wklejto.pl

Dodane przez: ~Anonim (2009-02-14 19:29) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
241.
242.
243.
244.
245.
246.
247.
248.
249.
250.
251.
252.
253.
254.
255.
256.
257.
258.
259.
260.
261.
262.
263.
264.
265.
266.
267.
268.
269.
270.
271.
272.
273.
274.
275.
276.
277.
278.
279.
280.
281.
282.
283.
284.
285.
286.
287.
288.
289.
290.
291.
292.
293.
294.
295.
296.
297.
298.
299.
300.
301.
302.
303.
304.
305.
306.
307.
308.
309.
310.
311.
312.
313.
314.
315.
316.
317.
318.
319.
320.
ComboFix 09-02-12.03 - PC 2009-02-14 19:28:06.3 - NTFSx86
Microsoft Windows XP Home Edition  5.1.2600.3.1250.1.1045.18.3007.2565 [GMT 1:00]
Uruchomiony z: c:\\documents and settings\\PC\\Pulpit\\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated)
FW: Kaspersky Internet Security *disabled*
 * Utworzono nowy punkt przywracania
 
UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !!
.
 
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
 
c:\\windows\\system32\\inst.dat
c:\\windows\\system32\\pk.bin
 
.
(((((((((((((((((((((((((   Pliki utworzone od 2009-01-14 do 2009-02-14  )))))))))))))))))))))))))))))))
.
 
2009-02-14 12:19 . 2009-02-14 12:32     206     --a------       c:\\windows\\wininit.ini
2009-02-14 11:52 . 2009-02-14 12:34     <DIR>   d--------       c:\\windows\\system32\\dt
2009-02-13 18:12 . 2009-02-13 18:12     <DIR>   d--hs----       c:\\documents and settings\\PC\\IECompatCache
2009-02-13 16:56 . 2009-02-13 16:56     <DIR>   d--hs----       c:\\documents and settings\\PC\\IETldCache
2009-02-13 16:47 . 2009-02-13 16:49     <DIR>   d--h-c---       c:\\windows\\ie8
2009-02-13 16:45 . 2009-01-11 06:00     79,360  -----c---       c:\\windows\\system32\\dllcache\\iecompat.dll
2009-02-13 16:40 . 2009-02-13 16:49     <DIR>   d--h-----       c:\\windows\\$hf_mig$
2009-01-29 01:45 . 2009-02-14 19:31     <DIR>   d--------       c:\\documents and settings\\NetworkService\\Dane aplikacji\\VMware
2009-01-28 23:00 . 2009-01-29 19:58     <DIR>   d--------       c:\\documents and settings\\PC\\Dane aplikacji\\VMware
2009-01-28 22:58 . 2009-01-28 22:58     <DIR>   d--------       c:\\documents and settings\\LocalService\\Dane aplikacji\\VMware
2009-01-28 22:58 . 2009-02-14 19:31     <DIR>   d--------       c:\\documents and settings\\All Users\\Dane aplikacji\\VMware
2009-01-28 22:58 . 2007-04-13 05:48     391,984 --a------       c:\\windows\\system32\\vnetlib.dll
2009-01-28 22:58 . 2007-04-13 05:48     142,128 --a------       c:\\windows\\system32\\vmnat.exe
2009-01-28 22:58 . 2007-04-13 05:48     113,456 --a------       c:\\windows\\system32\\vmnetdhcp.exe
2009-01-28 22:58 . 2007-04-13 05:49     22,576  --a------       c:\\windows\\system32\\drivers\\vmnetuserif.sys
2009-01-28 22:55 . 2009-01-28 22:55     <DIR>   d--------       c:\\program files\\Common Files\\VMware
2009-01-28 19:04 . 2009-01-28 19:04     <DIR>   d--------       c:\\program files\\Common Files\\EZB Systems
2009-01-27 21:06 . 2009-01-27 21:06     <DIR>   d--------       c:\\documents and settings\\PC\\Dane aplikacji\\Download Manager
2009-01-20 19:47 . 2009-01-20 19:47     <DIR>   d--------       c:\\documents and settings\\PC\\Dane aplikacji\\Locktime
2009-01-20 19:45 . 2009-01-20 19:45     <DIR>   d--------       c:\\documents and settings\\All Users\\Dane aplikacji\\Locktime
2009-01-17 13:27 . 2009-01-17 13:27     <DIR>   d--------       c:\\documents and settings\\All Users\\Dane aplikacji\\nView_Profiles
2009-01-15 02:30 . 2009-01-15 02:30     53,248  ---------       c:\\windows\\system32\\msrating.dll.mui
2009-01-15 02:30 . 2009-01-15 02:30     2,560   ---------       c:\\windows\\system32\\mshta.exe.mui
2009-01-15 02:27 . 2009-01-15 02:27     81,920  ---------       c:\\windows\\system32\\iedkcs32.dll.mui
2009-01-15 02:27 . 2009-01-15 02:27     4,096   ---------       c:\\windows\\system32\\ie4uinit.exe.mui
2009-01-15 02:04 . 2009-01-15 02:04     18,944  -----c---       c:\\windows\\system32\\dllcache\\corpol.dll
2009-01-14 13:33 . 2009-01-14 13:33     <DIR>   d--------       c:\\program files\\DIFX
2009-01-14 13:33 . 2006-11-23 05:55     73,728  --a------       c:\\windows\\system32\\DeathAdder.cpl
2009-01-14 13:33 . 2005-03-03 19:47     31,104  --a------       c:\\windows\\system32\\drivers\\CYUSB.sys
2009-01-14 13:33 . 2007-08-02 17:32     22,784  --a------       c:\\windows\\system32\\drivers\\dadder.sys
2009-01-14 13:31 . 2001-10-26 16:57     12,160  --a------       c:\\windows\\system32\\drivers\\mouhid.sys
2009-01-14 13:31 . 2001-10-26 16:57     12,160  --a--c---       c:\\windows\\system32\\dllcache\\mouhid.sys
 
