Skocz do zawartości


Close Open
Close Open

Azazel-44

Dołączył: 21 Aug 2007
Offline Ostatnio aktywny: Jul 26 2012 11:42 AM
*****

Moje posty

W temacie:Sprawdzenie loga

25 July 2012 - 20:00 PM

Hmm to ja juz sam nie wiem :/ chyba skończy się na reinstalce. Thx

W temacie:Prośba o sprawdzenie loga.

30 December 2009 - 20:53 PM

oto i on

ComboFix 09-12-29.03 - Administrator 2009-12-30 8:24.2.1 - x86
Microsoft Windows XP Professional 5.1.2600.2.1250.48.1045.18.2047.1703 [GMT 1:00]
Uruchomiony z: c:\documents and settings\Administrator\Pulpit\ComboFix.exe
Użyto następujących komend :: c:\documents and settings\Administrator\Pulpit\CFScript.txt
AV: ESET NOD32 Antivirus 3.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Rezydentny antywirus jest aktywny


UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !!

FILE ::
"C:\3exi.exe"
"C:\imghyva6.exe"
"C:\nymdik.exe"
"c:\windows\pss\siszyd32.exe"
"c:\windows\system32\drivers\fvqxhhl.sys"
"c:\windows\system32\fjhdyfhsn.bat"
"C:\wisf1.exe"
"F:\3exi.exe"
"F:\imghyva6.exe"
"F:\nymdik.exe"
"F:\wisf1.exe"
"G:\3exi.exe"
"G:\imghyva6.exe"
"G:\nymdik.exe"
"G:\wisf1.exe"
.

((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\3exi.exe
C:\imghyva6.exe
C:\nymdik.exe
c:\windows\system32\drivers\fvqxhhl.sys
c:\windows\system32\fjhdyfhsn.bat
C:\wisf1.exe
F:\3exi.exe
F:\imghyva6.exe
F:\nymdik.exe
F:\wisf1.exe
G:\3exi.exe
G:\imghyva6.exe
G:\nymdik.exe
G:\wisf1.exe

.
((((((((((((((((((((((((( Pliki utworzone od 2009-11-28 do 2009-12-30 )))))))))))))))))))))))))))))))
.

