shonpenp utworzono 13 stycznia 2009 utworzono 13 stycznia 2009 zamieszczam logi z hi jack i combo fix czy mozecie sprawdzic co jest nie tak?dzieki za pomoc Logfile of Trend Micro HijackThis v2.0.2Scan saved at 21:17:05, on 2008-12-11 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\System32\rundll32.exe C:\Program Files\Apoint\Apoint.exe C:\Program Files\Sony\ISB Utility\ISBMgr.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Windows\System32\rundll32.exe C:\Program Files\Sony\Marketing Tools\MarketingTools.exe C:\Program Files\PowerISO\PWRISOVM.EXE C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\Program Files\Search Settings\SearchSettings.exe C:\Program Files\Sony\Network Utility\LANUtil.exe C:\Program Files\Gadu-Gadu\gg.exe C:\Users\KALiSz\AppData\Local\Temp\yyy9547.exe C:\Windows\system32\taskeng.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe C:\Program Files\DesktopEarth\DesktopEarth.exe C:\Program Files\WordWeb\wweb32.exe C:\Windows\System32\mobsync.exe C:\Program Files\Apoint\ApMsgFwd.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Apoint\Apntex.exe C:\Program Files\Common Files\Teleca Shared\Generic.exe C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe C:\Windows\system32\conime.exe C:\Windows\system32\ctfmon.exe C:\Program Files\Internet Explorer\ieuser.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\KALiSz\AppData\Local\Temp\~tmpe.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll O3 - Toolbar: (no name) - {37B85A29-692B-4205-9CAD-2626E4993404} - (no file) O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [iSBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [MarketingTools] C:\Program Files\Sony\Marketing Tools\MarketingTools.exe O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE O4 - HKLM\..\Run: [bearShare] "C:\Program Files\BearShare\BearShare.exe" /pause O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey O4 - HKLM\..\Run: [searchSettings] C:\Program Files\Search Settings\SearchSettings.exe O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKCU\..\Run: [NSUFloatingUI] "C:\Program Files\Sony\Network Utility\LANUtil.exe" O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray O4 - HKCU\..\Run: [Cognac] C:\Users\KALiSz\AppData\Local\Temp\~tmpb.exe O4 - HKCU\..\Run: [MSFox] C:\Users\KALiSz\AppData\Local\Temp\yyy9547.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: DesktopEarth AutoStart.lnk = ? O4 - Startup: Registration Heroes of Might & Magic 5.LNK = C:\Program Files\Ubisoft\Heroes of Might and Magic V\registration\RegistrationReminder.exe O4 - Startup: WordWeb.lnk = C:\Program Files\WordWeb\wweb32.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {18506D80-9B80-11D4-82C2-0080C8D7ED4A} (GameDesire Roulette) - http://download.gamedesire.com/g_bin/pl/ro...te_2_0_0_27.cab O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Google Desktop Manager 5.7.801.7324 (GoogleDesktopManager-010708-104812) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: NSUService - Sony Corporation - C:\Program Files\Sony\Network Utility\NSUService.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDms.exe O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDs.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 11821 bytes oraz log z combo fix ComboFix 08-12-11.06 - KALiSz 2009-01-13 14:46:14.3 - NTFSx86Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1250.1.1033.18.1141 [GMT 0:00] Uruchomiony z: c:\kalisz\Programsy\ComboFix.exe * Resident AV is active . - TRYB ZREDUKOWANEJ FUNKCJONALNOŚCI - . ((((((((((((((((((((((((( Pliki utworzone od 2008-12-13 do 2009-01-13 ))))))))))))))))))))))))))))))) . 