zxcv utworzono 28 czerwca 2009 utworzono 28 czerwca 2009 proszę o sprawdzenie logów z: HT: C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Common Files\LightScribe\LSSrvc.exeC:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Brother\Brmfcmon\BrMfcWnd.exeC:\Program Files\Microsoft Office\Office12\GrooveMonitor.exeC:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exeC:\Program Files\Ray Adams\ATI Tray Tools\atitray.exeC:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exeC:\Program Files\Brother\Brmfcmon\BrMfcmon.exeC:\WINDOWS\system32\wuauclt.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blankR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = ŁączaO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dllO2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dllO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dllO2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllO2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Gladi\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dllO4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -bootO4 - HKLM\..\Run: [brMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUNO4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorunO4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"O4 - HKCU\..\Run: [AtiTrayTools] "C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe"O4 - Startup: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXEO4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exeO8 - Extra context menu item: Dodaj do listy blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htmO8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000O9 - Extra button: Statystyki ochrony WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dllO9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\WINDOWS\system32\shdocvw.dllO9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\WINDOWS\system32\shdocvw.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLLO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} (Java Plug-in 1.6.0_06) - O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{41716DAA-E8DE-415A-A31A-2E73888A9B0C}: NameServer = 194.204.159.1 217.98.63.164O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLLO20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dllO23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exeO23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exeO23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exeO23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exeO23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exeO23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exeO23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exeO23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe CF: ComboFix 09-06-26.02 - Gladi 2009-06-28 17:11.2 - NTFSx86Microsoft Windows XP Professional 5.1.2600.3.1250.48.1045.18.1023.485 [GMT 2:00]Uruchomiony z: c:\documents and settings\Gladi\Pulpit\ComboFix.exeAV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}.((((((((((((((((((((((((( Pliki utworzone od 2009-05-28 do 2009-06-28 ))))))))))))))))))))))))))))))).2009-06-20 13:11 . 2009-06-20 13:11 23 --sha-w- c:\windows\system32\edacded0.dat2009-06-20 13:11 . 2009-06-20 13:11 -------- d-----w- c:\program files\jv16 PowerTools 20092009-06-20 12:29 . 