ComboFix 11-07-08.03 - Olek 2 2011-07-09 9:36.1.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1250.48.1045.18.1022.423 [GMT 2:00] Uruchomiony z: D:\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} . . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Menu Start\Programy\ShopperReports c:\documents and settings\All Users\Menu Start\Programy\ShopperReports\About Us.lnk c:\documents and settings\All Users\Menu Start\Programy\ShopperReports\Customer Support.lnk c:\documents and settings\All Users\Menu Start\Programy\ShopperReports\ShopperReports Uninstall Instructions.lnk c:\documents and settings\Olek 2\Dane aplikacji\Mikrotik c:\documents and settings\Olek 2\Dane aplikacji\Mikrotik\Winbox\3.25-673526164\advtool.crc c:\documents and settings\Olek 2\Dane aplikacji\Mikrotik\Winbox\3.25-673526164\advtool.dll c:\documents and settings\Olek 2\Dane aplikacji\Mikrotik\Winbox\3.25-673526164\dhcp.crc c:\documents and settings\Olek 2\Dane aplikacji\Mikrotik\Winbox\3.25-673526164\dhcp.dll c:\documents and settings\Olek 2\Dane aplikacji\Mikrotik\Winbox\3.25-673526164\hotspot.crc c:\documents and settings\Olek 2\Dane aplikacji\Mikrotik\Winbox\3.25-673526164\hotspot.dll c:\documents and settings\Olek 2\Dane aplikacji\Mikrotik\Winbox\3.25-673526164\ppp.crc c:\documents and settings\Olek 2\Dane aplikacji\Mikrotik\Winbox\3.25-673526164\ppp.dll c:\documents and settings\Olek 2\Dane aplikacji\Mikrotik\Winbox\3.25-673526164\roteros.crc c:\documents and settings\Olek 2\Dane aplikacji\Mikrotik\Winbox\3.25-673526164\roteros.dll c:\documents and settings\Olek 2\Dane aplikacji\Mikrotik\Winbox\3.25-673526164\roting2.crc c:\documents and settings\Olek 2\Dane aplikacji\Mikrotik\Winbox\3.25-673526164\roting2.dll c:\documents and settings\Olek 2\Dane aplikacji\Mikrotik\Winbox\3.25-673526164\secure.crc c:\documents and settings\Olek 2\Dane aplikacji\Mikrotik\Winbox\3.25-673526164\secure.dll c:\documents and settings\Olek 2\Dane aplikacji\Mikrotik\Winbox\3.25-673526164\system.crc c:\documents and settings\Olek 2\Dane aplikacji\Mikrotik\Winbox\3.25-673526164\system.dll c:\documents and settings\Olek 2\Dane aplikacji\Mikrotik\Winbox\3.25-673526164\wlan2.crc c:\documents and settings\Olek 2\Dane aplikacji\Mikrotik\Winbox\3.25-673526164\wlan2.dll c:\documents and settings\Olek 2\Dane aplikacji\Mikrotik\Winbox\winbox.cfg c:\documents and settings\Olek 2\Moje dokumenty\audacity-win-1.2.6.exe c:\documents and settings\Olek 2\WINDOWS c:\program files\FunWebProducts c:\program files\FunWebProducts\Shared\Cache\CursorManiaBtn.html c:\program files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html c:\program files\Gamevance Games\gaMEvancelib32.dll c:\program files\Gamevance Games\gvTL.dll c:\program files\MyWebSearch c:\program files\MyWebSearch\bar\1.bin\CHROME.MANIFEST c:\program files\MyWebSearch\bar\1.bin\chrome\M3FFXTBR.JAR c:\program files\MyWebSearch\bar\1.bin\F3BKGERR.JPG c:\program files\MyWebSearch\bar\1.bin\F3CJpeg.dll c:\program files\MyWebSearch\bar\1.bin\F3DTACTL.DLL c:\program files\MyWebSearch\bar\1.bin\F3HISTSW.DLL c:\program files\MyWebSearch\bar\1.bin\F3HKSTUB.DLL c:\program files\MyWebSearch\bar\1.bin\F3HTmlmu.dll c:\program files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL c:\program files\MyWebSearch\bar\1.bin\F3IMSTUB.DLL c:\program files\MyWebSearch\bar\1.bin\F3POPSWT.DLL c:\program files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR c:\program files\MyWebSearch\bar\1.bin\F3REGHK.DLL c:\program files\MyWebSearch\bar\1.bin\F3REPROX.DLL c:\program files\MyWebSearch\bar\1.bin\F3RESTUB.DLL c:\program files\MyWebSearch\bar\1.bin\F3SCHMON.EXE c:\program files\MyWebSearch\bar\1.bin\F3SCrctr.dll c:\program files\MyWebSearch\bar\1.bin\F3SPACER.WMV c:\program files\MyWebSearch\bar\1.bin\F3WALLPP.DAT c:\program files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL c:\program files\MyWebSearch\bar\1.bin\FWPBUDDY.PNG c:\program files\MyWebSearch\bar\1.bin\INSTALL.RDF c:\program files\MyWebSearch\bar\1.bin\M3AUXSTB.DLL c:\program files\MyWebSearch\bar\1.bin\M3DLGHK.DLL c:\program files\MyWebSearch\bar\1.bin\M3HIGHIN.EXE