wklejto.pl

Dodane przez: ~Anonim (2009-02-09 14:55) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
241.
242.
243.
244.
245.
246.
247.
248.
249.
250.
251.
252.
253.
254.
255.
256.
257.
258.
259.
260.
261.
262.
263.
264.
265.
266.
267.
268.
269.
270.
271.
272.
273.
274.
275.
276.
277.
278.
279.
280.
281.
282.
283.
284.
285.
286.
287.
288.
289.
290.
291.
292.
293.
294.
295.
296.
297.
298.
299.
300.
301.
302.
303.
304.
305.
ComboFix 09-02-08.02 - Daniel 2009-02-09 14:20:33.3 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.3.1250.1.1045.18.1015.615 [GMT 1:00]
Uruchomiony z: c:\\documents and settings\\Daniel\\Pulpit\\Daniel\\ComboFix.exe
 
UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !!
.
 
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
 
C:\\1utbfd.bat
C:\\autorun.inf
c:\\windows\\system32\\nmdfgds0.dll
c:\\windows\\system32\\nmdfgds1.dll
c:\\windows\\system32\\olhrwef.exe
D:\\1utbfd.bat
D:\\Autorun.inf
 
.
(((((((((((((((((((((((((   Pliki utworzone od 2009-01-09 do 2009-02-09  )))))))))))))))))))))))))))))))
.
 
2009-02-06 19:15 . 2001-10-26 17:29     87,040  --a------       c:\\windows\\system32\\wiafbdrv.dll
2009-02-06 19:11 . 1996-10-21 13:52     77,312  --a------       c:\\windows\\OLD13B.tmp
2009-02-06 19:11 . 2002-11-01 01:12     49,152  --a------       c:\\windows\\AutoSet.dll
2009-02-06 19:11 . 2002-08-08 02:09     45,056  --a------       c:\\windows\\system32\\micdrv.dll
2009-02-06 19:11 . 2003-02-27 05:55     17,376  --a------       c:\\windows\\system32\\drivers\\GT680x.SYS
2009-02-06 19:11 . 2009-02-06 19:11     267     --a------       c:\\windows\\SCNDRVU.INI
2009-02-06 19:10 . 2009-02-06 19:47     <DIR>   d--------       c:\\program files\\ScannerU
2009-02-01 15:09 . 2009-02-03 09:35     109,930 -r-hs----       C:\\a2h2.com
2009-01-30 15:33 . 2009-01-31 15:11     109,127 -r-hs----       C:\\hl80c6b1.com
2009-01-27 15:02 . 2009-01-27 15:02     301,204 --ah-----       c:\\windows\\system32\\mlfcache.dat
2009-01-22 09:34 . 2009-01-23 10:21     107,882 -r-hs----       C:\\w98.com
2009-01-19 09:20 . 2008-04-14 18:21     70,144  --a------       c:\\windows\\AhnRpta.exe
2009-01-17 17:07 . 2009-01-17 17:07     <DIR>   d--------       c:\\documents and settings\\All Users\\Dane aplikacji\\Keronsoft
2009-01-14 17:43 . 2009-01-14 17:43     <DIR>   d--------       c:\\documents and settings\\tomek\\Dane aplikacji\\.clamwin
2009-01-13 23:10 . 2009-01-13 23:10     <DIR>   d--------       c:\\documents and settings\\gościu\\Dane aplikacji\\Windows Search
 