2009-12-29 20:11 . 2009-12-29 20:11 -------- d-----w- c:\documents and settings\Administrator\Ustawienia lokalne\Dane aplikacji\ESET
2009-12-29 19:12 . 2009-12-29 19:12 -------- d-----w- c:\documents and settings\Administrator\Dane aplikacji\Foxit
2009-12-29 19:12 . 2009-12-29 19:12 -------- d-----w- c:\program files\Foxit Software
2009-12-29 18:58 . 2009-12-29 18:58 -------- d-----w- c:\program files\Trend Micro
2009-12-22 18:32 . 2009-12-22 18:32 -------- d-----w- c:\documents and settings\Administrator\Dane aplikacji\Ahead
2009-12-22 10:43 . 2009-12-22 10:43 -------- d-----w- c:\documents and settings\LocalService\Ustawienia lokalne\Dane aplikacji\ESET
2009-12-21 23:33 . 2009-12-21 23:33 -------- d-sh--w- c:\documents and settings\Administrator\IECompatCache
2009-12-21 23:33 . 2009-12-21 23:33 -------- d-----w- c:\program files\CCleaner
2009-12-20 11:16 . 2009-12-20 11:16 -------- d-----w- c:\program files\Microsoft Works
2009-12-20 11:15 . 2009-12-20 11:15 -------- d-----w- c:\program files\Microsoft.NET
2009-12-20 11:14 . 2009-12-20 11:14 -------- d-----w- c:\windows\SHELLNEW
2009-12-20 11:13 . 2009-12-20 11:13 -------- d-----w- c:\documents and settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft Help
2009-12-20 11:13 . 2009-12-20 11:16 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Microsoft Help
2009-12-20 11:13 . 2009-12-20 11:13 -------- d-----r- C:\MSOCache
2009-12-17 13:38 . 2009-12-17 13:38 -------- d-----w- c:\documents and settings\Administrator\Ustawienia lokalne\Dane aplikacji\Identities
2009-12-16 18:40 . 2009-12-16 18:40 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\FLEXnet
2009-12-16 16:48 . 2001-10-26 16:29 5632 ----a-w- c:\windows\system32\ptpusb.dll
2009-12-16 16:48 . 2004-08-03 23:44 159232 ----a-w- c:\windows\system32\ptpusd.dll
2009-12-15 19:05 . 2009-12-15 19:05 -------- d-----w- C:\My Downloads
2009-12-15 19:05 . 2009-12-15 19:07 -------- d-----w- c:\program files\BearShare
2009-12-15 18:57 . 2009-12-16 17:01 -------- d-----w- c:\documents and settings\Administrator\Dane aplikacji\BearShareTb
2009-12-15 18:57 . 2009-12-15 18:57 -------- d-----w- c:\program files\BearShareTb
2009-12-15 18:06 . 2009-12-15 18:06 -------- d--h--w- c:\documents and settings\All Users\Dane aplikacji\CanonBJ
2009-12-15 18:06 . 2008-02-06 04:00 216064 ----a-w- c:\windows\system32\CNMLM8S.DLL
2009-12-15 18:06 . 2007-03-19 04:00 69632 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPP8S.DLL
2009-12-15 18:06 . 2007-03-19 04:00 27136 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPD8S.DLL
2009-12-15 18:06 . 2009-12-15 18:06 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information
2009-12-15 18:05 . 2009-12-15 18:05 -------- d--h--w- c:\program files\CanonBJ
2009-12-14 20:16 . 2004-08-03 22:08 25600 -c--a-w- c:\windows\system32\dllcache\usbser.sys
2009-12-14 20:16 . 2004-08-03 22:08 25600 ----a-w- c:\windows\system32\drivers\usbser.sys
2009-12-12 18:21 . 2004-08-04 00:44 25600 ----a-w- c:\documents and settings\LocalService\Dane aplikacji\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2009-12-12 18:01 . 2009-12-12 18:01 -------- d-----w- c:\program files\Thomson
2009-12-12 17:33 . 2004-06-22 20:06 1040384 ----a-w- c:\windows\system32\GnucCOM.dll
2009-12-12 17:33 . 2004-04-09 16:12 1040384 ----a-w- c:\windows\system32\GnucDNA.dll
2009-12-12 05:48 . 2009-12-12 05:48 -------- d-----w- c:\program files\MSXML 6.0
2009-12-12 05:48 . 2009-12-12 05:48 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2009-12-11 18:24 . 2009-12-11 18:24 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE
2009-12-11 11:01 . 2009-12-11 11:01 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2009-12-11 10:26 . 2009-10-29 07:43 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-12-11 10:26 . 2009-10-29 07:43 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2009-12-11 10:26 . 2009-10-29 07:43 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2009-12-11 10:26 . 2009-10-29 07:43 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-12-11 10:26 . 2009-10-29 07:43 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2009-12-11 10:26 . 2009-10-29 07:43 11069952 -c----w- c:\windows\system32\dllcache\ieframe.dll
2009-12-11 10:26 . 2009-12-11 10:26 -------- d-----w- c:\windows\ie8updates
2009-12-11 10:26 . 2009-10-02 04:44 92160 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-12-11 10:25 . 2009-12-11 10:26 -------- d-----w- c:\windows\system32\pl-PL
2009-12-11 10:25 . 2009-12-11 10:25 -------- dc-h--w- c:\windows\ie8
2009-12-10 13:08 . 2009-12-10 13:14 -------- d-----w- c:\documents and settings\Administrator\Ustawienia lokalne\Dane aplikacji\Painkiller Resurrection
2009-12-09 13:15 . 2009-12-09 13:15 -------- d-----w- c:\windows\ServicePackFiles
2009-12-09 11:26 . 2009-12-09 11:26 -------- d-----w- c:\program files\directx
2009-12-09 09:41 . 2009-08-04 17:07 2181632 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2009-12-09 09:41 . 2009-08-04 17:07 2059008 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2009-12-09 09:41 . 2009-08-04 17:07 2137600 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-12-09 09:41 . 2009-08-04 17:07 2017280 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2009-12-09 09:18 . 2009-12-14 09:07 -------- d--h--w- c:\windows\$hf_mig$
2009-12-09 09:15 . 2009-12-09 09:15 -------- d-----w- c:\program files\Nowe Gadu-Gadu
2009-12-08 22:58 . 2004-08-03 22:10 38016 -c--a-w- c:\windows\system32\dllcache\bthmodem.sys
2009-12-08 22:58 . 2004-08-03 22:10 38016 ----a-w- c:\windows\system32\drivers\bthmodem.sys
2009-12-08 22:53 . 2004-08-03 21:58 100992 -c--a-w- c:\windows\system32\dllcache\bthpan.sys
2009-12-08 22:53 . 2004-08-03 21:58 100992 ----a-w- c:\windows\system32\drivers\bthpan.sys
2009-12-08 22:53 . 2004-08-03 22:10 59648 -c--a-w- c:\windows\system32\dllcache\rfcomm.sys
2009-12-08 22:53 . 2004-08-03 22:10 59648 ----a-w- c:\windows\system32\drivers\rfcomm.sys
2009-12-08 22:53 . 2004-08-03 22:10 17024 -c--a-w- c:\windows\system32\dllcache\bthenum.sys
2009-12-08 22:53 . 2004-08-03 22:10 17024 ----a-w- c:\windows\system32\drivers\BthEnum.sys
2009-12-08 22:53 . 2008-06-14 18:01 273024 -c--a-w- c:\windows\system32\dllcache\bthport.sys
2009-12-08 22:53 . 2008-06-14 18:01 273024 ----a-w- c:\windows\system32\drivers\bthport.sys
2009-12-08 22:53 . 2004-08-03 22:10 18944 -c--a-w- c:\windows\system32\dllcache\bthusb.sys
2009-12-08 22:53 . 2004-08-03 22:10 18944 ----a-w- c:\windows\system32\drivers\BTHUSB.SYS
2009-12-08 21:10 . 2009-12-08 21:10 -------- d-----w- c:\documents and settings\Administrator\Dane aplikacji\Gadu-Gadu
2009-12-08 20:51 . 2009-12-08 20:51 -------- d-----w- c:\documents and settings\Administrator\Ustawienia lokalne\Dane aplikacji\PunkBuster
2009-12-08 20:44 . 2001-05-24 14:00 306688 ----a-w- c:\windows\IsUninst.exe
2009-12-08 20:41 . 2009-12-08 20:41 -------- d-sh--w- c:\documents and settings\Administrator\UserData
2009-12-08 20:41 . 2009-12-08 20:41 -------- d-----w- c:\documents and settings\NetworkService\Dane aplikacji\Xfire
2009-12-08 20:40 . 2009-12-29 22:40 -------- d-----w- c:\documents and settings\Administrator\Dane aplikacji\Xfire
2009-12-08 20:40 . 2009-12-19 10:51 -------- d-----w- c:\program files\Xfire
2009-12-08 20:32 . 2005-05-26 14:34 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll
2009-12-08 20:31 . 2009-12-29 22:40 138576 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-12-08 20:31 . 2009-12-08 20:31 22328 ----a-w- c:\documents and settings\Administrator\Dane aplikacji\PnkBstrK.sys
2009-12-08 20:31 . 2009-12-29 23:39 215104 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-12-08 20:31 . 2009-12-16 15:42 -------- d-----w- c:\windows\system32\LogFiles
2009-12-08 20:31 . 2009-12-08 20:52 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-12-08 19:46 . 2009-12-25 16:57 -------- d-----w- c:\documents and settings\Administrator\Gadu-Gadu
2009-12-08 19:45 . 2009-12-08 19:45 -------- d-----w- c:\program files\Gadu-Gadu
2009-12-08 18:56 . 2009-01-07 17:21 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2009-12-08 18:45 . 2004-08-03 22:01 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2009-12-08 18:45 . 2004-08-03 22:01 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2009-12-08 18:45 . 2004-08-03 21:58 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2009-12-08 18:45 . 2004-08-03 21:58 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2009-12-08 18:41 . 2004-08-03 22:08 31616 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2009-12-08 18:41 . 2004-08-03 22:08 31616 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2009-12-08 17:12 . 2009-12-08 20:22 -------- d-----w- c:\program files\Common Files\Symantec Shared
2009-12-08 17:09 . 2009-12-08 20:22 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Norton
2009-12-08 17:09 . 2009-12-08 17:09 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Symantec
2009-12-08 17:09 . 2009-12-08 17:09 -------- d-----w- c:\program files\NortonInstaller
2009-12-08 17:09 . 2009-12-08 17:09 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\NortonInstaller
2009-12-08 15:19 . 2009-12-08 15:19 98304 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-12-08 15:11 . 2009-12-08 15:11 -------- d-----w- c:\program files\Sierra
2009-12-08 14:09 . 2009-12-12 18:49 -------- d-----w- c:\documents and settings\Administrator\Dane aplikacji\Nowe Gadu-Gadu
2009-12-08 09:31 . 2009-12-29 19:06 -------- d-----w- c:\windows\system32\Adobe
2009-12-08 09:21 . 2009-12-08 09:21 -------- d-----w- c:\documents and settings\LocalService\Dane aplikacji\WTablet
2009-12-07 17:15 . 2009-12-07 17:15 -------- d-----w- c:\program files\Bonjour
2009-12-07 17:09 . 2009-12-07 17:09 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2009-12-07 17:09 . 2009-12-30 07:23 -------- d-----w- c:\documents and settings\Administrator\Dane aplikacji\WTablet
2009-12-07 17:08 . 2004-08-03 23:44 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2009-12-07 17:08 . 2004-08-03 23:44 21504 ----a-w- c:\windows\system32\hidserv.dll
2009-12-07 17:08 . 2004-08-03 23:38 14848 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys
2009-12-07 17:08 . 2004-08-03 23:38 14848 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2009-12-07 17:08 . 2007-02-16 00:11 11440 ----a-w- c:\windows\system32\drivers\WacomVKHid.sys
2009-12-07 17:08 . 2007-02-16 19:12 11312 ----a-w- c:\windows\system32\drivers\wacommousefilter.sys
2009-12-07 17:08 . 2007-02-16 18:30 12848 ----a-w- c:\windows\system32\drivers\wacomvhid.sys
2009-12-07 17:08 . 2009-12-07 17:08 -------- d-----w- c:\windows\system32\WTablet
2009-12-07 17:08 . 2007-09-07 18:20 181544 ------w- c:\windows\system32\Wintab32.dll
2009-12-07 17:08 . 2007-09-07 18:40 1373480 ------w- c:\windows\system32\Wacom_Tablet.exe
2009-12-07 17:08 . 2007-09-07 18:33 128296 ------w- c:\windows\system32\Wacom_Tablet.dll
2009-12-07 17:08 . 2009-12-07 17:08 -------- d-----w- c:\program files\Tablet
2009-12-05 15:15 . 2009-12-16 15:46 -------- d-----w- c:\documents and settings\Administrator\Dane aplikacji\Moje pliki Bitwy o Śródziemie™ II
2009-12-05 14:27 . 2009-12-05 14:28 -------- d-----w- c:\documents and settings\Administrator\Dane aplikacji\Moje pliki gry Władca Pierścieni, Król Nazguli
2009-12-04 19:51 . 2009-12-04 19:51 -------- d-----w- c:\documents and settings\Administrator\Dane aplikacji\Media Player Classic
2009-12-04 19:44 . 2004-08-03 22:08 26496 -c--a-w- c:\windows\system32\dllcache\usbstor.sys
2009-12-04 19:30 . 2009-12-04 19:30 -------- d-sh--w- c:\windows\ftpcache
2009-12-04 19:27 . 2004-08-03 21:58 5376 -c--a-w- c:\windows\system32\dllcache\mspclock.sys
2009-12-04 19:27 . 2004-08-03 21:58 5376 ----a-w- c:\windows\system32\drivers\MSPCLOCK.sys
2009-12-04 19:27 . 2005-06-27 10:37 133632 ----a-r- c:\windows\system32\CtDvInst.dll
2009-12-04 19:27 . 2004-08-03 23:44 4096 -c--a-w- c:\windows\system32\dllcache\ksuser.dll

