wklejto.pl

Dodane przez: ~Anonim (2010-01-08 12:43) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
241.
242.
243.
244.
245.
246.
247.
248.
249.
250.
251.
252.
253.
254.
255.
256.
257.
258.
259.
260.
261.
262.
263.
264.
265.
266.
267.
ComboFix 10-01-04.01 - Sławek 2010-01-08  12:24:17.1.1 - x86
Microsoft Windows XP Professional  5.1.2600.3.1250.48.1045.18.1535.1145 [GMT 1:00]
Uruchomiony z: c:\\documents and settings\\Sławek\\Pulpit\\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.
 
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
 
c:\\documents and settings\\Sławek\\Dane aplikacji\\Microsoft\\Internet Explorer\\Quick Launch\\xp-AntiSpy.lnk
C:\\resycled
c:\\resycled\\boot.com
c:\\windows\\install.exe
c:\\windows\\system32\\ActNAV_cltDynam.dat
c:\\windows\\system32\\rtclcmg32.dll
 
Zainfekowana kopia c:\\windows\\PCHEALTH\\HELPCTR\\Binaries\\helpsvc.exe została znaleziona. Problem naprawiono 
Plik odzyskano z - c:\\windows\\ServicePackFiles\\i386\\helpsvc.exe 
 
.
(((((((((((((((((((((((((   Pliki utworzone od 2009-12-08 do 2010-01-08  )))))))))))))))))))))))))))))))
.
 
2010-01-07 18:30 . 2010-01-07 21:31     --------        d-----w-        c:\\program files\\HDD Regenerator
2010-01-07 17:05 . 2010-01-07 17:05     --------        dc----w-        c:\\documents and settings\\All Users\\Dane aplikacji\\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}
2010-01-07 16:08 . 2010-01-07 16:08     --------        d-----w-        C:\\found.000
2010-01-06 13:57 . 2010-01-06 13:57     --------        d-----w-        c:\\program files\\HD Tune
2009-12-26 14:45 . 2010-01-04 13:26     22      ----a-w-        c:\\windows\\popcinfot.dat
2009-12-26 14:45 . 2009-12-26 14:45     0       ----a-w-        c:\\windows\\popcreg.dat
2009-12-24 11:56 . 2009-11-21 16:03     471552  -c----w-        c:\\windows\\system32\\dllcache\\aclayers.dll
2009-12-20 18:16 . 1999-11-19 14:03     210944  ----a-w-        c:\\windows\\system32\\MSVCRT10.DLL
 