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-08 13:18        ---------       d-----w c:\\documents and settings\\Daniel\\Dane aplikacji\\OpenOffice.ux.pl2
2009-02-06 17:34        ---------       d-----w c:\\documents and settings\\gościu\\Dane aplikacji\\OpenOffice.ux.pl2
2009-02-05 14:17        ---------       d-----w c:\\program files\\Common Files\\Seagate
2009-01-24 18:30        ---------       d-----w c:\\documents and settings\\Wiktor\\Dane aplikacji\\OpenOffice.ux.pl2
2009-01-14 16:43        ---------       d-----w c:\\documents and settings\\tomek\\Dane aplikacji\\OpenOffice.ux.pl2
2009-01-09 19:47        ---------       d-----w c:\\documents and settings\\Wiktor\\Dane aplikacji\\ipla
2009-01-01 15:01        ---------       d-----w c:\\program files\\Nokia
2009-01-01 15:01        ---------       d-----w c:\\program files\\Common Files\\Nokia
2009-01-01 15:00        ---------       d-----w c:\\documents and settings\\All Users\\Dane aplikacji\\NokiaMusic
2009-01-01 14:24        ---------       d-----w c:\\documents and settings\\Daniel\\Dane aplikacji\\Nokia
2009-01-01 13:47        ---------       d-----w c:\\documents and settings\\Daniel\\Dane aplikacji\\PC Suite
2009-01-01 13:46        0       ---ha-w c:\\windows\\system32\\drivers\\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2009-01-01 13:46        0       ---ha-w c:\\windows\\system32\\drivers\\Msft_Kernel_ccdcmb_01005.Wdf
2009-01-01 13:32        ---------       d-----w c:\\documents and settings\\All Users\\Dane aplikacji\\Installations
2009-01-01 13:31        ---------       d-----w c:\\program files\\Common Files\\PCSuite
2009-01-01 13:30        ---------       d-----w c:\\program files\\PC Connectivity Solution
2008-12-22 13:47        ---------       d-----w c:\\documents and settings\\Daniel\\Dane aplikacji\\ipla
2008-12-22 13:47        ---------       d-----w c:\\documents and settings\\All Users\\Dane aplikacji\\ipla
2008-12-19 16:12        ---------       d-----w c:\\program files\\Opera
2008-12-16 13:55        ---------       d-----w c:\\documents and settings\\Daniel\\Dane aplikacji\\Corel
2008-12-12 03:51        ---------       d-----w c:\\documents and settings\\gościu\\Dane aplikacji\\Windows Desktop Search
2008-12-11 14:05        ---------       d-----w c:\\documents and settings\\Daniel\\Dane aplikacji\\Windows Search
2008-12-11 13:08        ---------       d-----w c:\\documents and settings\\Daniel\\Dane aplikacji\\Windows Desktop Search
2008-12-11 13:07        ---------       d-----w c:\\program files\\Windows Desktop Search
2008-12-11 10:57        333,952 ----a-w c:\\windows\\system32\\drivers\\srv.sys
2008-04-08 16:51        454,656 ----a-w c:\\program files\\putty.exe
2008-12-19 15:50        67,688  ----a-w c:\\program files\\mozilla firefox\\components\\jar50.dll
2008-12-19 15:50        54,368  ----a-w c:\\program files\\mozilla firefox\\components\\jsd3250.dll
2008-12-19 15:50        34,944  ----a-w c:\\program files\\mozilla firefox\\components\\myspell.dll
2008-12-19 15:50        46,712  ----a-w c:\\program files\\mozilla firefox\\components\\spellchk.dll
2008-12-19 15:50        172,136 ----a-w c:\\program files\\mozilla firefox\\components\\xpinstal.dll
2008-08-28 10:19        16,384  --sha-w c:\\windows\\system32\\config\\systemprofile\\Cookies\\index.dat
2008-08-28 10:19        32,768  --sha-w c:\\windows\\system32\\config\\systemprofile\\Ustawienia lokalne\\Historia\\History.IE5\\index.dat
2008-08-28 10:19        32,768  --sha-w c:\\windows\\system32\\config\\systemprofile\\Ustawienia lokalne\\Historia\\History.IE5\\MSHist012008082820080829\\index.dat
2008-08-28 10:19        32,768  --sha-w c:\\windows\\system32\\config\\systemprofile\\Ustawienia lokalne\\Temporary Internet Files\\Content.IE5\\index.dat
.
 
