cfix.txt

Uporczywe błędy 0x000001D, 0x00000010

Mój zasilacz: colorsit 330U-sch 350W Dodano po 6 : skanuje wła¶nie memtestem (wkońcu sie udało) dam znać jak co¶ znajdzie. Dodano po 2 55 : Memtest nic nie znalazł, za to zrobiłem skan combofixem i to wyszło: Skopiowałem wszystko jak leciało. Niestety problem nadal występuje i nie mam już pomysłów.


ComboFix 10-03-29.04 - Ja1 2010-03-30 14:25:27.4.1 - x86
Microsoft Windows XP Professional 5.1.2600.2.1250.48.1045.18.511.211 [GMT 2:00]
Uruchomiony z: d:\formatowanie\gry\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Rezydentny antywirus jest aktywny

.

((((((((((((((((((((((((((((((((((((((( Usuni?to )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Ja\Dane aplikacji\AD ON Multimedia
c:\documents and settings\Ja\Dane aplikacji\AD ON Multimedia\eBay Shortcuts\config.ini
c:\documents and settings\Ja\error.log
c:\documents and settings\Ja\Menu Start\m?zczy?ni s? jak reklama telewizyjna - ciagle k?amia., Najlepsze ....url
c:\documents and settings\Ja1\rundll32 .exe
C:\restore
c:\windows1\system32\ctfmon .exe
c:\windows1\system32\SIntf16.dll
c:\windows1\system32\TEVPXCW60.DLL
c:\windows1\TDEVXCW60.DLL

.
((((((((((((((((((((((((( Pliki utworzone od 2010-02-28 do 2010-03-30 )))))))))))))))))))))))))))))))
.

