,491 | ---- | M] () -- C:\25301_NB_-_BABY_DOLL_idx_123_1090lo.jpg [2009-12-20 12:44:50 | 00,346,543 | ---- | M] () -- C:\Punished in Disco.jpg [2009-12-20 12:02:43 | 01,115,590 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2009-12-20 12:02:43 | 00,500,302 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2009-12-20 12:02:43 | 00,441,260 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2009-12-20 12:02:43 | 00,088,838 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2009-12-20 12:02:43 | 00,071,196 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2009-12-17 23:27:31 | 00,000,780 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\SUPERAntiSpyware Free Edition.lnk [2009-12-15 19:13:01 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2009-12-13 18:46:53 | 00,000,832 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Streets of Moscow.lnk [2009-12-13 18:23:40 | 00,001,613 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk [2009-12-13 18:23:37 | 00,691,696 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys [2009-12-13 18:15:12 | 00,001,548 | ---- | M] () -- C:\Documents and Settings\Pawel\Pulpit\UltraISO.lnk [2009-12-02 22:14:08 | 00,002,645 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2009-12-01 23:51:44 | 00,000,758 | ---- | M] () -- C:\Documents and Settings\Pawel\Pulpit\AIDA32.lnk [2009-11-28 23:00:09 | 04,768,268 | -H-- | M] () -- C:\Documents and Settings\Pawel\Ustawienia lokalne\Dane aplikacji\IconCache.db [2009-11-26 14:34:53 | 41,911,522 | ---- | M] () -- C:\Avast4.8.1358.Pro.rar [2009-11-25 00:54:29 | 01,280,480 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe [2009-11-25 00:51:09 | 00,093,424 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2009-11-25 00:50:59 | 00,094,160 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2009-11-25 00:50:12 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2009-11-25 00:50:00 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2009-11-25 00:49:07 | 00,048,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2009-11-25 00:48:57 | 00,023,120 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2009-11-25 00:47:54 | 00,027,408 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [2009-11-25 00:47:28 | 00,097,480 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr [2009-11-22 23:31:50 | 00,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2009-11-22 23:12:00 | 00,000,335 | ---- | M] () -- C:\WINDOWS\mozregistry.dat [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\Documents and Settings\Pawel\*.tmp files -> C:\Documents and Settings\Pawel\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2009-12-20 17:06:10 | 00,218,491 | ---- | C] () -- C:\25301_NB_-_BABY_DOLL_idx_123_1090lo.jpg [2009-12-20 12:44:49 | 00,346,543 | ---- | C] () -- C:\Punished in Disco.jpg [2009-12-17 23:27:30 | 00,000,780 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\SUPERAntiSpyware Free Edition.lnk [2009-12-13 18:46:53 | 00,000,832 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Streets of Moscow.lnk [2009-12-13 18:23:40 | 00,001,613 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk [2009-12-13 18:23:36 | 00,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2009-12-13 18:15:12 | 00,001,548 | ---- | C] () -- C:\Documents and Settings\Pawel\Pulpit\UltraISO.lnk [2009-12-01 23:51:44 | 00,000,758 | ---- | C] () -- C:\Documents and Settings\Pawel\Pulpit\AIDA32.lnk [2009-11-26 14:29:28 | 41,911,522 | ---- | C] () -- C:\Avast4.8.1358.Pro.rar [2009-11-22 23:31:50 | 00,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2009-11-22 23:23:20 | 00,397,317 | ---- | C] () -- C:\Documents and Settings\Pawel\Moje dokumenty\formhistory.dat [2009-11-22 23:23:20 | 00,028,934 | ---- | C] () -- C:\Documents and Settings\Pawel\Moje dokumenty\history.dat [2009-11-22 23:12:00 | 00,000,335 | ---- | C] () -- C:\WINDOWS\mozregistry.dat [2009-10-04 14:00:49 | 00,000,062 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini [2009-06-23 22:06:34 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009-06-23 11:17:46 | 00,000,026 | ---- | C] () -- C:\WINDOWS\CDED92Exp.ini [2009-06-17 15:07:29 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll [2009-06-08 19:36:05 | 00,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2009-06-08 19:36:04 | 00,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2009-06-08 19:36:02 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2009-06-08 19:36:02 | 00,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2009-06-08 19:36:02 | 00,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2009-06-08 19:36:00 | 00,084,480 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2009-06-08 19:36:00 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2009-06-07 21:38:22 | 00,000,065 | ---- | C] () -- C:\WINDOWS\dartemup.ini [2009-06-04 13:55:13 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll [2009-06-04 13:55:10 | 00,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll [2009-06-04 13:55:03 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll [2009-06-04 13:55:01 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll [2009-06-04 13:54:44 | 00,009,216 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll [2009-06-03 17:22:34 | 00,000,831 | ---- | C] () -- C:\WINDOWS\wincmd.ini [2009-06-03 13:33:26 | 00,121,344 | ---- | C] () -- C:\Documents and Settings\Pawel\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-06-03 12:35:02 | 00,000,081 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI [2009-06-03 12:30:53 | 00,068,608 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2009-06-03 10:30:23 | 00,000,168 | ---- | C] () -- C:\WINDOWS\adidsl.ini [2009-06-03 10:30:23 | 00,000,021 | ---- | C] () -- C:\WINDOWS\Fast800.ini [2009-06-03 10:30:19 | 00,001,094 | ---- | C] () -- C:\WINDOWS\adiras.ini [2009-06-03 10:30:18 | 00,126,976 | ---- | C] () -- C:\WINDOWS\System32\coclassfast.dll [2009-06-03 10:30:17 | 00,046,892 | ---- | C] () -- C:\WINDOWS\System32\ADADIX16.DLL [2009-02-02 02:02:33 | 00,394,240 | ---- | C] () -- C:\WINDOWS\System32\HMTCD.dll [2008-04-15 12:00:00 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\CopyToSendTo.dll [2007-02-20 13:59:08 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2007-02-20 13:59:06 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2007-02-20 13:59:06 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2007-02-20 13:59:06 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2007-02-20 13:59:06 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2007-02-20 13:59:06 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2007-02-20 13:59:06 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2007-02-20 13:59:06 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2007-02-20 13:59:04 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2007-02-20 12:24:46 | 00,071,208 | ---- | C] () -- C:\WINDOWS\System32\PhysXLoader.dll [2006-10-31 07:35:00 | 01,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2006-10-31 07:35:00 | 01,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2006-10-31 07:35:00 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2006-10-31 07:35:00 | 00,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll [2006-10-31 07:35:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2006-10-31 07:35:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2006-10-31 07:35:00 | 00,196,608 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll [color=#E56717]========== LOP Check ==========[/color] [2009-12-13 18:23:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2009-06-23 11:22:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\EPSON [2009-06-03 13:26:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\FlashFXP [2009-06-23 18:01:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\LightScribe [2009-12-20 20:20:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\QuestService [2009-11-20 22:15:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Pawel\Dane aplikacji\BESTplayer [2009-06-16 19:22:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Pawel\Dane aplikacji\BSplayer [2009-06-16 19:18:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Pawel\Dane aplikacji\BSplayer Pro [2009-12-13 18:44:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Pawel\Dane aplikacji\DAEMON Tools Lite [2009-06-03 13:25:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Pawel\Dane aplikacji\Gadu-Gadu [2009-06-09 20:47:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Pawel\Dane aplikacji\IceChat [2009-06-03 13:22:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Pawel\Dane aplikacji\Nowe Gadu-Gadu [2009-12-18 18:28:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Pawel\Dane aplikacji\uTorrent [color=#E56717]========== Purity Check ==========[/color] < End of report >

HiJack

Kod: Zaznacz wszystko: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:19:01, on 2009-12-21 Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\VistaDrive\VistaDrive.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe C:\Program Files\Nero\Nero 7\InCD\InCD.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Gadu-Gadu\gg.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files\DAEMON Tools Lite\DTLite.exe C:\Program Files\RocketDock\RocketDock.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\taskmgr.exe D:\Dokumenty\OTL.exe D:\Dokumenty\Soft\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT1750559 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: Automated Content Enhancer - {1D74E9DD-8987-448b-B2CB-67FFF2B8A932} - C:\Program Files\Automated Content Enhancer\4.1.0.5290\ACEIEAddOn.dll O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll O2 - BHO: Customized Platform Advancer - {42C7C39F-3128-4a17-BDB7-91C46032B5B9} - C:\Program Files\Customized Platform Advancer\4.1.0.1960\CPAIEAddOn.dll O2 - BHO: Content Management Wizard - {B72681C0-A222-4b21-A0E2-53A5A5CA3D41} - C:\Program Files\Content Management Wizard\1.1.0.1990\CMWIE.dll O2 - BHO: Textual Content Provider - {CAC89FF9-34A9-4431-8CFE-292A47F843BC} - C:\Program Files\Textual Content Provider\1.1.0.1810\TCPIE.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: Web Search Operator - {EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431} - C:\Program Files\Web Search Operator\4.1.0.2080\wso.dll O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll O2 - BHO: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_0.dll O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_0.dll O4 - HKLM\..\Run: [VistaDrive] C:\WINDOWS\VistaDrive\VistaDrive.exe O4 - HKLM\..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe -H O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray O4 - HKCU\..\Run: [EPSON Stylus D92 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBZE.EXE /FU "C:\WINDOWS\TEMP\E_S130.tmp" /EF "HKCU" O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-20\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user') O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O8 - Extra context menu item: &Ściągnij przy pomocy FlashGet'a - C:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: &Ściągnij wszystko przy pomocy FlashGet'a - C:\Program Files\FlashGet\jc_all.htm O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{76F8C663-641E-4549-91D8-B3442C8121CD}: NameServer = 194.204.152.34 194.204.159.1 O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 8873 bytes

**Posty:** 2183 · przez **NieWiem** 21 Gru 2009, 13:35

Siedzi Gameztar, ale nie widzę niczego, co miałoby wpływa na problemy z przeglądarką...

Przeczytaj uważnie instrukcję programu ComboFix, po czym wyłącz swój program antywirusowy, firewall i inne programy, które mogą zakłócać nawet pobieranie ComboFixa twierdząc, że jest wirusem. Nie jest! Spokojnie go ściągnij i zapisz na pulpicie.
Pobierz:
- LINK #1
- LINK #2
Pozamykaj wszystkie otwarte okna, komunikatory, programy. ComboFixowi nie powinno sie przeszkadzać.
Uruchom program z dwukliku (VISTA: prawoklik i 'uruchom jako administrator').
Pozwól mu spokojnie działać, nie klikaj ani nie stukaj w klawiaturę - to może spwodować zawieszenie się komputera.
Zalecane jest też instalowanie konsoli odzyskiwania, jeśli ComboFix o nią poprosi. Dzięki niej można odrolować zmiany w przypadku pomyłki narzędzia.
Jeśli będzie potrzeba - zgódź się na restart.
Kiedy program skończy, wytworzy loga (będzie on także w pliku C:\ComboFix.txt), którego wklej w odpowiedzi, pamiętając o tagach [code] lub na http://www.wklej.org.

[center]

[/center]

Pobierz program DDS:
Kliknij dwukrotnie na ikonę, aby uruchomić program (użytkownicy systemów Vista oraz Se7en => prawoklik oraz wybrać opcję Uruchom jako Administrator).
Wyskoczy DOSowe okienko informujące, że w tle odbywa się nieingerencyjne skanowanie. Gdy zostanie zakończone, zostanie pokazane okno z komunikatem.
Wygenerowane przez program logi DDS.txt oraz Attach.txt proszę załączyć w poście w tagach [code] lub wkleić na stronie http://www.wklej.org.

**Posty:** 51 · przez **Ice-Man** 21 Gru 2009, 14:01

Zrobiłem wszystko według wskazówek nie mogłem tylko zainstalować tej konsoli odzyskiwania ComboFix zrestartował kompa po restarcie w okienku Dosowym uruchomił sprawdzanie i pytanie o instalacje tej konsoli a nie mogłem już wtedy podłączyć się do sieci bo mam neostrade ale reszta przebiegła bez problemów.
Umieszczam logi