2009-01-13 01:52 . 2009-01-13 01:52 <DIR> d-------- c:\users\KALiSz\AppData\Roaming\Yahoo! 2009-01-13 01:52 . 2009-01-13 01:52 <DIR> d-------- c:\program files\FLV Player 2009-01-13 00:04 . 2009-01-13 00:04 <DIR> d-------- c:\users\KALiSz\AppData\Roaming\CBL-Electronics 2009-01-12 22:28 . 2009-01-12 22:28 <DIR> d-------- c:\users\All Users\CBL-Electronics 2009-01-12 22:28 . 2009-01-12 22:28 <DIR> d-------- c:\programdata\CBL-Electronics 2009-01-12 21:21 . 2009-01-12 21:21 <DIR> d-------- c:\users\KALiSz\AppData\Roaming\COWON 2009-01-12 21:20 . 2009-01-12 21:20 <DIR> d-------- c:\program files\JetAudio 2009-01-12 21:20 . 2009-01-12 21:20 <DIR> d-------- c:\program files\Common Files\COWON 2009-01-12 16:30 . 2009-01-12 16:30 <DIR> d-------- c:\program files\Common Files\Stardock 2009-01-12 16:09 . 2009-01-12 16:09 <DIR> d-------- c:\users\KALiSz\AppData\Roaming\IObit 2009-01-12 16:09 . 2009-01-12 16:09 <DIR> d-------- c:\program files\IObit 2009-01-12 15:51 . 2009-01-12 15:51 <DIR> d-------- c:\users\KALiSz\AppData\Roaming\PeerNetworking 2009-01-11 03:33 . 2009-01-11 03:33 29 --a------ c:\windows\.wb4 2009-01-11 03:31 . 2009-01-12 16:30 <DIR> d-------- c:\program files\Stardock 2009-01-11 03:31 . 2008-04-26 16:14 58,792 --a------ c:\windows\System32\wbload.dll 2009-01-11 03:31 . 2008-04-26 16:14 42,672 --a------ c:\windows\System32\wbsys.dll 2009-01-11 03:18 . 2009-01-11 03:18 <DIR> d-------- c:\users\KALiSz\AppData\Roaming\Media Player Classic 2009-01-11 03:16 . 2009-01-11 03:16 <DIR> d-------- c:\program files\K-Lite Codec Pack 2009-01-11 02:10 . 2009-01-11 02:10 <DIR> d-------- c:\users\KALiSz\AppData\Roaming\dvdcss 2009-01-11 02:08 . 2009-01-11 02:11 <DIR> d-------- c:\users\KALiSz\AppData\Roaming\vlc 2009-01-11 02:06 . 2009-01-11 02:06 <DIR> d-------- c:\program files\VideoLAN 2009-01-10 19:03 . 2009-01-10 19:03 <DIR> d-------- c:\program files\Common Files\Digidesign 2009-01-10 19:02 . 2009-01-10 19:02 <DIR> d-------- c:\program files\Steinberg 2009-01-10 19:02 . 2009-01-10 19:02 <DIR> d-------- c:\program files\Common Files\Native Instruments 2009-01-09 21:41 . 2009-01-09 21:41 <DIR> d-------- c:\program files\NAPI-PROJEKT 2009-01-04 16:52 . 2009-01-04 16:52 <DIR> d-------- c:\users\KALiSz\AppData\Roaming\GHISLER 2009-01-04 16:52 . 2009-01-04 16:52 <DIR> d-------- C:\totalcmd 2009-01-04 16:52 . 2008-08-08 07:04 545 --a------ c:\windows\UC.PIF 2009-01-04 16:52 . 2008-08-08 07:04 545 --a------ c:\windows\RAR.PIF 2009-01-04 16:52 . 2008-08-08 07:04 545 --a------ c:\windows\PKZIP.PIF 2009-01-04 16:52 . 2008-08-08 07:04 545 --a------ c:\windows\PKUNZIP.PIF 2009-01-04 16:52 . 2008-08-08 07:04 545 --a------ c:\windows\NOCLOSE.PIF 2009-01-04 16:52 . 2008-08-08 07:04 545 --a------ c:\windows\LHA.PIF 2009-01-04 16:52 . 2008-08-08 07:04 545 --a------ c:\windows\ARJ.PIF 2008-12-30 21:50 . 2008-12-30 21:51 <DIR> d-------- c:\users\KALiSz\AppData\Roaming\Ableton 2008-12-30 21:50 . 2003-06-20 12:28 1,777,664 --a------ c:\windows\System32\gdiplus.dll 2008-12-19 21:10 . 2008-12-19 21:10 <DIR> d-------- c:\program files\FreeCall.com 2008-12-17 20:17 . 2008-12-19 20:40 <DIR> d-------- c:\program files\Poker.co.uk 2008-12-15 12:34 . 2008-12-19 21:19 <DIR> d-------- c:\users\KALiSz\AppData\Roaming\FreeCall 2008-12-14 17:43 . 2009-01-13 03:57 <DIR> d-------- c:\program files\Yahoo! 