2005-12-11 19:05 520192 ------w- c:\windows\system32\ati2sgag.exe2009-06-20 12:29 . 2005-12-12 06:44 307200 ----a-r- c:\windows\system32\atiiiexx.dll2009-06-20 10:20 . 2009-06-20 10:20 -------- d-----w- c:\program files\Ray Adams2009-06-19 21:40 . 2009-06-19 21:40 -------- dc----w- c:\documents and settings\Administrator\Ustawienia lokalne\Dane aplikacji\Ahead2009-06-19 21:39 . 2009-06-19 21:43 -------- dc----w- c:\documents and settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft2009-06-19 21:39 . 2009-06-19 21:43 -------- dc----w- c:\documents and settings\Administrator\Szablony2009-06-19 21:39 . 2009-06-19 21:43 -------- dc----w- c:\documents and settings\Administrator\Dane aplikacji2009-06-19 21:39 . 2009-06-19 21:43 -------- dc----w- c:\documents and settings\Administrator\Ulubione2009-06-19 21:39 . 2009-06-09 21:15 -------- dc----w- c:\documents and settings\Administrator\IETldCache2009-06-19 21:39 . 2009-06-28 15:15 -------- dc----w- c:\documents and settings\Administrator\Ustawienia lokalne2009-06-19 21:39 . 2009-06-19 21:43 -------- dcs---w- c:\documents and settings\Administrator2009-06-19 18:12 . 2003-07-02 02:42 27904 ----a-w- c:\windows\system32\drivers\viaagp1.sys2009-06-19 18:11 . 2003-06-18 14:48 306688 ----a-w- c:\windows\IsUninst.exe2009-06-19 18:11 . 2009-06-19 18:11 -------- d-----w- c:\documents and settings\Gladi\WINDOWS2009-06-19 12:00 . 2009-06-19 18:10 -------- d-----w- c:\program files\neostrada tp2009-06-14 18:39 . 2009-06-14 18:39 15872 ----a-r- c:\documents and settings\Gladi\Dane aplikacji\Microsoft\Installer\{048298C9-A4D3-490B-9FF9-AB023A9238F3}\Icon048298C9.exe2009-06-13 18:26 . 2009-06-13 18:26 206088 -c--a-w- c:\documents and settings\All Users\Dane aplikacji\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\avp.exe2009-06-13 18:26 . 2009-06-27 11:37 33808 -c--a-w- c:\documents and settings\All Users\Dane aplikacji\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\klbg.sys2009-06-13 18:25 . 2009-06-27 11:37 226832 -c--a-w- c:\documents and settings\All Users\Dane aplikacji\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\XP\klif.sys2009-06-13 18:00 . 2009-06-27 11:37 94643 ----a-w- c:\windows\system32\drivers\klick.dat2009-06-13 18:00 . 2009-06-27 11:37 105395 ----a-w- c:\windows\system32\drivers\klin.dat2009-06-13 17:59 . 2009-06-28 15:18 -------- dc----w- c:\documents and settings\All Users\Dane aplikacji\Kaspersky Lab2009-06-13 17:59 . 2009-06-28 15:16 532512 --sha-w- c:\windows\system32\drivers\fidbox2.dat2009-06-13 17:59 . 2009-06-28 15:16 2763296 --sha-w- c:\windows\system32\drivers\fidbox.dat2009-06-13 17:59 . 2009-06-13 17:59 -------- d-----w- c:\program files\Kaspersky Lab2009-06-13 17:01 . 2009-06-13 17:01 -------- d-----w- c:\program files\Common Files\Little Registry Cleaner2009-06-13 17:01 . 2009-06-13 17:01 -------- d-----w- c:\program files\Little Registry Cleaner2009-06-13 12:39 . 2009-06-13 17:38 -------- dc----w- c:\documents and settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files2009-06-13 08:58 . 2009-06-13 08:58 -------- d-----w- c:\documents and settings\Gladi\ErrorLogs2009-06-10 21:44 . 2009-06-10 21:44 -------- d--h--w- c:\windows\PIF2009-06-09 21:15 . 2009-06-09 21:15 -------- d-sh--w- c:\documents and settings\Default User\IETldCache2009-06-09 19:16 . 