janusz19 utworzono 16 grudnia 2008 utworzono 16 grudnia 2008 ComboFix 08-12-15.08 - Arek 2008-12-16 19:17:23.1 - NTFSx86Microsoft Windows XP Professional 5.1.2600.3.1250.1.1045.18.2047.1620 [GMT 1:00]Uruchomiony z: c:\documents and settings\Arek\Pulpit\ComboFix.exe * Utworzono nowy punkt przywracania.((((((((((((((((((((((((( Pliki utworzone od 2008-11-16 do 2008-12-16 ))))))))))))))))))))))))))))))).2008-12-16 09:58 . 2008-12-16 09:58 22,328 --a------ c:\documents and settings\Arek\Dane aplikacji\PnkBstrK.sys2008-12-16 09:57 . 2008-12-16 09:57 682,280 --a------ c:\windows\system32\pbsvc.exe2008-12-16 09:50 . 2008-12-16 09:50 <DIR> d--hs---- c:\windows\ftpcache2008-12-16 00:17 . 2008-12-16 00:17 <DIR> d--h----- c:\windows\PIF2008-12-15 16:42 . 2008-12-15 16:42 1,700,352 --a------ c:\windows\system32\gdiplus.dll2008-12-14 15:13 . 2008-12-14 19:22 66,872 --a------ c:\windows\system32\PnkBstrA.exe2008-12-14 15:12 . 2008-12-16 15:10 138,464 --a------ c:\windows\system32\drivers\PnkBstrK.sys2008-12-14 15:12 . 2008-12-16 15:09 111,928 --a------ c:\windows\system32\PnkBstrB.exe2008-12-13 18:18 . 2008-12-13 18:18 <DIR> d-------- c:\documents and settings\LocalService\Dane aplikacji\Xfire2008-12-12 19:08 . 2008-12-16 19:24 <DIR> d--h----- c:\documents and settings\Gość\Ustawienia lokalne2008-12-12 19:08 . 2008-12-16 19:24 <DIR> d--h----- c:\documents and settings\Gość\Ustawienia lokalne2008-12-12 19:08 . 2008-12-12 19:09 <DIR> dr------- c:\documents and settings\Gość\Ulubione2008-12-12 19:08 . 2008-12-12 19:09 <DIR> dr------- c:\documents and settings\Gość\Ulubione2008-12-12 19:08 . 2008-12-09 20:51 <DIR> d--h----- c:\documents and settings\Gość\Szablony2008-12-12 19:08 . 2008-12-09 20:51 <DIR> d--h----- c:\documents and settings\Gość\Szablony2008-12-12 19:08 . 2008-12-09 21:44 <DIR> d-------- c:\documents and settings\Gość\Pulpit2008-12-12 19:08 . 2008-12-09 21:44 <DIR> d-------- c:\documents and settings\Gość\Pulpit2008-12-12 19:08 . 2008-12-12 19:09 <DIR> dr------- c:\documents and settings\Gość\Moje dokumenty2008-12-12 19:08 . 2008-12-12 19:09 <DIR> dr------- c:\documents and settings\Gość\Moje dokumenty2008-12-12 19:08 . 2008-12-09 21:44 <DIR> dr------- c:\documents and settings\Gość\Menu Start2008-12-12 19:08 . 2008-12-09 21:44 <DIR> dr------- c:\documents and settings\Gość\Menu Start2008-12-12 19:08 . 2008-12-12 19:52 <DIR> dr-h----- c:\documents and settings\Gość\Dane aplikacji2008-12-12 19:08 . 2008-12-12 19:52 <DIR> dr-h----- c:\documents and settings\Gość\Dane aplikacji2008-12-12 19:08 . 2008-12-12 20:20 <DIR> d-------- c:\documents and settings\Gość2008-12-12 14:14 . 2008-12-12 14:14 <DIR> d-------- c:\program files\Java2008-12-12 14:14 . 2008-12-12 14:14 410,984 --a------ c:\windows\system32\deploytk.dll2008-12-12 14:14 . 2008-12-12 14:14 73,728 --a------ c:\windows\system32\javacpl.cpl2008-12-11 21:37 . 2008-12-11 21:37 42,320 --a------ c:\windows\system32\xfcodec.dll2008-12-11 18:57 . 2008-12-12 08:24 664 --a------ c:\windows\system32\d3d9caps.dat2008-12-11 18:51 . 2008-12-12 13:41 <DIR> d-------- C:\My Downloads2008-12-11 15:53 . 2008-12-11 15:53 <DIR> d-------- c:\program files\Apple Software Update2008-12-11 15:52 . 2008-12-11 15:52 <DIR> d-------- c:\program files\iTunes2008-12-11 15:52 . 2008-12-11 15:52 <DIR> d-------- c:\program files\iPod2008-12-11 15:52 . 2008-12-11 15:52 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}2008-12-11 15:52 . 2008-04-17 13:12 107,368 --a------ c:\windows\system32\GEARAspi.dll2008-12-11 15:52 . 2008-04-17 13:12 15,464 --a------ c:\windows\system32\drivers\GEARAspiWDM.sys2008-12-11 15:51 . 