TA STRONA UŻYWA COOKIE. Dowiedz się więcej o celu ich używania i zmianie ustawień cookie w przeglądarce. Korzystając ze strony wyrażasz zgodę na używanie cookie, zgodnie z aktualnymi ustawieniami przeglądarki.  [X]
Nick Data Język
dav4 01/04/2009 21:06:39 Plain Text

Użytkownik nie umieścił opisu

  1. ComboFix 09-03-27.02 - x 2009-04-01 21:56:09.3 - NTFSx86
  2. Microsoft Windows XP Professional  5.1.2600.3.1250.1.1045.18.2046.1358 [GMT 2:00]
  3. Uruchomiony z: f:\instalki\ComboFix.exe
  4. AV: Avira AntiVir PersonalEdition *On-access scanning disabled* (Updated)
  5. FW: COMODO Firewall *enabled*
  6. * Utworzono nowy punkt przywracania
  7.  
  8. UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !!
  9. .
  10. [i] ADS - system32: deleted 12 bytes in 1 streams. [/i]
  11.  
  12. (((((((((((((((((((((((((((((((((((((((  Usunięto  )))))))))))))))))))))))))))))))))))))))))))))))))
  13. .
  14.  
  15. c:\documents and settings\x\Ulubione\Cheap Pharmacy Online.url
  16. c:\documents and settings\x\Ulubione\Search Online.url
  17. c:\documents and settings\x\Ulubione\SMS TRAP.url
  18. c:\documents and settings\x\Ulubione\VIP Casino.url
  19. c:\program files\XPPoliceAntivirus
  20. c:\program files\XPPoliceAntivirus\setup.dat
  21. c:\windows\ios.dat
  22. c:\windows\system32\c.ico
  23. c:\windows\system32\m.ico
  24. c:\windows\system32\m3.ico
  25. c:\windows\system32\p.ico
  26. c:\windows\system32\s.ico
  27. c:\windows\system32\sf.ico
  28.  
  29. .
  30. (((((((((((((((((((((((((((((((((((((((  Sterowniki/Usługi  )))))))))))))))))))))))))))))))))))))))))))))))))
  31. .
  32.  
  33. -------\Service_PCIDump
  34.  
  35.  
  36. (((((((((((((((((((((((((  Pliki utworzone od 2009-03-01 do 2009-04-01  )))))))))))))))))))))))))))))))
  37. .
  38.  
  39. 2009-04-01 20:49 . 2009-04-01 20:59      155,384      --a------      c:\windows\system32\guard32.dll
  40. 2009-04-01 20:49 . 2009-04-01 20:59      110,992      --a------      c:\windows\system32\drivers\cmdguard.sys
  41. 2009-04-01 20:49 . 2009-04-01 20:59      24,336      --a------      c:\windows\system32\drivers\cmdhlp.sys
  42. 2009-04-01 20:48 . 2009-04-01 20:48      <DIR>      d--------      c:\program files\Avira
  43. 2009-04-01 20:48 . 2009-04-01 20:48      <DIR>      d--------      c:\documents and settings\All Users\Dane aplikacji\Avira
  44. 2009-03-29 20:11 . 2009-03-29 20:13      1,469,952      --a------      c:\documents and settings\x\Dane aplikacji\tsdnwin.dll
  45. 2009-03-29 20:09 . 2009-03-29 20:09      <DIR>      d--------      c:\program files\SAMSUNG
  46. 2009-03-28 21:15 . 2009-03-28 21:15      <DIR>      d--------      c:\program files\Eidos
  47. 2009-03-24 14:19 . 2009-03-24 14:19      304,160      --a------      C:\StiImg.dat
  48. 2009-03-24 13:02 . 2009-03-24 13:16      <DIR>      d--------      c:\program files\DVBSBridge
  49. 2009-03-24 12:42 . 2009-03-24 13:16      <DIR>      d--------      c:\program files\DVBViewer Pro
  50. 2009-03-23 14:44 . 2009-03-23 14:44      60      --a------      c:\windows\wininit.ini
  51. 2009-03-23 11:47 . 2009-03-23 11:48      <DIR>      d--------      c:\documents and settings\x\.VirtualBox
  52. 2009-03-23 11:46 . 2009-03-23 11:46      <DIR>      d--------      c:\program files\Sun
  53. 2009-03-23 11:46 . 2009-02-16 18:47      129,552      --a------      c:\windows\system32\VBoxNetFltNotify.dll
  54. 2009-03-23 11:46 . 2009-02-16 18:46      100,560      --a------      c:\windows\system32\drivers\VBoxDrv.sys
  55. 2009-03-23 11:46 . 2009-02-16 18:47      87,568      --a------      c:\windows\system32\drivers\VBoxNetFlt.sys
  56. 2009-03-22 14:01 . 2009-03-22 14:02      <DIR>      d--------      c:\documents and settings\Asia\Dane aplikacji\BESTplayer