2008-12-14 17:43 . 2008-12-14 17:44 <DIR> d-------- c:\program files\CCleaner . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-13 05:02 --------- d-----w c:\users\KALiSz\AppData\Roaming\BitTorrent 2009-01-13 03:48 --------- d-----w c:\program files\BearShare 2009-01-12 21:20 --------- d--h--w c:\program files\InstallShield Installation Information 2009-01-12 20:09 --------- d-----w c:\programdata\Google Updater 2009-01-12 19:52 2,560 ----a-w c:\windows\_MSRSTRT.EXE 2009-01-12 15:36 63,366 ----a-w c:\users\KALiSz\AppData\Roaming\nvModes.dat 2009-01-12 06:33 --------- d-----w c:\users\KALiSz\AppData\Roaming\Skype 2009-01-12 06:30 --------- d-----w c:\users\KALiSz\AppData\Roaming\skypePM 2009-01-11 03:19 --------- d-----w c:\program files\MarBit 2009-01-11 02:26 --------- d-----w c:\program files\DivX 2009-01-11 00:43 --------- d-----w c:\program files\SubEdit-Player 2009-01-10 14:50 --------- d-----w c:\program files\Google 2008-12-30 21:56 --------- d-----w c:\program files\Native Instruments 2008-12-22 15:58 --------- d-----w c:\program files\Winamp 2008-12-19 20:27 --------- d-----w c:\users\KALiSz\AppData\Roaming\Teleca 2008-12-19 20:27 --------- d-----w c:\program files\Common Files\Teleca Shared 2008-12-12 19:03 --------- d-----w c:\program files\Malwarebytes' Anti-Malware 2008-12-12 19:01 --------- d-----w c:\users\KALiSz\AppData\Roaming\Malwarebytes 2008-12-12 19:01 --------- d-----w c:\programdata\Malwarebytes 2008-12-11 21:16 --------- d-----w c:\program files\Trend Micro 2008-12-11 20:39 --------- d-----w c:\program files\Windows Mail 2008-12-11 19:20 --------- d-----w c:\programdata\Lavasoft 2008-12-11 19:16 --------- d-----w c:\program files\Lavasoft 2008-12-11 19:15 --------- d-----w c:\program files\Common Files\Wise Installation Wizard 2008-12-11 18:39 --------- d-----w c:\program files\Picasa2 2008-12-11 00:05 --------- d---a-w c:\programdata\TEMP 2008-12-10 16:38 --------- d-----w c:\users\KALiSz\AppData\Roaming\Command & Conquer 3 Wojny o tyberium 2008-12-10 16:13 --------- d-----w c:\program files\Electronic Arts 2008-12-05 04:43 --------- d-----w c:\program files\McAfee 2008-12-04 16:13 --------- d-----w c:\program files\Eidos 2008-12-03 19:52 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys 2008-12-03 19:52 15,504 ----a-w c:\windows\system32\drivers\mbam.sys 2008-12-03 13:32 --------- d-----w c:\program files\WordWeb 2008-12-03 12:41 --------- d-----w c:\program files\DesktopEarth 2008-12-03 11:18 --------- d-----w c:\program files\EA GAMES 2008-12-03 11:14 --------- d-----w c:\program files\AV Digital Talking Parrot 2008-12-03 10:39 --------- d-----w c:\program files\Earth 3D Screensaver 2008-12-03 00:40 --------- d-----w c:\programdata\McAfee 2008-12-03 00:38 --------- d-----w c:\program files\Common Files\McAfee 2008-12-03 00:37 --------- d-----w c:\program files\McAfee.com 2008-12-02 14:15 --------- d-----w c:\programdata\Kaspersky Lab 2008-12-01 19:40 410,976 ----a-w c:\windows\System32\deploytk.dll 2008-12-01 19:40 --------- d-----w c:\program files\Java 2008-12-01 19:35 --------- d-----w c:\program files\Kaspersky Lab 2008-11-28 11:26 56,863 ----a-w c:\users\Administrator\AppData\Roaming\nvModes.dat 2008-11-01 03:44 541,696 ----a-w c:\windows\AppPatch\AcLayers.dll 2008-11-01 03:44 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll 2008-11-01 03:44 460,288 ----a-w c:\windows\AppPatch\AcSpecfc.dll 2008-11-01 03:44 28,672 ----a-w c:\windows\System32\Apphlpdm.dll 