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-14 18:32        ---------       d-----w c:\\documents and settings\\All Users\\Dane aplikacji\\Kaspersky Lab
2009-02-14 18:30        950,304 --sha-w c:\\windows\\system32\\drivers\\fidbox2.dat
2009-02-14 18:30        5,376   --sha-w c:\\windows\\system32\\drivers\\fidbox2.idx
2009-02-14 18:30        5,282,848       --sha-w c:\\windows\\system32\\drivers\\fidbox.dat
2009-02-14 18:30        44,448  --sha-w c:\\windows\\system32\\drivers\\fidbox.idx
2009-02-14 11:38        ---------       d--h--w c:\\program files\\InstallShield Installation Information
2009-02-12 17:26        ---------       d-----w c:\\documents and settings\\PC\\Dane aplikacji\\uTorrent
2009-02-11 15:04        ---------       d---a-w c:\\documents and settings\\All Users\\Dane aplikacji\\TEMP
2009-02-04 15:10        33,808  ----a-w c:\\windows\\system32\\drivers\\klbg.sys
2009-02-03 18:01        89,601  ----a-w c:\\windows\\system32\\drivers\\klick.dat
2009-02-03 18:01        101,287 ----a-w c:\\windows\\system32\\drivers\\klin.dat
2009-01-23 20:42        20,480  ----a-w c:\\windows\\system32\\H@tKeysH@@k.DLL
2009-01-15 01:05        911,872 ----a-w c:\\windows\\system32\\wininet.dll
2009-01-15 01:05        43,008  ----a-w c:\\windows\\system32\\licmgr10.dll
2009-01-15 01:04        18,944  ----a-w c:\\windows\\system32\\corpol.dll
2009-01-15 01:03        72,704  ----a-w c:\\windows\\system32\\admparse.dll
2009-01-15 01:03        71,680  ----a-w c:\\windows\\system32\\iesetup.dll
2009-01-15 01:03        420,352 ----a-w c:\\windows\\system32\\vbscript.dll
2009-01-15 01:01        34,304  ----a-w c:\\windows\\system32\\imgutil.dll
2009-01-15 01:00        48,128  ----a-w c:\\windows\\system32\\mshtmler.dll
2009-01-15 01:00        45,568  ----a-w c:\\windows\\system32\\mshta.exe
2009-01-15 00:50        156,160 ----a-w c:\\windows\\system32\\msls31.dll
2009-01-09 19:46        ---------       d-----w c:\\documents and settings\\PC\\Dane aplikacji\\Skype
2009-01-09 16:39        ---------       d-----w c:\\documents and settings\\PC\\Dane aplikacji\\skypePM
2009-01-01 20:26        107,888 ----a-w c:\\windows\\system32\\CmdLineExt.dll
2008-12-30 17:47        ---------       d-----w c:\\documents and settings\\PC\\Dane aplikacji\\OpenOffice.ux.pl2
2008-12-26 16:33        ---------       d-----w c:\\documents and settings\\All Users\\Dane aplikacji\\Spybot - Search & Destroy
2008-12-23 20:58        453,152 ----a-w c:\\windows\\system32\\NVUNINST.EXE
2008-12-21 16:41        ---------       d-----w c:\\documents and settings\\PC\\Dane aplikacji\\InstallShield
2008-12-17 14:08        ---------       d-----w c:\\documents and settings\\All Users\\Dane aplikacji\\Ashampoo
2008-10-23 14:41        22,328  ----a-w c:\\documents and settings\\PC\\Dane aplikacji\\PnkBstrK.sys
2008-03-07 17:36        32      ----a-w c:\\documents and settings\\All Users\\Dane aplikacji\\ezsid.dat
2006-06-23 06:48        32,768  ----a-r c:\\windows\\inf\\UpdateUSB.exe
2004-10-01 14:00        40,960  ----a-w c:\\program files\\Uninstall_CDS.exe
2008-05-05 17:07        32,768  --sha-w c:\\windows\\system32\\config\\systemprofile\\Ustawienia lokalne\\Historia\\History.IE5\\MSHist012008050520080506\\index.dat
.
 
