Witam!
Avast wykrył u mnie Win32:Kavos[Trj]. Proszę o pomoc i z góry dziękuje.
– Dodane 27.07.2009 (Pn) 1:13 –
Oto log z combofix
ComboFix 09-07-25.08 - Darek 2009-07-27 0:51:23.1.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.48.1045.18.2047.1243 [GMT 2:00]
Uruchomiony z: C:\Users\Darek\Desktop\ComboFix1.exe
AV: avast! antivirus 4.8.1229 [VPS 081123-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: avast! antivirus 4.8.1229 [VPS 081123-0] *enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\$RECYCLE.BIN\S-1-5-21-2152478756-3922319563-605102323-500
C:\$RECYCLE.BIN\S-1-5-21-216627001-1471573860-738629386-500
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
.
((((((((((((((((((((((((( Pliki utworzone od 2009-06-26 do 2009-07-26 )))))))))))))))))))))))))))))))
.
2009-07-26 23:08:02 . 2009-07-26 23:08:02 0 d-----w- C:\Users\Ula\AppData\Local\temp
2009-07-26 23:03:55 . 2009-07-26 23:03:55 0 d-----w- C:\Users\Iwona\AppData\Local\temp
2009-07-26 23:00:44 . 2009-07-26 23:00:44 0 d-----w- C:\Users\IUSR_NMPR\AppData\Local\temp
2009-07-26 22:46:46 . 2009-07-26 22:49:54 0 d-s---w- C:\ComboFix
2009-07-19 19:57:11 . 2009-07-19 19:57:11 0 d-----w- C:\Program Files\Vstplugins
2009-07-19 19:57:07 . 2009-07-19 19:57:07 0 d-----w- C:\ProgramData\Sony
2009-07-19 19:56:00 . 2009-07-19 19:56:00 0 d-----w- C:\Program Files\Sony Setup
2009-07-17 20:01:19 . 2009-07-17 20:02:33 5132604 ----a-w- C:\ProgramData\ArcSoft\Global Deploy\CheckUpdate\ArcConnect.exe
2009-07-16 15:51:40 . 2009-07-18 10:47:51 0 d-----w- C:\Users\Ula\AppData\Roaming\ArcSoft
2009-07-16 14:06:33 . 2009-07-16 14:13:22 0 d-----w- C:\Users\Iwona\AppData\Roaming\ArcSoft
2009-07-16 14:05:57 . 2009-07-16 14:05:57 0 d-sh--we C:\Windows\system32\config\systemprofile\Ustawienia lokalne
2009-07-16 14:05:57 . 2009-07-16 14:05:57 0 d-sh--we C:\Windows\system32\config\systemprofile\Dane aplikacji
2009-07-16 13:55:46 . 2009-07-16 15:49:26 0 d-----w- C:\Users\Iwona\AppData\Local\Microsoft Games
2009-07-15 06:06:52 . 2009-06-15 14:53:52 156672 ----a-w- C:\Windows\system32\t2embed.dll
2009-07-15 06:06:52 . 2009-06-15 14:52:42 23552 ----a-w- C:\Windows\system32\lpk.dll
2009-07-15 06:06:52 . 2009-06-15 14:52:19 72704 ----a-w- C:\Windows\system32\fontsub.dll
2009-07-15 06:06:52 . 2009-06-15 14:51:38 10240 ----a-w- C:\Windows\system32\dciman32.dll
2009-07-15 06:06:52 . 2009-06-15 12:42:30 289792 ----a-w- C:\Windows\system32\atmfd.dll
2009-07-06 07:38:48 . 2009-07-06 07:39:03 0 d-----w- C:\Windows\system32\ca-ES
2009-07-06 07:38:48 . 2009-07-06 07:39:02 0 d-----w- C:\Windows\system32\eu-ES
2009-07-06 07:38:47 . 2009-07-06 07:39:01 0 d-----w- C:\Windows\system32\vi-VN
2009-07-06 07:16:52 . 2009-07-06 07:16:53 0 d-----w- C:\Windows\system32\EventProviders
2009-07-06 07:12:59 . 2009-04-11 06:32:49 3549672 ----a-w- C:\Windows\system32\ntoskrnl.exe
