Kod: 25580 WKLEJTO.PL Darmowa wklejka, na zawsze!

1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13. 14. 15. 16. 17. 18. 19. 20. 21. 22. 23. 24. 25. 26. 27. 28. 29. 30. 31. 32. 33. 34. 35. 36. 37. 38. 39. 40. 41. 42. 43. 44. 45. 46. 47. 48. 49. 50. 51. 52. 53. 54. 55. 56. 57. 58. 59. 60. 61. 62. 63. 64. 65. 66. 67. 68. 69. 70. 71. 72. 73. 74. 75. 76. 77. 78. 79. 80. 81. 82. 83. 84. 85. 86. 87. 88. 89. 90. 91. 92. 93. 94. 95. 96. 97. 98. 99. 100. 101. 102. 103. 104. 105. 106. 107. 108. 109. 110. 111. 112. 113. 114. 115. 116. 117. 118. 119. 120. 121. 122. 123. 124. 125. 126. 127. 128. 129. 130. 131. 132. 133. 134. 135. 136. 137. 138. 139. 140. 141. 142. 143. 144. 145. 146. 147. 148. 149. 150. 151. 152. 153. 154. 155. 156. 157. 158. 159. 160. 161. 162. 163. 164. 165. 166. 167. 168. 169. 170. 171. 172. 173. 174. 175. 176. 177. 178. 179. 180. 181. 182. 183. 184. 185. 186. 187. 188. 189. 190. 191. 192. 193. 194. 195. 196. 197. 198. 199. 200. 201. 202. 203. 204. 205. 206. 207. 208. 209. 210. 211. 212. 213. 214. 215. 216. 217. 218. 219. 220. 221. 222. 223. 224. 225. 226. 227. 228. 229. 230. 231. 232. 233. 234. 235. 236. 237. 238. 239. 240. 241. 242. 243. 244. 245. 246. 247. 248. 249. 250. 251. 252. 253. 254. 255. 256. 257. 258. 259. 260. 261. 262. 263. 264. 265. 266. 267. 268. 269. 270. 271. 272. 273. 274. 275. 276. 277. 278. 279. 280. 281. 282. 283. 284. 285. 286. 287. 288. 289. 290. 291. 292. 293. 294. 295. 296. 297. 298. 299. 300. 301. 302. 303.

ComboFix 09-02-07.01 - x 2009-02-08 16:55:13.9 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.1535.1054 [GMT 1:00] Uruchomiony z: c:\\documents and settings\\x\\Pulpit\\ComboFix.exe * Utworzono nowy punkt przywracania UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !! . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\\program files\\INSTALL.LOG c:\\recycler\\S-1-5-21-1482476501-1644491937-682003330-1013 c:\\recycler\\S-1-5-21-1482476501-1644491937-682003330-1013\\Desktop.ini . ((((((((((((((((((((((((( Pliki utworzone od 2009-01-08 do 2009-02-08 ))))))))))))))))))))))))))))))) . 2009-02-03 15:18 . 2009-02-07 09:46 2,447 --a------ c:\\documents and settings\\x\\clf32.exe 2009-02-02 18:54 . 2009-02-02 18:54 5,120 --ahs---- c:\\windows\\system32\\Thumbs.db 2009-01-31 16:42 . 2009-02-05 15:36 101,287 --a------ c:\\windows\\system32\\drivers\\klin.dat 2009-01-31 16:42 . 2009-02-05 15:36 89,601 --a------ c:\\windows\\system32\\drivers\\klick.dat 2009-01-31 16:41 . 2009-01-31 16:41 <DIR> d-------- c:\\program files\\Kaspersky Lab 2009-01-31 16:41 . 2009-02-08 16:57 1,867,296 --ahs---- c:\\windows\\system32\\drivers\\fidbox.dat 2009-01-31 16:41 . 2009-02-08 16:57 262,176 --ahs---- c:\\windows\\system32\\drivers\\fidbox2.dat 2009-01-31 16:41 . 2009-02-08 16:57 17,764 --ahs---- c:\\windows\\system32\\drivers\\fidbox.idx 2009-01-31 16:41 . 2009-02-08 16:57 3,024 --ahs---- c:\\windows\\system32\\drivers\\fidbox2.idx 2009-01-31 16:37 . 2009-01-31 16:37 <DIR> d-------- c:\\documents and settings\\All Users\\Dane aplikacji\\Kaspersky Lab Setup Files 2009-01-31 13:04 . 