wklejto.pl

Dodane przez: ~jorket (2010-06-15 20:57) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
241.
242.
243.
244.
245.
246.
247.
248.
249.
250.
251.
252.
253.
254.
255.
256.
257.
258.
259.
260.
261.
262.
263.
264.
265.
266.
267.
268.
269.
270.
271.
272.
ComboFix 10-06-15.02 - Imaquest 2010-06-15  20:18:37.27.2 - x86
Microsoft Windows XP Professional  5.1.2600.3.1250.48.1045.18.1015.578 [GMT 2:00]
Uruchomiony z: c:\\documents and settings\\Imaquest\\Pulpit\\ComboFix.exe
AV: Kaspersky Anti-Virus *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.
 
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
 
c:\\windows\\system32\\tmp.reg
 
.
(((((((((((((((((((((((((   Pliki utworzone od 2010-05-15 do 2010-06-15  )))))))))))))))))))))))))))))))
.
 
2010-06-15 17:23 . 2010-06-15 18:23     --------        d-----w-        c:\\windows\\LastGood
2010-06-15 17:19 . 2010-06-15 17:19     80400   ----a-w-        c:\\documents and settings\\All Users\\Dane aplikacji\\Kaspersky Lab\\AVP9\\Data\\Updater\\Temporary Files\\rollback\\patch\\AutoPatches\\kav9exec\\9.0.0.736\\fssync.dll
2010-06-15 17:19 . 2010-06-15 17:19     315408  ----a-w-        c:\\documents and settings\\All Users\\Dane aplikacji\\Kaspersky Lab\\AVP9\\Data\\Updater\\Temporary Files\\rollback\\patch\\AutoPatches\\kav9exec\\9.0.0.736\\sys\\i386\\5.1\\klif.sys
2010-06-15 17:19 . 2010-06-15 17:19     133648  ----a-w-        c:\\documents and settings\\All Users\\Dane aplikacji\\Kaspersky Lab\\AVP9\\Data\\Updater\\Temporary Files\\rollback\\patch\\AutoPatches\\kav9exec\\9.0.0.736\\mmpprtc.dll
2010-06-15 17:19 . 2010-06-15 17:19     109072  ----a-w-        c:\\documents and settings\\All Users\\Dane aplikacji\\Kaspersky Lab\\AVP9\\Data\\Updater\\Temporary Files\\rollback\\patch\\AutoPatches\\kav9exec\\9.0.0.736\\mzvkbd3.dll
2010-06-15 17:19 . 2010-06-15 17:19     80400   ----a-w-        c:\\documents and settings\\All Users\\Dane aplikacji\\Kaspersky Lab\\AVP9\\Data\\Updater\\Temporary Files\\temporaryFolder\\AutoPatches\\kav9exec\\9.0.0.736\\fssync.dll
2010-06-15 17:19 . 2010-06-15 17:19     315408  ----a-w-        c:\\documents and settings\\All Users\\Dane aplikacji\\Kaspersky Lab\\AVP9\\Data\\Updater\\Temporary Files\\temporaryFolder\\AutoPatches\\kav9exec\\9.0.0.736\\sys\\i386\\5.1\\klif.sys
2010-06-15 17:19 . 2010-06-15 17:19     133720  ----a-w-        c:\\documents and settings\\All Users\\Dane aplikacji\\Kaspersky Lab\\AVP9\\Data\\Updater\\Temporary Files\\temporaryFolder\\AutoPatches\\kav9exec\\9.0.0.736\\mmpprtc.dll
2010-06-15 17:19 . 2010-06-15 17:19     109072  ----a-w-        c:\\documents and settings\\All Users\\Dane aplikacji\\Kaspersky Lab\\AVP9\\Data\\Updater\\Temporary Files\\temporaryFolder\\AutoPatches\\kav9exec\\9.0.0.736\\mzvkbd3.dll
2010-06-15 10:43 . 2010-06-15 10:43     --------        d-----w-        c:\\program files\\Kaspersky Lab
2010-06-11 20:49 . 2010-06-11 20:49     --------        d-----w-        c:\\documents and settings\\NetworkService\\Ustawienia lokalne\\Dane aplikacji\\Google
2010-06-11 20:45 . 2010-06-11 20:48     --------        d-----w-        c:\\documents and settings\\Imaquest\\Ustawienia lokalne\\Dane aplikacji\\Temp
2010-06-10 21:36 . 2010-05-06 10:35     743424  -c----w-        c:\\windows\\system32\\dllcache\\iedvtool.dll
2010-06-05 14:21 . 2010-06-05 14:22     --------        d-----w-        c:\\documents and settings\\Imaquest\\Dane aplikacji\\Nero