c:\program files\MyWebSearch\bar\1.bin\M3HTml.dll c:\program files\MyWebSearch\bar\1.bin\M3IDLE.DLL c:\program files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE c:\program files\MyWebSearch\bar\1.bin\M3MEDINT.EXE c:\program files\MyWebSearch\bar\1.bin\M3MSG.DLL c:\program files\MyWebSearch\bar\1.bin\M3OUtlcn.dll c:\program files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL c:\program files\MyWebSearch\bar\1.bin\M3SKIN.DLL c:\program files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE c:\program files\MyWebSearch\bar\1.bin\M3SLSRCH.EXE c:\program files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE c:\program files\MyWebSearch\bar\1.bin\M3TPINST.DLL c:\program files\MyWebSearch\bar\1.bin\MWSBAR.DLL c:\program files\MyWebSearch\bar\1.bin\MWSMLBTN.DLL c:\program files\MyWebSearch\bar\1.bin\MWSOEMON.EXE c:\program files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL c:\program files\MyWebSearch\bar\1.bin\MWSOESTB.DLL c:\program files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL c:\program files\MyWebSearch\bar\1.bin\MWSSVC.EXE c:\program files\MyWebSearch\bar\1.bin\MWSUABTN.DLL c:\program files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL c:\program files\MyWebSearch\bar\Avatar\COMMON.F3S c:\program files\MyWebSearch\bar\Cache\0002DDF2 c:\program files\MyWebSearch\bar\Cache\010E2568 c:\program files\MyWebSearch\bar\Cache\010E2AA8.bin c:\program files\MyWebSearch\bar\Cache\010E2CFA.bmp c:\program files\MyWebSearch\bar\Cache\010E2E71.bin c:\program files\MyWebSearch\bar\Cache\010E3065.bin c:\program files\MyWebSearch\bar\Cache\files.ini c:\program files\MyWebSearch\bar\Game\CHECKERS.F3S c:\program files\MyWebSearch\bar\Game\CHESS.F3S c:\program files\MyWebSearch\bar\Game\REVERSI.F3S c:\program files\MyWebSearch\bar\History\search3 c:\program files\MyWebSearch\bar\icons\CM.ICO c:\program files\MyWebSearch\bar\icons\MFC.ICO c:\program files\MyWebSearch\bar\icons\PSS.ICO c:\program files\MyWebSearch\bar\icons\SMILEY.ICO c:\program files\MyWebSearch\bar\icons\WB.ICO c:\program files\MyWebSearch\bar\icons\ZWINKY.ICO c:\program files\MyWebSearch\bar\Message\COMMON.F3S c:\program files\MyWebSearch\bar\Notifier\COMMON.F3S c:\program files\MyWebSearch\bar\Notifier\DOG.F3S c:\program files\MyWebSearch\bar\Notifier\FISH.F3S c:\program files\MyWebSearch\bar\Notifier\KUNGFU.F3S c:\program files\MyWebSearch\bar\Notifier\LIFEGARD.F3S c:\program files\MyWebSearch\bar\Notifier\MAID.F3S c:\program files\MyWebSearch\bar\Notifier\MAILBOX.F3S c:\program files\MyWebSearch\bar\Notifier\OPERA.F3S c:\program files\MyWebSearch\bar\Notifier\ROBOT.F3S c:\program files\MyWebSearch\bar\Notifier\SEDUCT.F3S c:\program files\MyWebSearch\bar\Notifier\SURFER.F3S c:\program files\MyWebSearch\bar\Overlay\COMMON.F3S c:\program files\MyWebSearch\bar\Settings\prevcfg2.htm c:\program files\MyWebSearch\bar\Settings\s_pid.dat c:\program files\ShopperReports3 c:\program files\ShopperReports3\bin\3.0.517.0\BRNstIE.dll c:\program files\ShopperReports3\bin\3.0.517.0\CmndFF.dll c:\program files\ShopperReports3\bin\3.0.517.0\CnTNtcntr.dll c:\program files\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\chrome.manifest c:\program files\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\chrome\firefoxtoolbar.jar c:\program files\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.dll c:\program files\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.xpt c:\program files\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\install.rdf c:\program files\ShopperReports3\bin\3.0.517.0\link.ico c:\program files\ShopperReports3\bin\3.0.517.0\mozillaps.dll c:\program files\ShopperReports3\bin\3.0.517.0\ShopperReportsUninstaller.exe c:\program files\Veoh Networks\VeohWebPlayer\ConduitInstaller_veoh.exe c:\windows\system32\f3PSSavr.scr c:\windows\vb.ini E:\install.exe . . ((((((((((((((((((((((((((((((((((((((( Sterowniki/Usługi ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_MYWEBSEARCHSERVICE -------\Service_MyWebSearchService . . ((((((((((((((((((((((((( Pliki utworzone od 2011-06-09 do 2011-07-09 ))))))))))))))))))))))))))))))) . . 