ComboFix.txt

Brak dostępu do internetu - log combofix do sprawdzenia

Od około 2 tygodni nie mam dostępu do internetu blueconnect. Problem jest taki, że podłącza się prawidlowo, jest dostęp lokalne i internet, ale nie mogę otworzyć żadnej strony ani połączyć się z komunikatorem. Myślałam, że to od nich, więc dzwoniłam i oddalam modem na gwarancję. Teraz próbowałam polączyć się z Orange siostry, też przez bezprzewodowy modem, i jest taki sam problem. A na laptopie siostry dziala bez zarzutow. Sprawdzalam komputer Nodem 32, AdAware i Spybotem i bez wirusów. Zrobiłam ComboFixem i wyszedł mi jakiś log, ale się nie znam... więc czy ktoś mógłby go sprawdzić, albo poradzić mi co się stało z moim kompem, że nie łączy się z internetem? (próbowałam podłączyć się też "na dziko" do sąsiada, ale też to samo, a zazwyczaj działało......) W załączniku daję loga z combofixa, jeśli to pomoże wam mi pomóc


ComboFix 09-07-01.04 - Agata 2009-07-02 19:19.8 - NTFSx86
Microsoft(R) Windows Vista™ Home Premium 6.0.6001.1.1250.1.1045.18.2045.1114 [GMT 2:00]
Uruchomiony z: J:\ComboFix.exe
SP: Lavasoft Ad-Watch Live! *disabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}
SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Usuni?to )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\Installer\WMEncoder.msi

.
((((((((((((((((((((((((( Pliki utworzone od 2009-06-02 do 2009-07-02 )))))))))))))))))))))))))))))))
.

2009-07-02 17:24 . 2009-07-02 17:24 -------- d-----w- c:\users\Agata\AppData\Local\temp
2009-06-22 13:45 . 2009-06-22 13:45 -------- d-----w- c:\programdata\Electronic Arts
2009-06-22 12:42 . 2009-06-22 12:42 0 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\threatwork.exe
2009-06-22 12:40 . 2009-06-22 12:40 25440 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\savapibridge.dll
2009-06-22 12:40 . 2009-06-22 12:40 169312 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\lavamessage.dll
2009-06-22 12:40 . 2009-06-22 12:40 348496 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\lavalicense.dll
2009-06-22 12:38 . 2009-06-22 12:38 1630048 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\Resources.dll
2009-06-22 12:34 . 2009-06-22 12:34 72704 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\Drivers\32\AAWDriverTool.exe
2009-06-22 12:33 . 2009-06-22 12:33 0 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\CEAPI.dll
2009-06-22 12:32 . 2009-06-22 12:32 565096 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\Ad-AwareAdmin.exe
2009-06-22 12:31 . 2009-06-22 12:31 2349384 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\Ad-Aware.exe
2009-06-22 12:29 . 2009-06-22 12:29 627536 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\AAWWSC.exe
2009-06-22 12:28 . 2009-06-22 12:28 518488 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\AAWTray.exe
2009-06-22 12:27 . 2009-06-22 12:27 1003344 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\AAWService.exe
2009-06-22 10:57 . 2009-06-22 10:57 10134 ----a-r- c:\users\Agata\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
2009-06-22 10:57 . 2009-06-22 10:57 -------- d-----w- c:\program files\Microsoft WSE
2009-06-22 10:57 . 2006-09-28 14:05 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll
2009-06-22 10:40 . 2009-06-22 12:06 -------- d-----w- c:\program files\Electronic Arts
2009-06-17 19:07 . 2009-06-17 19:07 -------- d-----w- c:\program files\Audacity
2009-06-16 11:14 . 2009-04-30 12:37 428544 ----a-w- c:\windows\system32\EncDec.dll
2009-06-16 11:14 . 2009-04-30 12:37 293376 ----a-w- c:\windows\system32\psisdecd.dll
2009-06-06 17:06 . 2004-08-18 08:34 442368 ----a-r- c:\windows\system32\vp6vfw.dll
2009-06-06 17:03 . 2009-06-06 17:03 -------- d-----w- c:\programdata\DAEMON Tools Lite
2009-06-06 17:02 . 2009-06-06 17:03 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2009-06-06 17:02 . 2009-06-06 17:03 -------- d-----w- c:\program files\DAEMON Tools Lite
2009-06-06 13:06 . 2009-06-06 13:06 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-06-06 13:05 . 2009-06-06 17:04 -------- d-----w- c:\users\Agata\AppData\Roaming\DAEMON Tools Lite
2009-06-06 12:22 . 2009-06-06 12:22 15688 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\lsdelete.exe
2009-06-06 12:22 . 2009-06-06 12:22 294240 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\UpdateManager.dll
2009-06-06 12:22 . 2009-06-06 12:22 83808 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\ShellExt.dll
2009-06-06 12:21 . 2009-06-06 12:21 212848 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\RPAPI.dll
2009-06-06 12:21 . 2009-06-06 12:21 40288 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\PrivacyClean.dll
2009-06-06 12:21 . 2009-06-06 12:21 540536 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\Ad-AwareCommand.exe