  57. 2009-03-21 17:27 . 2009-03-23 14:48      <DIR>      d--------      c:\program files\Microsoft SQL Server
  58. 2009-03-21 17:20 . 2009-03-23 14:40      <DIR>      d--------      c:\program files\Team MediaPortal
  59. 2009-03-21 17:20 . 2009-03-23 14:40      <DIR>      d--------      c:\documents and settings\All Users\Dane aplikacji\Team MediaPortal
  60. 2009-03-20 17:22 . 2009-03-20 17:22      <DIR>      d--hs----      c:\documents and settings\Asia\IETldCache
  61. 2009-03-20 17:22 . 2009-03-20 17:22      <DIR>      d--------      c:\documents and settings\Asia\Dane aplikacji\Windows Desktop Search
  62. 2009-03-20 11:03 . 2009-03-20 11:03      <DIR>      d--hs----      c:\documents and settings\Gabi\IETldCache
  63. 2009-03-20 11:03 . 2009-03-20 11:03      <DIR>      d--------      c:\documents and settings\Gabi\Dane aplikacji\Windows Desktop Search
  64. 2009-03-19 21:58 . 2009-03-19 21:58      <DIR>      d--------      c:\documents and settings\x\Dane aplikacji\Windows Search
  65. 2009-03-19 21:30 . 2006-06-29 14:07      14,048      ---------      c:\windows\system32\spmsg2.dll
  66. 2009-03-19 21:26 . 2009-03-19 21:29      <DIR>      d--------      c:\windows\system32\XPSViewer
  67. 2009-03-19 21:26 . 2009-03-19 21:26      <DIR>      d--------      c:\program files\MSBuild
  68. 2009-03-19 21:25 . 2009-03-19 21:40      <DIR>      d--------      c:\windows\SxsCaPendDel
  69. 2009-03-19 21:25 . 2009-03-19 21:25      <DIR>      d--------      c:\program files\Reference Assemblies
  70. 2009-03-19 21:25 . 2009-03-19 21:25      <DIR>      d--------      C:\891b8eba00f2c95a240f
  71. 2009-03-19 21:25 . 2008-07-06 14:06      1,676,288      ---------      c:\windows\system32\xpssvcs.dll
  72. 2009-03-19 21:25 . 2008-07-06 14:06      1,676,288      -----c---      c:\windows\system32\dllcache\xpssvcs.dll
  73. 2009-03-19 21:25 . 2008-07-06 12:50      597,504      -----c---      c:\windows\system32\dllcache\printfilterpipelinesvc.exe
  74. 2009-03-19 21:25 . 2008-07-06 14:06      575,488      ---------      c:\windows\system32\xpsshhdr.dll
  75. 2009-03-19 21:25 . 2008-07-06 14:06      575,488      -----c---      c:\windows\system32\dllcache\xpsshhdr.dll
  76. 2009-03-19 21:25 . 2008-07-06 14:06      117,760      ---------      c:\windows\system32\prntvpt.dll
  77. 2009-03-19 21:25 . 2008-07-06 14:06      89,088      -----c---      c:\windows\system32\dllcache\filterpipelineprintproc.dll
  78. 2009-03-19 21:21 . 2009-03-19 21:21      <DIR>      d--------      c:\program files\Windows Desktop Search
  79. 2009-03-19 21:21 . 2009-03-19 21:21      <DIR>      d--------      c:\documents and settings\x\Dane aplikacji\Windows Desktop Search
  80. 2009-03-19 21:21 . 2009-03-19 21:21      <DIR>      d--hs----      c:\documents and settings\LocalService\IETldCache
  81. 2009-03-19 21:20 . 2009-03-19 21:20      <DIR>      d--------      c:\program files\Windows Media Connect 2
  82. 2009-03-19 21:19 . 2009-03-30 16:02      <DIR>      d--------      c:\windows\system32\drivers\UMDF
  83. 2009-03-19 20:24 . 2009-03-19 20:24      <DIR>      d--hs----      c:\documents and settings\x\IECompatCache
  84. 2009-03-19 20:23 . 2009-03-19 20:23      <DIR>      d--hs----      c:\documents and settings\x\PrivacIE
  85. 2009-03-19 20:22 . 2009-03-19 20:22      <DIR>      d--hs----      c:\documents and settings\x\IETldCache
  86. 2009-03-19 20:22 . 2009-03-19 20:22      <DIR>      d--hs----      c:\documents and settings\NetworkService\IETldCache
  87. 2009-03-19 20:18 . 2009-03-19 20:18      <DIR>      d--------      c:\windows\ie8updates
  88. 2009-03-19 20:16 . 2009-03-19 20:18      <DIR>      d--h-c---      c:\windows\ie8
