Cytat
ComboFix 10-05-20.A2 - Kamil 2010-05-21 15:52:28.1.2 - x86
Uruchomiony z: c:\users\Kamil\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((((( Sterowniki/Usługi )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_AFPANSI
-------\Service_AFPAnsi
((((((((((((((((((((((((( Pliki utworzone od 2010-04-21 do 2010-05-21 )))))))))))))))))))))))))))))))
.
2010-05-21 14:03 . 2010-05-21 14:06 -------- d-----w- c:\users\Kamil\AppData\Local\temp
2010-05-21 14:03 . 2010-05-21 14:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-05-19 09:28 . 2010-05-19 09:28 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2010-05-18 19:55 . 2010-05-18 19:55 -------- d-----w- c:\program files\Microsoft Silverlight
2010-05-16 19:31 . 2010-05-16 19:31 -------- d-----w- c:\users\Kamil\AppData\Roaming\MEGA5_5100504
2010-05-16 19:31 . 2010-05-16 19:31 -------- d-----w- c:\program files\MEGA5
2010-05-16 17:34 . 2010-05-16 17:34 -------- d-----w- c:\users\Kamil\.vamsas
2010-05-16 16:55 . 2010-05-16 16:55 -------- d-----w- c:\program files\ClustalX2
2010-05-14 21:34 . 2010-05-14 21:34 -------- d-----w- c:\program files\Vplayer
2010-05-12 20:18 . 2010-05-12 20:18 -------- d-----w- c:\users\Public\c
2010-05-12 17:25 . 2010-05-12 17:25 -------- d-----w- c:\programdata\Last.fm
2010-05-12 17:25 . 2010-05-12 17:25 -------- d-----w- c:\users\Kamil\AppData\Local\Last.fm
2010-05-12 17:25 . 2010-05-12 17:25 -------- d-----w- c:\program files\Last.fm
2010-05-12 06:32 . 2010-01-29 15:40 738816 ----a-w- c:\windows\system32\inetcomm.dll
2010-04-29 07:18 . 2010-04-29 07:18 -------- d-----w- c:\program files\iPod
2010-04-29 07:18 . 2010-05-12 17:25 -------- d-----w- c:\program files\iTunes
2010-04-29 07:18 . 2010-04-29 07:19 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-04-29 07:14 . 2010-04-29 07:15 -------- d-----w- c:\program files\QuickTime
2010-04-29 07:10 . 2010-04-29 07:10 -------- d-----w- c:\program files\Bonjour
2010-04-26 13:40 . 2010-04-26 13:40 -------- d-----w- c:\program files\MSECache
2010-04-24 09:37 . 2010-04-24 09:37 -------- d-----w- c:\users\Kamil\AppData\Local\Opera
2010-04-24 09:37 . 2010-04-24 09:37 -------- d-----w- c:\program files\Opera
2010-04-24 09:30 . 2010-04-24 09:30 -------- d-----w- c:\program files\Safari
2010-04-24 09:28 . 2010-04-24 09:28 -------- d-----w- c:\program files\Apple Software Update
2010-04-24 09:23 . 2010-04-24 09:23 -------- d-----w- c:\users\Kamil\AppData\Local\Google
2010-04-22 20:00 . 2009-06-10 11:52 347648 ----a-w- c:\windows\system32\drivers\RTL8187B.sys
2010-04-22 20:00 . 2010-04-22 20:02 -------- d-----w- c:\program files\Realtek WLAN Driver
2010-04-22 19:51 . 2010-04-22 19:51 -------- d-----w- c:\programdata\IsolatedStorage
2010-04-22 19:50 . 2010-04-22 19:50 -------- d-----w- c:\program files\Toshiba TEMPRO
2010-04-22 19:49 . 2010-04-22 19:49 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-20 22:17 . 2010-03-11 21:14 1 ----a-w- c:\users\Kamil\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-05-20 15:33 . 2006-12-05 05:22 662056 ----a-w- c:\windows\system32\perfh015.dat
2010-05-20 15:33 . 2006-12-05 05:22 126908 ----a-w- c:\windows\system32\perfc015.dat
2010-05-19 09:25 . 2010-03-11 09:53 -------- d-----w- c:\users\Kamil\AppData\Roaming\Tlen.pl
2010-05-14 21:34 . 2010-05-14 21:34 28672 ----a-r- c:\users\Kamil\AppData\Roaming\Microsoft\Installer\{A05BE20E-6510-44BC-95ED-6E6D730407D3}\_CA18F2C35CF8_400D_9D49_6D74AFB2D0CC.exe
2010-05-12 17:25 . 2010-05-12 17:25 54 ----a-w- c:\programdata\Last.fm\Client\uninst2.bat
2010-05-12 17:25 . 2010-05-12 17:25 683801 ----a-w- c:\programdata\Last.fm\Client\UninstITW\unins000.exe
2010-05-12 09:21 . 2010-03-12 07:35 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-12 06:45 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-05-06 20:59 . 2010-03-24 20:49 165032 ----a-w- c:\windows\system32\aswBoot.exe
2010-05-06 20:39 . 2010-03-24 20:50 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-05-06 20:39 . 2010-03-24 20:50 164048 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-05-06 20:34 . 2010-03-24 20:50 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-05-06 20:34 . 2010-03-24 20:50 51792 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2010-05-06 20:33 . 2010-03-24 20:50 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-04-29 07:18 . 2010-03-11 10:15 -------- d-----w- c:\program files\Common Files\Apple
2010-04-29 07:18 . 2010-03-11 10:19 -------- d-----w- c:\programdata\Apple Computer