2011-07-08 21:08 . 2011-07-08 21:08 -------- d-----w- c:\program files\Microsoft XNA 2011-07-08 13:44 . 2011-07-08 13:44 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\SplitMediaLabs 2011-07-07 19:01 . 2011-07-07 19:01 -------- d-----w- c:\program files\HD Tune 2011-07-04 16:50 . 2011-07-04 16:50 -------- d-----w- c:\documents and settings\Olek 2\Ustawienia lokalne\Dane aplikacji\Deployment 2011-07-02 20:06 . 2011-07-02 20:06 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\ATI 2011-06-28 15:49 . 2011-07-09 07:32 -------- d-----w- c:\documents and settings\Olek 2\Dane aplikacji\mIRC 2011-06-28 15:49 . 2011-07-09 07:23 -------- d-----w- c:\program files\mIRC 2011-06-27 23:19 . 2011-06-27 23:19 -------- d-----w- c:\program files\AMD APP 2011-06-27 23:17 . 2011-06-27 23:17 -------- d-----w- c:\program files\ATI 2011-06-26 17:14 . 2010-08-22 11:48 114176 ----a-w- c:\windows\system32\PCWizard.cpl 2011-06-26 17:02 . 2011-06-26 17:02 444952 ----a-w- c:\windows\system32\wrap_oal.dll 2011-06-26 17:02 . 2011-06-26 17:02 109080 ----a-w- c:\windows\system32\OpenAL32.dll 2011-06-26 17:02 . 2011-06-26 17:02 -------- d-----w- c:\program files\OpenAL 2011-06-26 17:01 . 2011-06-26 17:01 -------- d-----w- c:\program files\Common Files\Futuremark Shared 2011-06-26 16:26 . 2011-06-26 16:28 -------- d-----w- c:\program files\CPU Speed Pro 2011-06-26 16:06 . 2011-06-26 16:06 -------- d-----w- c:\documents and settings\Olek 2\Dane aplikacji\FreeStone Group 2011-06-26 16:06 . 2011-06-26 16:06 -------- d-----w- c:\program files\Video Card Stability Test 2011-06-25 23:47 . 2011-06-25 23:47 -------- d-----w- c:\documents and settings\Olek 2\Dane aplikacji\dvdcss 2011-06-25 23:30 . 2011-06-26 01:33 -------- d-----w- c:\documents and settings\Olek 2\Dane aplikacji\vlc 2011-06-25 18:12 . 2011-06-25 18:14 -------- d-----w- c:\documents and settings\Olek 2\Dane aplikacji\.minecraft 2011-06-23 20:09 . 2011-06-23 20:10 -------- d-----w- c:\program files\Core Temp 2011-06-23 14:28 . 2011-06-23 14:28 -------- d-----w- c:\program files\Audacity 2011-06-23 13:44 . 2011-06-26 17:14 -------- d-----w- c:\program files\CPUID 2011-06-23 13:44 . 2011-01-19 15:47 22504 ----a-w- c:\windows\system32\drivers\cpuz135_x32.sys 2011-06-23 13:39 . 2011-06-23 13:39 -------- d-----w- c:\program files\Lavalys 2011-06-23 12:56 . 2011-06-23 19:41 -------- d-----w- c:\program files\SpeedFan 2011-06-21 21:46 . 2011-07-09 07:48 -------- d-----w- c:\documents and settings\Olek 2\Dane aplikacji\Skype 2011-06-21 21:46 . 2011-06-21 21:46 -------- d-----r- c:\program files\Skype 2011-06-21 21:45 . 2011-06-21 21:46 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Skype 2011-06-21 12:07 . 2011-06-21 12:07 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-06-19 22:21 . 2011-06-19 22:24 -------- d-----w- c:\documents and settings\Olek 2\Dane aplikacji\TS3Client 2011-06-19 22:21 . 2011-06-19 22:43 -------- d-----w- c:\program files\TeamSpeak 3 Client 2011-06-18 16:59 . 2011-07-06 20:23 -------- d-----w- c:\documents and settings\Olek 2\Dane aplikacji\Mumble 2011-06-18 16:57 . 2011-06-18 16:57 -------- d-----w- c:\program files\Mumble 2011-06-18 13:56 . 2011-06-18 13:57 -------- d-----w- c:\documents and settings\Olek 2\Ustawienia lokalne\Dane aplikacji\Google 2011-06-17 18:51 . 2011-06-17 18:52 -------- d-----w- C:\Minecraftcrack 2011-06-17 00:29 . 2011-05-30 04:26 4713312 ----a-w- c:\windows\system32\GameMon.des 2011-06-17 00:29 . 2011-06-17 00:29 -------- d-----w- c:\program files\Common Files\INCA Shared 2011-06-16 19:41 . 2011-06-16 19:41 -------- d-----w- c:\program files\20Dollars2Surf 2011-06-16 19:41 . 2004-08-05 11:00 59904 ----a-w- c:\windows\system32\wbemdisp.tlb 2011-06-16 19:36 . 2011-06-17 01:04 -------- d-----w- c:\documents and settings\Olek 2\Dane aplikacji\uTorrent 2011-06-13 06:29 . 2011-07-09 07:48 -------- d-----w- c:\program files\Giraffic . . . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-07-09 07:46 . 2011-02-05 15:07 16608 ----a-w- c:\windows\gdrv.sys 2011-05-25 04:21 . 