2009-07-06 07:11:59 . 2009-04-11 06:28:24 376832 ----a-w- C:\Windows\system32\rasplap.dll
2009-07-06 07:10:30 . 2009-04-11 06:28:18 247808 ----a-w- C:\Windows\system32\drvstore.dll
2009-07-03 22:04:00 . 2009-07-03 22:04:00 0 d-----w- C:\Program Files\Yamicsoft
2009-06-28 17:07:16 . 2009-06-28 17:07:16 0 d-----w- C:\ProgramData\PC Suite
2009-06-28 17:06:00 . 2009-06-28 17:06:00 0 d-----w- C:\ProgramData\Nokia
2009-06-28 17:01:11 . 2009-06-28 16:53:50 24549928 ----a-w- C:\ProgramData\Installations\{9F59C3AE-81B0-4EF6-9762-D674BB079705}\NokiaSoftwareUpdaterSetup_pl.exe
2009-06-28 17:01:06 . 2009-06-28 17:01:06 36864 ----a-w- C:\ProgramData\Installations\{9F59C3AE-81B0-4EF6-9762-D674BB079705}\Installer\CommonCustomActions\Sleep.exe
2009-06-28 17:01:06 . 2009-06-28 17:01:06 3351812 ----a-w- C:\ProgramData\Installations\{9F59C3AE-81B0-4EF6-9762-D674BB079705}\Installer\CommonCustomActions\msxml6Exec.exe
2009-06-28 17:01:06 . 2009-06-28 17:01:06 3181612 ----a-w- C:\ProgramData\Installations\{9F59C3AE-81B0-4EF6-9762-D674BB079705}\Installer\CommonCustomActions\vcredistExec.exe
2009-06-28 17:00:48 . 2009-06-28 17:00:48 0 d-----w- C:\ProgramData\Installations
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-26 22:27:09 . 2007-06-23 10:22:03 704102 ----a-w- C:\Windows\system32\perfh015.dat
2009-07-26 22:27:09 . 2007-06-23 10:22:03 148654 ----a-w- C:\Windows\system32\perfc015.dat
2009-07-26 12:12:38 . 2008-10-13 21:01:31 12 ----a-w- C:\Windows\bthservsdp.dat
2009-07-22 19:55:27 . 2009-03-03 21:05:43 0 d-----w- C:\Program Files\Microsoft Silverlight
2009-07-19 19:56:59 . 2009-06-17 16:28:12 0 d-----w- C:\Program Files\Sony
2009-07-19 14:57:09 . 2009-05-07 08:27:21 0 d-----w- C:\Users\Darek\AppData\Roaming\ArcSoft
2009-07-17 20:04:43 . 2007-06-23 00:49:26 0 d--h--w- C:\Program Files\InstallShield Installation Information
2009-07-17 20:01:17 . 2009-05-04 15:15:32 0 d-----w- C:\ProgramData\ArcSoft
2009-07-16 22:05:33 . 2009-06-05 11:35:12 0 d-----w- C:\ProgramData\OpenFM
2009-07-15 09:39:05 . 2006-11-02 11:18:33 0 d-----w- C:\Program Files\Windows Mail
2009-07-06 07:39:10 . 2006-11-02 12:37:34 0 d-----w- C:\Program Files\Windows Calendar
2009-07-06 07:39:09 . 2006-11-02 12:37:34 0 d-----w- C:\Program Files\Windows Sidebar
2009-07-06 07:39:09 . 2006-11-02 12:37:34 0 d-----w- C:\Program Files\Windows Photo Gallery
2009-07-06 07:39:09 . 2006-11-02 12:37:34 0 d-----w- C:\Program Files\Windows Journal
2009-07-06 07:39:09 . 2006-11-02 12:37:34 0 d-----w- C:\Program Files\Windows Collaboration
2009-07-06 07:39:05 . 2006-11-02 12:37:34 0 d-----w- C:\Program Files\Windows Defender
2009-07-06 07:38:40 . 2006-11-02 10:25:05 665600 ----a-w- C:\Windows\inf\drvindex.dat
2009-07-06 07:22:23 . 2006-11-02 12:37:35 37665 ----a-w- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
2009-07-05 10:53:45 . 2009-04-19 19:19:11 0 d-----w- C:\Program Files\Pity 2008