2008-12-11 15:51 <DIR> d-------- c:\program files\QuickTime2008-12-11 15:51 . 2008-12-11 15:52 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\Apple Computer2008-12-11 15:44 . 2008-12-16 19:02 <DIR> d-------- c:\program files\Common Files\Apple2008-12-10 21:45 . 2008-12-10 21:47 <DIR> d-------- C:\FastDow2008-12-10 21:44 . 2008-07-12 08:18 3,851,784 --a------ c:\windows\system32\D3DX9_39.dll2008-12-10 21:44 . 2008-07-12 08:18 1,493,528 --a------ c:\windows\system32\D3DCompiler_39.dll2008-12-10 21:44 . 2008-07-31 10:40 509,448 --a------ c:\windows\system32\XAudio2_2.dll2008-12-10 21:44 . 2008-07-12 08:18 467,984 --a------ c:\windows\system32\d3dx10_39.dll2008-12-10 21:44 . 2008-12-10 21:44 413,696 --a------ c:\windows\system32\wrap_oal.dll2008-12-10 21:44 . 2008-07-31 10:41 238,088 --a------ c:\windows\system32\xactengine3_2.dll2008-12-10 21:44 . 2008-12-10 21:44 110,592 --a------ c:\windows\system32\OpenAL32.dll2008-12-10 21:44 . 2008-07-31 10:41 68,616 --a------ c:\windows\system32\XAPOFX1_1.dll2008-12-10 21:26 . 2008-12-10 21:26 <DIR> d-------- c:\windows\95FC26FB19FD4A96BBB1B1062E8648F5.TMP2008-12-10 19:57 . 2008-12-10 19:57 <DIR> d-------- c:\documents and settings\Arek\Dane aplikacji\teamspeak22008-12-10 19:52 . 2008-12-10 19:52 <DIR> d-------- c:\documents and settings\Arek\Dane aplikacji\Leadertech2008-12-10 17:56 . 2008-12-10 17:56 <DIR> dr-h----- c:\documents and settings\Arek\Dane aplikacji\SecuROM2008-12-10 17:55 . 2008-12-10 17:55 107,888 --a------ c:\windows\system32\CmdLineExt.dll2008-12-10 17:52 . 2008-12-10 17:53 <DIR> d-------- c:\windows\system32\drivers\umdf2008-12-10 17:52 . 2008-03-05 15:56 3,786,760 --a------ c:\windows\system32\D3DX9_37.dll2008-12-10 17:52 . 2008-03-05 15:56 1,420,824 --a------ c:\windows\system32\D3DCompiler_37.dll2008-12-10 17:52 . 2008-02-05 23:07 462,864 --a------ c:\windows\system32\d3dx10_37.dll2008-12-10 17:52 . 2007-04-04 18:53 81,768 --a------ c:\windows\system32\xinput1_3.dll2008-12-10 17:51 . 2008-12-10 17:51 <DIR> d-------- c:\windows\system32\xlive2008-12-10 17:51 . 2008-12-10 18:12 <DIR> d-------- c:\program files\Microsoft Games for Windows - LIVE2008-12-10 17:18 . 2008-12-16 00:22 <DIR> d-------- c:\windows\system32\XPSViewer2008-12-10 17:18 . 2008-12-10 17:18 <DIR> d-------- c:\program files\Reference Assemblies2008-12-10 17:17 . 2006-06-29 13:07 14,048 --------- c:\windows\system32\spmsg2.dll2008-12-10 17:14 . 2008-12-10 17:14 <DIR> d-------- c:\program files\Rockstar Games2008-12-10 16:39 . 2008-12-12 14:35 <DIR> d-------- c:\documents and settings\Arek\Dane aplikacji\Red Alert 32008-12-10 16:28 . 2008-12-10 16:29 <DIR> d-------- c:\program files\DAEMON Tools Toolbar2008-12-10 16:28 . 2008-12-12 14:36 <DIR> d-------- c:\program files\DAEMON Tools Lite2008-12-10 07:15 . 2008-12-10 07:15 <DIR> d-------- c:\documents and settings\Arek\Dane aplikacji\DAEMON Tools2008-12-10 07:15 . 2008-12-10 07:15 717,296 --a------ c:\windows\system32\drivers\sptd.sys2008-12-10 01:24 . 2008-12-10 01:24 <DIR> d-------- c:\documents and settings\LocalService\Pulpit2008-12-10 00:02 . 2008-12-10 00:02 <DIR> d-------- c:\program files\MSXML 4.02008-12-09 23:58 . 2008-10-16 02:02 3,088,896 -----c--- c:\windows\system32\dllcache\mshtml.dll2008-12-09 23:58 . 2008-10-16 02:02 1,499,136 -----c--- c:\windows\system32\dllcache\shdocvw.dll2008-12-09 23:58 . 2008-10-16 02:02 668,672 -----c--- c:\windows\system32\dllcache\wininet.dll2008-12-09 23:58 . 2008-10-16 02:02 619,520 -----c--- c:\windows\system32\dllcache\urlmon.dll2008-12-09 23:57 . 