.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-29 20:21 . 2001-10-26 17:15 83660 ----a-w- c:\windows\system32\perfc015.dat
2009-12-29 20:21 . 2001-10-26 17:15 490284 ----a-w- c:\windows\system32\perfh015.dat
2009-12-29 19:10 . 2009-12-04 18:16 -------- d-----w- c:\program files\Common Files\Adobe
2009-12-17 07:24 . 2009-12-04 18:39 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-16 00:28 . 2009-12-04 17:51 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-12-15 18:53 . 2009-12-15 18:53 -------- d-----w- c:\documents and settings\LocalService\Dane aplikacji\Xfire
2009-12-12 18:01 . 2009-12-04 18:07 -------- d-----w- c:\program files\Common Files\InstallShield
2009-12-12 05:50 . 2009-12-12 05:50 -------- d-----w- c:\program files\MSBuild
2009-12-12 05:50 . 2009-12-12 05:50 -------- d-----w- c:\program files\Reference Assemblies
2009-12-08 19:00 . 2009-12-08 19:00 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2009-12-08 18:56 . 2009-12-08 18:56 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2009-12-04 18:52 . 2009-12-04 18:52 -------- d-----w- c:\program files\Netia
2009-12-04 18:28 . 2009-12-04 18:28 0 ----a-w- c:\windows\nsreg.dat
2009-12-04 18:26 . 2009-12-04 18:26 -------- d-----w- c:\documents and settings\Administrator\Dane aplikacji\AdobeUM
2009-12-04 18:17 . 2009-12-04 18:16 -------- d-----w- c:\program files\NVIDIA Corporation
2009-12-04 18:17 . 2009-12-04 18:17 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-12-04 18:16 . 2009-12-04 18:16 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\NVIDIA Corporation
2009-12-04 18:14 . 2009-12-04 18:14 -------- d-----w- c:\program files\%temp&
2009-12-04 18:11 . 2009-12-04 18:11 -------- d-----w- c:\program files\ESET
2009-12-04 18:11 . 2009-12-04 18:11 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\ESET
2009-12-04 17:52 . 2009-12-04 17:52 -------- d-----w- c:\program files\microsoft frontpage
2009-12-04 17:51 . 2009-12-04 17:51 -------- d-----w- c:\program files\Usługi online
2009-12-04 17:49 . 2009-12-04 17:49 21856 ----a-w- c:\windows\system32\emptyregdb.dat
2009-11-30 19:33 . 2009-11-30 19:33 41872 ----a-w- c:\windows\system32\xfcodec.dll
2009-11-21 16:46 . 2004-08-04 00:43 470528 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-21 02:34 . 2009-12-04 18:15 69632 ----a-w- c:\windows\system32\OpenCL.dll
2009-11-21 02:34 . 2009-12-04 18:15 4038656 ----a-w- c:\windows\system32\nvcuda.dll
2009-11-21 02:34 . 2009-12-04 18:15 2259560 ----a-w- c:\windows\system32\nvcuvid.dll
2009-11-21 02:34 . 2009-12-04 18:15 1989224 ----a-w- c:\windows\system32\nvcuvenc.dll
2009-11-21 02:34 . 2009-12-04 18:15 182888 ----a-w- c:\windows\system32\nvcodins.dll
2009-11-21 02:34 . 2009-12-04 18:15 182888 ----a-w- c:\windows\system32\nvcod.dll
2009-11-21 02:34 . 2009-12-04 18:15 13602816 ----a-w- c:\windows\system32\nvoglnt.dll
2009-11-21 02:34 . 2009-12-04 18:15 11374592 ----a-w- c:\windows\system32\nvcompiler.dll
2009-11-21 02:34 . 2009-12-04 18:15 1056768 ----a-w- c:\windows\system32\nvapi.dll
2009-11-21 02:34 . 2009-12-04 18:15 10235968 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2009-11-21 02:34 . 2009-12-04 18:15 6282752 ----a-w- c:\windows\system32\nv4_disp.dll
2009-11-21 02:34 . 2009-12-04 18:15 2293286 ----a-w- c:\windows\system32\nvdata.bin
2009-11-19 20:42 . 2009-12-04 18:07 592488 ----a-w- c:\windows\system32\NVUNINST.EXE
2009-10-29 07:43 . 2004-08-04 00:44 916480 ------w- c:\windows\system32\wininet.dll
2009-10-21 06:03 . 2004-08-04 00:44 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 06:03 . 2004-08-04 00:44 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 14:58 . 2004-08-03 23:00 263552 ----a-w- c:\windows\system32\drivers\http.sys
2009-10-13 10:53 . 2004-08-04 00:44 267776 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:54 . 2004-08-04 00:44 69632 ----a-w- c:\windows\system32\raschap.dll
2009-10-12 13:54 . 2004-08-04 00:44 112640 ----a-w- c:\windows\system32\rastls.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-12-29_20.14.54 )))))))))))))))))))))))))))))))))))))))))
.
+ 2001-08-17 22:30 . 2009-12-29 20:21 67312 c:\windows\system32\perfc009.dat
- 2001-08-17 22:30 . 2009-12-29 18:14 67312 c:\windows\system32\perfc009.dat
+ 2001-08-17 22:30 . 2009-12-29 20:21 432356 c:\windows\system32\perfh009.dat
- 2001-08-17 22:30 . 2009-12-29 18:14 432356 c:\windows\system32\perfh009.dat
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0974BA1E-64EC-11DE-B2A5-E43756D89593}]
2009-08-10 14:06 91576 ----a-w- c:\program files\BearShareTb\BearShareDx.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{0974BA1E-64EC-11DE-B2A5-E43756D89593}"= "c:\program files\BearShareTb\BearShareDx.dll" [2009-08-10 91576]

