Witam,
Od jakichś dwóch posiadam 2 problemy :
-
Brak danych o wielkości pliku i brak opcji “Modyfikuj/Usuń”
-
Błąd przy otwarciu skrótu jakiegokolwiek folderu (naprawiony jako - tako, poprzez Opcje Folderów->Typy Plików->Folder plików-> Zaawansowane-> Nowy i tam dałem nazwę “open” i jako lokacje explorer.exe, tyle że teraz kolejne foldery otwierają się w nowych oknach a nie jak kiedyś w jednym z opcją powrotu)
Pytanie jest takie - czy to nawala rejestr, czy to robak, czy to wirus i czy reinstal systemu jest potrzebny/mógłby pomóc.
Wklejam log z ComboFix’a
ComboFix 09-09-02.02 - Karol 2009-09-03 17:45.11.4 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1250.48.1045.18.3070.2471 [GMT 2:00]
Uruchomiony z: c:\documents and settings\Karol\Pulpit\Sprzątacze\ComboFix.exe
AV: avast! antivirus 4.8.1351 [VPS 090903-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: ActiveArmor Firewall *disabled* {EDC10449-64D1-46c7-A59A-EC20D662F26D}
.
((((((((((((((((((((((((( Pliki utworzone od 2009-08-03 do 2009-09-03 )))))))))))))))))))))))))))))))
.
2009-09-03 14:45 . 2009-09-03 14:47 -------- d–h--w- c:\windows$hf_mig$
2009-08-31 19:53 . 2009-08-31 19:53 -------- d-----w- c:\documents and settings\Karol\Dane aplikacji\Gadu-Gadu
2009-08-31 19:09 . 2009-08-31 19:10 -------- d-----w- c:\documents and settings\Karol\Gadu-Gadu
2009-08-31 19:09 . 2009-08-31 19:09 -------- d-----w- c:\program files\Gadu-Gadu
2009-08-29 10:17 . 2009-08-29 10:17 -------- d-----w- c:\program files\RegSupreme Pro
2009-08-29 10:17 . 2009-08-29 10:17 23 --sha-w- c:\windows\system32\edacded0.dat
2009-08-29 10:17 . 2009-08-29 10:17 -------- d-----w- c:\program files\jv16 PowerTools 2009
2009-08-29 10:15 . 2009-08-29 10:15 -------- d-----w- c:\program files\xp-AntiSpy
2009-08-24 19:50 . 2009-08-24 19:50 -------- d-----w- c:\program files\Windows Installer Clean Up
2009-08-24 19:50 . 2009-08-24 19:50 -------- d-----w- c:\program files\MSECACHE
2009-08-23 10:41 . 2009-09-03 12:18 -------- d-----w- c:\documents and settings\Karol\Dane aplikacji\skypePM
2009-08-17 01:03 . 2009-08-17 01:03 3674112 ----a-w- c:\windows\system32\nvwssr.dll
2009-08-17 01:02 . 2009-08-17 01:02 229376 ----a-w- c:\windows\system32\nvmccs.dll
2009-08-14 11:36 . 2009-08-14 11:36 70936 ----a-w- c:\windows\system32\PhysXLoader.dll
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-03 15:21 . 2007-12-14 18:11 138736 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-09-03 15:21 . 2007-12-14 18:11 188968 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-09-03 14:34 . 2009-07-08 13:05 -------- d-----w- c:\documents and settings\Karol\Dane aplikacji\vlc
2009-09-03 13:49 . 2009-07-05 18:02 -------- d-----w- c:\documents and settings\Karol\Dane aplikacji\Skype
2009-08-30 11:37 . 2009-08-30 11:37 229376 ----a-w- c:\documents and settings\LocalService\NTUSER.DAT.tmp
2009-08-30 11:37 . 2009-08-29 10:47 229376 ----a-w- c:\documents and settings\NetworkService\NTUSER.DAT.tmp
2009-08-28 18:49 . 2007-11-17 17:08 -------- d-----w- c:\program files\SpeedFan
2009-08-24 20:54 . 2009-04-09 08:55 -------- d-----w- c:\documents and settings\Karol\Dane aplikacji\teamspeak2
2009-08-24 20:00 . 2009-07-05 18:49 -------- d-----w- c:\program files\World of Warcraft
2009-08-24 19:53 . 2008-07-20 12:37 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-08-24 19:53 . 2008-07-20 12:38 -------- d-----w- c:\program files\AGEIA Technologies
2009-08-24 18:21 . 2008-10-23 12:17 -------- d-----w- c:\program files\Odkurzacz
