GIMP - [ROZ] Dziwne okienka w przeglądarce.. ?

Może ktoś wie czemu jak używam przeglądarki ( teraz Firefox, w Operze to samo jest) to otwierają mi się takie okienka jak na screenie. Wydaje mi się, że to jakiś virus, jak coś to log z Hijackthis mogę podrzucić.

Chodzi o te Advertisement

Kod:

Logfile of HijackThis v1.99.1
Scan saved at 00:02:24, on 2009-02-19
Platform: Windows XP SP3, v.3244 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)

Running processes:
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Pen_Tablet.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\WTablet\Pen_TabletUser.exe
C:\WINDOWS\system32\Pen_Tablet.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\A4Tech\Mouse\Amoumain.exe
C:\Program Files\Multimedia Keyboard Driver\M-KbdDrv.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\DAEMON Tools Pro\DTProAgent.exe
C:\WINDOWS\system32\ctfmon.exe
G:\Programy\OpenOffice\OpenOffice.ux.pl 3\program\soffice.exe
G:\Programy\OpenOffice\OpenOffice.ux.pl 3\program\soffice.bin
C:\Program Files\Nowe Gadu-Gadu 8\gg.exe
C:\Program Files\Nowe Gadu-Gadu 8\spellchecker_gg.exe
C:\Program Files\WinFast\WFTVFM\WFFM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\kleopatra\Pulpit\diagnostykaPC\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.googlc.pl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IE to GetRight Helper - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: &Tłumaczenie - {0D704FAD-66E9-4F0A-BFED-4F665770DDB3} - C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [MutlimediaKbdDriver] C:\Program Files\Multimedia Keyboard Driver\M-KbdDrv.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [C:\WINDOWS\system32\kdnfz.exe] C:\WINDOWS\system32\kdnfz.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [DelayedHelpSvc_MUI_Install_0415] "C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpSvc.exe" /MUI_install 0415 C:\WINDOWS\PCHealth\MUI\0415\pchdt_w3.cab
O4 - HKLM\..\RunOnce: [NSSInstallation] C:\WINDOWS\system32\Adobe\Shockwave 11\nssstub.exe /RunOnce
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: OpenOffice.ux.pl 3.0.lnk = G:\Programy\OpenOffice\OpenOffice.ux.pl 3\program\quickstart.exe
O8 - Extra context menu item: Adnotuj z Bamboo Link - C:\Program Files\Wacom\Bamboo Link\AnnotateWithErgo.html
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {B46B0919-62BA-4D99-A5C4-916B57A6805C} - C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll,-103 - {B46B0919-62BA-4D99-A5C4-916B57A6805C} - C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1177759891371
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su2/CTL_V02002/ocx/15030/CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{08F60E7B-785B-4E93-80C5-4DCF92E11551}: NameServer = 85.255.112.108;85.255.112.167
O17 - HKLM\System\CCS\Services\Tcpip\..\{ECCD1DE0-5570-4944-9AC5-1C8364589874}: NameServer = 85.255.112.108;85.255.112.167
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O20 - Winlogon Notify: MCPClient - C:\PROGRA~1\COMMON~1\Stardock\mcpstub.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Protection Technology - C:\WINDOWS\System32\appdrvrem01.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset  - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe (file missing)
O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\WINDOWS\system32\Pen_Tablet.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

Jakby to była tego kwestia to już bym sobie poradził... Skanowałem NOD32, reinstallowałem przeglądarki i zadek... Formatu nie chce na razie.. ale niedługo robię reinstall systemu, ale jeszcze chciałem pociągnąć na tym, więc liczę na jakieś rozwiązania..