2010-06-05 11:52 . 2010-06-05 11:54     --------        d-----w-        c:\\program files\\SlySoft
2010-06-05 11:12 . 2010-06-05 11:12     --------        d-----w-        c:\\documents and settings\\Imaquest\\Dane aplikacji\\Ashampoo
2010-06-05 11:12 . 2010-06-05 11:12     --------        d-----w-        c:\\documents and settings\\Imaquest\\Ustawienia lokalne\\Dane aplikacji\\Conduit
2010-06-05 11:12 . 2010-06-05 11:12     --------        d-----w-        c:\\program files\\Conduit
2010-06-05 11:12 . 2010-01-20 10:19     52224   ----a-w-        c:\\documents and settings\\Imaquest\\Dane aplikacji\\Mozilla\\Firefox\\Profiles\\9i30mx9b.default\\extensions\\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\\components\\FFExternalAlert.dll
2010-06-05 11:12 . 2010-01-20 10:19     101376  ----a-w-        c:\\documents and settings\\Imaquest\\Dane aplikacji\\Mozilla\\Firefox\\Profiles\\9i30mx9b.default\\extensions\\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\\components\\RadioWMPCore.dll
2010-06-05 11:12 . 2010-06-05 11:12     --------        d-----w-        c:\\documents and settings\\Imaquest\\Ustawienia lokalne\\Dane aplikacji\\ashampoo
2010-06-05 11:12 . 2010-06-05 11:12     --------        d-----w-        c:\\documents and settings\\All Users\\Dane aplikacji\\ashampoo
2010-06-04 14:28 . 2010-06-04 14:28     --------        d-----w-        c:\\documents and settings\\LocalService\\Ustawienia lokalne\\Dane aplikacji\\ESET
2010-06-03 15:55 . 2010-06-03 15:55     --------        d-----w-        c:\\program files\\Windows Doctor
2010-06-02 13:30 . 2010-06-02 13:30     --------        d-----w-        c:\\documents and settings\\Imaquest\\Ustawienia lokalne\\Dane aplikacji\\ESET
2010-06-02 12:26 . 2010-06-02 12:26     --------        d-----w-        c:\\documents and settings\\Imaquest\\Dane aplikacji\\ESET
2010-06-02 12:25 . 2010-06-02 12:25     --------        d-----w-        c:\\program files\\ESET
2010-06-02 12:25 . 2010-06-02 12:25     --------        d-----w-        c:\\documents and settings\\All Users\\Dane aplikacji\\ESET
2010-05-23 20:04 . 2010-05-23 20:04     --------        d-----w-        c:\\program files\\CleanUp!
2010-05-22 10:08 . 2010-05-29 10:28     --------        d-sh--w-        c:\\documents and settings\\LocalService\\PrivacIE
2010-05-22 10:08 . 2010-06-15 18:01     --------        d-sh--w-        c:\\documents and settings\\LocalService\\IETldCache
2010-05-22 10:08 . 2010-05-22 10:08     --------        d-----r-        c:\\documents and settings\\LocalService\\Ulubione
2010-05-18 17:08 . 2010-06-15 18:24     536064  ----a-w-        c:\\windows\\system32\\drivers\\qvjoyj.sys
2010-05-18 17:03 . 2008-04-13 22:10     34688   -c--a-w-        c:\\windows\\system32\\dllcache\\lbrtfdc.sys
2010-05-18 17:03 . 2008-04-13 22:10     34688   ----a-w-        c:\\windows\\system32\\drivers\\lbrtfdc.sys
2010-05-18 17:02 . 2008-04-13 22:11     8576    -c--a-w-        c:\\windows\\system32\\dllcache\\i2omgmt.sys
2010-05-18 17:02 . 2008-04-13 22:11     8576    ----a-w-        c:\\windows\\system32\\drivers\\i2omgmt.sys
2010-05-18 17:02 . 2008-04-13 22:11     8192    -c--a-w-        c:\\windows\\system32\\dllcache\\changer.sys
2010-05-18 17:02 . 2008-04-13 22:11     8192    ----a-w-        c:\\windows\\system32\\drivers\\changer.sys
2010-05-16 21:56 . 2010-05-18 23:22     --------        d-----w-        c:\\program files\\AutorunRemover
 
