wklejto.pl

Dodane przez: ~baden15 (2009-02-06 21:12) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
241.
242.
243.
244.
245.
246.
247.
ComboFix 09-02-06.01 - admin 2009-02-06 21:04:13.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium   6.0.6001.1.1250.1.1045.18.1014.278 [GMT 1:00]
Uruchomiony z: c:\\users\\admin\\Desktop\\ComboFix.exe
AV: avast! antivirus 4.8.1296 [VPS 090117-0] *On-access scanning enabled* (Updated)
.
 
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Poprzednie uruchomienie -------
.
c:\\windows\\system32\\x64
 
.
(((((((((((((((((((((((((   Pliki utworzone od 2009-01-06 do 2009-02-06  )))))))))))))))))))))))))))))))
.
 
2009-02-06 20:50 . 2009-02-06 20:51     214,207,482     --a------       c:\\windows\\MEMORY.DMP
2009-02-06 20:24 . 2009-02-06 20:24     <DIR>   d--------       c:\\program files\\Microsoft.NET
2009-02-06 20:21 . 2009-02-06 20:21     <DIR>   d--------       c:\\program files\\Microsoft Visual Studio 8
2009-02-06 20:20 . 2009-02-06 20:20     <DIR>   dr-h-----       C:\\MSOCache
2009-02-06 20:05 . 2009-02-06 20:36     <DIR>   d--------       c:\\users\\admin\\AppData\\Roaming\\foobar2000
2009-02-06 20:05 . 2009-02-06 20:05     <DIR>   d--------       c:\\program files\\foobar2000
2009-02-06 19:01 . 2009-02-06 19:01     <DIR>   d--------       c:\\program files\\CCleaner
2009-02-01 12:28 . 2009-02-01 12:28     <DIR>   d--------       c:\\program files\\Common Files\\Adobe AIR
2009-02-01 12:16 . 2009-02-01 15:47     <DIR>   d--------       c:\\users\\All Users\\NOS
2009-02-01 12:16 . 2009-02-01 15:47     <DIR>   d--------       c:\\programdata\\NOS
2009-02-01 12:16 . 2009-02-01 15:47     <DIR>   d--------       c:\\program files\\NOS
2009-01-26 14:07 . 2009-02-03 11:20     <DIR>   d--------       c:\\users\\admin\\AppData\\Roaming\\NetMeter
2009-01-26 14:07 . 2009-02-06 16:59     <DIR>   d--------       c:\\program files\\NetMeter
2009-01-19 09:52 . 2009-01-19 09:52     <DIR>   d--------       c:\\program files\\SuperMemo Extreme English!
2009-01-19 09:43 . 2009-01-19 09:43     <DIR>   d--------       c:\\windows\\Downloaded Installations
2009-01-19 09:42 . 1998-10-29 16:45     306,688 --a------       c:\\windows\\IsUninst.exe
2009-01-19 09:17 . 2009-01-19 09:17     <DIR>   d--------       C:\\sm
2009-01-18 22:50 . 2008-04-26 09:26     891,448 --a------       c:\\windows\\System32\\drivers\\tcpip.sys
2009-01-18 22:49 . 2008-08-02 02:01     625,152 --a------       c:\\windows\\System32\\drivers\\dxgkrnl.sys
2009-01-18 22:49 . 2008-06-26 04:29     565,248 --a------       c:\\windows\\System32\\emdmgmt.dll
2009-01-18 22:49 . 2008-05-20 03:07     148,480 --a------       c:\\windows\\System32\\drivers\\nwifi.sys
2009-01-18 22:49 . 2008-06-26 04:29     45,056  --a------       c:\\windows\\System32\\dataclen.dll
2009-01-18 22:49 . 2008-08-02 04:26     36,864  --a------       c:\\windows\\System32\\cdd.dll
2009-01-18 09:25 . 2009-01-18 09:25     0       --ah-----       c:\\windows\\System32\\drivers\\Msft_User_WpdFs_01_00_00.Wdf
2009-01-17 19:15 . 2009-01-17 19:15     <DIR>   d--------       C:\\PerfLogs
2009-01-15 10:13 . 2008-12-16 03:42     288,768 --a------       c:\\windows\\System32\\drivers\\srv.sys
 