2009-08-24 18:21 . 2008-08-01 14:55 -------- d-----w- c:\program files\Guild Wars
2009-08-24 17:51 . 2009-06-02 16:35 -------- d-----w- c:\documents and settings\Karol\Dane aplikacji\BitTorrent
2009-08-24 17:49 . 2008-03-01 11:40 -------- d-----w- c:\program files\Electronic Arts
2009-08-17 16:10 . 2009-06-03 13:17 1279456 ----a-w- c:\windows\system32\aswBoot.exe
2009-08-17 16:06 . 2009-06-03 13:17 93392 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-08-17 16:06 . 2009-06-03 13:17 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-08-17 16:05 . 2009-06-03 13:17 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-08-17 16:05 . 2009-06-03 13:17 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-08-17 16:04 . 2009-06-03 13:17 51376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-08-17 16:04 . 2009-06-03 13:17 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-08-17 16:03 . 2009-06-03 13:17 26944 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-08-17 16:02 . 2009-06-03 13:17 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-08-17 01:03 . 2009-08-17 01:03 3170304 ----a-w- c:\windows\system32\nvwss.dll
2009-08-16 22:57 . 2009-07-30 16:20 868352 ----a-w- c:\windows\system32\nvapi.dll
2009-08-16 22:57 . 2009-07-30 16:20 2189856 ----a-w- c:\windows\system32\nvcuvid.dll
2009-08-16 22:57 . 2009-07-30 16:20 2002944 ----a-w- c:\windows\system32\nvcuda.dll
2009-08-16 22:57 . 2009-07-30 16:20 1706528 ----a-w- c:\windows\system32\nvcuvenc.dll
2009-08-16 22:57 . 2009-07-30 16:20 155648 ----a-w- c:\windows\system32\nvcodins.dll
2009-08-16 22:57 . 2009-07-30 16:20 155648 ----a-w- c:\windows\system32\nvcod.dll
2009-08-16 22:57 . 2009-07-30 16:20 10457088 ----a-w- c:\windows\system32\nvoglnt.dll
2009-08-16 22:57 . 2009-07-30 16:20 1597690 ----a-w- c:\windows\system32\nvdata.bin
2009-08-16 22:57 . 2007-11-10 14:31 485920 ----a-w- c:\windows\system32\nvudisp.exe
2009-08-16 22:57 . 2007-06-28 16:43 7729568 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2009-08-16 22:57 . 2007-06-28 16:43 5845760 ----a-w- c:\windows\system32\nv4_disp.dll
2009-08-11 10:35 . 2007-11-10 14:30 485920 ----a-w- c:\windows\system32\NVUNINST.EXE
2009-08-04 15:59 . 2009-04-01 13:09 -------- d-----w- c:\program files\Steam
2009-08-02 22:21 . 2009-08-02 22:21 58648 ----a-w- c:\windows\system32\AgCPanelTraditionalChinese.dll
2009-08-02 22:21 . 2009-08-02 22:21 58648 ----a-w- c:\windows\system32\AgCPanelSimplifiedChinese.dll
2009-08-02 22:21 . 2009-08-02 22:21 58648 ----a-w- c:\windows\system32\AgCPanelKorean.dll
2009-08-02 22:21 . 2009-08-02 22:21 58648 ----a-w- c:\windows\system32\AgCPanelJapanese.dll
2009-08-02 22:21 . 2009-08-02 22:21 23320 ----a-w- c:\windows\system32\PhysXDevice.dll
2009-08-01 13:13 . 2009-08-01 13:11 -------- d-----w- c:\documents and settings\Karol\Dane aplikacji\Download Manager
2009-08-01 13:02 . 2007-11-10 14:32 -------- d–h--w- c:\program files\InstallShield Installation Information
2009-07-30 16:21 . 2008-02-12 15:07 -------- d-----w- c:\program files\NVIDIA Corporation
2009-07-30 16:21 . 2009-07-30 16:21 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\NVIDIA Corporation
2009-07-29 17:30 . 2008-03-15 15:20 413696 ----a-w- c:\windows\system32\wrap_oal.dll
2009-07-29 17:30 . 2008-03-15 15:20 110592 ----a-w- c:\windows\system32\OpenAL32.dll
2009-07-29 12:35 . 2009-03-27 22:48 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Spybot - Search & Destroy
2009-07-27 17:20 . 2009-06-27 17:29 -------- d-----w- c:\documents and settings\Karol\Dane aplikacji\Any Video Converter
