Silu utworzono 12 maja 2009 utworzono 12 maja 2009 ComboFix 09-05-11.06 - Sil 2009-05-12 11:21.1 - NTFSx86Uruchomiony z: c:\documents and settings\Sil\Pulpit\ComboFix.exeAV: Kaspersky Anti-Virus *On-access scanning disabled* (Updated)FW: Outpost Firewall Pro *disabled* * Utworzono nowy punkt przywracaniaUWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !!.((((((((((((((((((((((((( Pliki utworzone od 2009-04-12 do 2009-05-12 ))))))))))))))))))))))))))))))).2009-05-12 08:53 . 2009-05-12 08:57 -------- d-----w c:\documents and settings\All Users\Dane aplikacji\POPWWPROFILES2009-05-11 22:52 . 2009-05-11 22:52 -------- d--h--w c:\windows\PIF2009-05-04 09:13 . 2009-05-04 09:17 -------- d-----w c:\program files\Qtracker2009-05-03 22:02 . 2009-05-04 09:18 22328 ----a-w c:\windows\system32\drivers\PnkBstrK.sys2009-05-03 22:02 . 2009-05-03 22:02 22328 ----a-w c:\documents and settings\Sil\Dane aplikacji\PnkBstrK.sys2009-05-03 22:02 . 2009-05-04 09:18 103736 ----a-w c:\windows\system32\PnkBstrB.exe2009-05-03 22:02 . 2009-05-04 00:09 66872 ----a-w c:\windows\system32\PnkBstrA.exe2009-05-03 22:02 . 2009-05-03 22:02 -------- d-----w c:\windows\system32\LogFiles2009-05-02 02:25 . 2009-05-02 02:25 -------- d-sh--w c:\documents and settings\Sil\IECompatCache2009-04-30 16:40 . 2009-04-30 16:40 -------- d-sh--w c:\documents and settings\Sil\PrivacIE2009-04-30 16:40 . 2009-04-30 16:40 -------- d-----w c:\documents and settings\Sil\Ustawienia lokalne\Dane aplikacji\Google2009-04-30 16:38 . 2009-04-30 16:38 -------- d-sh--w c:\documents and settings\Sil\IETldCache2009-04-30 16:36 . 2009-04-30 16:36 -------- d-----w c:\windows\ie8updates2009-04-30 16:34 . 2009-04-30 16:35 -------- dc-h--w c:\windows\ie82009-04-30 16:33 . 2009-04-30 16:34 -------- d-----w c:\program files\Google2009-04-30 16:33 . 2009-04-30 16:36 -------- d--h--w c:\windows\msdownld.tmp2009-04-30 16:31 . 2009-02-28 04:55 105984 -c----w c:\windows\system32\dllcache\iecompat.dll2009-04-28 12:25 . 2009-04-28 12:25 -------- d-----w c:\program files\Common Files\Futuremark Shared2009-04-26 11:50 . 2009-05-01 14:37 -------- d-----w c:\documents and settings\Sil\Ustawienia lokalne\Dane aplikacji\The Witcher2009-04-26 11:26 . 2009-04-26 11:27 279712 ----a-w c:\windows\system32\drivers\atksgt.sys2009-04-26 11:26 . 2009-04-26 11:26 25888 ----a-w c:\windows\system32\drivers\lirsgt.sys2009-04-26 11:09 . 2004-08-22 14:31 5248 ----a-w c:\windows\system32\drivers\d347prt.sys2009-04-26 11:09 . 2004-08-22 14:31 155136 ----a-w c:\windows\system32\drivers\d347bus.sys2009-04-26 11:09 . 2009-04-26 11:09 -------- d-----w c:\program files\D-Tools2009-04-26 11:08 . 2009-04-26 11:08 -------- d-----w c:\windows\Downloaded Installations2009-04-21 11:34 . 2009-04-21 11:34 -------- d-----w c:\program files\Słownik synonimów 1.02009-04-19 23:36 . 2009-04-19 23:36 -------- d-----w c:\documents and settings\Sil\Ustawienia lokalne\Dane aplikacji\inXile entertainment2009-04-19 21:08 . 2009-05-10 22:30 603904 ----a-w c:\windows\system32\TUProgSt.exe2009-04-19 21:08 . 2008-11-24 11:19 27904 ----a-w c:\windows\system32\uxtuneup.dll2009-04-19 21:08 . 2009-05-10 22:29 362240 ----a-w c:\windows\system32\TuneUpDefragService.exe2009-04-19 21:06 . 