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-15 18:25 . 2008-04-14 22:03     741376  ----a-w-        c:\\windows\\system32\\drivers\\Parport.sys
2010-06-15 18:12 . 2009-09-01 02:37     --------        d-----w-        c:\\program files\\SkanerOnline
2010-06-15 17:22 . 2009-04-01 12:16     --------        d-----w-        c:\\documents and settings\\All Users\\Dane aplikacji\\Kaspersky Lab
2010-06-15 17:19 . 2010-05-09 17:15     97549   ----a-w-        c:\\windows\\system32\\drivers\\klick.dat
2010-06-15 17:19 . 2010-05-09 17:15     113933  ----a-w-        c:\\windows\\system32\\drivers\\klin.dat
2010-06-15 17:10 . 2010-05-09 17:15     548896  --sha-w-        c:\\windows\\system32\\drivers\\fidbox2.dat
2010-06-15 17:10 . 2010-05-09 17:15     5052    --sha-w-        c:\\windows\\system32\\drivers\\fidbox2.idx
2010-06-15 17:10 . 2010-05-09 17:15     2616352 --sha-w-        c:\\windows\\system32\\drivers\\fidbox.dat
2010-06-15 17:10 . 2010-05-09 17:15     23616   --sha-w-        c:\\windows\\system32\\drivers\\fidbox.idx
2010-06-15 17:02 . 2009-04-01 12:15     --------        d-----w-        c:\\documents and settings\\All Users\\Dane aplikacji\\Kaspersky Lab Setup Files
2010-06-12 15:31 . 2009-11-04 15:49     --------        d-----w-        c:\\documents and settings\\All Users\\Dane aplikacji\\Microsoft Help
2010-06-11 20:49 . 2009-04-02 16:00     --------        d-----w-        c:\\program files\\Google
2010-06-08 19:26 . 2009-06-11 10:29     --------        d-----w-        c:\\program files\\Common Files\\Nero
2010-06-08 19:22 . 2010-02-27 14:22     --------        d-----w-        c:\\documents and settings\\All Users\\Dane aplikacji\\Nero
2010-06-05 10:21 . 2009-07-30 10:12     --------        d-----w-        c:\\program files\\Microsoft Silverlight
2010-06-03 16:31 . 2009-04-01 12:54     83392   ----a-w-        c:\\documents and settings\\Imaquest\\Ustawienia lokalne\\Dane aplikacji\\GDIPFONTCACHEV1.DAT
2010-06-03 16:04 . 2010-05-10 13:10     2       --shatr-        c:\\windows\\winstart.bat
2010-05-28 11:52 . 2009-04-16 16:04     --------        d-----w-        c:\\documents and settings\\Imaquest\\Dane aplikacji\\Nowe Gadu-Gadu
2010-05-25 20:03 . 2010-05-25 20:03     12      ----a-w-        c:\\documents and settings\\LocalService\\Dane aplikacji\\vqdlkr.dat
2010-05-18 23:14 . 2010-05-18 23:14     0       ----a-w-        c:\\windows\\system32\\drivers\\SET7DF.tmp
2010-05-18 17:02 . 2009-05-09 11:08     13224   ----a-w-        c:\\windows\\system32\\drivers\\ggflt.sys
2010-05-18 17:02 . 2009-04-01 12:14     2944    ----a-w-        c:\\windows\\system32\\drivers\\drmkaud.sys
2010-05-18 17:02 . 2009-04-01 12:14     52864   ----a-w-        c:\\windows\\system32\\drivers\\dmusic.sys
2010-05-18 17:02 . 2001-08-17 21:52     18688   ----a-w-        c:\\windows\\system32\\drivers\\Cdaudio.sys