2010-03-30 12:11 . 2010-03-30 12:11 -------- d-----w- c:\program files\MSXML 6.0
2010-03-29 15:49 . 2010-03-29 15:49 -------- d-----w- c:\windows1\Driver Cache
2010-03-29 15:48 . 2010-03-29 15:48 -------- d-----w- c:\program files\MSXML 4.0
2010-03-29 15:44 . 2010-02-12 10:03 293376 ------w- c:\windows1\system32\browserchoice.exe
2010-03-29 15:42 . 2010-03-29 16:15 -------- d--h--w- c:\windows1\$hf_mig$
2010-03-29 15:29 . 2001-09-28 13:33 3266 ----a-w- c:\windows1\system32\drivers\WinFlash.sys
2010-03-29 14:15 . 2010-03-29 14:15 -------- d-----w- c:\windows1\RegCure
2010-03-29 14:00 . 2010-03-29 14:00 -------- d-----w- c:\documents and settings\All Users.WINDOWS1\Dane aplikacji\RegCure
2010-03-29 14:00 . 2010-03-29 14:27 -------- d-----w- c:\program files\RegCure
2010-03-29 12:25 . 2010-03-29 12:25 52224 ----a-w- c:\documents and settings\Ja1\Dane aplikacji\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-03-29 12:24 . 2010-03-29 12:24 117760 ----a-w- c:\documents and settings\Ja1\Dane aplikacji\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-03-29 12:23 . 2010-03-29 12:23 -------- d-----w- c:\documents and settings\All Users.WINDOWS1\Dane aplikacji\SUPERAntiSpyware.com
2010-03-29 12:23 . 2010-03-29 12:23 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-03-29 12:23 . 2010-03-29 12:23 -------- d-----w- c:\documents and settings\Ja1\Dane aplikacji\SUPERAntiSpyware.com
2010-03-29 12:13 . 2010-03-29 12:14 -------- d-----w- c:\program files\Odkurzacz
2010-03-29 12:06 . 2010-03-29 12:06 6144 ----a-w- c:\documents and settings\All Users.WINDOWS1\Dane aplikacji\Spyware Terminator\sp_rsdel.exe
2010-03-29 12:06 . 2010-03-29 12:06 5632 ----a-w- c:\documents and settings\All Users.WINDOWS1\Dane aplikacji\Spyware Terminator\fileobjinfo.sys
2010-03-29 12:06 . 2010-03-29 12:06 142592 ----a-w- c:\windows1\system32\drivers\sp_rsdrv2.sys
2010-03-29 12:06 . 2010-03-29 12:09 -------- d-----w- c:\documents and settings\Ja1\Dane aplikacji\Spyware Terminator
2010-03-29 12:06 . 2010-03-30 12:06 -------- d-----w- c:\documents and settings\All Users.WINDOWS1\Dane aplikacji\Spyware Terminator
2010-03-29 12:05 . 2010-03-29 12:07 -------- d-----w- c:\program files\Spyware Terminator
2010-03-28 10:59 . 2010-03-28 11:00 -------- d-----w- c:\windows1\system32\Side 9 Screensaver dir
2010-03-27 15:44 . 2010-03-29 16:37 -------- d-----w- c:\documents and settings\Ja1\Dane aplikacji\ImgBurn
2010-03-27 15:37 . 2010-03-27 15:38 -------- d-----w- c:\program files\ImgBurn
2010-03-24 15:43 . 2010-03-28 11:00 520192 ----a-w- c:\windows1\system32\Side 9 Screensaver.scr
2010-03-22 20:58 . 2010-03-22 20:58 -------- d-----w- c:\documents and settings\Ja1\Dane aplikacji\fretsonfire
2010-03-16 18:50 . 2010-03-16 18:50 -------- d-----w- c:\program files\Cryo
2010-03-16 18:50 . 1999-01-07 12:11 245845 ----a-w- c:\windows1\system32\SPR_P5.DLL
2010-03-16 18:50 . 1999-01-06 14:57 180309 ----a-w- c:\windows1\system32\SPR_P6.DLL
2010-03-16 18:50 . 1998-06-26 18:25 142848 ----a-w- c:\windows1\system32\CM6_800x16.dll
2010-03-16 18:50 . 1998-06-26 16:57 142336 ----a-w- c:\windows1\system32\CM6_1024x16.dll
2010-03-16 18:50 . 1998-06-26 16:48 142336 ----a-w- c:\windows1\system32\CM6_512x16.dll
2010-03-16 18:50 . 1998-06-26 15:48 142848 ----a-w- c:\windows1\system32\CM6_640x16.dll
2010-03-16 18:49 . 2010-03-16 18:49 -------- d-----w- c:\documents and settings\Ja1\WINDOWS
2010-03-14 14:43 . 2010-02-26 13:50 30536 ----a-w- c:\windows1\system32\TURegOpt.exe
2010-03-14 14:42 . 2010-02-26 13:43 30024 ----a-w- c:\windows1\system32\uxtuneup.dll
2010-03-14 14:41 . 2010-03-14 14:42 -------- d-----w- c:\program files\TuneUp Utilities 2010
2010-03-13 18:24 . 2010-03-13 18:24 -------- d-----w- c:\program files\FreeTune
2010-03-13 13:17 . 2010-03-13 18:30 -------- d-----w- c:\program files\Xvid
2010-03-13 13:17 . 2010-03-13 13:17 -------- d-----w- c:\program files\FDRLab
2010-03-12 18:52 . 2010-03-12 18:52 -------- d-----w- c:\documents and settings\Ja1\Ustawienia lokalne\Dane aplikacji\ESET