2009-01-31 13:04 <DIR> d-------- c:\\program files\\Frets on Fire 2009-01-31 13:04 . 2009-01-31 13:07 <DIR> d-------- c:\\program files\\Alarian . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-02-08 15:58 --------- d-----w c:\\documents and settings\\x\\Dane aplikacji\\DMCache 2009-02-08 15:49 --------- d-----w c:\\documents and settings\\All Users\\Dane aplikacji\\Kaspersky Lab 2009-02-05 18:36 --------- d-----w c:\\documents and settings\\x\\Dane aplikacji\\Skype 2009-02-05 18:10 --------- d-----w c:\\documents and settings\\x\\Dane aplikacji\\skypePM 2009-01-31 14:52 --------- d-----w c:\\program files\\CCleaner 2009-01-17 14:57 --------- d-----w c:\\documents and settings\\x\\Dane aplikacji\\IDM 2009-01-15 10:36 --------- d-----w c:\\documents and settings\\x\\Dane aplikacji\\EPSON 2009-01-08 18:43 --------- d-----w c:\\program files\\MSECache 2009-01-07 19:16 --------- d-----w c:\\program files\\Internet Download Manager 2009-01-06 19:54 --------- d--h--w c:\\program files\\InstallShield Installation Information 2009-01-06 19:53 --------- d-----w c:\\program files\\Quake III Arena 2009-01-02 19:18 --------- d-----w c:\\program files\\Common Files\\snpstd3 2009-01-02 17:45 --------- d-----w c:\\documents and settings\\x\\Dane aplikacji\\Moyea 2008-12-30 17:16 --------- d-----w c:\\program files\\FlashGet 2008-12-30 17:03 --------- d-----w c:\\program files\\Orbitdownloader 2008-12-30 17:03 --------- d-----w c:\\documents and settings\\x\\Dane aplikacji\\Orbit 2008-12-22 18:27 --------- d-----w c:\\program files\\Common Files\\Skype 2008-12-19 19:49 138,184 ----a-w c:\\windows\\system32\\drivers\\PnkBstrK.sys 2008-12-19 19:31 --------- d-----w c:\\documents and settings\\x\\Dane aplikacji\\Leadertech 2008-12-09 16:58 --------- d-----w c:\\program files\\directx 2008-12-08 07:54 --------- d-----w c:\\program files\\Acala 3GP Movies Free 2008-12-08 07:37 --------- d-----w c:\\documents and settings\\All Users\\Dane aplikacji\\aHisoft 2004-03-11 12:27 40,960 ----a-w c:\\program files\\Uninstall_CDS.exe 2002-07-01 14:13 243 --sha-w c:\\documents and settings\\All Users\\Dane aplikacji\\system16driver.dat . ------- Sigcheck ------- 2004-08-03 22:14 359040 9f4b36614a0fc234525ba224957de55c c:\\windows\\system32\\dllcache\\tcpip.sys 2004-08-03 22:14 359040 6a603809f598332dbedd535bdbce313e c:\\windows\\system32\\drivers\\tcpip.sys . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 [HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run] \"ctfmon.exe\"=\"c:\\windows\\system32\\ctfmon.exe\" [2004-08-03 15360] \"IDMan\"=\"c:\\program files\\Internet Download Manager\\IDMan.exe\" [2008-09-13 931248] [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run] \"SunJavaUpdateSched\"=\"c:\\program files\\Java\\jre1.5.0_03\\bin\\jusched.exe\" [2005-04-13 36975] \"ATIPTA\"=\"c:\\program files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe\" [2004-11-30 344064] \"Adobe Reader Speed Launcher\"=\"c:\\program files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\" [2008-06-12 