.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-02 17:03 . 2006-12-05 05:22 662056 ----a-w- c:\windows\system32\perfh015.dat
2009-07-02 17:03 . 2006-12-05 05:22 126908 ----a-w- c:\windows\system32\perfc015.dat
2009-06-29 16:33 . 2008-06-24 12:58 97727 ----a-w- c:\users\Agata\AppData\Roaming\nvModes.dat
2009-06-23 12:15 . 2008-08-27 07:18 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2009-06-23 10:06 . 2008-10-30 19:06 -------- d-----w- c:\program files\Common Files\Apple
2009-06-22 10:40 . 2007-08-16 11:39 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-21 15:25 . 2008-10-17 06:25 7592 ----a-w- c:\users\Agata\AppData\Local\d3d9caps.dat
2009-06-06 12:22 . 2009-04-25 13:40 15688 ----a-w- c:\windows\system32\lsdelete.exe
2009-06-01 03:49 . 2008-06-24 12:50 100040 ----a-w- c:\users\Agata\AppData\Local\GDIPFONTCACHEV1.DAT
2009-05-25 13:45 . 2009-05-25 13:45 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-05-25 13:45 . 2009-01-01 15:51 -------- d-----w- c:\program files\Java
2009-05-24 11:48 . 2009-05-24 11:48 2857 ----a-w- c:\programdata\Microsoft\Windows\Start Menu\Programs\Turbo Pascal 7\TPX.PIF
2009-05-24 11:48 . 2009-05-24 11:48 2857 ----a-w- c:\programdata\Microsoft\Windows\Start Menu\Programs\Turbo Pascal 7\Turbo Pascal 7.0.PIF
2009-05-24 08:19 . 2009-05-23 17:34 -------- d-----w- c:\users\Agata\AppData\Roaming\Broad Intelligence
2009-05-23 20:45 . 2009-05-23 20:45 -------- d-----w- c:\program files\Windows Media Components
2009-05-22 22:18 . 2008-10-01 16:49 -------- d-----w- c:\program files\NAPI-PROJEKT
2009-05-22 14:50 . 2009-05-22 14:50 -------- d-----w- c:\programdata\Pinnacle
2009-05-12 20:34 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-04-25 12:08 . 2009-04-25 12:20 64160 ----a-w- c:\windows\system32\drivers\Lbd.sys
2009-04-25 12:08 . 2009-04-25 12:08 64160 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\Drivers\32\lbd.sys
2009-04-24 16:05 . 2009-06-10 18:43 827904 ----a-w- c:\windows\system32\wininet.dll
2009-04-24 16:02 . 2009-06-10 18:43 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-04-24 13:44 . 2009-06-10 18:43 26624 ----a-w- c:\windows\system32\ieUnatt.exe
2009-04-23 13:15 . 2009-04-23 13:15 1134024 ----a-w- c:\users\Agata\AppData\Roaming\Mozilla\Firefox\Profiles\p88fm0lk.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
2009-04-23 12:43 . 2009-06-10 18:43 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2009-04-23 12:42 . 2009-06-10 18:43 636928 ----a-w- c:\windows\system32\localspl.dll
2009-04-21 11:55 . 2009-06-10 18:43 2033152 ----a-w- c:\windows\system32\win32k.sys
.