ComboFix

Kod: Zaznacz wszystko: ComboFix 09-12-20.04 - Pawel 2009-12-21 12:45:17.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1250.48.1045.18.1983.1503 [GMT 1:00] Uruchomiony z: C:\ComboFix.exe AV: avast! antivirus 4.8.1368 [VPS 091221-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !! . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\Automated Content Enhancer\4.1.0.5290\ACEIeaddon.dll c:\program files\Content Management Wizard\1.1.0.1990\CMWIe.dll c:\program files\Customized Platform Advancer\4.1.0.1960\CPAIeaddon.dll c:\program files\Textual Content Provider\1.1.0.1810\TCPIe.dll c:\program files\Web Search Operator\4.1.0.2080\wsO.dll . ((((((((((((((((((((((((((((((((((((((( Sterowniki/Usługi ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_RDPWD -------\Service_TDTCP ((((((((((((((((((((((((( Pliki utworzone od 2009-11-21 do 2009-12-21 ))))))))))))))))))))))))))))))) . 2009-12-21 11:50 . 2009-12-21 11:50 -------- d-----w- c:\windows\system32\wbem\snmp 2009-12-21 11:50 . 2009-12-21 11:50 -------- d-----w- c:\windows\srchasst 2009-12-21 11:41 . 2009-12-21 11:41 3859344 ----a-r- C:\ComboFix.exe 2009-12-20 19:20 . 2009-12-09 13:06 46456 ----a-w- c:\documents and settings\All Users\Dane aplikacji\QuestService\questservice111.exe 2009-12-20 19:20 . 2009-12-20 19:20 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache 2009-12-20 19:18 . 2009-12-20 19:18 -------- d-----w- c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Textual Content Provider 2009-12-20 19:18 . 2009-12-21 09:17 -------- d-----w- c:\program files\QuestService 2009-12-20 19:18 . 2009-12-20 19:20 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\QuestService 2009-12-20 19:18 . 2009-12-20 19:18 -------- d-----w- c:\program files\Textual Content Provider 2009-12-20 19:17 . 2009-12-20 19:17 -------- d-----w- c:\program files\Content Management Wizard 2009-12-20 19:17 . 2009-12-20 19:17 -------- d-----w- c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Internet Today 2009-12-20 19:17 . 2009-12-20 19:17 -------- d-----w- c:\program files\Internet Today 2009-12-20 19:17 . 2009-12-20 19:17 -------- d-----w- c:\program files\Customized Platform Advancer 2009-12-20 19:17 . 2009-12-20 19:17 -------- d-----w- c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Customized Platform Advancer 2009-12-20 19:17 . 2009-12-20 19:17 -------- d-----w- c:\program files\Automated Content Enhancer 2009-12-20 19:17 . 2009-12-20 19:17 -------- d-----w- c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Automated Content Enhancer 2009-12-20 19:17 . 2009-12-20 19:17 -------- d-----w- c:\program files\Web Search Operator 2009-12-20 19:17 . 2009-12-20 19:17 -------- d-----w- c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Web Search Operator 2009-12-20 19:17 . 2009-12-21 09:24 -------- d-----w- c:\program files\HottieStar Toolbar 2009-12-20 19:16 . 2009-12-21 09:24 -------- d-----w- c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\HottieStar Toolbar 2009-12-19 09:53 . 2009-12-19 09:53 117760 ----a-w- c:\documents and settings\Pawel\Dane aplikacji\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL 2009-12-13 17:23 . 2009-12-13 17:23 691696 ----a-w- c:\windows\system32\drivers\sptd.sys 2009-12-13 17:23 . 2009-12-13 17:41 -------- d-----w- c:\program files\DAEMON Tools Lite 2009-12-13 17:23 . 2009-12-13 17:44 -------- d-----w- c:\documents and settings\Pawel\Dane aplikacji\DAEMON Tools Lite 2009-12-13 17:23 . 2009-12-13 17:23 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\DAEMON Tools Lite 2009-12-13 17:15 . 2009-12-13 17:15 -------- d-----w- c:\program files\Common Files\EZB Systems 2009-12-13 17:15 . 2009-12-13 17:15 -------- d-----w- c:\program files\UltraISO 2009-12-12 15:09 . 2009-06-28 18:39 -------- d-----w- C:\Rapidleech PlugMod v41 2009-12-01 22:51 . 2009-12-01 22:51 -------- d-----w- c:\program files\AIDA32 - Personal System Information 2009-11-28 17:32 . 2008-04-14 05:15 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys 2009-11-25 12:42 . 2009-07-31 04:30 1447424 ------w- c:\windows\system32\dllcache\msxml6.dll 2009-11-25 12:42 . 2009-07-31 04:30 1172480 ------w- c:\windows\system32\dllcache\msxml3.dll 2009-11-22 22:14 . 2009-11-22 22:14 -------- d-----w- c:\windows\system32\wbem\Repository 2009-11-22 22:12 . 2009-11-22 22:12 335 ----a-w- c:\windows\mozregistry.dat . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-12-21 11:50 . 2009-06-03 11:43 14792 ----a-w- c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT 2009-12-21 11:50 . 2009-12-21 11:50 -------- d-----w- c:\program files\microsoft frontpage 2009-12-20 22:22 . 2009-06-03 13:58 -------- d-----w- c:\program files\FlashGet 2009-12-20 11:02 . 2008-04-15 11:00 88838 ----a-w- c:\windows\system32\perfc015.dat 2009-12-20 11:02 . 2008-04-15 11:00 500302 ----a-w- c:\windows\system32\perfh015.dat 2009-12-19 09:51 . 2009-12-17 22:27 -------- d-----w- c:\program files\SUPERAntiSpyware 2009-12-18 17:28 . 2009-06-03 17:49 -------- d-----w- c:\documents and settings\Pawel\Dane aplikacji\uTorrent 2009-12-17 22:27 . 2009-12-17 22:27 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\SUPERAntiSpyware.com 2009-12-17 22:27 . 2009-12-17 22:27 -------- d-----w- c:\documents and settings\Pawel\Dane aplikacji\SUPERAntiSpyware.com 2009-12-17 22:27 . 2009-12-13 17:47 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard 2009-12-13 17:47 . 2009-12-13 17:47 -------- d-----w- c:\program files\AGEIA Technologies 2009-12-13 17:44 . 2009-06-03 09:20 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-11-24 23:54 . 2009-09-06 19:55 1280480 ----a-w- c:\windows\system32\aswBoot.exe 2009-11-24 23:51 . 2009-09-06 19:56 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys 2009-11-24 23:50 . 2009-09-06 19:56 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2009-11-24 23:50 . 2009-09-06 19:56 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys 2009-11-24 23:50 . 2009-09-06 19:56 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2009-11-24 23:49 . 2009-09-06 19:56 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2009-11-24 23:48 . 2009-09-06 19:56 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2009-11-24 23:47 . 2009-09-06 19:56 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2009-11-24 23:47 . 2009-09-06 19:56 97480 ----a-w- c:\windows\system32\AvastSS.scr 2009-11-22 22:20 . 2009-06-16 18:18 -------- d-----w- c:\program files\BS_Player 2009-11-20 21:15 . 2009-06-03 12:42 -------- d-----w- c:\documents and settings\Pawel\Dane aplikacji\BESTplayer 2009-10-31 20:25 . 2009-10-31 20:25 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\TVU Networks 2009-10-31 20:25 . 2009-10-31 20:25 -------- d-----w- c:\program files\TVUPlayer 2009-10-29 07:43 . 2009-02-02 15:08 916480 ----a-w- c:\windows\system32\wininet.dll 2009-10-22 15:55 . 2009-10-31 20:25 5562672 ----a-w- C:\TVUPlayer2.4.9.1.exe 2009-10-21 05:40 . 2008-04-15 11:00 75776 ----a-w- c:\windows\system32\strmfilt.dll 2009-10-21 05:40 . 2008-04-15 11:00 25088 ----a-w- c:\windows\system32\httpapi.dll 2009-10-20 16:20 . 2008-04-15 11:00 265728 ----a-w- c:\windows\system32\drivers\http.sys 2009-10-16 07:50 . 2009-10-16 07:50 2520888 ----a-w- c:\documents and settings\Pawel\Dane aplikacji\Mozilla\Firefox\Profiles\mtkqubr8.pawel\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll 2009-10-13 10:34 . 2008-04-15 11:00 271360 ----a-w- c:\windows\system32\oakley.dll 2009-10-12 13:40 . 2008-04-15 11:00 79872 ----a-w- c:\windows\system32\raschap.dll 2009-10-12 13:40 . 2008-04-15 11:00 150016 ----a-w- c:\windows\system32\rastls.dll 2008-12-18 00:26 . 2009-11-22 22:31 67688 ----a-w- c:\program files\mozilla firefox\components\jar50.dll 2008-12-18 00:26 . 2009-11-22 22:31 54368 ----a-w- c:\program files\mozilla firefox\components\jsd3250.dll 2008-12-18 00:26 . 2009-11-22 22:31 34944 ----a-w- c:\program files\mozilla firefox\components\myspell.dll 2008-12-18 00:26 . 2009-11-22 22:31 46712 ----a-w- c:\program files\mozilla firefox\components\spellchk.dll 2008-12-18 00:26 . 2009-11-22 22:31 172136 ----a-w- c:\program files\mozilla firefox\components\xpinstal.dll . ------- Sigcheck ------- [-] 2009-02-02 . 1F39C7BDBA4C5F3F01C4EABF7EDBF4B3 . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys [-] 2009-02-02 . 8E7D194E90785C22A61AEC1F66D5DEA0 . 571904 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe [-] 2009-02-02 . 97E18DDA3AC03D676326C697A5F91375 . 662528 . . [5.82] . . c:\windows\system32\comctl32.dll [-] 2009-02-02 . D8824DEDA13325504943129EE394F538 . 518144 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll [-] 2009-01-26 . D2AA6D06CFF82F21A7294448D785C64D . 1891328 . . [6.00.2900.5512] . . c:\windows\explorer.exe [-] 2009-02-02 . 399E8AA327066D1336F8FB28BBC216A0 . 37888 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe [-] 2009-02-02 01:21 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}] 2009-11-22 22:20 2166296 ----a-w- c:\program files\BS_Player\tbBS_0.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\program files\BS_Player\tbBS_0.dll" [2009-11-22 2166296] [HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}"= "c:\program files\BS_Player\tbBS_0.dll" [2009-11-22 2166296] [HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Gadu-Gadu"="c:\program files\Gadu-Gadu\gg.exe" [2009-06-03 2131392] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872] "LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-08-23 455968] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200] "RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "VistaDrive"="c:\windows\VistaDrive\VistaDrive.exe" [2006-10-05 280779] "UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2008-05-01 15872] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-31 7634944] "nwiz"="nwiz.exe" [2006-10-31 1622016] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-31 86016] "RTHDCPL"="RTHDCPL.EXE" [2007-01-30 16116224] "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136] "SecurDisc"="c:\program files\Nero\Nero 7\InCD\NBHGui.exe" [2007-06-25 1629480] "InCD"="c:\program files\Nero\Nero 7\InCD\InCD.exe" [2007-06-25 1057064] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2009-02-02 37888] "RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "_nltide_2"="shell32" [X] "_nltide_3"="advpack.dll" [2009-03-08 128512] c:\documents and settings\All Users\Menu Start\Programy\Autostart\ DSLMON.lnk - c:\program files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2009-6-3 839680] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2009-12-19 09:51 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] c:\windows\system32\dumprep 0 -k [X] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ALLUpdate] 2008-11-24 18:44 869888 ----a-w- c:\program files\ALLPlayer\ALLUpdate.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2009-05-26 15:18 413696 ----a-w- c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RocketDock] 2007-09-02 11:58 495616 ----a-w- c:\program files\RocketDock\RocketDock.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel] 2006-05-16 10:04 2879488 ------r- c:\windows\SkyTel.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2009-07-25 03:23 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware] 2009-12-19 09:51 2002160 ----a-w- c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\FlashFXP\\FlashFXP.exe"= "c:\\Program Files\\FlashGet\\flashget.exe"= "c:\\Program Files\\Gadu-Gadu\\gg.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\mIRC\\mirc.exe"= "c:\\Program Files\\IceChat7\\IceChat7.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\SopCast\\adv\\SopAdver.exe"= "c:\\Program Files\\SopCast\\SopCast.exe"= "c:\\Program Files\\TVUPlayer\\TVUPlayer.exe"= "e:\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe"= R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2009-12-13 691696] R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-09-06 114768] R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2008-05-13 9968] R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2008-05-13 74480] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-09-06 20560] R3 e4usbaw;USB ADSL2 WAN Adapter;c:\windows\system32\drivers\e4usbaw.sys [2009-06-03 116992] S2 IKANLOADER2;General Purpose USB Driver (e4ldr.sys);c:\windows\system32\drivers\e4ldr.sys [2009-06-03 64000] S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2008-05-13 7408] S4 QuestService Service;QuestService Service;c:\documents and settings\All Users\Dane aplikacji\QuestService\questservice111.exe [2009-12-20 46456] [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2007-08-23 15:34 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe . ------- Skan uzupełniający ------- . uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1750559 uInternet Settings,ProxyOverride = *.local IE: &Ściągnij przy pomocy FlashGet'a - c:\program files\FlashGet\jc_link.htm IE: &Ściągnij wszystko przy pomocy FlashGet'a - c:\program files\FlashGet\jc_all.htm FF - ProfilePath - c:\documents and settings\Pawel\Dane aplikacji\Mozilla\Firefox\Profiles\mtkqubr8.pawel\ FF - prefs.js: browser.search.selectedEngine - DAEMON Search FF - component: c:\program files\Automated Content Enhancer\4.1.0.5290\FF\components\ACEFFAddOn.dll FF - component: c:\program files\Customized Platform Advancer\4.1.0.1960\FF\components\CPAFFAddOn.dll FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll FF - component: c:\program files\Web Search Operator\4.1.0.2080\FF\components\WSOFFAddOn.dll FF - plugin: c:\documents and settings\Pawel\Dane aplikacji\Mozilla\Firefox\Profiles\mtkqubr8.pawel\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll FF - plugin: c:\progra~1\MOZILL~1\plugins\npdeploytk.dll FF - plugin: c:\progra~1\MOZILL~1\plugins\npnul32.dll FF - plugin: c:\progra~1\MOZILL~1\plugins\nppl3260.dll FF - plugin: c:\progra~1\MOZILL~1\plugins\npqtplugin.dll FF - plugin: c:\progra~1\MOZILL~1\plugins\npqtplugin2.dll FF - plugin: c:\progra~1\MOZILL~1\plugins\npqtplugin3.dll FF - plugin: c:\progra~1\MOZILL~1\plugins\npqtplugin4.dll FF - plugin: c:\progra~1\MOZILL~1\plugins\npqtplugin5.dll FF - plugin: c:\progra~1\MOZILL~1\plugins\npqtplugin6.dll FF - plugin: c:\progra~1\MOZILL~1\plugins\npqtplugin7.dll FF - plugin: c:\progra~1\MOZILL~1\plugins\nprpjplug.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ . - - - - USUNIĘTO PUSTE WPISY - - - - MSConfigStartUp-Internet Today Task - c:\program files\Internet Today\1.1.0.1260\InternetToday.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-12-21 12:50 Windows 5.1.2600 Dodatek Service Pack 3 NTFS skanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ... skanowanie pomyślnie ukończone ukryte pliki: 0 ************************************************************************** Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net device: opened successfully user: MBR read successfully called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spze.sys >>UNKNOWN [0x89B0E938]<< kernel: MBR read successfully detected MBR rootkit hooks: \Driver\Disk -> CLASSPNP.SYS @ 0xba8ecf28 \Driver\ACPI -> ACPI.sys @ 0xba673cb8 \Driver\atapi -> atapi.sys @ 0xba608b40 IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8 ParseProcedure -> ntkrnlpa.exe @ 0x805827e8 \Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8 ParseProcedure -> ntkrnlpa.exe @ 0x805827e8 NDIS: Realtek RTL8139/810x Family Fast Ethernet NIC -> SendCompleteHandler -> NDIS.sys @ 0xba4f8bb0 PacketIndicateHandler -> NDIS.sys @ 0xba4e7a0d SendHandler -> NDIS.sys @ 0xba4fbb40 user & kernel MBR OK ************************************************************************** . --------------------- Pliki DLL ładowane pod uruchomionymi procesami --------------------- - - - - - - - > 'winlogon.exe'(728) c:\windows\system32\SETUPAPI.dll c:\program files\SUPERAntiSpyware\SASWINLO.DLL c:\windows\system32\WININET.dll c:\windows\system32\COMRes.dll c:\windows\system32\cscui.dll - - - - - - - > 'lsass.exe'(784) c:\windows\system32\setupapi.dll c:\windows\system32\scecli.dll - - - - - - - > 'explorer.exe'(3728) c:\windows\system32\SHDOCVW.dll c:\windows\system32\WININET.dll c:\program files\RocketDock\RocketDock.dll c:\windows\system32\COMRes.dll c:\windows\System32\cscui.dll c:\progra~1\WINDOW~2\wmpband.dll c:\windows\system32\LINKINFO.dll c:\windows\system32\ntshrui.dll c:\windows\system32\msi.dll c:\windows\System32\msvcp60.dll c:\windows\system32\credui.dll c:\windows\system32\SETUPAPI.dll c:\windows\system32\webcheck.dll c:\windows\system32\wpdshserviceobj.dll c:\windows\system32\stobject.dll c:\windows\system32\portabledevicetypes.dll c:\windows\system32\portabledeviceapi.dll . ------------------------ Pozostałe uruchomione procesy ------------------------ . c:\program files\Alwil Software\Avast4\aswUpdSv.exe c:\program files\Alwil Software\Avast4\ashServ.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Nero\Nero 7\InCD\InCDsrv.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\windows\system32\nvsvc32.exe c:\program files\Alwil Software\Avast4\ashMaiSv.exe c:\program files\Alwil Software\Avast4\ashWebSv.exe c:\windows\system32\RUNDLL32.EXE c:\windows\RTHDCPL.EXE c:\program files\Common Files\Ahead\Lib\NMIndexingService.exe c:\program files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe c:\windows\system32\wbem\wmiapsrv.exe . ************************************************************************** . Czas ukończenia: 2009-12-21 12:54:25 - komputer został uruchomiony ponownie ComboFix-quarantined-files.txt 2009-12-21 11:54 Przed: 24 504 655 872 bajtów wolnych Po: 24 419 909 632 bajtów wolnych - - End Of File - - 293498D4E39DC8E3C8923BDB40E8CFDE

