Witam. Mam taką małą prośbę czy był by ktoś tak miły i sprawdził mi log z Combofixa, ponieważ wydaje mi się że coś w moim systemie pojawiło się niepożądanego
Oto log:
((((((((((((((((((((((((( Pliki utworzone od 2009-10-16 do 2009-11-16 )))))))))))))))))))))))))))))))
.
2009-11-16 20:30 . 2009-11-16 20:30 -------- d-----w- c:\program files\CCleaner
2009-11-15 18:46 . 2009-11-16 20:28 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Norton
2009-11-15 18:46 . 2009-11-15 18:46 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Symantec
2009-11-15 18:46 . 2009-11-15 18:46 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\NortonInstaller
2009-11-15 18:13 . 2009-11-15 18:13 -------- d-----w- c:\windows\system32\Adobe
2009-11-15 10:40 . 2009-11-15 10:40 -------- d-----w- c:\windows\system32\wbem\Repository
2009-11-14 20:55 . 2009-11-14 20:55 -------- d-----w- c:\documents and settings\rulontoczajnik\Ustawienia lokalne\Dane aplikacji\Stardock
2009-11-14 20:55 . 2009-11-15 10:40 -------- dc----w- c:\documents and settings\All Users\Dane aplikacji{DE032019-B933-4DF4-9174-48C52613DA13}
2009-11-14 20:55 . 2009-11-14 20:55 -------- d-----w- c:\program files\Stardock
2009-11-11 11:14 . 2009-11-11 11:14 -------- d-----w- c:\program files\eMule
2009-11-07 14:42 . 2009-11-07 14:42 33808 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\klbg.sys
2009-11-07 14:42 . 2009-11-07 14:42 213520 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\XP\klif.sys
2009-11-07 14:42 . 2009-11-07 14:42 21256 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\vkbd.dll
2009-11-07 13:46 . 2009-11-07 13:46 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files
2009-11-06 21:55 . 2009-11-06 21:55 -------- d-----w- c:\documents and settings\rulontoczajnik\LOG
2009-11-06 21:16 . 2009-11-14 20:30 -------- d-----w- c:\documents and settings\rulontoczajnik\Ustawienia lokalne\Dane aplikacji\ESL Wire Game Client
2009-11-06 21:15 . 2009-10-20 13:58 23512 ----a-w- c:\windows\system32\drivers\ESLvnic.sys
2009-11-06 21:15 . 2009-11-06 21:15 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\ESL Wire
2009-11-06 21:15 . 2009-11-14 15:50 -------- d-----w- c:\program files\EslWire
2009-11-06 15:50 . 2009-11-07 12:18 -------- d-----w- c:\program files\Debugging Tools for Windows (x86)
2009-11-06 11:28 . 2008-04-14 22:50 26624 ----a-w- c:\documents and settings\LocalService\Dane aplikacji\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2009-11-05 15:11 . 2008-07-08 00:45 4984 ----a-w- c:\windows\system32\drivers\nvphy.bin
2009-11-05 15:11 . 2008-07-29 12:33 446464 ----a-w- c:\windows\system32\nvunrm.exe
2009-11-04 18:08 . 2009-11-04 18:42 -------- d-----w- C:\Fraps
2009-11-04 18:01 . 2009-11-04 18:01 -------- d-----w- c:\program files\NVIDIA Corporation
2009-11-04 18:01 . 2009-11-04 18:01 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\NVIDIA Corporation
2009-11-04 18:01 . 2009-07-14 18:54 485920 ----a-w- c:\windows\system32\nvudisp.exe
2009-11-04 18:00 . 2009-07-10 06:01 485920 ----a-w- c:\windows\system32\NVUNINST.EXE
2009-11-04 18:00 . 2009-07-14 18:54 868352 ----a-w- c:\windows\system32\nvapi.dll
2009-11-04 18:00 . 2009-07-14 18:54 2189856 ----a-w- c:\windows\system32\nvcuvid.dll
2009-11-04 18:00 . 2009-07-14 18:54 2002944 ----a-w- c:\windows\system32\nvcuda.dll
2009-11-04 18:00 . 2009-07-14 18:54 1706528 ----a-w- c:\windows\system32\nvcuvenc.dll
2009-11-04 18:00 . 2009-07-14 18:54 151552 ----a-w- c:\windows\system32\nvcodins.dll
2009-11-04 18:00 . 2009-07-14 18:54 151552 ----a-w- c:\windows\system32\nvcod.dll
2009-11-04 18:00 . 2009-07-14 18:54 10457088 ----a-w- c:\windows\system32\nvoglnt.dll
2009-11-04 18:00 . 2009-07-14 18:54 1597690 ----a-w- c:\windows\system32\nvdata.bin
2009-11-04 18:00 . 2009-11-05 15:10 -------- d-----w- C:\NVIDIA
2009-11-04 17:46 . 2007-10-23 08:27 110592 ----a-w- c:\documents and settings\rulontoczajnik\Dane aplikacji\U3\temp\cleanup.exe
2009-11-04 17:43 . 2008-05-02 09:41 3493888 —ha-w- c:\documents and settings\rulontoczajnik\Dane aplikacji\U3\temp\Launchpad Removal.exe
2009-11-04 17:43 . 2009-11-04 17:46 -------- d-----w- c:\documents and settings\rulontoczajnik\Dane aplikacji\U3
2009-11-04 17:42 . 2008-04-13 23:15 26368 -c–a-w- c:\windows\system32\dllcache\usbstor.sys
2009-11-03 19:58 . 2009-11-16 20:30 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Spybot - Search & Destroy
2009-11-03 19:58 . 2009-11-03 19:58 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-11-02 19:25 . 2009-11-02 19:25 -------- d-----w- c:\documents and settings\rulontoczajnik\Dane aplikacji\ACD Systems
2009-11-01 12:35 . 2008-04-14 22:51 221184 ----a-w- c:\windows\system32\wmpns.dll
2009-11-01 11:15 . 2008-06-14 17:36 273024 -c----w- c:\windows\system32\dllcache\bthport.sys
2009-11-01 11:15 . 2008-06-14 17:36 273024 ------w- c:\windows\system32\drivers\bthport.sys
2009-11-01 10:58 . 2008-10-24 11:21 455296 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2009-11-01 10:50 . 2009-08-04 17:29 2146816 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-11-01 10:50 . 2009-08-04 17:29 2067328 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2009-11-01 10:50 . 2009-08-04 17:29 2025472 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2009-10-31 13:57 . 2009-10-31 13:57 -------- d-----w- c:\windows\Sun
2009-10-31 13:48 . 2009-10-31 13:48 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-31 13:48 . 2009-10-31 13:48 -------- d-----w- c:\program files\Java
2009-10-31 13:48 . 2009-10-31 13:54 152576 ----a-w- c:\documents and settings\rulontoczajnik\Dane aplikacji\Sun\Java\jre1.6.0_16\lzma.dll
2009-10-31 09:54 . 2009-11-16 18:49 -------- d-----w- c:\documents and settings\rulontoczajnik\Dane aplikacji\HLSW
2009-10-31 09:54 . 2009-10-31 09:54 -------- d-s—w- c:\program files\HLSW
2009-10-31 09:04 . 2009-10-31 09:04 -------- d-----w- c:\documents and settings\LocalService\Menu Start
2009-10-30 20:38 . 2009-10-30 20:38 -------- d-----w- c:\windows\system32\XPSViewer
2009-10-30 20:38 . 2009-10-30 20:38 -------- d-----w- c:\program files\MSBuild
2009-10-30 20:38 . 2009-10-30 20:38 -------- d-----w- c:\program files\Reference Assemblies
2009-10-30 20:38 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-10-30 20:38 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-10-30 20:38 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-10-30 20:38 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2009-10-30 20:38 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-10-30 20:38 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-10-30 20:38 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-10-30 20:38 . 2009-10-30 20:38 -------- d-----w- C:\424a7b8990732f961afb83
2009-10-30 19:09 . 2009-10-30 19:09 -------- d-----w- c:\program files\AVG
2009-10-30 16:57 . 2009-08-29 07:30 52224 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2009-10-30 16:57 . 2009-08-29 07:30 268288 -c----w- c:\windows\system32\dllcache\iertutil.dll
2009-10-30 16:57 . 2009-06-29 08:33 2452872 -c----w- c:\windows\system32\dllcache\ieapfltr.dat
2009-10-30 16:57 . 2009-08-29 07:30 380928 -c----w- c:\windows\system32\dllcache\ieapfltr.dll
2009-10-30 16:57 . 2009-08-28 10:28 13824 -c----w- c:\windows\system32\dllcache\ieudinit.exe
2009-10-30 16:57 . 2009-08-29 07:30 459264 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2009-10-30 16:57 . 2009-08-29 07:30 63488 -c----w- c:\windows\system32\dllcache\icardie.dll
2009-10-30 16:57 . 2009-08-29 07:30 6067200 -c----w- c:\windows\system32\dllcache\ieframe.dll
2009-10-30 16:43 . 2008-07-09 07:57 26488 ----a-w- c:\windows\system32\spupdsvc.exe
2009-10-30 15:20 . 2009-10-30 15:20 -------- d-----w- c:\documents and settings\rulontoczajnik\Ustawienia lokalne\Dane aplikacji\ESET
2009-10-30 15:20 . 2009-10-30 15:20 -------- d-----w- c:\program files\Microsoft Studio
2009-10-30 14:56 . 2009-10-30 14:56 -------- d-----w- c:\documents and settings\rulontoczajnik\Dane aplikacji\ESET
2009-10-30 14:49 . 2009-10-30 14:49 10134 ----a-r- c:\documents and settings\rulontoczajnik\Dane aplikacji\Microsoft\Installer{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
2009-10-30 14:49 . 2009-10-30 14:49 -------- d-----w- c:\program files\Microsoft WSE
2009-10-30 14:49 . 2008-09-04 18:17 447752 ----a-w- c:\windows\system32\vp6vfw.dll
2009-10-30 14:49 . 2009-10-30 14:53 -------- d-----w- c:\documents and settings\rulontoczajnik\Dane aplikacji\Ventrilo
2009-10-30 14:48 . 2006-09-28 15:05 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll
2009-10-30 14:42 . 2009-11-07 13:37 -------- d-----w- c:\program files\ESET
2009-10-30 14:37 . 2009-10-30 14:37 -------- d-----w- c:\program files\Electronic Arts
2009-10-30 13:44 . 2009-10-30 13:44 -------- d-----w- c:\program files\Ventrilo
2009-10-30 12:43 . 2009-11-02 19:25 -------- d-----w- c:\documents and settings\rulontoczajnik\Ustawienia lokalne\Dane aplikacji\ACD Systems
2009-10-30 12:43 . 2009-10-30 12:43 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\ACD Systems
2009-10-30 12:43 . 2009-10-30 12:43 -------- d-----w- c:\program files\Common Files\ACD Systems
2009-10-30 12:43 . 2009-10-30 12:43 -------- d-----w- c:\program files\ACD Systems
2009-10-30 12:43 . 2009-10-30 12:43 10368 ----a-w- c:\windows\system32\drivers\pfc.sys
2009-10-30 12:43 . 2009-10-30 12:43 -------- d-----w- c:\windows\Downloaded Installations
2009-10-30 12:29 . 2009-10-30 12:29 0 ----a-w- c:\windows\nsreg.dat
2009-10-30 12:29 . 2009-10-30 12:29 -------- d-----w- c:\documents and settings\rulontoczajnik\Ustawienia lokalne\Dane aplikacji\Mozilla
2009-10-30 12:26 . 2009-10-31 11:04 12328 ----a-w- c:\documents and settings\rulontoczajnik\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
2009-10-30 12:06 . 2009-10-30 12:06 -------- d-----w- c:\documents and settings\rulontoczajnik\Ustawienia lokalne\Dane aplikacji\cache
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-16 20:53 . 2009-10-30 11:43 -------- d-----w- c:\program files\Steam
2009-11-16 20:52 . 2009-11-07 13:47 3164 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-11-16 20:52 . 2009-11-07 13:47 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Kaspersky Lab
2009-11-16 20:52 . 2009-11-07 13:47 303136 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-11-16 20:51 . 2009-11-07 13:47 1207840 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-11-16 20:51 . 2009-11-07 13:47 11564 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-11-15 20:25 . 2009-10-30 11:44 -------- d-----w- c:\documents and settings\rulontoczajnik\Dane aplikacji\mIRC
2009-11-15 12:06 . 2009-10-30 11:44 -------- d-----w- c:\program files\mIRC
2009-11-07 14:42 . 2008-01-29 17:29 33808 ----a-w- c:\windows\system32\drivers\klbg.sys
2009-11-07 14:42 . 2009-11-07 13:47 95259 ----a-w- c:\windows\system32\drivers\klick.dat
2009-11-07 14:42 . 2009-11-07 13:47 108059 ----a-w- c:\windows\system32\drivers\klin.dat
2009-11-07 14:42 . 2009-11-07 14:42 861448 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\updater.dll
2009-11-07 14:41 . 2009-11-07 14:41 83208 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\mzvkbd.dll
2009-11-07 14:41 . 2009-11-07 14:41 62728 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\ievkbd.dll
2009-11-07 14:41 . 2009-11-07 14:41 43784 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\fssync.dll
2009-11-07 14:41 . 2009-11-07 14:41 365832 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\ckahum.dll
