Normalnie już nie mam pomysłu :?
Od pewnego czasu w menedżerze zadań (Windows Vista HP SP2) mam plik svchost.exe, który zżera ok. 30-50% CPU.
Odwołuje się on do DCOMLAUNCH…
NOD niczego nie wykrywa, Outpost nie alarmuje, Trojan Remover niczego nie znalazł, Spybot mówi, że czysto.
W logu ComboFix nic nie znalazłem:
http://www.wklej.org/hash/85755473894/
ComboFix 10-05-03.01 - PC 2010-05-03 19:57:35.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.48.1045.18.2046.1348 [GMT 2:00]
Uruchomiony z: c:\users\PC\Desktop\ComboFix.exe
SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Rezydentny antywirus jest aktywny
.
((((((((((((((((((((((((( Pliki utworzone od 2010-04-03 do 2010-05-03 )))))))))))))))))))))))))))))))
.
2010-05-03 18:05 . 2010-05-03 18:05 -------- d-----w- c:\users\PC\AppData\Local\temp
2010-05-03 18:05 . 2010-05-03 18:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-05-03 16:53 . 2005-01-06 11:42 18612 ----a-w- c:\windows\system32\drivers\tosrfnds.sys
2010-05-03 16:39 . 2010-05-03 16:39 -------- d-----w- c:\program files\Common Files\Sony Shared
2010-05-03 16:39 . 2006-10-18 09:56 10216 ----a-w- c:\windows\system32\drivers\DMICall.sys
2010-05-02 23:18 . 2010-05-02 23:18 -------- d-----w- c:\program files\ESET
2010-05-02 22:57 . 2010-05-02 22:57 -------- d-----w- c:\program files\xp-AntiSpy
2010-05-02 20:50 . 2010-05-02 20:50 -------- d-----w- c:\program files\Sigmatel
2010-05-02 20:50 . 2007-09-13 13:45 102400 ----a-w- c:\windows\system32\stacsv.exe
2010-05-02 20:50 . 2007-09-13 13:44 1753088 ----a-w- c:\windows\system32\stlang.dll
2010-05-02 20:49 . 2007-09-13 13:45 146944 ----a-w- c:\windows\system32\staco.dll
2010-05-02 20:49 . 2007-09-13 13:46 330240 ----a-w- c:\windows\system32\drivers\stwrt.sys
2010-05-02 20:49 . 2007-09-13 13:45 328704 ----a-w- c:\windows\system32\stcplx.dll
2010-05-02 20:49 . 2007-09-13 13:45 595456 ----a-w- c:\windows\system32\stapo.dll
2010-05-02 20:49 . 2007-09-13 13:44 299520 ----a-w- c:\windows\system32\stapi32.dll
2010-05-02 20:48 . 2010-05-02 20:50 -------- d-----w- c:\program files\IDT
2010-05-02 20:48 . 2007-09-13 13:44 56832 ----a-w- c:\windows\system32\asiovist.dll
2010-05-02 18:39 . 2010-05-02 19:17 -------- d-----w- c:\programdata\Spybot - Search Destroy
2010-05-02 18:39 . 2010-05-02 18:42 -------- d-----w- c:\program files\Spybot - Search Destroy
2010-04-21 20:22 . 2010-04-21 20:22 -------- d-----w- c:\program files\Gabest
2010-04-18 11:58 . 2010-02-12 10:32 293376 ----a-w- c:\windows\system32\browserchoice.exe
2010-04-18 11:52 . 2010-04-18 11:56 -------- d-----w- c:\users\PC\AppData\Roaming\Auslogics
2010-04-13 21:00 . 2010-04-13 21:00 -------- d-----w- c:\program files\MSXML 4.0
2010-04-13 21:00 . 2010-02-18 14:07 904576 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-04-13 21:00 . 2010-02-18 11:28 25088 ----a-w- c:\windows\system32\drivers\tunnel.sys
2010-04-13 21:00 . 2010-02-18 13:30 200704 ----a-w- c:\windows\system32\iphlpsvc.dll
2010-04-13 20:59 . 2010-02-18 14:07 3548040 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-04-13 20:59 . 2010-02-18 14:07 3600776 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-04-13 20:59 . 2010-02-23 11:10 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2010-04-13 20:59 . 2010-02-23 11:10 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-04-13 20:59 . 2010-02-23 11:10 106496 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-04-13 20:59 . 2010-03-05 14:01 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-04-13 20:58 . 2009-12-23 11:33 172032 ----a-w- c:\windows\system32\wintrust.dll
