Ten AV to taki program który pozwala uruchomić 5 skanerów on-line
http://www.searchengines.pl/lofiversion ... 69370.htmlComboFix 08-09-05.14 - Murarz 2008-09-10 20:17:58.3 - NTFSx86
Microsoft® Windows Vista™ Ultimate 6.0.6001.1.1250.1.1045.18.1317 [GMT 2:00]
Running from: C:\Users\Murarz\Desktop\ComboFix.exe
Command switches used :: C:\Users\Murarz\Desktop\CFScript.txt
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_GTIQYDCESPL
((((((((((((((((((((((((( Files Created from 2008-08-10 to 2008-09-10 )))))))))))))))))))))))))))))))
.
2008-09-10 17:34 . 2008-09-10 17:34 <DIR> d-------- C:\Windows\McAfee.com
2008-09-10 15:40 . 2008-09-10 15:40 <DIR> d-------- C:\Users\All Users\WindowsSearch
2008-09-10 15:40 . 2008-09-10 15:40 <DIR> d-------- C:\ProgramData\WindowsSearch
2008-09-10 14:32 . 2008-07-31 03:13 4,240,384 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll
2008-09-10 14:32 . 2008-07-31 05:32 28,160 --a------ C:\Windows\System32\Apphlpdm.dll
2008-09-10 14:31 . 2008-08-02 03:01 625,152 --a------ C:\Windows\System32\drivers\dxgkrnl.sys
2008-09-10 14:31 . 2008-06-26 05:29 565,248 --a------ C:\Windows\System32\emdmgmt.dll
2008-09-10 14:31 . 2008-06-26 05:29 303,616 --a------ C:\Windows\System32\wmpeffects.dll
2008-09-10 14:31 . 2008-05-08 21:21 211,968 --a------ C:\Windows\System32\drivers\mrxsmb10.sys
2008-09-10 14:31 . 2008-05-20 04:07 148,480 --a------ C:\Windows\System32\drivers\nwifi.sys
2008-09-10 14:31 . 2008-06-26 05:29 45,056 --a------ C:\Windows\System32\dataclen.dll
2008-09-10 14:31 . 2008-08-02 05:26 36,864 --a------ C:\Windows\System32\cdd.dll
2008-09-09 15:35 . 2008-09-09 15:35 <DIR> d-------- C:\Users\Murarz\AppData\Roaming\InstallShield
2008-09-08 01:27 . 2008-09-08 01:38 <DIR> d-------- C:\Users\Murarz\AppData\Roaming\LimeWire
2008-09-08 01:25 . 2008-09-08 01:25 <DIR> d-------- C:\Program Files\Java
2008-09-08 01:19 . 2008-09-08 01:19 <DIR> d-------- C:\Program Files\Common Files\Java
2008-09-07 21:03 . 2008-09-07 21:03 <DIR> d-------- C:\Program Files\Lavalys
2008-09-07 18:43 . 2008-09-07 18:43 <DIR> d-------- C:\fsaua.data
2008-09-07 16:54 . 2008-09-07 17:11 <DIR> d-------- C:\Users\All Users\SecTaskMan
2008-09-07 16:54 . 2008-09-07 17:11 <DIR> d-------- C:\ProgramData\SecTaskMan
2008-09-07 16:54 . 2008-09-07 16:54 <DIR> d-------- C:\Program Files\Security Task Manager
2008-09-06 19:25 . 2008-09-06 19:25 <DIR> d-------- C:\Users\Murarz\AppData\Roaming\Simply Super Software
2008-09-06 19:25 . 2008-09-06 19:25 <DIR> d-------- C:\Users\All Users\Simply Super Software
2008-09-06 19:25 . 2008-09-06 19:25 <DIR> d-------- C:\ProgramData\Simply Super Software
2008-09-06 19:25 . 2008-09-06 19:25 <DIR> d-------- C:\Program Files\Trojan Remover
2008-09-06 19:25 . 2006-05-25 15:52 162,304 --a------ C:\Windows\System32\ztvunrar36.dll
2008-09-06 19:25 . 2003-02-02 20:06 153,088 --a------ C:\Windows\System32\UNRAR3.dll