2010-05-18 17:02 . 2009-08-06 16:42     17024   ----a-w-        c:\\windows\\system32\\drivers\\ccdecode.sys
2010-05-18 17:02 . 2008-04-13 22:21     59904   ----a-w-        c:\\windows\\system32\\drivers\\atmarpc.sys
2010-05-18 17:01 . 2009-04-01 12:14     142592  ----a-w-        c:\\windows\\system32\\drivers\\aec.sys
2010-05-18 16:59 . 2010-05-18 16:59     12      ----a-w-        c:\\documents and settings\\LocalService\\Dane aplikacji\\qvjsge.dat
2010-05-11 22:07 . 2010-05-11 20:04     --------        d-----w-        c:\\program files\\The Cleaner
2010-05-11 20:04 . 2010-05-11 10:50     36459936        ----a-w-        c:\\documents and settings\\Imaquest\\Ustawienia lokalne\\Dane aplikacji\\cleaner7_setup.exe
2010-05-11 17:53 . 2010-05-11 17:53     --------        d-----w-        c:\\program files\\Analog Devices
2010-05-11 17:35 . 2009-04-01 12:08     --------        d--h--w-        c:\\program files\\InstallShield Installation Information
2010-05-11 14:30 . 2009-04-01 12:24     --------        d-----w-        c:\\documents and settings\\Imaquest\\Dane aplikacji\\Winamp
2010-05-11 13:29 . 2010-05-11 13:25     --------        d-----w-        c:\\documents and settings\\Imaquest\\Dane aplikacji\\RegistryTool
2010-05-11 13:02 . 2010-05-11 13:02     --------        d-----w-        c:\\program files\\Phyxion.net
2010-05-11 11:53 . 2010-05-11 11:52     --------        d-----w-        c:\\program files\\K-Lite Codec Pack
2010-05-11 10:51 . 2010-05-11 10:51     --------        d-----w-        c:\\documents and settings\\Imaquest\\Dane aplikacji\\thecleaner
2010-05-11 08:57 . 2010-05-11 08:57     --------        d-----w-        c:\\program files\\IObit
2010-05-10 22:22 . 2010-05-10 22:22     --------        d-----w-        c:\\documents and settings\\All Users\\Dane aplikacji\\PC Drivers HeadQuarters
2010-05-10 21:54 . 2009-07-04 21:58     --------        d-----w-        c:\\program files\\LSI SoftModem
2010-05-10 19:57 . 2010-05-10 19:16     --------        d-----w-        c:\\documents and settings\\All Users\\Dane aplikacji\\RH_Backups
2010-05-10 18:18 . 2010-05-10 18:18     396288  ----a-w-        c:\\windows\\system32\\CF15102.exe
2010-05-06 10:35 . 2008-05-08 18:01     916480  ----a-w-        c:\\windows\\system32\\wininet.dll
2010-05-03 05:24 . 2010-05-03 05:16     --------        d-----w-        c:\\program files\\Raxco
2010-05-03 05:15 . 2010-05-03 05:15     --------        d-----w-        c:\\documents and settings\\Imaquest\\Dane aplikacji\\IObit
2010-05-02 08:09 . 2008-04-14 19:35     1851520 ----a-w-        c:\\windows\\system32\\win32k.sys
2010-05-02 04:46 . 2009-11-25 20:06     --------        d-----w-        c:\\documents and settings\\All Users\\Dane aplikacji\\OpenFM
2010-05-01 15:21 . 2009-07-06 19:59     --------        d-----w-        c:\\program files\\LG Electronics
