tu masz poprzedniego loga:
- Kod: Zaznacz wszystko
ComboFix 09-12-20.08 - Ja 2009-12-21 22:09:39.3.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.48.1045.18.2047.1546 [GMT 1:00]
Uruchomiony z: c:\documents and settings\Ja\Pulpit\ComboFix.exe
Użyto następujących komend :: c:\documents and settings\Ja\Pulpit\CFScript.txt
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Rezydentny antywirus jest aktywny
.
((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
--------------- FCopy ---------------
c:\sndvol32.exe --> c:\windows\system32\sndvol32.exe
.
((((((((((((((((((((((((( Pliki utworzone od 2009-11-21 do 2009-12-21 )))))))))))))))))))))))))))))))
.
2009-12-21 20:57 . 2009-12-21 20:57 139264 ------w- C:\sndvol32.exe
2009-12-21 19:20 . 2009-12-21 19:20 -------- d-----w- c:\documents and settings\Administrator\Dane aplikacji\Windows Search
2009-12-21 18:59 . 2009-12-21 18:59 -------- d-----w- c:\program files\AMD
2009-12-21 18:51 . 2009-12-21 18:51 -------- d-----w- c:\documents and settings\Administrator\Ustawienia lokalne\Dane aplikacji\cache
2009-12-21 18:50 . 2009-12-21 18:50 -------- d-----w- c:\documents and settings\Administrator\Dane aplikacji\Gadu-Gadu 10
2009-12-21 16:36 . 2009-12-21 16:36 -------- d-----w- c:\documents and settings\Ja\Dane aplikacji\NotMyIp
2009-12-21 16:35 . 2009-12-21 17:05 -------- d-----w- c:\documents and settings\Ja\Dane aplikacji\Tor
2009-12-21 16:35 . 2009-12-21 17:11 -------- d-----w- c:\documents and settings\Ja\Dane aplikacji\Vidalia
2009-12-21 16:34 . 2009-12-21 16:34 8704 ----a-w- c:\windows\system32\SpOrder.dll
2009-12-21 16:34 . 2009-09-21 22:52 184320 ----a-w- c:\windows\system32\PCProxy.dll
2009-12-21 16:34 . 2009-09-21 22:50 2347008 ----a-w- c:\windows\system32\AmplusnetPrivacyTools.exe
2009-12-21 16:34 . 2009-07-01 16:22 462848 ----a-w- c:\windows\system32\RegisterLSP.exe
2009-12-21 16:34 . 2009-12-21 16:34 -------- d-----w- c:\program files\NotMyIP
2009-12-21 10:26 . 2009-12-21 10:32 -------- d-----w- c:\documents and settings\Ja\Dane aplikacji\The Bat!
2009-12-20 22:06 . 2009-12-20 22:06 -------- d-----w- c:\documents and settings\Ja\Ustawienia lokalne\Dane aplikacji\Last.fm
2009-12-20 17:56 . 2009-12-20 17:56 103424 ----a-w- c:\windows\system32\Http Client_nat.dll
2009-12-20 16:43 . 2009-12-20 16:43 -------- d-----w- C:\rsit
2009-12-14 22:31 . 2009-12-14 22:31 -------- d-----w- c:\program files\PlayReady
2009-12-14 15:38 . 2009-12-14 15:38 81920 ----a-w- c:\windows\ALCFDRTM.EXE
2009-12-14 15:36 . 2009-12-03 19:45 358944 ----a-w- c:\windows\vncutil.exe
2009-12-14 15:36 . 2009-12-03 19:45 48672 ----a-w- c:\windows\system32\RtkCoInstXP.dll
2009-12-14 15:36 . 2009-12-03 19:45 129568 ----a-w- c:\windows\RtkAudioService.exe
2009-12-14 15:36 . 2009-11-18 06:17 1395800 ----a-w- c:\windows\system32\drivers\Monfilt.sys
2009-12-14 15:36 . 2009-11-18 06:16 1691480 ----a-w- c:\windows\system32\drivers\Ambfilt.sys
2009-12-12 17:31 . 2009-12-12 17:31 -------- d-----w- c:\documents and settings\Ja\Ustawienia lokalne\Dane aplikacji\Rockstar Games
2009-12-12 12:53 . 2009-12-12 12:53 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Dane aplikacji\Martau
2009-12-11 18:57 . 2009-12-11 18:57 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Dane aplikacji\McAfee
2009-12-11 18:45 . 2009-12-11 18:45 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Dane aplikacji\McAfee Security Scan
2009-12-11 18:45 . 2009-12-11 18:46 1924200 ----a-w- c:\documents and settings\All Users.WINDOWS\Dane aplikacji\NOS\Adobe_Downloads\install_flash_player.exe
2009-12-11 18:45 . 2009-12-11 19:47 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Dane aplikacji\NOS
2009-12-07 16:44 . 2009-12-07 16:44 604488 ----a-w- c:\windows\system32\TUProgSt.exe
2009-12-07 16:44 . 2009-11-16 11:25 29000 ----a-w- c:\windows\system32\uxtuneup.dll
2009-12-06 16:29 . 2009-11-30 20:43 136192 ----a-w- c:\windows\system32\fsproflt.exe
2009-12-06 16:29 . 2008-06-05 17:37 43792 ----a-w- c:\windows\system32\drivers\FSPFltd.sys
2009-12-06 13:15 . 2009-12-06 13:15 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Dane aplikacji\Malwarebytes