2009-04-30 21:17 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll2009-06-09 19:16 . 2009-04-30 21:17 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll2009-06-06 22:28 . 2009-06-06 22:28 -------- d-----w- c:\program files\SopCast2009-06-05 17:57 . 2008-06-25 08:33 732376 ----a-r- c:\windows\system32\drivers\cfosspeed.sys2009-06-05 17:56 . 2008-06-25 08:33 290008 ----a-w- c:\windows\system32\cfosspeed.dll2009-05-30 12:48 . 2009-05-30 12:48 -------- d-----w- c:\program files\FDRLab2009-05-29 21:03 . 2009-06-28 14:57 -------- d-----w- c:\documents and settings\Gladi\.gimp-2.42009-05-29 21:02 . 2009-05-29 21:02 -------- d-----w- c:\program files\GIMP-2.0.(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))).2009-06-28 15:16 . 2009-06-13 17:59 3948 --sha-w- c:\windows\system32\drivers\fidbox2.idx2009-06-28 15:16 . 2009-06-13 17:59 25812 --sha-w- c:\windows\system32\drivers\fidbox.idx2009-06-28 12:25 . 2008-04-26 13:50 -------- d-----w- c:\documents and settings\Gladi\Dane aplikacji\gtk-2.02009-06-27 11:37 . 2008-01-29 15:29 33808 ----a-w- c:\windows\system32\drivers\klbg.sys2009-06-23 11:27 . 2009-04-25 22:08 -------- d-----w- c:\program files\mIRC2009-06-20 12:29 . 2009-03-14 11:57 -------- d-----w- c:\program files\ATI Technologies2009-06-20 12:29 . 2008-03-24 14:12 -------- d--h--w- c:\program files\InstallShield Installation Information2009-06-20 12:23 . 2009-06-20 12:23 -------- d-----w- c:\documents and settings\Gladi\Dane aplikacji\atitray2009-06-20 12:15 . 2009-03-14 21:53 -------- d-----w- c:\program files\Driver Cleaner2009-06-20 11:50 . 2009-06-20 11:50 83224 -c--a-w- c:\documents and settings\Administrator.HOROSZCZ-78C3B2\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT2009-06-20 11:11 . 2008-04-11 16:42 1324 ----a-w- c:\windows\system32\d3d9caps.dat2009-06-19 18:17 . 2009-06-19 18:17 33 ----a-w- c:\windows\system32\drivers\adidsl.cfg2009-06-19 18:17 . 2009-06-19 18:17 -------- d-----w- c:\program files\SAGEM2009-06-13 10:34 . 2009-05-17 12:19 918632 ----a-w- c:\documents and settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat2009-06-13 08:53 . 2009-06-13 08:53 -------- dc-h--w- c:\documents and settings\All Users\Dane aplikacji\{A613CA96-150A-4A1D-90CE-67F81379DF8C}2009-06-13 06:29 . 2009-05-09 11:12 -------- d-----w- c:\program files\Windows Media Connect 22009-06-13 06:09 . 2009-05-25 19:29 -------- dc----w- c:\documents and settings\All Users\Dane aplikacji\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}2009-06-09 21:15 . 2009-05-07 16:51 -------- dc----w- c:\documents and settings\All Users\Dane aplikacji\Microsoft Help2009-05-26 19:27 . 2009-05-26 19:27 3584 ----a-r- c:\documents and settings\Gladi\Dane aplikacji\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe2009-05-26 19:27 . 2009-05-26 19:27 -------- d-----w- c:\program files\Windows Installer Clean Up2009-05-26 19:27 . 2009-05-26 19:27 -------- d-----w- c:\program files\MSECACHE2009-05-26 16:01 . 2009-05-26 16:01 42088 ----a-w- c:\documents and settings\Gladi\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll2009-05-26 15:12 . 2009-05-26 15:12 11264 ----a-w- c:\documents and settings\Gladi\Dane aplikacji\Nowe Gadu-Gadu\_userdata\npgg.1.dll2009-05-25 20:01 . 2009-02-20 18:22 -------- d-----w- c:\program files\VS Revo Group2009-05-25 19:36 . 2009-05-24 09:13 81984 ----a-w- c:\windows\system32\bdod.bin2009-05-24 10:34 . 