2009-04-19 21:06 -------- d-----w c:\documents and settings\Sil\Dane aplikacji\TuneUp Software2009-04-19 21:06 . 2009-04-19 21:06 -------- d-----w c:\documents and settings\All Users\Dane aplikacji\TuneUp Software2009-04-19 20:45 . 2009-05-10 22:30 -------- d-----w c:\program files\TuneUp Utilities 20092009-04-19 20:43 . 2009-04-19 20:43 -------- d-sh--w c:\documents and settings\All Users\Dane aplikacji\{55A29068-F2CE-456C-9148-C869879E2357}2009-04-17 20:37 . 2009-04-06 09:37 704384 ----a-w c:\windows\system32\drivers\SandBox.sys2009-04-17 20:37 . 2009-02-10 14:15 257432 ----a-w c:\windows\system32\drivers\afwcore.sys2009-04-17 20:37 . 2009-04-17 20:38 -------- d-----w c:\windows\system32\Filt2009-04-17 20:37 . 2009-02-18 15:30 31128 ----a-w c:\windows\system32\drivers\afw.sys2009-04-17 20:37 . 2009-04-17 20:37 -------- d-----w c:\program files\Agnitum2009-04-17 20:33 . 2009-04-17 20:33 -------- d-----w c:\documents and settings\All Users\Dane aplikacji\Agnitum2009-04-17 18:33 . 2009-04-17 18:35 -------- d-----w c:\program files\BearShare2009-04-16 22:52 . 2009-04-16 22:52 -------- d-----w c:\documents and settings\All Users\Dane aplikacji\Electronic Arts2009-04-16 10:57 . 2009-04-16 11:02 -------- d-----w c:\program files\ICeQ2009-04-15 12:33 . 2009-04-15 12:35 -------- d-----w c:\program files\Aspell.(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))).2009-05-12 09:10 . 2009-03-14 21:31 -------- d-----w c:\program files\AutoConnect2009-05-12 09:09 . 2009-03-30 20:19 499744 --sha-w c:\windows\system32\drivers\fidbox2.dat2009-05-12 09:09 . 2009-03-30 20:19 3836 --sha-w c:\windows\system32\drivers\fidbox2.idx2009-05-12 09:09 . 2009-03-30 20:19 3254304 --sha-w c:\windows\system32\drivers\fidbox.dat2009-05-12 09:09 . 2009-03-30 20:19 27552 --sha-w c:\windows\system32\drivers\fidbox.idx2009-05-12 08:53 . 2009-01-02 16:16 -------- d--h--w c:\program files\InstallShield Installation Information2009-05-10 22:41 . 2009-05-10 22:41 249856 ----a-w c:\documents and settings\NetworkService\NTUSER.DAT.tmp2009-05-10 22:41 . 2009-05-10 22:41 249856 ----a-w c:\documents and settings\LocalService\NTUSER.DAT.tmp2009-05-03 19:05 . 2009-04-06 09:32 -------- d-----w c:\program files\jv16 PowerTools 20092009-05-03 18:45 . 2009-03-14 23:28 23 --sha-w c:\windows\system32\edacded0_x.dat2009-04-19 21:25 . 2001-10-26 16:15 82230 ----a-w c:\windows\system32\perfc015.dat2009-04-19 21:25 . 2001-10-26 16:15 484978 ----a-w c:\windows\system32\perfh015.dat2009-04-08 22:47 . 2009-01-02 17:29 -------- d-----w c:\program files\Malwarebytes' Anti-Malware2009-04-08 17:30 . 2009-04-08 17:30 43520 ----a-w c:\windows\system32\CmdLineExt03.dll2009-04-06 13:32 . 2009-01-02 17:29 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys2009-04-06 13:32 . 2009-01-02 17:29 15504 ----a-w c:\windows\system32\drivers\mbam.sys2009-04-06 10:14 . 2009-04-06 10:14 -------- d-----w c:\program files\Real Alternative2009-03-30 20:36 . 2009-03-30 20:33 -------- d-----w c:\program files\Spybot - Search & Destroy2009-03-30 20:26 . 2009-03-30 20:19 89601 ----a-w c:\windows\system32\drivers\klick.dat2009-03-30 20:26 . 2009-03-30 20:19 101287 ----a-w c:\windows\system32\drivers\klin.dat2009-03-30 20:26 . 