2009-12-05 16:48 . 2009-12-21 19:43 -------- d-----w- c:\program files\ViGlance
2009-12-04 17:59 . 2009-12-04 17:59 -------- d-----w- c:\documents and settings\Gosc\.gstreamer-0.10
2009-12-04 17:58 . 2009-12-04 17:58 -------- d-----w- c:\documents and settings\Gosc\Dane aplikacji\OpenFM
2009-12-04 09:03 . 2009-12-04 09:03 251376 ----a-w- c:\documents and settings\Ja\Dane aplikacji\Mozilla\Plugins\npgoogletalk.dll
2009-11-30 19:33 . 2009-11-30 19:33 41872 ----a-w- c:\windows\system32\xfcodec.dll
2009-11-30 15:50 . 2009-12-19 17:02 -------- d-----w- c:\documents and settings\Ja\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi
2009-11-29 10:15 . 2009-11-29 10:15 -------- d-----w- c:\windows\Power Archiver
2009-11-28 21:27 . 2009-11-28 21:27 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Dane aplikacji\ConeXware
2009-11-27 14:30 . 2009-11-27 14:29 24566576 ----a-w- c:\documents and settings\All Users.WINDOWS\Dane aplikacji\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\NokiaSoftwareUpdaterSetup_pl.exe
2009-11-27 14:30 . 2009-11-27 14:30 36864 ----a-w- c:\documents and settings\All Users.WINDOWS\Dane aplikacji\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\Sleep.exe
2009-11-27 14:30 . 2009-11-27 14:30 3351812 ----a-w- c:\documents and settings\All Users.WINDOWS\Dane aplikacji\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\msxml6Exec.exe
2009-11-27 14:30 . 2009-11-27 14:30 3203453 ----a-w- c:\documents and settings\All Users.WINDOWS\Dane aplikacji\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\vcredistExec.exe
2009-11-26 21:20 . 2009-11-28 21:04 -------- d-----w- c:\documents and settings\Ja\Dane aplikacji\mIRC
2009-11-26 21:20 . 2009-11-28 21:03 -------- d-----w- c:\program files\mIRC
2009-11-26 13:25 . 2009-11-26 13:25 -------- d-----w- c:\documents and settings\Ja\Ustawienia lokalne\Dane aplikacji\Thinstall
2009-11-26 13:08 . 2009-11-26 13:08 -------- d-----w- c:\documents and settings\Ja\Dane aplikacji\Gadu-Gadu 10
2009-11-25 13:20 . 2009-09-29 20:15 593920 ------w- c:\windows\system32\ati2sgag.exe
2009-11-25 13:19 . 2009-11-25 13:19 -------- d-----w- C:\ATI
2009-11-25 05:51 . 2009-07-31 04:35 1172480 -c----w- c:\windows\system32\dllcache\msxml3.dll
2009-11-23 10:53 . 2009-11-23 10:53 37376 ----a-w- c:\documents and settings\Ja\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll
2009-11-23 10:53 . 2009-11-23 10:53 11776 ----a-w- c:\documents and settings\Ja\Dane aplikacji\Gadu-Gadu 10\_userdata\npgg.2.dll
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-21 21:07 . 2009-04-20 19:20 -------- d-----w- c:\documents and settings\Ja\Dane aplikacji\Xfire
2009-12-21 20:57 . 2009-06-10 14:21 139264 ----a-w- c:\windows\system32\sndvol32.exe
2009-12-21 18:50 . 2009-09-12 11:07 -------- d-----w- c:\program files\Gadu-Gadu 10
2009-12-21 16:33 . 2009-10-08 12:23 -------- d-----w- c:\documents and settings\Ja\Dane aplikacji\Hide IP NG
2009-12-20 21:33 . 2009-04-20 17:52 72896 ----a-w- c:\documents and settings\Ja\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
2009-12-20 18:31 . 2009-07-17 00:53 -------- d-----w- c:\program files\TuneUp Utilities 2009
2009-12-20 16:34 . 2009-05-07 18:17 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Dane aplikacji\Microsoft Help
2009-12-20 11:07 . 2009-10-24 08:19 -------- d-----w- c:\program files\ViGlance OneStep V1
2009-12-20 11:07 . 2009-07-16 08:54 -------- d-----w- c:\program files\NAPI-PROJEKT
2009-12-18 22:50 . 2009-04-21 13:20 215104 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-12-18 21:54 . 2009-04-21 13:20 138576 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-12-18 14:02 . 2009-11-21 17:01 -------- d-----w- c:\program files\America Online 9.0
2009-12-17 14:40 . 2009-04-21 13:20 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-12-17 12:46 . 2009-04-23 16:55 22328 ----a-w- c:\documents and settings\Ja\Dane aplikacji\PnkBstrK.sys
2009-12-17 12:46 . 2009-04-23 16:55 22328 ----a-w- c:\documents and settings\Ja\Dane aplikacji\PnkBstrK.sys
2009-12-16 21:00 . 2006-03-02 12:00 93858 ----a-w- c:\windows\system32\perfc015.dat
2009-12-16 21:00 . 2006-03-02 12:00 515856 ----a-w- c:\windows\system32\perfh015.dat