((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyœlne, prawid?owe wpisy nie s? pokazane
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
" SpybotSD TeaTimer " = " c:\program files\Spybot - Search & Destroy\TeaTimer.exe " [2009-01-26 2144088]
" Mobile Partner " = " c:\program files\blueconnect\blueconnect.exe " [2008-12-23 86016]
" DAEMON Tools Lite " = " c:\program files\DAEMON Tools Lite\daemon.exe " [2009-04-23 691656]
" ehTray.exe " = " c:\windows\ehome\ehTray.exe " [2008-01-19 125952]
" WMPNSCFG " = " c:\program files\Windows Media Player\WMPNSCFG.exe " [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
" eDataSecurity Loader " = " c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe " [2007-04-25 457216]
" BisonInst0402 " = " c:\windows\BR040286.exe " [2007-05-08 53248]
" eAudio " = " c:\acer\Empowering Technology\eAudio\eAudio.exe " [2007-06-11 1286144]
" PlayMovie " = " c:\program files\Acer Arcade Deluxe\Play Movie\PMVService.exe " [2007-05-24 206952]
" IAAnotif " = " c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe " [2007-03-21 174872]
" Apoint " = " c:\program files\Apoint2K\Apoint.exe " [2007-06-06 159744]
" CardDetectorICON225 " = " c:\program files\CardDetector\ICON225\CardDetector.exe " [2007-11-13 278528]
" BEWINTERNET-PL-IEWSessionManager " = " c:\program files\OrangeBS\BEWInternet-PL-IEW\SessionManager\SessionManager.exe " [2008-01-21 107248]
" BtTray " = " c:\program files\IVT Corporation\BlueSoleil\BtTray.exe " [2008-06-18 227840]
" NvSvc " = " c:\windows\system32\nvsvc.dll " [2007-07-25 86016]
" NvCplDaemon " = " c:\windows\system32\NvCpl.dll " [2007-07-25 8470528]
" NvMediaCenter " = " c:\windows\system32\NvMcTray.dll " [2007-07-25 81920]
" SunJavaUpdateSched " = " c:\program files\Java\jre6\bin\jusched.exe " [2009-05-25 148888]
" LManager " = " c:\progra~1\LAUNCH~1\LManager.exe " [2007-06-27 752136]
" Ad-Watch " = " c:\program files\Lavasoft\Ad-Aware\AAWTray.exe " [2009-06-06 518488]
" RtHDVCpl " = " RtHDVCpl.exe " - c:\windows\RtHDVCpl.exe [2007-07-06 4669440]
" Skytel " = " Skytel.exe " - c:\windows\SkyTel.exe [2007-06-15 1826816]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
" EnableUIADesktopToggle " = 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
" aux " =wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@= " Service "

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@= " Driver "

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@= " Service "