2008-01-29 15:29 33808 ----a-w c:\windows\system32\drivers\klbg.sys2009-03-30 20:19 . 2009-03-30 20:19 -------- d-----w c:\program files\Kaspersky Lab2009-03-30 11:55 . 2009-03-30 11:55 410984 ----a-w c:\windows\system32\deploytk.dll2009-03-30 11:55 . 2009-01-02 16:16 -------- d-----w c:\program files\Java2009-03-30 11:07 . 2009-03-15 00:45 -------- d-----w c:\program files\JetAudio2009-03-29 00:43 . 2008-04-14 20:51 5650944 ----a-w c:\windows\system32\logonui.exe2009-03-29 00:43 . 2008-04-14 20:51 185856 ----a-w c:\windows\system32\taskmgr.exe2009-03-29 00:40 . 2001-10-26 17:30 32256 ----a-w c:\windows\system32\ntsd.exe2009-03-29 00:40 . 2009-01-02 14:35 443392 ----a-w c:\windows\system32\mspaint.exe2009-03-29 00:40 . 2009-01-02 14:36 172032 ----a-w c:\windows\pchealth\helpctr\binaries\msconfig.exe2009-03-29 00:40 . 2009-01-02 14:36 765952 ----a-w c:\windows\pchealth\helpctr\binaries\helpctr.exe2009-03-29 00:39 . 2008-04-14 20:51 3128320 ----a-w c:\windows\system32\logon.scr2009-03-29 00:39 . 2008-04-14 20:51 45568 ----a-w c:\windows\system32\shmgrate.exe2009-03-29 00:39 . 2008-04-14 20:51 109568 ----a-w c:\windows\system32\progman.exe2009-03-29 00:39 . 2008-04-14 20:51 292352 ----a-w c:\windows\system32\vssvc.exe2009-03-29 00:39 . 2008-04-14 20:51 18944 ----a-w c:\windows\system32\ups.exe2009-03-29 00:39 . 2008-04-14 20:51 75264 ----a-w c:\windows\system32\tlntsvr.exe2009-03-29 00:39 . 2008-04-14 20:51 98304 ----a-w c:\windows\system32\scardsvr.exe2009-03-29 00:39 . 2009-01-02 14:35 142848 ----a-w c:\windows\system32\sessmgr.exe2009-03-29 00:39 . 2008-04-14 20:51 75776 ----a-w c:\windows\system32\locator.exe2009-03-29 00:39 . 2001-10-26 17:30 132608 ----a-w c:\windows\system32\rsvp.exe2009-03-29 00:37 . 2008-04-14 20:51 227328 ----a-w c:\windows\regedit.exe2009-03-29 00:37 . 2008-04-14 20:51 156672 ----a-w c:\windows\system32\notepad.exe2009-03-29 00:33 . 2009-03-29 00:33 16904 ----a-w c:\windows\system32\drivers\pxrts.sys2009-03-28 11:03 . 2009-03-16 11:41 -------- d-----w c:\program files\Microsoft Games for Windows - LIVE2009-03-28 08:30 . 2009-03-16 11:55 232784 ----a-w c:\documents and settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat2009-03-27 21:19 . 2009-03-21 16:32 -------- d-----w c:\program files\Fraps2009-03-27 07:52 . 2009-03-27 07:52 -------- d-----w c:\program files\Foxit Software2009-03-26 11:42 . 2009-03-26 11:42 -------- d-----w c:\program files\OO Software2009-03-20 23:34 . 2009-03-20 23:34 -------- d-----w c:\program files\Realtek2009-03-20 21:35 . 2009-03-20 21:35 -------- d-----w c:\program files\K-Lite Codec Pack2009-03-16 22:45 . 2009-03-16 22:44 -------- d-----w c:\program files\AGEIA Technologies2009-03-16 22:44 . 2009-03-16 22:44 -------- d-----w c:\program files\Common Files\Wise Installation Wizard2009-03-16 14:15 . 2009-03-16 11:04 -------- d-----w c:\program files\Rockstar Games2009-03-16 11:56 . 2009-01-02 16:02 43752 ----a-w c:\documents and settings\Sil\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT2009-03-16 11:55 . 2009-03-16 11:55 -------- d-----w c:\program files\MSBuild2009-03-16 11:52 . 2009-03-16 11:52 -------- d-----w c:\program files\Reference Assemblies2009-03-16 01:04 . 2009-01-02 17:28 971232 ----a-w c:\windows\system32\drivers\tdrpm147.sys2009-03-16 01:04 . 