.
DDS (Ver_2011-08-26.01) - FAT32x86 
Internet Explorer: 7.0.5730.13
Run by michal at 19:10:41 on 2012-02-16
Microsoft Windows XP Professional  5.1.2600.3.1250.48.1045.18.1535.688 [GMT 1:00]
.
AV: ESET Smart Security 5.0 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: Zapora osobista *Enabled* 
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
SVCHOST.EXE
C:\WINDOWS\System32\svchost.exe -k netsvcs
SVCHOST.EXE
SVCHOST.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Mozilla Firefox\firefox.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://klit.startnow.com/?src=startpage&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=PL&install_date=20120215&user_guid=4CF8D5DF49B14A80839E53141EE7D5D8&machine_id=86038009fe8f6e534f466d62b4a48e94&browser=IE&os=win&os_version=5.1-x86-SP3
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL
TB: StartNow Toolbar: {5911488e-9d1e-40ec-8cbb-06b231cc153f} - c:\program files\startnow toolbar\Toolbar32.dll
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [DriverScanner] "c:\program files\uniblue\driverscanner\launcher.exe" delay 20000 
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRunOnce: [nltide_2] regsvr32 /s /n /i:U shell32
IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
TCP: DhcpNameServer = 87.99.33.20 87.99.33.159
TCP: Interfaces\{6F9C4BC5-CCBF-48AD-8C51-86CCFE116209} : DhcpNameServer = 87.99.33.20 87.99.33.159
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~2\office12\GR99D3~1.DLL
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\michal\dane aplikacji\mozilla\firefox\profiles\cvm4beuq.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.google.pl/
FF - prefs.js: keyword.URL - hxxp://klit.startnow.com/s/?src=addrbar&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=PL&install_date=20120215&user_guid=4CF8D5DF49B14A80839E53141EE7D5D8&machine_id=86038009fe8f6e534f466d62b4a48e94&browser=FF&os=win&os_version=5.1-x86-SP3&q=
FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: StartNow Toolbar: {5911488E-9D1E-40ec-8CBB-06B231CC153F} - %profile%\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}
.
============= SERVICES / DRIVERS ===============
.
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2012-2-15 28552]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2011-8-4 118104]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-12 116608]
R2 ekrn;ESET Service;c:\program files\eset\eset smart security\ekrn.exe [2011-9-22 974944]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-2-16 652360]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia updatus\daemonu.exe [2012-2-15 2253120]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-2-16 20464]
S2 gupdate;Usługa Google Update (gupdate);c:\program files\google\update\GoogleUpdate.exe [2012-2-16 136176]
S3 gupdatem;Usługa Google Update (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2012-2-16 136176]
.
=============== Created Last 30 ================
.
2012-02-16 13:46:37	33104	----a-w-	c:\windows\system32\spool\prtprocs\w32x86\msonpppr.dll
2012-02-16 13:46:37	32592	----a-w-	c:\windows\system32\msonpmon.dll
2012-02-16 13:42:03	--------	d-----w-	c:\windows\SHELLNEW
2012-02-16 13:41:39	--------	d-----w-	c:\documents and settings\michal\ustawienia lokalne\dane aplikacji\Microsoft Help
2012-02-16 13:38:32	--------	d-----w-	c:\documents and settings\michal\dane aplikacji\Uniblue