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-08 11:36 . 2009-10-27 13:16     --------        d-----w-        c:\\program files\\Chameleon Clock
2010-01-08 11:18 . 2009-10-29 13:08     --------        d-----w-        c:\\program files\\1184587287
2010-01-08 10:57 . 2009-10-30 11:48     --------        d-----w-        c:\\documents and settings\\All Users\\Dane aplikacji\\Kaspersky Lab
2010-01-07 11:30 . 2001-10-30 12:00     88838   ----a-w-        c:\\windows\\system32\\perfc015.dat
2010-01-07 11:30 . 2001-10-30 12:00     500302  ----a-w-        c:\\windows\\system32\\perfh015.dat
2009-12-11 14:24 . 2002-01-01 02:32     --------        d--h--w-        c:\\program files\\InstallShield Installation Information
2009-12-09 19:39 . 2009-12-09 17:45     --------        d-----w-        c:\\program files\\Winamp
2009-11-30 21:06 . 2009-10-29 15:51     --------        d-----w-        c:\\program files\\PeerGuardian2
2009-11-27 12:41 . 2009-10-30 12:40     3695616 ----a-w-        c:\\documents and settings\\All Users\\Dane aplikacji\\Lavasoft\\Ad-Aware\\Update\\AutoLaunch.exe
2009-11-21 17:51 . 2009-11-21 17:49     43520   ----a-w-        c:\\windows\\system32\\CmdLineExt03.dll
2009-11-21 16:03 . 2001-10-30 12:00     471552  ----a-w-        c:\\windows\\AppPatch\\aclayers.dll
2009-11-21 13:34 . 2008-06-20 11:51     361600  ----a-w-        c:\\windows\\system32\\drivers\\tcpip.sys
2009-11-21 13:34 . 2009-10-31 16:26     --------        d-----w-        c:\\program files\\xp-AntiSpy
2009-11-16 14:42 . 2009-11-16 14:42     --------        d-----w-        c:\\program files\\RADVideo
2009-11-16 14:18 . 2009-11-16 14:18     279712  ----a-w-        c:\\windows\\system32\\drivers\\atksgt.sys
2009-11-16 14:18 . 2009-11-16 14:18     25888   ----a-w-        c:\\windows\\system32\\drivers\\lirsgt.sys
2009-11-16 13:36 . 2009-10-28 18:07     --------        d-----w-        c:\\program files\\FarStone
2009-11-16 13:08 . 2009-11-16 13:08     --------        d-----w-        c:\\documents and settings\\All Users\\Dane aplikacji\\farstone
2009-11-16 12:53 . 2009-11-16 12:53     261     ----a-w-        C:\\inVHDDrvLog.dat
2009-11-16 12:46 . 2009-11-16 12:29     86016   ----a-w-        c:\\windows\\system32\\RDrv2KInterface.dll
2009-11-16 12:46 . 2009-11-16 12:46     86016   ----a-w-        c:\\windows\\system32\\Dversion.dll
2009-11-16 12:46 . 2009-11-16 12:46     118784  ----a-w-        c:\\windows\\system32\\DVC.dll
2009-11-16 12:46 . 2009-11-16 12:29     36864   ----a-w-        c:\\windows\\system32\\unVHDDrvExe.exe
2009-11-16 12:46 . 2009-11-16 12:29     32768   ----a-w-        c:\\windows\\system32\\inVHDDrvExe.exe
2009-11-16 12:46 . 2009-11-16 12:29     28672   ----a-w-        c:\\windows\\system32\\RDrvInterface.dll
2009-11-16 12:10 . 2009-10-29 17:15     --------        d-----w-        c:\\program files\\UltraISO
2009-11-16 12:10 . 2009-11-16 12:10     --------        d-----w-        c:\\program files\\Common Files\\EZB Systems
2009-11-13 20:21 . 2009-11-13 20:21     --------        d-----w-        c:\\program files\\MSBuild
2009-11-13 20:20 . 2009-11-13 20:20     --------        d-----w-        c:\\program files\\Reference Assemblies
2009-11-12 22:19 . 2009-11-12 22:19     --------        d-----w-        c:\\program files\\Microsoft CAPICOM 2.1.0.2
2009-11-11 17:44 . 2009-11-11 17:44     236160  ----a-w-        c:\\windows\\EasyGifAnimator_Toolbar_Uninstaller_9015.exe
2009-11-11 17:44 . 2009-11-11 17:44     --------        d-----w-        c:\\program files\\Easy Gif Animator Extension