2009-05-24 10:34 -------- d-----w- c:\program files\Windows Live2009-05-24 10:23 . 2009-05-24 10:23 -------- d-----w- c:\program files\Common Files\Windows Live2009-05-24 10:23 . 2009-05-24 10:23 -------- d-----w- c:\program files\Microsoft2009-05-24 07:44 . 2009-05-24 07:44 -------- d-----w- c:\documents and settings\Gladi\Dane aplikacji\Profiles2009-05-24 07:44 . 2009-05-24 07:44 -------- d-----w- c:\documents and settings\Gladi\Dane aplikacji\Desktop2009-05-22 18:22 . 2009-04-25 22:08 -------- d-----w- c:\documents and settings\Gladi\Dane aplikacji\mIRC2009-05-18 13:22 . 2008-03-24 14:02 83224 -c--a-w- c:\documents and settings\Gladi\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT2009-05-17 12:32 . 2009-04-25 12:17 -------- d-----w- c:\documents and settings\Gladi\Dane aplikacji\Uniblue2009-05-17 12:28 . 2008-12-01 20:42 -------- d-----w- c:\program files\Uniblue2009-05-17 12:20 . 2001-10-26 14:15 94182 ----a-w- c:\windows\system32\perfc015.dat2009-05-17 12:20 . 2001-10-26 14:15 511574 ----a-w- c:\windows\system32\perfh015.dat2009-05-17 12:10 . 2009-05-07 16:56 -------- d-----w- c:\program files\MSBuild2009-05-17 12:09 . 2009-05-17 12:09 -------- d-----w- c:\program files\Reference Assemblies2009-05-17 10:14 . 2009-05-16 16:43 -------- d-----w- c:\documents and settings\Gladi\Dane aplikacji\GanymedeNet2009-05-16 16:51 . 2009-05-16 16:51 -------- d-----w- c:\program files\Ganymede2009-05-16 16:43 . 2009-05-16 16:43 54272 ----a-w- c:\documents and settings\Gladi\Dane aplikacji\GanymedeNet\Online Games\Common\ielauncher.exe2009-05-16 16:43 . 2009-05-16 16:43 4 ----a-w- c:\windows\system32\proc20744962.bin2009-05-13 05:06 . 2004-08-03 22:44 915456 ----a-w- c:\windows\system32\wininet.dll2009-05-11 14:53 . 2008-07-01 20:28 -------- d-----w- c:\documents and settings\Gladi\Dane aplikacji\Nowe Gadu-Gadu2009-05-11 13:42 . 2009-03-01 00:11 2710528 -c--a-w- c:\documents and settings\All Users\Dane aplikacji\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe2009-05-10 10:49 . 2009-05-10 10:49 -------- d-----w- c:\documents and settings\Gladi\Dane aplikacji\OpenFM2009-05-10 10:40 . 2008-03-24 17:08 -------- d-----w- c:\documents and settings\Gladi\Dane aplikacji\Gadu-Gadu2009-05-09 17:29 . 2009-02-28 21:14 -------- d-----w- c:\program files\TuneUp Utilities 20082009-05-09 11:09 . 2009-05-09 11:09 23558 ----a-r- c:\documents and settings\Gladi\Dane aplikacji\Microsoft\Installer\{7CDE2F4E-F47C-45D3-97BE-E309F09F939C}\_294823.exe2009-05-09 11:09 . 2009-05-09 11:09 23558 ----a-r- c:\documents and settings\Gladi\Dane aplikacji\Microsoft\Installer\{7CDE2F4E-F47C-45D3-97BE-E309F09F939C}\_18be6784.exe2009-05-09 11:09 . 2009-05-09 11:09 -------- d-----w- c:\program files\Microsoft Kalkulator Plus2009-05-08 19:23 . 2009-05-05 17:41 -------- dc----w- c:\documents and settings\All Users\Dane aplikacji\ScanSoft2009-05-08 19:23 . 2009-05-08 19:23 -------- d-----w- c:\documents and settings\Gladi\Dane aplikacji\ScanSoft2009-05-07 16:57 . 2009-05-07 16:57 -------- d-----w- c:\program files\Microsoft Works2009-05-07 16:55 . 2009-05-07 16:55 -------- d-----w- c:\program files\Microsoft.NET2009-05-07 16:53 . 2009-05-07 16:53 -------- d-----w- c:\program files\Microsoft Visual Studio 82009-05-07 15:34 . 2004-08-03 22:44 347648 ----a-w- c:\windows\system32\localspl.dll2009-05-06 16:10 . 