2008-06-03 06:20 6554624 ----a-w- c:\windows\system32\drivers\ati2mtag.sys 2011-05-25 03:14 . 2008-06-03 02:59 4059328 ----a-w- c:\windows\system32\ati3duag.dll 2011-05-25 02:55 . 2008-06-03 03:21 302592 ----a-w- c:\windows\system32\ati2dvag.dll 2011-05-25 02:54 . 2008-06-03 02:48 3152384 ----a-w- c:\windows\system32\ativvaxx.dll 2011-05-25 02:22 . 2008-06-03 02:21 856064 ----a-w- c:\windows\system32\ati2cqag.dll 2011-05-24 21:44 . 2011-05-24 21:44 59904 ----a-w- c:\windows\system32\OVDecode.dll 2011-05-24 21:43 . 2011-05-24 21:43 12798976 ----a-w- c:\windows\system32\amdocl.dll 2011-05-15 13:12 . 2011-05-15 13:12 90784 ----a-w- c:\windows\system32\EasyHook32.dll 2011-05-15 13:12 . 2011-05-15 13:12 109216 ----a-w- c:\windows\system32\EasyHook64.dll 2011-05-15 13:12 . 2011-05-15 13:12 172032 ----a-w- c:\windows\system32\AniGIF.ocx 2011-05-10 12:10 . 2011-02-05 16:18 40112 ----a-w- c:\windows\avastSS.scr 2011-05-10 12:10 . 2011-02-05 16:18 199304 ----a-w- c:\windows\system32\aswBoot.exe 2011-05-10 12:03 . 2011-06-03 23:17 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-05-10 12:03 . 2011-02-05 16:18 307928 ----a-w- c:\windows\system32\drivers\aswSP.sys 2011-05-10 12:02 . 2011-02-05 16:18 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2011-05-10 12:02 . 2011-02-05 16:18 102616 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2011-05-10 12:02 . 2011-02-05 16:18 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys 2011-05-10 11:59 . 2011-02-05 16:18 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2011-05-10 11:59 . 2011-02-05 16:18 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2011-05-10 11:59 . 2011-02-05 16:18 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-05-09 23:40 . 2011-05-09 23:40 1060864 ----a-w- c:\windows\system32\mfc71.dll 2011-05-09 23:40 . 2011-05-09 23:40 1700352 ----a-w- c:\windows\system32\gdiplus.dll 2011-05-05 20:01 . 2011-03-06 00:37 141200 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2011-05-05 20:01 . 2011-03-06 00:39 281656 ----a-w- c:\windows\system32\PnkBstrB.xtr 2011-05-05 20:01 . 2011-03-06 00:36 281656 ----a-w- c:\windows\system32\PnkBstrB.exe 2011-05-05 16:43 . 2011-03-06 00:36 281656 ----a-w- c:\windows\system32\PnkBstrB.ex0 2011-05-04 15:53 . 2011-05-04 15:53 138056 ----a-w- c:\documents and settings\Olek 2\Dane aplikacji\PnkBstrK.sys 2011-05-04 15:53 . 2011-03-06 00:36 75136 ----a-w- c:\windows\system32\PnkBstrA.exe 2011-04-21 23:56 . 2011-04-21 23:56 691696 ----a-w- c:\windows\system32\drivers\sptd.sys 2011-04-20 18:01 . 2011-04-20 18:01 499712 ----a-w- c:\windows\system32\msvcp71.dll 2011-04-20 18:01 . 2011-02-07 00:43 348160 ----a-w- c:\windows\system32\msvcr71.dll . . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BFE4B5CB-63F7-4A51-9266-6167655D5B4F}] 2011-04-12 18:44 1547776 ----a-w- c:\program files\Dogpile Bundle Toolbar\Toolbar.dll . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] 2010-09-28 21:44 1400712 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{DF925EF3-7A87-44E4-9CAF-8D7B280BF616}] . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712] "{C80BDEB2-8735-44C6-BD55-A1CCD555667A}"= "c:\program files\Dogpile Bundle Toolbar\Toolbar.dll" [2011-04-12 1547776] . [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] . [HKEY_CLASSES_ROOT\clsid\{c80bdeb2-8735-44c6-bd55-a1ccd555667a}] [HKEY_CLASSES_ROOT\FCTB000060231.IEToolbar.1] [HKEY_CLASSES_ROOT\TypeLib\{CCBDEEA9-517A-4862-B0A1-862AE9532228}] [HKEY_CLASSES_ROOT\FCTB000060231.IEToolbar] . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712] "{C80BDEB2-8735-44C6-BD55-A1CCD555667A}"= "c:\program files\Dogpile Bundle Toolbar\Toolbar.dll" [2011-04-12 1547776] . [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] . [HKEY_CLASSES_ROOT\clsid\{c80bdeb2-8735-44c6-bd55-a1ccd555667a}] [HKEY_CLASSES_ROOT\FCTB000060231.IEToolbar.1] [HKEY_CLASSES_ROOT\TypeLib\{CCBDEEA9-517A-4862-B0A1-862AE9532228}] [HKEY_CLASSES_ROOT\FCTB000060231.IEToolbar] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-05-10 12:10 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension] @="{CDC95B92-E27C-4745-A8C5-64A52A78855D}" [HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}] 2011-03-02 16:23 68216 ----a-w- d:\program files\Internet Download Manager\IDMShellExt.