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
 
[HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run]
\"ctfmon.exe\"=\"c:\\windows\\system32\\ctfmon.exe\" [2008-04-14 15360]
 
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run]
\"NvCplDaemon\"=\"c:\\windows\\system32\\NvCpl.dll\" [2008-12-26 13680640]
\"NvMediaCenter\"=\"c:\\windows\\system32\\NvMcTray.dll\" [2008-12-26 86016]
\"AVP\"=\"c:\\program files\\Kaspersky Lab\\Kaspersky Internet Security 2009\\avp.exe\" [2009-02-04 201992]
\"nwiz\"=\"nwiz.exe\" [2008-12-26 c:\\windows\\system32\\nwiz.exe]
 
[HKEY_USERS\\.DEFAULT\\Software\\Microsoft\\Windows\\CurrentVersion\\Run]
\"CTFMON.EXE\"=\"c:\\windows\\system32\\CTFMON.EXE\" [2008-04-14 15360]
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\windows\\currentversion\\policies\\explorer]
\"NoChangeAnimation\"= 0 (0x0)
\"NoStrCmpLogical\"= 0 (0x0)
 
[HKEY_CURRENT_USER\\software\\microsoft\\windows\\currentversion\\policies\\explorer]
\"MemCheckBoxInRunDlg\"= 0 (0x0)
\"NoStrCmpLogical\"= 0 (0x0)
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\windows nt\\currentversion\\drivers32]
\"msacm.l3fhg\"= mp3fhg.acm
\"msacm.divxa32\"= divxa32.acm
\"VIDC.X264\"= x264vfw.dll
\"VIDC.HFYU\"= huffyuv.dll
\"vidc.i263\"= i263_32.drv
 
[HKLM\\~\\startupfolder\\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^BlueSoleil.lnk]
path=c:\\documents and settings\\All Users\\Menu Start\\Programy\\Autostart\\BlueSoleil.lnk
backup=c:\\windows\\pss\\BlueSoleil.lnkCommon Startup
 
[HKLM\\~\\startupfolder\\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^HP Digital Imaging Monitor.lnk]
path=c:\\documents and settings\\All Users\\Menu Start\\Programy\\Autostart\\HP Digital Imaging Monitor.lnk
backup=c:\\windows\\pss\\HP Digital Imaging Monitor.lnkCommon Startup
 