2009-11-07 14:41 . 2009-11-07 14:41 201992 ----a-w- c:\documents and settings\All Users\Dane aplikacji\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\avp.exe
2009-11-07 13:47 . 2009-11-07 13:47 -------- d-----w- c:\program files\Kaspersky Lab
2009-11-06 17:41 . 2001-10-26 19:15 83880 ----a-w- c:\windows\system32\perfc015.dat
2009-11-06 17:41 . 2001-10-26 19:15 490628 ----a-w- c:\windows\system32\perfh015.dat
2009-11-04 18:03 . 2009-10-30 11:09 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-11-04 18:02 . 2009-10-30 11:09 -------- d-----w- c:\program files\AGEIA Technologies
2009-11-01 11:24 . 2009-10-30 10:53 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-11-01 10:37 . 2009-10-30 11:58 -------- d-----w- c:\documents and settings\rulontoczajnik\Dane aplikacji\Nowe Gadu-Gadu
2009-10-30 14:55 . 2009-10-30 11:28 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\ESET
2009-10-30 14:37 . 2009-10-30 11:03 -------- d–h--w- c:\program files\InstallShield Installation Information
2009-10-30 12:22 . 2009-10-30 12:02 -------- d-----w- c:\documents and settings\rulontoczajnik\Dane aplikacji\Winamp
2009-10-30 12:04 . 2009-10-30 11:58 -------- d-----w- c:\program files\Nowe Gadu-Gadu
2009-10-30 12:02 . 2009-10-30 12:02 -------- d-----w- c:\program files\Winamp
2009-10-30 11:49 . 2009-10-30 11:30 -------- d-----w- c:\documents and settings\rulontoczajnik\Dane aplikacji\Comodo
2009-10-30 11:49 . 2009-10-30 11:30 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\comodo
2009-10-30 11:49 . 2009-10-30 11:30 -------- d-----w- c:\program files\COMODO
2009-10-30 11:33 . 2009-10-30 11:33 -------- d-----w- c:\documents and settings\rulontoczajnik\Dane aplikacji\Media Player Classic
2009-10-30 11:33 . 2009-10-30 11:33 -------- d-----w- c:\program files\Essentials Codec Pack
2009-10-30 11:25 . 2009-10-30 11:25 -------- d-----w- c:\program files\A4Tech
2009-10-30 11:16 . 2009-10-30 11:16 -------- d-----w- c:\program files\SAGEM WiFi manager
2009-10-30 11:16 . 2009-10-30 11:16 -------- d-----w- c:\program files\SAGEM
2009-10-30 11:12 . 2009-10-30 11:03 -------- d-----w- c:\program files\Common Files\InstallShield
2009-10-30 11:07 . 2009-10-30 11:07 -------- d-----w- c:\program files\EXPERTool
2009-10-30 11:06 . 2009-10-30 11:00 15600 ----a-w- c:\windows\gdrv.sys
2009-10-30 11:03 . 2009-10-30 11:03 -------- d-----w- c:\program files\Realtek
2009-10-30 11:03 . 2009-10-30 11:03 315392 ----a-w- c:\windows\HideWin.exe
2009-10-30 11:03 . 2009-10-30 11:03 -------- d-----w- c:\program files\DIFX
2009-10-30 11:01 . 2009-10-30 11:01 -------- d-----w- c:\documents and settings\rulontoczajnik\Dane aplikacji\InstallShield
2009-10-30 10:54 . 2009-10-30 10:54 -------- d-----w- c:\program files\microsoft frontpage
2009-10-30 10:53 . 2009-10-30 10:53 -------- d-----w- c:\program files\Usługi online
2009-10-30 10:51 . 2009-10-30 10:51 21856 ----a-w- c:\windows\system32\emptyregdb.dat
2009-10-30 10:50 . 2009-10-30 10:50 -------- d-----w- c:\program files\Windows Media Connect 2
2009-10-29 04:48 . 2009-10-29 04:48 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-10-29 04:48 . 2009-10-29 04:48 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-10-16 12:19 . 2009-10-16 12:19 86016 ----a-w- c:\windows\system32\frapsvid.dll
2009-09-11 14:19 . 2008-04-14 22:50 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 21:05 . 2008-04-14 22:50 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-31 16:07 . 2009-08-31 16:07 42088 ----a-w- c:\documents and settings\rulontoczajnik\Dane aplikacji\Nowe Gadu-Gadu_userdata\ggbho.1.dll
2009-08-29 07:31 . 2008-04-25 14:08 832512 ----a-w- c:\windows\system32\wininet.dll
2009-08-29 07:30 . 2008-04-25 14:08 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-08-29 07:30 . 2008-04-25 14:08 17408 ----a-w- c:\windows\system32\corpol.dll
2009-08-26 08:02 . 2008-04-14 22:50 247326 ----a-w- c:\windows\system32\strmdll.dll
.