2009-03-16 01:04 540000 ----a-w c:\windows\system32\drivers\timntr.sys2009-03-16 01:04 . 2009-03-16 01:04 44704 ----a-w c:\windows\system32\drivers\tifsfilt.sys2009-03-16 01:04 . 2009-03-16 01:04 134272 ----a-w c:\windows\system32\drivers\snman380.sys2009-03-16 01:03 . 2009-01-02 17:28 -------- d-----w c:\program files\Common Files\Acronis2009-03-16 01:03 . 2009-03-16 01:03 -------- d-----w c:\program files\Acronis2009-03-15 23:04 . 2009-03-15 23:04 -------- d-----w c:\program files\Ubisoft2009-03-15 22:59 . 2009-01-02 16:16 -------- d-----w c:\program files\Common Files\InstallShield2009-03-15 14:12 . 2009-03-15 14:12 -------- d-----w c:\program files\IrfanView2009-03-15 14:10 . 2009-03-15 14:08 -------- d-----w c:\program files\NAPI-PROJEKT2009-03-15 13:22 . 2009-03-15 13:22 -------- d-----w c:\program files\Driver-Soft2009-03-15 12:34 . 2009-03-15 12:34 86016 ----a-w c:\windows\system32\OpenAL32.dll2009-03-15 12:34 . 2009-03-15 12:34 262144 ----a-w c:\windows\system32\wrap_oal.dll2009-03-15 12:33 . 2009-03-15 12:33 -------- d-----w c:\program files\Futuremark2009-03-15 12:31 . 2009-03-15 12:31 -------- d-----w c:\program files\Nero2009-03-15 12:31 . 2009-03-15 12:31 -------- d-----w c:\program files\Common Files\Nero2009-03-15 10:36 . 2009-01-02 17:13 -------- d-----w c:\program files\BitComet2009-03-15 10:02 . 2009-03-15 10:02 -------- d-----w c:\program files\Microsoft Works2009-03-15 00:45 . 2009-03-15 00:45 -------- d-----w c:\program files\Common Files\COWON2009-03-15 00:26 . 2009-03-15 00:26 63234 ----a-w c:\windows\BricoPackUninst.cmd2009-03-15 00:26 . 2009-03-15 00:25 6110 ----a-w c:\windows\BricoPackFoldersDelete.cmd2009-03-15 00:26 . 2008-04-14 20:50 219648 ----a-w c:\windows\system32\uxtheme.dll2009-03-14 22:31 . 2009-03-14 22:31 286720 ----a-w c:\windows\system32\nvnt4cpl.dll2009-03-14 22:31 . 2009-01-02 16:07 3424256 ----a-w c:\windows\system32\nvgamesr.dll2009-03-14 22:31 . 2009-01-02 16:07 2854912 ----a-w c:\windows\system32\nvmoblsr.dll2009-03-14 22:31 . 2009-01-02 16:07 159812 ----a-w c:\windows\system32\nvsvc32.exe2009-03-14 22:31 . 2009-01-02 16:07 5783552 ----a-w c:\windows\system32\nvdispsr.dll2009-03-14 22:31 . 2009-01-02 16:07 3391488 ----a-w c:\windows\system32\nvgames.dll2009-03-14 22:31 . 2009-01-02 16:07 1241088 ----a-w c:\windows\system32\nvcuda.dll2009-03-14 22:31 . 2009-01-02 16:07 13533184 ----a-w c:\windows\system32\nvcpl.dll2009-03-14 22:31 . 2009-03-14 22:31 114688 ----a-w c:\windows\system32\nvcodins.dll2009-03-14 22:31 . 2009-03-14 22:31 114688 ----a-w c:\windows\system32\nvcod.dll2009-03-14 22:31 . 2009-01-02 16:07 6550560 ----a-w c:\windows\system32\drivers\nv4_mini.sys2009-03-14 22:31 . 2009-01-02 16:07 434176 ----a-w c:\windows\system32\nvapi.dll2009-03-14 22:24 . 2009-03-14 22:24 664 ----a-w c:\windows\system32\d3d9caps.dat2009-03-14 22:20 . 2009-03-14 22:20 73216 ----a-w c:\windows\ST6UNST.EXE2009-03-14 22:20 . 2009-03-14 22:20 249856 ------w c:\windows\Setup1.exe2009-03-14 22:04 . 2009-03-14 22:02 -------- d-----w c:\program files\Driver Cleaner2009-03-14 21:59 . 2009-03-14 21:55 -------- d-----w c:\program files\Total Uninstall 52009-03-14 21:20 . 