[HKEY_CLASSES_ROOT\clsid\{0974ba1e-64ec-11de-b2a5-e43756d89593}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AutoConnect"="c:\program files\AutoConnect\AutoConnect.exe" [2006-12-02 310784]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-12-29 687560]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"WiseStubReboot"="MSIEXEC" [X]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-03-13 1443072]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-11-20 110184]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-11-20 12669544]
"CTSysVol"="c:\program files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [2005-10-31 57344]
"P17Helper"="P17.dll" [2005-05-03 64512]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 110592]
"SpeedTouch USB Diagnostics"="c:\program files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-01-26 866816]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BearShare]
2006-08-01 16:04 3313664 ----a-w- c:\program files\BearShare\BearShare.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg]
2000-05-11 00:00 90112 ------w- c:\windows\Updreg.EXE

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"f:\\Bitrwa O Śródziemie 2\\game.dat"=
"f:\\Bitwa o Śródziemie 2 Król Nazguli\\game.dat"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Sierra\\FEARCombat\\FEARMP.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"f:\\COD4\\iw3mp.exe"=
"c:\\Program Files\\Xfire\\Xfire.exe"=
"f:\\Bitrwa O Śródziemie 2\\patchget.dat"=
"c:\\Program Files\\BearShare\\BearShare.exe"=
"c:\\Program Files\\Nowe Gadu-Gadu\\gg.exe"=

R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2008-03-13 33800]
R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2008-03-13 472320]
R2 TabletServiceWacom;TabletServiceWacom;c:\windows\system32\Wacom_Tablet.exe [2009-12-07 1373480]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2009-12-04 717296]
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://search.bearshare.com/
uInternet Connection Wizard,ShellNext = hxxp://192.168.2.1/
FF - ProfilePath - c:\documents and settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\ejpavq3p.default\
FF - plugin: c:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-30 08:27
Windows 5.1.2600 Dodatek Service Pack 2 NTFS

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ...

skanowanie pomyślnie ukończone
ukryte pliki: 0

**************************************************************************
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------

[HKEY_USERS\S-1-5-21-1292428093-1035525444-725345543-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,b5,61,74,31,95,b1,a2,4d,99,d8,55,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,b5,61,74,31,95,b1,a2,4d,99,d8,55,\
.
Czas ukończenia: 2009-12-30 08:28:18
ComboFix-quarantined-files.txt 2009-12-30 07:28
ComboFix2.txt 2009-12-29 20:15

Przed: 2 252 488 704 bajtów wolnych
Po: 2 241 748 992 bajtów wolnych

- - End Of File - - 4A3CF6527449E7E6C10E9F5988FF72F0

W temacie:Prośba o sprawdzenie loga.

29 December 2009 - 22:55 PM

ComboFix 09-12-29.03 - Administrator 2009-12-29 21:11:54.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.2.1250.48.1045.18.2047.1615 [GMT 1:00]
Uruchomiony z: c:\documents and settings\Administrator\Pulpit\ComboFix.exe
AV: ESET NOD32 Antivirus 3.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Rezydentny antywirus jest aktywny


UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !!
.