2009-11-11 17:43 . 2009-11-11 17:43     --------        d-----w-        c:\\program files\\Easy GIF Animator
2009-10-30 20:47 . 2009-10-30 20:47     376     ----a-w-        c:\\windows\\mozregistry.dat
2009-10-30 12:09 . 2009-10-30 12:09     932368  ----a-w-        c:\\documents and settings\\All Users\\Dane aplikacji\\Kaspersky Lab\\AVP9\\Data\\KasFlt\\Plugins\\profiles-1-6.dll
2009-10-30 12:09 . 2009-10-30 12:09     678416  ----a-w-        c:\\documents and settings\\All Users\\Dane aplikacji\\Kaspersky Lab\\AVP9\\Data\\KasFlt\\Plugins\\content_interpreter-1-1.dll
2009-10-30 12:09 . 2009-10-30 12:09     604688  ----a-w-        c:\\documents and settings\\All Users\\Dane aplikacji\\Kaspersky Lab\\AVP9\\Data\\KasFlt\\Plugins\\gsg-3-9.dll
2009-10-30 12:09 . 2009-10-30 12:09     522768  ----a-w-        c:\\documents and settings\\All Users\\Dane aplikacji\\Kaspersky Lab\\AVP9\\Data\\KasFlt\\Plugins\\database-1-5.dll
2009-10-30 12:09 . 2009-10-30 12:09     1096208 ----a-w-        c:\\documents and settings\\All Users\\Dane aplikacji\\Kaspersky Lab\\AVP9\\Data\\KasFlt\\Plugins\\filtration-4-6.dll
2009-10-30 12:08 . 2009-10-30 11:49     95259   ----a-w-        c:\\windows\\system32\\drivers\\klick.dat
2009-10-30 12:08 . 2009-10-30 11:49     108059  ----a-w-        c:\\windows\\system32\\drivers\\klin.dat
2009-10-30 12:08 . 2009-10-30 12:08     59920   ----a-w-        c:\\documents and settings\\All Users\\Dane aplikacji\\Kaspersky Lab\\AVP9\\Data\\Updater\\Temporary Files\\temporaryFolder\\AutoPatches\\kav9exec\\9.0.0.459\\mzvkbd.dll
2009-10-30 12:08 . 2009-10-30 12:08     109072  ----a-w-        c:\\documents and settings\\All Users\\Dane aplikacji\\Kaspersky Lab\\AVP9\\Data\\Updater\\Temporary Files\\temporaryFolder\\AutoPatches\\kav9exec\\9.0.0.459\\mzvkbd3.dll
2009-10-30 12:08 . 2009-10-30 12:08     264720  ----a-w-        c:\\documents and settings\\All Users\\Dane aplikacji\\Kaspersky Lab\\AVP9\\Data\\Updater\\Temporary Files\\temporaryFolder\\AutoPatches\\kav9exec\\9.0.0.459\\klwtbbho.dll
2009-10-30 11:51 . 2009-10-30 11:51     604140  --sha-w-        c:\\windows\\system32\\drivers\\ISwift3.dat
2009-10-29 12:15 . 2007-07-17 12:06     40      ----a-w-        c:\\windows\\system32\\profile.dat
2009-10-29 07:43 . 2001-10-30 12:00     916480  ----a-w-        c:\\windows\\system32\\wininet.dll
2009-10-28 17:22 . 2009-10-28 17:22     411368  ----a-w-        c:\\windows\\system32\\deploytk.dll
2009-10-26 21:46 . 2009-10-26 21:46     0       ----a-w-        c:\\windows\\nsreg.dat
2009-10-26 20:02 . 2007-07-16 11:58     86327   ----a-w-        c:\\windows\\PCHEALTH\\HELPCTR\\OfflineCache\\index.dat
2009-10-21 05:40 . 2007-07-17 07:13     25088   ----a-w-        c:\\windows\\system32\\httpapi.dll
2009-10-21 05:40 . 2007-07-17 07:13     75776   ----a-w-        c:\\windows\\system32\\strmfilt.dll
2009-10-20 16:20 . 2007-07-17 07:13     265728  ----a-w-        c:\\windows\\system32\\drivers\\http.sys
2009-10-13 10:34 . 2001-10-30 12:00     271360  ----a-w-        c:\\windows\\system32\\oakley.dll
2009-10-12 13:40 . 2001-10-30 12:00     79872   ----a-w-        c:\\windows\\system32\\raschap.dll
2009-10-12 13:40 . 2001-10-30 12:00     150016  ----a-w-        c:\\windows\\system32\\rastls.dll
2002-10-30 07:22 . 2002-10-30 07:22     15592   ----a-w-        c:\\program files\\owcstp16.dll
2006-05-03 09:06 . 2009-10-29 16:25     163328  --sh--r-        c:\\windows\\system32\\flvDX.dll
2007-02-21 10:47 . 2009-10-29 16:25     31232   --sh--r-        c:\\windows\\system32\\msfDX.dll
2008-03-16 12:30 . 2009-10-29 16:25     216064  --sh--r-        c:\\windows\\system32\\nbDX.dll
.
 