2008-10-24 12:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys2008-12-09 23:56 . 2008-08-14 14:26 2,190,464 -----c--- c:\windows\system32\dllcache\ntoskrnl.exe2008-12-09 23:56 . 2008-08-14 14:26 2,146,816 -----c--- c:\windows\system32\dllcache\ntkrnlmp.exe2008-12-09 23:56 . 2008-08-14 14:26 2,067,328 -----c--- c:\windows\system32\dllcache\ntkrnlpa.exe2008-12-09 23:56 . 2008-08-14 14:26 2,025,472 -----c--- c:\windows\system32\dllcache\ntkrpamp.exe2008-12-09 23:56 . 2008-09-15 16:27 1,846,656 -----c--- c:\windows\system32\dllcache\win32k.sys2008-12-09 23:56 . 2008-09-04 18:17 1,106,944 -----c--- c:\windows\system32\dllcache\msxml3.dll2008-12-09 23:56 . 2008-10-15 17:36 337,408 -----c--- c:\windows\system32\dllcache\netapi32.dll2008-12-09 23:56 . 2008-09-08 11:41 333,824 -----c--- c:\windows\system32\dllcache\srv.sys2008-12-09 23:56 . 2008-08-14 11:04 138,496 -----c--- c:\windows\system32\dllcache\afd.sys2008-12-09 23:55 . 2008-04-11 20:06 691,712 -----c--- c:\windows\system32\dllcache\inetcomm.dll2008-12-09 23:55 . 2008-05-01 15:37 331,776 -----c--- c:\windows\system32\dllcache\msadce.dll2008-12-09 23:55 . 2008-06-14 18:36 273,024 -----c--- c:\windows\system32\dllcache\bthport.sys2008-12-09 23:55 . 2008-05-08 15:02 203,136 -----c--- c:\windows\system32\dllcache\rmcast.sys2008-12-09 23:50 . 2008-12-09 23:50 <DIR> d-------- c:\program files\Windows Defender2008-12-09 23:46 . 2001-10-26 17:29 87,040 --a------ c:\windows\system32\wiafbdrv.dll2008-12-09 23:46 . 2001-10-26 17:29 87,040 --a--c--- c:\windows\system32\dllcache\wiafbdrv.dll2008-12-09 23:46 . 2008-04-14 00:15 15,104 --a------ c:\windows\system32\drivers\usbscan.sys2008-12-09 23:46 . 2008-04-14 00:15 15,104 --a--c--- c:\windows\system32\dllcache\usbscan.sys2008-12-09 23:33 . 2008-12-11 15:52 <DIR> d-------- c:\documents and settings\Arek\Dane aplikacji\Apple Computer2008-12-09 23:24 . 2008-12-09 23:26 <DIR> d-------- c:\windows\ServicePackFiles2008-12-09 23:24 . 2008-12-10 16:15 <DIR> d-------- c:\documents and settings\Arek\Dane aplikacji\Nero2008-12-09 23:24 . 2008-04-14 22:51 294,912 -----c--- c:\windows\system32\dllcache\dlimport.exe2008-12-09 23:22 . 2006-12-29 00:31 19,569 --a------ c:\windows\[u]0[/u]02711_.tmp2008-12-09 23:14 . 2008-12-09 23:47 <DIR> d-------- c:\program files\Lexmark 6200 Series2008-12-09 23:13 . 2008-12-09 23:13 <DIR> d-------- c:\temp\{9F5FBC24-EFE2-4f90-B498-EC0FB7D47D15}2008-12-09 23:13 . 2008-12-09 23:13 <DIR> d-------- C:\Temp2008-12-09 23:06 . 2008-12-09 23:06 <DIR> d---s---- c:\documents and settings\Arek\UserData2008-12-09 22:58 . 2008-12-10 00:03 <DIR> d--h----- c:\windows\$hf_mig$2008-12-09 22:45 . 2008-12-10 22:34 <DIR> d-------- c:\program files\TuneUp Utilities 20092008-12-09 22:45 . 2008-12-09 22:45 <DIR> d-------- c:\documents and settings\Arek\Dane aplikacji\TuneUp Software2008-12-09 22:45 . 2008-12-09 22:45 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\TuneUp Software2008-12-09 22:45 . 2008-12-09 22:45 603,904 --a------ c:\windows\system32\TUProgSt.exe2008-12-09 22:44 . 2008-12-09 22:44 <DIR> d--hs---- c:\documents and settings\All Users\Dane aplikacji\{55A29068-F2CE-456C-9148-C869879E2357}2008-12-09 22:43 . 2008-12-09 22:43 <DIR> d-------- c:\program files\dx2008-12-09 22:40 . 2008-12-09 22:40 <DIR> d-------- c:\program files\Xilisoft2008-12-09 22:37 . 2008-12-09 22:37 <DIR> d-------- c:\program files\Lavalys2008-12-09 22:36 . 2008-12-09 22:36 <DIR> d-------- c:\program files\Common Files\Adobe2008-12-09 22:31 . 2008-12-09 22:31 <DIR> d-------- c:\program files\CCleaner2008-12-09 22:18 . 