2010-04-29 07:06 . 2010-04-29 07:06 73000 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.1.1.12\SetupAdmin.exe
2010-04-24 09:30 . 2010-03-11 10:25 -------- d-----w- c:\users\Kamil\AppData\Roaming\Apple Computer
2010-04-22 20:00 . 2007-08-24 08:04 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-04-19 20:27 . 2007-08-24 08:13 -------- d-----w- c:\program files\Realtek
2010-04-16 18:01 . 2010-04-16 18:00 354744 ----a-w- c:\users\Kamil\AppData\Roaming\SanDisk\Sansa Updater\SansaUpdaterInstall.exe
2010-04-16 18:00 . 2010-04-16 18:00 79872 ----a-w- c:\users\Kamil\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
2010-04-16 18:00 . 2010-04-16 18:00 574344 ----a-w- c:\users\Kamil\AppData\Roaming\SanDisk\Sansa Updater\SansaUpdater.exe
2010-04-16 17:59 . 2010-04-16 17:59 -------- d-----w- c:\users\Kamil\AppData\Roaming\SanDisk
2010-04-14 16:47 . 2010-03-24 20:49 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-04-11 16:34 . 2010-03-28 17:15 -------- d-----w- c:\program files\Motorola
2010-04-11 16:34 . 2010-03-28 17:15 -------- d-----w- c:\program files\Common Files\Motorola Shared
2010-04-08 18:08 . 2010-04-08 18:08 -------- d-----w- c:\program files\Fotosizer
2010-04-08 11:20 . 2010-04-08 11:20 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-04-08 11:20 . 2010-04-08 11:20 107808 ----a-w- c:\windows\system32\dns-sd.exe
2010-03-29 22:17 . 2010-03-12 17:55 -------- d-----w- c:\users\Kamil\AppData\Roaming\Western Digital
2010-03-28 18:09 . 2010-03-28 18:09 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_Motousbnet_01007.Wdf
2010-03-28 18:09 . 2010-03-28 18:09 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_motfilt_01007.Wdf
2010-03-28 18:07 . 2010-03-28 18:07 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_motmodem_01007.Wdf
2010-03-28 11:41 . 2010-03-28 11:41 -------- d-----w- c:\program files\Codec Pack - All In 1
2010-03-28 11:41 . 2010-03-28 11:41 737280 ----a-w- c:\windows\iun6002.exe
2010-03-27 12:35 . 2010-03-27 12:35 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdRapi_01_00_00.Wdf
2010-03-24 20:48 . 2010-03-24 20:48 -------- d-----w- c:\programdata\Alwil Software
2010-03-24 20:48 . 2010-03-24 20:48 -------- d-----w- c:\program files\Alwil Software
2010-03-24 20:40 . 2010-03-11 08:09 -------- d-----w- c:\programdata\G DATA
2010-03-24 20:40 . 2010-03-11 08:09 -------- d-----w- c:\program files\G Data
2010-03-24 20:40 . 2010-03-11 08:09 -------- d-----w- c:\program files\Common Files\G DATA
2010-03-18 18:23 . 2010-03-18 18:23 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-03-17 14:24 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2010-03-17 11:10 . 2010-03-17 11:10 29992 ----a-w- c:\windows\system32\drivers\GRD.sys
2010-03-16 15:52 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2010-03-16 15:52 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll
2010-03-13 21:07 . 2010-03-13 21:07 37888 ----a-w- c:\windows\system32\printcom.dll
2010-03-13 21:06 . 2010-03-13 21:06 2036736 ----a-w- c:\windows\system32\win32k.sys
2010-03-13 21:06 . 2010-03-13 21:06 14848 ----a-w- c:\windows\system32\wshrm.dll
2010-03-13 21:06 . 2010-03-13 21:06 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2010-03-13 21:05 . 2010-03-13 21:05 332288 ----a-w- c:\windows\system32\msdrm.dll
2010-03-13 21:05 . 2010-03-13 21:05 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-03-13 21:05 . 2010-03-13 21:05 152064 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-03-13 21:05 . 2010-03-13 21:05 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-03-13 21:05 . 2010-03-13 21:05 152576 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-03-13 21:05 . 2010-03-13 21:05 518144 ----a-w- c:\windows\system32\RMActivate.exe
2010-03-13 21:05 . 2010-03-13 21:05 471552 ----a-w- c:\windows\system32\secproc.dll
2010-03-13 21:05 . 2010-03-13 21:05 526336 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-03-13 21:05 . 2010-03-13 21:05 471552 ----a-w- c:\windows\system32\secproc_isv.dll
2010-03-13 21:03 . 2010-03-13 21:03 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2010-03-13 04:30 . 2010-03-13 04:30 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-03-13 04:30 . 2010-03-13 04:30 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-03-13 04:30 . 2010-03-13 04:30 23552 ----a-w- c:\windows\system32\lpk.dll
2010-03-13 04:30 . 2010-03-13 04:30 156672 ----a-w- c:\windows\system32\t2embed.dll
2010-03-13 04:30 . 2010-03-13 04:30 10240 ----a-w- c:\windows\system32\dciman32.dll