2009-07-20 15:36 . 2009-07-14 10:06 -------- d-----w- c:\program files\Widescreen Fixer
2009-07-18 14:39 . 2008-05-17 16:36 -------- d-----w- c:\program files\DivX
2009-07-15 16:32 . 2008-04-22 16:00 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Microsoft Help
2009-07-13 21:43 . 2009-07-13 21:43 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Codemasters
2009-07-13 21:43 . 2009-07-13 21:43 -------- d-----w- c:\program files\OpenAL
2009-07-09 19:17 . 2009-07-09 19:17 -------- d-----w- c:\program files\Common Files\Borland Shared
2009-07-09 19:16 . 2009-07-09 19:16 -------- d-----w- c:\program files\Borland
2009-07-08 19:27 . 2009-07-08 19:24 -------- d-----w- c:\documents and settings\Karol\Dane aplikacji\Dev-Cpp
2009-07-08 13:13 . 2009-07-08 12:30 -------- d-----w- c:\documents and settings\Karol\Dane aplikacji\Desktopicon
2009-07-08 13:04 . 2009-07-08 13:04 -------- d-----w- c:\program files\VideoLAN
2009-07-07 15:02 . 2009-06-27 17:29 -------- d-----w- c:\program files\Any Video Converter
2009-07-06 07:50 . 2009-04-09 12:40 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2009-07-05 18:02 . 2009-07-05 18:02 -------- d-----w- c:\program files\Skype
2009-07-05 18:02 . 2007-11-10 19:02 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Skype
2009-07-05 18:02 . 2009-07-05 18:02 -------- d-----w- c:\program files\Common Files\Skype
2009-07-01 22:15 . 2004-08-04 12:00 2944 ------w- c:\windows\system32\drivers\null.sys
2009-06-26 16:51 . 2004-08-04 12:00 669184 ------w- c:\windows\system32\wininet.dll
2009-06-26 16:51 . 2004-08-04 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll
2009-06-24 18:06 . 2007-11-10 19:44 88336 -c–a-w- c:\documents and settings\Karol\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
2009-06-23 11:55 . 2004-08-04 12:00 89874 ----a-w- c:\windows\system32\perfc015.dat
2009-06-23 11:55 . 2004-08-04 12:00 503306 ----a-w- c:\windows\system32\perfh015.dat
2009-06-16 14:40 . 2004-08-04 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-16 14:40 . 2004-08-04 12:00 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-12 13:43 . 2007-12-14 18:11 139152 -c–a-w- c:\documents and settings\Karol\Dane aplikacji\PnkBstrK.sys
2009-06-12 13:43 . 2007-12-14 18:11 794408 ----a-w- c:\windows\system32\pbsvc.exe
2009-06-12 13:43 . 2007-12-14 18:11 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-06-10 18:23 . 2008-02-07 16:12 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“avast!”=“c:\progra~1\ALWILS~1\Avast4\ashDisp.exe” [2009-08-17 81000]
“RivaTunerStartupDaemon”=“c:\program files\RivaTuner v2.24\RivaTuner.exe” [2009-02-25 2781184]
“nwiz”=“c:\program files\NVIDIA Corporation\nView\nwiz.exe” [2009-08-12 1657376]
“NvCplDaemon”=“c:\windows\system32\NvCpl.dll” [2009-08-17 13877248]
“NvMediaCenter”=“c:\windows\system32\NvMcTray.dll” [2009-08-17 86016]
[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
“CTFMON.EXE”=“c:\windows\system32\CTFMON.EXE” [2008-04-14 15360]
[HKLM~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKLM~\startupfolder\C:^Documents and Settings^Karol^Menu Start^Programy^Autostart^OpenOffice.org 2.3.lnk]
path=c:\documents and settings\Karol\Menu Start\Programy\Autostart\OpenOffice.org 2.3.lnk
backup=c:\windows\pss\OpenOffice.org 2.3.lnkStartup
[HKLM~\startupfolder\C:^Documents and Settings^Karol^Menu Start^Programy^Autostart^OpenOffice.org 3.0.lnk]
path=c:\documents and settings\Karol\Menu Start\Programy\Autostart\OpenOffice.org 3.0.lnk
backup=c:\windows\pss\OpenOffice.org 3.0.lnkStartup