2008-12-09 22:18 4,767 --a------ c:\windows\Irremote.ini2008-12-09 22:16 . 2008-12-09 22:16 <DIR> d-------- c:\program files\Windows Sidebar2008-12-09 22:07 . 2008-12-09 22:17 <DIR> d-------- c:\program files\Nero2008-12-09 22:06 . 2008-12-09 22:28 <DIR> d-------- c:\program files\Common Files\Nero2008-12-09 22:06 . 2008-12-09 22:12 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\Nero.(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))).2008-12-16 18:15 --------- d-----w c:\documents and settings\Arek\Dane aplikacji\Xfire2008-12-16 18:01 --------- d-----w c:\program files\Nokia2008-12-16 17:33 --------- d-----w c:\program files\Xfire2008-12-16 08:57 --------- d--h--w c:\program files\InstallShield Installation Information2008-12-15 22:45 --------- d-----w c:\documents and settings\Arek\Dane aplikacji\uTorrent2008-12-10 20:26 --------- d-----w c:\program files\Common Files\Wise Installation Wizard2008-12-10 18:57 --------- d-----w c:\program files\Teamspeak2_RC22008-12-10 16:20 --------- d-----w c:\program files\MSBuild2008-12-09 22:35 --------- d-----w c:\documents and settings\Arek\Dane aplikacji\Winamp2008-12-09 22:33 --------- d---a-w c:\documents and settings\All Users\Dane aplikacji\TEMP2008-12-09 20:57 --------- d-----w c:\program files\Auslogics2008-12-09 20:57 --------- d-----w c:\documents and settings\Arek\Dane aplikacji\Auslogics2008-12-09 20:56 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Apple2008-12-09 20:55 --------- d-----w c:\program files\Winamp2008-12-09 20:55 --------- d-----w c:\program files\SpeedFan2008-12-09 20:53 --------- d-----w c:\documents and settings\Arek\Dane aplikacji\PC Suite2008-12-09 20:53 --------- d-----w c:\documents and settings\Arek\Dane aplikacji\Nokia2008-12-09 20:53 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\PC Suite2008-12-09 20:52 --------- d-----w c:\program files\PC Connectivity Solution2008-12-09 20:52 --------- d-----w c:\program files\DIFX2008-12-09 20:52 --------- d-----w c:\program files\Common Files\PCSuite2008-12-09 20:52 --------- d-----w c:\program files\Common Files\Nokia2008-12-09 20:52 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Installations2008-12-09 20:51 --------- d-----w c:\documents and settings\Arek\Dane aplikacji\Nowe Gadu-Gadu2008-12-09 20:50 --------- d-----w c:\program files\SubEdit-Player2008-12-09 20:50 --------- d-----w c:\program files\Nowe Gadu-Gadu2008-12-09 20:49 --------- d-----w c:\program files\7-Zip2008-12-09 20:48 --------- d-----w c:\program files\K-Lite Codec Pack2008-12-09 20:46 --------- d-----w c:\program files\Microsoft Works2008-12-09 20:46 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Microsoft Help2008-12-09 20:35 --------- d-----w c:\program files\Sunbelt Software2008-12-09 20:32 --------- d-----w c:\documents and settings\Arek\Dane aplikacji\Ventrilo2008-12-09 20:29 --------- d-----w c:\program files\Ventrilo2008-12-09 20:29 --------- d-----w c:\documents and settings\NetworkService\Dane aplikacji\Xfire2008-12-09 20:28 --------- d-----w c:\program files\uTorrent2008-12-09 20:12 --------- d-----w c:\program files\Alwil Software2008-12-09 20:11 --------- d-----w c:\program files\Razer2008-12-09 20:11 --------- d-----w c:\documents and settings\Arek\Dane aplikacji\InstallShield2008-12-09 20:10 315,392 ----a-w c:\windows\HideWin.exe2008-12-09 20:10 --------- d-----w c:\program files\Realtek2008-12-09 20:10 --------- d-----w c:\program files\Common Files\InstallShield2008-12-09 20:09 --------- d-----w c:\program files\AGEIA