2008-09-06 19:25 . 2005-08-26 01:50 77,312 --a------ C:\Windows\System32\ztvunace26.dll
2008-09-06 19:25 . 2002-03-06 01:00 75,264 --a------ C:\Windows\System32\unacev2.dll
2008-09-06 19:25 . 2006-06-19 13:01 69,632 --a------ C:\Windows\System32\ztvcabinet.dll
2008-09-06 19:14 . 2008-09-06 20:20 <DIR> d-------- C:\Windows\BDOSCAN8
2008-09-04 15:43 . 2008-09-04 15:43 24 --ahs---- C:\Windows\SF69DAA34.tmp
2008-09-04 15:41 . 2008-09-06 19:47 <DIR> d-------- C:\Program Files\SlySoft
2008-09-04 15:29 . 2008-09-04 15:29 <DIR> d-------- C:\Program Files\Alcohol Soft
2008-09-03 16:37 . 2008-09-03 16:38 <DIR> d-------- C:\Program Files\Hamachi
2008-09-03 16:37 . 2008-09-03 16:37 25,280 --a------ C:\Windows\System32\drivers\hamachi.sys
2008-09-02 21:27 . 2008-09-10 20:24 <DIR> d-------- C:\Users\Murarz\AppData\Roaming\Hamachi
2008-09-02 21:20 . 2008-09-07 23:54 139,264 --a------ C:\Windows\War3Unin.exe
2008-09-02 21:20 . 2008-09-07 23:54 53,144 --a------ C:\Windows\War3Unin.dat
2008-09-02 21:20 . 2008-09-07 23:54 2,829 --a------ C:\Windows\War3Unin.pif
2008-09-02 16:09 . 2008-03-12 22:21 678,408 --a------ C:\Windows\System32\gpprefcl.dll
2008-09-02 00:36 . 2008-09-02 00:38 <DIR> d-------- C:\Program Files\Smarty Uninstaller Pro
2008-09-02 00:36 . 2004-06-14 17:01 608,448 --a------ C:\Windows\System32\comctl32.ocx
2008-09-02 00:36 . 2007-08-15 13:09 417,792 --a------ C:\Windows\System32\vbalCmdBar6.ocx
2008-09-02 00:36 . 2007-08-15 13:09 262,144 --a------ C:\Windows\System32\lst_v.ocx
2008-09-02 00:36 . 2004-03-09 00:00 212,240 --a------ C:\Windows\System32\RICHTX32.OCX
2008-09-02 00:36 . 1999-02-09 21:40 188,928 --a------ C:\Windows\System32\vbuzip10.DLL
2008-09-02 00:36 . 2007-08-15 13:09 167,683 --a------ C:\Windows\System32\COMCT232.OCX
2008-09-02 00:36 . 2007-08-15 13:09 159,744 --a------ C:\Windows\System32\wt_menu.dll
2008-09-02 00:36 . 2007-08-15 13:09 115,920 --a------ C:\Windows\System32\MSINET.ocx
2008-09-02 00:36 . 2007-08-15 13:09 94,208 --a------ C:\Windows\System32\img_lst.ocx
2008-09-02 00:36 . 2007-08-15 13:09 40,960 --a------ C:\Windows\System32\ssubtmr6.dll
2008-09-02 00:29 . 2008-09-02 00:29 0 --ah----- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2008-08-30 15:34 . 2008-07-03 18:04 732,376 -ra------ C:\Windows\System32\drivers\cfosspeed.sys
2008-08-30 15:31 . 2008-09-10 20:24 <DIR> d-------- C:\Program Files\cFosSpeed
2008-08-30 15:31 . 2008-07-03 18:04 290,008 --a------ C:\Windows\System32\cfosspeed.dll
2008-08-30 11:01 . 2008-01-19 09:33 8,139,264 --a------ C:\Windows\System32\ssBranded.scr
2008-08-30 11:00 . 2008-01-19 09:35 3,072,000 --a------ C:\Windows\System32\networkmap.dll
2008-08-30 10:59 . 2008-01-19 08:06 8,147,456 --a------ C:\Windows\System32\wmploc.DLL
2008-08-30 10:58 . 2008-01-19 09:36 704,512 --a------ C:\Windows\System32\SmiEngine.dll
2008-08-30 10:58 . 2008-01-19 09:36 357,888 --a------ C:\Windows\System32\wbemcomn.dll