2009-12-16 17:16 . 2009-04-20 19:12 -------- d-----w- c:\documents and settings\Ja\Dane aplikacji\Winamp
2009-12-14 22:31 . 2009-06-19 09:27 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Dane aplikacji\ipla
2009-12-14 15:36 . 2009-04-20 18:30 -------- d-----w- c:\program files\Realtek
2009-12-13 11:00 . 2009-10-07 20:38 -------- d-----w- c:\program files\ipla
2009-12-12 13:59 . 2009-06-27 22:44 -------- d-----w- c:\documents and settings\Ja\Dane aplikacji\Software Informer
2009-12-12 13:06 . 2009-10-29 14:59 -------- d-----w- c:\program files\ATI Technologies
2009-12-12 13:04 . 2009-05-30 09:46 -------- d---a-w- c:\documents and settings\All Users.WINDOWS\Dane aplikacji\TEMP
2009-12-07 16:44 . 2009-09-03 15:10 361288 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2009-12-02 19:26 . 2009-11-07 11:51 -------- d-----w- c:\program files\5Fantastic
2009-12-02 17:21 . 2009-11-21 17:01 66625 ----a-w- c:\documents and settings\All Users.WINDOWS\Dane aplikacji\AOL\Cd_America Online 9.0\ctem.sys
2009-11-29 17:12 . 2009-09-16 12:56 72896 ----a-w- c:\documents and settings\Gosc\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
2009-11-27 14:31 . 2009-04-25 10:50 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Dane aplikacji\Installations
2009-11-27 14:30 . 2009-05-07 15:43 -------- d-----w- c:\program files\Nokia
2009-11-27 14:30 . 2009-04-29 17:34 -------- d-----w- c:\program files\Common Files\Nokia
2009-11-25 16:52 . 2009-09-23 13:00 -------- d-----w- c:\program files\Google
2009-11-25 13:20 . 2009-04-20 16:19 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-11-24 16:56 . 2009-04-20 20:08 177024 ----a-w- c:\documents and settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\ih81elxc.default\FlashGot.exe
2009-11-24 16:50 . 2009-06-19 10:28 -------- d-----w- c:\documents and settings\Ja\Dane aplikacji\ipla
2009-11-24 16:40 . 2009-04-20 18:30 838176 ----a-w- c:\windows\RtlExUpd.dll
2009-11-22 16:07 . 2009-04-21 18:39 -------- d-----w- c:\program files\Java
2009-11-22 09:52 . 2009-07-01 21:51 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Dane aplikacji\AOL
2009-11-21 19:44 . 2009-09-27 14:35 -------- d-----w- c:\documents and settings\Ja\Dane aplikacji\uTorrent
2009-11-21 17:59 . 2009-08-19 20:01 -------- d-----w- c:\program files\SignSIS-GUI
2009-11-21 17:05 . 2009-11-21 17:02 -------- d-----w- c:\program files\AOL Companion
2009-11-21 17:02 . 2009-11-21 17:01 -------- d-----w- c:\program files\Common Files\aolshare
2009-11-21 17:02 . 2009-07-01 21:50 -------- d-----w- c:\program files\Common Files\AOL
2009-11-16 14:10 . 2009-11-16 14:10 858747 ----a-w- c:\documents and settings\Ja\Dane aplikacji\Hide IP NG\hideipng-update.exe
2009-11-16 14:07 . 2009-10-14 09:57 -------- d-----w- c:\documents and settings\Ja\Dane aplikacji\HideIP
2009-11-16 13:11 . 2009-11-16 13:11 -------- d-----w- c:\program files\AGEIA Technologies
2009-11-16 13:10 . 2009-11-16 13:10 -------- d-----w- c:\program files\DivX
2009-11-16 12:55 . 2009-11-16 12:55 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-11-15 14:39 . 2009-11-15 14:39 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-11-15 14:39 . 2009-11-15 14:39 552 ----a-w- c:\windows\system32\d3d8caps.dat
2009-11-15 13:05 . 2009-06-13 12:09 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Dane aplikacji\TrackMania
2009-11-13 16:12 . 2009-11-13 16:12 -------- d-----w- c:\documents and settings\Ja\Dane aplikacji\Spyware Terminator
2009-11-11 08:33 . 2009-10-30 15:45 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Dane aplikacji\Test Drive Unlimited
2009-11-07 11:51 . 2009-11-07 11:51 -------- d-----w- c:\documents and settings\Ja\Dane aplikacji\pl.5fantastic.oneway.8566CE160176669D38AD6CA5DF2B8C8BE659144F.1
2009-11-07 11:51 . 2009-11-07 11:51 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-11-07 11:51 . 2009-11-07 11:51 38208 ----a-w- c:\documents and settings\Ja\Dane aplikacji\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2009-11-07 11:51 . 2009-11-07 11:51 38208 ----a-w- c:\documents and settings\Default User.WINDOWS\Dane aplikacji\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2009-11-04 19:10 . 2009-11-04 19:09 -------- d-----w- c:\program files\Nowe Gadu-Gadu