Technologies2008-12-09 20:04 --------- d-----w c:\program files\Intel2008-12-09 19:54 --------- d-----w c:\program files\microsoft frontpage2008-12-09 19:53 --------- d-----w c:\program files\Usługi online2008-11-12 12:45 453,152 ----a-w c:\windows\system32\NVUNINST.EXE2008-10-31 06:09 270,888 ----a-r c:\windows\system32\drivers\SbFw.sys2008-10-28 16:41 14,303,392 ----a-w c:\windows\system32\xlive.dll2008-10-28 16:41 13,643,936 ----a-w c:\windows\system32\xlivefnt.dll2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys2008-10-23 12:42 286,720 ----a-w c:\windows\system32\gdi32.dll2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll2008-10-16 01:02 668,672 ----a-w c:\windows\system32\wininet.dll2008-10-13 08:56 70,936 ----a-w c:\windows\system32\PhysXLoader.dll2008-10-03 10:04 247,326 ----a-w c:\windows\system32\strmdll.dll2008-09-30 15:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll2008-09-16 00:14 3,596,288 ----a-w c:\windows\system32\qt-dx331.dll2008-09-16 00:12 81,920 ----a-w c:\windows\system32\dpl100.dll2008-09-16 00:11 683,520 ----a-w c:\windows\system32\divx.dll.((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))..*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-11-12 13672448]"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-11-12 86016]"DeathAdder"="c:\program files\Razer\DeathAdder\razerhid.exe" [2008-09-05 159744]"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000]"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]"36X Raid Configurer"="c:\windows\system32\xRaidSetup.exe" [2007-05-25 1957888]"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-12 136600]"nwiz"="nwiz.exe" [2008-11-12 c:\windows\system32\nwiz.exe]"RTHDCPL"="RTHDCPL.EXE" [2007-08-10 c:\windows\RTHDCPL.exe][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360][HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]"VIDC.XFR1"= xfcodec.dll[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]--a------ 2008-06-12 02:38 34672 c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]--a------ 2008-04-14 22:51 15360 c:\windows\system32\ctfmon.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]--a------ 2008-07-24 16:02 490952 c:\program files\DAEMON Tools Lite\daemon.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]--a------ 2008-11-20 13:20 290088 c:\program files\iTunes\iTunesHelper.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nowe Gadu-Gadu]--a------ 2008-12-12 15:48 8966760 c:\program files\Nowe Gadu-Gadu\gg.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]--a------ 2008-10-02 07:00 1124352 c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]--a------ 2008-11-04 10:30 413696 c:\program files\QuickTime\QTTask.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]--a------ 2008-12-13 12:26 306088 c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]--a------ 2008-08-04 00:02 36352 c:\program files\Winamp\winampa.exe[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]"EnableFirewall"= 0 (0x0)[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"="c:\\Program Files\\uTorrent\\uTorrent.exe"="c:\\Program Files\\Xfire\\Xfire.exe"="c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"="c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"="%windir%\\Network Diagnostic\\xpnetdiag.exe"="c:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"="d:\\Gry\\GTA4\\Grand Theft Auto IV\\LaunchGTAIV.exe"="d:\\Gry\\Sacred2\\system\\s2gs.exe"="d:\\Gry\\Sacred2\\system\\sacred2.exe"="c:\\Program Files\\iTunes\\iTunes.exe"="d:\\Gry\\Prince of Persia\\Prince of