------- Sigcheck -------
 
[-] 2009-11-21 . D24EA301E2B36C4E975FD216CA85D8E7 . 361600 . . [5.1.2600.5625] . . c:\\windows\\system32\\dllcache\\tcpip.sys
[-] 2009-11-21 . 8E036EEC565910417EA020CE0962AA24 . 361344 . . [5.1.2600.5512] . . c:\\windows\\ServicePackFiles\\i386\\tcpip.sys
[-] 2009-11-21 . D24EA301E2B36C4E975FD216CA85D8E7 . 361600 . . [5.1.2600.5625] . . c:\\windows\\system32\\drivers\\tcpip.sys
[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\\windows\\$hf_mig$\\KB951748\\SP3QFE\\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\\windows\\$NtUninstallKB951748$\\tcpip.sys
[7] 2004-08-03 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\\windows\\$NtServicePackUninstall$\\tcpip.sys
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
 
[HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run]
\"HomeAlarm\"=\"c:\\program files\\Chameleon Clock\\ChamClock.exe\" [2004-01-16 810496]
\"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}\"=\"c:\\program files\\Common Files\\Ahead\\Lib\\NMBgMonitor.exe\" [2006-06-01 94208]
 
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run]
\"NeroFilterCheck\"=\"c:\\program files\\Common Files\\Ahead\\Lib\\NeroCheck.exe\" [2006-01-12 155648]
\"ATICCC\"=\"c:\\program files\\ATI Technologies\\ATI.ACE\\cli.exe\" [2006-01-02 45056]
\"Smapp\"=\"c:\\program files\\Analog Devices\\SoundMAX\\Smtray.exe\" [2002-06-26 90112]
\"SunJavaUpdateSched\"=\"c:\\program files\\Java\\jre6\\bin\\jusched.exe\" [2009-10-28 149280]
\"OODefragTray\"=\"c:\\windows\\system32\\oodtray.exe\" [2009-02-25 2553088]
\"HPDJ Taskbar Utility\"=\"c:\\windows\\system32\\spool\\drivers\\w32x86\\3\\hpztsb04.exe\" [2001-10-29 196608]
\"RAMDrive\"=\"c:\\program files\\FarStone\\VirtualDrive\\VHD\\RDTask.exe\" [2008-01-28 106496]
\"VirtualDrive\"=\"c:\\program files\\FarStone\\VirtualDrive\\VDTask.exe\" [2009-07-31 170512]
\"avp\"=\"c:\\program files\\Kaspersky Lab\\Kaspersky Internet Security 2010\\avp.exe\" [2009-07-03 303376]
 
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\RunOnce]
\"FsVdInstReboot\"=\"1 (0x1)\" [X]
 
[HKEY_USERS\\.DEFAULT\\Software\\Microsoft\\Windows\\CurrentVersion\\Run]
\"CTFMON.EXE\"=\"c:\\windows\\System32\\CTFMON.EXE\" [2008-04-14 15360]
 
c:\\documents and settings\\All Users\\Menu Start\\Programy\\Autostart\\
Adobe Gamma Loader.lnk - c:\\program files\\Common Files\\Adobe\\Calibration\\Adobe Gamma Loader.exe [2009-10-29 113664]
Adobe Reader Speed Launch.lnk - c:\\program files\\Adobe\\Acrobat 7.0\\Reader\\reader_sl.exe [2004-12-14 29696]
Microsoft Office.lnk - c:\\program files\\Microsoft Office\\Office10\\OSA.EXE [2001-2-13 83360]
 
[HKEY_LOCAL_MACHINE\\system\\currentcontrolset\\control\\session manager]
BootExecute     REG_MULTI_SZ    autocheck autochk *\\0OODBS
 
[HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\Minimal\\Lavasoft Ad-Aware Service]
@=\"Service\"
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\security center\\Monitoring\\KasperskyAntiVirus]
\"DisableMonitoring\"=dword:00000001
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\security center\\Monitoring\\SymantecFirewall]
\"DisableMonitoring\"=dword:00000001
 
[HKLM\\~\\services\\sharedaccess\\parameters\\firewallpolicy\\standardprofile]
\"EnableFirewall\"= 0 (0x0)
 
[HKLM\\~\\services\\sharedaccess\\parameters\\firewallpolicy\\standardprofile\\AuthorizedApplications\\List]
\"%windir%\\\\system32\\\\sessmgr.exe\"=
\"%windir%\\\\Network Diagnostic\\\\xpnetdiag.exe\"=
\"c:\\\\Program Files\\\\IncrediMail\\\\bin\\\\IMApp.exe\"=
\"c:\\\\Program Files\\\\IncrediMail\\\\bin\\\\IncMail.exe\"=
\"c:\\\\Program Files\\\\IncrediMail\\\\bin\\\\ImpCnt.exe\"=
\"c:\\\\Program Files\\\\WapSter\\\\WapSter AQQ\\\\AQQ.exe\"=
 