2009-05-06 16:10 -------- d-----w- c:\program files\ToniArts2009-05-05 17:56 . 2008-03-30 18:35 50 -c--a-w- c:\windows\system32\bridf07a.dat2009-05-05 17:44 . 2009-02-24 15:09 -------- d-----w- c:\program files\Brother2009-05-05 17:42 . 2009-05-05 17:42 -------- d-----w- c:\program files\Nuance2009-05-05 17:41 . 2009-05-05 17:41 -------- d-----w- c:\program files\Common Files\ScanSoft Shared2009-05-05 17:41 . 2009-02-24 15:05 -------- d-----w- c:\program files\ScanSoft2009-05-04 08:46 . 2009-06-13 08:53 2835656 -c--a-w- c:\documents and settings\All Users\Dane aplikacji\{A613CA96-150A-4A1D-90CE-67F81379DF8C}\speedupmypc2009.exe2009-05-01 15:29 . 2009-05-01 15:29 -------- dc----w- c:\documents and settings\All Users\Dane aplikacji\4FA2009-04-30 22:52 . 2008-11-20 16:05 -------- d-----w- c:\program files\directx2009-04-29 09:45 . 2009-06-13 08:53 845128 -c--a-w- c:\documents and settings\All Users\Dane aplikacji\{A613CA96-150A-4A1D-90CE-67F81379DF8C}\SpeedUpMyPC2009\58D97068\B74607BA\System.Data.SQLite.dll2009-04-29 09:45 . 2009-06-13 08:53 771368 -c--a-w- c:\documents and settings\All Users\Dane aplikacji\{A613CA96-150A-4A1D-90CE-67F81379DF8C}\SpeedUpMyPC2009\9966075F\B74607BA\UBSysMan.dll2009-04-29 09:45 . 2009-06-13 08:53 614696 -c--a-w- c:\documents and settings\All Users\Dane aplikacji\{A613CA96-150A-4A1D-90CE-67F81379DF8C}\SpeedUpMyPC2009\7AEFAE8C\B74607BA\Launcher.exe2009-04-29 09:45 . 2009-06-13 08:53 54608 -c--a-w- c:\documents and settings\All Users\Dane aplikacji\{A613CA96-150A-4A1D-90CE-67F81379DF8C}\SpeedUpMyPC2009\D720648F\B74607BA\Interop.IWshRuntimeLibrary.dll2009-04-29 09:45 . 2009-06-13 08:53 519168 -c--a-w- c:\documents and settings\All Users\Dane aplikacji\{A613CA96-150A-4A1D-90CE-67F81379DF8C}\SpeedUpMyPC2009\78B94F67\B74607BA\IsLicense40.dll2009-04-29 09:45 . 2009-06-13 08:53 474408 -c--a-w- c:\documents and settings\All Users\Dane aplikacji\{A613CA96-150A-4A1D-90CE-67F81379DF8C}\SpeedUpMyPC2009\62A3297F\B74607BA\AvalonCommon.dll2009-04-29 09:45 . 2009-06-13 08:53 395048 -c--a-w- c:\documents and settings\All Users\Dane aplikacji\{A613CA96-150A-4A1D-90CE-67F81379DF8C}\SpeedUpMyPC2009\C77843B\B74607BA\SUMPBackend.dll2009-04-29 09:45 . 2009-06-13 08:53 345008 -c--a-w- c:\documents and settings\All Users\Dane aplikacji\{A613CA96-150A-4A1D-90CE-67F81379DF8C}\SpeedUpMyPC2009\4BF757A\B74607BA\IsLicense30.dll2009-04-29 09:45 . 2009-06-13 08:53 236840 -c--a-w- c:\documents and settings\All Users\Dane aplikacji\{A613CA96-150A-4A1D-90CE-67F81379DF8C}\SpeedUpMyPC2009\683B013A\B74607BA\PowerSuiteBackendUtils.dll2009-04-29 09:45 . 2009-06-13 08:53 197968 -c--a-w- c:\documents and settings\All Users\Dane aplikacji\{A613CA96-150A-4A1D-90CE-67F81379DF8C}\SpeedUpMyPC2009\6A0591D6\B74607BA\ICSharpCode.SharpZipLib.dll2009-04-29 09:45 . 2009-06-13 08:53 1250600 -c--a-w- c:\documents and settings\All Users\Dane aplikacji\{A613CA96-150A-4A1D-90CE-67F81379DF8C}\SpeedUpMyPC2009\B430549D\B74607BA\SUMP.exe2009-04-25 12:37 . 2009-04-25 12:37 36391320 ----a-w- c:\documents and settings\Gladi\Dane aplikacji\Uniblue\DriverScanner\Download\pci_ven_1002_dev_71428_552_0_0000.exe2009-04-25 12:31 . 2009-04-25 12:31 15743560 ----a-w- c:\documents and settings\Gladi\Dane aplikacji\Uniblue\DriverScanner\Download\acpi_pnp0f036_30_189_0.exe2009-04-23 22:22 . 