2010-03-13 04:30 . 2010-03-13 04:30 72704 ----a-w- c:\windows\system32\fontsub.dll
2010-03-13 04:24 . 2010-03-13 04:24 61440 ----a-w- c:\windows\system32\winipsec.dll
2010-03-13 04:24 . 2010-03-13 04:24 272896 ----a-w- c:\windows\system32\polstore.dll
2010-03-13 04:21 . 2010-03-13 04:21 98816 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-03-13 04:21 . 2010-03-13 04:21 302080 ----a-w- c:\windows\system32\drivers\srv.sys
2010-03-13 04:19 . 2010-03-13 04:19 17920 ----a-w- c:\windows\system32\netevent.dll
2010-03-13 04:19 . 2010-03-13 04:19 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2010-03-13 04:19 . 2010-03-13 04:19 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2010-03-13 04:19 . 2010-03-13 04:19 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2010-03-13 04:19 . 2010-03-13 04:19 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2010-03-13 04:19 . 2010-03-13 04:19 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2010-03-13 04:19 . 2010-03-13 04:19 105984 ----a-w- c:\windows\system32\netiohlp.dll
2010-03-13 04:19 . 2010-03-13 04:19 10240 ----a-w- c:\windows\system32\finger.exe
2010-03-13 04:19 . 2010-03-13 04:19 19968 ----a-w- c:\windows\system32\ARP.EXE
2010-03-13 04:15 . 2010-03-13 04:15 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2010-03-13 04:15 . 2010-03-13 04:15 68096 ----a-w- c:\windows\system32\wlanhlp.dll
2010-03-13 04:15 . 2010-03-13 04:15 65024 ----a-w- c:\windows\system32\wlanapi.dll
2010-03-13 04:15 . 2010-03-13 04:15 513536 ----a-w- c:\windows\system32\wlansvc.dll
2010-03-13 04:15 . 2010-03-13 04:15 302592 ----a-w- c:\windows\system32\wlansec.dll
2010-03-13 04:15 . 2010-03-13 04:15 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2010-03-13 04:15 . 2010-03-13 04:15 15181 ----a-w- c:\windows\system32\gatherWirelessInfo.vbs
2010-03-13 04:13 . 2010-03-13 04:13 1248768 ----a-w- c:\windows\system32\msxml3.dll
2010-03-13 04:13 . 2010-03-13 04:13 1401856 ----a-w- c:\windows\system32\msxml6.dll
2010-03-13 04:13 . 2010-03-13 04:13 2048 ----a-w- c:\windows\system32\msxml3r.dll
2010-03-13 04:13 . 2010-03-13 04:13 2048 ----a-w- c:\windows\system32\msxml6r.dll
2010-03-13 04:12 . 2010-03-13 04:12 72704 ----a-w- c:\windows\system32\secur32.dll
2010-03-13 04:12 . 2010-03-13 04:12 439864 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2010-03-13 04:12 . 2010-03-13 04:12 218624 ----a-w- c:\windows\system32\msv1_0.dll
2010-03-13 04:12 . 2010-03-13 04:12 175104 ----a-w- c:\windows\system32\wdigest.dll
2010-03-13 04:12 . 2010-03-13 04:12 9728 ----a-w- c:\windows\system32\lsass.exe
2010-03-13 04:12 . 2010-03-13 04:12 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2010-03-13 04:11 . 2010-03-13 04:11 98816 ----a-w- c:\windows\system32\mfps.dll
2010-03-13 04:11 . 2010-03-13 04:11 53248 ----a-w- c:\windows\system32\rrinstaller.exe
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SansaDispatch"="c:\users\Kamil\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe" [2010-04-16 79872]
"Google Update"="c:\users\Kamil\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-04-24 136176]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-06-22 894248]
"RtHDVCpl"="RtHDVCpl.exe" [2007-07-06 4669440]
"Skytel"="Skytel.exe" [2007-06-15 1826816]
"NDSTray.exe"="NDSTray.exe" [BU]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-11 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-11 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-11 133656]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-05-06 2815192]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
"Toshiba TEMPRO"="c:\program files\Toshiba TEMPRO\TemproTray.exe" [2009-12-01 1045976]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-17 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-04-28 142120]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKLM\~\startupfolder\C:^Users^Kamil^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk]
path=c:\users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
backup=c:\windows\pss\OpenOffice.org 3.2.lnk.Startup
backupExtension=.Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-03-24 18:17 952768 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-04-04 05:42 36272 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
2009-11-15 09:42 33120 ----a-w- c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-04-28 13:06 142120 ----a-w- c:\program files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4]