2012-02-16 13:38:23	--------	d-----w-	c:\program files\Uniblue
2012-02-16 13:37:45	--------	d-----w-	c:\documents and settings\michal\dane aplikacji\OpenCandy
2012-02-16 13:37:22	--------	d-----w-	c:\documents and settings\michal\dane aplikacji\DAEMON Tools Lite
2012-02-16 13:37:18	--------	d-----w-	c:\documents and settings\all users\dane aplikacji\DAEMON Tools Lite
2012-02-16 12:53:35	--------	d-s---w-	C:\ComboFix
2012-02-16 12:50:42	--------	d-----w-	c:\program files\trend micro
2012-02-16 12:23:44	--------	d-----w-	c:\documents and settings\michal\DoctorWeb
2012-02-16 11:19:20	--------	d-sh--w-	C:\Recycled
2012-02-16 11:17:55	--------	d-----w-	c:\program files\CCleaner
2012-02-16 11:17:19	--------	d-----w-	c:\documents and settings\michal\ustawienia lokalne\dane aplikacji\Temp
2012-02-16 11:17:07	--------	d-----w-	c:\documents and settings\michal\ustawienia lokalne\dane aplikacji\Google
2012-02-16 10:34:17	--------	d-----w-	c:\documents and settings\michal\dane aplikacji\Malwarebytes
2012-02-16 10:32:35	--------	d-----w-	c:\documents and settings\all users\dane aplikacji\Malwarebytes
2012-02-16 10:32:31	20464	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-02-16 10:32:30	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2012-02-16 09:19:50	--------	d-----w-	c:\documents and settings\michal\dane aplikacji\SUPERAntiSpyware.com
2012-02-16 09:19:22	--------	d-----w-	c:\program files\SUPERAntiSpyware
2012-02-16 09:19:22	--------	d-----w-	c:\documents and settings\all users\dane aplikacji\SUPERAntiSpyware.com
2012-02-15 22:19:55	175616	----a-w-	c:\windows\system32\unrar.dll
2012-02-15 22:19:45	839680	----a-w-	c:\windows\system32\lameACM.acm
2012-02-15 22:19:44	74752	----a-w-	c:\windows\system32\ff_vfw.dll
2012-02-15 22:19:44	650752	----a-w-	c:\windows\system32\xvidcore.dll
2012-02-15 22:19:44	243200	----a-w-	c:\windows\system32\xvidvfw.dll
2012-02-15 22:19:44	151552	----a-w-	c:\windows\system32\ac3acm.acm
2012-02-15 22:19:38	--------	d-----w-	c:\program files\K-Lite Codec Pack
2012-02-15 22:19:10	40960	------r-	c:\windows\system32\ChCfg.exe
2012-02-15 22:17:44	5824	----a-w-	c:\windows\system32\drivers\ASUSHWIO.SYS
2012-02-15 21:51:51	--------	d-----w-	c:\documents and settings\michal\ustawienia lokalne\dane aplikacji\DC++
2012-02-15 21:51:51	--------	d-----w-	c:\documents and settings\michal\dane aplikacji\DC++
2012-02-15 21:50:42	--------	d-----w-	c:\program files\DC++
2012-02-15 20:29:54	28552	----a-w-	c:\windows\system32\drivers\pavboot.sys
2012-02-15 20:29:16	--------	d-----w-	c:\program files\Panda Security
2012-02-15 20:18:40	--------	d-----w-	c:\documents and settings\michal\ustawienia lokalne\dane aplikacji\ESET
2012-02-15 20:18:40	--------	d-----w-	c:\documents and settings\michal\dane aplikacji\ESET
2012-02-15 20:17:12	--------	d-----w-	c:\program files\ESET
2012-02-15 20:12:06	--------	d-----w-	c:\documents and settings\all users\dane aplikacji\NVIDIA Corporation
2012-02-15 20:10:51	--------	d-----w-	C:\NVIDIA
2012-02-15 20:03:19	--------	d-s---w-	c:\windows\system32\Microsoft
2012-02-15 20:00:59	53248	----a-w-	c:\windows\system32\dllcache\nextlink.dll
.
==================== Find3M  ====================
.
2012-02-15 20:11:56	285176	----a-w-	c:\windows\system32\nvdrsdb0.bin
2012-02-15 20:11:56	1	----a-w-	c:\windows\system32\nvdrssel.bin
2012-02-15 20:11:52	285176	----a-w-	c:\windows\system32\nvdrsdb1.bin
.
============= FINISH: 19:11:31,71 ===============