(((((((((((((((((((((((((((((   snapshot@2009-02-02_16.25.01.46   )))))))))))))))))))))))))))))))))))))))))
.
- 2005-10-20 12:02:28   163,328 ----a-w c:\\windows\\ERDNT\\Hiv-backup\\ERDNT.EXE
+ 2005-10-20 19:02:28   163,328 ----a-w c:\\windows\\ERDNT\\Hiv-backup\\ERDNT.EXE
- 2000-08-31 07:00:00   286,720 ----a-w c:\\windows\\SWREG.exe
+ 2000-08-31 07:00:00   161,792 ----a-w c:\\windows\\SWREG.exe
+ 2009-02-09 13:24:07   16,384  ----atw c:\\windows\\Temp\\Perflib_Perfdata_1e4.dat
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\windows\\currentversion\\explorer\\shelliconoverlayidentifiers\\1TortoiseNormal]
@=\"{C5994560-53D9-4125-87C9-F193FC689CB2}\"
[HKEY_CLASSES_ROOT\\CLSID\\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52        80384   --a------       c:\\program files\\Common Files\\TortoiseOverlays\\TortoiseOverlays.dll 
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\windows\\currentversion\\explorer\\shelliconoverlayidentifiers\\2TortoiseModified]
@=\"{C5994561-53D9-4125-87C9-F193FC689CB2}\"
[HKEY_CLASSES_ROOT\\CLSID\\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52        80384   --a------       c:\\program files\\Common Files\\TortoiseOverlays\\TortoiseOverlays.dll 
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\windows\\currentversion\\explorer\\shelliconoverlayidentifiers\\3TortoiseConflict]
@=\"{C5994562-53D9-4125-87C9-F193FC689CB2}\"
[HKEY_CLASSES_ROOT\\CLSID\\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52        80384   --a------       c:\\program files\\Common Files\\TortoiseOverlays\\TortoiseOverlays.dll 
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\windows\\currentversion\\explorer\\shelliconoverlayidentifiers\\4TortoiseLocked]
@=\"{C5994563-53D9-4125-87C9-F193FC689CB2}\"
[HKEY_CLASSES_ROOT\\CLSID\\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52        80384   --a------       c:\\program files\\Common Files\\TortoiseOverlays\\TortoiseOverlays.dll 
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\windows\\currentversion\\explorer\\shelliconoverlayidentifiers\\5TortoiseReadOnly]
@=\"{C5994564-53D9-4125-87C9-F193FC689CB2}\"
[HKEY_CLASSES_ROOT\\CLSID\\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52        80384   --a------       c:\\program files\\Common Files\\TortoiseOverlays\\TortoiseOverlays.dll 
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\windows\\currentversion\\explorer\\shelliconoverlayidentifiers\\6TortoiseDeleted]
@=\"{C5994565-53D9-4125-87C9-F193FC689CB2}\"
[HKEY_CLASSES_ROOT\\CLSID\\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52        80384   --a------       c:\\program files\\Common Files\\TortoiseOverlays\\TortoiseOverlays.dll 
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\windows\\currentversion\\explorer\\shelliconoverlayidentifiers\\7TortoiseAdded]
@=\"{C5994566-53D9-4125-87C9-F193FC689CB2}\"
[HKEY_CLASSES_ROOT\\CLSID\\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52        80384   --a------       c:\\program files\\Common Files\\TortoiseOverlays\\TortoiseOverlays.dll 
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\windows\\currentversion\\explorer\\shelliconoverlayidentifiers\\8TortoiseIgnored]
@=\"{C5994567-53D9-4125-87C9-F193FC689CB2}\"
[HKEY_CLASSES_ROOT\\CLSID\\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52        80384   --a------       c:\\program files\\Common Files\\TortoiseOverlays\\TortoiseOverlays.dll 
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\windows\\currentversion\\explorer\\shelliconoverlayidentifiers\\9TortoiseUnversioned]
@=\"{C5994568-53D9-4125-87C9-F193FC689CB2}\"
[HKEY_CLASSES_ROOT\\CLSID\\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52        80384   --a------       c:\\program files\\Common Files\\TortoiseOverlays\\TortoiseOverlays.dll 
 
[HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run]
\"CTFMON.EXE\"=\"c:\\windows\\system32\\ctfmon.exe\" [2008-04-14 15360]
\"cdoosoft\"=\"c:\\windows\\system32\\olhrwef.exe\" [BU]
 