2009-01-02 16:25 -------- d-----w c:\program files\Opera2009-03-12 16:25 . 2009-01-02 16:07 5051904 ----a-w c:\windows\system32\drivers\RtkHDAud.sys2009-03-12 16:21 . 2009-01-02 16:07 17531392 ----a-w c:\windows\RTHDCPL.EXE2009-03-12 14:34 . 2009-01-02 16:07 39424 ----a-w c:\windows\system32\RtkCoInstXP.dll.((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))..*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"AutoConnect"="c:\program files\AutoConnect\AutoConnect.exe" [2006-12-02 310784][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Startup Manager Scanner"="c:\program files\Startup Mechanic\StartupMonitor.exe" [2009-03-29 86016]"AVP"="c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" [2009-03-30 206088]"OutpostMonitor"="c:\progra~1\Agnitum\OUTPOS~1\op_mon.exe" [2009-04-15 1229640]"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-14 13533184][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]"nltide_2"="shell32" [X][HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]BootExecute REG_MULTI_SZ autocheck autochk *\[u]0[/u]OODBS[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]"PnkBstrA"=2 (0x2)"gusvc"=3 (0x3)"AcrSch2Svc"=2 (0x2)"TuneUp.ProgramStatisticsSvc"=2 (0x2)[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]"DisableMonitoring"=dword:00000001[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]"EnableFirewall"= 0 (0x0)[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\system32\\sessmgr.exe"="c:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"="d:\\Gry\\GTA IV\\Grand Theft Auto IV\\LaunchGTAIV.exe"="d:\\Gry\\GTA IV\\Grand Theft Auto IV\\GTAIV.exe"="d:\\Gry\\Burnout\\BurnoutLauncher.exe"="d:\\Gry\\Burnout\\BurnoutConfigTool.exe"="d:\\Gry\\Burnout\\BurnoutParadise.exe"="c:\\WINDOWS\\system32\\PnkBstrA.exe"="c:\\WINDOWS\\system32\\PnkBstrB.exe"="d:\\Gry\\CoD 4\\iw3mp.exe"=R2 acssrv;Agnitum Client Security Service;c:\progra~1\Agnitum\OUTPOS~1\acs.exe [2009-04-14 1267528]R2 CSIScanner;CSIScanner;c:\program files\Prevx\prevx.exe [x]R3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2008-08-05 1684736]R3 ASWFilt;ASWFilt;c:\windows\system32\Filt\ASWFilt.dll [2009-04-06 33888]R3 cpuz130;cpuz130;c:\docume~1\Sil\USTAWI~1\Temp\cpuz130\cpuz_x32.sys [x]R4 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\System32\TUProgSt.exe [2009-05-10 603904]S0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2009-03-30 33808]S0 pxrts;pxrts;c:\windows\System32\drivers\pxrts.sys [2009-03-29 16904]S0 snapman380;Acronis Snapshots Manager (Build 380);c:\windows\system32\DRIVERS\snman380.sys [2009-03-16 134272]S0 tdrpman147;Acronis Try&Decide and Restore Points filter (build 147);c:\windows\system32\DRIVERS\tdrpm147.sys [2009-03-16 971232]S1 SandBox;SandBox;c:\windows\system32\drivers\SandBox.sys [2009-04-06 704384]S3 afw;Agnitum firewall driver;c:\windows\system32\DRIVERS\afw.sys [2009-02-18 31128]S3 afwcore;afwcore;c:\windows\system32\drivers\afwcore.sys [2009-02-10 257432]S3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\DRIVERS\klim5.sys [2008-04-30 24592]--- Inne Usługi/Sterowniki w Pamięci ---*Deregistered* - acssrv*Deregistered* - AFD*Deregistered* - afw*Deregistered* - afwcore*Deregistered* - ALG*Deregistered* - Arp1394*Deregistered* - atksgt*Deregistered* - AudioSrv*Deregistered* - audstub*Deregistered* - AVP*Deregistered* - Beep*Deregistered* - Browser*Deregistered* - Cdfs*Deregistered* - CryptSvc*Deregistered* - d347bus*Deregistered* - DcomLaunch*Deregistered* - Dhcp*Deregistered* - dmio*Deregistered* - dmload*Deregistered* - dmserver*Deregistered* - ERSvc*Deregistered* - EventSystem*Deregistered* - FastUserSwitchingCompatibility*Deregistered* - Fips*Deregistered* - FltMgr*Deregistered* - Ftdisk*Deregistered* - Gpc*Deregistered* - helpsvc*Deregistered* - HTTP*Deregistered* - ImapiService*Deregistered* - IpNat*Deregistered* - IPSec*Deregistered* - JavaQuickStarterService*Deregistered* - kl1*Deregistered* - klbg*Deregistered* - KLIF*Deregistered* - klim5*Deregistered* - KSecDD*Deregistered* - LanmanServer*Deregistered* - lanmanworkstation*Deregistered* - lirsgt*Deregistered* - LmHosts*Deregistered* - mnmdd*Deregistered* - MountMgr*Deregistered* - MRxDAV*Deregistered* - MRxSmb*Deregistered* - Msfs*Deregistered* - mssmbios*Deregistered* - Mup*Deregistered* - NDIS*Deregistered* - NdisTapi*Deregistered* - Ndisuio*Deregistered* - NdisWan*Deregistered* - NDProxy*Deregistered* - NetBIOS*Deregistered* - NetBT*Deregistered* - Netman*Deregistered* - Nla*Deregistered* - Npfs*Deregistered* - Ntfs*Deregistered* - Null*Deregistered* - NVSvc*Deregistered* - O&O Defrag*Deregistered* - PartMgr*Deregistered* - ParVdm*Deregistered* - PolicyAgent*Deregistered* - PptpMiniport*Deregistered* - prodrv06*Deregistered* - prohlp02*Deregistered* - prosync1*Deregistered* - ProtectedStorage*Deregistered* - PSched*Deregistered* - pxrts*Deregistered* - RasAcd*Deregistered* - Rasl2tp*Deregistered* - RasMan*Deregistered* - RasPppoe*Deregistered* - Raspti*Deregistered* - Rdbss*Deregistered* - RDPCDD*Deregistered* - rdpdr*Deregistered* - RpcSs*Deregistered* - SamSs*Deregistered* - SandBox*Deregistered* - SCDEmu*Deregistered* - seclogon*Deregistered* - SENS*Deregistered* - sfhlp01*Deregistered* - SharedAccess*Deregistered* - ShellHWDetection*Deregistered* - Spooler*Deregistered* - sr*Deregistered* - srservice*Deregistered* - Srv*Deregistered* - SSDPSRV*Deregistered* - stisvc*Deregistered* - swenum*Deregistered* - TapiSrv*Deregistered* - Tcpip*Deregistered* - TermDD*Deregistered* - TermService*Deregistered* - Themes*Deregistered* - tifsfilter*Deregistered* - timounter*Deregistered* - TrkWks*Deregistered* - Update*Deregistered* - UxTuneUp*Deregistered* - VgaSave*Deregistered* - VolSnap*Deregistered* - W32Time*Deregistered* - Wanarp*Deregistered* - WebClient*Deregistered* - winmgmt*Deregistered* - WmiApSrv*Deregistered* - wscsvc*Deregistered* - wuauserv*Deregistered* - WZCSVCHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcsUxTuneUp[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{07e8c225-3253-11de-96d6-000e50f0e476}]\Shell\AutoRun\command - G:\Autorun.exe..------- Skan uzupełniający -------.uStart Page = hxxp://www.google.com/IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll.**************************************************************************catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2009-05-12 11:22Windows 5.1.2600 Dodatek Service Pack 3 NTFSskanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ... skanowanie pomyślnie ukończoneukryte pliki: 0**************************************************************************.