2008-11-01 03:44 2,154,496 ----a-w c:\windows\AppPatch\AcGenral.dll 2008-11-01 03:44 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll 2008-11-01 01:21 4,240,384 ----a-w c:\windows\System32\GameUXLegacyGDFs.dll 2008-10-29 06:29 2,927,104 ----a-w c:\windows\explorer.exe 2008-10-22 03:57 241,152 ----a-w c:\windows\System32\PortableDeviceApi.dll 2008-10-22 01:22 2,048 ----a-w c:\windows\System32\tzres.dll 2008-10-21 05:25 296,960 ----a-w c:\windows\System32\gdi32.dll 2008-10-21 05:25 1,645,568 ----a-w c:\windows\System32\connect.dll 2008-10-18 14:08 1,050,296 ------w c:\windows\wweb32.dll 2008-10-16 21:13 1,809,944 ----a-w c:\windows\System32\wuaueng.dll 2008-10-16 21:12 561,688 ----a-w c:\windows\System32\wuapi.dll 2008-10-16 21:09 51,224 ----a-w c:\windows\System32\wuauclt.exe 2008-10-16 21:09 43,544 ----a-w c:\windows\System32\wups2.dll 2008-10-16 21:08 34,328 ----a-w c:\windows\System32\wups.dll 2008-10-16 20:56 1,524,736 ----a-w c:\windows\System32\wucltux.dll 2008-10-16 20:55 83,456 ----a-w c:\windows\System32\wudriver.dll 2008-10-16 14:08 162,064 ----a-w c:\windows\System32\wuwebv.dll 2008-10-16 13:56 31,232 ----a-w c:\windows\System32\wuapp.exe 2008-10-16 04:47 827,392 ----a-w c:\windows\System32\wininet.dll 2008-10-15 15:07 466,944 ----a-w c:\windows\System32\Parrot.scr 2008-10-12 13:02 62,322,172 ----a-w c:\users\KALiSz\Traktor3_341U_Win.zip 2008-10-05 10:49 22,328 ----a-w c:\users\KALiSz\AppData\Roaming\PnkBstrK.sys 2008-08-24 14:33 225,280 ----a-w c:\users\KALiSz\AppData\Roaming\Rewire.dll 2008-08-18 19:19 32 ----a-w c:\users\All Users\ezsid.dat 2008-08-18 19:19 32 ----a-w c:\programdata\ezsid.dat 2008-01-21 02:43 174 --sha-w c:\program files\desktop.ini . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NSUFloatingUI"="c:\program files\Sony\Network Utility\LANUtil.exe" [2008-07-16 262144] "Gadu-Gadu"="c:\program files\Gadu-Gadu\gg.exe" [2008-03-20 2127296] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240] "WindowsWelcomeCenter"="oobefldr.dll" [2008-01-21 c:\windows\System32\oobefldr.dll] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvSvc"="c:\windows\system32\nvsvc.dll" [2008-02-12 86016] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-02-12 8497696] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-02-12 81920] "Apoint"="c:\program files\Apoint\Apoint.exe" [2008-02-23 122880] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-12 39792] "ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2007-11-21 311296] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-04-10 29744] "MarketingTools"="c:\program files\Sony\Marketing Tools\MarketingTools.exe" [2008-04-10 36864] "PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2008-07-07 167936] "WinampAgent"="c:\program files\Winamp\winampa.exe" [2007-02-13 35328] "mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2007-11-01 582992] "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784] "RtHDVCpl"="RtHDVCpl.exe" [2008-01-23 c:\windows\RtHDVCpl.exe] c:\users\KALiSz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ DesktopEarth AutoStart.lnk - c:\users\KALiSz\AppData\Roaming\Microsoft\Installer\{D87176E9-ECD0-48C6-8E8B-B0054781DFB4}\_2B52280D74B238E888B1F2.exe [2008-12-03 29926] Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDock\ObjectDock.exe [2009-01-12 3450608] WordWeb.lnk - c:\program files\WordWeb\wweb32.exe [2008-12-03 42168] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-11-04 113664] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv] 2008-09-17 08:05 222456 c:\program files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon] 2007-08-15 03:05 98304 c:\windows\System32\VESWinlogon.