"DAREK" - 07-01-19 15:38:55 Dodatek Service Pack 2 ComboFix 07-01-18 - Running from: "C:\Documents and Settings\DAREK\Moje dokumenty" (((((((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) C:\WINDOWS\system32\GroupPolicy\Machine\Scripts\scripts.ini ((((((((((((((((((((((((((((((( Files Created from 2006-12-19 to 2007-01-19 )))))))))))))))))))))))))))))))))) 2007-01-19 13:54 d-------- C:\WINDOWS\system32\Kaspersky Lab 2007-01-18 22:21 d-------- C:\DOCUME~1\DAREK\Dane aplikacji\Opera 2007-01-18 20:53 d-------- C:\WINDOWS\setupupd 2007-01-14 19:58 19 --a------ C:\WINDOWS\crystaljp.dll 2007-01-13 23:58 d-------- C:\WINDOWS\MIWU2RoK 2007-01-13 23:58 d-------- C:\teresa 2007-01-12 20:13 796,672 --a------ C:\WINDOWS\GPInstall.exe 2007-01-12 16:57 d-------- C:\WINDOWS\.file_store_32 2006-12-28 22:13 d-------- C:\Program Files\Winamp 2006-12-28 20:13 2,560 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys 2006-12-28 20:13 2,432 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys 2006-12-28 20:13 129,784 --------- C:\WINDOWS\system32\pxafs.dll 2006-12-22 23:03 d-------- C:\WINDOWS\setup.pss (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-01-14 00:18 172032 --a------ C:\WINDOWS\system32\cncs32.dll 2007-01-13 15:40 8 --a------ C:\WINDOWS\appdrive$ + appdir$ + a-zigo.ini2 2006-12-29 15:54 -------- d--h----- C:\Program Files\installshield installation information 2006-12-29 15:54 -------- d-------- C:\DOCUME~1\DAREK\Dane aplikacji\smartcom 2006-12-28 21:31 -------- d-------- C:\DOCUME~1\DAREK\Dane aplikacji\limewire 2006-12-28 20:02 -------- d-------- C:\Program Files\gadu-gadu 2006-12-10 21:00 -------- d-------- C:\Program Files\shockwave.com 2006-12-10 17:23 -------- d-------- C:\DOCUME~1\DAREK\Dane aplikacji\lavasoft 2006-12-09 23:03 2320384 --a------ C:\WINDOWS\system32\tukernel.exe 2006-12-07 06:29 2374472 --a------ C:\WINDOWS\system32\wmvcore.dll 2006-11-27 14:00 69920 --a------ C:\WINDOWS\system32\skaneronlineuninstall.exe 2006-11-24 12:52 -------- d-------- C:\Program Files\Common Files\wise installation wizard 2006-11-12 18:50 73216 --a------ C:\WINDOWS\st6unst.exe 2006-11-12 18:50 249856 --------- C:\WINDOWS\setup1.exe 2006-11-11 21:07 25992 --a------ C:\WINDOWS\system32\pgdfgsvc.exe 2006-11-08 06:07 679424 --a------ C:\WINDOWS\system32\inetcomm.dll 2006-10-20 02:39 714240 --a------ C:\WINDOWS\system32\sxs.dll (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "AtiPTA"="atiptaxx.exe" "avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "WinampAgent"="C:\\Program Files\\Winamp\\winampa.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu] "hkey"="HKCU" "key"="Software\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="gg" "command"="\"C:\\Program Files\\Gadu-Gadu\\gg.exe\" /tray" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\rfagent] "hkey"="HKLM" "key"="Software\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="rfagent" "command"="\"D:\\PROGRAMY\\Registry First Aid\\RFA Platinum\\rfagent.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost] HTTPFilter REG_MULTI_SZ HTTPFilter\0\0 LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0 NetworkService REG_MULTI_SZ DnsCache\0\0 DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0 rpcss REG_MULTI_SZ RpcSs\0\0 imgsvc REG_MULTI_SZ StiSvc\0\0 termsvcs REG_MULTI_SZ TermService\0\0 [HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3b51a780-e2c0-11da-b1d0-001346ba44ce}] [HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6e45e380-d3be-11da-b18b-001346ba44ce}] ~ ~ ~ ~ ~ ~ ~ ~ Hijackthis Backups ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ backup-20070119-113438-432 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\pchealth\helpctr\System\panels\blank.htm backup-20070119-113438-398 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\pchealth\helpctr\System\panels\blank.htm backup-20070112-141629-615 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\pchealth\helpctr\System\panels\blank.htm backup-20070112-141629-652 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\pchealth\helpctr\System\panels\blank.htm Contents of the 'Scheduled Tasks' folder C:\WINDOWS\tasks\1-Click Maintenance.job Completion time: 07-01-19 15:42:11 nie umiałem tego loga wkleić jako załącznika ---więc przesyłam go tak