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ALLUpdate"="c:\program files\ALLPlayer\ALLUpdate.exe" [2011-02-07 1362944] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696] "BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2011-05-06 323392] "DownloadAccelerator"="d:\program files\DAP\DAP.EXE" [2011-05-15 2918576] "VeohPlugin"="c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [2011-05-26 2644992] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-06-15 15141768] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "GEST"="m‘|\ü" [X] "RTHDCPL"="RTHDCPL.EXE" [2008-02-13 16857600] "WinampAgent"="d:\program files\Winamp\winampa.exe" [2010-12-09 74752] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888] "iTunesHelper"="d:\program files\iTunes\iTunesHelper.exe" [2011-01-25 421160] "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824] "Gamevance"="c:\program files\Gamevance Games\gamevance32.exe" [2011-04-12 266240] "TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2011-04-20 273544] "LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2011-05-25 1951112] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-05-24 98304] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . c:\documents and settings\Olek 2\Menu Start\Programy\Autostart\ DesktopVideoPlayer.lnk - c:\documents and settings\Olek 2\Ustawienia lokalne\Dane aplikacji\vghd\bin\vghd.exe [2011-4-18 914432] . c:\documents and settings\All Users\Menu Start\Programy\Autostart\ 20Dollars2Surf.lnk - c:\program files\20Dollars2Surf\20dollars2surf.exe [2011-6-16 89088] Air Mouse.lnk - c:\program files\Air Mouse\Air Mouse\Air Mouse.exe [2010-12-27 1044648] GamersFirst LIVE!.lnk - c:\program files\GamersFirst\LIVE!\Live.exe [2011-6-30 2588784] Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2011-2-7 813584] Remote Mouse Server.lnk - c:\program files\Remote Mouse Server\RemoteMouse.exe [2011-2-8 7647203] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn] 2009-07-20 10:28 72208 ----a-w- c:\program files\Common Files\Logitech\Bluetooth\LBTWLgn.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] @="" . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "DisableNotifications"= 1 (0x1) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "d:\\Program Files\\iTunes\\iTunes.exe"= "d:\\Program Files\\Eidos\\Batman Arkham Asylum\\Binaries\\ShippingPC-BmGame.exe"= "d:\\Program Files\\Mass Effect 2\\Binaries\\MassEffect2.exe"= "d:\\Program Files\\Mass Effect 2\\MassEffect2Launcher.exe"= "d:\\Program Files\\Steam\\Steam.exe"= "c:\\Program Files\\Remote Mouse Server\\RemoteMouse.exe"= "c:\\Program Files\\Air Mouse\\Air Mouse\\Air Mouse.exe"= "d:\\Program Files\\Steam\\SteamApps\\common\\call of duty modern warfare 2\\iw4sp.exe"= "d:\\Program Files\\Steam\\SteamApps\\common\\call of duty modern warfare 2\\iw4mp.exe"= "d:\\Program Files\\EA Sports\\FIFA 11\\Game\\fifa.exe"= "e:\\Program Files\\BitComet\\BitComet.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"= "c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"= "c:\\Program Files\\LittleFighter2\\LF2_v2.0a\\lf2.exe"= "d:\\DarksporeBin\\Darkspore.exe"= "d:\\Program Files\\Electronic Arts\\Bulletstorm\\Binaries\\Win32\\ShippingPC-StormGame.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "d:\\Program Files\\Battlefilc\\BFP4f.exe"= "c:\\Program Files\\Java\\jre6\\bin\\java.exe"= "d:\\Program Files\\MicroVolts\\Bin\\Microvolts.exe"= "d:\\Program Files\\KONAMI\\Pro Evolution Soccer 2011\\pes2011.exe"= "d:\\AeriaGames\\MetalAssault\\_Mas.exe"= "c:\\Program Files\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe"= "d:\\Program Files\\OGPlanet\\LostSagaEU\\autoupgrade.exe"= "d:\\Program Files\\OGPlanet\\LostSagaEU\\lostsaga.exe"= "d:\\Program Files\\Gamigo\\Black Prophecy\\BIN\\WIN32\\BlackProphecy.exe"= "d:\\Program Files\\Gamigo\\Black Prophecy\\BIN\\WIN32\\Launcher.exe"= "d:\\Program Files\\Gamigo\\Black Prophecy\\BIN\\WIN32\\Patcher.exe"= "c:\\Program