.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-30 12:24 . 2001-10-26 16:15 90188 ----a-w- c:\windows1\system32\perfc015.dat
2010-03-30 12:24 . 2001-10-26 16:15 503192 ----a-w- c:\windows1\system32\perfh015.dat
2010-03-30 12:23 . 2009-12-15 06:22 -------- d-----w- c:\documents and settings\All Users.WINDOWS1\Dane aplikacji\eboostr
2010-03-30 12:17 . 2009-04-04 19:12 -------- d-----w- c:\documents and settings\Ja1\Dane aplikacji\uTorrent
2010-03-29 12:40 . 2010-01-19 18:43 -------- d-----w- c:\documents and settings\Ja1\Dane aplikacji\XnView
2010-03-29 12:39 . 2010-02-17 11:29 -------- d-----w- c:\program files\NAPI-PROJEKT
2010-03-29 12:39 . 2010-02-11 19:11 -------- d-----w- c:\program files\TurboDemo 7.5 Trial
2010-03-29 12:23 . 2008-10-30 18:56 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-03-29 12:04 . 2009-12-14 20:27 -------- d-----w- c:\documents and settings\All Users.WINDOWS1\Dane aplikacji\Spybot - Search & Destroy
2010-03-29 11:29 . 2009-09-09 19:20 98304 ----a-w- c:\windows1\system32\CmdLineExt.dll
2010-03-29 11:25 . 2002-11-03 05:54 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-03-29 09:49 . 2010-02-25 17:23 -------- d-----w- c:\program files\Ares
2010-03-24 15:52 . 2009-12-01 21:43 -------- d-----w- c:\program files\Graffiti Studio 2.0
2010-03-14 15:05 . 2010-01-25 17:48 -------- d-----w- c:\program files\ISOpen
2010-03-13 18:42 . 2007-10-10 13:04 -------- d-----w- c:\program files\Common Files\Adobe
2010-03-04 13:56 . 2009-11-30 07:02 -------- d-----w- c:\program files\Nowe Gadu-Gadu
2010-02-27 21:35 . 2010-02-27 21:35 -------- d-----w- c:\documents and settings\Ja1\Dane aplikacji\Canneverbe Limited
2010-02-27 21:35 . 2010-02-27 21:35 -------- d-----w- c:\documents and settings\All Users.WINDOWS1\Dane aplikacji\Canneverbe Limited
2010-02-27 21:33 . 2010-02-27 21:33 -------- d-----w- c:\program files\CDBurnerXP
2010-02-19 18:55 . 2010-02-19 18:55 -------- d-----w- c:\documents and settings\Ja1\Dane aplikacji\BESTplayer
2010-02-16 15:50 . 2010-02-16 15:50 -------- d-----w- c:\program files\Pivot Stickfigure Animator
2010-02-15 21:53 . 2010-02-15 21:53 -------- d-----w- c:\documents and settings\Ja1\Dane aplikacji\Blender Foundation
2010-02-15 21:53 . 2010-02-15 21:53 -------- d-----w- c:\program files\Blender Foundation
2010-02-15 16:19 . 2010-02-15 16:19 -------- d-----w- c:\program files\Sigma Team
2010-02-12 18:55 . 2010-02-12 18:55 2131336 ----a-w- c:\documents and settings\Ja1\Dane aplikacji\Mozilla\Firefox\Profiles\2wj0020c.default\extensions\toolbar@ask.com\chrome\temp\askToolbar.exe
2010-02-11 19:56 . 2010-02-11 19:55 -------- d-----w- c:\program files\AbiWord
2010-02-11 19:39 . 2009-04-08 13:40 1 ----a-w- c:\documents and settings\Ja1\Dane aplikacji\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-02-11 19:34 . 2002-11-14 02:30 -------- d-----w- c:\documents and settings\All Users.WINDOWS1\Dane aplikacji\Microsoft Help
2010-02-09 15:05 . 2010-02-09 15:03 -------- d-----w- c:\program files\eMule
2010-01-19 14:09 . 2009-04-10 10:23 691696 ----a-w- c:\windows1\system32\drivers\sptd.sys
2010-01-16 14:04 . 2010-01-16 14:04 74664 ----a-w- c:\documents and settings\Ja1\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
2009-12-31 16:14 . 2004-08-03 21:14 352640 ----a-w- c:\windows1\system32\drivers\srv.sys
2009-12-30 16:06 . 2009-12-30 16:06 1036288 ----a-w- c:\documents and settings\Ja1\Dane aplikacji\Mozilla\Firefox\Profiles\2wj0020c.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll
2008-08-30 08:00 . 2002-10-28 22:52 88 --sha-r- c:\windows1\system32\00ECC613F1.sys
.
[code] & lt; pre & gt;
c:\program files\Adobe\Reader 9.0\Reader\reader_sl .exe
c:\program files\Gadu-Gadu\stare gg .exe
c:\program files\Nowe Gadu-Gadu\gg .exe
c:\program files\System Explorer\systemexplorer .exe
& lt; /pre & gt; [/code]