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-06 19:33        ---------       d-----w c:\\programdata\\Microsoft Help
2009-02-06 19:28        ---------       d-----w c:\\program files\\Microsoft Works
2009-02-06 19:27        ---------       d-----w c:\\program files\\MSBuild
2009-02-06 19:05        ---------       d-----w c:\\program files\\DAEMON Tools Toolbar
2009-02-06 16:12        ---------       d--h--w c:\\program files\\InstallShield Installation Information
2009-02-03 10:20        ---------       d-----w c:\\users\\admin\\AppData\\Roaming\\iPlus
2009-02-01 11:27        ---------       d-----w c:\\program files\\Common Files\\Adobe
2009-01-22 09:10        ---------       d-----w c:\\users\\admin\\AppData\\Roaming\\OpenOffice.ux.pl2
2009-01-17 18:26        174     --sha-w c:\\program files\\desktop.ini
2009-01-17 18:16        ---------       d-----w c:\\program files\\Windows Sidebar
2009-01-17 18:16        ---------       d-----w c:\\program files\\Windows Photo Gallery
2009-01-17 18:16        ---------       d-----w c:\\program files\\Windows Mail
2009-01-17 18:16        ---------       d-----w c:\\program files\\Windows Journal
2009-01-17 18:16        ---------       d-----w c:\\program files\\Windows Defender
2009-01-17 18:16        ---------       d-----w c:\\program files\\Windows Collaboration
2009-01-17 18:16        ---------       d-----w c:\\program files\\Windows Calendar
2009-01-15 09:06        ---------       d-----w c:\\program files\\iPlus
2009-01-03 11:11        ---------       d-----w c:\\program files\\Panda Security
2008-12-21 08:32        ---------       d-----w c:\\program files\\Common Files\\InstallShield
2008-12-21 08:22        717,296 ----a-w c:\\windows\\system32\\drivers\\sptd.sys
2008-12-21 08:22        ---------       d-----w c:\\users\\admin\\AppData\\Roaming\\DAEMON Tools
2008-05-03 09:12        90,600  ----a-w c:\\users\\admin\\AppData\\Roaming\\GDIPFONTCACHEV1.DAT
2008-04-05 12:11        0       ----a-w c:\\users\\admin\\AppData\\Roaming\\wklnhst.dat
2008-07-09 13:43        16,384  --sha-w c:\\windows\\ServiceProfiles\\LocalService\\AppData\\Local\\Microsoft\\Windows\\History\\History.IE5\\index.dat
2008-07-09 13:43        32,768  --sha-w c:\\windows\\ServiceProfiles\\LocalService\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\index.dat
2008-07-09 13:43        16,384  --sha-w c:\\windows\\ServiceProfiles\\LocalService\\AppData\\Roaming\\Microsoft\\Windows\\Cookies\\index.dat
.
 
(((((((((((((((((((((((((((((   SnapShot@2009-02-06_20.48.06,73   )))))))))))))))))))))))))))))))))))))))))
.
- 2009-02-06 15:54:36   2,048   --sha-w c:\\windows\\ServiceProfiles\\LocalService\\AppData\\Local\\lastalive0.dat
+ 2009-02-06 19:50:44   2,048   --sha-w c:\\windows\\ServiceProfiles\\LocalService\\AppData\\Local\\lastalive0.dat
- 2009-02-06 15:54:36   2,048   --sha-w c:\\windows\\ServiceProfiles\\LocalService\\AppData\\Local\\lastalive1.dat
+ 2009-02-06 19:50:44   2,048   --sha-w c:\\windows\\ServiceProfiles\\LocalService\\AppData\\Local\\lastalive1.dat
- 2009-02-06 19:32:54   262,144 --sha-w c:\\windows\\ServiceProfiles\\LocalService\\ntuser.dat
+ 2009-02-06 19:54:03   262,144 --sha-w c:\\windows\\ServiceProfiles\\LocalService\\ntuser.dat
+ 2009-02-06 19:54:03   262,144 ---ha-w c:\\windows\\ServiceProfiles\\LocalService\\ntuser.dat.LOG1
- 2009-02-06 19:32:49   262,144 --sha-w c:\\windows\\ServiceProfiles\\NetworkService\\ntuser.dat
+ 2009-02-06 19:53:42   262,144 --sha-w c:\\windows\\ServiceProfiles\\NetworkService\\ntuser.dat
+ 2009-02-06 19:53:42   262,144 ---ha-w c:\\windows\\ServiceProfiles\\NetworkService\\ntuser.dat.LOG1
- 2009-01-17 18:20:38   344,352 ----a-w c:\\windows\\System32\\FNTCACHE.DAT
+ 2009-02-06 19:52:14   426,912 ----a-w c:\\windows\\System32\\FNTCACHE.DAT
- 2009-02-06 16:01:34   101,250 ----a-w c:\\windows\\System32\\perfc009.dat
+ 2009-02-06 19:58:05   101,250 ----a-w c:\\windows\\System32\\perfc009.dat
- 2009-02-06 16:01:34   126,908 ----a-w c:\\windows\\System32\\perfc015.dat
+ 2009-02-06 19:58:05   126,908 ----a-w c:\\windows\\System32\\perfc015.dat
- 2009-02-06 16:01:34   587,178 ----a-w c:\\windows\\System32\\perfh009.dat
+ 2009-02-06 19:58:05   587,178 ----a-w c:\\windows\\System32\\perfh009.dat
- 2009-02-06 16:01:34   662,056 ----a-w c:\\windows\\System32\\perfh015.dat
+ 2009-02-06 19:58:05   662,056 ----a-w c:\\windows\\System32\\perfh015.dat
- 2009-02-06 15:57:52   9,592   ----a-w c:\\windows\\System32\\WDI\\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\\S-1-5-21-422357331-1049040473-2238325268-1000_UserData.bin
+ 2009-02-06 19:54:16   9,824   ----a-w c:\\windows\\System32\\WDI\\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\\S-1-5-21-422357331-1049040473-2238325268-1000_UserData.bin
- 2009-02-06 15:57:52   79,416  ----a-w c:\\windows\\System32\\WDI\\BootPerformanceDiagnostics_SystemData.bin
+ 2009-02-06 19:54:16   79,424  ----a-w c:\\windows\\System32\\WDI\\BootPerformanceDiagnostics_SystemData.bin
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
 
[HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run]
\"ehTray.exe\"=\"c:\\windows\\ehome\\ehTray.exe\" [2008-01-19 125952]
\"Sidebar\"=\"c:\\program files\\Windows Sidebar\\sidebar.exe\" [2008-01-19 1233920]
\"WMPNSCFG\"=\"c:\\program files\\Windows Media Player\\WMPNSCFG.exe\" [2008-01-19 202240]
\"TOSCDSPD\"=\"TOSCDSPD.EXE\" [BU]
 
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run]
\"SynTPEnh\"=\"c:\\program files\\Synaptics\\SynTP\\SynTPEnh.exe\" [2007-06-22 894248]
\"topi\"=\"c:\\program files\\TOSHIBA\\Toshiba Online Product Information\\topi.exe\" [2007-07-10 581632]
\"Desktop SMS\"=\"c:\\program files\\IDM\\Desktop SMS\\DesktopSMS.exe\" [2007-06-18 1507328]
\"Toshiba Registration\"=\"c:\\program files\\Toshiba\\Registration\\ToshibaRegistration.exe\" [2007-05-04 571024]
\"Toshiba TEMPO\"=\"c:\\program files\\Toshiba TEMPO\\Toshiba.Tempo.UI.TrayApplication.exe\" [2007-10-29 103824]
\"iPlusManager\"=\"c:\\program files\\iPlus\\iPlusChecker.exe\" [2007-08-29 385024]
\"IgfxTray\"=\"c:\\windows\\system32\\igfxtray.exe\" [2008-01-02 141848]
\"HotKeysCmds\"=\"c:\\windows\\system32\\hkcmd.exe\" [2008-01-02 166424]
\"Persistence\"=\"c:\\windows\\system32\\igfxpers.exe\" [2008-01-02 133656]
\"avast!\"=\"c:\\progra~1\\ALWILS~1\\Avast4\\ashDisp.exe\" [2008-11-26 81000]
\"Symantec PIF AlertEng\"=\"c:\\program files\\Common Files\\Symantec Shared\\PIF\\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\\PIFSvc.exe\" [2008-01-29 583048]
\"SunJavaUpdateSched\"=\"c:\\program files\\Java\\jre1.6.0_05\\bin\\jusched.exe\" [2008-02-22 144784]
\"GrooveMonitor\"=\"c:\\program files\\Microsoft Office\\Office12\\GrooveMonitor.exe\" [2006-10-27 31016]
\"RtHDVCpl\"=\"RtHDVCpl.exe\" [2007-07-06 c:\\windows\\RtHDVCpl.exe]
\"Skytel\"=\"Skytel.exe\" [2007-06-15 c:\\windows\\SkyTel.exe]
\"NDSTray.exe\"=\"NDSTray.exe\" [BU]
 