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run]
\"NokiaMServer\"=\"c:\\program files\\Common Files\\Nokia\\MPlatform\\NokiaMServer\" [X]
\"IgfxTray\"=\"c:\\windows\\system32\\igfxtray.exe\" [2005-06-21 155648]
\"HotKeysCmds\"=\"c:\\windows\\system32\\hkcmd.exe\" [2005-06-21 126976]
\"Smapp\"=\"c:\\program files\\Analog Devices\\SoundMAX\\SMTray.exe\" [2003-05-05 143360]
\"DrvLsnr\"=\"c:\\program files\\Analog Devices\\SoundMAX\\DrvLsnr.exe\" [2003-05-08 69632]
\"UnlockerAssistant\"=\"c:\\program files\\Unlocker\\UnlockerAssistant.exe\" [2006-09-07 15872]
\"SunJavaUpdateSched\"=\"c:\\program files\\Java\\jre6\\bin\\jusched.exe\" [2008-12-03 136600]
\"LXSUPMON\"=\"c:\\windows\\system32\\LXSUPMON.EXE\" [2002-01-28 885760]
\"Acronis Scheduler2 Service\"=\"c:\\program files\\Common Files\\Seagate\\Schedule2\\schedhlp.exe\" [2007-09-04 148760]
\"ClamWin\"=\"c:\\program files\\ClamWin\\bin\\ClamTray.exe\" [2008-11-04 86016]
\"Adobe Reader Speed Launcher\"=\"c:\\program files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\" [2008-01-11 39792]
\"Nokia FastStart\"=\"c:\\program files\\Nokia\\Nokia Music\\NokiaMusic.exe\" [2008-12-03 2372840]
 
[HKEY_USERS\\.DEFAULT\\Software\\Microsoft\\Windows\\CurrentVersion\\Run]
\"CTFMON.EXE\"=\"c:\\windows\\system32\\CTFMON.EXE\" [2008-04-14 15360]
 
c:\\documents and settings\\go˜ciu\\Menu Start\\Programy\\Autostart\\
OpenOffice.ux.pl 2.4.0.lnk - c:\\program files\\OpenOffice.ux.pl 2.4.0\\program\\quickstart.exe [2008-04-02 19456]
 
c:\\documents and settings\\tomek\\Menu Start\\Programy\\Autostart\\
OpenOffice.ux.pl 2.4.0.lnk - c:\\program files\\OpenOffice.ux.pl 2.4.0\\program\\quickstart.exe [2008-04-02 19456]
 
c:\\documents and settings\\Daniel\\Menu Start\\Programy\\Autostart\\
Adobe Gamma.lnk - c:\\program files\\Common Files\\Adobe\\Calibration\\Adobe Gamma Loader.exe [2005-03-16 113664]
 
c:\\documents and settings\\All Users\\Menu Start\\Programy\\Autostart\\
Action Manager 32.lnk - c:\\program files\\ScannerU\\AM32.exe [2009-02-06 69632]
 
[hkey_local_machine\\software\\microsoft\\windows\\currentversion\\explorer\\ShellExecuteHooks]
\"{56F9679E-7826-4C84-81F3-532071A8BCC5}\"= \"c:\\program files\\Windows Desktop Search\\MSNLNamespaceMgr.dll\" [2008-05-26 304128]
\"{BB4C402F-882A-4526-8C08-51278EA437C1}\"= \"c:\\windows\\system32\\afmain0.dll\" [2008-04-14 78848]
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\windows nt\\currentversion\\drivers32]
\"vidc.ffds\"= c:\\progra~1\\COMBIN~1\\Filters\\FFDShow\\ff_vfw.dll
 
[HKLM\\~\\startupfolder\\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Windows Search.lnk]
path=c:\\documents and settings\\All Users\\Menu Start\\Programy\\Autostart\\Windows Search.lnk
backup=c:\\windows\\pss\\Windows Search.lnkCommon Startup
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\services]
\"WSearch\"=2 (0x2)
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\security center]
\"AntiVirusOverride\"=dword:00000001
 