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GOEC62~1.DLL [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.dvsd"= c:\program files\Common Files\Sony Shared\VideoLib\sonydv.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FreeCall] --a------ 2008-09-01 11:09 9109296 c:\program files\FreeCall.com\FreeCall\FreeCall.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{33055A94-CDDF-44B8-A8ED-F59039A75EF3}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook "{ADEF565F-D80F-4A72-82F0-E1C1A3B51D14}"= UDP:c:\program files\Google\Google Talk\googletalk.exe:Google Talk "{EE53C2A6-BBAE-4DF4-B52F-AA7CB54C2F3A}"= TCP:c:\program files\Google\Google Talk\googletalk.exe:Google Talk "{9FA96EAF-FE46-4F03-A82F-5A588E24D807}"= UDP:c:\program files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI) "{8BEF6779-AD7F-4C84-9D69-44FD57FF6611}"= TCP:c:\program files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI) "{299B70F5-0609-49E8-A8B8-17563A1096FE}"= UDP:c:\program files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV) "{37581ECC-A839-4A4B-B261-74AE220DF91E}"= TCP:c:\program files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV) "{316D4311-BDBC-4AC5-9CA7-842F95E813B4}"= UDP:c:\program files\DNA\btdna.exe:DNA (TCP-In) "{F6D97B78-2004-43FA-9E98-F0787C485D8B}"= TCP:c:\program files\DNA\btdna.exe:DNA (UDP-In) "TCP Query User{7ACB4A11-888D-4184-A381-D0314DDF06DF}c:\\program files\\3alab\\iradio\\iradio.exe"= UDP:c:\program files\3alab\iradio\iradio.exe:iRadio "UDP Query User{EED664A3-8301-4F36-B6B1-C9E975904A30}c:\\program files\\3alab\\iradio\\iradio.exe"= TCP:c:\program files\3alab\iradio\iradio.exe:iRadio "{6A57295A-06F1-48F7-880B-7CEC9EA25B2E}"= UDP:c:\program files\Sierra\FEAR\FEARXP\FEARXP.exe:FEARXP "{E4058137-BA5E-4FB5-A974-864F17B9BB10}"= TCP:c:\program files\Sierra\FEAR\FEARXP\FEARXP.exe:FEARXP "TCP Query User{C1936423-A45B-4460-B814-FB7AA983856F}c:\\program files\\bittorrent\\bittorrent.exe"= UDP:c:\program files\bittorrent\bittorrent.exe:µTorrent "UDP Query User{5E65E115-D77E-4DB8-AA60-B78EF3002B9E}c:\\program files\\bittorrent\\bittorrent.exe"= TCP:c:\program files\bittorrent\bittorrent.exe:µTorrent "TCP Query User{9F93208C-415C-44CA-BBFC-E6F8FC34FE2D}c:\\program files\\bittorrent\\bittorrent.exe"= UDP:c:\program files\bittorrent\bittorrent.exe:µTorrent "UDP Query User{71476319-3B98-405C-8894-A3DA64758504}c:\\program files\\bittorrent\\bittorrent.exe"= TCP:c:\program files\bittorrent\bittorrent.exe:µTorrent "TCP Query User{F9F49D53-0D8A-4924-9B9B-99E76C0D719D}c:\\program files\\skype\\phone\\skype.exe"= UDP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath "UDP Query User{38C609CD-D5EA-40F0-BE3C-AB464B15BD13}c:\\program files\\skype\\phone\\skype.exe"= TCP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath "TCP Query User{B642B0CF-5A22-42B6-9F3C-99F262974EC8}c:\\programdata\\kaspersky lab setup files\\kaspersky internet security 2009\\english\\setup.exe"= UDP:c:\programdata\kaspersky lab setup files\kaspersky internet security 2009\english\setup.exe:Kaspersky Internet Security 2009 Setup "UDP Query User{6BA5C18D-B6DA-4AF4-8E10-8864D0332458}c:\\programdata\\kaspersky lab setup files\\kaspersky internet security 2009\\english\\setup.exe"= TCP:c:\programdata\kaspersky