[HKLM\\~\\startupfolder\\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^HP Photosmart Premier - Szybkie uruchomienie.lnk]
path=c:\\documents and settings\\All Users\\Menu Start\\Programy\\Autostart\\HP Photosmart Premier - Szybkie uruchomienie.lnk
backup=c:\\windows\\pss\\HP Photosmart Premier - Szybkie uruchomienie.lnkCommon Startup
 
[HKLM\\~\\startupfolder\\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^IPod Desk Update.exe]
path=c:\\documents and settings\\All Users\\Menu Start\\Programy\\Autostart\\IPod Desk Update.exe
backup=c:\\windows\\pss\\IPod Desk Update.exeCommon Startup
 
[HKLM\\~\\startupfolder\\C:^Documents and Settings^PC^Menu Start^Programy^Autostart^Ati Utils Update.exe]
path=c:\\documents and settings\\PC\\Menu Start\\Programy\\Autostart\\Ati Utils Update.exe
backup=c:\\windows\\pss\\Ati Utils Update.exeStartup
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\Adobe Reader Speed Launcher]
--a------ 2008-01-11 22:16 39792 c:\\program files\\Adobe\\Reader 8.0\\Reader\\reader_sl.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\ctfmon.exe]
--a------ 2008-04-14 21:51 15360 c:\\windows\\system32\\ctfmon.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\DAEMON Tools Lite]
--a------ 2008-01-17 17:51 486856 e:\\programy\\DAEMON Tools Lite\\daemon.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\DeathAdder]
--a------ 2007-09-07 15:54 159744 e:\\programy\\Razer\\DeathAdder\\razerhid.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\DefragTaskBar]
--a------ 2008-10-09 08:18 173408 e:\\programy\\Ashampoo\\Ashampoo Magical Defrag 2\\bin\\defragTaskBar.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\GameXL]
--a------ 2008-01-11 22:16 39792 c:\\program files\\Adobe\\Reader 8.0\\Reader\\reader_sl.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\iTunesHelper]
--a------ 2008-03-30 09:36 267048 e:\\programy\\iTunes\\iTunesHelper.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\QuickTime Task]
--a------ 2008-03-28 22:37 413696 c:\\program files\\QuickTime\\QTTask.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\RemoteControl]
--a------ 2004-11-02 20:24 32768 c:\\program files\\CyberLink DVD Solution\\PowerDVD\\PDVDServ.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\SoundMax]
--a------ 2006-04-10 09:19 729088 c:\\program files\\Analog Devices\\SoundMAX\\SMax4.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\SpybotSD TeaTimer]
-rahs---- 2008-12-17 23:23 2107224 e:\\programy\\Spybot - Search & Destroy\\TeaTimer.exe
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\UpdReg]
--------- 2000-05-11 01:00 90112 c:\\windows\\Updreg.EXE
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\services]
\"WMPNetworkSvc\"=3 (0x3)
\"Pml Driver HPZ12\"=2 (0x2)
\"NBService\"=3 (0x3)
\"LightScribeService\"=2 (0x2)
\"BlueSoleil Hid Service\"=2 (0x2)
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\security center\\Monitoring\\KasperskyAntiVirus]
\"DisableMonitoring\"=dword:00000001
 