2009-11-03 18:17 . 2009-11-03 18:16 -------- d-----w- c:\program files\Gadu-Gadu 8
2009-11-03 18:08 . 2009-11-03 18:08 -------- d-----w- c:\program files\Ganymede
2009-11-02 19:43 . 2009-04-21 18:46 -------- d-----w- c:\program files\SystemRequirementsLab
2009-10-31 17:56 . 2009-10-31 17:56 -------- d-----w- c:\program files\Common Files\COWON
2009-10-29 15:02 . 2009-10-29 15:02 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Dane aplikacji\ATI
2009-10-29 13:10 . 2009-10-29 13:09 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Dane aplikacji\Blizzard Entertainment
2009-10-29 07:43 . 2006-03-02 12:00 916480 ------w- c:\windows\system32\wininet.dll
2009-10-28 01:15 . 2009-11-19 04:34 184320 ----a-w- c:\windows\system32\HMIPCore.dll
2009-10-27 18:55 . 2009-10-27 18:55 -------- d-----w- c:\program files\Common Files\Adobe Systems Shared
2009-10-27 18:55 . 2009-07-20 14:24 -------- d-----w- c:\program files\Common Files\Adobe
2009-10-25 21:44 . 2009-10-25 21:44 -------- d-----w- c:\documents and settings\Ja\Dane aplikacji\Realtime Soft
2009-10-25 17:11 . 2009-09-27 20:28 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Dane aplikacji\Ulead Systems
2009-10-24 17:38 . 2009-10-24 17:38 -------- d-----w- c:\documents and settings\Gosc\Dane aplikacji\ipla
2009-10-24 13:53 . 2006-03-02 12:00 219648 ----a-w- c:\windows\system32\uxtheme.dll
2009-10-23 21:51 . 2009-10-23 21:51 -------- d-----w- c:\program files\Desh
2009-10-23 21:51 . 2009-10-23 21:51 -------- d-----w- c:\documents and settings\Ja\Dane aplikacji\Desh
2009-10-21 05:40 . 2006-03-02 12:00 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:40 . 2006-03-02 12:00 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 16:20 . 2006-03-02 12:00 265728 ----a-w- c:\windows\system32\drivers\http.sys
2009-10-13 10:34 . 2006-03-02 12:00 271360 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:40 . 2006-03-02 12:00 79872 ----a-w- c:\windows\system32\raschap.dll
2009-10-12 13:40 . 2006-03-02 12:00 150016 ----a-w- c:\windows\system32\rastls.dll
2009-10-11 03:17 . 2009-04-21 18:40 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-08 17:27 . 2009-10-22 14:22 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2009-10-08 13:57 . 2008-07-29 17:59 614400 ----a-w- c:\windows\system32\uiautomationcore.dll
2009-10-08 13:57 . 2006-03-02 12:00 23040 ----a-w- c:\windows\system32\oleaccrc.dll
2009-10-08 13:57 . 2006-03-02 12:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2009-10-06 18:37 . 2009-10-06 18:37 6857 ----a-w- c:\windows\system32\mswrdt.dat
2009-10-01 19:45 . 2009-09-08 12:12 52780 ---ha-w- c:\windows\system32\mlfcache.dat
2009-09-30 04:18 . 2009-09-30 04:18 3565056 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2009-09-30 02:20 . 2009-09-30 02:20 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2009-09-30 02:19 . 2009-09-30 02:19 325120 ----a-w- c:\windows\system32\ati2dvag.dll
2009-09-30 02:10 . 2009-09-30 02:10 204800 ----a-w- c:\windows\system32\atipdlxx.dll
2009-09-30 02:10 . 2009-09-30 02:10 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2009-09-30 02:10 . 2009-09-30 02:10 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2009-09-30 02:10 . 2009-09-30 02:10 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2009-09-30 02:10 . 2009-09-30 02:10 155648 ----a-w- c:\windows\system32\ati2evxx.dll
2009-09-30 02:08 . 2009-09-30 02:08 602112 ----a-w- c:\windows\system32\ati2evxx.exe
2009-09-30 02:08 . 2009-09-30 02:08 307200 ----a-w- c:\windows\system32\atiiiexx.dll
2009-09-30 02:07 . 2009-09-30 02:07 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2009-09-30 02:07 . 2009-09-30 02:07 11845632 ----a-w- c:\windows\system32\atioglxx.dll
2009-09-30 02:00 . 2009-09-30 02:00 3818272 ----a-w- c:\windows\system32\ati3duag.dll
2009-03-08 12:09 . 2009-10-24 08:32 638816 --sha-w- c:\windows\NiwradSoft Shell Pack\Backup\iexplore.exe
2008-04-14 20:51 . 2009-10-24 08:33 60928 --sha-w- c:\windows\NiwradSoft Shell Pack\Backup\msimn.exe
2009-07-02 17:01 . 2009-07-02 17:01 23 --sha-w- c:\windows\system32\edacded0.dat
.