2008-08-30 10:58 . 2008-01-19 09:36 218,624 --a------ C:\Windows\System32\wdscore.dll
2008-08-30 10:58 . 2008-01-19 09:36 139,264 --a------ C:\Windows\System32\SmiInstaller.dll
2008-08-30 10:58 . 2008-01-19 09:33 130,560 --a------ C:\Windows\System32\PkgMgr.exe
2008-08-30 10:57 . 2008-01-19 09:34 305,152 --a------ C:\Windows\System32\msdelta.dll
2008-08-30 10:57 . 2008-01-19 09:34 258,560 --a------ C:\Windows\System32\dpx.dll
2008-08-30 10:57 . 2008-01-19 09:34 246,784 --a------ C:\Windows\System32\drvstore.dll
2008-08-30 10:57 . 2008-01-19 09:35 35,328 --a------ C:\Windows\System32\mspatcha.dll
2008-08-30 02:29 . 2008-09-01 10:21 <DIR> d-------- C:\Users\All Users\SpeedBit
2008-08-30 02:29 . 2008-09-01 10:21 <DIR> d-------- C:\ProgramData\SpeedBit
2008-08-30 02:29 . 2008-09-03 06:48 <DIR> d-------- C:\Program Files\DAP
2008-08-29 19:15 . 2008-09-01 10:17 <DIR> d-------- C:\Program Files\DAEMON Tools Toolbar
2008-08-29 19:15 . 2008-08-29 19:15 <DIR> d-------- C:\Program Files\DAEMON Tools Lite
2008-08-29 19:08 . 2008-08-29 19:08 717,296 --a------ C:\Windows\System32\drivers\sptd.sys
2008-08-29 19:07 . 2008-08-29 19:07 <DIR> d-------- C:\Users\Murarz\AppData\Roaming\DAEMON Tools
2008-08-29 18:08 . 2005-05-26 15:34 2,297,552 --a------ C:\Windows\System32\d3dx9_26.dll
2008-08-29 17:52 . 2008-09-01 10:11 <DIR> d-------- C:\Program Files\Folder Lock
2008-08-29 17:52 . 2008-08-29 19:41 632 --a------ C:\sccfg.sys
2008-08-29 16:37 . 2008-08-30 16:16 <DIR> d-------- C:\perflogs
2008-08-29 11:47 . 2008-08-29 11:47 <DIR> d-------- C:\Program Files\Ares
2008-08-29 08:58 . 2008-02-29 09:11 988,216 --a------ C:\Windows\System32\winload.exe
2008-08-29 08:58 . 2008-02-29 09:11 927,288 --a------ C:\Windows\System32\winresume.exe
2008-08-29 08:58 . 2008-02-22 07:05 615,992 --a------ C:\Windows\System32\ci.dll
2008-08-29 08:58 . 2008-02-29 08:53 378,368 --a------ C:\Windows\System32\srcore.dll
2008-08-29 08:58 . 2008-02-29 06:12 318,464 --a------ C:\Windows\System32\rstrui.exe
2008-08-29 08:58 . 2008-02-29 08:53 46,592 --a------ C:\Windows\System32\setbcdlocale.dll
2008-08-29 08:58 . 2008-02-29 08:53 40,960 --a------ C:\Windows\System32\srclient.dll
2008-08-29 08:58 . 2008-02-29 09:14 19,000 --a------ C:\Windows\System32\kd1394.dll
2008-08-29 08:58 . 2008-02-29 06:12 14,848 --a------ C:\Windows\System32\srdelayed.exe
2008-08-29 08:58 . 2008-02-29 08:35 6,656 --a------ C:\Windows\System32\kbd106n.dll
2008-08-29 08:36 . 2008-04-18 07:48 269,312 --a------ C:\Windows\System32\es.dll
2008-08-28 22:03 . 2008-08-28 22:03 <DIR> d-------- C:\Users\Murarz\AppData\Roaming\TuneUp Software
2008-08-28 22:03 . 2008-08-28 22:03 355,584 --a------ C:\Windows\System32\TuneUpDefragService.exe
2008-08-28 22:03 . 2008-05-29 09:28 28,416 --a------ C:\Windows\System32\uxtuneup.dll
2008-08-28 22:03 . 2008-05-29 09:28 16,640 --a------ C:\Windows\System32\authuitu.dll
2008-08-28 22:02 . 2008-08-28 22:02 <DIR> d-------- C:\Users\All Users\TuneUp Software