//EDIT: Dorzucam loga z ComboFix'a, jak to pomoże, to dam znać, jak nie to będę czekał na pomoc i kombinował dalej

Kod:

ComboFix 09-02-18.01 - kleopatra 2009-02-19 19:48:54.1 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.3327.2923 [GMT 1:00]
Running from: c:\documents and settings\kleopatra\Pulpit\ComboFix.exe
AV: AVG 7.5.503 *On-access scanning enabled* (Outdated)
AV: System antywirusowy NOD32 2.70 *On-access scanning enabled* (Updated)
FW: Sygate Personal Firewall *enabled*
 * Created a new restore point
 * Resident AV is active

.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Common Files\companion wizard
C:\resycled
c:\windows\IE4 Error Log.txt
c:\windows\msskinner
c:\windows\system32\Dvbpws.dll
c:\windows\system32\kdnfz.exe
D:\Autorun.inf
D:\resycled

.
(((((((((((((((((((((((((   Files Created from 2009-01-19 to 2009-02-19  )))))))))))))))))))))))))))))))
.

2009-02-19 00:14 . 2009-02-19 00:14	<DIR>	d--------	c:\program files\Copernic Desktop Search - Home
2009-02-19 00:13 . 2009-02-19 00:13	<DIR>	d--------	c:\documents and settings\kleopatra\Dane aplikacji\Copernic
2009-02-18 19:25 . 2009-02-18 19:25	<DIR>	d--------	c:\program files\Seagate
2009-02-13 13:14 . 2009-02-13 13:14	<DIR>	d--------	C:\WTablet
2009-02-10 21:26 . 2008-10-10 04:52	4,379,984	--a------	c:\windows\system32\D3DX9_40.dll
2009-02-10 21:26 . 2008-10-10 04:52	2,036,576	--a------	c:\windows\system32\D3DCompiler_40.dll
2009-02-10 21:26 . 2008-10-27 10:04	514,384	--a------	c:\windows\system32\XAudio2_3.dll
2009-02-10 21:26 . 2008-10-10 04:52	452,440	--a------	c:\windows\system32\d3dx10_40.dll
2009-02-10 21:26 . 2008-10-27 10:04	235,856	--a------	c:\windows\system32\xactengine3_3.dll
2009-02-10 21:26 . 2008-10-27 10:04	70,992	--a------	c:\windows\system32\XAPOFX1_2.dll
2009-02-10 21:26 . 2008-10-27 10:04	23,376	--a------	c:\windows\system32\X3DAudio1_5.dll
2009-02-10 18:23 . 2009-02-10 20:52	<DIR>	d--------	c:\documents and settings\kleopatra\Dane aplikacji\U3
2009-02-08 00:28 . 2009-02-08 00:28	2,997,872	--a------	c:\windows\system32\drivers\appdrv01.sys
2009-02-08 00:28 . 2009-02-08 00:28	316,816	--a------	c:\windows\system32\appdrvrem01.exe
2009-02-07 23:28 . 2009-02-18 16:31	<DIR>	d--------	c:\documents and settings\kleopatra\Dane aplikacji\Dark Sector
2009-02-07 22:24 . 2009-02-07 22:24	<DIR>	d--------	c:\windows\system32\AGEIA
2009-02-07 22:24 . 2009-02-07 22:25	<DIR>	d--------	c:\program files\AGEIA Technologies
2009-02-07 22:05 . 2009-01-01 14:06	8,192	--a------	c:\windows\system32\drivers\FStarForce.sys
2009-02-05 21:12 . 2001-05-16 17:54	309,616	--a------	c:\windows\system32\wmv8dmod.dll
2009-02-05 21:12 . 2001-03-26 04:41	245,760	--a------	c:\windows\system32\mp4sds32.ax
2009-02-05 21:11 . 2001-12-19 15:47	49,152	---------	c:\windows\system32\TempDel.EXE
2009-02-05 21:11 . 2005-01-06 16:55	9,446	--a------	c:\windows\system32\drivers\WFIOCTL.sys
2009-02-05 21:11 . 2002-06-03 23:01	8,734	--a------	c:\windows\system32\WFSch.ICO
2009-02-05 21:10 . 2009-02-05 21:10	<DIR>	d--------	c:\documents and settings\administrator
2009-02-03 18:20 . 2007-10-30 18:41	96,384	--a------	c:\windows\system32\drivers\SETD.tmp