[code]<pre>
c:\program files\Common Files\Ahead\Lib\nerocheck .exe
c:\program files\Realtek\InstallShield\rthdcpl .exe
</pre>[/code]
------- Sigcheck -------
[7] 2008-04-14 . 51FD2E13D723857B9CA239AE77150F48 . 510464 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\winlogon.exe
[-] 2008-04-14 . 335813EACD16E84F3047A3326F6E5473 . 549888 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2008-04-14 . 335813EACD16E84F3047A3326F6E5473 . 549888 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[7] 2008-04-14 . 0BE00656B7CAEDE754AEE4D7AD13B687 . 617472 . . [5.82] . . c:\windows\NiwradSoft Shell Pack\Backup\comctl32.dll
[-] 2008-04-14 . 7FE5B08AA540D306D87083B3DAD2F141 . 643072 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll
[-] 2008-04-14 . 7FE5B08AA540D306D87083B3DAD2F141 . 643072 . . [5.82] . . c:\windows\system32\comctl32.dll
[7] 2008-04-14 . A435C5C069AFD901751AC323AD238793 . 580096 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\user32.dll
[-] 2008-04-14 . 3AA91200D0D08A3B69B036C15A340E5C . 580096 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll
[-] 2008-04-14 . 3AA91200D0D08A3B69B036C15A340E5C . 580096 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2008-04-14 . 3AA91200D0D08A3B69B036C15A340E5C . 580096 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\user32.dll
[-] 2008-04-14 . 866FD92C15462CB18786EF091FA187AB . 1542144 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[7] 2008-04-14 . C791ED9EAC5E76D9525E157B1D7A599A . 1035264 . . [6.00.2900.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\explorer.exe
[-] 2008-04-14 . 866FD92C15462CB18786EF091FA187AB . 1542144 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2008-04-14 . 866FD92C15462CB18786EF091FA187AB . 1542144 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\explorer.exe
[7] 2008-04-14 . 1BD41EDA5B869AFC99895C39A8DE36E1 . 15360 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\ctfmon.exe
[-] 2008-04-14 . 0277E1A3E8B337555A45943808451981 . 40448 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2008-04-14 . 0277E1A3E8B337555A45943808451981 . 40448 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[-] 2008-04-14 . 0277E1A3E8B337555A45943808451981 . 40448 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ctfmon.exe
[7] 2009-08-04 . 9ACB4A31FFEB21C03ACA123B5D378B7A . 2067328 . . [5.1.2600.5857] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe
[7] 2009-08-04 . 04793CAF9B24E6972670B9A34C9DCB93 . 2025472 . . [5.1.2600.5857] . . c:\windows\NiwradSoft Shell Pack\Backup\ntkrnlpa.exe
[-] 2009-08-04 . 330F13352F29A9C8D4422AC3A8B46D38 . 2187776 . . [5.1.2600.5857] . . c:\windows\ServicePackFiles\i386\ntkrnlpa.exe
[-] 2009-08-04 . 330F13352F29A9C8D4422AC3A8B46D38 . 2187776 . . [5.1.2600.5857] . . c:\windows\system32\ntkrnlpa.exe
[-] 2009-08-04 . 330F13352F29A9C8D4422AC3A8B46D38 . 2187776 . . [5.1.2600.5857] . . c:\windows\system32\dllcache\ntkrnlpa.exe
.
((((((((((((((((((((((((((((( SnapShot@2009-12-20_18.33.26 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-12-21 21:08 . 2009-12-21 21:08 16384 c:\windows\Temp\Perflib_Perfdata_288.dat
+ 2009-06-10 14:21 . 2009-12-21 20:57 139264 c:\windows\system32\dllcache\sndvol32.exe
+ 2009-12-21 10:24 . 2009-12-21 10:24 540672 c:\windows\Installer\84519b.msi
- 2009-10-29 21:25 . 2009-10-29 21:25 300318 c:\windows\Installer\{83F81F91-7BE9-44D1-98AF-2B87E0B8710C}\ico.exe
+ 2009-12-21 18:59 . 2009-12-21 18:59 300318 c:\windows\Installer\{83F81F91-7BE9-44D1-98AF-2B87E0B8710C}\ico.exe
- 2009-10-29 21:25 . 2009-10-29 21:25 300318 c:\windows\Installer\{83F81F91-7BE9-44D1-98AF-2B87E0B8710C}\_6FEFF9B68218417F98F549.exe
+ 2009-12-21 18:59 . 2009-12-21 18:59 300318 c:\windows\Installer\{83F81F91-7BE9-44D1-98AF-2B87E0B8710C}\_6FEFF9B68218417F98F549.exe
- 2009-10-29 21:25 . 2009-10-29 21:25 300318 c:\windows\Installer\{83F81F91-7BE9-44D1-98AF-2B87E0B8710C}\_55699751CB48445A6D7518.exe
+ 2009-12-21 18:59 . 2009-12-21 18:59 300318 c:\windows\Installer\{83F81F91-7BE9-44D1-98AF-2B87E0B8710C}\_55699751CB48445A6D7518.exe
+ 2009-12-21 18:59 . 2009-12-21 18:59 1634304 c:\windows\Installer\1ed69.msi
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Realtek"="c:\program files\Realtek\InstallShield\rthdcpl .exe" [2007-02-26 16125440]
"Unlocker"="e:\program files\Unlocker\UnlockerAssistant.exe" [2008-05-02 15872]
"Hidder"="e:\progra~1\G DATA Software\SekretNIK\Hidder.exe" [2002-06-03 565248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-04-09 2029640]
"Hidder"="e:\progra~1\G DATA Software\SekretNIK\Hidder.exe" [2002-06-03 565248]
"StartupDelayer"="e:\program files\r2 Studios\Startup Delayer\Startup Launcher.exe" [2009-03-08 73728]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoChangeAnimation"= 0 (0x0)
"NoStrCmpLogical"= 1 (0x1)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\MCPClient]
2005-01-31 13:13 49152 ----a-w- c:\program files\Common Files\Stardock\MCPStub.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\wbsys.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"e:\\Program Files\\FlashGet Network\\FlashGet universal\\flashget.exe"=
"e:\\Program Files\\Xfire\\Xfire.exe"=
"c:\\Documents and Settings\\Ja\\Ustawienia lokalne\\Dane aplikacji\\Google\\Google Talk Plugin\\googletalkplugin.dll"=
"c:\\Documents and Settings\\Ja\\Ustawienia lokalne\\Dane aplikacji\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"d:\\Program Files\\Xfire\\Xfire.exe"=