Files\\Dogpile Bundle Toolbar\\TroubleShooter.exe"= "c:\\Program Files\\Dogpile Bundle Toolbar\\ToolbarUpdate.exe"= "d:\\Program Files\\Petroglyph\\Rise of Immortals\\ClientLauncherR.exe"= "d:\\Program Files\\Petroglyph\\Rise of Immortals\\AoCClientR.exe"= "d:\\Program Files\\Hi-Rez Studios\\games\\global agenda live\\Binaries\\GlobalAgenda.exe"= "c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"= "c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "58144:TCP"= 58144:TCP:Pando Media Booster "58144:UDP"= 58144:UDP:Pando Media Booster "8396:TCP"= 8396:TCP:League of Legends Launcher "8396:UDP"= 8396:UDP:League of Legends Launcher "8394:TCP"= 8394:TCP:League of Legends Launcher "8394:UDP"= 8394:UDP:League of Legends Launcher "13029:TCP"= 13029:TCP:BitComet 13029 TCP "13029:UDP"= 13029:UDP:BitComet 13029 UDP "6982:TCP"= 6982:TCP:League of Legends Launcher "6982:UDP"= 6982:UDP:League of Legends Launcher "6891:TCP"= 6891:TCP:League of Legends Launcher "6891:UDP"= 6891:UDP:League of Legends Launcher "6972:TCP"= 6972:TCP:League of Legends Launcher "6972:UDP"= 6972:UDP:League of Legends Launcher "6914:TCP"= 6914:TCP:League of Legends Launcher "6914:UDP"= 6914:UDP:League of Legends Launcher "6950:TCP"= 6950:TCP:League of Legends Launcher "6950:UDP"= 6950:UDP:League of Legends Launcher "6983:TCP"= 6983:TCP:League of Legends Launcher "6983:UDP"= 6983:UDP:League of Legends Launcher "6919:TCP"= 6919:TCP:League of Legends Launcher "6919:UDP"= 6919:UDP:League of Legends Launcher "6883:TCP"= 6883:TCP:League of Legends Launcher "6883:UDP"= 6883:UDP:League of Legends Launcher "6918:TCP"= 6918:TCP:League of Legends Launcher "6918:UDP"= 6918:UDP:League of Legends Launcher "6908:TCP"= 6908:TCP:League of Legends Launcher "6908:UDP"= 6908:UDP:League of Legends Launcher "6927:TCP"= 6927:TCP:League of Legends Launcher "6927:UDP"= 6927:UDP:League of Legends Launcher "8397:TCP"= 8397:TCP:League of Legends Launcher "8397:UDP"= 8397:UDP:League of Legends Launcher "56849:TCP"= 56849:TCP:Pando Media Booster "56849:UDP"= 56849:UDP:Pando Media Booster "1048:TCP"= 1048:TCP:Akamai NetSession Interface "5000:UDP"= 5000:UDP:Akamai NetSession Interface . R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2011-04-22 691696] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-06-04 441176] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-02-05 307928] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2011-02-08 218688] R1 IDMTDI;IDMTDI;c:\windows\system32\drivers\idmtdi.sys [2011-02-12 97112] R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [2004-08-04 14336] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-02-05 19544] R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [2011-06-23 22504] R2 ES lite Service;ES lite Service for program management.;c:\program files\Gigabyte\EasySaver\essvr.exe [2011-02-05 80392] R2 Giraffic;Giraffic Video Accelerator;c:\program files\Giraffic\GirafficWatchdog.exe --service --> c:\program files\Giraffic\GirafficWatchdog.exe --service [?] R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2011-05-25 1336712] R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;d:\program files\Hi-Rez Studios\HiPatchService.exe [2011-02-25 23680] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S3 cpuz130;cpuz130;\??\c:\docume~1\OLEK2~1\USTAWI~1\Temp\cpuz130\cpuz_x32.sys --> c:\docume~1\OLEK2~1\USTAWI~1\Temp\cpuz130\cpuz_x32.sys [?] S3 cpuz134;cpuz134;c:\program files\CPUID\PC Wizard 2010\pcwiz_x32.sys [2011-06-26 20328] S3 dump_wmimmc;dump_wmimmc;\??\d:\program files\DBO\GameGuard\dump_wmimmc.sys --> d:\program files\DBO\GameGuard\dump_wmimmc.sys [?] S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2011-02-08 13192] S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2011-02-08 8456] S3 GPU-Z;GPU-Z;\??\c:\docume~1\OLEK2~1\USTAWI~1\Temp\GPU-Z.sys --> c:\docume~1\OLEK2~1\USTAWI~1\Temp\GPU-Z.sys [?] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208] S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?] S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] S3 XDva346;XDva346;\??