2010-04-25 20:26 . 2009-06-11 10:19     --------        d-----w-        c:\\program files\\BitComet
2010-04-25 08:58 . 2010-04-25 08:37     --------        d-----w-        c:\\documents and settings\\All Users\\Dane aplikacji\\LGMOBILEAX
2010-04-25 08:41 . 2009-05-09 11:08     --------        d-----w-        c:\\program files\\DIFX
2010-04-24 15:56 . 2010-04-24 15:56     396288  ----a-w-        c:\\windows\\system32\\CF27659.exe
2010-04-24 10:06 . 2010-04-24 10:06     --------        d-----w-        c:\\documents and settings\\Imaquest\\Dane aplikacji\\Malwarebytes
2010-04-24 10:06 . 2010-04-24 10:06     --------        d-----w-        c:\\documents and settings\\All Users\\Dane aplikacji\\Malwarebytes
2010-04-23 21:04 . 2009-07-06 19:58     --------        d-----w-        c:\\documents and settings\\Imaquest\\Dane aplikacji\\LG Electronics
2010-04-23 00:55 . 2010-04-25 08:37     1042368 ----a-w-        c:\\documents and settings\\All Users\\Dane aplikacji\\LGMOBILEAX\\B2C_Client\\LGUserCSTool.exe
2010-04-22 22:33 . 2010-04-25 08:37     300992  ----a-w-        c:\\documents and settings\\All Users\\Dane aplikacji\\LGMOBILEAX\\B2C_Client\\B2CNotiAgent.exe
2010-04-22 22:31 . 2010-04-25 08:37     516096  ----a-w-        c:\\documents and settings\\All Users\\Dane aplikacji\\LGMOBILEAX\\B2C_Client\\LGMUpgradeDL.dll
2010-04-21 07:21 . 2010-04-25 08:37     102400  ----a-w-        c:\\documents and settings\\All Users\\Dane aplikacji\\LGMOBILEAX\\B2C_Client\\LGMobileDL.dll
2010-04-20 05:34 . 2008-04-14 20:30     285696  ----a-w-        c:\\windows\\system32\\atmfd.dll
2010-04-17 18:53 . 2010-04-17 18:50     --------        d-----w-        c:\\documents and settings\\Imaquest\\Dane aplikacji\\PhotoFiltre
2010-04-16 18:00 . 2010-05-11 11:52     85504   ----a-w-        c:\\windows\\system32\\ff_vfw.dll
2010-04-10 17:54 . 2001-10-26 16:15     537574  ----a-w-        c:\\windows\\system32\\perfh015.dat
2010-04-10 17:54 . 2001-10-26 16:15     101720  ----a-w-        c:\\windows\\system32\\perfc015.dat
2010-04-05 17:22 . 2010-04-05 17:22     2238    ----a-r-        c:\\documents and settings\\Imaquest\\Dane aplikacji\\Microsoft\\Installer\\{9DE4E17F-0C99-4A57-8F7D-5B69CC95D7A9}\\NewShortcut7_9DE4E17F0C994A578F7D5B69CC95D7A9.exe
2010-04-05 17:22 . 2010-04-05 17:22     2238    ----a-r-        c:\\documents and settings\\Imaquest\\Dane aplikacji\\Microsoft\\Installer\\{9DE4E17F-0C99-4A57-8F7D-5B69CC95D7A9}\\NewShortcut4_9DE4E17F0C994A578F7D5B69CC95D7A9.exe
2010-04-05 17:22 . 2010-04-05 17:22     2238    ----a-r-        c:\\documents and settings\\Imaquest\\Dane aplikacji\\Microsoft\\Installer\\{9DE4E17F-0C99-4A57-8F7D-5B69CC95D7A9}\\ARPPRODUCTICON.exe
2010-03-27 14:47 . 2009-08-09 14:25     16      -c--a-w-        c:\\windows\\msocreg32.dat
2010-03-25 16:58 . 2010-03-25 16:58     396288  ----a-w-        c:\\windows\\system32\\CF29533.exe
.
 