[HKLM\\~\\services\\sharedaccess\\parameters\\firewallpolicy\\standardprofile\\GloballyOpenPorts\\List]
\"15077:TCP\"= 15077:TCP:BitComet 15077 TCP
\"15077:UDP\"= 15077:UDP:BitComet 15077 UDP
 
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\\windows\\system32\\drivers\\klbg.sys [2008-12-15 33808]
R0 Lbd;Lbd;c:\\windows\\system32\\drivers\\Lbd.sys [2009-10-30 64160]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\\windows\\system32\\drivers\\klim5.sys [2009-05-13 31760]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\\windows\\system32\\drivers\\klmouflt.sys [2009-05-16 19472]
S2 .1184587287;1184587287;c:\\program files\\1184587287\\KWPSP Łódź1184587287L.exe [2009-09-10 435408]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\\program files\\Lavasoft\\Ad-Aware\\AAWService.exe [2009-07-03 1028432]
S4 cdawdm;CDAWDM;c:\\windows\\system32\\DRIVERS\\CDAWDM.sys --> c:\\windows\\system32\\DRIVERS\\CDAWDM.sys [?]
.
Zawartość folderu \'Zaplanowane zadania\'
 
2010-01-04 c:\\windows\\Tasks\\Ad-Aware Update (Weekly).job
- c:\\program files\\Lavasoft\\Ad-Aware\\Ad-AwareAdmin.exe [2009-07-03 12:40]
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.onet.pl/
uInternet Settings,ProxyOverride = local
IE: &Add animation to IncrediMail Style Box - c:\\program files\\IncrediMail\\bin\\resources\\WebMenuImg.htm
IE: E&ksport do programu Microsoft Excel - c:\\progra~1\\MICROS~2\\Office10\\EXCEL.EXE/3000
FF - ProfilePath - c:\\documents and settings\\Sławek\\Dane aplikacji\\Mozilla\\Firefox\\Profiles\\36el4l0b.default\\
FF - prefs.js: browser.startup.homepage - hxxp://www.onet.pl/
FF - component: c:\\program files\\Mozilla Firefox\\extensions\\linkfilter@kaspersky.ru\\components\\KavLinkFilter.dll
FF - plugin: c:\\program files\\K-Lite Codec Pack\\real\\browser\\plugins\\nppl3260.dll
FF - plugin: c:\\program files\\K-Lite Codec Pack\\real\\browser\\plugins\\nprpjplug.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\\windows\\Microsoft.NET\\Framework\\v3.5\\Windows Presentation Foundation\\DotNetAssistantExtension\\
.
- - - - USUNIĘTO PUSTE WPISY - - - -
 
HKLM-Run-NWEReboot - (no file)
Notify-NavLogon - (no file)
 
 
 
**************************************************************************
 
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-08 12:36
Windows 5.1.2600 Dodatek Service Pack 3 NTFS
 
skanowanie ukrytych procesów ...  
 
skanowanie ukrytych wpisów autostartu ... 
 
skanowanie ukrytych plików ...  
 
skanowanie pomyślnie ukończone
ukryte pliki: 0
 
**************************************************************************
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
 