lab setup files\kaspersky internet security 2009\english\setup.exe:Kaspersky Internet Security 2009 Setup "{5EAEE741-F7DF-4E01-9BD9-DB486D399924}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA "{24A5B896-66FA-4D14-925F-F5CCBC208ADC}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA "{5B505FDD-BB28-45B5-8DBE-CF54985F4251}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB "{09FCFBE0-0E8C-4B60-A1B1-EF1E68BFE794}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB "{BF0323D1-5A7C-49FE-8F03-7E6F471626D4}"= UDP:c:\program files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty® 4 - Modern Warfare "{02F8AD16-34C1-478F-9566-1F4F8889232A}"= TCP:c:\program files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty® 4 - Modern Warfare "{0B836FD1-C784-4C9E-B271-B0E65AAD41DE}"= UDP:c:\program files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:Crysis_32 "{F3F008D7-2074-47D0-88F8-A09F37F69106}"= TCP:c:\program files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:Crysis_32 "{30451CEE-77EA-443E-94BA-2F95E8D5DBDC}"= UDP:c:\program files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:CrysisDedicatedServer_32 "{9DD847D3-8F9F-4F28-9EBB-436D09DBF450}"= TCP:c:\program files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:CrysisDedicatedServer_32 "TCP Query User{EA14A8F9-C7AE-41C6-AE91-1721514DF82A}c:\\programdata\\kaspersky lab setup files\\kaspersky anti-virus 7.0.1.325\\polish\\setup.exe"= UDP:c:\programdata\kaspersky lab setup files\kaspersky anti-virus 7.0.1.325\polish\setup.exe:Kaspersky Anti-Virus 7.0 Setup "UDP Query User{DF745D2A-243A-408C-AEF5-57AFD3F66C90}c:\\programdata\\kaspersky lab setup files\\kaspersky anti-virus 7.0.1.325\\polish\\setup.exe"= TCP:c:\programdata\kaspersky lab setup files\kaspersky anti-virus 7.0.1.325\polish\setup.exe:Kaspersky Anti-Virus 7.0 Setup "TCP Query User{3FACBDD0-B55D-41C9-AFA1-558E25319E21}c:\\program files\\skype\\phone\\skype.exe"= UDP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath "UDP Query User{56885893-5DE7-4597-A9FC-A62F8EF5EC14}c:\\program files\\skype\\phone\\skype.exe"= TCP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath "TCP Query User{F1853822-35C3-415F-BF64-56EF4D674C70}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule "UDP Query User{EB4FB4DB-843D-4913-8B11-0EE442B6D6EE}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule "{9C371D9E-9E4D-4973-A2CC-CD5E2DEB8856}"= Profile=Private|Profile=Public|c:\program files\Common Files\Mcafee\MNA\McNaSvc.exe:McAfee Network Agent [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List] "c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;"c:\program files\McAfee\SiteAdvisor\McSACore.exe" [2008-12-03 203280] R2 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);"c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sMSSMLBIZ [2006-04-14 28933976] R2 NSUService;NSUService;"c:\program files\Sony\Network Utility\NSUService.exe" [2008-04-10 233472] R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-18 11032] R3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2007-12-17 9344] R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2007-08-17 812544] S3 s115bus;Sony Ericsson Device 115 driver (WDM);c:\windows\system32\DRIVERS\s115bus.sys [2008-09-05 83208] S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s115mdfl.sys [2008-09-05 15112] S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s115mdm.sys [2008-09-05 