------- Sigcheck -------

[-] 2008-05-31 . 64FF4E77CF31132734C42C90B4839FBA . 1548288 . . [5.1.2600.2180] . . c:\windows1\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawid?owe wpisy nie s? pokazane
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2009-09-02 12:56 1175944 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
" {D4027C7F-154A-4066-A1AD-4243D8127440} " = " c:\program files\Ask.com\GenericAskToolbar.dll " [2009-09-02 1175944]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
" {D4027C7F-154A-4066-A1AD-4243D8127440} " = " c:\program files\Ask.com\GenericAskToolbar.dll " [2009-09-02 1175944]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
" uTorrent " = " c:\documents and settings\Ja1\Pulpit\uTorrent\utorrent .exe " [2009-12-27 319792]
" SpybotSD TeaTimer " = " c:\program files\Spybot - Search & Destroy\TeaTimer.exe " [2009-03-05 2260480]
" ares " = " c:\program files\Ares\Ares.exe " [2008-12-13 882176]
" ESET GUI " = " c:\program files\ESET\ESET NOD32 Antivirus\egui.exe " [2009-02-06 2021400]
" SpywareTerminatorUpdate " = " c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe " [2010-03-29 3037696]
" SUPERAntiSpyware " = " c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe " [2010-02-18 2012912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
" NvCplDaemon " = " c:\windows1\system32\NvCpl.dll " [2006-10-22 7700480]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
" SynchronousMachineGroupPolicy " = 0 (0x0)
" SynchronousUserGroupPolicy " = 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
" NoStrCmpLogical " = 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
" NoSMBalloonTip " = 1 (0x1)
" MemCheckBoxInRunDlg " = 0 (0x0)
" NoResolveTrack " = 0 (0x0)
" NoWelcomeScreen " = 1 (0x1)
" NoRecentDocsNetHood " = 1 (0x1)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
" {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} " = " c:\program files\SUPERAntiSpyware\SASSEH.DLL " [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 12:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
" ares " = " c:\program files\Ares\Ares.exe " -h
" DAEMON Tools Lite " = " c:\program files\DAEMON Tools Lite\DTLite.exe " -autorun
" ccleaner " = " d:\pliki aresa\CCleaner\ccleaner.exe " /AUTO
" Skype " = " c:\documents and settings\Ja1\Pulpit\Skype.exe " /nosplash /minimized
" Odkurzacz-MCD " =c:\program files\Odkurzacz\odk_mcd.exe
" ctfmon.exe " =c:\windows1\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
" Monitor " =c:\windows1\PixArt\PAC207\Monitor.exe
" C-Media Mixer " =Mixer.exe /startup
" NvMediaCenter " =RUNDLL32.EXE c:\windows1\system32\NvMcTray.dll,NvTaskbarInit
" Cmaudio " =RunDll32 cmicnfg.cpl,CMICtrlWnd
" Adobe Reader Speed Launcher " = " c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe "
" Adobe ARM " = " c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe "
" KernelFaultCheck " =%systemroot%\system32\dumprep 0 -k

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
" %windir%\\system32\\sessmgr.exe " =
" c:\\Program Files\\Ares\\Ares.exe " =
" c:\\Documents and Settings\\Ja1\\Pulpit\\Skype.exe " =
" c:\\Program Files\\Opera\\opera.exe " =
" c:\\Documents and Settings\\Ja1\\Pulpit\\uTorrent\\utorrent .exe " =

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
" 8461:TCP " = 8461:TCP:GoD High Port
" 8462:TCP " = 8462:TCP:GoD Low Port
" 15113:TCP " = 15113:TCP:BitComet 15113 TCP
" 15113:UDP " = 15113:UDP:BitComet 15113 UDP

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
" AllowInboundEchoRequest " = 1 (0x1)