2009-07-05 10:53:31 . 2009-06-09 06:17:05 0 d-----w- C:\Program Files\Nokia
2009-07-02 09:25:23 . 2008-10-13 19:50:54 0 d-----w- C:\Program Files\Spybot - Search & Destroy
2009-07-02 09:25:22 . 2008-10-13 19:50:54 0 d-----w- C:\ProgramData\Spybot - Search & Destroy
2009-07-01 12:10:23 . 2008-10-13 19:22:22 0 d-----w- C:\ProgramData\DVD Shrink
2009-06-28 17:15:21 . 2009-06-28 17:15:21 0 ---ha-w- C:\Windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-06-19 11:47:33 . 2009-06-19 11:46:23 0 d-----w- C:\Program Files\AVI ReComp
2009-06-19 11:47:29 . 2009-06-19 11:47:29 0 d-----w- C:\Program Files\Gabest
2009-06-19 11:47:14 . 2009-03-11 16:24:22 0 d-----w- C:\Program Files\XviD
2009-06-18 19:48:17 . 2009-06-18 19:48:11 0 d-----w- C:\Users\Darek\AppData\Roaming\Image Zone Express
2009-06-18 19:48:16 . 2009-06-18 19:48:12 0 d-----w- C:\Users\Darek\AppData\Roaming\Printer Info Cache
2009-06-18 09:14:10 . 2009-06-18 09:14:10 0 d-----w- C:\Users\Ula\AppData\Roaming\Publish Providers
2009-06-18 09:13:57 . 2009-06-18 09:13:57 0 d-----w- C:\Users\Ula\AppData\Roaming\Sony
2009-06-17 16:29:11 . 2009-06-17 16:29:11 0 d-----w- C:\Program Files\iZotope
2009-06-13 21:49:51 . 2009-06-13 21:49:51 0 d-----w- C:\Program Files\CardTest
2009-06-09 19:45:16 . 2008-10-06 20:01:10 0 d-----w- C:\ProgramData\Microsoft Help
2009-06-09 19:44:20 . 2007-06-23 01:06:54 0 d-----w- C:\Program Files\Microsoft Works
2009-06-09 18:09:54 . 2009-06-09 18:09:54 0 d-----w- C:\Users\Ula\AppData\Roaming\PC Suite
2009-06-09 06:28:37 . 2009-06-09 06:28:37 0 d-----w- C:\Users\Darek\AppData\Roaming\PC Suite
2009-06-09 06:27:55 . 2009-06-09 06:27:55 0 d-----w- C:\Users\Darek\AppData\Roaming\Nokia
2009-06-09 06:26:59 . 2009-06-09 06:26:59 0 d-----w- C:\ProgramData\NokiaMusic
2009-06-09 06:21:41 . 2009-06-09 06:21:41 0 d-----w- C:\Program Files\DIFX
2009-05-31 13:32:54 . 2009-05-31 13:32:54 0 d-----w- C:\Users\Ula\AppData\Roaming\Corel
2009-05-09 05:50:28 . 2009-06-09 19:40:14 915456 ----a-w- C:\Windows\system32\wininet.dll
2009-05-09 05:34:34 . 2009-06-09 19:40:13 71680 ----a-w- C:\Windows\system32\iesetup.dll
2009-05-07 14:16:24 . 2008-11-02 18:47:43 94944 ----a-w- C:\Users\Iwona\AppData\Local\GDIPFONTCACHEV1.DAT
2009-05-05 13:36:19 . 2008-11-02 17:37:14 94944 ----a-w- C:\Users\Ula\AppData\Local\GDIPFONTCACHEV1.DAT
2009-05-05 07:54:39 . 2008-10-22 17:41:26 94944 ----a-w- C:\Users\Darek\AppData\Local\GDIPFONTCACHEV1.DAT
2009-05-04 16:08:23 . 2009-05-04 16:08:23 56 ---ha-w- C:\ProgramData\ezsidmv.dat
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2009-04-11 06:28:03 1233920]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-02-28 15:07:58 1828136]
"CTSyncU.exe"="C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe" [2007-07-17 10:03:38 868352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCUTRAYICON"="FactoryMode" [X]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2008-01-18 21:38:40 1008184]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2006-09-28 13:42:24 65536]