34672] \"StartCCC\"=\"c:\\program files\\ATI Technologies\\ATI.ACE\\Core-Static\\CLIStart.exe\" [2008-01-21 61440] \"WinampAgent\"=\"c:\\program files\\Winamp\\winampa.exe\" [2008-08-04 36352] \"FixCamera\"=\"c:\\windows\\FixCamera.exe\" [2007-07-11 20480] \"snpstd3\"=\"c:\\windows\\vsnpstd3.exe\" [2007-05-10 835584] \"tsnpstd3\"=\"c:\\windows\\tsnpstd3.exe\" [2007-04-21 270336] \"AVP\"=\"c:\\program files\\Kaspersky Lab\\Kaspersky Anti-Virus 2009\\avp.exe\" [2008-11-11 206088] [HKEY_USERS\\.DEFAULT\\Software\\Microsoft\\Windows\\CurrentVersion\\Run] \"CTFMON.EXE\"=\"c:\\windows\\system32\\CTFMON.EXE\" [2004-08-03 15360] c:\\documents and settings\\x\\Menu Start\\Programy\\Autostart\\ dslmon.exe [2007-02-13 1205840] Skr˘t do daemon.lnk - c:\\program files\\DAEMON Tools\\daemon.exe [2008-06-23 171464] c:\\documents and settings\\All Users\\Menu Start\\Programy\\Autostart\\ DSLMON.lnk - c:\\program files\\SAGEM\\SAGEM F@st 800-840\\dslmon.exe [2008-07-30 1205840] [HKEY_CURRENT_USER\\software\\microsoft\\windows\\currentversion\\policies\\explorer] \"NoStartMenuSubFolders\"= 1 (0x1) \"NoFavoritesMenu\"= 1 (0x1) [HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\ATIPTA] --a------ 2004-11-30 20:10 344064 c:\\program files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe [HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\CTFMON.EXE] --a------ 2004-08-03 23:44 15360 c:\\windows\\system32\\ctfmon.exe [HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\DAEMON Tools] --a------ 2007-08-29 16:09 171464 c:\\program files\\DAEMON Tools\\daemon.exe [HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\Google IME Autoupdater] --a------ 2008-01-07 11:15 251376 c:\\program files\\Google\\Google Pinyin\\GooglePinyinDaemon.exe [HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\NeroFilterCheck] --a------ 2001-07-09 11:50 155648 c:\\windows\\system32\\NeroCheck.exe [HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\RemoteControl] --------- 2003-12-08 17:35 32768 c:\\program files\\CyberLink DVD Solution\\PowerDVD\\PDVDServ.exe [HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\USB Storage Toolbox] --a------ 2005-09-14 20:44 65536 c:\\program files\\USB Disk Win98 Driver\\Res.exe [HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\SoundMan] --a------ 2004-06-18 09:31 67584 c:\\windows\\SOUNDMAN.EXE [HKEY_LOCAL_MACHINE\\software\\microsoft\\security center] \"AntiVirusDisableNotify\"=dword:00000001 \"UpdatesDisableNotify\"=dword:00000001 [HKEY_LOCAL_MACHINE\\software\\microsoft\\security center\\Monitoring\\KasperskyAntiVirus] \"DisableMonitoring\"=dword:00000001 [HKLM\\~\\services\\sharedaccess\\parameters\\firewallpolicy\\standardprofile] \"EnableFirewall\"= 0 (0x0) [HKLM\\~\\services\\sharedaccess\\parameters\\firewallpolicy\\standardprofile\\AuthorizedApplications\\List] \"d:\\\\Gry\\\\PES 2009\\\\pes2009.exe\"= \"d:\\\\Gry\\\\ds II\\\\DungeonSiege2.exe\"= \"c:\\\\Program