------- Sigcheck -------
 
[-] 2008-05-08 . 9F02C1CF7C3100E4AEA7DD8B6A86A01B . 1571840 . . [5.1.2600.5512] . . c:\\windows\\system32\\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
 
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run]
\"AVP\"=\"e:\\programy\\kaspersky\\avp.exe\" [2009-10-20 340456]
 
[HKEY_USERS\\.DEFAULT\\Software\\Microsoft\\Windows\\CurrentVersion\\Run]
\"CTFMON.EXE\"=\"c:\\windows\\system32\\CTFMON.EXE\" [2008-04-14 15360]
 
[HKEY_USERS\\.DEFAULT\\Software\\Microsoft\\Windows\\CurrentVersion\\RunOnce]
\"nltide_2\"=\"shell32\" [X]
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\windows nt\\currentversion\\windows]
\"AppInit_DLLs\"=e:\\programy\\KASPER~1\\mzvkbd3.dll
 
[HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\Minimal\\Wdf01000.sys]
@=\"Driver\"
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\security center\\Monitoring\\KasperskyAntiVirus]
\"DisableMonitoring\"=dword:00000001
 
[HKLM\\~\\services\\sharedaccess\\parameters\\firewallpolicy\\standardprofile\\AuthorizedApplications\\List]
\"%windir%\\\\Network Diagnostic\\\\xpnetdiag.exe\"=
\"%windir%\\\\system32\\\\sessmgr.exe\"=
\"d:\\\\Programy\\\\Gadu-Gadu\\\\gg.exe\"=
\"d:\\\\Programy\\\\Bearshare\\\\BearShare.exe\"=
\"c:\\\\Program Files\\\\SopCast\\\\SopCast.exe\"=
\"c:\\\\Program Files\\\\SopCast\\\\adv\\\\SopAdver.exe\"=
\"e:\\\\Gry\\\\Cm 01-02\\\\cm0102.exe\"=
\"c:\\\\Program Files\\\\Sony Ericsson\\\\Update Service\\\\Update Service.exe\"=
\"c:\\\\WINDOWS\\\\system32\\\\mshta.exe\"=
\"d:\\\\Programy\\\\DC++\\\\DCPlusPlus.exe\"=
\"d:\\\\Nowe Gadu-Gadu\\\\gg.exe\"=
\"c:\\\\Program Files\\\\Skype\\\\Plugin Manager\\\\skypePM.exe\"=
\"c:\\\\Program Files\\\\Skype\\\\Phone\\\\Skype.exe\"=
\"c:\\\\Documents and Settings\\\\All Users\\\\Dane aplikacji\\\\Kaspersky Lab Setup Files\\\\Kaspersky Anti-Virus 2009\\\\Polish\\\\setup.exe\"=
 
[HKLM\\~\\services\\sharedaccess\\parameters\\firewallpolicy\\standardprofile\\GloballyOpenPorts\\List]
\"18382:TCP\"= 18382:TCP:BitComet 18382 TCP
\"18382:UDP\"= 18382:UDP:BitComet 18382 UDP
 
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\\windows\\system32\\drivers\\klbg.sys [2008-01-29 36880]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\\windows\\system32\\drivers\\klim5.sys [2008-03-25 32272]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\\windows\\system32\\drivers\\klmouflt.sys [2009-10-02 19472]
S0 d347bus;d347bus;c:\\windows\\system32\\DRIVERS\\d347bus.sys --> c:\\windows\\system32\\DRIVERS\\d347bus.sys [?]
S2 gupdate;Google Update Service (gupdate);c:\\program files\\Google\\Update\\GoogleUpdate.exe [2010-06-11 136176]
S3 FlashUSB;FlashUSB;c:\\windows\\system32\\drivers\\FlashUsb.sys [2010-04-25 16896]
S3 ggflt;SEMC USB Flash Driver Filter;c:\\windows\\system32\\drivers\\ggflt.sys [2009-05-09 13224]
S4 sptd;sptd;c:\\windows\\system32\\drivers\\sptd.sys [2009-04-20 691696]
 
--- Inne Usługi/Sterowniki w Pamięci ---
 
*Deregistered* - qvjoyj
.
Zawartość folderu \'Zaplanowane zadania\'
 
2010-06-15 c:\\windows\\Tasks\\GoogleUpdateTaskMachineCore.job
- c:\\program files\\Google\\Update\\GoogleUpdate.exe [2010-06-11 20:44]
 