[HKLM\\~\\services\\sharedaccess\\parameters\\firewallpolicy\\standardprofile\\AuthorizedApplications\\List]
\"%windir%\\\\system32\\\\sessmgr.exe\"=
\"%windir%\\\\Network Diagnostic\\\\xpnetdiag.exe\"=
\"c:\\\\Program Files\\\\Gadu-Gadu\\\\gg.exe\"=
\"c:\\\\Program Files\\\\EditPlus 2\\\\editplus.exe\"=
\"c:\\\\WINDOWS\\\\system32\\\\ftp.exe\"=
\"c:\\\\WINDOWS\\\\system32\\\\LEXPPS.EXE\"=
\"c:\\\\Program Files\\\\Media Player Classic\\\\mplayerc.exe\"=
\"c:\\\\Program Files\\\\Mozilla Firefox\\\\firefox.exe\"=
\"c:\\\\Program Files\\\\Skype\\\\Phone\\\\Skype.exe\"=
\"c:\\\\Program Files\\\\Bonjour\\\\mDNSResponder.exe\"=
\"c:\\\\Program Files\\\\WinSCP\\\\WinSCP.exe\"=
 
R3 GT680xNT;715 USB Scanner Driver;c:\\windows\\system32\\drivers\\GT680x.SYS [2009-02-06 17376]
R3 vmscekb1;Virtual Media Center Keyboard;c:\\windows\\system32\\drivers\\vmscekb1.sys [2006-06-01 36224]
R3 vmscekb2;Virtual Media Center Remote Control;c:\\windows\\system32\\drivers\\vmscekb2.sys [2006-06-01 36224]
R3 vmscekb3;Virtual Media Center Control;c:\\windows\\system32\\drivers\\vmscekb3.sys [2006-06-01 36224]
S1 PDIDRV;PDIDRV; [x]
S3 NPF;NetGroup Packet Filter Driver;c:\\windows\\system32\\drivers\\npf.sys [2007-01-25 42000]
S3 rtkbflt1;rtkbflt1;c:\\windows\\system32\\drivers\\rtkbflt1.sys [2006-03-17 25472]
S3 rtkbflt2;rtkbflt2;c:\\windows\\system32\\drivers\\rtkbflt2.sys [2006-03-17 25472]
 
[HKEY_CURRENT_USER\\software\\microsoft\\windows\\currentversion\\explorer\\mountpoints2\\{147d492a-f68b-11dd-be70-000bcdbf6c6d}]
\\Shell\\AutoRun\\command - F:\\1utbfd.bat
\\Shell\\open\\Command - F:\\1utbfd.bat
 
[HKEY_CURRENT_USER\\software\\microsoft\\windows\\currentversion\\explorer\\mountpoints2\\{1a7d87fc-556f-11dc-bac8-000bcdbf6c6d}]
\\Shell\\AutoRun\\command - F:\\
\\Shell\\open\\Command - rundll32.exe .\\desktop.dll,InstallM
 
[HKEY_CURRENT_USER\\software\\microsoft\\windows\\currentversion\\explorer\\mountpoints2\\{1e5ca654-8fa3-11dd-bd64-000bcdbf6c6d}]
\\Shell\\AutoRun\\command - F:\\
\\Shell\\open\\Command - rundll32.exe .\\desktop.dll,InstallM
 
[HKEY_CURRENT_USER\\software\\microsoft\\windows\\currentversion\\explorer\\mountpoints2\\{1e5ca655-8fa3-11dd-bd64-000bcdbf6c6d}]
\\Shell\\AutoRun\\command - G:\\USBNB.exe
 
[HKEY_CURRENT_USER\\software\\microsoft\\windows\\currentversion\\explorer\\mountpoints2\\{2ce99208-de32-11dd-be44-000bcdbf6c6d}]
\\Shell\\AutoRun\\command - F:\\a2h2.com
\\Shell\\open\\Command - F:\\a2h2.com
 