2009-02-03 18:10 . 2008-05-21 11:15	3,615,630	--a------	C:\TV2000 XP Expert_DV2000(x86).exe
2009-02-03 17:56 . 2007-10-30 18:41	96,384	--a------	c:\windows\system32\drivers\SET16.tmp
2009-02-03 17:47 . 2009-02-05 20:46	7,060	--a------	c:\documents and settings\kleopatra\FMCodec.dat
2009-02-03 17:45 . 2007-10-30 18:41	96,384	--a------	c:\windows\system32\drivers\SET2C.tmp
2009-02-02 22:08 . 2009-02-02 22:08	<DIR>	d--------	c:\documents and settings\All Users.WINDOWS\Dane aplikacji\Ulead Systems
2009-02-02 17:42 . 2009-02-03 17:37	7,060	--a------	c:\windows\FMCodec.dat
2009-02-02 17:31 . 2009-02-02 17:43	<DIR>	d--------	c:\documents and settings\kleopatra\Dane aplikacji\ArcSoft
2009-02-02 17:26 . 2009-02-14 22:06	<DIR>	d--------	C:\WinFast WorkArea
2009-02-02 17:25 . 2009-02-18 19:56	<DIR>	d--------	c:\program files\Common Files\ArcSoft
2009-02-02 17:25 . 2009-02-03 17:32	<DIR>	d--------	c:\documents and settings\All Users.WINDOWS\Dane aplikacji\ArcSoft
2009-02-02 17:24 . 2009-02-05 21:12	<DIR>	d--------	c:\program files\Common Files\Ulead Systems
2009-02-02 17:23 . 2009-02-18 19:55	<DIR>	d--------	c:\program files\WinFast
2009-02-02 17:22 . 2007-10-30 18:41	96,384	--a------	c:\windows\system32\drivers\SET6C.tmp
2009-02-02 16:57 . 2009-02-05 21:11	<DIR>	d--------	c:\windows\system32\WinFast
2009-02-02 16:57 . 2009-02-02 16:57	<DIR>	d--------	c:\program files\Leadtek Research Inc
2009-02-02 16:57 . 2006-10-18 11:37	162,944	--a------	c:\windows\system32\drivers\cx88vid.sys
2009-02-02 16:57 . 2006-10-18 11:37	50,816	--a------	c:\windows\system32\drivers\cx88tune.sys
2009-02-02 16:57 . 2006-10-18 11:38	9,728	--a------	c:\windows\system32\drivers\cxavxbar.sys
2009-02-02 16:51 . 2007-10-30 18:41	96,384	--a------	c:\windows\system32\drivers\SET3A.tmp
2009-02-02 16:48 . 2007-10-30 18:41	96,384	--a------	c:\windows\system32\drivers\SET33.tmp
2009-02-02 16:48 . 2007-10-30 18:41	96,384	--a------	c:\windows\system32\drivers\SET2B.tmp
2009-02-02 15:38 . 2007-10-30 18:41	96,384	--a------	c:\windows\system32\drivers\SET25.tmp
2009-02-02 15:38 . 2007-10-30 18:41	96,384	--a------	c:\windows\system32\drivers\SET15.tmp
2009-01-31 02:04 . 2009-01-31 02:04	<DIR>	d--------	c:\documents and settings\kleopatra\Dane aplikacji\OpenOffice.ux.pl
2009-01-31 02:03 . 2009-01-31 02:03	<DIR>	d--------	c:\program files\Ux Systems
2009-01-30 20:55 . 2007-10-30 18:41	96,384	--a------	c:\windows\system32\drivers\SET1F.tmp
2009-01-30 20:54 . 2007-10-30 18:41	96,384	--a------	c:\windows\system32\drivers\SETA.tmp
2009-01-30 20:43 . 2007-10-30 18:41	96,384	--a------	c:\windows\system32\drivers\SET2A.tmp
2009-01-30 20:42 . 2007-10-30 18:41	96,384	--a------	c:\windows\system32\drivers\SET1E.tmp
2009-01-26 21:24 . 2009-01-26 21:25	<DIR>	d--------	c:\documents and settings\kleopatra\Dane aplikacji\Crayon Physics Deluxe
2009-01-24 22:21 . 2007-10-30 18:41	96,384	--a------	c:\windows\system32\drivers\SET26.tmp
2009-01-24 22:20 . 2007-10-30 18:41	96,384	--a------	c:\windows\system32\drivers\SET1D.tmp
2009-01-24 21:22 . 2009-01-24 21:22	<DIR>	d--------	c:\program files\MSECache