"KBD"="C:\HP\KBD\KbdStub.EXE" [2006-12-08 16:16:56 65536]
"OsdMaestro"="C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 10:59:00 118784]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 19:52:38 49152]
"DT HPW"="C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe" [2007-01-16 15:12:04 280576]
"HPUsageTracking"="C:\Program Files\HP\HP UT\bin\hppusg.exe" [2007-05-04 11:14:04 36864]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 21:08:45 81000]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2008-01-10 18:57:00 92704]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2008-01-10 18:57:00 8530464]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2008-01-10 18:57:00 88608]
"CTCheck"="C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe" [2007-11-06 10:08:10 397312]
"Windows Mobile-based device management"="C:\Windows\WindowsMobile\wmdSync.exe" [2006-11-01 23:46:00 215552]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2009-01-05 15:18:48 413696]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 16:10:28 35696]
"SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" [2009-03-09 03:19:17 148888]
"ArcSoft Connection Service"="C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2009-07-10 11:59:22 195072]
"RtHDVCpl"="RtHDVCpl.exe" - C:\WINDOWS\RtHDVCpl.exe [2007-03-01 15:38:48 4390912]
"SPIRunE"="SPIRunE.dll" - C:\WINDOWS\System32\SpiRunE.dll [2007-05-09 01:07:42 18432]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="C:\Windows\SMINST\launcher.exe" [2007-03-07 09:09:52 44168]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):ad,cd,e8,95,0d,fe,c9,01
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{A79A83BF-CB7E-4FD4-9AAC-AC85CE4287EE}"= UDP:C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.exe:SPCM
"{95187053-5987-4630-9350-6566686D798E}"= TCP:C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.exe:SPCM
"{B913003D-7B77-41B3-A273-D108FF9765E2}"= UDP:C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe:Intel(R) Viiv(TM) Media Server
"{8F825EC1-17D2-40EC-A70A-BE78FA438992}"= TCP:C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe:Intel(R) Viiv(TM) Media Server
"{BCE6C658-40D7-4A35-87FF-95C4D606E7C4}"= UDP:C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe:Intel(R) Remoting Service
"{76FAB58D-9F96-48DF-B4E6-4D258253EE87}"= TCP:C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe:Intel(R) Remoting Service
"{A2D36DD1-D6F0-4E92-99C3-9CE34DD22DA2}"= TCP:9442:127.0.0.1:Intel(R) Viiv(TM) Media Server Discovery
"{FE4C5E69-B801-49BC-8B98-5795CE4DDACB}"= TCP:1900:LocalSubnet:LocalSubnet:Intel(R) Viiv(TM) Media Server UPnP Discovery
"{15DD2DBF-61E4-472A-BD15-98FCA5B8ECAD}"= UDP:C:\WINDOWS\System32\spool\drivers\w32x86\3\HP1006MC.EXE:SMLMProxy Module - HP1006MC.EXE