((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\9ffp.exe
C:\autorun.inf
c:\docume~1\ADMINI~1\USTAWI~1\Temp\cvasds0.dll
c:\docume~1\ADMINI~1\USTAWI~1\Temp\cvasds1.dll
c:\documents and settings\Administrator\Dane aplikacji\avdrn.dat
c:\documents and settings\Administrator\Menu Start\Programy\Autostart\siszyd32.exe
C:\k0maw.exe
C:\l61yyp.exe
C:\nqdymj.exe
C:\nx.exe
c:\program files\Mozilla Firefox\plugins\NPMyGlSh.dll
c:\program files\myglobalsearch
c:\program files\myglobalsearch\bar\1.bin\M9FFXTBR.JAR
c:\program files\myglobalsearch\bar\1.bin\M9FFXTBR.MANIFEST
c:\program files\myglobalsearch\bar\1.bin\M9NTSTBR.JAR
c:\program files\myglobalsearch\bar\1.bin\M9NTSTBR.MANIFEST
c:\program files\myglobalsearch\bar\1.bin\M9PLUGIN.DLL
c:\program files\myglobalsearch\bar\1.bin\MGSBAR.DLL
c:\program files\myglobalsearch\bar\1.bin\NPMYGLSH.DLL
c:\program files\myglobalsearch\bar\Cache018C6C
c:\program files\myglobalsearch\bar\Cache12D3BD8.bin
c:\program files\myglobalsearch\bar\Cache12D431B.bin
c:\program files\myglobalsearch\bar\Cache12D814D.bin
c:\program files\myglobalsearch\bar\Cache\files.ini
c:\program files\myglobalsearch\bar\History\search
c:\program files\myglobalsearch\bar\Settings\prevcfg.htm
C:\t8g.exe
C:\u16sqrqn.exe
c:\windows\system32\Data
C:\xmor.exe
C:\yu3.exe
F:\9ffp.exe
F:\autorun.inf
F:\k0maw.exe
F:\l61yyp.exe
F:\nqdymj.exe
F:\nx.exe
F:\t8g.exe
F:\u16sqrqn.exe
F:\xmor.exe
F:\yu3.exe
G:\9ffp.exe
G:\autorun.inf
G:\k0maw.exe
G:\l61yyp.exe
G:\nqdymj.exe
G:\nx.exe
G:\t8g.exe
G:\u16sqrqn.exe
G:\xmor.exe
G:\yu3.exe

.
((((((((((((((((((((((((( Pliki utworzone od 2009-11-28 do 2009-12-29 )))))))))))))))))))))))))))))))
.