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
" DisableMonitoring " =dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
" DisableMonitoring " =dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
" DisableMonitoring " =dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
" AntiVirusOverride " =dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
" {24368811-638E-4AA5-AC42-291E8DD2CCB0} " = c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe:Acer Arcade Deluxe
" {4ADF2998-3DCA-4A32-B24A-D5D7B7C20A99} " = c:\program files\Acer Arcade Deluxe\VideoMagician\VideoMagician.exe:VideoMagician
" {F2C39C05-B469-48A7-A9EA-1771F3F8B48D} " = c:\program files\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe:HomeMedia
" {4E6EF43B-D83E-4170-8E22-AF1DA496E04C} " = c:\program files\Acer Arcade Deluxe\DV Wizard\DV Wizard.exe:DV Wizard
" {285823CA-1E1F-411B-899F-487015A4C40F} " = c:\program files\Acer Arcade Deluxe\DVDivine\DVDivine.exe:DVDivine
" {9A7416BB-B8E8-46C7-8795-53D8B5AD8858} " = c:\program files\Acer Arcade Deluxe\Play Movie\PlayMovie.exe:Play Movie
" {3FDE6254-A483-403D-B24B-BBC078B5D6F0} " = c:\program files\Acer Arcade Deluxe\Play Movie\PMVService.exe:Play Movie Resident Program
" {E19239CF-8B04-4960-BAA3-EE572FB8EB8E} " = UDP:c:\program files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe:BlueSoleilCS
" {2F433CC5-0112-4D4B-85E6-7F82B97E9770} " = TCP:c:\program files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe:BlueSoleilCS
" TCP Query User{A269A069-6736-4735-86D1-B6B64734C0D2}c:\\program files\\wapster\\aqq\\aqq.exe " = UDP:c:\program files\wapster\aqq\aqq.exe:AQQ
" UDP Query User{283655CF-DCBA-4FB7-9F7B-5CDF0D8A9B4A}c:\\program files\\wapster\\aqq\\aqq.exe " = TCP:c:\program files\wapster\aqq\aqq.exe:AQQ
" TCP Query User{C5130C96-A4B2-4345-8604-AFCE50164D64}c:\\program files\\gadu-gadu\\gg.exe " = UDP:c:\program files\gadu-gadu\gg.exe:Gadu-Gadu - program g?ówny
" UDP Query User{C3EECF58-50F8-49BF-A986-87014D01DB98}c:\\program files\\gadu-gadu\\gg.exe " = TCP:c:\program files\gadu-gadu\gg.exe:Gadu-Gadu - program g?ówny
" TCP Query User{7C558451-92CF-46B7-8B4E-620D424665F2}c:\\program files\\ares\\ares.exe " = UDP:c:\program files\ares\ares.exe:Ares p2p for windows
" UDP Query User{1E01B062-C9C9-4C15-921F-025B8281097D}c:\\program files\\ares\\ares.exe " = TCP:c:\program files\ares\ares.exe:Ares p2p for windows
" TCP Query User{00990201-9BA5-4012-B86A-87A70E3BAE9C}c:\\program files\\mozilla firefox\\firefox.exe " = UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
" UDP Query User{A2107ECD-2F0C-409A-B45A-13DE0E5C36CB}c:\\program files\\mozilla firefox\\firefox.exe " = TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
" TCP Query User{BDDC360D-2365-4FED-9673-EA6E93014572}c:\\program files\\skype\\phone\\skype.exe " = UDP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath
" UDP Query User{BF67792F-FA3B-4239-854A-C63DAA467538}c:\\program files\\skype\\phone\\skype.exe " = TCP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath
" {C476333D-6E46-45E7-8B39-C3CA846E5409} " = UDP:c:\program files\Winamp Remote\bin\Orb.exe:Orb
" {8D31F39A-2F77-4F9E-9443-DDC7DD63740E} " = TCP:c:\program files\Winamp Remote\bin\Orb.exe:Orb
" {DFB32B41-75F1-41A4-89EB-AA4FDFFFDA55} " = UDP:c:\program files\Winamp Remote\bin\OrbTray.exe:OrbTray
" {439B52D5-FD9F-40DB-A629-B6B1A39DA085} " = TCP:c:\program files\Winamp Remote\bin\OrbTray.exe:OrbTray
" {97527DA5-E1FB-4786-930A-53F78B87D8B5} " = UDP:c:\program files\Winamp Remote\bin\OrbIR.exe:OrbIR
" {DF02ACA8-0118-42C4-A304-809C119F9E93} " = TCP:c:\program files\Winamp Remote\bin\OrbIR.exe:OrbIR
" {1FB4DD0E-7B4D-43F7-8717-1276D79F5E0D} " = UDP:c:\program files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
" {26E3D588-E08C-46C6-8013-F9E4A472EA82} " = TCP:c:\program files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
" TCP Query User{64E6229E-C6CE-4A6C-BB4E-DE5F485B0644}c:\\program files\\nowe gadu-gadu\\gg.exe " = UDP:c:\program files\nowe gadu-gadu\gg.exe:Nowe Gadu-Gadu beta
" UDP Query User{9D850512-0212-4091-B6B4-551E3225ED8E}c:\\program files\\nowe gadu-gadu\\gg.exe " = TCP:c:\program files\nowe gadu-gadu\gg.exe:Nowe Gadu-Gadu beta
" TCP Query User{0CA38D43-C13D-4A9D-9EAD-A07DB53558C3}c:\\program files\\hand-crafted software\\freeproxy\\freeproxy.exe " = UDP:c:\program files\hand-crafted software\freeproxy\freeproxy.exe:FreeProxy
" UDP Query User{31F1B4EA-4A17-420D-B6DB-F95320A7BF70}c:\\program files\\hand-crafted software\\freeproxy\\freeproxy.exe " = TCP:c:\program files\hand-crafted software\freeproxy\freeproxy.exe:FreeProxy
" TCP Query User{3C0AC6E4-5839-49CC-A1A7-AA764384932D}c:\\program files\\tc up\\totalcmd.exe " = UDP:c:\program files\tc up\totalcmd.exe:Total Commander 32 bit international version, file manager replacement for Windows
" UDP Query User{9696B978-DAF5-4D07-B138-66B88A90EF63}c:\\program files\\tc up\\totalcmd.exe " = TCP:c:\program files\tc up\totalcmd.exe:Total Commander 32 bit international version, file manager replacement for Windows
" TCP Query User{E68970F3-9207-4031-98EC-EF98294729A9}c:\\program files\\tc up\\totalcmd.exe " = UDP:c:\program files\tc up\totalcmd.exe:Total Commander 32 bit international version, file manager replacement for Windows
" UDP Query User{68FC007F-98AD-4E4C-8473-265E0FFEEDD8}c:\\program files\\tc up\\totalcmd.exe " = TCP:c:\program files\tc up\totalcmd.exe:Total Commander 32 bit international version, file manager replacement for Windows
" TCP Query User{5B71B8EA-8C02-4220-B16A-99F55D6E1830}c:\\program files\\nowe gadu-gadu\\gg.exe " = UDP:c:\program files\nowe gadu-gadu\gg.exe:Nowe Gadu-Gadu beta
" UDP Query User{E2014508-CB05-4741-8BD9-0091617503C7}c:\\program files\\nowe gadu-gadu\\gg.exe " = TCP:c:\program files\nowe gadu-gadu\gg.exe:Nowe Gadu-Gadu beta
" TCP Query User{1D42C2AF-47CD-44B1-8B9F-438D0DEB4F8D}c:\\program files\\ares\\ares.exe " = UDP:c:\program files\ares\ares.exe:Ares p2p for windows
" UDP Query User{560C8568-FF9A-4E70-80B6-60C7B5DE89EA}c:\\program files\\ares\\ares.exe " = TCP:c:\program files\ares\ares.exe:Ares p2p for windows
" TCP Query User{B4748062-05D0-4AA7-A906-EE37FBDD78A1}c:\\users\\agata\\documents\\god\\god.exe " = UDP:c:\users\agata\documents\god\god.exe:god.exe
" UDP Query User{7F519D32-D429-4D77-9425-E1A0E76EF74B}c:\\users\\agata\\documents\\god\\god.exe " = TCP:c:\users\agata\documents\god\god.exe:god.exe
" TCP Query User{7132C1BE-C50F-447A-9A9E-55F683B75CC1}c:\\users\\agata\\appdata\\roaming\\microsoft\\windows\\start menu\\programs\\ares.exe " = UDP:c:\users\agata\appdata\roaming\microsoft\windows\start menu\programs\ares.exe:ares.exe
" UDP Query User{B7E248F8-3596-47B1-8D5A-D273B588690A}c:\\users\\agata\\appdata\\roaming\\microsoft\\windows\\start menu\\programs\\ares.exe " = TCP:c:\users\agata\appdata\roaming\microsoft\windows\start menu\programs\ares.exe:ares.exe
" {224F0056-0445-43A9-8236-3D9CEDDD59FB} " = UDP:c:\program files\Pinnacle\VideoSpin\Programs\RM.exe:Render Manager
" {B408759A-4926-4E4F-B846-B50FA7A9DDEB} " = TCP:c:\program files\Pinnacle\VideoSpin\Programs\RM.exe:Render Manager
" {6E0C489E-5129-4115-8FCA-5910D23327C4} " = UDP:c:\program files\Pinnacle\VideoSpin\Programs\umi.exe:umi
" {7BEE8C1B-7DE0-4D12-B685-B95745DE5D96} " = TCP:c:\program files\Pinnacle\VideoSpin\Programs\umi.exe:umi
" {0222A252-A69D-47C1-8408-984A4DFB4B97} " = UDP:c:\program files\Pinnacle\VideoSpin\Programs\VideoSpin.exe:Pinnacle VideoSpin
" {16172089-AAAF-4FD7-A3A1-5C6640470A8E} " = TCP:c:\program files\Pinnacle\VideoSpin\Programs\VideoSpin.exe:Pinnacle VideoSpin
" TCP Query User{8428D0E4-1BCF-4E85-A729-1B1A10FEBCAD}c:\\program files\\gadu-gadu\\gg.exe " = UDP:c:\program files\gadu-gadu\gg.exe:Gadu-Gadu - program g?ówny
" UDP Query User{2643FA00-9258-4BBA-86A9-A8730DCCAC9E}c:\\program files\\gadu-gadu\\gg.exe " = TCP:c:\program files\gadu-gadu\gg.exe:Gadu-Gadu - program g?ówny
" TCP Query User{96FFECF6-01DE-4CD4-988E-BEE419E2F374}c:\\program files\\electronic arts\\eadm\\core.exe " = UDP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager
" UDP Query User{ECB07A91-9402-4CE5-A04B-7239F7E26E6C}c:\\program files\\electronic arts\\eadm\\core.exe " = TCP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
" c:\\Program Files\\OrangeBS\\BEWInternet-PL-IEW\\Connectivity\\ConnectivityManager.exe " = c:\program files\OrangeBS\BEWInternet-PL-IEW\Connectivity\ConnectivityManager.exe:*:enabled:CSS