[HKLM\\~\\services\\sharedaccess\\parameters\\firewallpolicy\\standardprofile\\AuthorizedApplications\\List]
\"%windir%\\\\system32\\\\sessmgr.exe\"=
\"%windir%\\\\Network Diagnostic\\\\xpnetdiag.exe\"=
\"e:\\\\Programy\\\\Gadu-Gadu\\\\gg.exe\"=
\"e:\\\\Programy\\\\FlashGet\\\\flashget.exe\"=
\"c:\\\\Program Files\\\\IVT Corporation\\\\BlueSoleil\\\\BlueSoleil.exe\"=
\"c:\\\\WINDOWS\\\\system32\\\\dpvsetup.exe\"=
\"c:\\\\Program Files\\\\Bonjour\\\\mDNSResponder.exe\"=
\"e:\\\\Programy\\\\iTunes\\\\iTunes.exe\"=
\"c:\\\\WINDOWS\\\\system32\\\\dpnsvr.exe\"=
\"c:\\\\Program Files\\\\Cyanide\\\\GameCenter\\\\GameCenter.exe\"=
\"e:\\\\Gry\\\\Counter-Strike 1.6\\\\hl.exe\"=
\"e:\\\\Gry\\\\Steam\\\\SteamApps\\\\dzimi12345\\\\counter-strike\\\\hl.exe\"=
\"c:\\\\Program Files\\\\Java\\\\jre1.6.0_05\\\\bin\\\\javaw.exe\"=
\"e:\\\\Gry\\\\Counter-Strike 1.6\\\\hlds.exe\"=
\"e:\\\\Gry\\\\Rockstar Games\\\\Rockstar Games Social Club\\\\RGSCLauncher.exe\"=
\"c:\\\\Documents and Settings\\\\All Users\\\\Dane aplikacji\\\\Kaspersky Lab Setup Files\\\\Kaspersky Internet Security 2009\\\\Polish\\\\setup.exe\"=
\"c:\\\\Program Files\\\\Skype\\\\Phone\\\\Skype.exe\"=
\"e:\\\\Programys\\\\uTorrent\\\\uTorrent.exe\"=
\"e:\\\\Gry\\\\XTCS Counter-Strike 1.6 Final Release\\\\hltv.exe\"=
\"e:\\\\Gry\\\\XTCS Counter-Strike 1.6 Final Release\\\\cstrike.exe\"=
\"e:\\\\Gry\\\\Electronic Arts\\\\Burnout(TM) Paradise The Ultimate Box\\\\BurnoutLauncher.exe\"=
\"e:\\\\Gry\\\\Electronic Arts\\\\Burnout(TM) Paradise The Ultimate Box\\\\BurnoutConfigTool.exe\"=
\"e:\\\\Gry\\\\Electronic Arts\\\\Burnout(TM) Paradise The Ultimate Box\\\\BurnoutParadise.exe\"=
\"e:\\\\Gry\\\\Microsoft Games\\\\Flight Simulator 9.0\\\\fs9.exe\"=
\"e:\\\\Gry\\\\Rockstar Games\\\\Grand Theft Auto IV\\\\GTAIV.exe\"=
 
[HKLM\\~\\services\\sharedaccess\\parameters\\firewallpolicy\\standardprofile\\GloballyOpenPorts\\List]
\"3724:TCP\"= 3724:TCP:Blizzard Downloader: 3724
 
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\\windows\\system32\\drivers\\klbg.sys [2008-01-29 33808]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\\windows\\system32\\drivers\\sfdrv01a.sys [2006-07-05 63352]
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;c:\\program files\\Common Files\\ABBYY\\FineReader\\9.00\\Licensing\\PE\\NetworkLicenseServer.exe [2008-05-16 759072]
R2 WinDefend;Windows Defender;c:\\program files\\Windows Defender\\MsMpEng.exe [2006-11-03 13592]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Adapter;c:\\windows\\system32\\drivers\\atl01_xp.sys [2008-01-29 34944]
R3 DAdderFltr;DeathAdder Mouse;c:\\windows\\system32\\drivers\\dadder.sys [2009-01-14 22784]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\\windows\\system32\\drivers\\klfltdev.sys [2008-03-13 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\\windows\\system32\\drivers\\klim5.sys [2008-03-25 24592]
S3 ZSMC326;Vimicro USB2.0 PC Camera(VC0323);c:\\windows\\system32\\Drivers\\usbvm323.sys --> c:\\windows\\system32\\Drivers\\usbvm323.sys [?]
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\active setup\\installed components\\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
\"c:\\windows\\system32\\rundll32.exe\" \"c:\\windows\\system32\\iedkcs32.dll\",BrandIEActiveSetup SIGNUP
.
Zawartość folderu \'Zaplanowane zadania\'
 