2007-02-04 11:02 79400 ----a-w- c:\program files\ScanSoft\OmniPageSE4\OpWareSE4.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-03-17 19:53 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2006-10-25 08:03 210472 ----a-w- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba Registration]
2007-05-04 11:05 571024 ----a-w- c:\program files\TOSHIBA\Registration\ToshibaRegistration.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management]
2007-05-31 15:21 648072 ----a-w- c:\windows\WindowsMobile\wmdcBase.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(
:fc,84,dc,10,c2,c5,ca,01
R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys [2009-01-29 6016]
R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys [2009-12-22 23552]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys [x]
S0 FO_PAnt;FotoOffice VirtualDisc Driver;c:\windows\System32\Drivers\FO_PAnt.sys [2003-07-17 89216]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-03-18 691696]
S1 aswSP;aswSP; [x]
S2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;c:\program files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [2007-12-06 660768]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-05-06 51792]
S2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files\Toshiba TEMPRO\TemproSvc.exe [2009-12-01 116176]
S3 RTL8187B;Realtek RTL8187B bezprzewodowe 802.11b/g 54Mbps USB 2.0 karta sieciowa ;c:\windows\system32\DRIVERS\RTL8187B.sys [2009-06-10 347648]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
Zawartość folderu 'Zaplanowane zadania'
2010-04-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3737781229-642290258-4140584057-1000Core.job
- c:\users\Kamil\AppData\Local\Google\Update\GoogleUpdate.exe [2010-04-24 09:23]
.
.
------- Skan uzupełniający -------
.
uInternet Settings,ProxyOverride = *.local
IE: {{76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.co...-44618-9400-3/4
IE: {{8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co...nk-21&site=home
FF - ProfilePath - c:\users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\zhin1k6j.default\
FF - prefs.js: browser.startup.homepage - about:blank
FF - plugin: c:\users\Kamil\AppData\Local\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX - SPOSÓB POSTĘPOWANIA ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
- - - - USUNIĘTO PUSTE WPISY - - - -
HKCU-Run-TOSCDSPD - TOSCDSPD.EXE
MSConfigStartUp-SunJavaUpdateSched - c:\program files\Java\jre6\bin\jusched.exe
**************************************************************************
skanowanie ukrytych procesów ...
skanowanie ukrytych wpisów autostartu ...
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
SansaDispatch = c:\users\Kamil\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe??s?k?\?S?a?n?s?a? ?U?p?d?a?t?e?r???tent-c?????Y??0S??????0???????/sansa
skanowanie ukrytych plików ...
skanowanie pomyślnie ukończone
ukryte pliki:
**************************************************************************
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
[HKEY_USERS\S-1-5-21-3737781229-642290258-4140584057-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:02,c8,fa,d8,06,a9,53,a6,ca,ba,d6,01,ea,8c,b2,a6,be,fc,c6,68,e1,f7,7f,
97,83,93,6c,8a,2e,f9,bf,62,b2,e0,19,54,90,9e,43,23,88,10,49,6b,56,f7,de,2e,\
"??"=hex:04,33,d3,1d,b0,d0,53,d3,28,d8,2d,b0,8d,f8,29,f0
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c:\program files\ATK Hotkey\ASLDRSrv.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\ATK Hotkey\Hcontrol.exe
c:\program files\ATK Hotkey\ATKOSD.exe
c:\windows\system32\agrsmsvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\windows\RtHDVCpl.exe
c:\program files\TOSHIBA\ConfigFree\NDSTray.exe
c:\program files\Alwil Software\Avast5\AvastUI.exe
c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\ehome\ehmsas.exe
c:\program files\TOSHIBA\ConfigFree\CFSwMgr.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Czas ukończenia: 2010-05-21 16:15:43 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt 2010-05-21 14:15
Przed: 77 772 767 232 bajtów wolnych
Po: 77 338 734 592 bajtów wolnych
Current=1 Default=1 Failed=0 LastKnownGood=10 Sets=1,2,3,4,5,6,7,8,9,10
- - End Of File - - C6E22F61C1723FAFB68AEA7706C8B7EC
Uruchomiony z: c:\users\Kamil\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((((( Sterowniki/Usługi )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_AFPANSI
-------\Service_AFPAnsi
((((((((((((((((((((((((( Pliki utworzone od 2010-04-21 do 2010-05-21 )))))))))))))))))))))))))))))))
.