\c:\windows\system32\XDva346.sys --> c:\windows\system32\XDva346.sys [?] S3 XDva383;XDva383;\??\c:\windows\system32\XDva383.sys --> c:\windows\system32\XDva383.sys [?] . --- Inne Usługi/Sterowniki w Pamięci --- . *NewlyCreated* - WUAUSERV . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] Akamai REG_MULTI_SZ Akamai . Zawartość folderu 'Zaplanowane zadania' . 2011-07-05 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 10:50] . 2011-07-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1390067357-1085031214-682003330-1007Core.job - c:\documents and settings\Olek 2\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2011-06-18 13:56] . 2011-07-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1390067357-1085031214-682003330-1007UA.job - c:\documents and settings\Olek 2\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2011-06-18 13:56] . 2011-07-09 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1390067357-1085031214-682003330-1005.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47] . 2011-07-09 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1390067357-1085031214-682003330-1007.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47] . 2011-07-06 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1390067357-1085031214-682003330-1005.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47] . 2011-07-09 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1390067357-1085031214-682003330-1007.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47] . 2011-07-09 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job - c:\program files\Ask.com\UpdateTask.exe [2010-09-28 21:44] . . ------- Skan uzupełniający ------- . IE: &Clean Traces - d:\program files\DAP\Privacy Package\dapcleanerie.htm IE: &Download with &DAP - d:\program files\DAP\dapextie.htm IE: Download &all with DAP - d:\program files\DAP\dapextie2.htm IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000 IE: Wyślij &do programu OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105 Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - d:\progra~1\DAP\dapie.dll Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - d:\progra~1\DAP\dapie.dll FF - ProfilePath - c:\documents and settings\Olek 2\Dane aplikacji\Mozilla\Firefox\Profiles\wush2v09.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2653012&SearchSource=3&q={searchTerms} FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2653012&SearchSource=13 FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - d:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - d:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\documents and settings\All Users\Dane aplikacji\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com FF - Ext: Veoh Web Player Community Toolbar: {cd90bf73-20f6-44ef-993d-bb920303bd2e} - %profile%\extensions\{cd90bf73-20f6-44ef-993d-bb920303bd2e} FF - Ext: Download Accelerator Plus (DAP) extension: {F17C1572-C9EC-4e5c-A542-D05CBB5C5A08} - d:\program files\DAP\DAPFireFox . - - - - USUNIĘTO PUSTE WPISY - - - - . AddRemove-{2C08D7E7-9EE1-4A08-AFE0-745F02DCD6A4}_is1 - c:\documents and settings\Olek\Pokemon Online\unins000.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-07-09 09:47 Windows 5.1.2600 Dodatek Service Pack 3 NTFS . skanowanie ukrytych procesów ... . skanowanie ukrytych wpisów autostartu ... . skanowanie ukrytych plików ... . . C:\## aswSnx private storage . skanowanie pomyślnie ukończone ukryte pliki: 1 . ************************************************************************** . [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . --------------------- ZABLOKOWANE KLUCZE REJESTRU --------------------- . [HKEY_USERS\S-1-5-21-1390067357-1085031214-682003330-1007\Software\G*e*n*i*e*"!