[HKLM~\startupfolder\C:^Documents and Settings^Karol^Menu Start^Programy^Autostart^Registration Assassin’s Creed.LNK]
path=c:\documents and settings\Karol\Menu Start\Programy\Autostart\Registration Assassin’s Creed.LNK
backup=c:\windows\pss\Registration Assassin’s Creed.LNKStartup
[HKLM~\startupfolder\C:^Documents and Settings^Karol^Menu Start^Programy^Autostart^Registration Ghost Recon Advanced Warfighter.LNK]
path=c:\documents and settings\Karol\Menu Start\Programy\Autostart\Registration Ghost Recon Advanced Warfighter.LNK
backup=c:\windows\pss\Registration Ghost Recon Advanced Warfighter.LNKStartup
[HKLM~\startupfolder\C:^Documents and Settings^Karol^Menu Start^Programy^Autostart^rncsys32.exe]
path=c:\documents and settings\Karol\Menu Start\Programy\Autostart\rncsys32.exe
backup=c:\windows\pss\rncsys32.exeStartup
[HKLM~\startupfolder\C:^Documents and Settings^Karol^Menu Start^Programy^Autostart^Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk]
path=c:\documents and settings\Karol\Menu Start\Programy\Autostart\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk
backup=c:\windows\pss\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnkStartup
[HKLM~\startupfolder\C:^Documents and Settings^Karol^Menu Start^Programy^Autostart^Xfire.lnk]
path=c:\documents and settings\Karol\Menu Start\Programy\Autostart\Xfire.lnk
backup=c:\windows\pss\Xfire.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
“FirewallOverride”=dword:00000001
[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
“EnableFirewall”= 0 (0x0)
[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
“c:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe”=
“c:\WINDOWS\system32\sessmgr.exe”=
“c:\Program Files\DAEMON Tools Lite\daemon.exe”=
“c:\WINDOWS\system32\freecell.exe”=
“c:\Program Files\MSN Gaming Zone\Windows\bckgzm.exe”=
“c:\Program Files\WinRAR\WinRAR.exe”=
“c:\Program Files\CCleaner\CCleaner.exe”=
“c:\WINDOWS\system32\cmd.exe”=
“c:\WINDOWS\system32\dplaysvr.exe”=
“c:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3sp.exe”=
“c:\WINDOWS\system32\PnkBstrA.exe”=
“c:\WINDOWS\system32\PnkBstrB.exe”=
“%windir%\Network Diagnostic\xpnetdiag.exe”=
“%windir%\system32\sessmgr.exe”=
“c:\Program Files\DNA\btdna.exe”=
“c:\Program Files\BitTorrent\bittorrent.exe”=
“c:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe”=
“c:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE”=
“c:\Program Files\Microsoft Office\Office12\GROOVE.EXE”=
“c:\Program Files\Microsoft Office\Office12\ONENOTE.EXE”=
“c:\Program Files\Electronic Arts\Battlefield 2142\BF2142.exe”=
“c:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe”=
“c:\Program Files\HP\Digital Imaging\bin\hpqste08.exe”=
“c:\Program Files\HP\Digital Imaging\bin\hposid01.exe”=
“c:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe”=
“c:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe”=
“c:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe”=
“c:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe”=
“c:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe”=
“c:\Program Files\HP\Digital Imaging\bin\hpqpse.exe”=
“c:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe”=
“c:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe”=
“c:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe”=
“c:\Program Files\Steam\steamapps\common\empire total war\Empire.exe”=
“c:\Program Files\Steam\steamapps\common\dawn of war 2\DOW2.exe”=
“c:\Program Files\Electronic Arts\BattleForge\Bootstrapper.exe”=
“c:\Program Files\Electronic Arts\BattleForge\BattleForge.exe”=