"d:\\Program Files\\Steam\\steamapps\\skin922\\counter-strike source\\hl2.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"d:\\Program Files\\Steam\\steamapps\\skin922\\half-life 2 deathmatch\\hl2.exe"=
"e:\\Program Files\\Steam\\SteamApps\\aroaro1993\\counter-strike\\hl.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"e:\\Program Files\\Gadu-Gadu\\gg.exe"=
"c:\\Program Files\\Nowe Gadu-Gadu\\gg.exe"=
"c:\\Documents and Settings\\Ja\\Ustawienia lokalne\\Dane aplikacji\\Dyyno Receiver\\DPPM.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"d:\\Program Files\\Steam\\steamapps\\common\\trackmania nations forever\\TmForever.exe"=
"e:\\Program Files\\Valve\\hl.exe"=
"c:\\Documents and Settings\\Ja\\Pulpit\\Inne\\SteamStats\\SteamStats.exe"=
"d:\\Program Files\\Steam\\steamapps\\skin922\\source sdk base\\hl2.exe"=
"e:\\Program Files\\World of Warcraft\\Repair.exe"=
"e:\\Program Files\\World of Warcraft\\Launcher.exe"=
"e:\\Program Files\\World of Warcraft\\WoW-3.0.3.9183-to-3.0.8.9464-enGB-downloader.exe"=
"e:\\Program Files\\World of Warcraft\\WoW-3.0.9.9551-to-3.1.0.9767-enGB-downloader.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"e:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"e:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"e:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"d:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Desh\\ShareTheMusic\\app\\stm-agent.exe"=
"e:\\Program Files\\Ruby\\bin\\ruby.exe"=
"e:\\Program Files\\World of Warcraft\\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe"=
"e:\\Program Files\\World of Warcraft\\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe"=
"e:\\Program Files\\World of Warcraft\\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe"=
"e:\\Program Files\\World of Warcraft\\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe"=
"d:\\Program Files\\Steam\\steamapps\\common\\america's army 3\\Binaries\\AA3Game.exe"=
"c:\\Program Files\\Gadu-Gadu 10\\gg10.exe"=
"c:\\Program Files\\Gadu-Gadu 8\\gg.exe"=
"c:\\WINDOWS\\system32\\java.exe"=
"e:\\Program Files\\Activision\\Modern Warfare 2\\iw4sp.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\acsd.exe"=
"e:\\Program Files\\Steam\\Steam.exe"=
"e:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"e:\\Program Files\\Steam\\steamapps\\aroaro1993\\team fortress 2\\hl2.exe"=
"e:\\Program Files\\Activision\\Modern Warfare 2\\iw4mp1.exe"=
"d:\\Program Files\\Steam\\steamapps\\skin922\\day of defeat source\\hl2.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
R0 AFPAnsi;G-DATA UkrywaczAnsi;c:\windows\system32\drivers\AFPAnsi.sys [2009-07-16 31776]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2009-04-09 107256]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2009-04-09 94360]
R1 SLEE_13_DRIVER;Steganos Live Encryption Engine 13 [Driver];c:\windows\system32\drivers\slee13.sys [2005-10-04 16:42 74240]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-04-09 731840]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;e:\program files\LogMeIn Hamachi\hamachi-2.exe [2009-10-29 1074568]
R3 AmplusnetPrivacyTools;AmplusnetPrivacyTools;c:\windows\system32\AmplusnetPrivacyTools.exe [2009-12-21 2347008]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2009-04-21 721904]
S2 CachemanService;Cacheman Service;d:\program files\Cacheman\CachemanServ.exe --> d:\program files\Cacheman\CachemanServ.exe [?]
S2 gupdate1ca3c4dda4f2a10;Google Update Service (gupdate1ca3c4dda4f2a10);c:\program files\Google\Update\GoogleUpdate.exe [2009-09-23 133104]
S3 ESLvnic1;ESLvnic Virtual Network 32 Bit;c:\windows\system32\drivers\ESLvnic.sys [2009-08-29 23512]
S3 FXDrv32;FXDrv32;\??\j:\fxdrv32.sys --> j:\FXDrv32.sys [?]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2009-04-29 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2009-04-29 8320]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 tap0801;TAP-Win32 Adapter V8;c:\windows\system32\drivers\tap0801.sys [2006-10-01 26624]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.ogame.pl/
uInternet Settings,ProxyServer = socks=
uInternet Settings,ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com,
IE: &Download All by FlashGet - e:\program files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
IE: &Download by FlashGet - e:\program files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: E&ksportuj do programu Microsoft Excel
LSP: c:\windows\system32\PCProxy.dll
TCP: {7BCE8483-1CD1-4112-9968-EB9602863624} = 208.67.222.222,208.67.220.220
FF - ProfilePath - c:\documents and settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\ih81elxc.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.pl/ig
FF - plugin: c:\documents and settings\All Users.WINDOWS\Dane aplikacji\id Software\QuakeLive\npquakezero.dll
FF - plugin: c:\documents and settings\All Users.WINDOWS\Dane aplikacji\NexonEU\NGM\npNxGameeu.dll
FF - plugin: c:\documents and settings\Ja\Dane aplikacji\Gadu-Gadu 10\_userdata\npgg.2.dll
FF - plugin: c:\documents and settings\Ja\Dane aplikacji\Mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\Ja\Dane aplikacji\Mozilla\plugins\npoctoshape.dll
FF - plugin: c:\documents and settings\Ja\Ustawienia lokalne\Dane aplikacji\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npganymedenet.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-21 22:13
Windows 5.1.2600 Dodatek Service Pack 3 NTFS
skanowanie ukrytych procesów ...