[HKEY_CURRENT_USER\\software\\microsoft\\windows\\currentversion\\explorer\\mountpoints2\\{5ec5f6ab-f34d-11db-ba51-000bcdbf6c6d}]
\\Shell\\AutoRun\\command - SYSTEM\\S-1-5-21-1482476501-1644491937-682003330-1013\\system32.exe
\\Shell\\open\\command - SYSTEM\\S-1-5-21-1482476501-1644491937-682003330-1013\\system32.exe
 
[HKEY_CURRENT_USER\\software\\microsoft\\windows\\currentversion\\explorer\\mountpoints2\\{80c45670-df20-11dd-be46-000bcdbf6c6d}]
\\Shell\\AutoRun\\command - F:\\j60osk9.cmd
\\Shell\\open\\Command - F:\\j60osk9.cmd
 
[HKEY_CURRENT_USER\\software\\microsoft\\windows\\currentversion\\explorer\\mountpoints2\\{8e58615c-cf18-11dc-bbcc-000bcdbf6c6d}]
\\Shell\\AutoRun\\command - 1utbfd.bat
\\Shell\\open\\Command - 1utbfd.bat
.
Zawartość folderu \'Zaplanowane zadania\'
 
2009-02-02 c:\\windows\\Tasks\\AppleSoftwareUpdate.job
- c:\\program files\\Apple Software Update\\SoftwareUpdate.exe [2008-04-11 16:57]
.
.
------- Skan uzupełniający -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: Display Toolbar and Menubar - c:\\program files\\IEInspector\\IEWebDeveloperV2\\cmd_display.html
TCP: {A4EA3BC6-5145-400E-A529-830A7E3D0773} = 10.42.42.1
FF - ProfilePath - c:\\documents and settings\\Daniel\\Dane aplikacji\\Mozilla\\Firefox\\Profiles\\sd0hez84.default\\
FF - prefs.js: browser.startup.homepage - blank
FF - component: c:\\documents and settings\\Daniel\\Dane aplikacji\\Mozilla\\Firefox\\Profiles\\sd0hez84.default\\extensions\\{6AC85730-7D0F-4de0-B3FA-21142DD85326}\\platform\\WINNT\\components\\ColorZilla.dll
FF - component: c:\\program files\\Mozilla Firefox\\components\\xpinstal.dll
.
 
**************************************************************************
 
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-09 14:24:21
Windows 5.1.2600 Dodatek Service Pack 3 NTFS
 
skanowanie ukrytych procesów ...  
 
skanowanie ukrytych wpisów autostartu ... 
 
skanowanie ukrytych plików ...  
 
skanowanie pomyślnie ukończone
ukryte pliki: 0
 
**************************************************************************
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c:\\windows\\system32\\LEXBCES.EXE
c:\\windows\\system32\\LEXPPS.EXE
c:\\program files\\Common Files\\Seagate\\Schedule2\\schedul2.exe
c:\\program files\\Bonjour\\mDNSResponder.exe
c:\\program files\\Common Files\\InterVideo\\DeviceService\\DevSvc.exe
c:\\program files\\Java\\jre6\\bin\\jqs.exe
c:\\program files\\Common Files\\LightScribe\\LSSrvc.exe
c:\\program files\\Analog Devices\\SoundMAX\\SMAgent.exe
c:\\windows\\AhnRpta.exe
c:\\windows\\system32\\wbem\\wmiapsrv.exe
c:\\program files\\TortoiseSVN\\bin\\TSVNCache.exe
c:\\program files\\Common Files\\Nokia\\MPlatform\\NokiaMServer.exe
c:\\program files\\PC Connectivity Solution\\ServiceLayer.exe
c:\\program files\\PC Connectivity Solution\\Transports\\NclUSBSrv.exe
c:\\program files\\PC Connectivity Solution\\Transports\\NclRSSrv.exe
.
**************************************************************************
.
Czas ukończenia: 2009-02-09 14:28:39 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt  2009-02-09 13:28:36
ComboFix2.txt  2009-02-09 09:21:07
ComboFix3.txt  2009-02-02 15:26:20
 
Przed: 2 550 448 128 bajtów wolnych
Po: 2,538,541,056 bajtów wolnych
 
255     --- E O F ---   2009-01-14 08:45:24
 
Wygenerowano w 0.124s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!