2009-04-22 22:33 4212 ---h--w- c:\windows\system32\zllictbl.dat2009-04-19 19:51 . 2004-08-03 22:37 1847424 ----a-w- c:\windows\system32\win32k.sys2009-04-15 14:54 . 2004-08-03 22:44 585216 ----a-w- c:\windows\system32\rpcrt4.dll2009-04-05 21:47 . 2009-04-05 21:47 2330240 ----a-w- c:\windows\system32\TUKernel.exe2009-04-01 11:54 . 2009-04-01 11:54 152576 ----a-w- c:\documents and settings\Gladi\Dane aplikacji\Sun\Java\jre1.6.0_13\lzma.dll.((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))..*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"AtiTrayTools"="c:\program files\Ray Adams\ATI Tray Tools\atitray.exe" [2007-05-22 521128][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]"BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2007-03-12 663552]"ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2007-01-26 65536]"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2009-06-13 206088]"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-12-11 344064]c:\documents and settings\Gladi\Menu Start\Programy\Autostart\Tworzenie wycink˘w ekranu i uruchamianie programu OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]c:\documents and settings\All Users\Menu Start\Programy\Autostart\DSLMON.lnk - c:\program files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2009-6-19 839680][HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]"UIHost"="c:\windows\system32\logonui.exe"[HKEY_LOCAL_MACHINE\software\microsoft\security center]"AntiVirusOverride"=dword:00000001[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]"DisableMonitoring"=dword:00000001[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]"EnableFirewall"= 0 (0x0)[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe"="c:\\Program Files\\mIRC\\mirc.exe"="c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"="c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]"13018:TCP"= 13018:TCP:*:Disabled:BitComet 13018 TCP"13018:UDP"= 13018:UDP:*:Disabled:BitComet 13018 UDPR0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-01-29 33808]R0 mv614x;mv614x;c:\windows\system32\drivers\mv614x.sys [2008-03-24 63232]R0 xfilt;VIA SATA IDE Hot-plug Driver;c:\windows\system32\drivers\xfilt.sys [2008-03-24 11264]R1 atitray;atitray;c:\program files\Ray Adams\ATI Tray Tools\atitray.sys [2007-05-22 18088]R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\l151x86.sys [2009-03-11 37376]R3 e4usbaw;USB ADSL2 WAN Adapter;c:\windows\system32\drivers\e4usbaw.sys [2009-06-19 116992]R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [2008-03-13 26640]R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2008-04-30 24592]S1 epfwtdir;epfwtdir;c:\windows\system32\DRIVERS\epfwtdir.sys --> c:\windows\system32\DRIVERS\epfwtdir.sys [?]S2 IKANLOADER2;General Purpose USB Driver (e4ldr.sys);c:\windows\system32\drivers\e4ldr.sys [2009-06-19 64000]S3 ddsxeiservice;ddsxeiservice2;\??\f:\program files\sXe Injected\ddsxei.sys --> f:\program files\sXe Injected\ddsxei.sys [?]S3 Stmatm;ATM/ADSL miniport;c:\windows\system32\DRIVERS\stmatm.sys --> c:\windows\system32\DRIVERS\stmatm.sys [?]S3 TaurusUsb;ADSL Modem USB Service;c:\windows\system32\DRIVERS\torususb.sys --> c:\windows\system32\DRIVERS\torususb.sys [?]HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcsUxTuneUp[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]"c:\program files\Common Files\LightScribe\LSRunOnce.exe".Zawartość folderu 'Zaplanowane zadania'2009-06-28 c:\windows\Tasks\Konserwacja jednym kliknięciem.job- c:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-08-27 12:09]2009-06-28 c:\windows\Tasks\User_Feed_Synchronization-{0FAF1381-9476-4DB2-9E44-4A3AF6D43821}.job- c:\windows\system32\msfeedssync.exe [2007-08-13 03:31]..