2009-12-29 19:12 . 2009-12-29 19:12 -------- d-----w- c:\documents and settings\Administrator\Dane aplikacji\Foxit
2009-12-29 19:12 . 2009-12-29 19:12 -------- d-----w- c:\program files\Foxit Software
2009-12-29 18:58 . 2009-12-29 18:58 -------- d-----w- c:\program files\Trend Micro
2009-12-29 18:16 . 2009-12-29 18:16 103936 --sh--r- C:\3exi.exe
2009-12-29 09:49 . 2009-12-29 09:48 98816 --sh--r- C:\wisf1.exe
2009-12-28 09:45 . 2009-12-28 09:45 106496 --sh--r- C:\imghyva6.exe
2009-12-24 13:40 . 2009-12-24 15:37 714752 ----a-w- c:\windows\system32\drivers\fvqxhhl.sys
2009-12-24 13:39 . 2009-12-24 13:39 148 ----a-w- c:\windows\system32\fjhdyfhsn.bat
2009-12-22 18:32 . 2009-12-22 18:32 -------- d-----w- c:\documents and settings\Administrator\Dane aplikacji\Ahead
2009-12-22 10:43 . 2009-12-22 10:43 -------- d-----w- c:\documents and settings\LocalService\Ustawienia lokalne\Dane aplikacji\ESET
2009-12-22 09:55 . 2009-12-22 09:55 121316 --sh--r- C:\nymdik.exe
2009-12-21 23:33 . 2009-12-21 23:33 -------- d-sh--w- c:\documents and settings\Administrator\IECompatCache
2009-12-21 23:33 . 2009-12-21 23:33 -------- d-----w- c:\program files\CCleaner
2009-12-20 11:16 . 2009-12-20 11:16 -------- d-----w- c:\program files\Microsoft Works
2009-12-20 11:15 . 2009-12-20 11:15 -------- d-----w- c:\program files\Microsoft.NET
2009-12-20 11:14 . 2009-12-20 11:14 -------- d-----w- c:\windows\SHELLNEW
2009-12-20 11:13 . 2009-12-20 11:13 -------- d-----w- c:\documents and settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft Help
2009-12-20 11:13 . 2009-12-20 11:16 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Microsoft Help
2009-12-20 11:13 . 2009-12-20 11:13 -------- d-----r- C:\MSOCache
2009-12-17 13:38 . 2009-12-17 13:38 -------- d-----w- c:\documents and settings\Administrator\Ustawienia lokalne\Dane aplikacji\Identities
2009-12-16 18:40 . 2009-12-16 18:40 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\FLEXnet
2009-12-16 16:48 . 2001-10-26 16:29 5632 ----a-w- c:\windows\system32\ptpusb.dll
2009-12-16 16:48 . 2004-08-03 23:44 159232 ----a-w- c:\windows\system32\ptpusd.dll
2009-12-15 19:05 . 2009-12-15 19:05 -------- d-----w- C:\My Downloads
2009-12-15 19:05 . 2009-12-15 19:07 -------- d-----w- c:\program files\BearShare
2009-12-15 18:57 . 2009-12-16 17:01 -------- d-----w- c:\documents and settings\Administrator\Dane aplikacji\BearShareTb
2009-12-15 18:57 . 2009-12-15 18:57 -------- d-----w- c:\program files\BearShareTb
2009-12-15 18:06 . 2009-12-15 18:06 -------- d--h--w- c:\documents and settings\All Users\Dane aplikacji\CanonBJ
2009-12-15 18:06 . 2008-02-06 04:00 216064 ----a-w- c:\windows\system32\CNMLM8S.DLL
2009-12-15 18:06 . 2007-03-19 04:00 69632 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPP8S.DLL
2009-12-15 18:06 . 2007-03-19 04:00 27136 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPD8S.DLL
2009-12-15 18:06 . 2009-12-15 18:06 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information
2009-12-15 18:05 . 2009-12-15 18:05 -------- d--h--w- c:\program files\CanonBJ
2009-12-14 20:16 . 2004-08-03 22:08 25600 -c--a-w- c:\windows\system32\dllcache\usbser.sys
2009-12-14 20:16 . 2004-08-03 22:08 25600 ----a-w- c:\windows\system32\drivers\usbser.sys
2009-12-12 18:21 . 2004-08-04 00:44 25600 ----a-w- c:\documents and settings\LocalService\Dane aplikacji\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2009-12-12 18:01 . 2009-12-12 18:01 -------- d-----w- c:\program files\Thomson
2009-12-12 17:33 . 2004-06-22 20:06 1040384 ----a-w- c:\windows\system32\GnucCOM.dll
2009-12-12 17:33 . 2004-04-09 16:12 1040384 ----a-w- c:\windows\system32\GnucDNA.dll
2009-12-12 05:48 . 2009-12-12 05:48 -------- d-----w- c:\program files\MSXML 6.0
2009-12-12 05:48 . 2009-12-12 05:48 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2009-12-11 18:24 . 2009-12-11 18:24 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE
2009-12-11 11:01 . 2009-12-11 11:01 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2009-12-11 10:26 . 2009-10-29 07:43 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-12-11 10:26 . 2009-10-29 07:43 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2009-12-11 10:26 . 2009-10-29 07:43 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2009-12-11 10:26 . 2009-10-29 07:43 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-12-11 10:26 . 2009-10-29 07:43 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2009-12-11 10:26 . 2009-10-29 07:43 11069952 -c----w- c:\windows\system32\dllcache\ieframe.dll
2009-12-11 10:26 . 2009-12-11 10:26 -------- d-----w- c:\windows\ie8updates
2009-12-11 10:26 . 2009-10-02 04:44 92160 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-12-11 10:25 . 2009-12-11 10:26 -------- d-----w- c:\windows\system32\pl-PL
2009-12-11 10:25 . 2009-12-11 10:25 -------- dc-h--w- c:\windows\ie8
2009-12-10 13:08 . 2009-12-10 13:14 -------- d-----w- c:\documents and settings\Administrator\Ustawienia lokalne\Dane aplikacji\Painkiller Resurrection
2009-12-09 13:15 . 2009-12-09 13:15 -------- d-----w- c:\windows\ServicePackFiles
2009-12-09 11:26 . 2009-12-09 11:26 -------- d-----w- c:\program files\directx
2009-12-09 09:41 . 2009-08-04 17:07 2181632 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2009-12-09 09:41 . 2009-08-04 17:07 2059008 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2009-12-09 09:41 . 2009-08-04 17:07 2137600 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-12-09 09:41 . 2009-08-04 17:07 2017280 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2009-12-09 09:18 . 2009-12-14 09:07 -------- d--h--w- c:\windows\$hf_mig$
2009-12-09 09:15 . 2009-12-09 09:15 -------- d-----w- c:\program files\Nowe Gadu-Gadu
2009-12-08 22:58 . 2004-08-03 22:10 38016 -c--a-w- c:\windows\system32\dllcache\bthmodem.sys
2009-12-08 22:58 . 2004-08-03 22:10 38016 ----a-w- c:\windows\system32\drivers\bthmodem.sys
2009-12-08 22:53 . 2004-08-03 21:58 100992 -c--a-w- c:\windows\system32\dllcache\bthpan.sys
2009-12-08 22:53 . 2004-08-03 21:58 100992 ----a-w- c:\windows\system32\drivers\bthpan.sys
2009-12-08 22:53 . 2004-08-03 22:10 59648 -c--a-w- c:\windows\system32\dllcache\rfcomm.sys
2009-12-08 22:53 . 2004-08-03 22:10 59648 ----a-w- c:\windows\system32\drivers\rfcomm.sys
2009-12-08 22:53 . 2004-08-03 22:10 17024 -c--a-w- c:\windows\system32\dllcache\bthenum.sys
2009-12-08 22:53 . 2004-08-03 22:10 17024 ----a-w- c:\windows\system32\drivers\BthEnum.sys
2009-12-08 22:53 . 2008-06-14 18:01 273024 -c--a-w- c:\windows\system32\dllcache\bthport.sys
2009-12-08 22:53 . 2008-06-14 18:01 273024 ----a-w- c:\windows\system32\drivers\bthport.sys
2009-12-08 22:53 . 2004-08-03 22:10 18944 -c--a-w- c:\windows\system32\dllcache\bthusb.sys
2009-12-08 22:53 . 2004-08-03 22:10 18944 ----a-w- c:\windows\system32\drivers\BTHUSB.SYS
2009-12-08 21:10 . 2009-12-08 21:10 -------- d-----w- c:\documents and settings\Administrator\Dane aplikacji\Gadu-Gadu
2009-12-08 20:51 . 2009-12-08 20:51 -------- d-----w- c:\documents and settings\Administrator\Ustawienia lokalne\Dane aplikacji\PunkBuster
2009-12-08 20:44 . 2001-05-24 14:00 306688 ----a-w- c:\windows\IsUninst.exe
2009-12-08 20:41 . 2009-12-08 20:41 -------- d-sh--w- c:\documents and settings\Administrator\UserData
2009-12-08 20:41 . 2009-12-08 20:41 -------- d-----w- c:\documents and settings\NetworkService\Dane aplikacji\Xfire
2009-12-08 20:40 . 2009-12-19 20:34 -------- d-----w- c:\documents and settings\Administrator\Dane aplikacji\Xfire
2009-12-08 20:40 . 2009-12-19 10:51 -------- d-----w- c:\program files\Xfire
2009-12-08 20:32 . 2005-05-26 14:34 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll
2009-12-08 20:31 . 2009-12-21 22:35 138576 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-12-08 20:31 . 2009-12-08 20:31 22328 ----a-w- c:\documents and settings\Administrator\Dane aplikacji\PnkBstrK.sys
2009-12-08 20:31 . 2009-12-23 20:42 215104 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-12-08 20:31 . 2009-12-16 15:42 -------- d-----w- c:\windows\system32\LogFiles
2009-12-08 20:31 . 2009-12-08 20:52 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-12-08 19:46 . 2009-12-25 16:57 -------- d-----w- c:\documents and settings\Administrator\Gadu-Gadu
2009-12-08 19:45 . 2009-12-08 19:45 -------- d-----w- c:\program files\Gadu-Gadu
2009-12-08 18:56 . 2009-01-07 17:21 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2009-12-08 18:45 . 2004-08-03 22:01 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2009-12-08 18:45 . 2004-08-03 22:01 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2009-12-08 18:45 . 2004-08-03 21:58 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2009-12-08 18:45 . 2004-08-03 21:58 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2009-12-08 18:41 . 2004-08-03 22:08 31616 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2009-12-08 18:41 . 2004-08-03 22:08 31616 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2009-12-08 17:12 . 2009-12-08 20:22 -------- d-----w- c:\program files\Common Files\Symantec Shared
2009-12-08 17:09 . 2009-12-08 20:22 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Norton
2009-12-08 17:09 . 2009-12-08 17:09 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Symantec
2009-12-08 17:09 . 2009-12-08 17:09 -------- d-----w- c:\program files\NortonInstaller
2009-12-08 17:09 . 2009-12-08 17:09 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\NortonInstaller
2009-12-08 15:19 . 2009-12-08 15:19 98304 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-12-08 15:11 . 2009-12-08 15:11 -------- d-----w- c:\program files\Sierra
2009-12-08 14:09 . 2009-12-12 18:49 -------- d-----w- c:\documents and settings\Administrator\Dane aplikacji\Nowe Gadu-Gadu
2009-12-08 09:31 . 2009-12-29 19:06 -------- d-----w- c:\windows\system32\Adobe
2009-12-08 09:21 . 2009-12-08 09:21 -------- d-----w- c:\documents and settings\LocalService\Dane aplikacji\WTablet
2009-12-07 17:15 . 2009-12-07 17:15 -------- d-----w- c:\program files\Bonjour
2009-12-07 17:09 . 2009-12-07 17:09 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2009-12-07 17:09 . 2009-12-29 20:11 -------- d-----w- c:\documents and settings\Administrator\Dane aplikacji\WTablet
2009-12-07 17:08 . 2004-08-03 23:44 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2009-12-07 17:08 . 2004-08-03 23:44 21504 ----a-w- c:\windows\system32\hidserv.dll
2009-12-07 17:08 . 2004-08-03 23:38 14848 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys
2009-12-07 17:08 . 2004-08-03 23:38 14848 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2009-12-07 17:08 . 2007-02-16 00:11 11440 ----a-w- c:\windows\system32\drivers\WacomVKHid.sys
2009-12-07 17:08 . 2007-02-16 19:12 11312 ----a-w- c:\windows\system32\drivers\wacommousefilter.sys
2009-12-07 17:08 . 2007-02-16 18:30 12848 ----a-w- c:\windows\system32\drivers\wacomvhid.sys
2009-12-07 17:08 . 2009-12-07 17:08 -------- d-----w- c:\windows\system32\WTablet
2009-12-07 17:08 . 2007-09-07 18:20 181544 ------w- c:\windows\system32\Wintab32.dll
2009-12-07 17:08 . 2007-09-07 18:40 1373480 ------w- c:\windows\system32\Wacom_Tablet.exe
2009-12-07 17:08 . 2007-09-07 18:33 128296 ------w- c:\windows\system32\Wacom_Tablet.dll
2009-12-07 17:08 . 2009-12-07 17:08 -------- d-----w- c:\program files\Tablet
2009-12-05 15:15 . 2009-12-16 15:46 -------- d-----w- c:\documents and settings\Administrator\Dane aplikacji\Moje pliki Bitwy o Śródziemie™ II
2009-12-05 14:27 . 2009-12-05 14:28 -------- d-----w- c:\documents and settings\Administrator\Dane aplikacji\Moje pliki gry Władca Pierścieni, Król Nazguli
2009-12-04 19:51 . 2009-12-04 19:51 -------- d-----w- c:\documents and settings\Administrator\Dane aplikacji\Media Player Classic
2009-12-04 19:44 . 2004-08-03 22:08 26496 -c--a-w- c:\windows\system32\dllcache\usbstor.sys