------- Sigcheck -------
[-] 2008-04-25 . C8BDAD4065118558B3DC360FC96D81DB . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“Steam”=“c:\program files\Steam\Steam.exe” [2009-11-16 1217808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“Media Codec Update Service”=“c:\program files\Essentials Codec Pack\update.exe” [2007-04-08 303104]
“SunJavaUpdateSched”=“c:\program files\Java\jre6\bin\jusched.exe” [2009-10-31 149280]
“NvCplDaemon”=“c:\windows\system32\NvCpl.dll” [2009-07-14 13877248]
“NvMediaCenter”=“c:\windows\system32\NvMcTray.dll” [2009-07-14 86016]
“AVP”=“c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe” [2009-11-07 201992]
[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
“CTFMON.EXE”=“c:\windows\system32\CTFMON.EXE” [2008-04-14 15360]
[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
“nltide_2”=“shell32” [X]
c:\documents and settings\All Users\Menu Start\Programy\Autostart\
Program sieciowy dla SAGEM Wi-Fi 11g USB adapter.lnk - c:\program files\SAGEM WiFi manager\WLANUTL.exe [2009-10-30 950272]
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
“DisableMonitoring”=dword:00000001
[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
“%windir%\Network Diagnostic\xpnetdiag.exe”=
“%windir%\system32\sessmgr.exe”=
“c:\Program Files\Nowe Gadu-Gadu\gg.exe”=
“c:\Program Files\Steam\steamapps\piesekhau1\counter-strike\hl.exe”=
“c:\Program Files\mIRC\mirc.exe”=
“c:\Program Files\HLSW\hlsw.exe”=
“c:\Program Files\EslWire\wire.exe”=
“c:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files\Kaspersky Anti-Virus 2009\english\setup.exe”=
“c:\Program Files\eMule\emule.exe”=
“c:\Program Files\Steam\Steam.exe”=
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-01-29 33808]
R3 ESLvnic1;ESLvnic Virtual Network 32 Bit;c:\windows\system32\drivers\ESLvnic.sys [2009-11-06 23512]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2008-03-25 24592]
R3 SG762_XP;SAGEM 802.11g XG762 1211B Driver;c:\windows\system32\drivers\WlanBZXP.sys [2009-10-30 450560]
S3 ZDCndis5;ZDCndis5 Protocol Driver;??\c:\windows\system32\ZDCndis5.SYS --> c:\windows\system32\ZDCndis5.SYS [?]
.
.
------- Skan uzupełniający -------
.
uInternet Connection Wizard,ShellNext = iexplore
FF - ProfilePath - c:\documents and settings\rulontoczajnik\Dane aplikacji\Mozilla\Firefox\Profiles\wixxts7i.default\
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX - SPOSÓB POSTĘPOWANIA ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref(“security.ssl3.rsa_seed_sha”, true);
.
-
-
-
- USUNIĘTO PUSTE WPISY - - - -
-
-
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-16 21:52
Windows 5.1.2600 Dodatek Service Pack 3 NTFS
skanowanie ukrytych procesów …
skanowanie ukrytych wpisów autostartu …
skanowanie ukrytych plików …
skanowanie pomyślnie ukończone
ukryte pliki: 0
**************************************************************************
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------
-
-
-
-
-
-
- > ‘winlogon.exe’(1620)
-
-
-
-
-
c:\windows\system32\klogon.dll
-
-
-
-
-
-
- > ‘explorer.exe’(3460)
-
-
-
-
-
c:\windows\system32\WININET.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\RUNDLL32.EXE
.
**************************************************************************
.
Czas ukończenia: 2009-11-16 21:55 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt 2009-11-16 20:54
Przed: 16 657 285 120 bajtów wolnych
Po: 16 567 058 432 bajtów wolnych
WindowsXP-KB310994-SP2-Pro-BootDisk-PLK.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT=“Microsoft Windows Recovery Console” /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS=“Microsoft Windows XP Professional” /noexecute=optin /fastdetect /usepmtimer
-
- End Of File - - 24451B9ABC46F1DA368123F65A761B23