DDS

Kod: Zaznacz wszystko: DDS (Ver_09-12-01.01) - NTFSx86 Run by Pawel at 12:57:23,75 on 2009-12-21 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_15 Microsoft Windows XP Professional 5.1.2600.3.1250.48.1045.18.1983.1403 [GMT 1:00] AV: avast! antivirus 4.8.1368 [VPS 091221-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\VistaDrive\VistaDrive.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe C:\Program Files\Nero\Nero 7\InCD\InCD.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Gadu-Gadu\gg.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files\DAEMON Tools Lite\DTLite.exe C:\Program Files\RocketDock\RocketDock.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\notepad.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1750559 uInternet Settings,ProxyOverride = *.local BHO: FGCatchUrl: {2f364306-aa45-47b5-9f9d-39a8b94e7ef7} - c:\program files\flashget\jccatch.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: FlashFXP Helper for Internet Explorer: {e5a1691b-d188-4419-ad02-90002030b8ee} - c:\progra~1\flashfxp\IEFlash.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll BHO: FlashGet GetFlash Class: {f156768e-81ef-470c-9057-481ba8380dba} - c:\program files\flashget\getflash.dll BHO: BS Player Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - c:\program files\bs_player\tbBS_0.dll TB: BS Player Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - c:\program files\bs_player\tbBS_0.dll uRun: [Gadu-Gadu] "c:\program files\gadu-gadu\gg.exe" /tray uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe" uRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hidden uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun uRun: [RocketDock] "c:\program files\rocketdock\RocketDock.exe" mRun: [VistaDrive] c:\windows\vistadrive\VistaDrive.exe mRun: [UnlockerAssistant] c:\program files\unlocker\UnlockerAssistant.exe -H mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [nwiz] nwiz.exe /install mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [RTHDCPL] RTHDCPL.EXE mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe mRun: [SecurDisc] c:\program files\nero\nero 7\incd\NBHGui.exe mRun: [InCD] c:\program files\nero\nero 7\incd\InCD.exe mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE dRun: [RocketDock] "c:\program files\rocketdock\RocketDock.exe" dRunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 dRunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N StartupFolder: c:\docume~1\alluse~1\menust~1\programy\autost~1\dslmon.lnk - c:\program files\sagem\sagem f@st 800-840\dslmon.exe IE: &Ściągnij przy pomocy FlashGet'a - c:\program files\flashget\jc_link.htm IE: &Ściągnij wszystko przy pomocy FlashGet'a - c:\program files\flashget\jc_all.htm IE: {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - c:\program files\flashget\FlashGet.exe IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab TCP: {76F8C663-641E-4549-91D8-B3442C8121CD} = 194.204.152.34 194.204.159.1 Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe" ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\pawel\daneap~1\mozilla\firefox\profiles\mtkqubr8.pawel\ FF - prefs.js: browser.search.selectedEngine - DAEMON Search FF - component: c:\program files\automated content enhancer\4.1.0.5290\ff\components\ACEFFAddOn.dll FF - component: c:\program files\customized platform advancer\4.1.0.1960\ff\components\CPAFFAddOn.dll FF - component: c:\program files\web search operator\4.1.0.2080\ff\components\WSOFFAddOn.dll FF - plugin: c:\documents and settings\pawel\dane aplikacji\mozilla\firefox\profiles\mtkqubr8.pawel\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll FF - plugin: c:\progra~1\mozill~1\plugins\npdeploytk.dll FF - plugin: c:\progra~1\mozill~1\plugins\npnul32.dll FF - plugin: c:\progra~1\mozill~1\plugins\nppl3260.dll FF - plugin: c:\progra~1\mozill~1\plugins\npqtplugin.dll FF - plugin: c:\progra~1\mozill~1\plugins\npqtplugin2.dll FF - plugin: c:\progra~1\mozill~1\plugins\npqtplugin3.dll FF - plugin: c:\progra~1\mozill~1\plugins\npqtplugin4.dll FF - plugin: c:\progra~1\mozill~1\plugins\npqtplugin5.dll FF - plugin: c:\progra~1\mozill~1\plugins\npqtplugin6.dll FF - plugin: c:\progra~1\mozill~1\plugins\npqtplugin7.dll FF - plugin: c:\progra~1\mozill~1\plugins\nprpjplug.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\ FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} ============= SERVICES / DRIVERS =============== R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-9-6 114768] R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2008-5-13 9968] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2008-5-13 74480] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-9-6 20560] R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2009-9-6 138680] R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2009-9-6 254040] R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2009-9-6 352920] R3 e4usbaw;USB ADSL2 WAN Adapter;c:\windows\system32\drivers\e4usbaw.sys [2009-6-3 116992] S2 IKANLOADER2;General Purpose USB Driver (e4ldr.sys);c:\windows\system32\drivers\e4ldr.sys [2009-6-3 64000] S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2008-5-13 7408] S4 QuestService Service;QuestService Service;c:\documents and settings\all users\dane aplikacji\questservice\questservice111.exe [2009-12-20 46456] =============== Created Last 30 ================ 2009-12-21 11:57:11 524288 ----a-w- C:\dds.scr 2009-12-21 11:55:59 126 ----a-w- C:\wersja .com.htm 2009-12-21 11:50:13 0 d-----w- c:\windows\system32\wbem\snmp 2009-12-21 11:50:13 0 d-----w- c:\windows\srchasst 2009-12-21 11:50:12 0 d-----w- c:\windows\system32\xircom 2009-12-21 11:44:11 98816 ----a-w- c:\windows\sed.exe 2009-12-21 11:44:11 77312 ----a-w- c:\windows\MBR.exe 2009-12-21 11:44:11 261632 ----a-w- c:\windows\PEV.exe 2009-12-21 11:44:11 161792 ----a-w- c:\windows\SWREG.exe 2009-12-21 11:42:44 0 d-----w- C:\ComboFix 2009-12-21 11:41:01 3859344 ----a-r- C:\ComboFix.exe 2009-12-20 19:18:12 0 d-----w- c:\program files\QuestService 2009-12-20 19:18:12 0 d-----w- c:\docume~1\alluse~1\daneap~1\QuestService 2009-12-20 19:18:04 0 d-----w- c:\program files\Textual Content Provider 2009-12-20 19:17:56 0 d-----w- c:\program files\Content Management Wizard 2009-12-20 19:17:46 0 d-----w- c:\program files\Internet Today 2009-12-20 19:17:35 0 d-----w- c:\program files\Customized Platform Advancer 2009-12-20 19:17:29 0 d-----w- c:\program files\Automated Content Enhancer 2009-12-20 19:17:24 0 d-----w- c:\program files\Web Search Operator 2009-12-20 19:17:10 0 d-----w- c:\program files\HottieStar Toolbar 2009-12-20 16:06:10 218491 ----a-w- C:\25301_NB_-_BABY_DOLL_idx_123_1090lo.jpg 2009-12-20 11:44:49 346543 ----a-w- C:\Punished in Disco.jpg 2009-12-17 22:27:34 0 d-----w- c:\docume~1\alluse~1\daneap~1\SUPERAntiSpyware.com 2009-12-17 22:27:29 0 d-----w- c:\program files\SUPERAntiSpyware 2009-12-17 22:27:29 0 d-----w- c:\docume~1\pawel\daneap~1\SUPERAntiSpyware.com 2009-12-13 17:48:18 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll 2009-12-13 17:48:18 255848 ----a-w- c:\windows\system32\xactengine2_6.dll 2009-12-13 17:48:18 251672 ----a-w- c:\windows\system32\xactengine2_5.dll 2009-12-13 17:48:17 68888 ----a-w- c:\windows\system32\xinput1_3.dll 2009-12-13 17:48:17 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll 2009-12-13 17:48:17 237848 ----a-w- c:\windows\system32\xactengine2_4.dll 2009-12-13 17:48:17 15128 ----a-w- c:\windows\system32\x3daudio1_1.dll 2009-12-13 17:47:15 0 d-----w- c:\windows\system32\AGEIA 2009-12-13 17:47:00 0 d-----w- c:\program files\common files\Wise Installation Wizard 2009-12-13 17:23:36 691696 ----a-w- c:\windows\system32\drivers\sptd.sys 2009-12-13 17:23:30 0 d-----w- c:\program files\DAEMON Tools Lite 2009-12-13 17:23:17 0 d-----w- c:\docume~1\pawel\daneap~1\DAEMON Tools Lite 2009-12-13 17:23:15 0 d-----w- c:\docume~1\alluse~1\daneap~1\DAEMON Tools Lite 2009-12-13 17:15:11 0 d-----w- c:\program files\common files\EZB Systems 2009-12-13 17:15:10 0 d-----w- c:\program files\UltraISO 2009-12-12 15:09:39 0 d-----w- C:\Rapidleech PlugMod v41 2009-12-01 22:51:43 0 d-----w- c:\program files\AIDA32 - Personal System Information 2009-11-28 17:32:25 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys 2009-11-26 13:29:28 41911522 ----a-w- C:\Avast4.8.1358.Pro.rar 2009-11-25 12:42:42 1447424 ------w- c:\windows\system32\dllcache\msxml6.dll 2009-11-25 12:42:42 1172480 ------w- c:\windows\system32\dllcache\msxml3.dll 2009-11-22 22:14:34 0 d-----w- c:\windows\system32\wbem\Repository 2009-11-22 22:12:00 335 ----a-w- c:\windows\mozregistry.dat ==================== Find3M ==================== 2009-12-20 11:02:43 88838 ----a-w- c:\windows\system32\perfc015.dat 2009-12-20 11:02:43 500302 ----a-w- c:\windows\system32\perfh015.dat 2009-10-28 14:40:47 173056 ----a-w- c:\windows\system32\dllcache\ie4uinit.exe 2009-10-22 15:55:00 5562672 ----a-w- C:\TVUPlayer2.4.9.1.exe 2009-10-21 05:40:39 75776 ----a-w- c:\windows\system32\strmfilt.dll 2009-10-21 05:40:39 75776 ------w- c:\windows\system32\dllcache\strmfilt.dll 2009-10-21 05:40:39 25088 ----a-w- c:\windows\system32\httpapi.dll 2009-10-21 05:40:39 25088 ------w- c:\windows\system32\dllcache\httpapi.dll 2009-10-20 16:20:16 265728 ------w- c:\windows\system32\dllcache\http.sys 2009-10-13 10:34:25 271360 ----a-w- c:\windows\system32\oakley.dll 2009-10-13 10:34:25 271360 ------w- c:\windows\system32\dllcache\oakley.dll 2009-10-12 13:40:13 79872 ----a-w- c:\windows\system32\raschap.dll 2009-10-12 13:40:13 79872 ------w- c:\windows\system32\dllcache\raschap.dll 2009-10-12 13:40:13 150016 ----a-w- c:\windows\system32\rastls.dll 2009-10-12 13:40:13 150016 ------w- c:\windows\system32\dllcache\rastls.dll 2009-06-03 11:41:13 32768 --sha-w- c:\windows\system32\config\systemprofile\ustawienia lokalne\historia\history.ie5\index.dat 2009-06-03 11:41:11 32768 --sha-w- c:\windows\system32\config\systemprofile\ustawienia lokalne\historia\history.ie5\mshist012009060320090604\index.dat 2009-06-03 11:41:13 32768 --sha-w- c:\windows\system32\config\systemprofile\ustawienia lokalne\temporary internet files\content.ie5\index.dat ============= FINISH: 12:57:32,43 ===============

i z pliku Attach

Kod: Zaznacz wszystko: UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_09-12-01.01) Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 2009-06-03 13:37:00 System Uptime: 2009-12-21 12:49:50 (0 hours ago) Motherboard: Gigabyte Technology Co., Ltd. | | M61SME-S2 Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 3600+ | Socket M2 | 1908/200mhz ==== Disk Partitions ========================= A: is Removable C: is FIXED (NTFS) - 35 GiB total, 22,768 GiB free. D: is FIXED (NTFS) - 39 GiB total, 8,914 GiB free. E: is FIXED (NTFS) - 147 GiB total, 139,278 GiB free. F: is FIXED (NTFS) - 147 GiB total, 111,244 GiB free. G: is FIXED (NTFS) - 171 GiB total, 73,072 GiB free. H: is CDROM () I: is CDROM () J: is CDROM () ==== Disabled Device Manager Items ============= Class GUID: Description: Inne urządzenia typu mostek PCI Device ID: PCI\VEN_10DE&DEV_03EF&SUBSYS_E0001458&REV_A2\3&2411E6FE&0&38 Manufacturer: Name: Inne urządzenia typu mostek PCI PNP Device ID: PCI\VEN_10DE&DEV_03EF&SUBSYS_E0001458&REV_A2\3&2411E6FE&0&38 Service: ==== System Restore Points =================== RP147: 2009-11-18 21:45:55 - Punkt kontrolny systemu RP148: 2009-11-19 12:12:33 - Punkt kontrolny systemu RP149: 2009-11-20 14:58:49 - Punkt kontrolny systemu RP150: 2009-11-21 17:16:32 - Punkt kontrolny systemu RP151: 2009-11-22 20:10:54 - Punkt kontrolny systemu RP152: 2009-11-22 22:56:34 - Operacja przywracania RP153: 2009-11-22 23:13:46 - Operacja przywracania RP154: 2009-11-23 23:23:11 - Punkt kontrolny systemu RP155: 2009-11-25 13:54:43 - Punkt kontrolny systemu RP156: 2009-11-26 00:56:52 - Software Distribution Service 3.0 RP157: 2009-11-28 13:36:19 - Punkt kontrolny systemu RP158: 2009-11-28 18:39:23 - Zainstalowany program DirectX RP159: 2009-11-28 18:40:05 - Installed Pro Evolution Soccer 2008 RP160: 2009-11-29 20:19:43 - Punkt kontrolny systemu RP161: 2009-12-01 14:54:22 - Punkt kontrolny systemu RP162: 2009-12-01 23:28:09 - Installed Microsoft Office Excel Viewer 2003 RP163: 2009-12-03 15:31:16 - Punkt kontrolny systemu RP164: 2009-12-04 18:32:37 - Punkt kontrolny systemu RP165: 2009-12-05 18:39:55 - Punkt kontrolny systemu RP166: 2009-12-06 18:53:14 - Punkt kontrolny systemu RP167: 2009-12-07 19:34:21 - Punkt kontrolny systemu RP168: 2009-12-09 14:55:21 - Punkt kontrolny systemu RP169: 2009-12-10 17:30:20 - Punkt kontrolny systemu RP170: 2009-12-10 23:05:35 - Software Distribution Service 3.0 RP171: 2009-12-11 23:25:12 - Punkt kontrolny systemu RP172: 2009-12-13 13:01:25 - Punkt kontrolny systemu RP173: 2009-12-13 18:23:36 - SPTD setup V1.62 RP174: 2009-12-13 18:42:50 - Instalacja niepodpisanego sterownika RP175: 2009-12-13 18:44:59 - Installed Streets of Moscow RP176: 2009-12-13 18:47:13 - Installed AGEIA PhysX v7.05.06 RP177: 2009-12-13 18:47:29 - Installed AGEIA PhysX Processor Driver RP178: 2009-12-13 18:48:01 - Zainstalowany program DirectX RP179: 2009-12-15 12:55:44 - Punkt kontrolny systemu RP180: 2009-12-16 16:08:08 - Punkt kontrolny systemu RP181: 2009-12-17 16:44:38 - Punkt kontrolny systemu RP182: 2009-12-17 23:27:28 - Installed SUPERAntiSpyware Free Edition RP183: 2009-12-19 11:46:49 - Punkt kontrolny systemu RP184: 2009-12-20 14:09:38 - Punkt kontrolny systemu ==== Installed Programs ====================== AC3Filter (remove only) Adobe Anchor Service CS3 Adobe Asset Services CS3 Adobe Bridge CS3 Adobe Bridge Start Meeting Adobe Camera Raw 4.0 Adobe CMaps Adobe Color - Photoshop Specific Adobe Color Common Settings Adobe Color EU Recommended Settings Adobe Color JA Extra Settings Adobe Color NA Extra Settings Adobe Default Language CS3 Adobe Device Central CS3 Adobe ExtendScript Toolkit 2 Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Fonts All Adobe Help Viewer CS3 Adobe Linguistics CS3 Adobe PDF Library Files Adobe Photoshop CS3 Adobe Setup Adobe Stock Photos CS3 Adobe Type Support Adobe Update Manager CS3 Adobe Version Cue CS3 Client Adobe WinSoft Linguistics Plugin Adobe XMP Panels CS3 AGEIA PhysX v7.05.06 AIDA32 v3.93 Aktualizacja dla systemu Windows Internet Explorer 8 (KB971180) Aktualizacja dla systemu Windows Internet Explorer 8 (KB976749) Aktualizacja dla systemu Windows XP (KB898461) Aktualizacja dla systemu Windows XP (KB968389) Aktualizacja dla systemu Windows XP (KB971737) Aktualizacja dla systemu Windows XP (KB973687) Aktualizacja dla systemu Windows XP (KB973815) Aktualizacja krytyczna dla programu Windows Media Player 11 (KB959772) Aktualizacja zabezpieczeń dla programu Windows Media Player (KB954155) Aktualizacja zabezpieczeń dla programu Windows Media Player (KB968816) Aktualizacja zabezpieczeń dla programu Windows Media Player (KB973540) Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 7 (KB938127-v2) Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 7 (KB950759) Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 7 (KB953838) Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 7 (KB956390) Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 7 (KB958215) Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 7 (KB960714) Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 7 (KB963027) Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB969897) Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB971961) Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB972260) Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB974455) Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB976325) Aktualizacja zabezpieczeń dla systemu Windows XP (KB923561) Aktualizacja zabezpieczeń dla systemu Windows XP (KB923789) Aktualizacja zabezpieczeń dla systemu Windows XP (KB952004) Aktualizacja zabezpieczeń dla systemu Windows XP (KB953839) Aktualizacja zabezpieczeń dla systemu Windows XP (KB956391) Aktualizacja zabezpieczeń dla systemu Windows XP (KB956572) Aktualizacja zabezpieczeń dla systemu Windows XP (KB956744) Aktualizacja zabezpieczeń dla systemu Windows XP (KB956844) Aktualizacja zabezpieczeń dla systemu Windows XP (KB958690) Aktualizacja zabezpieczeń dla systemu Windows XP (KB958869) Aktualizacja zabezpieczeń dla systemu Windows XP (KB959426) Aktualizacja zabezpieczeń dla systemu Windows XP (KB960225) Aktualizacja zabezpieczeń dla systemu Windows XP (KB960715) Aktualizacja zabezpieczeń dla systemu Windows XP (KB960803) Aktualizacja zabezpieczeń dla systemu Windows XP (KB960859) Aktualizacja zabezpieczeń dla systemu Windows XP (KB961371) Aktualizacja zabezpieczeń dla systemu Windows XP (KB961373) Aktualizacja zabezpieczeń dla systemu Windows XP (KB961501) Aktualizacja zabezpieczeń dla systemu Windows XP (KB968537) Aktualizacja zabezpieczeń dla systemu Windows XP (KB969059) Aktualizacja zabezpieczeń dla systemu Windows XP (KB969898) Aktualizacja zabezpieczeń dla systemu Windows XP (KB969947) Aktualizacja zabezpieczeń dla systemu Windows XP (KB970238) Aktualizacja zabezpieczeń dla systemu Windows XP (KB970430) Aktualizacja zabezpieczeń dla systemu Windows XP (KB971486) Aktualizacja zabezpieczeń dla systemu Windows XP (KB971557) Aktualizacja zabezpieczeń dla systemu Windows XP (KB971633) Aktualizacja zabezpieczeń dla systemu Windows XP (KB971657) Aktualizacja zabezpieczeń dla systemu Windows XP (KB973346) Aktualizacja zabezpieczeń dla systemu Windows XP (KB973354) Aktualizacja zabezpieczeń dla systemu Windows XP (KB973507) Aktualizacja zabezpieczeń dla systemu Windows XP (KB973525) Aktualizacja zabezpieczeń dla systemu Windows XP (KB973869) Aktualizacja zabezpieczeń dla systemu Windows XP (KB973904) Aktualizacja zabezpieczeń dla systemu Windows XP (KB974112) Aktualizacja zabezpieczeń dla systemu Windows XP (KB974318) Aktualizacja zabezpieczeń dla systemu Windows XP (KB974392) Aktualizacja zabezpieczeń dla systemu Windows XP (KB974571) Aktualizacja zabezpieczeń dla systemu Windows XP (KB975025) Aktualizacja zabezpieczeń dla systemu Windows XP (KB975467) Aktualizacja zabezpieczeń dla Windows XP (KB941569) Apex RM RMVB Converter 6.54 Apple Software Update ASF TO AVI CONVERTER version 3.1 µTorrent avast! Antivirus AviSynth 2.5 BS.Player FREE BS_Player Toolbar CCleaner (remove only) DAMN NFO Viewer v2.10.0032.RC3 (Remove Only) Edytor Znaczników HTML 2.0PR1 Alef FastStone Capture 5.9 FastStone Image Viewer 3.5 FlashFXP v3 FlashGet 1.9.6.1073 Gadu-Gadu 7.7 HijackThis 2.0.2 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows XP (KB954550-v5) IceChat 7.63 (Build 20080417) Java(TM) 6 Update 15 K-Lite Codec Pack 4.8.5 (Full) LightScribe System Software 1.10.13.1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB953297) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft Office Excel Viewer 2003 Microsoft Visual C++ 2005 Redistributable mIRC MozBackup 1.4.6 PL Mozilla Firefox (2.0.0.20) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Music NFO Builder v1.20 NAPIPROJEKT 1.0.6.2 Nero 7 Essentials neroxml Norton PartitionMagic Norton PartitionMagic 8.0 Nuclear Coffee - VideoGet 1.1 Trial NVIDIA Drivers Oprogramowanie drukarki EPSON Pakiet sterowników systemu Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0) PDF Settings Poprawka dla systemu Windows Internet Explorer 7 (KB947864) Poprawka dla systemu Windows XP (KB932716-v2) Poprawka dla systemu Windows XP (KB961118) Poprawka dla systemu Windows XP (KB970653-v3) Poprawka dla systemu Windows XP (KB976098-v2) Pro Evolution Soccer 2008 QuestService 1.0 build 111 QuickTime Real Alternative 1.9.0 Realtek High Definition Audio Driver RocketDock 1.3.5 SAGEM F@st 800-840 SopCast 2.0.4 Streets of Moscow SubEdit-Player SUPERAntiSpyware Free Edition Total Commander (Remove or Repair) TVUPlayer 2.4.9.1 UltraISO Premium V9.32 Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Vista Drive Indicator! VLC media player 0.9.8a WebFldrs XP Winamp Windows Internet Explorer 8 WinRAR archiver ==== End Of File ===========================