2010-05-21 14:03 . 2010-05-21 14:06 -------- d-----w- c:\users\Kamil\AppData\Local\temp
2010-05-21 14:03 . 2010-05-21 14:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-05-19 09:28 . 2010-05-19 09:28 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2010-05-18 19:55 . 2010-05-18 19:55 -------- d-----w- c:\program files\Microsoft Silverlight
2010-05-16 19:31 . 2010-05-16 19:31 -------- d-----w- c:\users\Kamil\AppData\Roaming\MEGA5_5100504
2010-05-16 19:31 . 2010-05-16 19:31 -------- d-----w- c:\program files\MEGA5
2010-05-16 17:34 . 2010-05-16 17:34 -------- d-----w- c:\users\Kamil\.vamsas
2010-05-16 16:55 . 2010-05-16 16:55 -------- d-----w- c:\program files\ClustalX2
2010-05-14 21:34 . 2010-05-14 21:34 -------- d-----w- c:\program files\Vplayer
2010-05-12 20:18 . 2010-05-12 20:18 -------- d-----w- c:\users\Public\c
2010-05-12 17:25 . 2010-05-12 17:25 -------- d-----w- c:\programdata\Last.fm
2010-05-12 17:25 . 2010-05-12 17:25 -------- d-----w- c:\users\Kamil\AppData\Local\Last.fm
2010-05-12 17:25 . 2010-05-12 17:25 -------- d-----w- c:\program files\Last.fm
2010-05-12 06:32 . 2010-01-29 15:40 738816 ----a-w- c:\windows\system32\inetcomm.dll
2010-04-29 07:18 . 2010-04-29 07:18 -------- d-----w- c:\program files\iPod
2010-04-29 07:18 . 2010-05-12 17:25 -------- d-----w- c:\program files\iTunes
2010-04-29 07:18 . 2010-04-29 07:19 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-04-29 07:14 . 2010-04-29 07:15 -------- d-----w- c:\program files\QuickTime
2010-04-29 07:10 . 2010-04-29 07:10 -------- d-----w- c:\program files\Bonjour
2010-04-26 13:40 . 2010-04-26 13:40 -------- d-----w- c:\program files\MSECache
2010-04-24 09:37 . 2010-04-24 09:37 -------- d-----w- c:\users\Kamil\AppData\Local\Opera
2010-04-24 09:37 . 2010-04-24 09:37 -------- d-----w- c:\program files\Opera
2010-04-24 09:30 . 2010-04-24 09:30 -------- d-----w- c:\program files\Safari
2010-04-24 09:28 . 2010-04-24 09:28 -------- d-----w- c:\program files\Apple Software Update
2010-04-24 09:23 . 2010-04-24 09:23 -------- d-----w- c:\users\Kamil\AppData\Local\Google
2010-04-22 20:00 . 2009-06-10 11:52 347648 ----a-w- c:\windows\system32\drivers\RTL8187B.sys
2010-04-22 20:00 . 2010-04-22 20:02 -------- d-----w- c:\program files\Realtek WLAN Driver
2010-04-22 19:51 . 2010-04-22 19:51 -------- d-----w- c:\programdata\IsolatedStorage
2010-04-22 19:50 . 2010-04-22 19:50 -------- d-----w- c:\program files\Toshiba TEMPRO
2010-04-22 19:49 . 2010-04-22 19:49 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-20 22:17 . 2010-03-11 21:14 1 ----a-w- c:\users\Kamil\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-05-20 15:33 . 2006-12-05 05:22 662056 ----a-w- c:\windows\system32\perfh015.dat
2010-05-20 15:33 . 2006-12-05 05:22 126908 ----a-w- c:\windows\system32\perfc015.dat
2010-05-19 09:25 . 2010-03-11 09:53 -------- d-----w- c:\users\Kamil\AppData\Roaming\Tlen.pl
2010-05-14 21:34 . 2010-05-14 21:34 28672 ----a-r- c:\users\Kamil\AppData\Roaming\Microsoft\Installer\{A05BE20E-6510-44BC-95ED-6E6D730407D3}\_CA18F2C35CF8_400D_9D49_6D74AFB2D0CC.exe
2010-05-12 17:25 . 2010-05-12 17:25 54 ----a-w- c:\programdata\Last.fm\Client\uninst2.bat
2010-05-12 17:25 . 2010-05-12 17:25 683801 ----a-w- c:\programdata\Last.fm\Client\UninstITW\unins000.exe
2010-05-12 09:21 . 2010-03-12 07:35 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-12 06:45 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-05-06 20:59 . 2010-03-24 20:49 165032 ----a-w- c:\windows\system32\aswBoot.exe
2010-05-06 20:39 . 2010-03-24 20:50 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-05-06 20:39 . 2010-03-24 20:50 164048 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-05-06 20:34 . 2010-03-24 20:50 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-05-06 20:34 . 2010-03-24 20:50 51792 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2010-05-06 20:33 . 2010-03-24 20:50 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-04-29 07:18 . 2010-03-11 10:15 -------- d-----w- c:\program files\Common Files\Apple
2010-04-29 07:18 . 2010-03-11 10:19 -------- d-----w- c:\programdata\Apple Computer
2010-04-29 07:06 . 2010-04-29 07:06 73000 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.1.1.12\SetupAdmin.exe
2010-04-24 09:30 . 2010-03-11 10:25 -------- d-----w- c:\users\Kamil\AppData\Roaming\Apple Computer