--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------[HKEY_USERS\S-1-5-21-861567501-1957994488-682003330-1003\Software\SecuROM\License information*]"datasecu"=hex:8d,5b,c9,1c,92,b0,09,7f,7b,db,e2,8c,6e,ae,a4,58,30,7f,d7,3c,a6, dc,08,06,f8,7c,99,9c,a2,20,54,94,c9,60,ec,db,29,67,61,34,35,ad,64,49,ed,b8,\"rkeysecu"=hex:68,76,1b,f2,8d,0b,96,11,b8,2f,75,d6,8b,94,f2,9b[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]"OODEFRAG11.00.00.01WORKSTATION"="B01A8BC2F50FB7081A7A735345AC262DEB68EBD74B3725EF8B505C0F00AA999A36A3765DC0E687207DEBE849C7B68BC7C5BF13CFC522552566F85403F61141DDC6C6E3FC57C6F3449D85BC9ADD9E153FB0ED16124DA18705FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC79335D575E7D6A3B98089DB7CE019D40AA5CA2D97226D213B5553AB7E4FB634C7742C773B5755092B04D6889450F5E406C7941F5E78817E5E262AB27DDEAEB74F340FAB0CE25FED8E622CFC5515E03D940F184860535AD4E20D49D9B41322FA33A4955234CA4C62F52282FECA5B7DDD7D06B1F87E16E39046B41C09D955A3462CAFB9A9E4EB190FD5A467BC01D2D582092ABD848B1BBC489DD744B2907FEC5F00AC9136C991D0A5FCE312D76B4649D4A5AD1F90B4BB79E1377927AAD655073C241FB09CA97CD20A3DF753F3A0F992124E2CD52882A92588A1D8E890F259290FC9A2B4DE8D53B8ACE237435A8711916AC4AE3AFE86B0F470E94343DA65D1FB47929C6B36C04F4BE9612E091D4C6C5F619932EEACDD30487EE8AA0DC3F4BE1B9C75E92126FF799F9E889C15D439B157FD1A498DC4AC8DD76B18CC5B199CCDABEAA9524467DA95F3C63CB73A6EEA393B2F348636262D69B369110688AE9E61D29170AE5AE1837904A5BFDA67B45B25D544FACA45E942BCFABFAEBA43A57C2D21D3ADA97AF35DF0AAB562ADDF329C3A5EDE8E4C436CE9AA1830FD965177FA9B788EF8ECBAFBC8ABBAB11BBF0A4EF7533CD78E5FED2729ACCA9A47B6EFC6F8D1C97CC8CE91C8BBE2CDCFA858D2E63085F836B8AE6A1D8C6A0D0445354492E01E3C01621ABE2F32AF411B7BDB0AEC26319E46213DE15CB5D01EFAB49825F323D07B8477C2178B99C41611E7B30CA3F8F618AB01FA0230B41E3C0CBA7B425689D93FA8EB3AA54160CD5A9BABEB2ACFEBB5052DF3738C4C87AD541CB1FFE0630A0A7C84DBE01F23611058A4C6734801B388EDC2D4408F72CB2F4B304C1C4EFDDEC78221BF9AE533C6839E7463A85F5A3FCDB8F071643BD5039751E03094056B948CE51432692F83BF26F6A51E2C84398A20A94935E741D45019ECA87CD8130FE9F05DDC2685FEB3DB5B9FCC7EC761F72677ED6AAB3761F8CA04B488A506876DD828D9A4CC61B37405A3D51394A5BC7982D350AD910F9501ED46A6834B52AA97AA4EC9848AFA06BB3ACB1D9E85016FD6A793AA0E0D106C2E4F980416182D1CAED5FB92FCE73209AFD1E6550CF381A8539F7B156B3BB720DBF94A32C24253D62C22C20F9AF461B5EF5C23AB0989FAF264CF3CF26FA746A49814A7FC743E99DF879AB6258EDBE69D1EA55A4B92308F22EDCE0E1D29485EF13F16752F7B507F79E86A2536CBE5CB3149D302F7082D6D36E18D4C3608F5E58".--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------- - - - - - - > 'explorer.exe'(2584)c:\windows\system32\SHDOCVW.dllc:\windows\system32\ntshrui.dllc:\windows\system32\ieframe.dllc:\windows\system32\NETSHELL.dllc:\windows\system32\credui.dllc:\windows\system32\webcheck.dllc:\windows\system32\WPDShServiceObj.dllc:\windows\system32\PortableDeviceTypes.dllc:\windows\system32\PortableDeviceApi.dll.Czas ukończenia: 2009-05-12 11:23ComboFix-quarantined-files.txt 2009-05-12 09:23Przed: 39 536 107 520 bajtów wolnychPo: 39 521 427 456 bajtów wolnych374 --- E O F --- 2009-04-15 23:28
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.