2010-04-13 20:57 . 2010-01-13 17:34 98304 ----a-w- c:\windows\system32\cabview.dll
2010-04-13 20:18 . 2010-05-02 18:06 -------- d-----w- c:\program files\SpeedFan
2010-04-13 17:40 . 2010-04-13 17:40 -------- d-----w- c:\programdata\Nokia
2010-04-13 17:08 . 2010-04-13 17:08 -------- d-----w- c:\users\PC\AppData\Roaming\Nokia Ovi Suite
2010-04-13 17:06 . 2010-04-13 17:08 -------- d-----w- c:\users\PC\AppData\Roaming\Nokia
2010-04-13 17:04 . 2010-04-13 17:07 -------- d-----w- c:\users\PC\AppData\Local\Nokia
2010-04-13 17:04 . 2010-04-13 17:06 -------- d-----w- c:\programdata\PC Suite
2010-04-13 17:04 . 2010-04-13 17:07 -------- d-----w- c:\users\PC\AppData\Roaming\PC Suite
2010-04-13 17:04 . 2010-05-01 12:20 -------- d-----w- c:\users\PC\AppData\Local\NokiaAccount
2010-04-13 17:02 . 2010-05-01 12:53 -------- d-----w- c:\program files\Common Files\Nokia
2010-04-13 17:01 . 2010-04-13 17:01 -------- d-----w- c:\program files\DIFX
2010-04-13 17:01 . 2008-08-26 07:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2010-04-13 17:00 . 2010-04-13 17:00 -------- d-----w- c:\program files\PC Connectivity Solution
2010-04-13 16:58 . 2009-12-30 09:30 91136 ----a-w- c:\windows\system32\nmwcdcls.dll
2010-04-13 16:57 . 2010-05-01 11:49 12212040 ----a-w- c:\programdata\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X86-ENU.exe
2010-04-13 16:57 . 2010-05-01 11:49 13930312 ----a-w- c:\programdata\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X64-ENU.exe
2010-04-13 16:57 . 2010-05-01 11:49 61440 ----a-w- c:\programdata\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Installer\CommonCustomActions\WMF11Runx86.exe
2010-04-13 16:57 . 2010-05-01 11:49 58880 ----a-w- c:\programdata\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Installer\CommonCustomActions\WMF11Runx64.exe
2010-04-13 16:57 . 2010-05-01 11:49 77824 ----a-w- c:\programdata\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Installer\CommonCustomActions\Run_XML6_SP1.exe
2010-04-13 16:57 . 2010-05-01 11:49 50000 ----a-w- c:\programdata\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Installer\CommonCustomActions\pcswpc.exe
2010-04-13 16:57 . 2010-04-13 16:56 98366952 ----a-w- c:\programdata\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Nokia_Ovi_Suite_webinstaller_ALL_v2.1.exe
2010-04-13 16:57 . 2010-04-13 17:01 -------- d-----w- c:\program files\Nokia
2010-04-13 16:57 . 2010-04-13 16:57 -------- d-----w- c:\programdata\OviInstallerCache
2010-04-10 13:16 . 2010-04-10 13:27 -------- d-----w- c:\users\PC\AppData\Roaming\gtk-2.0
2010-04-10 13:13 . 2010-04-10 13:13 -------- d-----w- c:\users\PC\.thumbnails
2010-04-10 13:06 . 2010-04-10 15:22 -------- d-----w- c:\users\PC\.gimp-2.6
2010-04-10 13:03 . 2010-04-10 13:04 -------- d-----w- c:\program files\GIMP-2.0
2010-04-10 10:02 . 2010-02-19 19:07 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2010-04-10 10:02 . 2010-04-10 10:02 -------- d-----w- c:\program files\FFDshow
2010-04-10 09:47 . 2010-05-01 11:39 -------- d-----w- c:\users\PC\AppData\Roaming\Moyea
2010-04-08 18:56 . 2010-04-13 20:54 -------- d-----w- c:\program files\MPC HomeCinema
2010-04-07 19:08 . 2010-04-07 19:08 96896 ----a-w- c:\windows\system32\drivers\epfwwfpr.sys
2010-04-07 19:07 . 2010-04-07 19:07 114984 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2010-04-07 19:03 . 2010-04-07 19:03 133512 ----a-w- c:\windows\system32\drivers\eamonm.sys
2010-04-07 18:28 . 2010-04-07 18:28 -------- d-----w- c:\windows\Sun