"{CDE4D6F3-C5F7-4BF5-8360-882F9E09C7F2}"= TCP:C:\WINDOWS\System32\spool\drivers\w32x86\3\HP1006MC.EXE:SMLMProxy Module - HP1006MC.EXE
"{2A9062EF-BD05-4FCD-89C0-0FF8C673FA73}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{3D9368F8-B4B4-4F75-9811-3EDD3618E1B9}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"TCP Query User{36A89111-3B3E-44E2-B2F1-2F9C779E6312}C:\\program files\\przydatne aplikacje\\emule\\emule.exe"= UDP:C:\program files\przydatne aplikacje\emule\emule.exe:eMule
"UDP Query User{A9454CDD-10FB-4C3B-958F-0FE9DF595E08}C:\\program files\\przydatne aplikacje\\emule\\emule.exe"= TCP:C:\program files\przydatne aplikacje\emule\emule.exe:eMule
"TCP Query User{968217CB-304A-4C56-8196-E0E32367C7FF}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{F354FABC-19F3-496C-AADA-5974AD2515B0}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{8AB57C02-E281-406F-BB5D-7A310A41CECD}C:\\program files\\przydatne aplikacje\\gadu-gadu\\gg.exe"= UDP:C:\program files\przydatne aplikacje\gadu-gadu\gg.exe:Gadu-Gadu - program główny
"UDP Query User{E0AD0F13-53CE-419A-B78E-EB37BCCCE40C}C:\\program files\\przydatne aplikacje\\gadu-gadu\\gg.exe"= TCP:C:\program files\przydatne aplikacje\gadu-gadu\gg.exe:Gadu-Gadu - program główny
"{67DA7F3B-6335-4C08-A642-8F584A1F40FA}"= UDP:C:\Program Files\DeviceLock\DLService.exe:DeviceLock Service
"{278BF1D6-FBF6-49B8-9530-FFF16889E287}"= TCP:C:\Program Files\DeviceLock\DLService.exe:DeviceLock Service
"TCP Query User{7C731DBA-3E34-4950-9878-A0E66B988233}C:\\program files\\przydatne aplikacje\\gadu-gadu\\nowe gadu-gadu\\gg.exe"= UDP:C:\program files\przydatne aplikacje\gadu-gadu\nowe gadu-gadu\gg.exe:Nowe Gadu-Gadu
"UDP Query User{D8047461-A585-49A7-9A4C-A1E50DA08A20}C:\\program files\\przydatne aplikacje\\gadu-gadu\\nowe gadu-gadu\\gg.exe"= TCP:C:\program files\przydatne aplikacje\gadu-gadu\nowe gadu-gadu\gg.exe:Nowe Gadu-Gadu
"TCP Query User{D4754C60-309F-460D-B930-3CC106119D35}C:\\program files\\novalogic\\delta force helikopter w ogniu\\dfbhd.exe"= UDP:C:\program files\novalogic\delta force helikopter w ogniu\dfbhd.exe:DFBHD
"UDP Query User{05988FCE-3E91-466A-982A-F6850B05AC7F}C:\\program files\\novalogic\\delta force helikopter w ogniu\\dfbhd.exe"= TCP:C:\program files\novalogic\delta force helikopter w ogniu\dfbhd.exe:DFBHD
"{0B36C78A-6CE5-4F6B-9DA7-6907585D16A0}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"TCP Query User{A3DF5D77-0657-4A6F-8772-F13D8E229EF0}C:\\program files\\ipla\\ipla.exe"= UDP:C:\program files\ipla\ipla.exe:ipla
"UDP Query User{0096F27C-2742-48DF-91C8-D8C54B9A0773}C:\\program files\\ipla\\ipla.exe"= TCP:C:\program files\ipla\ipla.exe:ipla
"{E4E8009A-1824-4A27-A11D-E91B474984A4}"= UDP:C:\Program Files\BitComet\BitComet.exe:BitComet.exe
"{C1B8FF71-C080-4B47-B521-B6AA25057DF4}"= TCP:C:\Program Files\BitComet\BitComet.exe:BitComet.exe
"TCP Query User{B706AB2F-3510-4EB3-95AF-1B11CF5BC25E}C:\\program files\\nokia\\nokia software updater\\nsu_ui_client.exe"= UDP:C:\program files\nokia\nokia software updater\nsu_ui_client.exe:Nokia Software Updater
"UDP Query User{39738302-C4E1-47BF-B8F6-6AAA81094F67}C:\\program files\\nokia\\nokia software updater\\nsu_ui_client.exe"= TCP:C:\program files\nokia\nokia software updater\nsu_ui_client.exe:Nokia Software Updater
"TCP Query User{F8CD1474-2085-4742-A73E-94ED6F3F1130}C:\\program files\\common files\\nokia\\service layer\\a\\nsl_host_process.exe"= UDP:C:\program files\common files\nokia\service layer\a\nsl_host_process.exe:Nokia Service Layer Host Process
"UDP Query User{8A9F36FC-15B0-4153-AB70-B38BA7E83CAB}C:\\program files\\common files\\nokia\\service layer\\a\\nsl_host_process.exe"= TCP:C:\program files\common files\nokia\service layer\a\nsl_host_process.exe:Nokia Service Layer Host Process
R0 pavboot;pavboot;C:\WINDOWS\System32\drivers\pavboot.sys [2008-10-13 22:52:19 28544]
R1 aswSP;avast! Self Protection;C:\WINDOWS\System32\drivers\aswSP.sys [2008-10-06 22:27:04 114768]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\System32\drivers\aswFsBlk.sys [2008-10-06 22:27:04 20560]
R2 aswMonFlt;aswMonFlt;C:\WINDOWS\System32\drivers\aswMonFlt.sys [2008-10-06 22:26:46 51792]
R2 DQLWinService;DQLWinService;C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [2006-09-03 10:32:28 208896]
R3 athrusb;Atheros Wireless LAN USB device driver;C:\WINDOWS\System32\drivers\athrusb.sys [2008-07-29 04:45:00 904192]
R3 t3;Sound Blaster X-Fi Xtreme Audio (Vista);C:\WINDOWS\System32\drivers\t3.sys [2008-10-05 21:04:24 404992]
S2 IntelDHSvcConf;Intel DH Service;C:\Program Files\Intel\IntelDH\Intel Media Server\tools\IntelDHSvcConf.exe [2006-05-10 09:13:52 29696]
S3 SG762_XP;SAGEM 802.11g XG762 1211B Driver;C:\WINDOWS\System32\drivers\WlanBZXP.sys [2008-07-28 23:41:26 450560]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
bthsvcs REG_MULTI_SZ BthServ
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
.
Zawartość folderu 'Zaplanowane zadania'
2009-06-09 C:\Windows\Tasks\User_Feed_Synchronization-{58C205B9-E994-4905-93DC-CD88C3A8EEA9}.job
- C:\Windows\system32\msfeedssync.exe [2009-04-29 20:48:47 . 2009-03-08 11:31:52]
2009-07-26 C:\Windows\Tasks\User_Feed_Synchronization-{5E65685C-03EA-4553-A619-96034890EEBB}.job
- C:\Windows\system32\msfeedssync.exe [2009-04-29 20:48:47 . 2009-03-08 11:31:52]
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.wp.pl/
IE: E&ksportuj do programu Microsoft Excel - C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
DPF: {1E53EA77-34F2-474E-9046-B2B0C86F1821} - hxxp://www.eska.pl/streamplayers/OggX.ocx
DPF: {4B4513E2-4E57-43DF-9496-FCD37E9DFA64} - hxxp://cached.gamedesire.com/g_bin/pl/navy_2_0_0_29.cab
DPF: {E95CF138-A587-4C54-8175-3AD80997CB14} - hxxp://cached.gamedesire.com/g_bin/pl/soccer_2_0_0_20.cab
.
– Dodane 27.07.2009 (Pn) 1:32 –