R1 ehdrv;ehdrv;c:\windows1\system32\drivers\ehdrv.sys [2009-02-06 106208]
R1 epfwtdir;epfwtdir;c:\windows1\system32\drivers\epfwtdir.sys [2009-02-06 93336]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2010-02-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2010-02-17 66632]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows1\system32\drivers\sp_rsdrv2.sys [2010-03-29 142592]
R2 EBOOSTRSVC;eBoostr Service;c:\program files\eBoostr\EBstrSvc.exe [2009-05-20 639616]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-02-06 727720]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-02-26 1047880]
R3 SiS7012;Service for AC'97 Sample Driver (WDM);c:\windows1\system32\drivers\sis7012.sys [2009-09-06 820133]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-24 10064]
S0 sptd;sptd;c:\windows1\system32\drivers\sptd.sys [2009-04-10 691696]
S2 SeekappSrch Service;SeekappSrch Service; " c:\documents and settings\All Users.WINDOWS1\Dane aplikacji\SeekappSrch\seekapp139.exe " " c:\program files\SeekappSrch\seekapp.dll " Service -- & gt; c:\documents and settings\All Users.WINDOWS1\Dane aplikacji\SeekappSrch\seekapp139.exe [?]
S3 PAC207;Webcam 1200;c:\windows1\system32\drivers\PFC027.SYS [2009-04-12 611584]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2010-02-17 12872]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Zawartośae folderu 'Zaplanowane zadania'

2010-03-30 c:\windows1\Tasks\RegCure Program Check.job
- c:\program files\RegCure\RegCure.exe [2010-02-23 23:20]

2010-03-30 c:\windows1\Tasks\RegCure Startup.job
- c:\program files\RegCure\RegCure.exe [2010-02-23 23:20]

2010-03-30 c:\windows1\Tasks\RegCure.job
- c:\program files\RegCure\RegCure.exe [2010-02-23 23:20]

2010-03-28 c:\windows1\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2009-09-02 12:56]

2009-12-28 c:\windows1\Tasks\WGASetup.job
- c:\windows1\system32\KB905474\wgasetup.exe [2009-04-04 20:18]

2009-12-28 c:\windows1\Tasks\WinUtilities Disk Cleaner.job
- c:\program files\WinUtilities\ToolDiskCleaner.exe [2009-12-28 22:25]

2009-12-28 c:\windows1\Tasks\WinUtilities DiskDefrag.job
- c:\program files\WinUtilities\ToolDiskDefrag.exe [2009-12-28 22:25]

2009-12-28 c:\windows1\Tasks\WinUtilities History Cleaner.job
- c:\program files\WinUtilities\ToolHistoryCleaner.exe [2009-12-28 22:25]