[HKEY_LOCAL_MACHINE\\software\\Microsoft\\Windows\\CurrentVersion\\System*]
\"OODEFRAG11.00.00.01WORKSTATION\"=\"0ADDDE2DB54D0B2EB0B3783FEAD824084659D33CDD7E829F072A3852FC0C7B40AA9E63561341DAE630E72EE45F1C84C9B46BB3DC33ECB435E278961C28C1BCB8E861C89C5E9C62A588D46FCFD1FE3ED82A134E5DBDBF37D70D6BC91D8B36883E8191F1F25BADD477AF381F710FB55351F58329CBF1B17E50CFCB9A9FE849E0E455AC0781B51BE6DEC063696CCBC8C8C10B848D6A2D4F015B967511A1622C4EB66AC2F5A47A5AFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933C038D530D6EB34525D575E7D6A3B9808FEBC9E127BECC74C460CD3EECFA5C6239DD4F5428CA3A4A00C55939292564AE265BA24781DF8AD8EA646306824297155FB3D0C03E8B86667D922A23890541FC51FBFCEB4D97711D3CD8A47A454B1CA4152C99742B5B73144D793AA37B24CD49F319B69D0F073547CCCCD5EF6827550143F3BF30778B2E926D3D842EFFD4E59C1B988E01F89998EE035765BC8165EE1C9E547A3F1F9F2DAD0A51421D23C1E005861B549890DCA3AAF1DE04B963A8B43377096CAB144F3B1DBA2DA2767FAB57FDED04559092B1E36EA1F5EDEEF5ECF1E8287C5B28C2AE2FDB4AAB6544789C070A5B4CFEBAD55DAC7E75BB169793632FD26DDE5465CBCA6B5191C27D020FE9FD351BFE07F1BC0811651739261EBB76B53F0A4FC998DD7D3341EDB1D6536336709DB2874378767C02B230EAEE4929D6BF28614845FA094B6B5AAD37E7E5DC360D8912680D9BF8A8077B056A4B2CD6854945C68E6712DD350D97AEF25B0029186EB12F86A52A128D84F9FFA88AE925BFB56BD6107CD5A3AD3A89EA060B021428B5254608D30A189176769AD62E0E87CEE36C9C1B9126630268A795B7258CC3F537D1FA33A2546373EDC5C25AF756C97691A7251C785A261E54B43178E252DB4F544900CB1092B7F822F981DDEBBCEBBDF49805D6E90F23E611F885261B9F91541E098662C577EF44E4215D3D4A7533CF6720CB2DE4153F99C9A288D08DB831434717B0553AD056EBD5B1C8B68D152B08A2385283D46CE8E4EB5D54C14F42BAB0478543EC7CF9684A3A8CA8BE77538F2A952AF13247687B6624F99970D14E79898DC8DE91C239B9686B6939D11F2842214D6204F9F49B2F2F7284FFBEBE9425C10E7E8E7563596C59C7BBB1198CECD24C3ECC3BD30DC980763E6278B1F4C5BBBB9497B97F2B11979D64DDB39272FB91CE03657C1CB70987BAB13A4D887B662C01A922DE0606E4A5A54E763EAD76206F84B36ED425BEAA21D8D1A9FFD7CC49F38EABB3BAB0161E5D7ECE91482BB5503E715556F2B3BD4BBFAF5CFC297483AECB2179C37E5ACA43BA328D503DDD51E945B046016EBBDD9FDE98A660F4527FC3806C0740402ADF7AD34C395995E9E73328B1487F0F8A6\"
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------
 
- - - - - - - > \'winlogon.exe\'(1020)
c:\\windows\\system32\\Ati2evxx.dll
 
- - - - - - - > \'explorer.exe\'(2208)
c:\\windows\\system32\\WININET.dll
c:\\program files\\Chameleon Clock\\trayclock.dll
c:\\windows\\system32\\webcheck.dll
c:\\program files\\Adobe\\Acrobat 7.0\\ActiveX\\AcroIEHelper.dll
c:\\program files\\Microsoft Office\\Office10\\msohev.dll
c:\\program files\\Adobe\\Acrobat 7.0\\ActiveX\\PDFShell.dll
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c:\\windows\\system32\\Ati2evxx.exe
c:\\windows\\system32\\Ati2evxx.exe
c:\\program files\\Common Files\\LightScribe\\LSSrvc.exe
c:\\program files\\Common Files\\Microsoft Shared\\VS7Debug\\mdm.exe
c:\\windows\\system32\\oodag.exe
c:\\program files\\Analog Devices\\SoundMAX\\SMAgent.exe
c:\\windows\\system32\\wdfmgr.exe
c:\\windows\\system32\\OSK.exe
c:\\windows\\system32\\MSSWCHX.EXE
c:\\windows\\System32\\wbem\\wmiapsrv.exe
c:\\windows\\system32\\wscntfy.exe
.
**************************************************************************
.
Czas ukończenia: 2010-01-08  12:40:27 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt  2010-01-08 11:40
 
Przed: 19 328 147 456 bajtów wolnych
Po: 19 421 962 240 bajtów wolnych
 
WindowsXP-KB310994-SP2-Pro-BootDisk-PLK.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\\WINDOWS
[operating systems]
c:\\cmdcons\\BOOTSECT.DAT=\"Microsoft Windows Recovery Console\" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\\WINDOWS=\"Microsoft Windows XP Professional\" /fastdetect /NoExecute=OptIn
 
- - End Of File - - 324ABCE6E80BF8E3F425B83D5CD36C5A
 
Wygenerowano w 0.126s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!