2008-08-28 22:02 . 2008-08-28 22:02 <DIR> d-------- C:\ProgramData\TuneUp Software
2008-08-28 22:02 . 2008-08-28 22:02 <DIR> d-------- C:\Program Files\TuneUp Utilities 2008
2008-08-28 22:02 . 2008-09-01 10:18 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-08-28 21:44 . 2008-08-28 21:44 0 --a------ C:\Windows\nsreg.dat
2008-08-28 21:21 . 2008-09-08 16:59 <DIR> d-a------ C:\Users\All Users\TEMP
2008-08-28 21:21 . 2008-09-08 16:59 <DIR> d-a------ C:\ProgramData\TEMP
2008-08-28 18:42 . 2008-08-28 18:42 <DIR> d-------- C:\Program Files\Trend Micro
2008-08-28 17:02 . 2008-08-28 17:02 <DIR> d-------- C:\Program Files\ffdshow
2008-08-28 17:02 . 2008-06-08 23:58 60,273 --a------ C:\Windows\System32\pthreadGC2.dll
2008-08-28 17:02 . 2008-06-12 20:36 7,680 --a------ C:\Windows\System32\ff_vfw.dll
2008-08-28 17:02 . 2007-07-10 18:10 547 --a------ C:\Windows\System32\ff_vfw.dll.manifest
2008-08-28 16:33 . 2008-08-28 16:38 <DIR> d-------- C:\Users\Murarz\AppData\Roaming\ipla
2008-08-28 16:33 . 2008-08-28 16:38 <DIR> d-------- C:\Users\All Users\ipla
2008-08-28 16:33 . 2008-08-28 16:38 <DIR> d-------- C:\ProgramData\ipla
2008-08-28 12:06 . 2008-08-28 12:06 <DIR> d-------- C:\Program Files\LittleFighter2
2008-08-28 11:47 . 2008-08-28 11:47 <DIR> d--h----- C:\Windows\PIF
2008-08-28 11:46 . 2008-08-30 01:32 <DIR> d-------- C:\Program Files\Common Files\Blizzard Entertainment
2008-08-28 09:39 . 2008-08-28 12:05 <DIR> d-------- C:\Program Files\Ontrack
2008-08-28 09:39 . 2008-09-09 15:36 <DIR> d--h----- C:\Program Files\InstallShield Installation Information
2008-08-28 09:39 . 2006-11-02 14:35 543 --a------ C:\Windows\System32\MAPISVC.BAK
2008-08-28 09:38 . 2008-08-28 09:38 <DIR> d-------- C:\Program Files\Common Files\InstallShield
2008-08-28 08:43 . 2008-08-28 08:43 1,811,656 --a------ C:\Windows\System32\wuaueng.dll
2008-08-28 08:43 . 2008-08-28 08:43 1,524,736 --a------ C:\Windows\System32\wucltux.dll
2008-08-28 08:43 . 2008-08-28 08:43 53,448 --a------ C:\Windows\System32\wuauclt.exe
2008-08-28 08:43 . 2008-08-28 08:43 45,768 --a------ C:\Windows\System32\wups2.dll
2008-08-28 08:42 . 2008-08-28 08:42 563,912 --a------ C:\Windows\System32\wuapi.dll
2008-08-28 08:42 . 2008-08-28 08:42 163,904 --a------ C:\Windows\System32\wuwebv.dll
2008-08-28 08:42 . 2008-08-28 08:42 83,456 --a------ C:\Windows\System32\wudriver.dll
2008-08-28 08:42 . 2008-08-28 08:42 36,552 --a------ C:\Windows\System32\wups.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-30 14:24 174 --sha-w C:\Program Files\desktop.ini
2008-08-30 14:17 --------- d-----w C:\Program Files\Windows Sidebar
2008-08-30 14:17 --------- d-----w C:\Program Files\Windows Photo Gallery
2008-08-30 14:17 --------- d-----w C:\Program Files\Windows Mail
2008-08-30 14:17 --------- d-----w C:\Program Files\Windows Journal
2008-08-30 14:17 --------- d-----w C:\Program Files\Windows Defender