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-19 18:55	---------	d-----w	c:\documents and settings\kleopatra\Dane aplikacji\WTablet
2009-02-19 18:42	---------	d-----w	c:\documents and settings\kleopatra\Dane aplikacji\AIMP
2009-02-19 15:26	22,328	----a-w	c:\windows\system32\drivers\PnkBstrK.sys
2009-02-18 22:35	---------	d--h--w	c:\program files\InstallShield Installation Information
2009-02-18 22:30	---------	d-----w	c:\program files\Executive Software
2009-02-18 21:43	---------	d-----w	c:\program files\Windows Desktop Search
2009-02-18 21:43	---------	d-----w	c:\program files\VDMSound
2009-02-18 21:43	---------	d-----w	c:\documents and settings\LocalService.ZARZĄDZANIE NT\Dane aplikacji\WTablet
2009-02-18 21:19	---------	d-----w	c:\program files\TuneUp Utilities 2007
2009-02-18 21:17	---------	d-----w	c:\program files\eMule
2009-02-18 21:17	---------	d-----w	c:\documents and settings\kleopatra\Dane aplikacji\Azureus
2009-02-18 20:50	---------	d-----w	c:\program files\VideoLAN
2009-02-18 19:17	---------	d-----w	c:\program files\Nowe Gadu-Gadu 8
2009-02-18 19:09	---------	d-----w	c:\program files\Gadu-Gadu
2009-02-18 19:03	---------	d-----w	c:\documents and settings\kleopatra\Dane aplikacji\MSN6
2009-02-18 18:54	---------	d---a-w	c:\documents and settings\All Users.WINDOWS\Dane aplikacji\TEMP
2009-02-18 18:53	---------	d-----w	c:\program files\Common Files\Wise Installation Wizard
2009-02-18 18:45	---------	d-----w	c:\program files\MagicISO
2009-02-18 18:44	---------	d-----w	c:\program files\Sferia
2009-02-18 18:34	---------	d-----w	c:\program files\Azureus
2009-02-16 21:48	---------	d-----w	c:\program files\SubEdit-Player
2009-02-13 00:06	---------	d-----w	c:\program files\Mozilla Thunderbird
2009-02-04 15:59	---------	d-----w	c:\documents and settings\All Users.WINDOWS\Dane aplikacji\PC Suite
2009-02-03 19:46	---------	d-----w	c:\program files\MoorHunt
2009-02-03 15:27	---------	d-----w	c:\documents and settings\kleopatra\Dane aplikacji\gtk-2.0
2009-01-31 01:01	---------	d-----w	c:\program files\OpenOffice.ux.pl 2.1.0
2009-01-31 00:59	---------	d-----w	c:\program files\Java
2009-01-31 00:53	---------	d-----w	c:\documents and settings\kleopatra\Dane aplikacji\OpenOffice.ux.pl2
2009-01-07 17:37	---------	d-----w	c:\program files\NAPI-PROJEKT
2009-01-06 01:46	---------	d-----w	c:\documents and settings\kleopatra\Dane aplikacji\Nowe Gadu-Gadu
2009-01-02 18:56	---------	d-----w	c:\program files\DOSBox-0.63
2009-01-01 19:38	---------	d-----w	c:\documents and settings\kleopatra\Dane aplikacji\Skype
2008-12-30 11:34	4,501	----a-w	c:\windows\gdrv.sys
2008-12-24 21:24	---------	d-----w	c:\documents and settings\kleopatra\Dane aplikacji\Bamboo Scribe
2008-12-24 20:07	---------	d-----w	c:\program files\Tablet
2008-12-24 19:49	---------	d-----w	c:\documents and settings\kleopatra\Dane aplikacji\Ergo
2008-12-24 19:40	---------	d-----w	c:\program files\Bamboo Scribe 2.6
2008-12-24 19:38	---------	d-----w	c:\program files\Wacom
2008-12-24 19:37	---------	d-----w	c:\program files\Microsoft SQL Server Compact Edition
2008-12-24 19:27	---------	d-----w	c:\program files\Common Files\Adobe AIR
2008-12-24 19:05	---------	d-----w	c:\program files\PenLauncher
2008-12-24 13:24	---------	d-----w	c:\documents and settings\kleopatra\Dane aplikacji\Systweak
2008-12-06 23:43	81,920	----a-w	c:\documents and settings\kleopatra\Dane aplikacji\ezpinst.exe
2008-12-06 23:43	47,360	----a-w	c:\documents and settings\kleopatra\Dane aplikacji\pcouffin.sys
2008-11-25 23:13	22,328	----a-w	c:\documents and settings\kleopatra\Dane aplikacji\PnkBstrK.sys
2008-10-04 18:36	56	--sh--r	c:\windows\system32\7E5D3E316D.sys
2007-09-29 21:16	23	--sha-w	c:\windows\system32\fcdcdcb_g.dll
2008-10-04 18:36	5,852	--sha-w	c:\windows\system32\KGyGaAvL.sys
2008-03-24 11:25	32,768	--sha-w	c:\windows\system32\config\systemprofile\Ustawienia lokalne\Historia\History.IE5\MSHist012008032420080325\index.dat
2008-03-24 11:25	32,768	--sha-w	c:\windows\system32\config\systemprofile\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat
.