R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\drivers\BtHidBus.sys [2008-01-21 21512]
R0 Lbd;Lbd;c:\windows\System32\drivers\Lbd.sys [2009-04-25 64160]
R1 VD_FileDisk;VD_FileDisk;c:\windows\System32\drivers\vd_filedisk.sys [2006-01-13 15872]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl [2008-06-24 13560]
R2 ALaunchService;ALaunch Service;c:\acer\ALaunch\ALaunchSvc.exe [2007-08-16 50688]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2008-08-27 1153368]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [2007-08-16 179712]
R3 enecir;ENE CIR Receiver;c:\windows\System32\drivers\enecir.sys [2007-08-16 32256]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\System32\drivers\IvtBtBus.sys [2008-01-21 26248]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2009-03-09 1005904]
S3 GT72NDISIPXP;GT 72 IP NDIS;c:\windows\System32\drivers\Gt51Ip.sys [2008-06-28 95744]
S3 GT72UBUS;GT 72 U BUS;c:\windows\System32\drivers\gt72ubus.sys [2008-06-28 51968]
S3 GTPTSER;GT PT SER;c:\windows\System32\drivers\gtptser.sys [2008-06-28 8064]
S3 PCAMp50;PCAMp50 NDIS Protocol Driver;c:\windows\System32\drivers\PCAMp50.sys [2008-06-28 28224]
.
Zawartoœae folderu 'Zaplanowane zadania'