skanowanie ukrytych wpisów autostartu ...
skanowanie ukrytych plików ...
skanowanie pomyślnie ukończone
ukryte pliki: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,50,01,0e,d0,8c,2a,82,4c,9e,48,28,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,50,01,0e,d0,8c,2a,82,4c,9e,48,28,\
[HKEY_USERS\S-1-5-21-1659004503-2146994641-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{8DCD7DF0-D87C-55AE-9730-0DC52F8BADA8}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"abeefckbokchhhkhdcoghhnmfhdoagdplf"=hex:69,61,64,65,6b,61,70,66,6d,67,65,62,
6c,69,61,6e,6c,61,00,00
"mafeicklgkpmlkhcmffeclheof"=hex:6f,61,69,67,62,67,6a,6d,62,65,70,70,6e,6d,64,
63,6a,6c,6a,67,6e,65,62,6e,63,6a,62,69,65,6b,00,00
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):2e,8d,5b,ec,a2,3e,38,69,fb,e6,dc,c2,c6,79,cc,1d,01,4b,8c,c1,5a,
09,63,40,c9,fd,7c,45,3d,e7,7b,ab,b2,78,55,a8,56,f3,55,47,00,00,00,00,00,00,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{ba1076cb-4a88-4ae0-8a80-786e13025eb9}]
@Denied: (Full) (Everyone)
"Model"=dword:000000a1
"Therad"=dword:00000015
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG11.00.00.01WORKSTATION"="626E8A3B85083B0DB396A92BF5752F7DEBF38B088EEA26EB2B1527735A7AB6A16324F80FAF719A10683783794191FA6D0FF9E292C4A1C7A3561BEF1BADC5A596AC16EE156EAB662F3845DA00D20D12BFBB4AAB62E57487AFFE3AC221E5DF1E82D12CD9274EA9E8229705845E6BC5F983E6A3C3FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A9C6AECB7A5D14078EDD5E5BE2F6E667A6171C11EC38DE3D9E96EB5F5B14962435A1D86EB2F17DF617AB02AC21B507F31038185873467F2F7DEC7113EB89CCBE42AC44A55B7B14CD14B7375C9669AB408CE63B77B2A162E31A70B91C9A4E90B3B2BD0EE5694B8229DD53D57F211A26A08D480B4A285F134B48C76F9E986EDF2F1DAD4E0F626BC2BDF12982CB3CF68C741576D503E2EEE40D2E9FAFE22B3CE6436FD88D23DFAE802720E6D29CF5F1A6FEF88F61F28804DD36C6268BD6ACC80CE5E6A04B47122A9BE30EBCD26F714074676237E4944F94B9B6E011870B0A6F66EE98E978C4B9B6AA5534E18069E75C2539CE928D03065C65631E961DB4434A3F9DEC9BFA0BAEF1F3435F0F505022069FE3904EF97D0B5A0474F6F2382CEE3919919D242EAA593DF4573002289002BDFC3B4D173E6753D26B0635643B6EB5E1A6D13DF2DE5A383BDE1F1CFB6436F8498A767F2163CAE54BA719F7B0FA9DD52C4D472DFD4FF35FD8158E6A4452F58EB3CA3074A2E3D1E110F591B19EC07C20432BBEA63CB4F474C0307BB922B5265DCA72E94DD5B2CC75AF4A392A79C77479188E6A35AB3B7F3065FD20796545C117A16B8401F93030E47DC83A7A91C293DADDFBDE384CFED8E1FAFC9A6F5F2DE87C8DD14958D0371489914E2713B9570B520EA916E22393EBEBFAE3EDB2E48B5C66A8F8E1712212B24F45E872B5CA9C2D016404ECBE39FD4645229900B1CFF2853FD1E5DF3D3701EC363859F5F99F21761C60A9A5A51A389AF572BB9BACFDEB6C072A523483DFB947D14F18ED499764016D466FE4C85730BC9E301AEEB8D070C2CF982BB85CED62E84C2FCE7963975C0E509EDB34AA05C8A871E6B80DBE2EEED9C24612A73639171DDF45DC9E5C8572043936AB01253CD6FA33DF52EAF9004CA819A2DD20D21C69D55E3F54C4974D84EAAA1C4C1E611925763EAE51E3FDB3DCC9A3DF1626C7745C26AA10FAB8D260606FBE25E2BEE03D727F82285637ACBAEEFC45F2F8A07F256744BEEFCC2B9C314EE222E9C7FD774D6EA280653785C00BBE25F31778DAB615F70E255A76AFD5B685B9984583574C70428B5043FBD6469D01C8BD49B9847FAEEC03FE0DDB3F36EDB40D7457582EDBD3850D9A63DF931DF0DB133F4D963140E11A46010B1436C956F9992005B847F3A9471D9DAAD58CFA066BD32D271D58B21F49A073"