------- Sigcheck -------

2007-01-04 15:05  667648  b9cd00815effa790279a1d2f0d07323f	c:\windows\$hf_mig$\KB928090\SP2QFE\wininet.dll
2007-02-19 16:23  668160  f3d9666793b8c21ef3101d367de29519	c:\windows\$hf_mig$\KB931768\SP2QFE\wininet.dll
2007-04-18 13:46  668160  96e30dc9bf788de16a305e52fcac47ef	c:\windows\$hf_mig$\KB933566\SP2QFE\wininet.dll
2007-06-26 15:53  668160  d3f572c8f0e4e1036bb730820c3830bb	c:\windows\$hf_mig$\KB937143\SP2QFE\wininet.dll
2007-08-22 13:58  668160  07608337038c78cdaba8650089837a58	c:\windows\$hf_mig$\KB939653\SP2QFE\wininet.dll
2007-10-11 07:11  668672  334d5a77651092b0d0ee79dd9e194517	c:\windows\$hf_mig$\KB942615\SP2QFE\wininet.dll
2007-10-11 00:41  825344  8789f8f08dea02d93e1fdc9d93e73b54	c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\wininet.dll
2007-12-07 02:58  825344  fc62b038aba1fdb8ba3d7c44cb487beb	c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\wininet.dll
2004-08-03 23:44  658944  d37dafb534ac8343d59a1b501abe852c	c:\windows\$NtUninstallKB928090$\wininet.dll
2007-01-04 14:58  661504  88d99579dc0a7bf56a7f875a078c66e0	c:\windows\$NtUninstallKB931768$\wininet.dll
2007-02-19 16:05  661504  7e74aedaac9627358c3533b0837a6f36	c:\windows\$NtUninstallKB933566$\wininet.dll
2007-04-18 13:32  661504  15c3e2aa84ba723157cc1fb23cff659c	c:\windows\$NtUninstallKB937143$\wininet.dll
2007-06-26 15:15  661504  3a4a2cd6f223f0c83ad68e6a4c566ffb	c:\windows\$NtUninstallKB939653$\wininet.dll
2007-08-22 14:19  661504  ec234cc41563be7778fff21512cb0d7a	c:\windows\$NtUninstallKB942615$\wininet.dll
2007-10-11 07:14  662016  242d9348069784fd3de7674516993a81	c:\windows\ie7\wininet.dll
2007-08-13 18:54  818688  a4a0fc92358f39538a6494c42ef99fe9	c:\windows\ie7updates\KB942615-IE7\wininet.dll
2007-10-11 00:52  824832  21af9692c43e6e5f02422026e20886aa	c:\windows\ie7updates\KB944533-IE7\wininet.dll
2007-10-31 00:32  666112  fcd4c436984c50f5d4f99c69f8206009	c:\windows\ServicePackFiles\i386\wininet.dll
2007-10-11 00:52  824832  21af9692c43e6e5f02422026e20886aa	c:\windows\SoftwareDistribution\Download\7c59664e8f072792fae12507a79e3ff9\SP2GDR\wininet.dll
2007-10-11 00:41  825344  8789f8f08dea02d93e1fdc9d93e73b54	c:\windows\SoftwareDistribution\Download\7c59664e8f072792fae12507a79e3ff9\SP2QFE\wininet.dll
2007-12-07 03:14  824832  01412a2abd1154b25d4f5b5450585bb3	c:\windows\system32\wininet.dll
2007-12-07 03:14  824832  01412a2abd1154b25d4f5b5450585bb3	c:\windows\system32\dllcache\wininet.dll
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Pro Agent"="c:\program files\DAEMON Tools Pro\DTProAgent.exe" [2007-09-06 136136]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2007-10-31 15360]
"Copernic Desktop Search - Home"="c:\program files\Copernic Desktop Search - Home\DesktopSearchService.exe" [2008-12-11 1588224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmcService"="c:\progra~1\Sygate\SPF\smc.exe" [2004-10-15 2577632]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2007-11-07 949376]
"WheelMouse"="c:\program files\A4Tech\Mouse\Amoumain.exe" [2006-12-26 196608]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2006-11-17 77824]