2008-08-30 14:17 --------- d-----w C:\Program Files\Windows Collaboration
2008-08-30 14:17 --------- d-----w C:\Program Files\Windows Calendar
2008-08-30 14:04 101,888 ----a-w C:\Windows\System32\ifxcardm.dll
2008-08-30 14:03 82,432 ----a-w C:\Windows\System32\axaltocm.dll
2008-08-27 11:46 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
2008-08-27 09:58 --------- d-sh--w C:\ProgramData\Ulubione
2008-08-27 09:58 --------- d-sh--w C:\ProgramData\Szablony
2008-08-27 09:58 --------- d-sh--w C:\ProgramData\Pulpit
2008-08-27 09:58 --------- d-sh--w C:\ProgramData\Menu Start
2008-08-27 09:58 --------- d-sh--w C:\ProgramData\Dokumenty
2008-08-27 09:58 --------- d-sh--w C:\ProgramData\Dane aplikacji
2008-08-22 10:08 878,592 ----a-w C:\Windows\System32\wininet.dll
2008-08-22 10:07 43,008 ----a-w C:\Windows\System32\licmgr10.dll
2008-08-22 10:07 18,944 ----a-w C:\Windows\System32\corpol.dll
2008-08-22 10:06 72,704 ----a-w C:\Windows\System32\admparse.dll
2008-08-22 10:06 71,680 ----a-w C:\Windows\System32\iesetup.dll
2008-08-22 10:06 66,560 ----a-w C:\Windows\System32\wextract.exe
2008-08-22 10:06 129,024 ----a-w C:\Windows\System32\ieUnatt.exe
2008-08-22 10:06 110,080 ----a-w C:\Windows\System32\PDMSetup.exe
2008-08-22 10:06 103,936 ----a-w C:\Windows\System32\SetDepNx.exe
2008-08-22 10:06 103,424 ----a-w C:\Windows\System32\SetIEInstalledDate.exe
2008-08-22 10:05 35,840 ----a-w C:\Windows\System32\imgutil.dll
2008-08-22 10:05 168,960 ----a-w C:\Windows\System32\iexpress.exe
2008-08-22 10:04 48,640 ----a-w C:\Windows\System32\PrivacIE.dll
2008-08-22 10:04 48,128 ----a-w C:\Windows\System32\mshtmler.dll
2008-08-22 10:04 45,568 ----a-w C:\Windows\System32\mshta.exe
2008-08-22 09:57 156,160 ----a-w C:\Windows\System32\msls31.dll
2008-08-01 06:40 3,894,272 ----a-w C:\Windows\system32\drivers\atikmdag.sys
2008-08-01 04:47 425,984 ----a-w C:\Windows\System32\ATIDEMGX.dll
2008-08-01 04:47 327,680 ----a-w C:\Windows\System32\atipdlxx.dll
2008-08-01 04:47 258,048 ----a-w C:\Windows\System32\Oemdspif.dll
2008-08-01 04:47 159,744 ----a-w C:\Windows\System32\atitmmxx.dll
2008-08-01 04:46 43,520 ----a-w C:\Windows\System32\ati2edxx.dll
2008-08-01 04:46 270,336 ----a-w C:\Windows\System32\Ati2evxx.dll
2008-08-01 04:45 700,416 ----a-w C:\Windows\System32\Ati2evxx.exe
2008-08-01 04:32 3,823,616 ----a-w C:\Windows\System32\atiumdag.dll
2008-08-01 04:15 4,463,104 ----a-w C:\Windows\System32\atiumdva.dll
2008-08-01 04:10 9,687,040 ----a-w C:\Windows\System32\atioglxx.dll
2008-08-01 04:04 50,688 ----a-w C:\Windows\System32\amdpcom32.dll
2008-08-01 04:03 45,568 ----a-w C:\Windows\System32\atiadlxx.dll
2008-08-01 03:51 53,248 ----a-w C:\Windows\system32\drivers\ati2erec.dll
2008-07-31 03:32 460,288 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-07-31 03:32 2,154,496 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-07-31 03:32 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-06-12 05:28 541,696 ----a-w C:\Windows\AppPatch\AcLayers.dll