2010-04-22 20:00 . 2007-08-24 08:04 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-04-19 20:27 . 2007-08-24 08:13 -------- d-----w- c:\program files\Realtek
2010-04-16 18:01 . 2010-04-16 18:00 354744 ----a-w- c:\users\Kamil\AppData\Roaming\SanDisk\Sansa Updater\SansaUpdaterInstall.exe
2010-04-16 18:00 . 2010-04-16 18:00 79872 ----a-w- c:\users\Kamil\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
2010-04-16 18:00 . 2010-04-16 18:00 574344 ----a-w- c:\users\Kamil\AppData\Roaming\SanDisk\Sansa Updater\SansaUpdater.exe
2010-04-16 17:59 . 2010-04-16 17:59 -------- d-----w- c:\users\Kamil\AppData\Roaming\SanDisk
2010-04-14 16:47 . 2010-03-24 20:49 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-04-11 16:34 . 2010-03-28 17:15 -------- d-----w- c:\program files\Motorola
2010-04-11 16:34 . 2010-03-28 17:15 -------- d-----w- c:\program files\Common Files\Motorola Shared
2010-04-08 18:08 . 2010-04-08 18:08 -------- d-----w- c:\program files\Fotosizer
2010-04-08 11:20 . 2010-04-08 11:20 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-04-08 11:20 . 2010-04-08 11:20 107808 ----a-w- c:\windows\system32\dns-sd.exe
2010-03-29 22:17 . 2010-03-12 17:55 -------- d-----w- c:\users\Kamil\AppData\Roaming\Western Digital
2010-03-28 18:09 . 2010-03-28 18:09 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_Motousbnet_01007.Wdf
2010-03-28 18:09 . 2010-03-28 18:09 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_motfilt_01007.Wdf
2010-03-28 18:07 . 2010-03-28 18:07 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_motmodem_01007.Wdf
2010-03-28 11:41 . 2010-03-28 11:41 -------- d-----w- c:\program files\Codec Pack - All In 1
2010-03-28 11:41 . 2010-03-28 11:41 737280 ----a-w- c:\windows\iun6002.exe
2010-03-27 12:35 . 2010-03-27 12:35 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdRapi_01_00_00.Wdf
2010-03-24 20:48 . 2010-03-24 20:48 -------- d-----w- c:\programdata\Alwil Software
2010-03-24 20:48 . 2010-03-24 20:48 -------- d-----w- c:\program files\Alwil Software
2010-03-24 20:40 . 2010-03-11 08:09 -------- d-----w- c:\programdata\G DATA
2010-03-24 20:40 . 2010-03-11 08:09 -------- d-----w- c:\program files\G Data
2010-03-24 20:40 . 2010-03-11 08:09 -------- d-----w- c:\program files\Common Files\G DATA
2010-03-18 18:23 . 2010-03-18 18:23 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-03-17 14:24 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2010-03-17 11:10 . 2010-03-17 11:10 29992 ----a-w- c:\windows\system32\drivers\GRD.sys
2010-03-16 15:52 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2010-03-16 15:52 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll
2010-03-13 21:07 . 2010-03-13 21:07 37888 ----a-w- c:\windows\system32\printcom.dll
2010-03-13 21:06 . 2010-03-13 21:06 2036736 ----a-w- c:\windows\system32\win32k.sys
2010-03-13 21:06 . 2010-03-13 21:06 14848 ----a-w- c:\windows\system32\wshrm.dll
2010-03-13 21:06 . 2010-03-13 21:06 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2010-03-13 21:05 . 2010-03-13 21:05 332288 ----a-w- c:\windows\system32\msdrm.dll
2010-03-13 21:05 . 2010-03-13 21:05 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-03-13 21:05 . 2010-03-13 21:05 152064 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-03-13 21:05 . 2010-03-13 21:05 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-03-13 21:05 . 2010-03-13 21:05 152576 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-03-13 21:05 . 2010-03-13 21:05 518144 ----a-w- c:\windows\system32\RMActivate.exe
2010-03-13 21:05 . 2010-03-13 21:05 471552 ----a-w- c:\windows\system32\secproc.dll
2010-03-13 21:05 . 2010-03-13 21:05 526336 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-03-13 21:05 . 2010-03-13 21:05 471552 ----a-w- c:\windows\system32\secproc_isv.dll
2010-03-13 21:03 . 2010-03-13 21:03 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2010-03-13 04:30 . 2010-03-13 04:30 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-03-13 04:30 . 2010-03-13 04:30 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-03-13 04:30 . 2010-03-13 04:30 23552 ----a-w- c:\windows\system32\lpk.dll
2010-03-13 04:30 . 2010-03-13 04:30 156672 ----a-w- c:\windows\system32\t2embed.dll
2010-03-13 04:30 . 2010-03-13 04:30 10240 ----a-w- c:\windows\system32\dciman32.dll