.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-29 19:10 . 2009-12-04 18:16 -------- d-----w- c:\program files\Common Files\Adobe
2009-12-29 18:14 . 2001-10-26 17:15 83660 ----a-w- c:\windows\system32\perfc015.dat
2009-12-29 18:14 . 2001-10-26 17:15 490284 ----a-w- c:\windows\system32\perfh015.dat
2009-12-17 07:24 . 2009-12-04 18:39 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-16 00:28 . 2009-12-04 17:51 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-12-15 18:53 . 2009-12-15 18:53 -------- d-----w- c:\documents and settings\LocalService\Dane aplikacji\Xfire
2009-12-12 18:01 . 2009-12-04 18:07 -------- d-----w- c:\program files\Common Files\InstallShield
2009-12-12 05:50 . 2009-12-12 05:50 -------- d-----w- c:\program files\MSBuild
2009-12-12 05:50 . 2009-12-12 05:50 -------- d-----w- c:\program files\Reference Assemblies
2009-12-08 19:00 . 2009-12-08 19:00 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2009-12-08 18:56 . 2009-12-08 18:56 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2009-12-04 18:52 . 2009-12-04 18:52 -------- d-----w- c:\program files\Netia
2009-12-04 18:28 . 2009-12-04 18:28 0 ----a-w- c:\windows\nsreg.dat
2009-12-04 18:26 . 2009-12-04 18:26 -------- d-----w- c:\documents and settings\Administrator\Dane aplikacji\AdobeUM
2009-12-04 18:17 . 2009-12-04 18:16 -------- d-----w- c:\program files\NVIDIA Corporation
2009-12-04 18:17 . 2009-12-04 18:17 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-12-04 18:16 . 2009-12-04 18:16 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\NVIDIA Corporation
2009-12-04 18:14 . 2009-12-04 18:14 -------- d-----w- c:\program files\%temp&
2009-12-04 18:11 . 2009-12-04 18:11 -------- d-----w- c:\program files\ESET
2009-12-04 18:11 . 2009-12-04 18:11 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\ESET
2009-12-04 17:52 . 2009-12-04 17:52 -------- d-----w- c:\program files\microsoft frontpage
2009-12-04 17:51 . 2009-12-04 17:51 -------- d-----w- c:\program files\Usługi online
2009-12-04 17:49 . 2009-12-04 17:49 21856 ----a-w- c:\windows\system32\emptyregdb.dat
2009-11-30 19:33 . 2009-11-30 19:33 41872 ----a-w- c:\windows\system32\xfcodec.dll
2009-11-21 16:46 . 2004-08-04 00:43 470528 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-21 02:34 . 2009-12-04 18:15 69632 ----a-w- c:\windows\system32\OpenCL.dll
2009-11-21 02:34 . 2009-12-04 18:15 4038656 ----a-w- c:\windows\system32\nvcuda.dll
2009-11-21 02:34 . 2009-12-04 18:15 2259560 ----a-w- c:\windows\system32\nvcuvid.dll
2009-11-21 02:34 . 2009-12-04 18:15 1989224 ----a-w- c:\windows\system32\nvcuvenc.dll
2009-11-21 02:34 . 2009-12-04 18:15 182888 ----a-w- c:\windows\system32\nvcodins.dll
2009-11-21 02:34 . 2009-12-04 18:15 182888 ----a-w- c:\windows\system32\nvcod.dll
2009-11-21 02:34 . 2009-12-04 18:15 13602816 ----a-w- c:\windows\system32\nvoglnt.dll
2009-11-21 02:34 . 2009-12-04 18:15 11374592 ----a-w- c:\windows\system32\nvcompiler.dll
2009-11-21 02:34 . 2009-12-04 18:15 1056768 ----a-w- c:\windows\system32\nvapi.dll
2009-11-21 02:34 . 2009-12-04 18:15 10235968 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2009-11-21 02:34 . 2009-12-04 18:15 6282752 ----a-w- c:\windows\system32\nv4_disp.dll
2009-11-21 02:34 . 2009-12-04 18:15 2293286 ----a-w- c:\windows\system32\nvdata.bin
2009-11-19 20:42 . 2009-12-04 18:07 592488 ----a-w- c:\windows\system32\NVUNINST.EXE
2009-10-29 07:43 . 2004-08-04 00:44 916480 ----a-w- c:\windows\system32\wininet.dll
2009-10-21 06:03 . 2004-08-04 00:44 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 06:03 . 2004-08-04 00:44 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 14:58 . 2004-08-03 23:00 263552 ----a-w- c:\windows\system32\drivers\http.sys
2009-10-13 10:53 . 2004-08-04 00:44 267776 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:54 . 2004-08-04 00:44 69632 ----a-w- c:\windows\system32\raschap.dll
2009-10-12 13:54 . 2004-08-04 00:44 112640 ----a-w- c:\windows\system32\rastls.dll
.