2009-06-27 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-03-09 12:21]

2009-07-01 c:\windows\Tasks\User_Feed_Synchronization-{34B92039-796F-46C7-802D-DDD48D09DD70}.job
- c:\windows\system32\msfeedssync.exe [2008-07-26 07:33]

2009-07-02 c:\windows\Tasks\User_Feed_Synchronization-{D7266E51-12DD-4017-8495-FA43CDC79372}.job
- c:\windows\system32\msfeedssync.exe [2008-07-26 07:33]
.
.
------- Skan uzupe?niaj?cy -------
.
uStart Page = hxxp://pl.intl.acer.yahoo.com
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms} & ei=utf-8 & fr=b1ie7
mStart Page = hxxp://pl.intl.acer.yahoo.com
uInternet Settings,ProxyOverride = plimus.com;www.plimus.com;regnow.com;www.regnow.com
uSearchURL,(Default) = hxxp://uk.rd.yahoo.com/customize/ycomp/defaults/su/*http://uk.yahoo.com
IE: Add to Google Photos Screensa & ver - c:\windows\system32\GPhotos.scr/200
IE: E & ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Agata\AppData\Roaming\Mozilla\Firefox\Profiles\p88fm0lk.default\
FF - component: c:\users\Agata\AppData\Roaming\Mozilla\Firefox\Profiles\p88fm0lk.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-02 19:24
Windows 6.0.6001 Service Pack 1 NTFS

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ...

skanowanie pomyœlnie uko?czone
ukryte pliki: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
" ImagePath " = " \??\c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl "
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
" BlindDial " =dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
" BlindDial " =dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
" BlindDial " =dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
" BlindDial " =dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
" BlindDial " =dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
" BlindDial " =dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
" BlindDial " =dword:00000000
.
Czas uko?czenia: 2009-07-02 19:27
ComboFix-quarantined-files.txt 2009-07-02 17:27
ComboFix2.txt 2009-03-07 10:34
ComboFix3.txt 2009-03-07 10:28
ComboFix4.txt 2009-03-06 21:30
ComboFix5.txt 2009-06-23 10:10

Przed: 34,970,959,872 bajtów wolnych
Po: 34,967,805,952 bajtów wolnych

279 --- E O F --- 2009-06-16 11:36


Download file - link to post