"MutlimediaKbdDriver"="c:\program files\Multimedia Keyboard Driver\M-KbdDrv.exe" [2007-04-18 1617920]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-02 13680640]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2008-06-19 570664]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-02 86016]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"RTHDCPL"="RTHDCPL.EXE" [2006-05-27 c:\windows\RTHDCPL.EXE]
"SkyTel"="SkyTel.EXE" [2006-05-16 c:\windows\SkyTel.exe]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2007-10-31 c:\windows\system32\bthprops.cpl]
"nwiz"="nwiz.exe" [2008-12-02 c:\windows\system32\nwiz.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NSSInstallation"="c:\windows\system32\Adobe\Shockwave 11\nssstub.exe" [2008-12-19 181624]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2007-10-31 15360]

c:\documents and settings\kleopatra\Menu Start\Programy\Autostart\
OpenOffice.ux.pl 3.0.lnk - g:\programy\OpenOffice\OpenOffice.ux.pl 3\program\quickstart.exe [2008-10-18 17408]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoLowDiscSpaceChecks"= 000000000000f03f

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="c:\documents and settings\All Users.WINDOWS\Dane aplikacji\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\MCPClient]
2005-01-31 13:13 49152 c:\progra~1\COMMON~1\stardock\MCPStub.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.XFR1"= xfcodec.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages	REG_MULTI_SZ   	msv1_0 nwprovau

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"PcSync"=c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
"Creative WebCam Tray"="c:\program files\Creative\Shared Files\CamTray.exe"
"DAEMON Tools Pro Agent"="c:\program files\DAEMON Tools Pro\DTProAgent.exe"
"Wru"=c:\program files\Wru\Wru.exe
"Nowe Gadu-Gadu"="c:\program files\Nowe Gadu-Gadu 8\gg.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"PCSuiteTrayApplication"=c:\progra~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -onlytray
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_05\bin\jusched.exe"
"NeroFilterCheck"=c:\program files\Common Files\Nero\Lib\NeroCheck.exe
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe"
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"NSLauncher"=c:\program files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" -start
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\Xfire\\xfire.exe"=
"c:\\Program Files\\Gadu-Gadu\\gg.exe"=
"c:\\Program Files\\Sierra\\FEARCombat\\FEARMP.exe"=
"c:\\Program Files\\Opera\\Opera.exe"=
"c:\\Program Files\\Sierra\\FEARCombat\\FEARServer.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"g:\\Gry\\PoP\\Prince of Persia.exe"=
"g:\\Gry\\PoP\\PrinceOfPersia_Launcher.exe"=
"g:\\Gry\\Burnout Paradise\\BurnoutLauncher.exe"=
"g:\\Gry\\Burnout Paradise\\BurnoutConfigTool.exe"=
"g:\\Gry\\Burnout Paradise\\BurnoutParadise.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"10149:TCP"= 10149:TCP:BitComet 10149 TCP
"10149:UDP"= 10149:UDP:BitComet 10149 UDP
"6119:TCP"= 6119:TCP:BitComet 6119 TCP
"6119:UDP"= 6119:UDP:BitComet 6119 UDP
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017