.
((((((((((((((((((((((((((((( snapshot@2008-09-10_20.14.02.17 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-09-10 18:11:18 6,406,144 ----a-w C:\Windows\erdnt\Hiv-backup\SCHEMA.DAT
+ 2008-09-10 18:17:50 6,406,144 ----a-w C:\Windows\erdnt\Hiv-backup\SCHEMA.DAT
+ 2005-10-20 18:02:28 163,328 ----a-w C:\Windows\erdnt\subs\ERDNT.EXE
+ 2008-09-10 18:19:57 6,406,144 ----a-w C:\Windows\erdnt\subs\SCHEMA.DAT
- 2008-09-10 13:19:30 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2008-09-10 18:21:51 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2008-09-10 18:21:51 262,144 ---ha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1
- 2008-09-10 13:20:19 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2008-09-10 18:21:56 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2008-09-10 18:21:56 262,144 ---ha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1
- 2008-09-10 13:17:43 4,071,456 --sha-w C:\Windows\System32\drivers\fidbox.dat
+ 2008-09-10 18:20:22 4,071,456 --sha-w C:\Windows\System32\drivers\fidbox.dat
- 2008-09-10 13:17:43 606,240 --sha-w C:\Windows\System32\drivers\fidbox2.dat
+ 2008-09-10 18:20:22 606,240 --sha-w C:\Windows\System32\drivers\fidbox2.dat
- 2008-09-10 13:30:11 6,553,600 ----a-w C:\Windows\System32\SMI\Store\Machine\SCHEMA.DAT
+ 2008-09-10 18:19:57 6,406,144 ----a-w C:\Windows\System32\SMI\Store\Machine\SCHEMA.DAT
- 2008-08-30 14:18:27 2,874 ----a-w C:\Windows\System32\WDI\ERCQueuedResolutions.dat
+ 2008-09-10 18:20:16 2,874 ----a-w C:\Windows\System32\WDI\ERCQueuedResolutions.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-19 125952]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2008-03-20 2127296]
"ares"="C:\Program Files\Ares\Ares.exe" [2007-05-04 961024]
"WindowsWelcomeCenter"="oobefldr.dll" [2008-01-19 C:\Windows\System32\oobefldr.dll]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSConfig"="C:\Windows\system32\msconfig.exe" [2008-01-19 227840]
"cFosSpeed"="C:\Program Files\cFosSpeed\cFosSpeed.exe" [2008-07-03 867544]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2008-04-25 201992]
C:\Users\Murarz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
hamachi.lnk - C:\Program Files\Hamachi\hamachi.exe [2008-09-03 625952]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]
--a------ 2007-05-04 02:32 961024 C:\Program Files\Ares\Ares.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
--a------ 2008-07-17 14:20 490952 C:\Program Files\DAEMON Tools Lite\daemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrojanScanner]
--a------ 2008-09-04 18:55 917072 C:\Program Files\Trojan Remover\Trjscan.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"TCP Query User{3E0127CA-66D5-496B-9982-8D581772D141}C:\\programdata\\kaspersky lab setup files\\kaspersky internet security 2009\\polish\\setup.exe"= UDP:C:\programdata\kaspersky lab setup files\kaspersky internet security 2009\polish\setup.exe:Kaspersky Internet Security 2009 Setup