c:\\users\\admin\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\
Adobe Gamma.lnk - c:\\program files\\Common Files\\Adobe\\Calibration\\Adobe Gamma Loader.exe [2005-03-16 113664]
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\windows\\currentversion\\policies\\system]
\"EnableUIADesktopToggle\"= 0 (0x0)
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\windows nt\\currentversion\\winlogon\\notify\\psfus]
2005-05-11 18:57 1015808 c:\\program files\\SanDisk\\CruzerLogin\\homefus.dll
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\windows nt\\currentversion\\drivers32]
\"msacm.dvacm\"= c:\\progra~1\\COMMON~1\\ULEADS~1\\vio\\dvacm.acm
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\security center]
\"UacDisableNotify\"=dword:00000001
\"InternetSettingsDisableNotify\"=dword:00000001
\"AutoUpdateDisableNotify\"=dword:00000001
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\security center\\Monitoring]
\"DisableMonitoring\"=dword:00000001
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\security center\\Monitoring\\SymantecAntiVirus]
\"DisableMonitoring\"=dword:00000001
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\security center\\Monitoring\\SymantecFirewall]
\"DisableMonitoring\"=dword:00000001
 
[HKLM\\~\\services\\sharedaccess\\parameters\\firewallpolicy\\FirewallRules]
\"{20448B4C-47E2-4063-B4C6-1091CE2C95E8}\"= UDP:c:\\program files\\Microsoft Office\\Office12\\ONENOTE.EXE:Microsoft Office OneNote
\"{E37B855A-CAEA-49CA-AA29-D1FAC254BB65}\"= TCP:c:\\program files\\Microsoft Office\\Office12\\ONENOTE.EXE:Microsoft Office OneNote
\"TCP Query User{BACEC8FB-72B0-4BD7-A6DD-FCD756FBD8FD}c:\\\\program files\\\\gadu-gadu\\\\gg.exe\"= UDP:c:\\program files\\gadu-gadu\\gg.exe:Gadu-Gadu - program główny
\"UDP Query User{915DF7F2-AD67-4682-8979-BC4FB70CCB82}c:\\\\program files\\\\gadu-gadu\\\\gg.exe\"= TCP:c:\\program files\\gadu-gadu\\gg.exe:Gadu-Gadu - program główny
\"TCP Query User{363A02C9-5505-452B-A8EC-BF8CD750BC38}c:\\\\program files\\\\internet explorer\\\\iexplore.exe\"= UDP:c:\\program files\\internet explorer\\iexplore.exe:Internet Explorer
\"UDP Query User{F93CBFFF-2330-4282-8B82-909F31FA78A1}c:\\\\program files\\\\internet explorer\\\\iexplore.exe\"= TCP:c:\\program files\\internet explorer\\iexplore.exe:Internet Explorer
\"{43C8FE1E-2E22-4DB9-85AE-926F4880F2A3}\"= UDP:c:\\program files\\Winamp Remote\\bin\\Orb.exe:Orb
\"{3475F65F-7A5B-48E5-AE0F-C07AD74D37E0}\"= TCP:c:\\program files\\Winamp Remote\\bin\\Orb.exe:Orb
\"{9221C980-FE82-4073-8EBA-F103E77ADF81}\"= UDP:c:\\program files\\Winamp Remote\\bin\\OrbTray.exe:OrbTray
\"{C6464A10-3F03-4EFC-BA02-EDFEF9FE6110}\"= TCP:c:\\program files\\Winamp Remote\\bin\\OrbTray.exe:OrbTray
\"{1FC3414A-C121-4B3D-9F89-01C6C2C5B18D}\"= UDP:c:\\program files\\Winamp Remote\\bin\\OrbIR.exe:OrbIR
\"{C7F58C93-B198-41E3-B31B-27DF5E289660}\"= TCP:c:\\program files\\Winamp Remote\\bin\\OrbIR.exe:OrbIR
\"{75EE64D0-C896-4E29-A52B-50D1B822566E}\"= UDP:c:\\program files\\Winamp Remote\\bin\\OrbStreamerClient.exe:Orb Stream Client
\"{2EBB3575-2536-4F98-972F-8A8D89F5C9EC}\"= TCP:c:\\program files\\Winamp Remote\\bin\\OrbStreamerClient.exe:Orb Stream Client
\"{2D83A123-64C7-4BE7-8E6F-0B414696447F}\"= TCP:6004|c:\\program files\\Microsoft Office\\Office12\\outlook.exe:Microsoft Office Outlook
\"{244DA2E3-638F-42B7-8714-73BEE0110024}\"= UDP:c:\\program files\\Microsoft Office\\Office12\\GROOVE.EXE:Microsoft Office Groove
\"{6F0A3C93-51E5-426E-A779-93C3EF3B2D14}\"= TCP:c:\\program files\\Microsoft Office\\Office12\\GROOVE.EXE:Microsoft Office Groove
 
R0 pavboot;pavboot;c:\\windows\\System32\\drivers\\pavboot.sys [2009-01-05 28544]
R1 aswSP;avast! Self Protection;c:\\windows\\System32\\drivers\\aswSP.sys [2008-04-05 111184]
R2 aswFsBlk;aswFsBlk;c:\\windows\\System32\\drivers\\aswFsBlk.sys [2008-04-05 20560]
R2 aswMonFlt;aswMonFlt;c:\\windows\\System32\\drivers\\aswMonFlt.sys [2008-04-05 51792]
R2 TempoMonitoringService;Notebook Performance Tuning Service ;c:\\program files\\Toshiba TEMPO\\TempoSVC.exe [2007-10-29 95624]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11g 54Mbps USB 2.0 Network Adapter;c:\\windows\\System32\\drivers\\rtl8187B.sys [2007-12-13 252416]
S3 getPlus(R) Helper;getPlus(R) Helper;c:\\program files\\NOS\\bin\\getPlus_HelperSvc.exe [2009-02-01 33752]
 
[HKEY_CURRENT_USER\\software\\microsoft\\windows\\currentversion\\explorer\\mountpoints2\\D]
\\shell\\AutoRun\\command - D:\\CruzerProfile.exe /autorun
 
[HKEY_CURRENT_USER\\software\\microsoft\\windows\\currentversion\\explorer\\mountpoints2\\{19223ea9-f338-11dc-8410-001d60f5f6a6}]
\\shell\\AutoRun\\command - CONFIG\\S-1-5-21-1482476501-1644491937-682003330-1013\\Cfg.exe
\\shell\\open\\command - CONFIG\\S-1-5-21-1482476501-1644491937-682003330-1013\\Cfg.exe
 
[HKEY_CURRENT_USER\\software\\microsoft\\windows\\currentversion\\explorer\\mountpoints2\\{43532467-b49c-11dc-8026-0016447322d1}]
\\shell\\AutoRun\\command - G:\\CruzerProfile.exe /autorun
 
[HKEY_CURRENT_USER\\software\\microsoft\\windows\\currentversion\\explorer\\mountpoints2\\{bd4fecd3-0899-11dd-8fb9-001d60f5f6a6}]
\\shell\\AutoRun\\command - D:\\EXPLORER.EXE
\\shell\\explore\\Command - D:\\EXPLORER.EXE
\\shell\\open\\Command - D:\\EXPLORER.EXE
 
[HKEY_CURRENT_USER\\software\\microsoft\\windows\\currentversion\\explorer\\mountpoints2\\{ea9108f9-cf38-11dd-8aff-dfae76a741fc}]
\\shell\\AutoRun\\command - d:\\setup\\rsrc\\autorun.exe
\\shell\\dinstall\\command - d:\\directx\\dxsetup.exe
.
Zawartość folderu \'Zaplanowane zadania\'
 
2009-02-06 c:\\windows\\Tasks\\User_Feed_Synchronization-{A3A8F6BF-A9AF-45F5-9CEC-84565EDD8FEB}.job
- c:\\windows\\system32\\msfeedssync.exe [2008-01-19 08:33]
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.pajacyk.pl/
IE: E&ksport do programu Microsoft Excel - c:\\progra~1\\MICROS~4\\Office10\\EXCEL.EXE/3000
IE: E&ksportuj do programu Microsoft Excel - c:\\progra~1\\MICROS~3\\Office12\\EXCEL.EXE/3000
IE: {{76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/4908-44618-9400-3/4
IE: {{8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/redirect-home?tag=Toshibaukbholink-21&site=home
TCP: {9B03F120-AD49-49D1-A161-201729DBFB9A} = 217.30.129.149,217.30.137.200
FF - ProfilePath - c:\\users\\admin\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\h8lwv8f3.default\\
FF - prefs.js: browser.startup.homepage - hxxp://www.pajacyk.pl/
.
 
**************************************************************************
 
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-06 21:07:47
Windows 6.0.6001 Service Pack 1 NTFS
 
skanowanie ukrytych procesów ...  
 
skanowanie ukrytych wpisów autostartu ... 
 
skanowanie ukrytych plików ...  
 
skanowanie pomyślnie ukończone
ukryte pliki: 0
 
**************************************************************************
.
Czas ukończenia: 2009-02-06 21:10:33
ComboFix-quarantined-files.txt  2009-02-06 20:10:28
 
Przed: 17,762,328,576 bajtów wolnych
Po: 17,732,407,296 bajtów wolnych
 
213     --- E O F ---   2009-02-06 16:19:27
 
Wygenerowano w 0.114s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!