2009-12-28 c:\windows1\Tasks\WinUtilities Registry Cleaner.job
- c:\program files\WinUtilities\ToolRegistryCleaner.exe [2009-12-28 22:25]
.
.
------- Skan uzupe?niaj?cy -------
.
uStart Page = google.pl
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E & ksportuj do programu Microsoft Excel - d:\progra~1\Office12\EXCEL.EXE/3000
IE: E & xport to Microsoft Excel - d:\progra~1\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Ja1\Dane aplikacji\Mozilla\Firefox\Profiles\2wj0020c.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: keyword.URL - hxxp://supertoolbar.ask.com/redirect?client=ff & src=kw & tb=UT2V5 & o=15158 & locale=en_US & q=
FF - component: c:\documents and settings\Ja1\Dane aplikacji\Mozilla\Firefox\Profiles\2wj0020c.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll
FF - plugin: c:\documents and settings\Ja1\Dane aplikacji\Nowe Gadu-Gadu\_userdata\npgg.1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npOggX.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npyaxmpb.dll
FF - plugin: c:\program files\Opera\program\plugins\nppdf32.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows1\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX - SPOSÓB POST?POWANIA ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
c:\program files\Mozilla Firefox\greprefs\all.js - pref( " ui.use_native_colors " , true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( " ui.use_native_popup_windows " , false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( " browser.enable_click_image_resizing " , true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( " accessibility.browsewithcaret_shortcut.enabled " , true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( " javascript.options.mem.high_water_mark " , 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( " javascript.options.mem.gc_frequency " , 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( " network.auth.force-generic-ntlm " , false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( " svg.smil.enabled " , false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( " ui.trackpoint_hack.enabled " , -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( " browser.formfill.debug " , false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( " browser.formfill.agedWeight " , 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( " browser.formfill.bucketSize " , 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( " browser.formfill.maxTimeGroupings " , 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( " browser.formfill.timeGroupingSize " , 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( " browser.formfill.boundaryWeight " , 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( " browser.formfill.prefixWeight " , 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( " html5.enable " , false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref( " security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref " , true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref( " security.ssl.renego_unrestricted_hosts " , " " );
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref( " security.ssl.treat_unsafe_negotiation_as_broken " , false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref( " security.ssl.require_safe_negotiation " , false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref( " app.update.download.backgroundInterval " , 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref( " app.update.url.manual " , " http://www.firefox.com " );
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref( " browser.search.param.yahoo-fr-ja " , " mozff " );
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( " extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name " , " chrome://browser/locale/browser.properties " );
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( " extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description " , " chrome://browser/locale/browser.properties " );
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( " xpinstall.whitelist.add " , " addons.mozilla.org " );
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( " xpinstall.whitelist.add.36 " , " getpersonas.com " );
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( " lightweightThemes.update.enabled " , true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( " browser.allTabs.previews " , false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( " plugins.hide_infobar_for_outdated_plugin " , false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( " plugins.update.notifyUser " , false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( " toolbar.customization.usesheet " , false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( " browser.taskbar.previews.enable " , false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( " browser.taskbar.previews.max " , 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( " browser.taskbar.previews.cachetime " , 20);
.
- - - - USUNI?TO PUSTE WPISY - - - -

AddRemove--[*ATL*]- skin Pack v1.0 - e:\swat\ATL Skin Uninstaller.exe
AddRemove-pwavwsmpbjskcws - c:\windows1\system32\pwavwsmpbjskcws.exe
AddRemove-SiS7012 - c:\program files\SiS7012\Uninst\uninst2k.exe PCI\VEN_1039 & DEV_7012



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-30 14:31
Windows 5.1.2600 Dodatek Service Pack 2 NTFS

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ...

skanowanie pomyślnie uko?czone
ukryte pliki: 0

**************************************************************************
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------

[HKEY_USERS\S-1-5-21-790525478-1682526488-1060284298-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-790525478-1682526488-1060284298-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{705974B5-14C9-BCE8-DBF4-D61C8F60DF35}*]
" oadnmagdokgaijjifbealkbgeldodi " =hex:6a,61,6b,6b,69,6a,6e,64,68,68,6b,6c,67,6c,
66,6f,69,6f,62,6b,00,00
" panlglgegbbaldjknjlbndmhabpjgiil " =hex:6a,61,6e,6b,65,61,6a,70,65,67,6a,62,66,
64,6d,68,6e,65,66,6b,00,ed
" oanlglgegbbaldjknjlbgehhanpjcn " =hex:6a,61,6b,6b,69,6a,6e,64,68,68,6b,6c,67,6c,
66,6f,69,6f,62,6b,00,ee
" nadnmagdokgaijjifbdaglldpocc " =hex:6b,61,6a,6b,6b,6a,66,68,69,63,67,68,70,6d,
6d,70,70,70,6d,64,61,61,00,00
.
--------------------- Pliki DLL ?adowane pod uruchomionymi procesami ---------------------

- - - - - - - & gt; 'winlogon.exe'(728)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows1\system32\WININET.dll
.
Czas uko?czenia: 2010-03-30 14:36:29
ComboFix-quarantined-files.txt 2010-03-30 12:36
ComboFix2.txt 2009-12-14 19:19
ComboFix3.txt 2002-11-01 07:25

Przed: 4 611 833 856 bajtów wolnych
Po: 4 594 712 576 bajtów wolnych

Current=3 Default=3 Failed=2 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 1DA340CDE7E84A0856D9D3AA192FB772


Download file - link to post