"UDP Query User{1BE6AC21-6FDA-4C94-B490-20A8ACC49B17}C:\\programdata\\kaspersky lab setup files\\kaspersky internet security 2009\\polish\\setup.exe"= TCP:C:\programdata\kaspersky lab setup files\kaspersky internet security 2009\polish\setup.exe:Kaspersky Internet Security 2009 Setup
"{62EF7446-97F9-4536-8C3C-6FD281151213}"= UDP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{ED7AE71E-63B9-4A17-99F0-A365C1B8F0B4}"= TCP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"{4E3E37AB-89FB-48C9-9AC4-FCCB663C7F55}"= UDP:C:\Users\Murarz\Desktop\utorrent.exe:µTorrent (TCP-In)
"{AC7B91B0-EF0F-4803-A398-5563F3A1CCF2}"= TCP:C:\Users\Murarz\Desktop\utorrent.exe:µTorrent (UDP-In)
"{0C5D2C0E-AC98-4D3C-BEEF-97BD5E96C028}"= UDP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{A5C00573-C4AE-48F0-BB42-2D89FC6ADDE7}"= TCP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"{0DEDC6A1-2B72-4CB1-8AD4-E3110F404BB2}"= UDP:E:\Nowy folder (2)\uTorrent.exe:µTorrent (TCP-In)
"{7C6273B5-0465-492E-A710-A7B57D32F5B3}"= TCP:E:\Nowy folder (2)\uTorrent.exe:µTorrent (UDP-In)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)
R0 klbg;Kaspersky Lab Boot Guard Driver;C:\Windows\system32\drivers\klbg.sys [2008-01-29 32784]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys [2008-03-26 20496]
R2 UxTuneUp;TuneUp Theme Extension;C:\Windows\System32\svchost.exe [2008-01-19 21504]
R3 atikmdag;atikmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [2008-08-01 3894272]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;C:\Windows\system32\DRIVERS\klfltdev.sys [2008-03-13 26640]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\Windows\System32\TuneUpDefragService.exe [2008-08-28 355584]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-09-10 20:23:48
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Windows\System32\Ati2evxx.exe
C:\Windows\System32\audiodg.exe
C:\Windows\System32\Ati2evxx.exe
C:\Program Files\cFosSpeed\spd.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\System32\conime.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\System32\wbem\WMIADAP.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\System32\dllhost.exe
.
**************************************************************************
.
Completion time: 2008-09-10 20:27:44 - machine was rebooted
ComboFix-quarantined-files.txt 2008-09-10 18:27:31
ComboFix2.txt 2008-09-10 18:15:12
Pre-Run: System nie może znaleźć komunikatu dla numeru komunikatu 0x2379 w pliku komunikatów dla Application.
Post-Run: 26,522,836,992 bajt˘w wolnych
306 --- E O F --- 2008-09-10 12:34:17
Pre-Run: System nie może znaleźć komunikatu dla numeru komunikatu 0x2379 w pliku komunikatów dla Application. co to jest?
Człowiek, który porusza się w tłumie, nie dojdzie dalej niż inni. Ten, który chodzi samotnie, może znaleźć się tam gdzie jeszcze nikogo nie było.
zapisz jako 