Files\\\\Skype\\\\Phone\\\\Skype.exe\"= [HKLM\\~\\services\\sharedaccess\\parameters\\firewallpolicy\\standardprofile\\GloballyOpenPorts\\List] \"54321:TCP\"= 54321:TCP:BitComet 54321 TCP \"54321:UDP\"= 54321:UDP:BitComet 54321 UDP R0 klbg;Kaspersky Lab Boot Guard Driver;c:\\windows\\system32\\drivers\\klbg.sys [2008-01-29 32784] R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);c:\\windows\\system32\\drivers\\sfsync03.sys [2005-10-13 35328] R2 LicCtrlService;LicCtrl Service;c:\\windows\\Runservice.exe [2007-04-26 2560] R3 e4usbaw;USB ADSL2 WAN Adapter;c:\\windows\\system32\\drivers\\e4usbaw.sys [2008-07-30 104344] R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\\windows\\system32\\drivers\\klim5.sys [2008-04-30 24592] R3 RMSPPPOE;WAN Miniport (PPP over Ethernet Protocol);c:\\windows\\system32\\drivers\\RMSPPPOE.SYS [2007-03-02 33792] S2 E4LOADER;General Purpose USB Driver (e4ldr.sys);c:\\windows\\system32\\drivers\\e4ldr.sys [2008-07-30 69656] S3 ASPI;Advanced SCSI Programming Interface Driver;c:\\windows\\system32\\drivers\\ASPI32.SYS [2008-05-23 16512] S3 KS-959;MA-620 USB Infrared Adapter;c:\\windows\\system32\\drivers\\KS-959.sys [2007-05-12 19034] S3 SE2Fbus;Sony Ericsson Device 047 Driver driver (WDM);c:\\windows\\system32\\drivers\\SE2Fbus.sys [2008-01-26 61600] S3 SE2Fmdfl;Sony Ericsson Device 047 USB WMC Modem Filter;c:\\windows\\system32\\drivers\\SE2Fmdfl.sys [2008-01-26 9360] S3 SE2Fmdm;Sony Ericsson Device 047 USB WMC Modem Driver;c:\\windows\\system32\\drivers\\SE2Fmdm.sys [2008-01-26 97184] S3 SE2Fmgmt;Sony Ericsson Device 047 USB WMC Device Management Drivers (WDM);c:\\windows\\system32\\drivers\\SE2Fmgmt.sys [2008-01-26 88688] S3 se2Fnd5;Sony Ericsson Device 047 USB Ethernet Emulation SEMC47 (NDIS);c:\\windows\\system32\\drivers\\se2Fnd5.sys [2008-01-26 18704] S3 SE2Fobex;Sony Ericsson Device 047 USB WMC OBEX Interface;c:\\windows\\system32\\drivers\\SE2Fobex.sys [2008-01-26 86560] S3 se2Funic;Sony Ericsson Device 047 USB Ethernet Emulation SEMC47 (WDM);c:\\windows\\system32\\drivers\\se2Funic.sys [2008-01-26 90800] S3 w200bus;Sony Ericsson W200 driver (WDM);c:\\windows\\system32\\drivers\\w200bus.sys [2008-03-31 61504] S3 w200mdfl;Sony Ericsson W200 USB WMC Modem Filter;c:\\windows\\system32\\drivers\\w200mdfl.sys [2008-03-31 9328] S3 w200mdm;Sony Ericsson W200 USB WMC Modem Driver;c:\\windows\\system32\\drivers\\w200mdm.sys [2008-03-31 97056] S3 w200mgmt;Sony Ericsson W200 USB WMC Device Management Drivers (WDM);c:\\windows\\system32\\drivers\\w200mgmt.sys [2008-03-31 88560] S3 w200obex;Sony Ericsson W200 USB WMC OBEX Interface;c:\\windows\\system32\\drivers\\w200obex.sys [2008-03-31 86368] [HKEY_CURRENT_USER\\software\\microsoft\\windows\\currentversion\\explorer\\mountpoints2\\{6aadcadd-b303-11dd-90ae-0011d8e6aa3d}] \\Shell\\Auto\\command - Start.exe \\Shell\\AutoRun\\command - c:\\windows\\system32\\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Start.exe . - - - - USUNIĘTO PUSTE WPISY - - - - HKCU-Run-I&F Viewer toolbar - d:\\krzysiek\\programy\\Photo Toolkit\\ivbar\\phototoolkitmem.exe HKCU-Run-13CFG914-K641-26SF-N31P - c:\\recycler\\S-1-5-21-0243336031-4052116379-881863308-0950\\vsse33.exe HKLM-Run-c:\\windows\\system32\\kdtqt.exe - c:\\windows\\system32\\kdtqt.exe MSConfigStartUp-ATICCC - c:\\program files\\ATI Technologies\\ATI.ACE\\cli.exe MSConfigStartUp-nod32kui - c:\\program files\\Eset\\nod32kui.exe MSConfigStartUp-WinampAgent - c:\\program files\\Winamp3\\winampa.exe . ------- Skan uzupełniający ------- . uStart Page = hxxp://www.google.pl/ uInternet Connection Wizard,ShellNext = iexplore IE: Download all links using BitComet - c:\\program files\\BitComet\\BitComet.exe/AddAllLink.htm IE: Download all videos using BitComet - c:\\program files\\BitComet\\BitComet.exe/AddVideo.htm IE: Download link using &BitComet - c:\\program files\\BitComet\\BitComet.exe/AddLink.htm IE: E&ksport do programu Microsoft Excel - c:\\progra~1\\MICROS~2\\OFFICE11\\EXCEL.EXE/3000 IE: Pobierz z &BitSpirit - c:\\program files\\BitSpirit\\bsurl.htm IE: Ściągnij przez IDM - c:\\program files\\Internet Download Manager\\IEExt.htm IE: Ściągnij wszystkie linki przez IDM - c:\\program files\\Internet Download Manager\\IEGetAll.htm IE: Ściągnij zawartość wideo FLV przez IDM - c:\\program files\\Internet Download Manager\\IEGetVL.htm LSP: c:\\windows\\system32\\imon.dll FF - ProfilePath - c:\\documents and settings\\x\\Dane aplikacji\\Mozilla\\Firefox\\Profiles\\[u]0[/u]tos844q.default\\ FF - prefs.js: browser.startup.homepage - www.interia.pl FF - prefs.js: network.proxy.type - 4 FF - component: c:\\documents and settings\\x\\Dane aplikacji\\IDM\\idmmzcc2\\components\\idmmzcc.dll FF - plugin: c:\\documents and settings\\x\\Dane aplikacji\\Mozilla\\Firefox\\Profiles\\[u]0[/u]tos844q.default\\extensions\\firefox@tvunetworks.com\\plugins\\npTVUAx.dll FF - plugin: c:\\program files\\Java\\jre1.5.0_03\\bin\\NPJava11.dll FF - plugin: c:\\program files\\Java\\jre1.5.0_03\\bin\\NPJava12.dll FF - plugin: c:\\program files\\Java\\jre1.5.0_03\\bin\\NPJava13.dll FF - plugin: c:\\program files\\Java\\jre1.5.0_03\\bin\\NPJava14.dll FF - plugin: c:\\program files\\Java\\jre1.5.0_03\\bin\\NPJava32.dll FF - plugin: c:\\program files\\Java\\jre1.5.0_03\\bin\\NPJPI150_03.dll FF - plugin: c:\\program files\\Java\\jre1.5.0_03\\bin\\NPOJI610.dll FF - plugin: c:\\program files\\Mozilla Firefox\\plugins\\npdjvu.dll . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-02-08 16:58:23 Windows 5.1.2600 Dodatek Service Pack 2 NTFS skanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ... skanowanie pomyślnie ukończone ukryte pliki: 0 ************************************************************************** . --------------------- ZABLOKOWANE KLUCZE REJESTRU --------------------- [HKEY_LOCAL_MACHINE\\software\\Classes\\CLSID\\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}] @Denied: (Full) (Everyone) \"scansk\"=hex(0):d4,96,bc,d0,26,ba,6b,89,85,43,1c,72,5f,9b,b9,41,21,16,65,30,57, 2a,d8,30,da,b0,93,7d,e6,2e,70,2f,7d,17,63,3d,7d,0f,a0,25,00,00,00,00,00,00,\\ [HKEY_LOCAL_MACHINE\\software\\Classes\\CLSID\\{c7ba7fdd-7a3a-42ba-9e4c-dbc332600ff6}] @Denied: (Full) (Everyone) \"Model\"=dword:0000016c \"Therad\"=dword:0000000a [HKEY_LOCAL_MACHINE\\software\\LicCtrl\\LicCtrl\\LicCtrl\\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \\EC1A69D1C0948222] \"1\"=hex:b0,cd,e0,26,42,20,9e,7c,08,f1,c1,23,e7,41,66,ec,c9,e0,20,43,a1,23,f2, e3 \"2\"=hex:f1,df,16,de,80,08,0e,2a,78,a4,28,cb,d2,56,ff,58,a6,09,d8,fb,43,e9,d5, e7,16,83,71,61,5d,be,d8,25 \"3\"=hex:b0,cd,e0,26,42,20,9e,7c,08,f1,c1,23,e7,41,66,ec,2b,92,4b,0d,22,14,9d, cb,e3,f8,73,90,7d,a4,36,0d,7e,db,3a,16,4c,1a,45,81,b1,a5,77,31,f5,50,d6,e8 [HKEY_LOCAL_MACHINE\\software\\LicCtrl\\LicCtrl\\LicCtrl\\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \\EC1A69D1C0948222\\B144CCE307E78EB6EE53CA2196E4D0A2] \"1\"=hex:97,5e,49,d3,7c,a0,18,18,10,c9,e3,e3,c1,ae,57,ed,60,42,a5,db,24,eb,e2, b0,36,d7,56,53,fe,9f,3d,f9 \"2\"=hex:8c,23,2d,03,75,bd,a0,cd \"3\"=hex:4b,ae,62,12,16,89,02,db,b4,70,75,d9,0b,26,d7,b3,0d,6f,88,46,78,b1,60, f3,e5,33,5f,20,08,20,d5,e4,06,6d,51,59,58,50,96,c7,63,b1,d8,d0,4a,bf,c9,9c,\\ \"4\"=hex:2f,ad,a2,e7,8a,bf,05,5e \"5\"=hex:bf,e5,23,7b,b0,66,d6,fc,b8,e8,6b,a0,96,52,f7,32,80,09,8f,24,b7,b3,55, 1a,98,d1,47,16,02,43,61,1c,b9,d5,8f,2a,7b,81,b1,fb,95,22,f8,b3,2c,53,9d,ae,\\ \"6\"=hex:bf,e5,23,7b,b0,66,d6,fc,bc,64,22,fb,7e,d3,39,3e,a3,00,33,13,c0,21,f4, 51,6c,4e,0c,96,e2,dd,ad,8a,b6,c4,05,e8,5a,bd,9a,e9,d4,1a,3d,68,9d,00,32,20 \"7\"=hex:6b,96,68,24,0f,2f,9e,94,e8,ce,54,f3,3b,80,63,3a,1b,c3,e7,ed,44,3a,1d, 97,9f,f9,03,77,68,81,1b,0c,34,a2,88,30,12,be,09,a0 \"8\"=hex:7e,f2,3f,70,09,28,2b,d8,18,59,f7,d5,37,82,c9,3a,1c,41,a9,64,27,94,18, a4,93,4d,d7,f7,ea,1c,a8,08,02,7d,76,03,b4,db,d7,fd \"9\"=hex:81,20,8f,ab,28,6a,52,9c \"18\"=hex:70,56,26,33,e3,20,f8,ab \"10\"=hex:07,96,b3,35,9e,5a,1a,0b \"11\"=hex:81,20,8f,ab,28,6a,52,9c \"12\"=hex:81,20,8f,ab,28,6a,52,9c \"13\"=hex:81,20,8f,ab,28,6a,52,9c \"14\"=hex:81,20,8f,ab,28,6a,52,9c \"24\"=hex:81,20,8f,ab,28,6a,52,9c \"26\"=hex:81,20,8f,ab,28,6a,52,9c \"27\"=hex:81,20,8f,ab,28,6a,52,9c \"19\"=hex:81,20,8f,ab,28,6a,52,9c \"22\"=hex:81,20,8f,ab,28,6a,52,9c . --------------------- Pliki DLL ładowane pod uruchomionymi procesami --------------------- - - - - - - - > \'winlogon.exe\'(1204) c:\\windows\\system32\\Ati2evxx.dll - - - - - - - > \'lsass.exe\'(1260) c:\\windows\\system32\\imon.dll . ------------------------ Pozostałe uruchomione procesy ------------------------ . c:\\windows\\system32\\ati2evxx.exe c:\\windows\\system32\\ati2evxx.exe c:\\windows\\system32\\wdfmgr.exe c:\\program files\\ATI Technologies\\ATI.ACE\\Core-Static\\MOM.exe c:\\program files\\ATI Technologies\\ATI.ACE\\Core-Static\\CCC.exe c:\\windows\\system32\\wscntfy.exe c:\\program files\\Internet Download Manager\\IEMonitor.exe . ************************************************************************** . Czas ukończenia: 2009-02-08 17:01:53 - komputer został uruchomiony ponownie ComboFix-quarantined-files.txt 2009-02-08 16:01:48 ComboFix2.txt 2008-06-23 12:01:24 Przed: 14 547 640 320 bajtów wolnych Po: 14,539,055,104 bajtów wolnych 254

Nowy Komentarz:

Komentarze: