- wolny komputer (Dell) i wolny internet
- błąd aktualizacji Windowsa XP pro [error 0x80070002]
- błąd pod koniec instalacji MalwareBytesAntimalware:
vbAccelerator SGrid II Control: Run-time error "0"
Automation error: Run-time error "440"
- nie mogę odpalić boot: "DrWeb-500-LiveCD": zatrzymuje się na wypakowywaniu "nfsd modul" i zaczynają migać wspólnie 2 LEDy na klawiaturze.
- podobnie nie mogę odpalić boot: "Kaspersky-LiveCD"
Proszę o kontrolę logów i wskazówki:
- Kod: Zaznacz wszystko
ComboFix 09-12-08.04 - user 2009-12-09 10:19:35.8.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1250.48.1045.18.254.124 [GMT 1:00]
Uruchomiony z: c:\documents and settings\user\Pulpit\ComboFix.exe
AV: AVG Anti-Virus plus Firewall *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: AVG Firewall *disabled* {8decf618-9569-4340-b34a-d78d28969b66}
FW: F-Secure Anti-Virus 2006 6.10 *disabled* {D4747503-0346-49EB-9262-997542F79BF4}
.
((((((((((((((((((((((((( Pliki utworzone od 2009-11-09 do 2009-12-09 )))))))))))))))))))))))))))))))
.
2009-12-04 12:38 . 2009-12-04 12:23 158224 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2009-12-04 12:36 . 2009-12-04 12:36 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Trend Micro
2009-12-04 12:19 . 2009-12-04 12:19 -------- d-----w- c:\documents and settings\Administrator\Ustawienia lokalne\Dane aplikacji\GHISLER
2009-12-04 07:18 . 2009-11-24 23:47 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-12-03 11:41 . 2009-11-24 23:50 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-12-03 11:41 . 2009-11-24 23:50 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-12-03 11:17 . 2009-11-24 23:48 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-12-03 11:17 . 2009-11-24 23:49 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-12-03 11:17 . 2009-11-24 23:47 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-12-03 11:17 . 2009-11-24 23:51 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-12-03 11:17 . 2009-11-24 23:50 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-12-01 12:11 . 2009-12-01 12:11 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\SUPERAntiSpyware.com
2009-11-26 13:05 . 2009-11-26 13:05 -------- d-----w- c:\program files\MSXML 4.0
2009-11-24 08:07 . 2009-11-24 08:07 -------- d-----w- c:\documents and settings\user\Dane aplikacji\AdobeUM
2009-11-19 14:57 . 2009-11-19 14:57 -------- d-----w- c:\documents and settings\user\Ustawienia lokalne\Dane aplikacji\Sophos
2009-11-19 14:36 . 2009-11-19 14:36 -------- d-----w- C:\stdtsa
2009-11-19 10:42 . 2009-11-19 10:42 -------- d-----w- c:\documents and settings\user\Ustawienia lokalne\Dane aplikacji\GHISLER
2009-11-18 12:43 . 2009-12-04 12:56 117760 ----a-w- c:\documents and settings\user\Dane aplikacji\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-11-18 12:24 . 2009-12-01 12:11 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-11-18 12:24 . 2009-11-18 12:24 -------- d-----w- c:\documents and settings\user\Dane aplikacji\SUPERAntiSpyware.com
2009-11-18 12:19 . 2009-11-18 12:19 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-11-17 10:02 . 2009-11-18 15:09 -------- d-----w- c:\windows\system32\CatRoot2
2009-11-16 12:28 . 2009-11-26 10:39 -------- d-----w- C:\symbols
2009-11-16 12:24 . 2009-11-26 10:26 -------- d-----w- c:\program files\Debugging Tools for Windows (x86)
2009-11-16 08:06 . 2009-11-16 08:06 96408 ----a-w- c:\windows\system32\drivers\epfwtdir.sys
2009-11-16 08:03 . 2009-11-16 08:03 108792 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2009-11-16 07:56 . 2009-11-16 07:56 116520 ----a-w- c:\windows\system32\drivers\eamon.sys
2009-11-12 14:32 . 2009-11-17 16:14 -------- d-----w- c:\windows\system32\NtmsData
2009-11-12 13:56 . 2009-11-12 13:56 -------- d-----w- c:\documents and settings\user\Dane aplikacji\GlarySoft
2009-11-12 13:49 . 2009-11-19 14:29 -------- d-----w- c:\program files\Glary Utilities
2009-11-12 12:13 . 2009-10-31 07:31 926720 ----a-w- c:\windows\system32\MyDefragScreenSaver.exe
2009-11-12 12:13 . 2009-10-28 08:58 93696 ----a-w- c:\windows\system32\MyDefragScreenSaver.scr
2009-11-12 12:13 . 2009-11-13 11:15 -------- d-----w- c:\program files\MyDefrag v4.2.5
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-09 09:28 . 2009-07-02 14:26 1190823968 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-12-09 08:34 . 2009-07-02 14:26 13929248 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-12-07 10:35 . 2009-02-13 10:03 -------- d-----w- c:\program files\ESET
2009-12-04 12:26 . 2006-07-11 11:48 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Spybot - Search & Destroy
2009-12-03 14:52 . 2009-10-15 11:47 -------- d-----w- c:\program files\a-squared Free
2009-12-02 10:01 . 2009-10-21 09:36 1 ----a-w- c:\documents and settings\user\Dane aplikacji\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-11-25 10:40 . 2008-04-16 12:15 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\ESET
2009-11-18 15:35 . 2009-06-22 14:25 -------- d-----w- c:\program files\Odkurzacz
2009-10-26 07:21 . 2004-08-04 12:00 79298 ----a-w- c:\windows\system32\perfc015.dat
2009-10-26 07:21 . 2004-08-04 12:00 453762 ----a-w- c:\windows\system32\perfh015.dat
2009-10-23 08:49 . 2009-01-29 10:08 -------- d-----w- c:\documents and settings\user\Dane aplikacji\Auslogics
2009-10-23 08:48 . 2009-01-29 10:08 -------- d-----w- c:\program files\Auslogics
2009-10-22 12:48 . 2001-11-07 08:38 8224 ----a-w- c:\documents and settings\user\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
2009-10-22 10:47 . 2009-10-22 10:47 60728 ----a-w- c:\documents and settings\Administrator\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
2009-10-21 08:36 . 2009-10-21 08:36 -------- d-----w- c:\program files\JRE
2009-10-21 08:35 . 2009-10-20 10:41 -------- d-----w- c:\program files\OpenOffice.org 3
2009-10-20 11:26 . 2009-10-20 11:26 -------- d-----w- c:\documents and settings\user\Dane aplikacji\OpenOffice.org
2009-10-20 10:38 . 2009-10-20 10:39 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-20 10:38 . 2006-07-12 09:46 -------- d-----w- c:\program files\Java
2009-10-20 09:37 . 2006-08-10 13:07 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Apple Computer
2009-10-15 13:10 . 2008-10-28 07:45 -------- d-----w- c:\program files\Common Files\Apple
2009-10-15 13:01 . 2006-07-07 08:06 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-10-01 08:29 . 2009-10-05 06:14 195440 ------w- c:\windows\system32\MpSigStub.exe
2006-10-18 08:21 . 2006-10-18 08:21 766 ----a-w- c:\program files\Common Files\sms.ico
2006-10-18 08:21 . 2006-10-18 08:21 70 ----a-w- c:\program files\Common Files\moje.js
.
------- Sigcheck -------
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys
[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\asyncmac.sys
[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys
[-] 2009-07-07 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys
[-] 2008-04-14 . 2AECA45D4AEAACBDCB77AD11184E4601 . 24960 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kbdclass.sys
[-] 2008-04-14 . 2AECA45D4AEAACBDCB77AD11184E4601 . 24960 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ndis.sys
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys
[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntfs.sys
[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys
[-] 2009-07-07 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
[-] 2008-04-14 . B98ED6D85339A66A73F32FB569EB6C01 . 77824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\browser.dll
[-] 2008-04-14 . B98ED6D85339A66A73F32FB569EB6C01 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll
[-] 2008-04-14 . 88296F7943F30A1EE3AF735440B92268 . 13312 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lsass.exe
[-] 2008-04-14 . 88296F7943F30A1EE3AF735440B92268 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe
[-] 2008-04-14 . 4FE97D0B1B182DF2A9BDD4C02155EF5E . 198144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netman.dll
[-] 2008-04-14 . 4FE97D0B1B182DF2A9BDD4C02155EF5E . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll
[-] 2008-04-14 . 78200FAA6FD9C69394134C238C87FB7F . 409088 . . [6.7.2600.5512] . . c:\windows\ServicePackFiles\i386\qmgr.dll
[-] 2008-04-14 . 78200FAA6FD9C69394134C238C87FB7F . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll
[-] 2008-04-14 . 78200FAA6FD9C69394134C238C87FB7F . 409088 . . [6.7.2600.5512] . . c:\windows\system32\bits\qmgr.dll
[-] 2009-02-09 . A37311D9D628C1042A2836731787F0F3 . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll
[-] 2008-04-14 . 02396DAB9DD407B06539981F477F3FEC . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll
[-] 2009-02-09 . 02A467E27AF55F7064C5B251E587315F . 111104 . . [5.1.2600.5755] . . c:\windows\system32\services.exe
[-] 2008-04-14 . 3E3AE424E27C4CEFE4CAB368C7B570EA . 109056 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe
[-] 2008-04-14 . DD69EC597AB942C39B950D9C3CE1375D . 57856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\spoolsv.exe
[-] 2008-04-14 . DD69EC597AB942C39B950D9C3CE1375D . 57856 . . [5.1.2600.5512] . . c:\windows\system32\spoolsv.exe
[-] 2008-04-14 . 51FD2E13D723857B9CA239AE77150F48 . 510464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2008-04-14 . 51FD2E13D723857B9CA239AE77150F48 . 510464 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[-] 2008-04-14 . 0BE00656B7CAEDE754AEE4D7AD13B687 . 617472 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll
[-] 2008-04-14 . 0BE00656B7CAEDE754AEE4D7AD13B687 . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2008-04-14 . 6B105FE95F2E9F0B6346044BA59D41C9 . 62464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\cryptsvc.dll
[-] 2008-04-14 . 6B105FE95F2E9F0B6346044BA59D41C9 . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll
[-] 2008-07-07 20:29 . 6AFF804839C85859E0247164FBE5F5BB . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll
[-] 2008-04-14 17:20 . BE1B1412A3D488C50B8F67F792196108 . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll
[-] 2008-04-14 . 2E9A03268E609917B83921EE16FD9CFB . 110080 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\imm32.dll
[-] 2008-04-14 . 2E9A03268E609917B83921EE16FD9CFB . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll
[-] 2009-03-21 . 77C951B64413E80EEC0359426DCA938B . 1018368 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll
[-] 2008-04-14 . FCE4ECC34A36EDACF03DBE8DE5E28910 . 1018368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll
[-] 2008-04-14 . EA8DF0AF49E2616F55BF327549E44368 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\linkinfo.dll
[-] 2008-04-14 . EA8DF0AF49E2616F55BF327549E44368 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll
[-] 2008-04-14 . A9C89DBAD5EFF7A06B58302778674507 . 22016 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lpk.dll
[-] 2008-04-14 . A9C89DBAD5EFF7A06B58302778674507 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll
[-] 2009-08-29 . 23BE5AD9639C742BC184044B96838B9A . 5940224 . . [8.00.6001.18828] . . c:\windows\SDOLD\Download\3cc170a6a0e95dd7abb4950e0d1598aa\SP3GDR\mshtml.dll
[-] 2009-08-29 . 23BE5AD9639C742BC184044B96838B9A . 5940224 . . [8.00.6001.18828] . . c:\windows\SoftwareDistribution\Download\3cc170a6a0e95dd7abb4950e0d1598aa\SP3GDR\mshtml.dll
[-] 2009-08-29 . 1A4A2CC1C1FA43018B4547F762DE051B . 5942272 . . [8.00.6001.22918] . . c:\windows\SDOLD\Download\3cc170a6a0e95dd7abb4950e0d1598aa\SP3QFE\mshtml.dll
[-] 2009-08-29 . 1A4A2CC1C1FA43018B4547F762DE051B . 5942272 . . [8.00.6001.22918] . . c:\windows\SoftwareDistribution\Download\3cc170a6a0e95dd7abb4950e0d1598aa\SP3QFE\mshtml.dll
[-] 2009-07-19 . 74C1A672F0914C8368043A65CD3092D5 . 5937152 . . [8.00.6001.18812] . . c:\windows\SDOLD\Download\529499d57a315055f0ee13ba21286cff\SP3GDR\mshtml.dll
[-] 2009-07-19 . 4CFBAF18CECE59325A14D2213D70F764 . 5938176 . . [8.00.6001.22902] . . c:\windows\SDOLD\Download\529499d57a315055f0ee13ba21286cff\SP3QFE\mshtml.dll
[-] 2009-05-13 . A3408ADEF62CDC50EE74FDD1470737B1 . 5936128 . . [8.00.6001.18783] . . c:\windows\system32\mshtml.dll
[-] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB969897-IE8\mshtml.dll
[-] 2009-02-20 . 9D03BBE17A001FD7A9C0253A0DCC9D9D . 3595264 . . [7.00.6000.16825] . . c:\windows\ie8\mshtml.dll
[-] 2009-01-16 . 8AFEE6CE17660FF216CB637FEEF7B26B . 3594752 . . [7.00.6000.16809] . . c:\windows\ie7updates\KB963027-IE7\mshtml.dll
[-] 2008-12-13 . 579E5D632BC80AAC90162DE4C7A1BDB1 . 3593216 . . [7.00.6000.16788] . . c:\windows\ie7updates\KB961260-IE7\mshtml.dll
[-] 2008-08-27 . 0410D6F5E680E4564E6610815383B8C1 . 3593216 . . [7.00.6000.16735] . . c:\windows\ie7updates\KB960714-IE7\mshtml.dll
[-] 2008-06-24 . 8E1B68A759E08E85952BE774D33F7BFC . 3592192 . . [7.00.6000.16705] . . c:\windows\ie7updates\KB956390-IE7\mshtml.dll
[-] 2008-04-23 . E0D4EEF4BF3586B05AB23ED1CEEC8C5D . 3591680 . . [7.00.6000.16674] . . c:\windows\ie7updates\KB953838-IE7\mshtml.dll
[-] 2008-04-14 . EBEF7EDB0DF1B4BF195FDA7CCFB7AC30 . 3066880 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\mshtml.dll
[-] 2008-03-01 . 8B994BB807C03EFE52561B832204D8BA . 3591680 . . [7.00.6000.16640] . . c:\windows\ie7updates\KB950759-IE7\mshtml.dll
[-] 2007-12-08 . 5D521EC08619F4FD2327D80437D9FD32 . 3592192 . . [7.00.6000.16608] . . c:\windows\ie7updates\KB947864-IE7\mshtml.dll
[-] 2007-10-30 . 400E4157E82FCC9D7FB50601F64F4059 . 3590656 . . [7.00.6000.16587] . . c:\windows\ie7updates\KB944533-IE7\mshtml.dll
[-] 2007-08-20 . 51F943C24CB1728C96BC277A8A7C65F4 . 3584512 . . [7.00.6000.16544] . . c:\windows\ie7updates\KB942615-IE7\mshtml.dll
[-] 2007-07-19 . 3C13DD7222F2DB0D610A51DB4FFFCA0E . 3583488 . . [7.00.6000.16525] . . c:\windows\ie7updates\KB939653-IE7\mshtml.dll
[-] 2007-05-08 . 6A1D042F6023F4D8D3C98EB86FCBF6F9 . 3583488 . . [7.00.6000.16481] . . c:\windows\ie7updates\KB937143-IE7\mshtml.dll
[-] 2007-03-07 . 23E347CA5D6A49A6A0773CF5C05C07C1 . 3581952 . . [7.00.6000.16441] . . c:\windows\ie7updates\KB933566-IE7\mshtml.dll
[-] 2006-10-23 . 7B1FFE57376780368269AE0523FE5473 . 3082240 . . [6.00.2900.3020] . . c:\windows\ie7\mshtml.dll
[-] 2008-04-14 . 411864012AC39F2B57319AEF64D336DF . 343040 . . [7.0.2600.5512] . . c:\windows\ServicePackFiles\i386\msvcrt.dll
[-] 2008-04-14 . 411864012AC39F2B57319AEF64D336DF . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll
[-] 2008-06-20 . 300BCC512DE4038F1494230941DB2C2A . 246784 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll
[-] 2008-04-14 . 612E31FCAC1040EDD78ECAC81C9F859F . 246784 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\mswsock.dll
[-] 2008-04-14 . 9858AD0A3FCD83C3B100EDD5852DE540 . 407040 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netlogon.dll
[-] 2008-04-14 . 9858AD0A3FCD83C3B100EDD5852DE540 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll
[-] 2009-08-04 . 124513B399DE101C27E53C49E3CDBB1D . 2190464 . . [5.1.2600.5857] . . c:\windows\SDOLD\Download\476f203ead7f9ec9e6bfc508c6f58a66\SP3GDR\ntoskrnl.exe
[-] 2009-08-04 . 124513B399DE101C27E53C49E3CDBB1D . 2190464 . . [5.1.2600.5857] . . c:\windows\SoftwareDistribution\Download\476f203ead7f9ec9e6bfc508c6f58a66\SP3GDR\ntoskrnl.exe
[-] 2009-08-04 . 852F46B1DFEB0F9A6645C4900DFDA17F . 2190592 . . [5.1.2600.5857] . . c:\windows\SDOLD\Download\476f203ead7f9ec9e6bfc508c6f58a66\SP3QFE\ntoskrnl.exe
[-] 2009-08-04 . 852F46B1DFEB0F9A6645C4900DFDA17F . 2190592 . . [5.1.2600.5857] . . c:\windows\SoftwareDistribution\Download\476f203ead7f9ec9e6bfc508c6f58a66\SP3QFE\ntoskrnl.exe
[-] 2009-08-04 . 21110D7C9035A86560DA6E5875D66398 . 2187264 . . [5.1.2600.3610] . . c:\windows\SDOLD\Download\476f203ead7f9ec9e6bfc508c6f58a66\SP2QFE\ntoskrnl.exe
[-] 2009-08-04 . 21110D7C9035A86560DA6E5875D66398 . 2187264 . . [5.1.2600.3610] . . c:\windows\SoftwareDistribution\Download\476f203ead7f9ec9e6bfc508c6f58a66\SP2QFE\ntoskrnl.exe
[-] 2009-08-04 . 31710BFB578556704D917CA6BCEB50B1 . 2181632 . . [5.1.2600.3610] . . c:\windows\SDOLD\Download\476f203ead7f9ec9e6bfc508c6f58a66\SP2GDR\ntoskrnl.exe
[-] 2009-08-04 . 31710BFB578556704D917CA6BCEB50B1 . 2181632 . . [5.1.2600.3610] . . c:\windows\SoftwareDistribution\Download\476f203ead7f9ec9e6bfc508c6f58a66\SP2GDR\ntoskrnl.exe
[-] 2009-02-09 . F9489C6615A62A5EB3A19FA684AD4415 . 2190336 . . [5.1.2600.5755] . . c:\windows\Driver Cache\i386\ntoskrnl.exe
[-] 2009-02-09 . F9489C6615A62A5EB3A19FA684AD4415 . 2190336 . . [5.1.2600.5755] . . c:\windows\system32\ntoskrnl.exe
[-] 2008-04-14 . 8CA14ECF04594EABBE93C9FF2E3CBFB1 . 2190336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntoskrnl.exe
[-] 2008-04-14 . 414C17A2958AEDAC700BBAAFBF999F94 . 17408 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\powrprof.dll
[-] 2008-04-14 . 414C17A2958AEDAC700BBAAFBF999F94 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll
[-] 2008-04-14 . 3F74B6B4E2721272A117D25990141F73 . 186368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\scecli.dll
[-] 2008-04-14 . 3F74B6B4E2721272A117D25990141F73 . 186368 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll
[-] 2008-04-14 . 71C6AB6EB8CF1190BAC7075F82BD8F05 . 5120 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfc.dll
[-] 2008-04-14 . 71C6AB6EB8CF1190BAC7075F82BD8F05 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll
[-] 2008-04-14 . 8607D35D92528E2DF386F19A960D23CE . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\svchost.exe
[-] 2008-04-14 . 8607D35D92528E2DF386F19A960D23CE . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe
[-] 2008-04-14 . 2340E6977548038C88E39A9ECBB3FADC . 249856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tapisrv.dll
[-] 2008-04-14 . 2340E6977548038C88E39A9ECBB3FADC . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll
[-] 2008-04-14 . A435C5C069AFD901751AC323AD238793 . 580096 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll
[-] 2008-04-14 . A435C5C069AFD901751AC323AD238793 . 580096 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2008-04-14 . 2A5B37D520508BE6570A3EA79695F5B5 . 26624 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\userinit.exe
[-] 2008-04-14 . 2A5B37D520508BE6570A3EA79695F5B5 . 26624 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe
[-] 2009-08-29 . 570970507FF66F3533621FA055BACC32 . 916480 . . [8.00.6001.18828] . . c:\windows\SDOLD\Download\3cc170a6a0e95dd7abb4950e0d1598aa\SP3GDR\wininet.dll
[-] 2009-08-29 . 570970507FF66F3533621FA055BACC32 . 916480 . . [8.00.6001.18828] . . c:\windows\SoftwareDistribution\Download\3cc170a6a0e95dd7abb4950e0d1598aa\SP3GDR\wininet.dll
[-] 2009-08-29 . 7BA8B62426AB363119999D991BBD235E . 916480 . . [8.00.6001.22918] . . c:\windows\SDOLD\Download\3cc170a6a0e95dd7abb4950e0d1598aa\SP3QFE\wininet.dll
[-] 2009-08-29 . 7BA8B62426AB363119999D991BBD235E . 916480 . . [8.00.6001.22918] . . c:\windows\SoftwareDistribution\Download\3cc170a6a0e95dd7abb4950e0d1598aa\SP3QFE\wininet.dll
[-] 2009-07-03 . 6EFB7B7C68757A3BD99FC2401EA167D5 . 915456 . . [8.00.6001.22896] . . c:\windows\SDOLD\Download\529499d57a315055f0ee13ba21286cff\SP3QFE\wininet.dll
[-] 2009-07-03 . 8F3A21E994DEA3A8DCFB0809F68E5A7B . 915456 . . [8.00.6001.18806] . . c:\windows\SDOLD\Download\529499d57a315055f0ee13ba21286cff\SP3GDR\wininet.dll
[-] 2009-05-13 . 988930E5A383BD40D128E1FCFA382E7E . 915456 . . [8.00.6001.18783] . . c:\windows\system32\wininet.dll
[-] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB969897-IE8\wininet.dll
[-] 2009-03-03 . 1C282E4ED2E3106D3CC8E6627DD4CB61 . 826368 . . [7.00.6000.16827] . . c:\windows\ie8\wininet.dll
[-] 2008-12-20 . 83A0AB84F256E41ABB724C6F67F803AC . 826368 . . [7.00.6000.16791] . . c:\windows\ie7updates\KB963027-IE7\wininet.dll
[-] 2008-10-16 . AE07C4B0DA51517CFFB9C20C4A6DF4A3 . 826368 . . [7.00.6000.16762] . . c:\windows\ie7updates\KB961260-IE7\wininet.dll
[-] 2008-08-26 . 56422E11AA9B71E4E4B26E3BD6122189 . 826368 . . [7.00.6000.16735] . . c:\windows\ie7updates\KB958215-IE7\wininet.dll
[-] 2008-06-23 . 15C09E8A74A0988FB2F24EFF9D68D886 . 826368 . . [7.00.6000.16705] . . c:\windows\ie7updates\KB956390-IE7\wininet.dll
[-] 2008-04-23 . E1C03D3BBA5FED8C37DF83A57890978D . 826368 . . [7.00.6000.16674] . . c:\windows\ie7updates\KB953838-IE7\wininet.dll
[-] 2008-04-14 . 0457F0AFD6EE10445D8CF721FB5FA4EB . 668672 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\wininet.dll
[-] 2008-03-01 . ACB31B4ED243D4DFFA5268F4AD2B0D6F . 826368 . . [7.00.6000.16640] . . c:\windows\ie7updates\KB950759-IE7\wininet.dll
[-] 2007-12-07 . 01412A2ABD1154B25D4F5B5450585BB3 . 824832 . . [7.00.6000.16608] . . c:\windows\ie7updates\KB947864-IE7\wininet.dll
[-] 2007-10-10 . 21AF9692C43E6E5F02422026E20886AA . 824832 . . [7.00.6000.16574] . . c:\windows\ie7updates\KB944533-IE7\wininet.dll
[-] 2007-08-20 . EE0D310C577662B6219C0643B17C4150 . 824832 . . [7.00.6000.16544] . . c:\windows\ie7updates\KB942615-IE7\wininet.dll
[-] 2007-06-27 . 6D866EDD24FF7D48E6F1D72F9E5FEA52 . 823808 . . [7.00.6000.16512] . . c:\windows\ie7updates\KB939653-IE7\wininet.dll
[-] 2007-04-25 . 307450BB7171F98F729608C8651C03AB . 822784 . . [7.00.6000.16473] . . c:\windows\ie7updates\KB937143-IE7\wininet.dll
[-] 2007-03-07 . 20AE658FB42B4862EA3DB2ADDFA58492 . 822784 . . [7.00.6000.16441] . . c:\windows\ie7updates\KB933566-IE7\wininet.dll
[-] 2006-10-23 . 94C7BC5C38CCBFE9F23EDFBD680AC3D5 . 667136 . . [6.00.2900.3020] . . c:\windows\ie7\wininet.dll
[-] 2008-04-14 . C0AA2AB856680C44739B41E01F5BD4E9 . 82432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2_32.dll
[-] 2008-04-14 . C0AA2AB856680C44739B41E01F5BD4E9 . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll
[-] 2008-04-14 . C791ED9EAC5E76D9525E157B1D7A599A . 1035264 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . C791ED9EAC5E76D9525E157B1D7A599A . 1035264 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2008-04-14 . 316D0E66074AE4CDE641C50D3A1C5148 . 171520 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll
[-] 2008-04-14 . 316D0E66074AE4CDE641C50D3A1C5148 . 171520 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2008-04-14 . CC07DA5A1CB214ADDFA50B2FA6935F18 . 13824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wscntfy.exe
[-] 2008-04-14 . CC07DA5A1CB214ADDFA50B2FA6935F18 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe
[-] 2008-04-14 . 24ED6935771359A5AEF1FE8BF0C56F39 . 129024 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\xmlprov.dll
[-] 2008-04-14 . 24ED6935771359A5AEF1FE8BF0C56F39 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll
[-] 2008-04-14 . 35FCCFD093582FA9098762E6F84EE119 . 56320 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\eventlog.dll
[-] 2008-04-14 . 35FCCFD093582FA9098762E6F84EE119 . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll
[-] 2008-04-14 . A9ED600F08A92143253C10EDB5651ECF . 1571840 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll
[-] 2008-04-14 . A9ED600F08A92143253C10EDB5651ECF . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
[-] 2009-06-24 06:27 . C3A2915C71AE6F225EB906C25CCD29B5 . 24064 . . [1.0.0.5] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2009-06-24 06:27 . C3A2915C71AE6F225EB906C25CCD29B5 . 24064 . . [1.0.0.5] . . c:\windows\system32\ctfmon.exe
[-] 2008-04-14 . 8AD90ED829B8404D962545ED3EFB1129 . 135680 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\shsvcs.dll
[-] 2008-04-14 . 8AD90ED829B8404D962545ED3EFB1129 . 135680 . . [6.00.2900.5512] . . c:\windows\system32\shsvcs.dll
[-] 2008-04-14 . B472B59EF98469C91651B751D3442CB8 . 59904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regsvc.dll
[-] 2008-04-14 . B472B59EF98469C91651B751D3442CB8 . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll
[-] 2008-04-14 . DD73C11A5C4D14945846384B90A61A4B . 193536 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\schedsvc.dll
[-] 2008-04-14 . DD73C11A5C4D14945846384B90A61A4B . 193536 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll
[-] 2008-04-14 . 2C0B1224AA36B4CA1753302BAA855882 . 71680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ssdpsrv.dll
[-] 2008-04-14 . 2C0B1224AA36B4CA1753302BAA855882 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll
[-] 2008-04-14 . 52E0505408EDD4AB5CCC7F83B67B4299 . 296448 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\termsrv.dll
[-] 2008-04-14 . 52E0505408EDD4AB5CCC7F83B67B4299 . 296448 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll
[-] 2008-04-14 . 1561430DA2F2AB81CC0CE71AF95A778D . 172032 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\appmgmts.dll
[-] 2008-04-14 . 1561430DA2F2AB81CC0CE71AF95A778D . 172032 . . [5.1.2600.5512] . . c:\windows\system32\appmgmts.dll
[-] 2004-08-04 . 66A42B7DB194E24B973BBCCE840A0F3F . 12032 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys
[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ServicePackFiles\i386\aec.sys
[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys
[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\agp440.sys
[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\drivers\agp440.sys
[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ip6fw.sys
[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys
[-] 2008-04-14 17:20 . E43B998C777D43FB8624741B4567BCD9 . 927504 . . [4.1.0.61] . . c:\windows\ServicePackFiles\i386\mfc40u.dll
[-] 2008-04-14 17:20 . E43B998C777D43FB8624741B4567BCD9 . 927504 . . [4.1.0.61] . . c:\windows\system32\mfc40u.dll
[-] 2008-04-14 . 36F3AB18B1BE303DA51DE90A67DE3942 . 33792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msgsvc.dll
[-] 2008-04-14 . 36F3AB18B1BE303DA51DE90A67DE3942 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll
[-] 2006-10-18 19:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll
[-] 2009-08-04 . C53EABC223BBF858A16DCC7C047F92DA . 2067456 . . [5.1.2600.5857] . . c:\windows\SDOLD\Download\476f203ead7f9ec9e6bfc508c6f58a66\SP3QFE\ntkrnlpa.exe
[-] 2009-08-04 . C53EABC223BBF858A16DCC7C047F92DA . 2067456 . . [5.1.2600.5857] . . c:\windows\SoftwareDistribution\Download\476f203ead7f9ec9e6bfc508c6f58a66\SP3QFE\ntkrnlpa.exe
[-] 2009-08-04 . 9ACB4A31FFEB21C03ACA123B5D378B7A . 2067328 . . [5.1.2600.5857] . . c:\windows\SDOLD\Download\476f203ead7f9ec9e6bfc508c6f58a66\SP3GDR\ntkrnlpa.exe