**Posty:** 18165 · przez **wojtas** 21 Gru 2009, 14:10

Otworz notatnik i wklej w nim to:

Folder::
c:\documents and settings\All Users\Dane aplikacji\QuestService
c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Textual Content Provider
c:\program files\QuestService
c:\documents and settings\All Users\Dane aplikacji\QuestService
c:\program files\Textual Content Provider
c:\program files\Content Management Wizard
c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Internet Today
c:\program files\Internet Today
c:\program files\Customized Platform Advancer
c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Customized Platform Advancer
c:\program files\Automated Content Enhancer
c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Automated Content Enhancer
c:\program files\Web Search Operator
c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Web Search Operator
c:\program files\HottieStar Toolbar
c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\HottieStar Toolbar

Driver::
QuestService

>>Plik>>Zapisz jako... >>> CFScript
Przeciągnij i upuść plik CFScript.txt na plik ComboFix.exe
-->

Rozpocznie się usuwanie i powstanie log daj go.

**Posty:** 51 · przez **Ice-Man** 21 Gru 2009, 14:27

Zrobione wydaję się, że już chyba będzie ok bo widać od razu szybszą pracę systemu wstawiam jeszcze logi po wklejeniu tego skryptu do ComboFixa

Kod: Zaznacz wszystko: ComboFix 09-12-20.04 - Pawel 2009-12-21 13:16:34.2.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1250.48.1045.18.1983.1539 [GMT 1:00] Uruchomiony z: C:\ComboFix.exe Użyto następujących komend :: C:\CFScript.txt AV: avast! antivirus 4.8.1368 [VPS 091221-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !! . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\All Users\Dane aplikacji\QuestService c:\documents and settings\All Users\Dane aplikacji\QuestService\questservice111.exe c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Automated Content Enhancer c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Automated Content Enhancer\4.1.0.5290\config.md c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Automated Content Enhancer\4.1.0.5290\ipdata.md c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Automated Content Enhancer\4.1.0.5290\NP_20091220-201729.750.log c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Automated Content Enhancer\4.1.0.5290\NP_20091220-201817.234.log c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Automated Content Enhancer\4.1.0.5290\NP_20091221-102221.312.log c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Automated Content Enhancer\4.1.0.5290\NP_20091221-102422.781.log c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Automated Content Enhancer\4.1.0.5290\NP_20091221-102424.640.log c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Automated Content Enhancer\4.1.0.5290\NP_20091221-112253.515.log c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Automated Content Enhancer\4.1.0.5290\NP_20091221-115907.890.log c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Automated Content Enhancer\4.1.0.5290\NP_20091221-120708.906.log c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Automated Content Enhancer\4.1.0.5290\NP_20091221-125452.531.log c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Automated Content Enhancer\4.1.0.5290\NP_20091221-130710.234.log c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Automated Content Enhancer\4.1.0.5290\NP_20091221-130712.750.log c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Automated Content Enhancer\4.1.0.5290\NP_20091221-130836.796.log c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Automated Content Enhancer\4.1.0.5290\NP_20091221-131149.265.log c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Automated Content Enhancer\4.1.0.5290\NP_20091221-131151.125.log c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Customized Platform Advancer c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Customized Platform Advancer\4.1.0.1960\config.md c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Customized Platform Advancer\4.1.0.1960\HJHP_20091220-201736.000.log c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Customized Platform Advancer\4.1.0.1960\HJHP_20091220-201817.343.log c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Customized Platform Advancer\4.1.0.1960\HJHP_20091221-102221.406.log c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Customized Platform Advancer\4.1.0.1960\HJHP_20091221-102422.843.log c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Customized Platform Advancer\4.1.0.1960\HJHP_20091221-102424.656.log c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Customized Platform Advancer\4.1.0.1960\HJHP_20091221-112253.593.log c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Customized Platform Advancer\4.1.0.1960\HJHP_20091221-115908.250.log c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Customized Platform Advancer\4.1.0.1960\HJHP_20091221-120709.328.log c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Customized Platform Advancer\4.1.0.1960\HJHP_20091221-125452.781.log c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Customized Platform Advancer\4.1.0.1960\HJHP_20091221-130710.250.log c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Customized Platform Advancer\4.1.0.1960\HJHP_20091221-130712.765.log c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Customized Platform Advancer\4.1.0.1960\HJHP_20091221-130836.812.log c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Customized Platform Advancer\4.1.0.1960\HJHP_20091221-131149.390.log c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Customized Platform Advancer\4.1.0.1960\HJHP_20091221-131151.140.log c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\HottieStar Toolbar c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Internet Today c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Textual Content Provider c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Textual Content Provider\1.1.0.1810\Data\TP_Config.mx c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Textual Content Provider\1.1.0.1810\Data\TP_Data.mx c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Textual Content Provider\1.1.0.1810\Data\TP_DomainExcludeList.mx c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Textual Content Provider\1.1.0.1810\Data\TP_DomainInterval.mx c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Web Search Operator c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Web Search Operator\4.1.0.2080\config.md c:\program files\Automated Content Enhancer c:\program files\Automated Content Enhancer\4.1.0.5290\ACECommon.dll c:\program files\Automated Content Enhancer\4.1.0.5290\ACEpx.exe c:\program files\Automated Content Enhancer\4.1.0.5290\Data\config.md c:\program files\Automated Content Enhancer\4.1.0.5290\FF\chrome.manifest c:\program files\Automated Content Enhancer\4.1.0.5290\FF\chrome\ACEAddOn.jar c:\program files\Automated Content Enhancer\4.1.0.5290\FF\chrome\content\ACEAddOn.js c:\program files\Automated Content Enhancer\4.1.0.5290\FF\chrome\content\ACEAddOn.xul c:\program files\Automated Content Enhancer\4.1.0.5290\FF\components\ACEFFAddOn.dll c:\program files\Automated Content Enhancer\4.1.0.5290\FF\components\ACEFFAddOn.xpt c:\program files\Automated Content Enhancer\4.1.0.5290\FF\components\ACEFFHelperComponent.js c:\program files\Automated Content Enhancer\4.1.0.5290\FF\install.rdf c:\program files\Automated Content Enhancer\4.1.0.5290\lri.dll c:\program files\Automated Content Enhancer\4.1.0.5290\unins000.dat c:\program files\Automated Content Enhancer\4.1.0.5290\unins000.exe c:\program files\Content Management Wizard c:\program files\Content Management Wizard\1.1.0.1990\cmwpx.exe c:\program files\Content Management Wizard\1.1.0.1990\cmwsh.dll c:\program files\Content Management Wizard\1.1.0.1990\config.mx c:\program files\Content Management Wizard\1.1.0.1990\data.mx c:\program files\Content Management Wizard\1.1.0.1990\exclude.mx c:\program files\Content Management Wizard\1.1.0.1990\LRI.dll c:\program files\Content Management Wizard\1.1.0.1990\MatchingData.zd5 c:\program files\Content Management Wizard\1.1.0.1990\pxtmpdata.mx c:\program files\Content Management Wizard\1.1.0.1990\unins000.dat c:\program files\Content Management Wizard\1.1.0.1990\unins000.exe c:\program files\Customized Platform Advancer c:\program files\Customized Platform Advancer\4.1.0.1960\CPACommon.dll c:\program files\Customized Platform Advancer\4.1.0.1960\CPAHelper.exe c:\program files\Customized Platform Advancer\4.1.0.1960\CPApx.exe c:\program files\Customized Platform Advancer\4.1.0.1960\Data\config.md c:\program files\Customized Platform Advancer\4.1.0.1960\FF\chrome.manifest c:\program files\Customized Platform Advancer\4.1.0.1960\FF\chrome\content\CPAAddOn.js c:\program files\Customized Platform Advancer\4.1.0.1960\FF\chrome\content\CPAAddOn.xul c:\program files\Customized Platform Advancer\4.1.0.1960\FF\chrome\CPAAddOn.jar c:\program files\Customized Platform Advancer\4.1.0.1960\FF\components\CPAFFAddOn.dll c:\program files\Customized Platform Advancer\4.1.0.1960\FF\components\CPAFFAddOn.xpt c:\program files\Customized Platform Advancer\4.1.0.1960\FF\components\CPAFFHelperComponent.js c:\program files\Customized Platform Advancer\4.1.0.1960\FF\install.rdf c:\program files\Customized Platform Advancer\4.1.0.1960\lri.dll c:\program files\Customized Platform Advancer\4.1.0.1960\unins000.dat c:\program files\Customized Platform Advancer\4.1.0.1960\unins000.exe c:\program files\HottieStar Toolbar c:\program files\Internet Today c:\program files\Internet Today\1.1.0.1260\InternetToday.ico c:\program files\Internet Today\1.1.0.1260\InternetToday.skf c:\program files\Internet Today\1.1.0.1260\mfc80.dll c:\program files\Internet Today\1.1.0.1260\Microsoft.VC80.CRT.manifest c:\program files\Internet Today\1.1.0.1260\Microsoft.VC80.MFC.manifest c:\program files\Internet Today\1.1.0.1260\msvcr80.dll c:\program files\Internet Today\1.1.0.1260\PixelLogExe.exe c:\program files\Internet Today\1.1.0.1260\SkinCrafterDll.dll c:\program files\Internet Today\1.1.0.1260\unins000.dat c:\program files\Internet Today\1.1.0.1260\unins000.exe c:\program files\QuestService c:\program files\QuestService\questservice.dll c:\program files\QuestService\questservice.exe c:\program files\QuestService\uninstall.exe c:\program files\Textual Content Provider c:\program files\Textual Content Provider\1.1.0.1810\data\pxtmpdata.mx c:\program files\Textual Content Provider\1.1.0.1810\data\TP_Config.mx c:\program files\Textual Content Provider\1.1.0.1810\data\TP_Data.mx c:\program files\Textual Content Provider\1.1.0.1810\data\TP_DomainExcludeList.mx c:\program files\Textual Content Provider\1.1.0.1810\data\TP_DomainInterval.mx c:\program files\Textual Content Provider\1.1.0.1810\data\TP_KeywordInterval.mx c:\program files\Textual Content Provider\1.1.0.1810\tcppx.exe c:\program files\Textual Content Provider\1.1.0.1810\unins000.dat c:\program files\Textual Content Provider\1.1.0.1810\unins000.exe c:\program files\Web Search Operator c:\program files\Web Search Operator\4.1.0.2080\Data\config.md c:\program files\Web Search Operator\4.1.0.2080\FF\chrome.manifest c:\program files\Web Search Operator\4.1.0.2080\FF\chrome\content\WSOAddOn.js c:\program files\Web Search Operator\4.1.0.2080\FF\chrome\content\WSOAddOn.xul c:\program files\Web Search Operator\4.1.0.2080\FF\chrome\WSOAddOn.jar c:\program files\Web Search Operator\4.1.0.2080\FF\components\WSOFFAddOn.dll c:\program files\Web Search Operator\4.1.0.2080\FF\components\WSOFFAddOn.xpt c:\program files\Web Search Operator\4.1.0.2080\FF\components\WSOFFHelperComponent.js c:\program files\Web Search Operator\4.1.0.2080\FF\install.rdf c:\program files\Web Search Operator\4.1.0.2080\lri.dll c:\program files\Web Search Operator\4.1.0.2080\unins000.dat c:\program files\Web Search Operator\4.1.0.2080\unins000.exe c:\program files\Web Search Operator\4.1.0.2080\WSOCommon.dll c:\program files\Web Search Operator\4.1.0.2080\WSOpx.exe . ((((((((((((((((((((((((((((((((((((((( Sterowniki/Usługi ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_QuestService_Service -------\Service_QuestService Service ((((((((((((((((((((((((( Pliki utworzone od 2009-11-21 do 2009-12-21 ))))))))))))))))))))))))))))))) . 2009-12-21 11:57 . 2009-12-21 11:57 524288 ----a-w- C:\dds.scr 2009-12-21 11:50 . 2009-12-21 11:50 -------- d-----w- c:\windows\system32\wbem\snmp 2009-12-21 11:50 . 2009-12-21 11:50 -------- d-----w- c:\windows\srchasst 2009-12-21 11:50 . 2009-12-21 11:50 -------- d-----w- c:\windows\system32\xircom 2009-12-21 11:50 . 2009-12-21 11:50 -------- d-----w- c:\program files\microsoft frontpage 2009-12-21 11:41 . 2009-12-21 11:41 3859344 ----a-r- C:\ComboFix.exe 2009-12-20 19:20 . 2009-12-20 19:20 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache 2009-12-19 09:53 . 2009-12-19 09:53 117760 ----a-w- c:\documents and settings\Pawel\Dane aplikacji\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL 2009-12-13 17:23 . 2009-12-13 17:23 691696 ----a-w- c:\windows\system32\drivers\sptd.sys 2009-12-13 17:23 . 2009-12-13 17:41 -------- d-----w- c:\program files\DAEMON Tools Lite 2009-12-13 17:23 . 2009-12-13 17:44 -------- d-----w- c:\documents and settings\Pawel\Dane aplikacji\DAEMON Tools Lite 2009-12-13 17:23 . 2009-12-13 17:23 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\DAEMON Tools Lite 2009-12-13 17:15 . 2009-12-13 17:15 -------- d-----w- c:\program files\Common Files\EZB Systems 2009-12-13 17:15 . 2009-12-13 17:15 -------- d-----w- c:\program files\UltraISO 2009-12-12 15:09 . 2009-06-28 18:39 -------- d-----w- C:\Rapidleech PlugMod v41 2009-12-01 22:51 . 2009-12-01 22:51 -------- d-----w- c:\program files\AIDA32 - Personal System Information 2009-11-28 17:32 . 2008-04-14 05:15 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys 2009-11-25 12:42 . 2009-07-31 04:30 1447424 ------w- c:\windows\system32\dllcache\msxml6.dll 2009-11-25 12:42 . 2009-07-31 04:30 1172480 ------w- c:\windows\system32\dllcache\msxml3.dll 2009-11-22 22:14 . 2009-11-22 22:14 -------- d-----w- c:\windows\system32\wbem\Repository 2009-11-22 22:12 . 2009-11-22 22:12 335 ----a-w- c:\windows\mozregistry.dat . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-12-21 11:50 . 2009-06-03 11:43 14792 ----a-w- c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT 2009-12-20 22:22 . 2009-06-03 13:58 -------- d-----w- c:\program files\FlashGet 2009-12-20 11:02 . 2008-04-15 11:00 88838 ----a-w- c:\windows\system32\perfc015.dat 2009-12-20 11:02 . 2008-04-15 11:00 500302 ----a-w- c:\windows\system32\perfh015.dat 2009-12-19 09:51 . 2009-12-17 22:27 -------- d-----w- c:\program files\SUPERAntiSpyware 2009-12-18 17:28 . 2009-06-03 17:49 -------- d-----w- c:\documents and settings\Pawel\Dane aplikacji\uTorrent 2009-12-17 22:27 . 2009-12-17 22:27 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\SUPERAntiSpyware.com 2009-12-17 22:27 . 2009-12-17 22:27 -------- d-----w- c:\documents and settings\Pawel\Dane aplikacji\SUPERAntiSpyware.com 2009-12-17 22:27 . 2009-12-13 17:47 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard 2009-12-13 17:47 . 2009-12-13 17:47 -------- d-----w- c:\program files\AGEIA Technologies 2009-12-13 17:44 . 2009-06-03 09:20 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-11-24 23:54 . 2009-09-06 19:55 1280480 ----a-w- c:\windows\system32\aswBoot.exe 2009-11-24 23:51 . 2009-09-06 19:56 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys 2009-11-24 23:50 . 2009-09-06 19:56 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2009-11-24 23:50 . 2009-09-06 19:56 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys 2009-11-24 23:50 . 2009-09-06 19:56 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2009-11-24 23:49 . 2009-09-06 19:56 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2009-11-24 23:48 . 2009-09-06 19:56 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2009-11-24 23:47 . 2009-09-06 19:56 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2009-11-24 23:47 . 2009-09-06 19:56 97480 ----a-w- c:\windows\system32\AvastSS.scr 2009-11-22 22:20 . 2009-06-16 18:18 -------- d-----w- c:\program files\BS_Player 2009-11-20 21:15 . 2009-06-03 12:42 -------- d-----w- c:\documents and settings\Pawel\Dane aplikacji\BESTplayer 2009-10-31 20:25 . 2009-10-31 20:25 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\TVU Networks 2009-10-31 20:25 . 2009-10-31 20:25 -------- d-----w- c:\program files\TVUPlayer 2009-10-29 07:43 . 2009-02-02 15:08 916480 ------w- c:\windows\system32\wininet.dll 2009-10-22 15:55 . 2009-10-31 20:25 5562672 ----a-w- C:\TVUPlayer2.4.9.1.exe 2009-10-21 05:40 . 2008-04-15 11:00 75776 ----a-w- c:\windows\system32\strmfilt.dll 2009-10-21 05:40 . 2008-04-15 11:00 25088 ----a-w- c:\windows\system32\httpapi.dll 2009-10-20 16:20 . 2008-04-15 11:00 265728 ----a-w- c:\windows\system32\drivers\http.sys 2009-10-16 07:50 . 2009-10-16 07:50 2520888 ----a-w- c:\documents and settings\Pawel\Dane aplikacji\Mozilla\Firefox\Profiles\mtkqubr8.pawel\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll 2009-10-13 10:34 . 2008-04-15 11:00 271360 ----a-w- c:\windows\system32\oakley.dll 2009-10-12 13:40 . 2008-04-15 11:00 79872 ----a-w- c:\windows\system32\raschap.dll 2009-10-12 13:40 . 2008-04-15 11:00 150016 ----a-w- c:\windows\system32\rastls.dll 2008-04-07 09:21 . 2009-12-21 12:11 67696 ----a-w- c:\program files\mozilla firefox\components\jar50.dll 2008-04-07 09:21 . 2009-12-21 12:11 54376 ----a-w- c:\program files\mozilla firefox\components\jsd3250.dll 2008-04-07 09:21 . 2009-12-21 12:11 34952 ----a-w- c:\program files\mozilla firefox\components\myspell.dll 2008-04-07 09:21 . 2009-12-21 12:11 46720 ----a-w- c:\program files\mozilla firefox\components\spellchk.dll 2008-04-07 09:21 . 2009-12-21 12:11 172144 ----a-w- c:\program files\mozilla firefox\components\xpinstal.dll . ------- Sigcheck ------- [-] 2009-02-02 . 1F39C7BDBA4C5F3F01C4EABF7EDBF4B3 . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys [-] 2009-02-02 . 8E7D194E90785C22A61AEC1F66D5DEA0 . 571904 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe [-] 2009-02-02 . 97E18DDA3AC03D676326C697A5F91375 . 662528 . . [5.82] . . c:\windows\system32\comctl32.dll [-] 2009-02-02 . D8824DEDA13325504943129EE394F538 . 518144 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll [-] 2009-01-26 . D2AA6D06CFF82F21A7294448D785C64D . 1891328 . . [6.00.2900.5512] . . c:\windows\explorer.exe [-] 2009-02-02 . 399E8AA327066D1336F8FB28BBC216A0 . 37888 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe [-] 2009-02-02 01:21 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll . ((((((((((((((((((((((((((((( SnapShot@2009-12-21_11.50.44 ))))))))))))))))))))))))))))))))))))))))) . + 2009-12-21 12:22 . 2009-12-21 12:22 16384 c:\windows\Temp\Perflib_Perfdata_4ec.dat + 2009-12-21 12:22 . 2009-12-21 12:22 16384 c:\windows\Temp\Perflib_Perfdata_130.dat . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}] 2009-11-22 22:20 2166296 ----a-w- c:\program files\BS_Player\tbBS_0.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\program files\BS_Player\tbBS_0.dll" [2009-11-22 2166296] [HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}"= "c:\program files\BS_Player\tbBS_0.dll" [2009-11-22 2166296] [HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Gadu-Gadu"="c:\program files\Gadu-Gadu\gg.exe" [2009-06-03 2131392] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872] "LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-08-23 455968] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200] "RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "VistaDrive"="c:\windows\VistaDrive\VistaDrive.exe" [2006-10-05 280779] "UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2008-05-01 15872] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-31 7634944] "nwiz"="nwiz.exe" [2006-10-31 1622016] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-31 86016] "RTHDCPL"="RTHDCPL.EXE" [2007-01-30 16116224] "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136] "SecurDisc"="c:\program files\Nero\Nero 7\InCD\NBHGui.exe" [2007-06-25 1629480] "InCD"="c:\program files\Nero\Nero 7\InCD\InCD.exe" [2007-06-25 1057064] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2009-02-02 37888] "RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "_nltide_2"="shell32" [X] "_nltide_3"="advpack.dll" [2009-03-08 128512] c:\documents and settings\All Users\Menu Start\Programy\Autostart\ DSLMON.lnk - c:\program files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2009-6-3 839680] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2009-12-19 09:51 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] c:\windows\system32\dumprep 0 -k [X] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ALLUpdate] 2008-11-24 18:44 869888 ----a-w- c:\program files\ALLPlayer\ALLUpdate.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2009-05-26 15:18 413696 ----a-w- c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RocketDock] 2007-09-02 11:58 495616 ----a-w- c:\program files\RocketDock\RocketDock.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel] 2006-05-16 10:04 2879488 ------r- c:\windows\SkyTel.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2009-07-25 03:23 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware] 2009-12-19 09:51 2002160 ----a-w- c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\FlashFXP\\FlashFXP.exe"= "c:\\Program Files\\FlashGet\\flashget.exe"= "c:\\Program Files\\Gadu-Gadu\\gg.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\mIRC\\mirc.exe"= "c:\\Program Files\\IceChat7\\IceChat7.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\SopCast\\adv\\SopAdver.exe"= "c:\\Program Files\\SopCast\\SopCast.exe"= "c:\\Program Files\\TVUPlayer\\TVUPlayer.exe"= "e:\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe"= R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2009-12-13 691696] R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-09-06 114768] R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2008-05-13 9968] R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2008-05-13 74480] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-09-06 20560] R3 e4usbaw;USB ADSL2 WAN Adapter;c:\windows\system32\drivers\e4usbaw.sys [2009-06-03 116992] S2 IKANLOADER2;General Purpose USB Driver (e4ldr.sys);c:\windows\system32\drivers\e4ldr.sys [2009-06-03 64000] S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2008-05-13 7408] [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2007-08-23 15:34 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe . ------- Skan uzupełniający ------- . uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1750559 uInternet Settings,ProxyOverride = *.local IE: &Ściągnij przy pomocy FlashGet'a - c:\program files\FlashGet\jc_link.htm IE: &Ściągnij wszystko przy pomocy FlashGet'a - c:\program files\FlashGet\jc_all.htm FF - ProfilePath - c:\documents and settings\Pawel\Dane aplikacji\Mozilla\Firefox\Profiles\mtkqubr8.pawel\ FF - prefs.js: browser.search.selectedEngine - DAEMON Search FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll FF - plugin: c:\documents and settings\Pawel\Dane aplikacji\Mozilla\Firefox\Profiles\mtkqubr8.pawel\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll FF - plugin: c:\progra~1\MOZILL~1\plugins\npdeploytk.dll FF - plugin: c:\progra~1\MOZILL~1\plugins\npnul32.dll FF - plugin: c:\progra~1\MOZILL~1\plugins\nppl3260.dll FF - plugin: c:\progra~1\MOZILL~1\plugins\npqtplugin.dll FF - plugin: c:\progra~1\MOZILL~1\plugins\npqtplugin2.dll FF - plugin: c:\progra~1\MOZILL~1\plugins\npqtplugin3.dll FF - plugin: c:\progra~1\MOZILL~1\plugins\npqtplugin4.dll FF - plugin: c:\progra~1\MOZILL~1\plugins\npqtplugin5.dll FF - plugin: c:\progra~1\MOZILL~1\plugins\npqtplugin6.dll FF - plugin: c:\progra~1\MOZILL~1\plugins\npqtplugin7.dll FF - plugin: c:\progra~1\MOZILL~1\plugins\nprpjplug.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ . - - - - USUNIĘTO PUSTE WPISY - - - - AddRemove-QuestService - c:\program files\QuestService\uninstall.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-12-21 13:22 Windows 5.1.2600 Dodatek Service Pack 3 NTFS skanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ... skanowanie pomyślnie ukończone ukryte pliki: 0 ************************************************************************** Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net device: opened successfully user: MBR read successfully called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys sprb.sys >>UNKNOWN [0x89B0E938]<< kernel: MBR read successfully detected MBR rootkit hooks: \Driver\Disk -> CLASSPNP.SYS @ 0xba8ecf28 \Driver\ACPI -> ACPI.sys @ 0xba673cb8 \Driver\atapi -> atapi.sys @ 0xba608b40 IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8 ParseProcedure -> ntkrnlpa.exe @ 0x805827e8 \Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8 ParseProcedure -> ntkrnlpa.exe @ 0x805827e8 NDIS: Realtek RTL8139/810x Family Fast Ethernet NIC -> SendCompleteHandler -> NDIS.sys @ 0xba4f8bb0 PacketIndicateHandler -> NDIS.sys @ 0xba4e7a0d SendHandler -> NDIS.sys @ 0xba4fbb40 user & kernel MBR OK ************************************************************************** . --------------------- Pliki DLL ładowane pod uruchomionymi procesami --------------------- - - - - - - - > 'winlogon.exe'(736) c:\windows\system32\SETUPAPI.dll c:\program files\SUPERAntiSpyware\SASWINLO.DLL c:\windows\system32\WININET.dll c:\windows\system32\COMRes.dll c:\windows\system32\cscui.dll - - - - - - - > 'lsass.exe'(792) c:\windows\system32\setupapi.dll c:\windows\system32\scecli.dll - - - - - - - > 'explorer.exe'(3620) c:\windows\system32\SHDOCVW.dll c:\windows\system32\WININET.dll c:\program files\RocketDock\RocketDock.dll c:\windows\system32\COMRes.dll c:\windows\System32\cscui.dll c:\progra~1\WINDOW~2\wmpband.dll c:\windows\system32\LINKINFO.dll c:\windows\system32\ntshrui.dll c:\windows\system32\msi.dll c:\windows\system32\SETUPAPI.dll c:\windows\System32\msvcp60.dll c:\windows\system32\credui.dll c:\windows\system32\webcheck.dll c:\windows\system32\wpdshserviceobj.dll c:\windows\system32\stobject.dll c:\windows\system32\portabledevicetypes.dll c:\windows\system32\portabledeviceapi.dll . ------------------------ Pozostałe uruchomione procesy ------------------------ . c:\program files\Alwil Software\Avast4\aswUpdSv.exe c:\program files\Alwil Software\Avast4\ashServ.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Nero\Nero 7\InCD\InCDsrv.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\windows\system32\nvsvc32.exe c:\program files\Alwil Software\Avast4\ashMaiSv.exe c:\program files\Alwil Software\Avast4\ashWebSv.exe c:\windows\system32\RUNDLL32.EXE c:\windows\RTHDCPL.EXE c:\windows\system32\wbem\wmiapsrv.exe c:\program files\Common Files\Ahead\Lib\NMIndexingService.exe c:\program files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe . ************************************************************************** . Czas ukończenia: 2009-12-21 13:25:42 - komputer został uruchomiony ponownie ComboFix-quarantined-files.txt 2009-12-21 12:25 ComboFix2.txt 2009-12-21 11:54 Przed: 24 434 520 064 bajtów wolnych Po: 24 390 152 192 bajtów wolnych - - End Of File - - E6385EB4CFBA67B2EC810744DED28246

**Posty:** 2183 · przez **NieWiem** 21 Gru 2009, 14:33

Jeszcze takie coś zmontuj w notatniku:

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"=-
[-HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}"=-
[-HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]

File::
c:\program files\BS_Player\tbBS_0.dll

Firefox::
FF - prefs.js: browser.search.selectedEngine - DAEMON Search

Ta sama procedura jak ostatnio i nowy log tutaj.

Autor postu otrzymał pochwałę

**Posty:** 51 · przez **Ice-Man** 21 Gru 2009, 15:18

Nowy log

Kod: Zaznacz wszystko: ComboFix 09-12-20.04 - Pawel 2009-12-21 14:13:00.3.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1250.48.1045.18.1983.1556 [GMT 1:00] Uruchomiony z: C:\ComboFix.exe Użyto następujących komend :: C:\CFScript.txt AV: avast! antivirus 4.8.1368 [VPS 091221-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !! FILE :: "c:\program files\BS_Player\tbBS_0.dll" . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\BS_Player\tbBS_0.dll . ((((((((((((((((((((((((( Pliki utworzone od 2009-11-21 do 2009-12-21 ))))))))))))))))))))))))))))))) . 2009-12-21 11:57 . 2009-12-21 11:57 524288 ----a-w- C:\dds.scr 2009-12-21 11:50 . 2009-12-21 11:50 -------- d-----w- c:\windows\system32\wbem\snmp 2009-12-21 11:50 . 2009-12-21 11:50 -------- d-----w- c:\windows\srchasst 2009-12-21 11:50 . 2009-12-21 11:50 -------- d-----w- c:\windows\system32\xircom 2009-12-21 11:50 . 2009-12-21 11:50 -------- d-----w- c:\program files\microsoft frontpage 2009-12-21 11:41 . 2009-12-21 11:41 3859344 ----a-r- C:\ComboFix.exe 2009-12-20 19:20 . 2009-12-20 19:20 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache 2009-12-19 09:53 . 2009-12-19 09:53 117760 ----a-w- c:\documents and settings\Pawel\Dane aplikacji\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL 2009-12-13 17:23 . 2009-12-13 17:23 691696 ----a-w- c:\windows\system32\drivers\sptd.sys 2009-12-13 17:23 . 2009-12-13 17:41 -------- d-----w- c:\program files\DAEMON Tools Lite 2009-12-13 17:23 . 2009-12-13 17:44 -------- d-----w- c:\documents and settings\Pawel\Dane aplikacji\DAEMON Tools Lite 2009-12-13 17:23 . 2009-12-13 17:23 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\DAEMON Tools Lite 2009-12-13 17:15 . 2009-12-13 17:15 -------- d-----w- c:\program files\Common Files\EZB Systems 2009-12-13 17:15 . 2009-12-13 17:15 -------- d-----w- c:\program files\UltraISO 2009-12-12 15:09 . 2009-06-28 18:39 -------- d-----w- C:\Rapidleech PlugMod v41 2009-12-01 22:51 . 2009-12-01 22:51 -------- d-----w- c:\program files\AIDA32 - Personal System Information 2009-11-28 17:32 . 2008-04-14 05:15 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys 2009-11-25 12:42 . 2009-07-31 04:30 1447424 ------w- c:\windows\system32\dllcache\msxml6.dll 2009-11-25 12:42 . 2009-07-31 04:30 1172480 ------w- c:\windows\system32\dllcache\msxml3.dll 2009-11-22 22:14 . 2009-11-22 22:14 -------- d-----w- c:\windows\system32\wbem\Repository 2009-11-22 22:12 . 2009-11-22 22:12 335 ----a-w- c:\windows\mozregistry.dat . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-12-21 13:16 . 2009-06-16 18:18 -------- d-----w- c:\program files\BS_Player 2009-12-21 11:50 . 2009-06-03 11:43 14792 ----a-w- c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT 2009-12-20 22:22 . 2009-06-03 13:58 -------- d-----w- c:\program files\FlashGet 2009-12-20 11:02 . 2008-04-15 11:00 88838 ----a-w- c:\windows\system32\perfc015.dat 2009-12-20 11:02 . 2008-04-15 11:00 500302 ----a-w- c:\windows\system32\perfh015.dat 2009-12-19 09:51 . 2009-12-17 22:27 -------- d-----w- c:\program files\SUPERAntiSpyware 2009-12-18 17:28 . 2009-06-03 17:49 -------- d-----w- c:\documents and settings\Pawel\Dane aplikacji\uTorrent 2009-12-17 22:27 . 2009-12-17 22:27 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\SUPERAntiSpyware.com 2009-12-17 22:27 . 2009-12-17 22:27 -------- d-----w- c:\documents and settings\Pawel\Dane aplikacji\SUPERAntiSpyware.com 2009-12-17 22:27 . 2009-12-13 17:47 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard 2009-12-13 17:47 . 2009-12-13 17:47 -------- d-----w- c:\program files\AGEIA Technologies 2009-12-13 17:44 . 2009-06-03 09:20 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-11-24 23:54 . 2009-09-06 19:55 1280480 ----a-w- c:\windows\system32\aswBoot.exe 2009-11-24 23:51 . 2009-09-06 19:56 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys 2009-11-24 23:50 . 2009-09-06 19:56 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2009-11-24 23:50 . 2009-09-06 19:56 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys 2009-11-24 23:50 . 2009-09-06 19:56 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2009-11-24 23:49 . 2009-09-06 19:56 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2009-11-24 23:48 . 2009-09-06 19:56 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2009-11-24 23:47 . 2009-09-06 19:56 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2009-11-24 23:47 . 2009-09-06 19:56 97480 ----a-w- c:\windows\system32\AvastSS.scr 2009-11-20 21:15 . 2009-06-03 12:42 -------- d-----w- c:\documents and settings\Pawel\Dane aplikacji\BESTplayer 2009-10-31 20:25 . 2009-10-31 20:25 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\TVU Networks 2009-10-31 20:25 . 2009-10-31 20:25 -------- d-----w- c:\program files\TVUPlayer 2009-10-29 07:43 . 2009-02-02 15:08 916480 ------w- c:\windows\system32\wininet.dll 2009-10-22 15:55 . 2009-10-31 20:25 5562672 ----a-w- C:\TVUPlayer2.4.9.1.exe 2009-10-21 05:40 . 2008-04-15 11:00 75776 ----a-w- c:\windows\system32\strmfilt.dll 2009-10-21 05:40 . 2008-04-15 11:00 25088 ----a-w- c:\windows\system32\httpapi.dll 2009-10-20 16:20 . 2008-04-15 11:00 265728 ----a-w- c:\windows\system32\drivers\http.sys 2009-10-16 07:50 . 2009-10-16 07:50 2520888 ----a-w- c:\documents and settings\Pawel\Dane aplikacji\Mozilla\Firefox\Profiles\mtkqubr8.pawel\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll 2009-10-13 10:34 . 2008-04-15 11:00 271360 ----a-w- c:\windows\system32\oakley.dll 2009-10-12 13:40 . 2008-04-15 11:00 79872 ----a-w- c:\windows\system32\raschap.dll 2009-10-12 13:40 . 2008-04-15 11:00 150016 ----a-w- c:\windows\system32\rastls.dll 2008-04-07 09:21 . 2009-12-21 12:11 67696 ----a-w- c:\program files\mozilla firefox\components\jar50.dll 2008-04-07 09:21 . 2009-12-21 12:11 54376 ----a-w- c:\program files\mozilla firefox\components\jsd3250.dll 2008-04-07 09:21 . 2009-12-21 12:11 34952 ----a-w- c:\program files\mozilla firefox\components\myspell.dll 2008-04-07 09:21 . 2009-12-21 12:11 46720 ----a-w- c:\program files\mozilla firefox\components\spellchk.dll 2008-04-07 09:21 . 2009-12-21 12:11 172144 ----a-w- c:\program files\mozilla firefox\components\xpinstal.dll . ------- Sigcheck ------- [-] 2009-02-02 . 1F39C7BDBA4C5F3F01C4EABF7EDBF4B3 . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys [-] 2009-02-02 . 8E7D194E90785C22A61AEC1F66D5DEA0 . 571904 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe [-] 2009-02-02 . 97E18DDA3AC03D676326C697A5F91375 . 662528 . . [5.82] . . c:\windows\system32\comctl32.dll [-] 2009-02-02 . D8824DEDA13325504943129EE394F538 . 518144 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll [-] 2009-01-26 . D2AA6D06CFF82F21A7294448D785C64D . 1891328 . . [6.00.2900.5512] . . c:\windows\explorer.exe [-] 2009-02-02 . 399E8AA327066D1336F8FB28BBC216A0 . 37888 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe [-] 2009-02-02 01:21 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll . ((((((((((((((((((((((((((((( SnapShot@2009-12-21_11.50.44 ))))))))))))))))))))))))))))))))))))))))) . + 2009-12-21 13:11 . 2009-12-21 13:11 16384 c:\windows\Temp\Perflib_Perfdata_4dc.dat + 2009-12-21 13:11 . 2009-12-21 13:11 16384 c:\windows\Temp\Perflib_Perfdata_1f0.dat . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Gadu-Gadu"="c:\program files\Gadu-Gadu\gg.exe" [2009-06-03 2131392] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872] "LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-08-23 455968] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200] "RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "VistaDrive"="c:\windows\VistaDrive\VistaDrive.exe" [2006-10-05 280779] "UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2008-05-01 15872] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-31 7634944] "nwiz"="nwiz.exe" [2006-10-31 1622016] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-31 86016] "RTHDCPL"="RTHDCPL.EXE" [2007-01-30 16116224] "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136] "SecurDisc"="c:\program files\Nero\Nero 7\InCD\NBHGui.exe" [2007-06-25 1629480] "InCD"="c:\program files\Nero\Nero 7\InCD\InCD.exe" [2007-06-25 1057064] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2009-02-02 37888] "RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "_nltide_2"="shell32" [X] "_nltide_3"="advpack.dll" [2009-03-08 128512] c:\documents and settings\All Users\Menu Start\Programy\Autostart\ DSLMON.lnk - c:\program files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2009-6-3 839680] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2009-12-19 09:51 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] c:\windows\system32\dumprep 0 -k [X] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ALLUpdate] 2008-11-24 18:44 869888 ----a-w- c:\program files\ALLPlayer\ALLUpdate.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2009-05-26 15:18 413696 ----a-w- c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RocketDock] 2007-09-02 11:58 495616 ----a-w- c:\program files\RocketDock\RocketDock.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel] 2006-05-16 10:04 2879488 ------r- c:\windows\SkyTel.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2009-07-25 03:23 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware] 2009-12-19 09:51 2002160 ----a-w- c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\FlashFXP\\FlashFXP.exe"= "c:\\Program Files\\FlashGet\\flashget.exe"= "c:\\Program Files\\Gadu-Gadu\\gg.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\mIRC\\mirc.exe"= "c:\\Program Files\\IceChat7\\IceChat7.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\SopCast\\adv\\SopAdver.exe"= "c:\\Program Files\\SopCast\\SopCast.exe"= "c:\\Program Files\\TVUPlayer\\TVUPlayer.exe"= "e:\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe"= R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-09-06 114768] R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2008-05-13 9968] R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2008-05-13 74480] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-09-06 20560] R3 e4usbaw;USB ADSL2 WAN Adapter;c:\windows\system32\drivers\e4usbaw.sys [2009-06-03 116992] S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2009-12-13 691696] S2 IKANLOADER2;General Purpose USB Driver (e4ldr.sys);c:\windows\system32\drivers\e4ldr.sys [2009-06-03 64000] S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2008-05-13 7408] [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2007-08-23 15:34 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe . ------- Skan uzupełniający ------- . uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1750559 uInternet Settings,ProxyOverride = *.local IE: &Ściągnij przy pomocy FlashGet'a - c:\program files\FlashGet\jc_link.htm IE: &Ściągnij wszystko przy pomocy FlashGet'a - c:\program files\FlashGet\jc_all.htm FF - ProfilePath - c:\documents and settings\Pawel\Dane aplikacji\Mozilla\Firefox\Profiles\mtkqubr8.pawel\ FF - prefs.js: browser.search.selectedEngine - DAEMON Search FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll FF - plugin: c:\documents and settings\Pawel\Dane aplikacji\Mozilla\Firefox\Profiles\mtkqubr8.pawel\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll FF - plugin: c:\progra~1\MOZILL~1\plugins\npdeploytk.dll FF - plugin: c:\progra~1\MOZILL~1\plugins\npnul32.dll FF - plugin: c:\progra~1\MOZILL~1\plugins\nppl3260.dll FF - plugin: c:\progra~1\MOZILL~1\plugins\npqtplugin.dll FF - plugin: c:\progra~1\MOZILL~1\plugins\npqtplugin2.dll FF - plugin: c:\progra~1\MOZILL~1\plugins\npqtplugin3.dll FF - plugin: c:\progra~1\MOZILL~1\plugins\npqtplugin4.dll FF - plugin: c:\progra~1\MOZILL~1\plugins\npqtplugin5.dll FF - plugin: c:\progra~1\MOZILL~1\plugins\npqtplugin6.dll FF - plugin: c:\progra~1\MOZILL~1\plugins\npqtplugin7.dll FF - plugin: c:\progra~1\MOZILL~1\plugins\nprpjplug.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-12-21 14:16 Windows 5.1.2600 Dodatek Service Pack 3 NTFS skanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ... skanowanie pomyślnie ukończone ukryte pliki: 0 ************************************************************************** . --------------------- Pliki DLL ładowane pod uruchomionymi procesami --------------------- - - - - - - - > 'winlogon.exe'(720) c:\windows\system32\SETUPAPI.dll c:\program files\SUPERAntiSpyware\SASWINLO.DLL c:\windows\system32\WININET.dll c:\windows\system32\COMRes.dll c:\windows\system32\cscui.dll - - - - - - - > 'lsass.exe'(776) c:\windows\system32\setupapi.dll c:\windows\system32\scecli.dll . Czas ukończenia: 2009-12-21 14:17:37 ComboFix-quarantined-files.txt 2009-12-21 13:17 ComboFix2.txt 2009-12-21 12:25 ComboFix3.txt 2009-12-21 11:54 Przed: 24 386 924 544 bajtów wolnych Po: 24 353 976 320 bajtów wolnych - - End Of File - - 0AE7011AAFBD94FEB4953424FD35F7C0

**Posty:** 18165 · przez **wojtas** 21 Gru 2009, 21:03

1.Uruchom OTL z opcji CleanUp
2. wykonaj optymalizację windowsa
3.Wyłącz przywracanie systemu ( właściwości mój komputer-zakładka przywracanie - wyłącz przywracanie na wszystkich dyskach). Po chwili włącz je powrotem]
4. zrób skan Malwarebytes Anti-Malware (usuń co znajdzie ) i daj raport ze skanu

Autor postu otrzymał pochwałę

**Posty:** 51 · przez **Ice-Man** 22 Gru 2009, 14:24

Wszystko usunięte podaje loga

Kod: Zaznacz wszystko: Malwarebytes' Anti-Malware 1.42 Wersja bazy definicji: 3407 Windows 5.1.2600 Dodatek Service Pack 3 Internet Explorer 8.0.6001.18702 2009-12-22 13:24:44 mbam-log-2009-12-22 (13-24-44).txt Typ skanowania: Szybkie skanowanie Przeskanowane obiekty: 100019 Upłynęło: 3 minute(s), 13 second(s) Zainfekowane procesy w pamięci: 0 Zainfekowane moduły pamięci: 0 Zainfekowane klucze rejestru: 19 Zainfekowane wartości rejestru: 3 Zainfekowane pliki rejestru: 0 Zainfekowane foldery: 0 Zainfekowane pliki: 0 Zainfekowane procesy w pamięci: (Nie wykryto groźnych plików) Zainfekowane moduły pamięci: (Nie wykryto groźnych plików) Zainfekowane klucze rejestru: HKEY_CLASSES_ROOT\Interface\{480098c6-f6ad-4c61-9b5c-2bae228a34d1} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{6160f76a-1992-4b17-a32d-0c706d159105} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3de88beb-f271-484a-ba71-01d30f439f0c} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{50ad41d2-b1f0-47cc-9ea7-395355eaeebd} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{8ceb185e-81a5-46d3-bc20-c555d605afbd} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{a72522ba-9ff3-4c83-abc6-9b476728a396} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{c5762628-ae15-4ca6-96c4-b00dd17f3419} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{d062e03e-65ca-49e4-9b15-31938ba98922} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{883dfc00-8a21-411d-956c-73a4e4b7d16f} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Explorer\Bars\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Explorer\Bars\{b72681c0-a222-4b21-a0e2-53a5a5ca3d411} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\AppDataLow\SOFTWARE\Internet Today (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Automated Content Enhancer (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Customized Platform Advancer (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\QuestService (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Web Search Operator (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Automated Content Enhancer (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Customized Platform Advancer (Adware.DoubleD) -> Quarantined and deleted successfully. Zainfekowane wartości rejestru: HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{8141440e-08f0-4339-9959-5c31c6a69f23} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{e63605fc-d583-4c81-867f-9457bdb3ea1b} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{e889f097-b0be-471b-89ad-b86b6f04b506} (Adware.DoubleD) -> Quarantined and deleted successfully. Zainfekowane pliki rejestru: (Nie wykryto groźnych plików) Zainfekowane foldery: (Nie wykryto groźnych plików) Zainfekowane pliki: (Nie wykryto groźnych plików)

**Posty:** 18165 · przez **wojtas** 22 Gru 2009, 15:13

system czysty już jest

**Posty:** 51 · przez **Ice-Man** 22 Gru 2009, 15:22

dzięki wielkie Panowie podziękowania dla wszystkich lecą

**Posty:** 51 · przez **Ice-Man** 11 Mar 2010, 16:12

Witam troszkę muszę odkopać temat i znowu poprosić was o pomoc nie było mnie jakiś czas w domu i rodzina trochę chyba narobiła brudu w systemie użycie procesora z włączoną tylko przeglądarką i gg jest na poziomie 50% i strasznie spowalnia system poczyściłem co mogłem i spadło o 20% ale dalej momentami strasznie spowalnia.
Logi z Combo i DDS

Kod: Zaznacz wszystko: ComboFix 10-03-10.07 - Pawel 2010-03-11 14:53:24.5.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1250.48.1045.18.2047.1454 [GMT 1:00] Uruchomiony z: C:\ComboFix.exe AV: avast! antivirus 4.8.1368 [VPS 100311-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !! . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . E:\Autorun.inf . ((((((((((((((((((((((((( Pliki utworzone od 2010-02-11 do 2010-03-11 ))))))))))))))))))))))))))))))) . 2010-03-11 13:46 . 2010-03-11 13:46 3886534 ----a-r- C:\ComboFix.exe 2010-03-10 08:53 . 2009-10-23 15:28 3558912 ------w- c:\windows\system32\dllcache\moviemk.exe 2010-03-06 08:56 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe 2010-02-27 22:13 . 2010-02-27 22:13 -------- d-----w- C:\mfs.0.2 2010-02-15 14:04 . 2010-02-15 14:04 -------- d-----w- c:\windows\USB Vibration 2010-02-15 14:04 . 2010-02-15 14:04 -------- d-----w- c:\program files\USB Vibration 2010-02-15 13:58 . 2010-02-15 13:58 -------- d-----w- c:\program files\Microsoft.NET 2010-02-15 13:58 . 2010-02-15 14:03 -------- d-----w- c:\program files\YouTube Clip Extractor 2010-02-11 16:43 . 2010-02-11 16:43 -------- d-----w- c:\documents and settings\Pawel\Dane aplikacji\WindowsApplication1 2010-02-11 16:42 . 2010-03-11 09:12 -------- d-----w- c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\Deployment 2010-02-10 13:29 . 2010-01-01 07:58 353792 ------w- c:\windows\system32\dllcache\srv.sys 2010-02-10 13:29 . 2009-12-04 17:25 456832 ------w- c:\windows\system32\dllcache\mrxsmb.sys . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-03-11 13:50 . 2009-06-03 13:58 -------- d-----w- c:\program files\FlashGet 2010-03-10 22:57 . 2009-12-23 18:35 196608 ----a-w- c:\windows\system32\drivers\nAsmedia.bin 2010-03-10 20:31 . 2009-06-03 17:49 -------- d-----w- c:\documents and settings\Pawel\Dane aplikacji\uTorrent 2010-03-09 08:24 . 2010-01-20 19:07 -------- d-----w- c:\documents and settings\Pawel\Dane aplikacji\Hamachi 2010-03-03 18:04 . 2010-01-16 20:44 -------- d-----w- c:\program files\PHPNukeEN 2010-02-27 13:19 . 2009-06-03 12:42 -------- d-----w- c:\documents and settings\Pawel\Dane aplikacji\BESTplayer 2010-02-15 14:04 . 2009-06-03 09:20 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-02-09 19:59 . 2009-12-23 18:35 196608 ----a-w- c:\windows\system32\drivers\nVivid.bin 2010-01-20 19:07 . 2010-01-20 19:07 -------- d-----w- c:\program files\Hamachi 2010-01-20 19:07 . 2010-01-20 19:07 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys 2010-01-16 19:28 . 2010-01-02 08:11 -------- d-----w- c:\documents and settings\Pawel\Dane aplikacji\TMNT 2010-01-15 23:22 . 2008-04-15 11:00 88618 ----a-w- c:\windows\system32\perfc015.dat 2010-01-15 23:22 . 2008-04-15 11:00 499958 ----a-w- c:\windows\system32\perfh015.dat 2010-01-07 15:03 . 2009-06-03 11:43 14792 ----a-w- c:\documents and settings\Pawel\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT 2010-01-04 10:46 . 2010-01-02 08:14 107888 ----a-w- c:\windows\system32\CmdLineExt.dll 2010-01-01 07:58 . 2009-02-02 01:06 353792 ----a-w- c:\windows\system32\drivers\srv.sys 2009-12-28 22:33 . 2009-12-23 18:35 196608 ----a-w- c:\windows\system32\drivers\nAdvanced.bin 2009-12-23 13:07 . 2009-12-23 13:07 0 ----a-w- c:\windows\ativpsrm.bin 2009-12-22 12:19 . 2009-12-22 12:18 4844296 ----a-w- C:\mbam-setup.exe 2009-12-21 19:08 . 2009-02-02 15:08 916480 ----a-w- c:\windows\system32\wininet.dll 2009-12-19 09:53 . 2009-12-19 09:53 117760 ----a-w- c:\documents and settings\Pawel\Dane aplikacji\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL 2009-12-17 07:42 . 2009-06-03 11:25 345088 ----a-w- c:\windows\system32\mspaint.exe 2009-12-14 07:10 . 2008-04-15 11:00 33280 ----a-w- c:\windows\system32\csrsrv.dll 2009-12-13 17:23 . 2009-12-13 17:23 691696 ----a-w- c:\windows\system32\drivers\sptd.sys 2009-12-22 09:55 . 2009-12-21 12:11 67688 ----a-w- c:\program files\mozilla firefox\components\jar50.dll 2009-12-22 09:55 . 2009-12-21 12:11 54368 ----a-w- c:\program files\mozilla firefox\components\jsd3250.dll 2009-12-22 09:55 . 2009-12-21 12:11 34944 ----a-w- c:\program files\mozilla firefox\components\myspell.dll 2009-12-22 09:55 . 2009-12-21 12:11 46712 ----a-w- c:\program files\mozilla firefox\components\spellchk.dll 2009-12-22 09:55 . 2009-12-21 12:11 172136 ----a-w- c:\program files\mozilla firefox\components\xpinstal.dll . ------- Sigcheck ------- [-] 2009-02-02 . 1F39C7BDBA4C5F3F01C4EABF7EDBF4B3 . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys [-] 2009-02-02 . 8E7D194E90785C22A61AEC1F66D5DEA0 . 571904 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe [-] 2009-02-02 . 97E18DDA3AC03D676326C697A5F91375 . 662528 . . [5.82] . . c:\windows\system32\comctl32.dll [-] 2009-02-02 . D8824DEDA13325504943129EE394F538 . 518144 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll [-] 2009-01-26 . D2AA6D06CFF82F21A7294448D785C64D . 1891328 . . [6.00.2900.5512] . . c:\windows\explorer.exe [-] 2009-02-02 . 399E8AA327066D1336F8FB28BBC216A0 . 37888 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe [-] 2009-02-02 01:21 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{dd02a4eb-4afd-4d60-99d8-e67f964ca813}"= "c:\program files\PHPNukeEN\tbPHP0.dll" [2010-03-03 2349080] [HKEY_CLASSES_ROOT\clsid\{dd02a4eb-4afd-4d60-99d8-e67f964ca813}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{dd02a4eb-4afd-4d60-99d8-e67f964ca813}] 2010-03-03 18:06 2349080 ----a-w- c:\program files\PHPNukeEN\tbPHP0.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{dd02a4eb-4afd-4d60-99d8-e67f964ca813}"= "c:\program files\PHPNukeEN\tbPHP0.dll" [2010-03-03 2349080] [HKEY_CLASSES_ROOT\clsid\{dd02a4eb-4afd-4d60-99d8-e67f964ca813}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{DD02A4EB-4AFD-4D60-99D8-E67F964CA813}"= "c:\program files\PHPNukeEN\tbPHP0.dll" [2010-03-03 2349080] [HKEY_CLASSES_ROOT\clsid\{dd02a4eb-4afd-4d60-99d8-e67f964ca813}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Gadu-Gadu"="c:\program files\Gadu-Gadu\gg.exe" [2009-06-03 2131392] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872] "LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-08-23 455968] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200] "RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "VistaDrive"="c:\windows\VistaDrive\VistaDrive.exe" [2006-10-05 280779] "UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2008-05-01 15872] "RTHDCPL"="RTHDCPL.EXE" [2007-01-30 16116224] "SecurDisc"="c:\program files\Nero\Nero 7\InCD\NBHGui.exe" [2007-06-25 1629480] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000] "Flashget"="c:\program files\FlashGet\flashget.exe" [2007-09-25 2007088] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2009-02-02 37888] "RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "_nltide_2"="shell32" [X] "_nltide_3"="advpack.dll" [2009-03-08 128512] c:\documents and settings\All Users\Menu Start\Programy\Autostart\ DSLMON.lnk - c:\program files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2009-6-3 839680] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2009-12-19 09:51 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL [HKLM\~\startupfolder\C:^Documents and Settings^Pawel^Menu Start^Programy^Autostart^hamachi.lnk] path=c:\documents and settings\Pawel\Menu Start\Programy\Autostart\hamachi.lnk backup=c:\windows\pss\hamachi.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^Pawel^Menu Start^Programy^Autostart^Reminder-gte40101.lnk] path=c:\documents and settings\Pawel\Menu Start\Programy\Autostart\Reminder-gte40101.lnk backup=c:\windows\pss\Reminder-gte40101.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] c:\windows\system32\dumprep 0 -k [X] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ALLUpdate] 2008-11-24 18:44 869888 ----a-w- c:\program files\ALLPlayer\ALLUpdate.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSGamerOSD] 2009-05-13 10:12 380928 ----a-w- c:\program files\ASUS\GamerOSD\GamerOSD.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD] 2007-06-25 06:47 1057064 ----a-w- c:\program files\Nero\Nero 7\InCD\InCD.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2007-03-01 13:57 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2009-05-26 15:18 413696 ----a-w- c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RocketDock] 2007-09-02 11:58 495616 ----a-w- c:\program files\RocketDock\RocketDock.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel] 2006-05-16 10:04 2879488 ------r- c:\windows\SkyTel.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2009-07-25 03:23 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware] 2009-12-19 09:51 2002160 ----a-w- c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\FlashFXP\\FlashFXP.exe"= "c:\\Program Files\\FlashGet\\flashget.exe"= "c:\\Program Files\\Gadu-Gadu\\gg.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\mIRC\\mirc.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\SopCast\\adv\\SopAdver.exe"= "c:\\Program Files\\SopCast\\SopCast.exe"= "c:\\Program Files\\TVUPlayer\\TVUPlayer.exe"= "c:\\Program Files\\ASUS\\GamerOSD\\GamerOSD.exe"= "e:\\Program Files\\CAPCOM\\STREETFIGHTERIV\\StreetFighterIV.exe"= "e:\\Program Files\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe"= "c:\\Program Files\\Hamachi\\hamachi.exe"= "e:\\AutoPlay\\Docs\\Pesmagazine2008 Online.exe"= "e:\\AutoPlay\\Docs\\Lib\\server.exe"= R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-09-06 114768] R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2008-05-13 9968] R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2008-05-13 74480] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-09-06 20560] R3 e4usbaw;USB ADSL2 WAN Adapter;c:\windows\system32\drivers\e4usbaw.sys [2009-06-03 116992] S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2009-12-13 691696] S2 IKANLOADER2;General Purpose USB Driver (e4ldr.sys);c:\windows\system32\drivers\e4ldr.sys [2009-06-03 64000] S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2008-05-13 7408] [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2007-08-23 15:34 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe . Zawartość folderu 'Zaplanowane zadania' 2010-03-09 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] . . ------- Skan uzupełniający ------- . uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2086743 IE: &Download All with FlashGet - c:\program files\FlashGet\jc_all.htm IE: &Download with FlashGet - c:\program files\FlashGet\jc_link.htm IE: {{d9496f6f-556a-48a1-9b19-c7ae97d8ed66} - c:\program files\YouTube Clip Extractor\ClipExtractor.exe FF - ProfilePath - c:\documents and settings\Pawel\Dane aplikacji\Mozilla\Firefox\Profiles\mtkqubr8.pawel\ FF - prefs.js: browser.search.selectedEngine - DAEMON Search FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll FF - plugin: c:\documents and settings\Pawel\Dane aplikacji\Mozilla\Firefox\Profiles\mtkqubr8.pawel\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll FF - plugin: c:\progra~1\MOZILL~1\plugins\npdeploytk.dll FF - plugin: c:\progra~1\MOZILL~1\plugins\npnul32.dll FF - plugin: c:\progra~1\MOZILL~1\plugins\nppl3260.dll FF - plugin: c:\progra~1\MOZILL~1\plugins\npqtplugin.dll FF - plugin: c:\progra~1\MOZILL~1\plugins\npqtplugin2.dll FF - plugin: c:\progra~1\MOZILL~1\plugins\npqtplugin3.dll FF - plugin: c:\progra~1\MOZILL~1\plugins\npqtplugin4.dll FF - plugin: c:\progra~1\MOZILL~1\plugins\npqtplugin5.dll FF - plugin: c:\progra~1\MOZILL~1\plugins\npqtplugin6.dll FF - plugin: c:\progra~1\MOZILL~1\plugins\npqtplugin7.dll FF - plugin: c:\progra~1\MOZILL~1\plugins\nprpjplug.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-03-11 14:57 Windows 5.1.2600 Dodatek Service Pack 3 NTFS skanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ... skanowanie pomyślnie ukończone ukryte pliki: 0 ************************************************************************** . --------------------- ZABLOKOWANE KLUCZE REJESTRU --------------------- [HKEY_USERS\S-1-5-21-1417001333-1979792683-1801674531-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] "??"=hex:65,67,01,60,17,53,a4,58,2e,95,59,ad,6d,27,0a,90,d3,54,18,6a,0a,11,71, 50,ff,b6,34,01,71,6c,1b,23,df,0a,e1,ea,bc,ba,7c,fa,11,2f,a6,df,38,5c,6b,5c,\ "??"=hex:97,d0,4d,21,0d,3d,85,53,a1,87,27,f8,14,27,17,1e [HKEY_USERS\S-1-5-21-1417001333-1979792683-1801674531-1004\Software\SecuROM\License information*] "datasecu"=hex:86,78,38,3b,95,41,f2,b2,b9,f4,7b,d9,3f,69,04,70,21,a4,8a,f5,ff, 04,68,01,59,2a,1b,90,46,f8,81,0f,04,d6,81,d2,5d,42,9c,bb,22,ba,cf,20,f3,a8,\ "rkeysecu"=hex:37,8f,82,e6,6e,6c,a0,a8,16,ec,f9,56,21,c8,ad,9e . --------------------- Pliki DLL ładowane pod uruchomionymi procesami --------------------- - - - - - - - > 'winlogon.exe'(768) c:\windows\system32\SETUPAPI.dll c:\program files\SUPERAntiSpyware\SASWINLO.DLL c:\windows\system32\WININET.dll c:\windows\system32\Ati2evxx.dll c:\windows\system32\COMRes.dll c:\windows\system32\cscui.dll - - - - - - - > 'lsass.exe'(824) c:\windows\system32\setupapi.dll c:\windows\system32\scecli.dll . Czas ukończenia: 2010-03-11 14:58:49 ComboFix-quarantined-files.txt 2010-03-11 13:58 Przed: 25 675 395 072 bajtów wolnych Po: 25 703 718 912 bajtów wolnych - - End Of File - - CA63AB7B395A9ADF65F03DD8F42278C0

Kod: Zaznacz wszystko: DDS (Ver_09-12-01.01) - NTFSx86 Run by Pawel at 15:06:30,57 on 2010-03-11 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_15 Microsoft Windows XP Professional 5.1.2600.3.1250.48.1045.18.2047.1502 [GMT 1:00] AV: avast! antivirus 4.8.1368 [VPS 100311-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} ============== Running Processes =============== C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\WINDOWS\ATKKBService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\notepad.exe C:\WINDOWS\explorer.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2086743 uURLSearchHooks: PHPNukeEN Toolbar: {dd02a4eb-4afd-4d60-99d8-e67f964ca813} - c:\program files\phpnukeen\tbPHP0.dll BHO: FGCatchUrl: {2f364306-aa45-47b5-9f9d-39a8b94e7ef7} - c:\program files\flashget\jccatch.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: PHPNukeEN Toolbar: {dd02a4eb-4afd-4d60-99d8-e67f964ca813} - c:\program files\phpnukeen\tbPHP0.dll BHO: FlashFXP Helper for Internet Explorer: {e5a1691b-d188-4419-ad02-90002030b8ee} - c:\progra~1\flashfxp\IEFlash.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll BHO: FlashGet GetFlash Class: {f156768e-81ef-470c-9057-481ba8380dba} - c:\program files\flashget\getflash.dll TB: PHPNukeEN Toolbar: {dd02a4eb-4afd-4d60-99d8-e67f964ca813} - c:\program files\phpnukeen\tbPHP0.dll uRun: [Gadu-Gadu] "c:\program files\gadu-gadu\gg.exe" /tray uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe" uRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hidden uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun uRun: [RocketDock] "c:\program files\rocketdock\RocketDock.exe" mRun: [VistaDrive] c:\windows\vistadrive\VistaDrive.exe mRun: [UnlockerAssistant] c:\program files\unlocker\UnlockerAssistant.exe -H mRun: [RTHDCPL] RTHDCPL.EXE mRun: [SecurDisc] c:\program files\nero\nero 7\incd\NBHGui.exe mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe mRun: [Flashget] c:\program files\flashget\flashget.exe /min dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE dRun: [RocketDock] "c:\program files\rocketdock\RocketDock.exe" dRunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 dRunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N StartupFolder: c:\docume~1\alluse~1\menust~1\programy\autost~1\dslmon.lnk - c:\program files\sagem\sagem f@st 800-840\dslmon.exe IE: &Download All with FlashGet - c:\program files\flashget\jc_all.htm IE: &Download with FlashGet - c:\program files\flashget\jc_link.htm IE: {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - c:\program files\flashget\FlashGet.exe IE: {d9496f6f-556a-48a1-9b19-c7ae97d8ed66} - c:\program files\youtube clip extractor\ClipExtractor.exe IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab TCP: {76F8C663-641E-4549-91D8-B3442C8121CD} = 194.204.152.34 194.204.159.1 Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL Notify: AtiExtEvent - Ati2evxx.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe" Hosts: 83.11.241.100 pes7pcgate-e.winning-eleven.net Hosts: 83.11.241.100 pes7stun-e.winning-eleven.net Hosts: 67.159.50.155 extremew.org Hosts: 67.159.50.155 www.extremew.org ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\pawel\daneap~1\mozilla\firefox\profiles\mtkqubr8.pawel\ FF - prefs.js: browser.search.selectedEngine - DAEMON Search FF - plugin: c:\documents and settings\pawel\dane aplikacji\mozilla\firefox\profiles\mtkqubr8.pawel\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll FF - plugin: c:\progra~1\mozill~1\plugins\npdeploytk.dll FF - plugin: c:\progra~1\mozill~1\plugins\npnul32.dll FF - plugin: c:\progra~1\mozill~1\plugins\nppl3260.dll FF - plugin: c:\progra~1\mozill~1\plugins\npqtplugin.dll FF - plugin: c:\progra~1\mozill~1\plugins\npqtplugin2.dll FF - plugin: c:\progra~1\mozill~1\plugins\npqtplugin3.dll FF - plugin: c:\progra~1\mozill~1\plugins\npqtplugin4.dll FF - plugin: c:\progra~1\mozill~1\plugins\npqtplugin5.dll FF - plugin: c:\progra~1\mozill~1\plugins\npqtplugin6.dll FF - plugin: c:\progra~1\mozill~1\plugins\npqtplugin7.dll FF - plugin: c:\progra~1\mozill~1\plugins\nprpjplug.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\ FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} ============= SERVICES / DRIVERS =============== R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-9-6 114768] R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2008-5-13 9968] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2008-5-13 74480] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-9-6 20560] R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2009-9-6 138680] R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2009-9-6 254040] R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2009-9-6 352920] R3 e4usbaw;USB ADSL2 WAN Adapter;c:\windows\system32\drivers\e4usbaw.sys [2009-6-3 116992] S2 IKANLOADER2;General Purpose USB Driver (e4ldr.sys);c:\windows\system32\drivers\e4ldr.sys [2009-6-3 64000] S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2008-5-13 7408] =============== Created Last 30 ================ 2010-03-11 14:05:35 524288 ----a-w- C:\dds.scr 2010-03-11 13:52:16 161792 ----a-w- c:\windows\SWREG.exe 2010-03-11 13:52:15 98816 ----a-w- c:\windows\sed.exe 2010-03-11 13:46:12 3886534 ----a-r- C:\ComboFix.exe 2010-03-11 09:42:32 67312 ----a-w- C:\2m7jcw0.jpg 2010-03-10 15:54:52 387879 ----a-w- C:\dowod.jpg 2010-03-10 15:51:40 228577 ----a-w- C:\rachunek.jpg 2010-03-10 15:51:33 273204 ----a-w- C:\skanuj0003.jpg 2010-03-10 15:51:25 313096 ----a-w- C:\skanuj0002.jpg 2010-02-27 22:13:43 0 d-----w- C:\mfs.0.2 2010-02-15 14:04:20 0 d-----w- c:\windows\USB Vibration 2010-02-15 14:04:04 0 d-----w- c:\program files\USB Vibration 2010-02-15 13:58:29 0 d-----w- c:\program files\YouTube Clip Extractor 2010-02-11 16:43:02 0 d-----w- c:\docume~1\pawel\daneap~1\WindowsApplication1 2010-02-10 13:29:37 353792 ------w- c:\windows\system32\dllcache\srv.sys 2010-02-10 13:29:16 456832 ------w- c:\windows\system32\dllcache\mrxsmb.sys ==================== Find3M ==================== 2010-03-10 22:57:37 196608 ----a-w- c:\windows\system32\drivers\nAsmedia.bin 2010-02-09 19:59:40 196608 ----a-w- c:\windows\system32\drivers\nVivid.bin 2010-01-20 19:07:28 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys 2010-01-15 23:22:38 88618 ----a-w- c:\windows\system32\perfc015.dat 2010-01-15 23:22:38 499958 ----a-w- c:\windows\system32\perfh015.dat 2010-01-04 10:46:00 107888 ----a-w- c:\windows\system32\CmdLineExt.dll 2009-12-22 12:19:18 4844296 ----a-w- C:\mbam-setup.exe 2009-12-21 13:21:59 173056 ----a-w- c:\windows\system32\dllcache\ie4uinit.exe 2009-12-17 07:42:39 345088 ----a-w- c:\windows\system32\mspaint.exe 2009-12-17 07:42:39 345088 ------w- c:\windows\system32\dllcache\mspaint.exe 2009-12-14 07:10:04 33280 ----a-w- c:\windows\system32\csrsrv.dll 2009-12-14 07:10:04 33280 ------w- c:\windows\system32\dllcache\csrsrv.dll 2009-06-03 11:41:13 32768 --sha-w- c:\windows\system32\config\systemprofile\ustawienia lokalne\historia\history.ie5\index.dat 2009-06-03 11:41:11 32768 --sha-w- c:\windows\system32\config\systemprofile\ustawienia lokalne\historia\history.ie5\mshist012009060320090604\index.dat 2009-06-03 11:41:13 32768 --sha-w- c:\windows\system32\config\systemprofile\ustawienia lokalne\temporary internet files\content.ie5\index.dat ============= FINISH: 15:06:39,21 ===============

Kod: Zaznacz wszystko: UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_09-12-01.01) Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 2009-06-03 13:37:00 System Uptime: 2010-03-11 14:51:35 (1 hours ago) Motherboard: Gigabyte Technology Co., Ltd. | | M61SME-S2 Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 3600+ | Socket M2 | 1908/200mhz ==== Disk Partitions ========================= A: is Removable C: is FIXED (NTFS) - 35 GiB total, 23,981 GiB free. D: is FIXED (NTFS) - 39 GiB total, 7,425 GiB free. E: is FIXED (NTFS) - 147 GiB total, 124,646 GiB free. F: is FIXED (NTFS) - 147 GiB total, 109,576 GiB free. G: is FIXED (NTFS) - 171 GiB total, 29,89 GiB free. H: is CDROM () ==== Disabled Device Manager Items ============= Class GUID: Description: Inne urządzenia typu mostek PCI Device ID: PCI\VEN_10DE&DEV_03EF&SUBSYS_E0001458&REV_A2\3&2411E6FE&0&38 Manufacturer: Name: Inne urządzenia typu mostek PCI PNP Device ID: PCI\VEN_10DE&DEV_03EF&SUBSYS_E0001458&REV_A2\3&2411E6FE&0&38 Service: Class GUID: {4D36E96C-E325-11CE-BFC1-08002BE10318} Description: Device ID: HDAUDIO\FUNC_01&VEN_1002&DEV_AA01&SUBSYS_00AA0100&REV_1001\5&134DB365&0&0001 Manufacturer: ATI Technologies Inc. Name: PNP Device ID: HDAUDIO\FUNC_01&VEN_1002&DEV_AA01&SUBSYS_00AA0100&REV_1001\5&134DB365&0&0001 Service: ==== System Restore Points =================== RP186: 2009-12-22 13:21:05 - Punkt kontrolny systemu RP187: 2009-12-23 13:28:21 - Punkt kontrolny systemu RP188: 2009-12-23 19:35:44 - Installed ASUS Gamer OSD RP189: 2009-12-23 23:19:31 - Zainstalowany program DirectX RP190: 2009-12-23 23:19:44 - Zainstalowany program DirectX RP191: 2009-12-23 23:19:54 - Installed STREET FIGHTER IV. RP192: 2009-12-28 11:39:56 - Punkt kontrolny systemu RP193: 2009-12-29 16:47:31 - Punkt kontrolny systemu RP194: 2009-12-29 19:45:30 - Installed Driver Detective. RP195: 2009-12-30 17:32:18 - Removed Driver Detective. RP196: 2010-01-02 09:06:36 - Installed TMNT RP197: 2010-01-03 22:26:57 - Configured Pro Evolution Soccer 2008 RP198: 2010-01-04 16:42:27 - Configured Pro Evolution Soccer 2008 RP199: 2010-01-04 16:45:28 - Installed Pro Evolution Soccer 2008 RP200: 2010-01-05 17:52:51 - Punkt kontrolny systemu RP201: 2010-01-07 16:00:44 - Punkt kontrolny systemu RP202: 2010-01-09 11:28:49 - Punkt kontrolny systemu RP203: 2010-01-10 14:27:27 - Punkt kontrolny systemu RP204: 2010-01-11 16:22:40 - Punkt kontrolny systemu RP205: 2010-01-12 21:01:42 - Punkt kontrolny systemu RP206: 2010-01-13 23:38:55 - Software Distribution Service 3.0 RP207: 2010-01-15 14:27:24 - Punkt kontrolny systemu RP208: 2010-01-16 17:32:45 - Punkt kontrolny systemu RP209: 2010-01-17 18:21:36 - Punkt kontrolny systemu RP210: 2010-01-18 19:44:57 - Punkt kontrolny systemu RP211: 2010-01-20 12:50:48 - Punkt kontrolny systemu RP212: 2010-01-20 20:00:18 - Configured Pro Evolution Soccer 2008 RP213: 2010-01-21 20:19:13 - Punkt kontrolny systemu RP214: 2010-01-21 23:42:56 - Software Distribution Service 3.0 RP215: 2010-01-23 12:14:26 - Punkt kontrolny systemu RP216: 2010-01-24 13:30:48 - Punkt kontrolny systemu RP217: 2010-01-24 17:49:54 - Operacja przywracania RP218: 2010-01-25 18:43:49 - Punkt kontrolny systemu RP219: 2010-01-27 13:48:47 - Punkt kontrolny systemu RP220: 2010-01-28 14:11:17 - Punkt kontrolny systemu RP221: 2010-01-29 16:52:38 - Punkt kontrolny systemu RP222: 2010-01-30 17:48:40 - Punkt kontrolny systemu RP223: 2010-02-02 16:35:19 - Punkt kontrolny systemu RP224: 2010-02-03 18:10:28 - Punkt kontrolny systemu RP225: 2010-02-06 12:54:08 - Punkt kontrolny systemu RP226: 2010-02-07 13:04:53 - Punkt kontrolny systemu RP227: 2010-02-08 18:12:51 - Punkt kontrolny systemu RP228: 2010-02-10 23:25:32 - Software Distribution Service 3.0 RP229: 2010-02-12 19:51:41 - Punkt kontrolny systemu RP230: 2010-02-13 20:39:37 - Punkt kontrolny systemu RP231: 2010-02-15 14:49:15 - Punkt kontrolny systemu RP232: 2010-02-15 14:58:36 - Installed Microsoft Primary Interoperability Assemblies 2005 RP233: 2010-02-15 15:04:19 - Installed USB Vibration Joystick RP234: 2010-02-16 16:15:22 - Punkt kontrolny systemu RP235: 2010-02-17 20:21:54 - Punkt kontrolny systemu RP236: 2010-02-20 14:40:06 - Punkt kontrolny systemu RP237: 2010-02-22 16:37:19 - Punkt kontrolny systemu RP238: 2010-02-23 17:18:02 - Punkt kontrolny systemu RP239: 2010-02-24 17:24:41 - Punkt kontrolny systemu RP240: 2010-02-24 20:02:08 - Software Distribution Service 3.0 RP241: 2010-02-26 16:38:35 - Punkt kontrolny systemu RP242: 2010-03-01 17:31:08 - Punkt kontrolny systemu RP243: 2010-03-02 20:09:41 - Punkt kontrolny systemu RP244: 2010-03-03 21:02:15 - Punkt kontrolny systemu RP245: 2010-03-05 16:20:03 - Punkt kontrolny systemu RP246: 2010-03-06 16:51:04 - Punkt kontrolny systemu RP247: 2010-03-06 21:02:54 - Software Distribution Service 3.0 RP248: 2010-03-08 15:52:16 - Punkt kontrolny systemu RP249: 2010-03-09 17:20:21 - Punkt kontrolny systemu RP250: 2010-03-10 21:10:21 - Punkt kontrolny systemu RP251: 2010-03-11 00:00:42 - Software Distribution Service 3.0 ==== Installed Programs ====================== AC3Filter (remove only) Adobe Anchor Service CS3 Adobe Asset Services CS3 Adobe Bridge CS3 Adobe Bridge Start Meeting Adobe Camera Raw 4.0 Adobe CMaps Adobe Color - Photoshop Specific Adobe Color Common Settings Adobe Color EU Recommended Settings Adobe Color JA Extra Settings Adobe Color NA Extra Settings Adobe Default Language CS3 Adobe Device Central CS3 Adobe ExtendScript Toolkit 2 Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Fonts All Adobe Help Viewer CS3 Adobe Linguistics CS3 Adobe PDF Library Files Adobe Photoshop CS3 Adobe Setup Adobe Stock Photos CS3 Adobe Type Support Adobe Update Manager CS3 Adobe Version Cue CS3 Client Adobe WinSoft Linguistics Plugin Adobe XMP Panels CS3 AGEIA PhysX v7.05.06 AIDA32 v3.93 Aktualizacja dla systemu Windows Internet Explorer 8 (KB971180) Aktualizacja dla systemu Windows Internet Explorer 8 (KB976662) Aktualizacja dla systemu Windows Internet Explorer 8 (KB976749) Aktualizacja dla systemu Windows XP (KB898461) Aktualizacja dla systemu Windows XP (KB955759) Aktualizacja dla systemu Windows XP (KB968389) Aktualizacja dla systemu Windows XP (KB971737) Aktualizacja dla systemu Windows XP (KB973687) Aktualizacja dla systemu Windows XP (KB973815) Aktualizacja krytyczna dla programu Windows Media Player 11 (KB959772) Aktualizacja zabezpieczeń dla programu Windows Media Player (KB954155) Aktualizacja zabezpieczeń dla programu Windows Media Player (KB968816) Aktualizacja zabezpieczeń dla programu Windows Media Player (KB973540) Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 7 (KB938127-v2) Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 7 (KB950759) Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 7 (KB953838) Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 7 (KB956390) Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 7 (KB958215) Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 7 (KB960714) Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 7 (KB963027) Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB969897) Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB971961) Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB972260) Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB974455) Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB976325) Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB978207) Aktualizacja zabezpieczeń dla systemu Windows XP (KB923561) Aktualizacja zabezpieczeń dla systemu Windows XP (KB923789) Aktualizacja zabezpieczeń dla systemu Windows XP (KB952004) Aktualizacja zabezpieczeń dla systemu Windows XP (KB953839) Aktualizacja zabezpieczeń dla systemu Windows XP (KB956391) Aktualizacja zabezpieczeń dla systemu Windows XP (KB956572) Aktualizacja zabezpieczeń dla systemu Windows XP (KB956744) Aktualizacja zabezpieczeń dla systemu Windows XP (KB956844) Aktualizacja zabezpieczeń dla systemu Windows XP (KB958690) Aktualizacja zabezpieczeń dla systemu Windows XP (KB958869) Aktualizacja zabezpieczeń dla systemu Windows XP (KB959426) Aktualizacja zabezpieczeń dla systemu Windows XP (KB960225) Aktualizacja zabezpieczeń dla systemu Windows XP (KB960715) Aktualizacja zabezpieczeń dla systemu Windows XP (KB960803) Aktualizacja zabezpieczeń dla systemu Windows XP (KB960859) Aktualizacja zabezpieczeń dla systemu Windows XP (KB961371) Aktualizacja zabezpieczeń dla systemu Windows XP (KB961373) Aktualizacja zabezpieczeń dla systemu Windows XP (KB961501) Aktualizacja zabezpieczeń dla systemu Windows XP (KB968537) Aktualizacja zabezpieczeń dla systemu Windows XP (KB969059) Aktualizacja zabezpieczeń dla systemu Windows XP (KB969898) Aktualizacja zabezpieczeń dla systemu Windows XP (KB969947) Aktualizacja zabezpieczeń dla systemu Windows XP (KB970238) Aktualizacja zabezpieczeń dla systemu Windows XP (KB970430) Aktualizacja zabezpieczeń dla systemu Windows XP (KB971468) Aktualizacja zabezpieczeń dla systemu Windows XP (KB971486) Aktualizacja zabezpieczeń dla systemu Windows XP (KB971557) Aktualizacja zabezpieczeń dla systemu Windows XP (KB971633) Aktualizacja zabezpieczeń dla systemu Windows XP (KB971657) Aktualizacja zabezpieczeń dla systemu Windows XP (KB972270) Aktualizacja zabezpieczeń dla systemu Windows XP (KB973346) Aktualizacja zabezpieczeń dla systemu Windows XP (KB973354) Aktualizacja zabezpieczeń dla systemu Windows XP (KB973507) Aktualizacja zabezpieczeń dla systemu Windows XP (KB973525) Aktualizacja zabezpieczeń dla systemu Windows XP (KB973869) Aktualizacja zabezpieczeń dla systemu Windows XP (KB973904) Aktualizacja zabezpieczeń dla systemu Windows XP (KB974112) Aktualizacja zabezpieczeń dla systemu Windows XP (KB974318) Aktualizacja zabezpieczeń dla systemu Windows XP (KB974392) Aktualizacja zabezpieczeń dla systemu Windows XP (KB974571) Aktualizacja zabezpieczeń dla systemu Windows XP (KB975025) Aktualizacja zabezpieczeń dla systemu Windows XP (KB975467) Aktualizacja zabezpieczeń dla systemu Windows XP (KB975560) Aktualizacja zabezpieczeń dla systemu Windows XP (KB975561) Aktualizacja zabezpieczeń dla systemu Windows XP (KB975713) Aktualizacja zabezpieczeń dla systemu Windows XP (KB977165) Aktualizacja zabezpieczeń dla systemu Windows XP (KB977914) Aktualizacja zabezpieczeń dla systemu Windows XP (KB978037) Aktualizacja zabezpieczeń dla systemu Windows XP (KB978251) Aktualizacja zabezpieczeń dla systemu Windows XP (KB978262) Aktualizacja zabezpieczeń dla systemu Windows XP (KB978706) Aktualizacja zabezpieczeń dla Windows XP (KB941569) Apex RM RMVB Converter 6.54 Apple Software Update ASF TO AVI CONVERTER version 3.1 ASUS Gamer OSD ATI Display Driver µTorrent avast! Antivirus AviSynth 2.5 BS.Player FREE BS_Player Toolbar CCleaner (remove only) DAMN NFO Viewer v2.10.0032.RC3 (Remove Only) Edytor Znaczników HTML 2.0PR1 Alef FastStone Capture 5.9 FastStone Image Viewer 3.5 Fighting Force FlashFXP v3 FlashGet 1.9.6.1073 Gadu-Gadu 7.7 GUILTY GEAR XX - RELOAD Hamachi 1.0.2.5 HijackThis 2.0.2 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB976002-v5) Java(TM) 6 Update 15 K-Lite Codec Pack 4.8.5 (Full) LightScribe System Software 1.10.13.1 Malwarebytes' Anti-Malware Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB953297) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft Games for Windows - LIVE Microsoft Games for Windows - LIVE Redistributable Microsoft Office Excel Viewer 2003 Microsoft Primary Interoperability Assemblies 2005 Microsoft Visual C++ 2005 Redistributable mIRC MozBackup 1.4.6 PL Mozilla Firefox (2.0.0.20) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Multi-Poster Music NFO Builder v1.20 NAPIPROJEKT 1.0.6.2 Nero 7 Essentials neroxml Norton PartitionMagic Norton PartitionMagic 8.0 Nuclear Coffee - VideoGet 1.1 Trial Oprogramowanie drukarki EPSON Pakiet sterowników systemu Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0) PDF Settings PHPNukeEN Toolbar Poprawka dla systemu Windows Internet Explorer 7 (KB947864) Poprawka dla systemu Windows XP (KB932716-v2) Poprawka dla systemu Windows XP (KB961118) Poprawka dla systemu Windows XP (KB970653-v3) Poprawka dla systemu Windows XP (KB976098-v2) Poprawka dla systemu Windows XP (KB979306) Pro Evolution Soccer 2008 QuickTime Real Alternative 1.9.0 Realtek High Definition Audio Driver RocketDock 1.3.5 SAGEM F@st 800-840 SopCast 2.0.4 STREET FIGHTER IV Streets of Moscow SubEdit-Player SUPERAntiSpyware Free Edition TMNT Total Commander (Remove or Repair) TVUPlayer 2.4.9.1 Update for Microsoft .NET Framework 3.5 SP1 (KB963707) USB Vibration Joystick Vista Drive Indicator! VLC media player 0.9.8a WebFldrs XP Winamp Windows Internet Explorer 8 WinRAR archiver XviD MPEG-4 Video Codec YouTube Clip Extractor 2.0 ==== End Of File ===========================

**Posty:** 8001 · przez **Okocza** 11 Mar 2010, 17:12

Ice-Man, załóż nowy temat

wstaw wymagane logi

Kto jest na forum