2010-04-05 21:25 . 2010-04-05 21:25 -------- d-----w- c:\program files\VirtualDub
2010-04-05 21:07 . 2010-04-05 21:07 -------- d-----w- c:\users\PC\AppData\Roaming\Publish Providers
2010-04-05 21:06 . 2010-04-05 22:02 -------- d-----w- c:\users\PC\AppData\Roaming\Sony
2010-04-05 21:05 . 2010-04-05 21:07 -------- d-----w- c:\users\PC\AppData\Local\Sony
2010-04-05 21:03 . 2010-04-05 21:03 -------- d-----w- c:\programdata\Sony
2010-04-05 21:02 . 2010-04-18 11:48 -------- d-----w- c:\program files\Sony
2010-04-05 21:00 . 2010-04-05 21:00 -------- d-----w- c:\program files\Sony Setup
2010-04-05 17:27 . 2010-04-05 21:07 80 ----a-w- c:\windows\msocreg32.dat
2010-04-05 17:22 . 2010-05-03 16:39 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-04-05 17:22 . 2010-04-05 17:22 -------- d-----w- c:\users\PC\AppData\Roaming\InstallShield
2010-04-05 15:40 . 2010-04-05 15:40 -------- d-----w- c:\program files\HJSplit
2010-04-05 09:07 . 2010-04-05 09:07 -------- d-----w- c:\program files\Common Files\Java
2010-04-05 09:07 . 2010-04-05 09:07 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-04-05 09:06 . 2010-04-05 09:06 -------- d-----w- c:\program files\Java
2010-04-04 21:29 . 2006-11-06 09:22 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-04-04 21:29 . 2006-11-06 09:22 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-04-04 21:29 . 2005-12-15 17:30 1060864 ----a-w- c:\windows\system32\MFC71.dll
2010-04-04 21:28 . 2003-06-20 11:28 1777664 ----a-w- c:\windows\system32\gdiplus.dll
2010-04-04 18:49 . 2010-04-04 21:13 -------- d-----w- c:\users\PC\AppData\Local\Adobe
2010-04-04 18:28 . 2010-04-04 18:29 -------- d-----w- c:\users\PC\AppData\Roaming\XnView
2010-04-04 08:59 . 2010-05-01 17:32 -------- d-----w- c:\users\PC\AppData\Roaming\BESTplayer
2010-04-04 07:45 . 2010-04-04 07:45 -------- d-----w- c:\users\PC\AppData\Roaming\Apple Computer
2010-04-04 07:41 . 2010-04-04 07:41 -------- d-----w- c:\users\PC\AppData\Local\Apple Computer
2010-04-04 07:37 . 2010-04-04 07:40 -------- d-----w- c:\programdata\Apple Computer
2010-04-04 07:37 . 2010-04-04 07:38 -------- d-----w- c:\program files\QuickTime
2010-04-04 07:36 . 2010-04-04 07:36 -------- d-----w- c:\program files\Common Files\Apple
2010-04-04 07:36 . 2010-04-04 07:36 -------- d-----w- c:\users\PC\AppData\Local\Apple
2010-04-04 07:36 . 2010-04-04 07:36 -------- d-----w- c:\programdata\Apple
2010-04-04 07:36 . 2010-04-04 07:36 -------- d-----w- c:\program files\Apple Software Update
2010-04-03 22:29 . 2010-04-03 22:29 -------- d-----w- c:\programdata\Uniblue
2010-04-03 21:44 . 2007-08-10 14:12 53248 ----a-w- c:\windows\system32\CSVer.dll
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-03 18:03 . 2009-04-13 08:01 662056 ----a-w- c:\windows\system32\perfh015.dat
2010-05-03 18:03 . 2009-04-13 08:01 126908 ----a-w- c:\windows\system32\perfc015.dat
2010-05-02 18:18 . 2010-04-03 11:47 -------- d-----w- c:\program files\Uniblue
2010-05-01 11:59 . 2010-05-01 11:59 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2010-05-01 09:06 . 2010-04-03 11:30 -------- d-----w- c:\program files\Opera
2010-04-30 22:50 . 2010-04-30 22:50 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2010-04-25 20:24 . 2010-04-03 13:32 -------- d-----w- c:\programdata\Easy CD-DA Extractor
2010-04-25 20:24 . 2010-04-03 13:32 -------- d-----w- c:\program files\Easy CD-DA Extractor 2010
2010-04-17 12:34 . 2010-04-03 13:39 -------- d-----w- c:\program files\ReNamer
2010-04-13 21:09 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-04-13 17:07 . 2010-04-13 17:07 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2010-04-10 13:36 . 2010-04-03 13:45 -------- d-----w- c:\program files\Total Commander