[-] 2009-08-04 . 9ACB4A31FFEB21C03ACA123B5D378B7A . 2067328 . . [5.1.2600.5857] . . c:\windows\SoftwareDistribution\Download\476f203ead7f9ec9e6bfc508c6f58a66\SP3GDR\ntkrnlpa.exe
[-] 2009-08-04 . B8A26396E0976A62192CD885488C7E17 . 2064256 . . [5.1.2600.3610] . . c:\windows\SDOLD\Download\476f203ead7f9ec9e6bfc508c6f58a66\SP2QFE\ntkrnlpa.exe
[-] 2009-08-04 . B8A26396E0976A62192CD885488C7E17 . 2064256 . . [5.1.2600.3610] . . c:\windows\SoftwareDistribution\Download\476f203ead7f9ec9e6bfc508c6f58a66\SP2QFE\ntkrnlpa.exe
[-] 2009-08-04 . 33AC0C0AE7477AFEB70A36A737288868 . 2059008 . . [5.1.2600.3610] . . c:\windows\SDOLD\Download\476f203ead7f9ec9e6bfc508c6f58a66\SP2GDR\ntkrnlpa.exe
[-] 2009-08-04 . 33AC0C0AE7477AFEB70A36A737288868 . 2059008 . . [5.1.2600.3610] . . c:\windows\SoftwareDistribution\Download\476f203ead7f9ec9e6bfc508c6f58a66\SP2GDR\ntkrnlpa.exe
[-] 2009-02-10 . AE8D75A5457D995EACE1B160FCF3D5E4 . 2067328 . . [5.1.2600.5755] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe
[-] 2009-02-10 . AE8D75A5457D995EACE1B160FCF3D5E4 . 2067328 . . [5.1.2600.5755] . . c:\windows\system32\ntkrnlpa.exe
[-] 2008-04-14 . 4BBA965664FAA56B187C27F4CAD7E7C5 . 2067200 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntkrnlpa.exe
[-] 2008-04-14 17:20 . 3FB5399DBB7001A80D58EDAD64C98225 . 435712 . . [5.1.2400.5512] . . c:\windows\ServicePackFiles\i386\ntmssvc.dll
[-] 2008-04-14 17:20 . 3FB5399DBB7001A80D58EDAD64C98225 . 435712 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll
[-] 2008-04-14 . E96A6BAEE0B2A14A38B45830D6E30697 . 186880 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\upnphost.dll
[-] 2008-04-14 . E96A6BAEE0B2A14A38B45830D6E30697 . 186880 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-11-16 2054360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMBalloonTip"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
"NoThumbnailCache"= 1 (0x1)
"link"= 00000000
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\docume~1\ALLUSE~1\DANEAP~1\SPYWAR~1\sp_rsdel.exe \??\c:\docume~1\ALLUSE~1\DANEAP~1\SPYWAR~1\sp_rsdel.dat
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]
@=""
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Speed Launch.lnk]
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^AutoUpdate Monitor.lnk]
path=c:\documents and settings\All Users\Menu Start\Programy\Autostart\AutoUpdate Monitor.lnk
backup=c:\windows\pss\AutoUpdate Monitor.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^DSLMON.lnk]
backup=c:\windows\pss\DSLMON.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^GetRight - Tray Icon.lnk]
backup=c:\windows\pss\GetRight - Tray Icon.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Microsoft Works Calendar Reminders.lnk]
backup=c:\windows\pss\Microsoft Works Calendar Reminders.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Trend Micro Anti-Spyware.lnk]
backup=c:\windows\pss\Trend Micro Anti-Spyware.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^USB Sharing.lnk]
backup=c:\windows\pss\USB Sharing.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^user^Menu Start^Programy^Autostart^OpenOffice.org 2.0.lnk]
backup=c:\windows\pss\OpenOffice.org 2.0.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^user^Menu Start^Programy^Autostart^OpenOffice.ux.pl 2.0.3.lnk]
backup=c:\windows\pss\OpenOffice.ux.pl 2.0.3.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Glary Memory Optimizer]
2009-11-03 09:21 102712 ----a-w- c:\program files\Glary Utilities\memdefrag.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2009-05-26 09:05 1830128 ----a-w- c:\program files\SUPERAntiSpyware\4265f18f-d091-4ad1-9f7b-2bf0bba70d19.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"a2free"=2 (0x2)
"a2AntiDialer"=2 (0x2)
"WMPNetworkSvc"=3 (0x3)
"LightScribeService"=2 (0x2)
"JavaQuickStarterService"=2 (0x2)
"IDriverT"=3 (0x3)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-12-03 114768]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2009-11-16 108792]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2009-11-16 96408]
R1 is-D0I1Hdrv;is-D0I1Hdrv;c:\windows\system32\drivers\86345311.sys [2009-07-02 148496]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2009-05-26 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2009-05-26 72944]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-12-03 20560]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-11-16 735960]
S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s --> c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s [?]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2009-05-26 7408]
S4 a2free;a-squared Free Service;c:\program files\a-squared Free\a2service.exe [2009-10-15 1858144]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-04-19 12:23 452136 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
------- Skan uzupełniający -------
.
TCP: {A7D1746C-2395-4906-B8A9-7D54AA8677B5} = 192.168.2.1
.
- - - - USUNIĘTO PUSTE WPISY - - - -
MSConfigStartUp-SpywareTerminatorUpdate - c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe
MSConfigStartUp-UfSeAgnt - (no file)
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-09 10:27
Windows 5.1.2600 Dodatek Service Pack 3 NTFS
skanowanie ukrytych procesów ...
skanowanie ukrytych wpisów autostartu ...
skanowanie ukrytych plików ...
skanowanie pomyślnie ukończone
ukryte pliki: 0
**************************************************************************
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
[HKEY_USERS\S-1-5-21-2025429265-839522115-1708537768-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------
- - - - - - - > 'explorer.exe'(1364)
c:\windows\system32\WININET.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Czas ukończenia: 2009-12-09 10:34:36
ComboFix-quarantined-files.txt 2009-12-09 09:34
Przed: 8 402 784 256 bajtów wolnych
Po: 8 404 443 136 bajtów wolnych
- - End Of File - - C33296BBDCD587BFA9D07A50C04586FB
****************************************************************************
- Kod: Zaznacz wszystko
DDS (Ver_09-12-01.01) - NTFSx86
Run by user at 16:06:20,42 on 2009-12-10
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_16
============== Running Processes ===============
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\user\Pulpit\windows-kb890830-v3.2.exe
e:\2d4d2ef95c450b1bb91f5aca99c3\mrtstub.exe
C:\WINDOWS\system32\MRT.exe
C:\Documents and Settings\user\Pulpit\dds.scr
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
============== Pseudo HJT Report ===============
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://www.strefa.pl/
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
uRun: [Glary Memory Optimizer] ; "c:\program files\glary utilities\memdefrag.exe" /autostart
mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice
uPolicies-explorer: NoSMBalloonTip = 1 (0x1)
uPolicies-explorer: NoResolveTrack = 1 (0x1)
uPolicies-explorer: NoThumbnailCache = 1 (0x1)
uPolicies-explorer: link = 00000000
mPolicies-explorer: NoResolveTrack = 1 (0x1)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} - hxxp://office.microsoft.com/officeupdate/content/opuc4.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: {A7D1746C-2395-4906-B8A9-7D54AA8677B5} = 192.168.2.1
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
============= SERVICES / DRIVERS ===============
R? a2free;a-squared Free Service
R? FirebirdServerDefaultInstance;Firebird Server - DefaultInstance
S? aswFsBlk;aswFsBlk
S? aswSP;avast! Self Protection
S? ehdrv;ehdrv
S? ekrn;ESET Service
S? epfwtdir;epfwtdir
S? is-D0I1Hdrv;is-D0I1Hdrv
=============== Created Last 30 ================
2009-12-10 10:56:44 0 d-----w- c:\documents and settings\user\SecurityScans
2009-12-10 10:56:10 0 d-----w- c:\program files\Microsoft Baseline Security Analyzer 2
2009-12-10 07:05:13 1089883 -c----w- c:\windows\system32\dllcache\ntprint.cat
2009-12-10 07:04:38 184320 -c----w- c:\windows\system32\dllcache\iepeers.dll
2009-12-10 07:04:35 5940736 -c----w- c:\windows\system32\dllcache\mshtml.dll
2009-12-10 07:04:28 25600 -c----w- c:\windows\system32\dllcache\jsproxy.dll
2009-12-10 07:04:21 916480 -c----w- c:\windows\system32\dllcache\wininet.dll
2009-12-10 07:04:20 1469440 -c----w- c:\windows\system32\dllcache\inetcpl.cpl
2009-12-10 07:04:19 206848 -c----w- c:\windows\system32\dllcache\occache.dll
2009-12-10 07:04:18 1208832 -c----w- c:\windows\system32\dllcache\urlmon.dll
2009-12-10 07:04:14 173056 -c----w- c:\windows\system32\dllcache\ie4uinit.exe
2009-12-10 07:04:11 387584 -c----w- c:\windows\system32\dllcache\iedkcs32.dll
2009-12-09 12:16:01 0 d-----w- c:\windows\system32\XPSViewer
2009-12-09 12:14:31 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-12-09 12:14:31 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-12-09 12:14:31 117760 ------w- c:\windows\system32\prntvpt.dll
2009-12-09 12:14:30 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-12-09 12:14:30 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-12-09 12:14:30 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2009-12-09 12:14:30 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-12-09 11:05:23 0 d--h--w- c:\windows\$hf_mig$
2009-12-09 09:18:05 77312 ----a-w- c:\windows\MBR.exe
2009-12-04 12:38:46 158224 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2009-12-04 12:36:29 0 d-----w- c:\docume~1\alluse~1\daneap~1\Trend Micro
2009-12-01 12:11:40 0 d-----w- c:\docume~1\alluse~1\daneap~1\SUPERAntiSpyware.com
2009-11-26 13:10:18 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2009-11-26 13:08:12 128512 -c----w- c:\windows\system32\dllcache\dhtmled.ocx
2009-11-26 13:05:33 0 d-----w- c:\program files\MSXML 4.0
2009-11-26 13:04:55 1172480 -c----w- c:\windows\system32\dllcache\msxml3.dll