------- Skan uzupełniający -------.uStart Page = about:blankuInternet Connection Wizard,ShellNext = iexploreIE: &Download All with Rapidshare DownloaderIE: &Download with Rapidshare DownloaderIE: &Pobierz wszystko przez FlashGetIE: &Pobrane przez FlashGetIE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000TCP: {41716DAA-E8DE-415A-A31A-2E73888A9B0C} = 194.204.159.1 217.98.63.164FF - ProfilePath - c:\documents and settings\Gladi\Dane aplikacji\Mozilla\Firefox\Profiles\d4t82tkc.default\FF - prefs.js: network.proxy.type - 2FF - plugin: c:\documents and settings\Gladi\Dane aplikacji\Nowe Gadu-Gadu\_userdata\npgg.1.dllFF - plugin: c:\program files\Microsoft\Office Live\npOLW.dllFF - plugin: c:\program files\Mozilla Firefox\plugins\npganymedenet.dllFF - plugin: c:\program files\Mozilla Firefox\plugins\NPROULETTE.dllFF - plugin: c:\program files\Mozilla Firefox\plugins\NPSUDOKU.dllFF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}.**************************************************************************catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2009-06-28 17:18Windows 5.1.2600 Dodatek Service Pack 3 NTFSskanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ... skanowanie pomyślnie ukończoneukryte pliki: 0**************************************************************************.--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------- - - - - - - > 'winlogon.exe'(1408)c:\windows\system32\Ati2evxx.dll- - - - - - - > 'explorer.exe'(2332)c:\windows\system32\WININET.dllc:\program files\Ray Adams\ATI Tray Tools\raphook.dllc:\progra~1\WINDOW~2\wmpband.dllc:\windows\system32\webcheck.dllc:\windows\system32\WPDShServiceObj.dllc:\windows\system32\PortableDeviceTypes.dllc:\windows\system32\PortableDeviceApi.dll.------------------------ Pozostałe uruchomione procesy ------------------------.c:\program files\Java\jre6\bin\jqs.exec:\program files\Common Files\LightScribe\LSSrvc.exec:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exec:\windows\system32\wbem\wmiapsrv.exec:\program files\Brother\Brmfcmon\BrMfcMon.exec:\program files\Mozilla Firefox\firefox.exec:\windows\system32\wscntfy.exe.**************************************************************************.Czas ukończenia: 2009-06-28 17:22 - komputer został uruchomiony ponownieComboFix-quarantined-files.txt 2009-06-28 15:22ComboFix2.txt 2009-06-20 13:45Przed: 26 948 624 384 bajtów wolnychPo: 26 953 592 832 bajtów wolnych261 --- E O F --- 2009-06-09 21:16 dziękuje
Gość komentarz 29 czerwca 2009 komentarz 29 czerwca 2009 1. Posprzątaj po ComboFixie i różnych narzędziach >>> OTCleanIt. 2. Przeskanuj obszar mojego komputera http://www.kaspersky.pl/virusscanner.html (uruchom przez IE) Daj raport z niego na forum. 3. Użyj programu Malwarebytes. Wciskamy Skanuj, wybieramy dyski do skanowania i Rozpoczynamy skanowanie, na końcu wciskamy Usuń zaznaczone jak będą i Ok. Wrzuć wygenerowany raport po usuwaniu MBAMem. .
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.