2009-02-14 c:\\windows\\Tasks\\MP Scheduled Scan.job
- c:\\program files\\Windows Defender\\MpCmdRun.exe [2006-11-03 18:20]
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.google.pl/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = about:blank
IE: &Ściągnij przy pomocy FlashGet\'a - e:\\programy\\FlashGet\\jc_link.htm
IE: &Ściągnij wszystko przy pomocy FlashGet\'a - e:\\programy\\FlashGet\\jc_all.htm
IE: Dodaj do listy blokowanych banerów - c:\\program files\\Kaspersky Lab\\Kaspersky Internet Security 2009\\ie_banner_deny.htm
IE: E&ksportuj do programu Microsoft Excel - c:\\progra~1\\MICROS~2\\Office12\\EXCEL.EXE/3000
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.2.cab
FF - ProfilePath - c:\\documents and settings\\PC\\Dane aplikacji\\Mozilla\\Firefox\\Profiles\\m825a9dp.default\\
FF - prefs.js: browser.startup.homepage - www.google.pl
FF - component: c:\\documents and settings\\PC\\Dane aplikacji\\Mozilla\\Firefox\\Profiles\\m825a9dp.default\\extensions\\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\\platform\\WINNT_x86-msvc\\components\\ipc.dll
FF - component: c:\\documents and settings\\PC\\Dane aplikacji\\Mozilla\\Firefox\\Profiles\\m825a9dp.default\\extensions\\{FCAB6FDD-5585-425b-95C1-5ED856F3FD08}\\components\\nsCatcher.dll
FF - component: c:\\documents and settings\\PC\\Dane aplikacji\\Mozilla\\Firefox\\Profiles\\m825a9dp.default\\extensions\\piclens@cooliris.com\\components\\coolirisstub.dll
FF - plugin: e:\\programy\\iTunes\\Mozilla Plugins\\npitunes.dll
.
 
**************************************************************************
 
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-14 19:32:17
Windows 5.1.2600 Dodatek Service Pack 3 NTFS
 
skanowanie ukrytych procesów ...  
 
skanowanie ukrytych wpisów autostartu ... 
 
skanowanie ukrytych plików ...  
 
skanowanie pomyślnie ukończone
ukryte pliki: 0
 
**************************************************************************
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
 
[HKEY_USERS\\S-1-5-21-1409082233-1647877149-839522115-1004\\Software\\Microsoft\\SystemCertificates\\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------
 
- - - - - - - > \'winlogon.exe\'(1476)
c:\\windows\\system32\\klogon.dll
 
- - - - - - - > \'explorer.exe\'(3392)
c:\\windows\\system32\\ieframe.dll
c:\\windows\\system32\\webcheck.dll
c:\\windows\\system32\\WPDShServiceObj.dll
e:\\programy\\Microsoft Virtual PC\\VPCShExH.DLL
c:\\windows\\system32\\PortableDeviceTypes.dll
c:\\windows\\system32\\PortableDeviceApi.dll
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c:\\program files\\Common Files\\Apple\\Mobile Device Support\\bin\\AppleMobileDeviceService.exe
e:\\programy\\Ashampoo\\Ashampoo Magical Defrag 2\\bin\\aDefragService.exe
c:\\program files\\Bonjour\\mDNSResponder.exe
c:\\windows\\system32\\nvsvc32.exe
c:\\windows\\system32\\HPZipm12.exe
e:\\programy\\VMware\\VMware Workstation\\vmware-authd.exe
c:\\program files\\Common Files\\VMware\\VMware Virtual Image Editing\\vmount2.exe
e:\\programy\\Ashampoo\\Ashampoo Magical Defrag 2\\bin\\defragActivityMonitor.exe
c:\\windows\\system32\\vmnat.exe
c:\\windows\\system32\\vmnetdhcp.exe
c:\\windows\\system32\\rundll32.exe
.
**************************************************************************
.
Czas ukończenia: 2009-02-14 19:38:34 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt  2009-02-14 18:38:09
ComboFix2.txt  2008-12-01 18:18:24
 
Przed: 11 655 163 904 bajtów wolnych
Po: 13,368,631,296 bajtów wolnych
 
269     --- E O F ---   2009-02-14 11:38:46
 
Wygenerowano w 0.127s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!