"OODEFRAG12.00.00.01PROFESSIONAL"="1F0B90B722E4E932505D6468F2313694E0EEB38B000D4946648FF1970774A3F92B21732B55FEFB907EF44706E40D3C229D445E104A84D304982B066E6E1857EC6DC12F2B9E25712105B987EB659923AE7115DFB5B8F156C2836868FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933C038D530D6EB34525D575E7D6A3B9808A2D97226D213B555CA61A02D6B739B1EA706B6D1ED342DC21B47D8FD6C1C95D5ECBD7F023ADE1DCEE686600CDF277C509AF468BAE8A62BE1BC08BFFAC0F9A6FB8441EDBAA45F5ED9AA36FDE79D3A9F26E68338C113E89C758E887479E7E4FB0A3671689F28BDFA6FE8179EEBC85724E0EFA8E8C5F4038B02A72A6D29EA62A76CE73DC0D5729AAF00F8459052CFDA0E111C4CDEB55A30E55F9EC14AD118A9A1DD8208EC99EECB1BCBB5D1C1EB5F59C51FD7CB2219D261FAB78F1BCDCCFE28C36EF2A80A3AD05CC0697CBF489C6A9819C39277DF08B3B8020C1D725D0AF57FCB84ACE9D51B0F8908C1B107DA5E2A93371140956930140E94306A7C010A1501DD58A48B333361C23C143A94543B197735E6585F3452516DAE4C21DD69653A387DF6D3BE290D482F0DEF02C7B6D4F4298B7D567F58C40A95B25BEDAFE643066118BF392CE2C805288D3DF674255FC1BC95DE3B99936FA47A66AC80816F645EEA7AE9D4EF2E9A9EBA35B48C62E623487E94EA88414550C64472E40ED39D196C7BD67CAD178047DCA960E3B84F68FA90EB2CD3477F7378DD4DE2FB4F9E2EC99C6A4454CDA46DAC51E8CCAD766939D96C37661F82D2460E1AA52CBD014A04EEA0453D23C010B1394BA21FC644568DC1EDC8AD294A2A8CC86F10A149E3B525976DCB20EB9945ACEE6235DEB9A4AC3D4C6B3954A1B1EB347816067D92BBB1BA66BB72AE0AEDA2DF66EF3175E39EF8C32502D78C875171D47B0B315C62D106921189618F28577A73CA13DB35F63C3BC28B8FA771B5C486A5C70DF2C0D2F36BA0E117F6CDC77315B05BAC3050780DE7FBD637DE7C55AA6C84E89FDB1054EF10F7386AC1D73EE3AC096AE3D95CC3A2E5D7EBE0E61064A65971F90E3712AA9D9754844C08FEB34F708D6022BB57841692E3C836DF70B66275922CE07DF46ED295124E4ABFF9245D04743996EA9FBDFD3D4DFD289BC5F2865DAFC56B5FCA8AEE95B5AEB497E3E23C7C9A823331F8C4FB2A6A2F68A01C93C523B69FBEC009BF5095E1D5A1F03A919EE7FD5F2D0B0A43B21132146FA8E3E6D04B3727363808205C07E284E8DCE02B3A42C109FEAADE38471FBFFAF724F190E1CD67DC6B1286147C502612A9271CFA47012CC8687666F3657254C18034FD8833191FD63FCD25D89CCB3DE7C2CB9823050AA8006886749C3C2053DDCC302517840EDB3F569E68FBADC6DD055B"
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------
- - - - - - - > 'winlogon.exe'(1044)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\Ati2evxx.dll
c:\program files\Common Files\Stardock\mcpstub.dll
c:\windows\system32\cscui.dll
c:\windows\system32\adsldpc.dll
c:\windows\system32\COMRes.dll
- - - - - - - > 'lsass.exe'(1116)
c:\windows\system32\setupapi.dll
c:\windows\system32\PCProxy.dll
.
Czas ukończenia: 2009-12-21 22:14:19
ComboFix-quarantined-files.txt 2009-12-21 21:14
ComboFix2.txt 2009-12-20 19:16
ComboFix3.txt 2009-12-20 18:37
Przed: 21 561 450 496 bajtów wolnych
Po: 21 549 015 040 bajtów wolnych
Current=2 Default=2 Failed=3 LastKnownGood=4 Sets=,1,2,3,4
- - End Of File - - 219CCD1077D473735CC31BAD4403BBFE
Dodano Dzisiaj, 23:25:nie moge usunąć prograów, nie tylko ja używam z tego komputera, użyje drugiej metody.
- Kod: Zaznacz wszystko
defogger_disable by jpshortstuff (28.11.09.2)
Log created at 22:21 on 21/12/2009 (Ja)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
SPTD -> Disabled
-=E.O.F=-
zaraz dam log z Combofixa
Dodano Dzisiaj, 23:51:okej zadziałało, combofix zaczął pracę bez komunikatu i bez restartu kompa, skanowanie trwało nieznacznie dłużej (2-4min), niż w poprzednich użyciach programu.
a oto i log: (dodam później, jak strona wklej.org zostanie włączona...)
Dodano Dzisiaj, 23:52:okej zadziałało, combofix zaczął pracę bez komunikatu i bez restartu kompa, skanowanie trwało nieznacznie dłużej (2-4min), niż w poprzednich użyciach programu.
a oto i log: (dodam później, jak strona wklej.org zostanie włączona...)
Dodano Dzisiaj, 23:52:okej zadziałało, combofix zaczął pracę bez komunikatu i bez restartu kompa, skanowanie trwało nieznacznie dłużej (2-4min), niż w poprzednich użyciach programu.
a oto i log: (dodam później, jak strona wklej.org zostanie włączona...)
Dodano Dzisiaj, 00:17:lol... w końcu jest
http://wklej.org/id/243044/