2010-04-06 16:26 . 2010-04-06 16:26 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2010-04-03 22:29 . 2010-04-03 11:47 -------- d-----w- c:\users\PC\AppData\Roaming\Uniblue
2010-04-03 18:57 . 2010-04-03 16:38 -------- d-----w- c:\programdata\DivX
2010-04-03 18:57 . 2010-04-03 16:39 -------- d-----w- c:\program files\DivX
2010-04-03 18:57 . 2010-04-03 13:47 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2010-04-03 18:52 . 2010-04-03 14:06 27934 ----a-w- c:\users\PC\AppData\Roaming\nvModes.dat
2010-04-03 16:53 . 2010-04-03 16:46 -------- d-----w- c:\users\PC\AppData\Roaming\DivX
2010-04-03 16:38 . 2010-04-03 16:46 986904 ----a-w- c:\programdata\DivX\Setup\DivXSetup.exe
2010-04-03 13:56 . 2010-04-03 13:56 -------- d-----w- c:\program files\XnView
2010-04-03 13:52 . 2010-04-03 13:52 -------- d-----w- c:\program files\BESTplayer
2010-04-03 13:50 . 2010-04-03 13:47 -------- d-----w- c:\users\PC\AppData\Roaming\Winamp
2010-04-03 13:50 . 2010-04-03 13:49 -------- d-----w- c:\program files\Common Files\Adobe
2010-04-03 13:48 . 2010-04-03 13:47 -------- d-----w- c:\program files\Winamp
2010-04-03 13:48 . 2010-04-03 13:36 -------- d-----w- c:\users\PC\AppData\Roaming\Media Player Classic
2010-04-03 13:45 . 2010-04-03 13:45 -------- d-----w- c:\users\PC\AppData\Roaming\GHISLER
2010-04-03 13:37 . 2010-04-03 13:37 -------- d-----w- c:\program files\Moyea
2010-04-03 13:22 . 2010-04-03 13:22 -------- d-----w- c:\program files\Common Files\Diskeeper Corporation
2010-04-03 13:22 . 2010-04-03 13:22 -------- d-----w- c:\programdata\Diskeeper Corporation
2010-04-03 13:22 . 2010-04-03 13:22 -------- d-----w- c:\program files\Windows Home Server
2010-04-03 13:22 . 2010-04-03 13:22 -------- d-----w- c:\program files\Diskeeper Corporation
2010-04-03 12:15 . 2010-04-03 10:18 55552 ----a-w- c:\users\PC\AppData\Local\GDIPFONTCACHEV1.DAT
2010-04-03 12:08 . 2010-04-03 12:08 -------- d-----w- c:\program files\Toshiba
2010-04-03 12:07 . 2010-04-03 12:01 -------- d-----w- c:\programdata\Microsoft Help
2010-04-03 12:05 . 2010-04-03 12:05 -------- d-----w- c:\program files\Microsoft Works
2010-04-03 12:04 . 2010-04-03 12:04 -------- d-----w- c:\program files\Microsoft.NET
2010-04-03 11:45 . 2010-04-03 11:45 -------- d-----w- c:\program files\CCleaner
2010-04-03 11:31 . 2010-04-03 11:31 -------- d-----w- c:\program files\Intel
2010-04-03 11:23 . 2010-04-03 11:23 -------- d-----w- c:\programdata\NVIDIA
2010-04-03 11:17 . 2010-04-03 11:17 -------- d-----w- c:\program files\Common Files\InstallShield
2010-04-03 11:15 . 2010-04-03 10:17 680 ----a-w- c:\users\PC\AppData\Local\d3d9caps.dat
2010-04-03 11:14 . 2010-04-03 11:14 -------- d-----w- c:\program files\Agnitum
2010-04-03 11:13 . 2010-04-03 11:13 -------- d-----w- c:\programdata\Agnitum
2010-04-03 10:58 . 2010-04-03 10:58 -------- d-----w- c:\program files\Windows Portable Devices
2010-04-03 10:58 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2010-04-03 10:15 . 2010-04-03 10:15 -------- d-sh--we c:\programdata\Ulubione
2010-04-03 10:15 . 2010-04-03 10:15 -------- d-sh--we c:\programdata\Szablony
2010-04-03 10:15 . 2010-04-03 10:15 -------- d-sh--we c:\programdata\Pulpit
2010-04-03 10:15 . 2010-04-03 10:15 -------- d-sh--we c:\programdata\Menu Start
2010-04-03 10:15 . 2010-04-03 10:15 -------- d-sh--we c:\programdata\Dokumenty
2010-04-03 10:15 . 2010-04-03 10:15 -------- d-sh--we c:\programdata\Dane aplikacji