2010-03-13 04:30 . 2010-03-13 04:30 72704 ----a-w- c:\windows\system32\fontsub.dll
2010-03-13 04:24 . 2010-03-13 04:24 61440 ----a-w- c:\windows\system32\winipsec.dll
2010-03-13 04:24 . 2010-03-13 04:24 272896 ----a-w- c:\windows\system32\polstore.dll
2010-03-13 04:21 . 2010-03-13 04:21 98816 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-03-13 04:21 . 2010-03-13 04:21 302080 ----a-w- c:\windows\system32\drivers\srv.sys
2010-03-13 04:19 . 2010-03-13 04:19 17920 ----a-w- c:\windows\system32\netevent.dll
2010-03-13 04:19 . 2010-03-13 04:19 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2010-03-13 04:19 . 2010-03-13 04:19 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2010-03-13 04:19 . 2010-03-13 04:19 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2010-03-13 04:19 . 2010-03-13 04:19 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2010-03-13 04:19 . 2010-03-13 04:19 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2010-03-13 04:19 . 2010-03-13 04:19 105984 ----a-w- c:\windows\system32\netiohlp.dll
2010-03-13 04:19 . 2010-03-13 04:19 10240 ----a-w- c:\windows\system32\finger.exe
2010-03-13 04:19 . 2010-03-13 04:19 19968 ----a-w- c:\windows\system32\ARP.EXE
2010-03-13 04:15 . 2010-03-13 04:15 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2010-03-13 04:15 . 2010-03-13 04:15 68096 ----a-w- c:\windows\system32\wlanhlp.dll
2010-03-13 04:15 . 2010-03-13 04:15 65024 ----a-w- c:\windows\system32\wlanapi.dll
2010-03-13 04:15 . 2010-03-13 04:15 513536 ----a-w- c:\windows\system32\wlansvc.dll
2010-03-13 04:15 . 2010-03-13 04:15 302592 ----a-w- c:\windows\system32\wlansec.dll
2010-03-13 04:15 . 2010-03-13 04:15 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2010-03-13 04:15 . 2010-03-13 04:15 15181 ----a-w- c:\windows\system32\gatherWirelessInfo.vbs
2010-03-13 04:13 . 2010-03-13 04:13 1248768 ----a-w- c:\windows\system32\msxml3.dll
2010-03-13 04:13 . 2010-03-13 04:13 1401856 ----a-w- c:\windows\system32\msxml6.dll
2010-03-13 04:13 . 2010-03-13 04:13 2048 ----a-w- c:\windows\system32\msxml3r.dll
2010-03-13 04:13 . 2010-03-13 04:13 2048 ----a-w- c:\windows\system32\msxml6r.dll
2010-03-13 04:12 . 2010-03-13 04:12 72704 ----a-w- c:\windows\system32\secur32.dll
2010-03-13 04:12 . 2010-03-13 04:12 439864 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2010-03-13 04:12 . 2010-03-13 04:12 218624 ----a-w- c:\windows\system32\msv1_0.dll
2010-03-13 04:12 . 2010-03-13 04:12 175104 ----a-w- c:\windows\system32\wdigest.dll
2010-03-13 04:12 . 2010-03-13 04:12 9728 ----a-w- c:\windows\system32\lsass.exe
2010-03-13 04:12 . 2010-03-13 04:12 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2010-03-13 04:11 . 2010-03-13 04:11 98816 ----a-w- c:\windows\system32\mfps.dll
2010-03-13 04:11 . 2010-03-13 04:11 53248 ----a-w- c:\windows\system32\rrinstaller.exe
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SansaDispatch"="c:\users\Kamil\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe" [2010-04-16 79872]
"Google Update"="c:\users\Kamil\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-04-24 136176]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-06-22 894248]
"RtHDVCpl"="RtHDVCpl.exe" [2007-07-06 4669440]
"Skytel"="Skytel.exe" [2007-06-15 1826816]
"NDSTray.exe"="NDSTray.exe" [BU]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-11 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-11 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-11 133656]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-05-06 2815192]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
"Toshiba TEMPRO"="c:\program files\Toshiba TEMPRO\TemproTray.exe" [2009-12-01 1045976]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-17 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-04-28 142120]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKLM\~\startupfolder\C:^Users^Kamil^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk]
path=c:\users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
backup=c:\windows\pss\OpenOffice.org 3.2.lnk.Startup
backupExtension=.Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-03-24 18:17 952768 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-04-04 05:42 36272 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
2009-11-15 09:42 33120 ----a-w- c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-04-28 13:06 142120 ----a-w- c:\program files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4]