2009-11-26 13:04:08 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2009-11-26 12:56:06 2146816 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-11-26 12:55:55 2025472 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2009-11-26 12:55:54 2067328 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2009-11-26 12:54:34 726528 -c----w- c:\windows\system32\dllcache\jscript.dll
2009-11-19 14:36:05 0 d-----w- C:\stdtsa
2009-11-18 12:24:57 0 d-----w- c:\program files\SUPERAntiSpyware
2009-11-17 10:02:26 0 d-----w- c:\windows\system32\CatRoot2
2009-11-17 09:57:50 0 d-----w- c:\windows\SDTemp
2009-11-16 12:28:33 0 d-----w- C:\symbols
2009-11-16 12:24:10 0 d-----w- c:\program files\Debugging Tools for Windows (x86)
2009-11-16 08:06:50 96408 ----a-w- c:\windows\system32\drivers\epfwtdir.sys
2009-11-16 08:03:36 108792 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2009-11-16 07:56:12 116520 ----a-w- c:\windows\system32\drivers\eamon.sys
2009-11-12 14:32:51 0 d-----w- c:\windows\system32\NtmsData
2009-11-12 13:56:46 0 d-----w- c:\docume~1\user\daneap~1\GlarySoft
2009-11-12 13:49:07 0 d-----w- c:\program files\Glary Utilities
2009-11-12 12:13:29 926720 ----a-w- c:\windows\system32\MyDefragScreenSaver.exe
2009-11-12 12:13:28 93696 ----a-w- c:\windows\system32\MyDefragScreenSaver.scr
2009-11-12 12:13:19 0 d-----w- c:\program files\MyDefrag v4.2.5
==================== Find3M ====================
2009-12-10 15:07:25 1485314080 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-12-10 10:41:03 14079872 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-12-08 23:14:15 260096 ----a-w- c:\windows\PEV.exe
2009-10-29 07:43:29 916480 ----a-w- c:\windows\system32\wininet.dll
2009-10-26 07:21:38 79298 ----a-w- c:\windows\system32\perfc015.dat
2009-10-26 07:21:38 453762 ----a-w- c:\windows\system32\perfh015.dat
2009-10-20 10:38:53 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-13 10:34:25 271360 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:40:13 79872 ----a-w- c:\windows\system32\raschap.dll
2009-10-12 13:40:13 150016 ----a-w- c:\windows\system32\rastls.dll
2009-10-01 08:29:14 195440 ------w- c:\windows\system32\MpSigStub.exe
2006-10-18 08:21:24 766 ----a-w- c:\program files\common files\sms.ico
2006-10-18 08:21:24 70 ----a-w- c:\program files\common files\moje.js
2008-07-11 06:04:08 32768 --sha-w- c:\windows\system32\config\systemprofile\ustawienia lokalne\historia\history.ie5\mshist012008071120080712\index.dat
============= FINISH: 16:09:28,97 ===============
**************************************************************************************************
- Kod: Zaznacz wszystko
[b]ROOTREPEAL[/b] (c) AD, 2007-2009
==================================================
Scan Start Time: 2009/12/10 16:17
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================
Drivers
-------------------
Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xF42D8000 Size: 98304 File Visible: No Signed: -
Status: -
Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xF9809000 Size: 8192 File Visible: No Signed: -
Status: -
Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xF3399000 Size: 49152 File Visible: No Signed: -
Status: -
Hidden/Locked Files
-------------------
Path: C:\hiberfil.sys
Status: Locked to the Windows API!
SSDT
-------------------
#: 019 Function Name: NtAssignProcessToJobObject
Status: Hooked by "<unknown>" at address 0xff9988a0
#: 025 Function Name: NtClose
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf42f86b8
#: 041 Function Name: NtCreateKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf42f8574
#: 065 Function Name: NtDeleteValueKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf42f8a52
#: 068 Function Name: NtDuplicateObject
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf42f814c
#: 119 Function Name: NtOpenKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf42f864e
#: 122 Function Name: NtOpenProcess
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf42f808c
#: 128 Function Name: NtOpenThread
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf42f80f0
#: 177 Function Name: NtQueryValueKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf42f876e
#: 204 Function Name: NtRestoreKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf42f872e
#: 247 Function Name: NtSetValueKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf42f88ae
#: 253 Function Name: NtSuspendProcess
Status: Hooked by "<unknown>" at address 0xff9986d0
#: 254 Function Name: NtSuspendThread
Status: Hooked by "<unknown>" at address 0xff9984f0
#: 257 Function Name: NtTerminateProcess
Status: Hooked by "<unknown>" at address 0xff997ee0
#: 258 Function Name: NtTerminateThread
Status: Hooked by "<unknown>" at address 0xff998310
Stealth Objects
-------------------
Object: Hidden Code [ETHREAD: 0x811b3da8]
Process: System Address: 0xff996930 Size: 1000
==EOF==
***********************
OTL log http://wklej.org/id/233514/txt
System Repair Engineer http://wklej.org/id/233516/txt
--
Pozdrawiam,
marcos_777