((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0974BA1E-64EC-11DE-B2A5-E43756D89593}]
2009-08-10 14:06 91576 ----a-w- c:\program files\BearShareTb\BearShareDx.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{0974BA1E-64EC-11DE-B2A5-E43756D89593}"= "c:\program files\BearShareTb\BearShareDx.dll" [2009-08-10 91576]

[HKEY_CLASSES_ROOT\clsid\{0974ba1e-64ec-11de-b2a5-e43756d89593}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AutoConnect"="c:\program files\AutoConnect\AutoConnect.exe" [2006-12-02 310784]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-12-29 687560]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"WiseStubReboot"="MSIEXEC" [X]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-03-13 1443072]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-11-20 110184]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-11-20 12669544]
"CTSysVol"="c:\program files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [2005-10-31 57344]
"P17Helper"="P17.dll" [2005-05-03 64512]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 110592]
"SpeedTouch USB Diagnostics"="c:\program files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-01-26 866816]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360]

[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Menu Start^Programy^Autostart^siszyd32.exe]
path=c:\documents and settings\Administrator\Menu Start\Programy\Autostart\siszyd32.exe
backup=c:\windows\pss\siszyd32.exeStartup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BearShare]
2006-08-01 16:04 3313664 ----a-w- c:\program files\BearShare\BearShare.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg]
2000-05-11 00:00 90112 ------w- c:\windows\Updreg.EXE

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"f:\\Bitrwa O Śródziemie 2\\game.dat"=
"f:\\Bitwa o Śródziemie 2 Król Nazguli\\game.dat"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Sierra\\FEARCombat\\FEARMP.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"f:\\COD4\\iw3mp.exe"=
"c:\\Program Files\\Xfire\\Xfire.exe"=
"f:\\Bitrwa O Śródziemie 2\\patchget.dat"=
"c:\\Program Files\\BearShare\\BearShare.exe"=
"c:\\Program Files\\Nowe Gadu-Gadu\\gg.exe"=

R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2008-03-13 33800]
R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2008-03-13 472320]
R2 TabletServiceWacom;TabletServiceWacom;c:\windows\system32\Wacom_Tablet.exe [2009-12-07 1373480]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2009-12-04 717296]
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://search.bearshare.com/
uInternet Connection Wizard,ShellNext = hxxp://192.168.2.1/
FF - ProfilePath - c:\documents and settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\ejpavq3p.default\
FF - plugin: c:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - USUNIĘTO PUSTE WPISY - - - -

HKLM-Run-nwiz - nwiz.exe
MSConfigStartUp-cdoosoft - c:\docume~1\ADMINI~1\USTAWI~1\Temp\herss.exe
MSConfigStartUp-sysgif32 - c:\windows\TEMP\~TM244.tmp
MSConfigStartUp-Wru - c:\program files\Wru\Wru.exe
AddRemove-Soldier of Fortune Environment Libraries DM1 - d:\sof\UnealDM1.isu



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-29 21:14
Windows 5.1.2600 Dodatek Service Pack 2 NTFS

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ...

skanowanie pomyślnie ukończone
ukryte pliki: 0

**************************************************************************
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------

[HKEY_USERS\S-1-5-21-1292428093-1035525444-725345543-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,b5,61,74,31,95,b1,a2,4d,99,d8,55,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,b5,61,74,31,95,b1,a2,4d,99,d8,55,\
.
Czas ukończenia: 2009-12-29 21:15:45
ComboFix-quarantined-files.txt 2009-12-29 20:15

Przed: 1 734 545 408 bajtów wolnych
Po: 2 201 513 984 bajtów wolnych

- - End Of File - - 0E5E47795BAA67A7692501BB918B7A28




prosze jak by coś :)

Ale naprawdę podziałało nie wiem może to zbieg okoliczności, jednak działa.

W temacie:PS3, Xbox 360, Wii... plotki, mity i fakty.

29 December 2009 - 21:30 PM

A ja zapowiadam ze od jutra ponownie stanę się posiadaczem Xboxa 360 tyle ze Elite :) A i Velius przymierzam sie na D,Sa juz od 2 miesiecy :) widze ze coraz tańszy jest od premiery w USA cena doszła do normalnego pułapu, gdy gra była tylko w KKW ceny oscylowały w granicach 300 zł. Masz wersję USA czy Japońską? bo nie są kompatybilne z sobą :/.

W temacie:Prośba o sprawdzenie loga.

29 December 2009 - 21:24 PM

Cholera pomogło!! THX stary bo juz chciałem go przez okno wywalić. POZDRO dla ciebie i wesołego nowego roku :)