2010-06-15 c:\\windows\\Tasks\\GoogleUpdateTaskMachineUA.job
- c:\\program files\\Google\\Update\\GoogleUpdate.exe [2010-06-11 20:44]
.
.
------- Skan uzupełniający -------
.
uInternet Settings,ProxyOverride = local
IE: &D&ownload &with BitComet - c:\\program files\\BitComet\\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\\program files\\BitComet\\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\\program files\\BitComet\\BitComet.exe/AddAllLink.htm
IE: Add to Google Photos Screensa&ver - c:\\windows\\system32\\GPhotos.scr/200
IE: E&ksportuj do programu Microsoft Excel - e:\\programy\\OFFICE~1\\Office12\\EXCEL.EXE/3000
IE: Funkcja Google Sidewiki - c:\\program files\\Google\\Google Toolbar\\Component\\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: Wyślij do interfejsu &Bluetooth
FF - ProfilePath - c:\\documents and settings\\Imaquest\\Dane aplikacji\\Mozilla\\Firefox\\Profiles\\9i30mx9b.default\\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - MyAshampoo Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.wp.pl/
FF - prefs.js: network.proxy.http - 174.142.24.201
FF - prefs.js: network.proxy.http_port - 3128
FF - prefs.js: network.proxy.type - 4
FF - component: c:\\documents and settings\\Imaquest\\Dane aplikacji\\Mozilla\\Firefox\\Profiles\\9i30mx9b.default\\extensions\\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\\components\\FFExternalAlert.dll
FF - component: c:\\documents and settings\\Imaquest\\Dane aplikacji\\Mozilla\\Firefox\\Profiles\\9i30mx9b.default\\extensions\\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\\components\\RadioWMPCore.dll
FF - component: c:\\program files\\Mozilla Firefox\\extensions\\{B13721C7-F507-4982-B2E5-502A71474FED}\\components\\NPComponent.dll
FF - component: c:\\program files\\Mozilla Firefox\\extensions\\linkfilter@kaspersky.ru\\components\\KavLinkFilter.dll
FF - plugin: c:\\documents and settings\\Imaquest\\Dane aplikacji\\Gadu-Gadu 10\\_userdata\\npgg.2.dll
FF - plugin: c:\\documents and settings\\Imaquest\\Dane aplikacji\\Nowe Gadu-Gadu\\_userdata\\npgg.1.dll
FF - plugin: c:\\program files\\DivX\\DivX Plus Web Player\\npdivx32.dll
FF - plugin: c:\\program files\\Google\\Google Earth\\plugin\\npgeplugin.dll
FF - plugin: c:\\program files\\Google\\Update\\1.2.183.23\\npGoogleOneClick8.dll
FF - plugin: c:\\program files\\Mozilla Firefox\\plugins\\np-mswmp.dll
FF - plugin: d:\\picasa3\\npPicasa3.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\\windows\\Microsoft.NET\\Framework\\v3.5\\Windows Presentation Foundation\\DotNetAssistantExtension\\
 
---- FIREFOX - SPOSÓB POSTĘPOWANIA ----
c:\\program files\\Mozilla Firefox\\greprefs\\security-prefs.js - pref(\"security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref\", true);
c:\\program files\\Mozilla Firefox\\greprefs\\security-prefs.js - pref(\"security.ssl.renego_unrestricted_hosts\", \"\");
c:\\program files\\Mozilla Firefox\\greprefs\\security-prefs.js - pref(\"security.ssl.treat_unsafe_negotiation_as_broken\", false);
c:\\program files\\Mozilla Firefox\\greprefs\\security-prefs.js - pref(\"security.ssl.require_safe_negotiation\",  false);
.
 
**************************************************************************
 
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-06-15 20:23
Windows 5.1.2600 Dodatek Service Pack 3 NTFS
 
skanowanie ukrytych procesów ...  
 
skanowanie ukrytych wpisów autostartu ... 
 
skanowanie ukrytych plików ...  
 
skanowanie pomyślnie ukończone
ukryte pliki: 0
 
**************************************************************************
 
[HKEY_LOCAL_MACHINE\\System\\ControlSet001\\Services\\atapi]
\"ImagePath\"=\"System32\\Drivers\\atapi.svs\"
 
[HKEY_LOCAL_MACHINE\\System\\ControlSet001\\Services\\Parport]
 
--
 
[HKEY_LOCAL_MACHINE\\System\\ControlSet001\\Services\\qvjoyj]
 
.
Czas ukończenia: 2010-06-15  20:26:41
ComboFix-quarantined-files.txt  2010-06-15 18:26
 
Przed: 3 619 352 576 bajtów wolnych
Po: 3 619 786 752 bajtów wolnych
 
- - End Of File - - F76C5FC3E64213940E678D776286E264
 
Wygenerowano w 0.143s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!