108680] S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s115mgmt.sys [2008-09-05 100488] S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s115obex.sys [2008-09-05 98568] S3 SOHCImp;VAIO Media plus Content Importer;"c:\program files\Sony\VAIO Media plus\SOHCImp.exe" [2008-04-10 104288] S3 SOHDms;VAIO Media plus Digital Media Server;"c:\program files\Sony\VAIO Media plus\SOHDms.exe" [2008-04-10 350048] S3 SOHDs;VAIO Media plus Device Searcher;"c:\program files\Sony\VAIO Media plus\SOHDs.exe" [2008-04-10 63328] S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;"c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe" [2008-04-10 333088] S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;"c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe" [2008-04-10 87328] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F] \shell\AutoRun\command - F:\Autorun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G] \shell\AutoRun\command - G:\Install.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H] \shell\AutoRun\command - H:\AutorunUAW.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ca4ecba4-985e-11dd-9592-001a80bc3ffb}] \shell\AutoRun\command - I:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ca4ecbbb-985e-11dd-9592-001a80bc3ffb}] \shell\AutoRun\command - I:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f9b111b2-c286-11dd-a94a-001a80bc3ffb}] \shell\AutoRun\command - J:\LaunchU3.exe -a . Zawartość folderu 'Zaplanowane zadania' 2009-01-13 c:\windows\Tasks\AWC Startup.job - c:\program files\IObit\Advanced SystemCare 3\AWC.exe [2008-12-21 11:44] 2008-09-04 c:\windows\Tasks\iRadio task 1.job - c:\progra~1\3aLab\iRadio\iRadio.exe [2006-02-10 15:04] 2008-09-04 c:\windows\Tasks\iRadio task 2.job - c:\progra~1\3aLab\iRadio\iRadio.exe [2006-02-10 15:04] 2008-12-03 c:\windows\Tasks\McDefragTask.job - c:\progra~1\mcafee\mqc\QcConsol.exe [2007-12-04 13:32] 2008-12-03 c:\windows\Tasks\McQcTask.job - c:\progra~1\mcafee\mqc\QcConsol.exe [2007-12-04 13:32] . . ------- Skan uzupełniający ------- . uStart Page = hxxp://www.google.pl/ IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 c:\windows\Downloaded Program Files\Roulette.dll - O16 -: {18506D80-9B80-11D4-82C2-0080C8D7ED4A} hxxp://download.gamedesire.com/g_bin/pl/roulette_2_0_0_27.cab c:\windows\Downloaded Program Files\Roulette.inf . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-01-13 14:46:46 Windows 6.0.6001 Service Pack 1 NTFS skanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ... skanowanie pomyślnie ukończone ukryte pliki: 0 ************************************************************************** . Czas ukończenia: 2009-01-13 14:48:57 ComboFix-quarantined-files.txt 2009-01-13 14:48:52 Przed: 35,045,117,952 bytes free Po: 35,077,951,488 bytes free 293 --- E O F --- 2009-01-12 17:02:43
Sean komentarz 14 stycznia 2009 komentarz 14 stycznia 2009 Wywal folder C:\Program Files\Search Settings\ Włącz pokazywanie plików ukrytch i wywal ten plik: C:\Users\KALiSz\AppData\Local\Temp\~tmpe.exe Następnie wywal wpisy: R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dllO3 - Toolbar: (no name) - {37B85A29-692B-4205-9CAD-2626E4993404} - (no file) O4 - HKLM\..\Run: [searchSettings] C:\Program Files\Search Settings\SearchSettings.exeUnknownO4 - HKCU\..\Run: [Cognac] C:\Users\KALiSz\AppData\Local\Temp\~tmpb.exe O4 - HKCU\..\Run: [MSFox] C:\Users\KALiSz\AppData\Local\Temp\yyy9547.exe Następnie daj nowe logi
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.