R1 appdrv01;Application Driver (01);c:\windows\system32\drivers\appdrv01.sys [2009-02-08 2997872]
R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2007-11-07 15424]
R2 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe [2008-12-24 1373480]
R3 FStarForce;FStarForce;c:\windows\system32\drivers\FStarForce.sys [2009-02-07 8192]
R3 V0260VID;Live! Cam Vista IM;c:\windows\system32\drivers\V0260Vid.sys [2007-08-31 178913]
S2 appdrvrem01;Application Driver Auto Removal Service (01);c:\windows\System32\appdrvrem01.exe svc --> c:\windows\System32\appdrvrem01.exe svc [?]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\adusbser.sys --> c:\windows\system32\DRIVERS\adusbser.sys [?]
S3 Ndisprot;ArcNet NDIS Protocol Driver;c:\windows\system32\drivers\ndisprot.sys [2008-10-24 27904]
S3 WFIOCTL;WFIOCTL;c:\program files\WinFast\WFTVFM\WFIOCTL.sys [2009-02-05 9446]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c58329ad-a072-11dd-8ef5-0016e684c3fe}]
\Shell\AutoRun\command - G:\Launcher.exe
.
Contents of the 'Scheduled Tasks' folder

2009-02-13 c:\windows\Tasks\1-Klick-Wartung.job
- c:\program files\TuneUp Utilities 2007\SystemOptimizer.exe [2006-11-23 16:46]

2009-02-13 c:\windows\Tasks\1-Klik Konserwacja.job
- c:\program files\TuneUp Utilities 2007\SystemOptimizer.exe [2006-11-23 16:46]

2009-02-19 c:\windows\Tasks\NSSstub.job
- c:\windows\system32\Adobe\Shockwave 11\nssstub.exe [2008-12-19 12:34]
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-c:\windows\system32\kdnfz.exe - c:\windows\system32\kdnfz.exe


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.googlc.pl
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uInternet Settings,ProxyOverride = *.local
IE: Adnotuj z Bamboo Link - c:\program files\Wacom\Bamboo Link\AnnotateWithErgo.html
IE: Download with GetRight - c:\program files\GetRight\GRdownload.htm
IE: Open with GetRight Browser - c:\program files\GetRight\GRbrowse.htm
IE: {{B46B0919-62BA-4D99-A5C4-916B57A6805C} - {B46B0919-62BA-4D99-A5C4-916B57A6805C} - c:\program files\Techland\Common\InternetTranslator\InternetTranslator.dll
LSP: c:\windows\system32\imon.dll
FF - ProfilePath - c:\documents and settings\kleopatra\Dane aplikacji\Mozilla\Firefox\Profiles\6yb88f8l.default\
FF - prefs.js: browser.search.selectedEngine - GooglePL
FF - prefs.js: browser.startup.homepage - hxxp://www.googlc.pl/
FF - prefs.js: keyword.URL - hxxp://www.googlc.pl/search/?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF - component: c:\program files\Copernic Desktop Search - Home\FirefoxConnector\components\CSPXPCOMBridge.dll
FF - component: c:\program files\Copernic Desktop Search - Home\Toolbar\FirefoxContainer\components\CCLCXPCOMBridge.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPBILLARD8.dll
FF - plugin: c:\program files\Opera\program\plugins\nppl3260.dll
FF - plugin: c:\program files\Opera\program\plugins\npqtplugin8.dll
FF - plugin: c:\program files\Opera\program\plugins\nprpjplug.dll