2007-02-04 11:02 79400 ----a-w- c:\program files\ScanSoft\OmniPageSE4\OpWareSE4.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-03-17 19:53 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2006-10-25 08:03 210472 ----a-w- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba Registration]
2007-05-04 11:05 571024 ----a-w- c:\program files\TOSHIBA\Registration\ToshibaRegistration.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management]
2007-05-31 15:21 648072 ----a-w- c:\windows\WindowsMobile\wmdcBase.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(
:fc,84,dc,10,c2,c5,ca,01R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys [2009-01-29 6016]
R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys [2009-12-22 23552]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys [x]
S0 FO_PAnt;FotoOffice VirtualDisc Driver;c:\windows\System32\Drivers\FO_PAnt.sys [2003-07-17 89216]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-03-18 691696]
S1 aswSP;aswSP; [x]
S2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;c:\program files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [2007-12-06 660768]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-05-06 51792]
S2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files\Toshiba TEMPRO\TemproSvc.exe [2009-12-01 116176]
S3 RTL8187B;Realtek RTL8187B bezprzewodowe 802.11b/g 54Mbps USB 2.0 karta sieciowa ;c:\windows\system32\DRIVERS\RTL8187B.sys [2009-06-10 347648]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
Zawartość folderu 'Zaplanowane zadania'
2010-04-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3737781229-642290258-4140584057-1000Core.job
- c:\users\Kamil\AppData\Local\Google\Update\GoogleUpdate.exe [2010-04-24 09:23]
.
.
------- Skan uzupełniający -------
.
uInternet Settings,ProxyOverride = *.local
IE: {{76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.co...-44618-9400-3/4
IE: {{8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co...nk-21&site=home
FF - ProfilePath - c:\users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\zhin1k6j.default\
FF - prefs.js: browser.startup.homepage - about:blank
FF - plugin: c:\users\Kamil\AppData\Local\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX - SPOSÓB POSTĘPOWANIA ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
- - - - USUNIĘTO PUSTE WPISY - - - -
HKCU-Run-TOSCDSPD - TOSCDSPD.EXE
MSConfigStartUp-SunJavaUpdateSched - c:\program files\Java\jre6\bin\jusched.exe
**************************************************************************
skanowanie ukrytych procesów ...
skanowanie ukrytych wpisów autostartu ...
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
SansaDispatch = c:\users\Kamil\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe??s?k?\?S?a?n?s?a? ?U?p?d?a?t?e?r???tent-c?????Y??0S??????0???????/sansa
skanowanie ukrytych plików ...
skanowanie pomyślnie ukończone
ukryte pliki:
**************************************************************************
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
[HKEY_USERS\S-1-5-21-3737781229-642290258-4140584057-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:02,c8,fa,d8,06,a9,53,a6,ca,ba,d6,01,ea,8c,b2,a6,be,fc,c6,68,e1,f7,7f,
97,83,93,6c,8a,2e,f9,bf,62,b2,e0,19,54,90,9e,43,23,88,10,49,6b,56,f7,de,2e,\
"??"=hex:04,33,d3,1d,b0,d0,53,d3,28,d8,2d,b0,8d,f8,29,f0
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c:\program files\ATK Hotkey\ASLDRSrv.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\ATK Hotkey\Hcontrol.exe
c:\program files\ATK Hotkey\ATKOSD.exe
c:\windows\system32\agrsmsvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\windows\RtHDVCpl.exe
c:\program files\TOSHIBA\ConfigFree\NDSTray.exe
c:\program files\Alwil Software\Avast5\AvastUI.exe
c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\ehome\ehmsas.exe
c:\program files\TOSHIBA\ConfigFree\CFSwMgr.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Czas ukończenia: 2010-05-21 16:15:43 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt 2010-05-21 14:15
Przed: 77 772 767 232 bajtów wolnych
Po: 77 338 734 592 bajtów wolnych
Current=1 Default=1 Failed=0 LastKnownGood=10 Sets=1,2,3,4,5,6,7,8,9,10
- - End Of File - - C6E22F61C1723FAFB68AEA7706C8B7EC