2010-02-24 08:16 . 2010-04-03 10:31 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-23 06:39 . 2010-04-03 10:47 916480 ----a-w- c:\windows\system32\wininet.dll
2010-02-23 06:33 . 2010-04-03 10:47 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-02-23 06:33 . 2010-04-03 10:47 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-02-23 04:55 . 2010-04-03 10:47 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-02-20 23:06 . 2010-04-03 10:43 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-02-20 23:05 . 2010-04-03 10:43 30720 ----a-w- c:\windows\system32\httpapi.dll
2010-02-20 20:53 . 2010-04-03 10:43 411648 ----a-w- c:\windows\system32\drivers\http.sys
2010-02-09 11:32 . 2010-04-03 11:17 715000 ----a-w- c:\windows\system32\drivers\SandBox.sys
2010-02-04 08:01 . 2010-04-13 20:53 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2010-02-04 08:01 . 2010-04-13 20:53 528216 ----a-w- c:\windows\system32\XAudio2_6.dll
2010-02-04 08:01 . 2010-04-13 20:53 238936 ----a-w- c:\windows\system32\xactengine3_6.dll
2010-02-04 08:01 . 2010-04-13 20:53 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OutpostMonitor"="c:\progra~1\Agnitum\OUTPOS~1\op_mon.exe" [2010-02-11 2447488]
"OutpostFeedBack"="c:\program files\Agnitum\Outpost Firewall Pro\feedback.exe" [2010-02-09 439784]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-04-07 2145000]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-2-2 2756608]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Agnitum\OUTPOS~1\wl_hook.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):62,22,80,d4,a9,ba,c9,01
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3413416236-1275736440-1433409148-1000]
"EnableNotificationsRef"=dword:00000001
R3 ASWFilt;ASWFilt;c:\windows\system32\Filt\ASWFilt.dll [2010-02-09 34488]
S1 afw;Agnitum Firewall Driver;c:\windows\system32\DRIVERS\afw.sys [2009-02-18 29208]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-04-07 114984]
S1 SandBox;SandBox;c:\windows\system32\drivers\SandBox.sys [2010-02-09 715000]
S2 acssrv;Agnitum Client Security Service;c:\progra~1\Agnitum\OUTPOS~1\acs.exe [2010-02-11 1338160]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-04-07 133512]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-04-07 810120]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2010-04-07 96896]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 afwcore;afwcore;c:\windows\system32\drivers\afwcore.sys [2009-11-02 319000]
S3 DKRtWrt;DKRtWrt;c:\windows\system32\DRIVERS\DKRtWrt.sys [2009-12-10 45616]
S3 R5U870FLx86;R5U870 UVC Lower Filter ;c:\windows\system32\Drivers\R5U870FLx86.sys [2007-05-23 74240]
S3 R5U870FUx86;R5U870 UVC Upper Filter ;c:\windows\system32\Drivers\R5U870FUx86.sys [2007-05-23 43904]
S3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2007-04-23 812544]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
.
------- Skan uzupełniający -------
.
IE: Eksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-05-03 20:05
Windows 6.0.6002 Service Pack 2 NTFS
skanowanie ukrytych procesów ...
skanowanie ukrytych wpisów autostartu ...
skanowanie ukrytych plików ...
skanowanie pomyślnie ukończone
ukryte pliki: 0
**************************************************************************
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Czas ukończenia: 2010-05-03 20:08:21
ComboFix-quarantined-files.txt 2010-05-03 18:08
Przed: 25 315 463 168 bajtów wolnych
Po: 25 137 963 008 bajtów wolnych
- - End Of File - - CAE2E280E478EE4640AA4589752B6736
Jak mogę się uwolnić od tego ■■■■■■■■■■? HELP!