---- FIREFOX POLICIES ----
FF - user.js: network.http.max-connections-per-server - 6
FF - user.js: network.http.max-persistent-connections-per-server - 3
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.interval - 750000
FF - user.js: nglayout.initialpaint.delay - 750
FF - user.js: browser.startup.homepage - hxxp://www.googlc.pl/



FF - user.js: browser.search.selectedEngine - GooglePL
FF - user.js: keyword.URL - hxxp://www.googlc.pl/search/?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=

.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-19 19:55:25
Windows 5.1.2600 Service Pack 3, v.3244 NTFS

scanning hidden processes ...  

scanning hidden autostart entries ... 

scanning hidden files ...  

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\vsdatant]
"ImagePath"=""
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-436374069-2052111302-725345543-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-436374069-2052111302-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{C766B0AB-489E-98EC-E296-AD693F5D94ED}*]
"oagfpdbbekegidaekchajmebhaejjb"=hex:6a,61,6d,66,70,64,66,68,6c,6c,6a,6b,64,6b,
   6b,67,6a,61,68,64,00,80
"pameneakioghhcdhfmmkaeldggchijak"=hex:6b,61,6a,66,64,66,68,67,6a,70,6b,63,69,
   6e,62,63,66,69,62,6e,61,6e,00,00

[HKEY_USERS\S-1-5-21-436374069-2052111302-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:85,75,33,4c,30,1b,1a,af,23,d0,f3,d0,90,1c,de,f4,c5,c6,b9,eb,68,3c,01,
   54,9f,df,7b,ec,4a,2b,87,48,8e,0c,a6,4f,f7,59,0c,e8,9e,a8,f6,4a,79,62,5c,5d,\
"??"=hex:bd,5a,72,d0,79,22,66,4d,33,a1,25,a5,b1,d5,bf,71

[HKEY_USERS\S-1-5-21-436374069-2052111302-725345543-1003\Software\SecuROM\License information*]
"datasecu"=hex:49,ae,d0,d7,df,78,72,cd,9a,b7,2c,82,ea,2f,02,ab,ad,67,7c,21,8d,
   06,17,3c,f1,08,1b,5d,45,09,52,89,a2,08,78,17,f5,7b,de,91,70,49,78,ed,f4,e8,\
"rkeysecu"=hex:74,5d,35,62,6b,96,75,25,d6,71,c8,b9,b6,41,4c,92
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(804)
c:\progra~1\COMMON~1\Stardock\mcpstub.dll

- - - - - - - > 'lsass.exe'(860)
c:\windows\system32\imon.dll
c:\program files\Eset\pr_imon.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Sygate\SPF\Smc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\program files\Eset\nod32krn.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\IoctlSvc.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\windows\system32\WTablet\Pen_TabletUser.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\rundll32.exe
g:\programy\OpenOffice\OpenOffice.ux.pl 3\program\soffice.exe
g:\programy\OpenOffice\OpenOffice.ux.pl 3\program\soffice.bin
.
**************************************************************************
.
Completion time: 2009-02-19 19:59:22 - machine was rebooted
ComboFix-quarantined-files.txt  2009-02-19 18:59:20

Pre-Run: 16,283,721,728 bytes free
Post-Run: 16,597,172,224 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="1"
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="1" normal
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="1" 1
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS=""
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /usepmtimer /TUTag=XKXHK9 /NoExecute=OptIn /Kernel=TUKernel.exe
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional (TuneUp-Kopia Bezpieczeństwa)" /fastdetect /usepmtimer /TUTag=XKXHK9-BAK /NoExecute=OptIn

371	--- E O F ---	2008-07-27 21:49:07

Witamy, Gość. Zaloguj się lub zarejestruj.Czy dotarł do Ciebie email aktywacyjny?

Witamy, Gość. Zaloguj się lub zarejestruj.
Czy dotarł do Ciebie email aktywacyjny?