Persia.exe"="d:\\Gry\\Prince of Persia\\PrinceOfPersia_Launcher.exe"="c:\\WINDOWS\\system32\\PnkBstrA.exe"="c:\\WINDOWS\\system32\\PnkBstrB.exe"="d:\\Gry\\call of duty 5\\CoDWaWmp.exe"="d:\\Gry\\call of duty 5\\CoDWaW.exe"=R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-12-09 111184]R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [2008-12-09 270888]R1 sbhips;Sunbelt HIPS Driver;c:\windows\system32\drivers\sbhips.sys [2008-06-21 66600]R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-12-09 20560]R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0;c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-30 935208]R2 SbPF.Launcher;SbPF.Launcher;"c:\program files\Sunbelt Software\Personal Firewall\SbPFLnch.exe" [2008-10-31 95528]R2 SPF4;Sunbelt Personal Firewall 4;"c:\program files\Sunbelt Software\Personal Firewall\SbPFSvc.exe" [2008-10-31 1365288]R2 WinDefend;Windows Defender;"c:\program files\Windows Defender\MsMpEng.exe" [2006-11-03 13592]R3 DAdderFltr;DeathAdder Mouse;c:\windows\system32\drivers\dadder.sys [2008-12-09 22784]R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\DRIVERS\sbfwim.sys [2008-12-09 65576]S3 FXDrv32;FXDrv32;\??\G:\FXDrv32.sys []*Newly Created Service* - PROCEXP90.Zawartość folderu 'Zaplanowane zadania'2008-12-15 c:\windows\Tasks\AppleSoftwareUpdate.job- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]2008-12-16 c:\windows\Tasks\MP Scheduled Scan.job- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 19:20].- - - - USUNIĘTO PUSTE WPISY - - - -MSConfigStartUp-AppleSyncNotifier - c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe.------- Skan uzupełniający -------.uInternet Connection Wizard,ShellNext = hxxp://quicktimepro.apple.com/?country=PL&language=pl&productName=QuickTime7&operatingSystem=Windows&osVersion=05010200&qtVersion=07508000&cid=AOSA10000026883IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000FF - ProfilePath - c:\documents and settings\Arek\Dane aplikacji\Mozilla\Firefox\Profiles\dz1vxqnb.default\.**************************************************************************catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2008-12-16 19:25:05Windows 5.1.2600 Dodatek Service Pack 3 NTFSskanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ...skanowanie ukrytych plików ... skanowanie pomyślnie ukończoneukryte pliki: 0**************************************************************************.Czas ukończenia: 2008-12-16 19:27:05ComboFix-quarantined-files.txt 2008-12-16 18:27:00Przed: 53 066 817 536 bajtów wolnychPo: 53,103,075,328 bajtów wolnychWindowsXP-KB310994-SP2-Pro-BootDisk-PLK.exe[boot loader]timeout=2default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS[operating systems]c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdconsmulti(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect305 --- E O F --- 2008-12-16 13:20:23
Gość komentarz 17 grudnia 2008 komentarz 17 grudnia 2008 W logu nie widać żadnej aktywnej infekcji. Zrób to kosmetycznie: Start>>Uruchom>> cmd>>Wklepujesz coś takiego: SC STOP FXDrv32 ENTER SC DELETE FXDrv32 ENTER Usuń ręcznie folder C:\Qoobox, Przeczyść komputer Ccleanerem Z folderu "System Volume Information" usuniesz kopie "wirusów" poprzez chwilowe wyłączenie "Przywracania Systemu": >Panel Sterowania>System>Przywracanie Systemu>>zaznacz w okienku przy "Wyłącz przywracanie na wszystkich dyskach">Zastosuj>OK.Potem możesz powrócić do poprzedniego ustawienia (czyli usunąć zaznaczenie z okienka). Użyj tego programu ---> Dr.WEB CureIt!.
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.