\FM Genie Scout 11] "GameDir"="c:\\Documents and Settings\\Olek 2\\Moje dokumenty\\Sports Interactive\\Football Manager 2011\\games" "ShortlistDir"="c:\\Documents and Settings\\Olek 2\\Moje dokumenty\\Sports Interactive\\Football Manager 2011\\shortlists" "FMPath"="d:\\Program Files\\Sports Interactive\\Football Manager 2011\\" "ScreenshotsDir"="c:\\Documents and Settings\\Olek 2\\Moje dokumenty\\Sports Interactive\\Football Manager 2011" "SaveDir"="c:\\Documents and Settings\\Olek 2\\Moje dokumenty\\Sports Interactive\\Football Manager 2011\\" "HistoryDir"="c:\\FM Genie Scout 11\\History Points" "LangDB"="d:\\Program Files\\Sports Interactive\\Football Manager 2011\\data\\updates\\update-1130\\db\\1130\\lang_db.dat" "LastSaveGame"="c:\\Documents and Settings\\Olek 2\\Moje dokumenty\\Sports Interactive\\Football Manager 2011\\games\\stampon.fm" "Language"="Polish" "LoadLangDB"=dword:00000001 "CompressHistoryPoints"=dword:00000000 "HighlightedAttributes"=dword:00000000 "MinCondition"=dword:00000050 "GraphStep"=dword:00000000 "SkinName"="PSV Eindhoven" "LastUpdateCheck"=dword:00009edf "VersionOf"=dword:0000007b "HighQualityGUI"=dword:00000001 "AutomaticallyUpdateCheck"=dword:00000001 "AdvancedGeneration"=dword:00000000 "TranslateStaffSkills"=dword:00000001 "TranslatePlayerSkills"=dword:00000001 "TranslatePositions"=dword:00000001 "ShowHistory"=dword:00000001 "Version"=dword:00000081 "UniqueID"="15-8580-E65F" "Currency"=dword:00000056 "UseProxy"=dword:00000000 "ProxyHost"="" "ProxyPort"="" "UseAuthentication"=dword:00000000 "UserName"="" "UserPassword"="" "PlayerSearchFeatureNum"=dword:00000001 "StaffSearchFeatureNum"=dword:00000000 "ClubSearchFeatureNum"=dword:00000001 "FilterByClubFeatureNum"=dword:00000000 "CompareFeatureNum"=dword:00000000 "ShortlistFeatureNum"=dword:00000000 "ExportFeatureNum"=dword:00000000 "HistoryFeatureNum"=dword:00000000 "LanguageDBFeatureNum"=dword:00000001 "HintsFeatureNum"=dword:00000001 "GenieReportFeatureNum"=dword:00000001 "TopFormationFeatureNum"=dword:00000000 "ScreenshotFeatureNum"=dword:00000000 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}] @Denied: (Full) (Everyone) "scansk"=hex(0):09,80,20,68,e4,e5,9a,0b,a2,f6,87,e1,fb,a6,aa,35,15,b7,7a,5d,e9, c4,df,ea,59,64,93,bf,90,31,59,1c,e1,2d,87,44,b2,2d,6f,65,00,00,00,00,00,00,\ . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{9165d0b5-1c06-496f-84d6-c6b547d70baf}] @Denied: (Full) (Everyone) "Model"=dword:00000057 "Therad"=dword:0000001e "MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26, 38,95,44,85,b1,12,f9,90,dd,23,a1,15,ef,a1,46,54,19,6c,0d,35,95,e0,f3,7c,6d,\ . --------------------- Pliki DLL ładowane pod uruchomionymi procesami --------------------- . - - - - - - - > 'winlogon.exe'(808) c:\windows\system32\Ati2evxx.dll c:\windows\system32\atiadlxx.dll c:\program files\common files\logitech\bluetooth\LBTWlgn.dll c:\program files\common files\logitech\bluetooth\LBTServ.dll . - - - - - - - > 'explorer.exe'(2904) c:\program files\Logitech\SetPoint\lgscroll.dll c:\progra~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf c:\progra~1\MICROS~3\Office14\1045\GrooveIntlResource.dll d:\program files\Internet Download Manager\IDMShellExt.dll . ------------------------ Pozostałe uruchomione procesy ------------------------ . c:\windows\system32\Ati2evxx.exe c:\program files\Alwil Software\Avast5\AvastSvc.exe c:\windows\system32\Ati2evxx.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Giraffic\GirafficWatchdog.exe c:\program files\Java\jre6\bin\jqs.exe c:\windows\system32\PnkBstrA.exe c:\program files\Giraffic\Giraffic.exe c:\windows\RTHDCPL.EXE c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe c:\program files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE c:\program files\Pando Networks\Media Booster\PMB.exe c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe c:\program files\iPod\bin\iPodService.exe c:\windows\system32\wscntfy.exe c:\windows\system32\wbem\wmiapsrv.exe c:\documents and settings\Olek 2\Ustawienia lokalne\Dane aplikacji\vghd\bin\VirtuaGirl_Downloader.exe . ************************************************************************** . Czas ukończenia: 2011-07-09 09:51:30 - komputer został uruchomiony ponownie ComboFix-quarantined-files.txt 2011-07-09 07:51 . Przed: 25 736 093 696 bajtów wolnych Po: 30 990 295 040 bajtów wolnych . WindowsXP-KB310994-SP2-Home-BootDisk-PLK.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn . - - End Of File - - 72656024C0925490E30A9AA5F0D35648