“c:\Program Files\Skype\Phone\Skype.exe”=
[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
“1234:UDP”= 1234:UDP:Petroglyph
“6500:UDP”= 6500:UDP:GameSpy
“6112:UDP”= 6112:UDP:DoW
“6881:TCP”= 6881:TCP:BitTorrent
“6882:TCP”= 6882:TCP:BitTorrent
“6883:TCP”= 6883:TCP:BitTorrent
“6884:TCP”= 6884:TCP:BitTorrent
“6885:TCP”= 6885:TCP:BitTorrent
“6886:TCP”= 6886:TCP:BitTorrent
“6888:TCP”= 6888:TCP:BitTorrent
“6887:TCP”= 6887:TCP:BitTorrent
“6889:TCP”= 6889:TCP:BitTorrent
“7001:TCP”= 7001:TCP:Quest3d
“7001:UDP”= 7001:UDP:Quest3d
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-06-03 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-06-03 20560]
R2 PStrip;PStrip;c:\windows\system32\drivers\pstrip.sys [2007-07-15 27992]
R2 Vcs;Vcs support;c:\windows\system32\drivers\Vcs.sys [2008-07-15 6852]
R3 DAdderFltr;DeathAdder Mouse;c:\windows\system32\drivers\dadder.sys [2008-06-23 10880]
S1 archlp;archlp;c:\windows\system32\drivers\archlp.sys --> c:\windows\system32\drivers\archlp.sys [?]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2005-08-02 32512]
S3 o1394bul;o1394bul;??\c:\docume~1\Karol\USTAWI~1\Temp\o1394bul.sys --> c:\docume~1\Karol\USTAWI~1\Temp\o1394bul.sys [?]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Zawartość folderu ‘Zaplanowane zadania’
2009-08-29 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.google.pl/
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://toolbar.ask.com/toolbarv/askRedi … t=&gc=1&q=%s
IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: %SYSTEMROOT%\system32\nvappfilter.dll
DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - hxxps://www.battlefieldheroes.com/stati … 0.17.0.cab
FF - ProfilePath - c:\documents and settings\Karol\Dane aplikacji\Mozilla\Firefox\Profiles\g3j713xr.default\
FF - prefs.js: browser.startup.homepage - hxxp://google.pl
FF - plugin: c:\documents and settings\Karol\Dane aplikacji\Nowe Gadu-Gadu_userdata\npgg.1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-03 17:47
Windows 5.1.2600 Dodatek Service Pack 3 NTFS
skanowanie ukrytych procesów …
skanowanie ukrytych wpisów autostartu …
skanowanie ukrytych plików …
skanowanie pomyślnie ukończone
ukryte pliki: 0
**************************************************************************
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
[HKEY_USERS\S-1-5-21-1214440339-1606980848-839522115-1003\Software\SecuROM!CAUTION! NEVER A OR CHANGE ANY KEY*]
“??”=hex:29,55,99,8a,aa,65,7f,2c,c7,1a,40,a0,88,31,86,71,99,c4,78,a4,09,0d,7f,
cb,5a,8c,d5,87,cc,2f,79,2a,52,4e,c1,25,81,5f,dd,f1,7d,e2,d9,1a,0a,24,3f,c6,\
“??”=hex:e2,06,90,c3,a9,ab,f7,ca,1c,f7,63,d7,3e,f2,89,5d
[HKEY_USERS\S-1-5-21-1214440339-1606980848-839522115-1003\Software\SecuROM\License information*]
“datasecu”=hex:29,4b,e9,8b,5b,4b,d6,81,09,28,56,40,26,79,36,b5,79,d0,fb,6c,4b,
c4,07,95,f6,ad,04,06,1c,83,e2,fd,83,95,78,9e,58,d9,13,f8,44,7b,c2,e8,80,de,\
“rkeysecu”=hex:cf,0c,dd,83,33,6b,5c,6e,7a,bd,2d,e9,83,7a,b4,54
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------
-
-
-
-
-
-
- > ‘lsass.exe’(876)
-
-
-
-
-
c:\windows\system32\nvappfilter.dll
-
-
-
-
-
-
- > ‘explorer.exe’(752)
-
-
-
-
-
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Czas ukończenia: 2009-09-03 17:48
ComboFix-quarantined-files.txt 2009-09-03 15:48
ComboFix2.txt 2009-09-03 14:16
ComboFix3.txt 2009-08-24 18:29
ComboFix4.txt 2009-08-01 11:25
ComboFix5.txt 2009-09-03 15:45
Przed: 156 108 197 888 bajtów wolnych
Po: 156 068 765 696 bajtów wolnych
267 — E O F — 2009-07-29 15:03