  89. 2009-03-19 20:13 . 2009-02-28 06:55      105,984      -----c---      c:\windows\system32\dllcache\iecompat.dll
  90. 2009-03-18 12:28 . 2009-03-18 12:28      <DIR>      d--------      c:\documents and settings\x\Dane aplikacji\Media Player Classic
  91. 2009-03-18 12:24 . 2009-03-18 12:24      <DIR>      d--------      c:\program files\QT Lite
  92. 2009-03-18 12:24 . 2009-03-18 12:24      <DIR>      d--------      c:\documents and settings\All Users\Dane aplikacji\Apple Computer
  93. 2009-03-18 12:24 . 2009-01-05 17:18      90,112      --a------      c:\windows\system32\QuickTimeVR.qtx
  94. 2009-03-18 12:24 . 2009-01-05 17:18      57,344      --a------      c:\windows\system32\QuickTime.qts
  95. 2009-03-15 23:33 . 2006-02-08 23:17      17,920      --a------      c:\windows\system32\drivers\ts_lb.sys
  96. 2009-03-15 23:32 . 2009-03-22 11:23      <DIR>      d--------      c:\program files\CommView
  97. 2009-03-15 23:32 . 2006-04-29 01:31      12,800      --a------      c:\windows\system32\drivers\cv2k1.sys
  98. 2009-03-14 19:12 . 2009-03-14 19:12      <DIR>      d--------      c:\program files\Piechnat Soft
  99. 2009-03-14 19:12 . 2009-03-14 19:12      <DIR>      d--------      c:\documents and settings\x\Dane aplikacji\Piechnat Soft
  100. 2009-03-11 19:09 . 2009-04-01 21:59      200,513      --a------      c:\windows\system32\nvapps.xml
  101. 2009-03-11 19:08 . 2009-03-11 19:08      <DIR>      d--------      c:\windows\nview
  102. 2009-03-09 21:31 . 2009-03-09 21:31      <DIR>      d--------      c:\program files\Alcohol Soft
  103. 2009-03-09 21:31 . 2004-04-30 10:37      160,640      --a------      c:\windows\system32\drivers\a347bus.sys
  104. 2009-03-09 21:31 . 2004-04-30 10:33      5,248      --a------      c:\windows\system32\drivers\a347scsi.sys
  105. 2009-03-08 15:15 . 2009-03-08 15:15      1,294,336      ---------      c:\windows\system32\ieframe.dll.mui
  106. 2009-03-08 15:14 . 2009-03-08 15:14      53,248      ---------      c:\windows\system32\msrating.dll.mui
  107. 2009-03-08 15:14 . 2009-03-08 15:14      2,560      ---------      c:\windows\system32\mshta.exe.mui
  108. 2009-03-08 15:13 . 2009-03-08 15:13      4,096      ---------      c:\windows\system32\ie4uinit.exe.mui
  109. 2009-03-08 15:12 . 2009-03-08 15:12      81,920      ---------      c:\windows\system32\iedkcs32.dll.mui
  110. 2009-03-07 18:40 . 2009-03-12 21:20      <DIR>      d--------      c:\windows\system32\ivtMobCache
  111. 2009-03-07 01:19 . 2009-03-18 19:43      5,541      --a------      c:\windows\system32\SHORTCUT.INI
  112. 2009-03-06 17:26 . 2009-03-12 21:19      629      --a------      c:\windows\BsMobileModel.ini
  113. 2009-03-06 16:56 . 2009-03-26 20:30      654      --a------      c:\windows\system32\REMOTEDEVICE.INI
  114. 2009-03-06 16:55 . 2009-04-01 21:59      5,185      --a------      c:\windows\system32\LOCALSERVICE.INI
  115. 2009-03-06 16:55 . 2009-04-01 21:59      102      --a------      c:\windows\system32\LOCALDEVICE.INI
  116. 2009-03-06 16:53 . 2009-03-06 16:55      <DIR>      d--------      c:\windows\NV2004988.TMP
  117. 2009-03-06 16:51 . 2009-03-06 16:51      0      --a------      c:\windows\system32\BSPRINT.INI
  118. 2009-03-06 13:58 . 2009-03-06 16:45      <DIR>      d--------      c:\windows\NV38283684.TMP
  119. 2009-03-05 15:19 . 2009-03-05 15:19      <DIR>      d--------      c:\program files\AnalogX
  120. 2009-03-05 15:09 . 2009-03-05 23:41      <DIR>      d--------      c:\documents and settings\All Users\Dane aplikacji\Bluetooth
  121. 2009-03-05 15:08 . 2009-03-06 16:44      <DIR>      d--------      c:\program files\IVT Corporation
  122. 2009-03-05 15:07 . 2009-03-06 16:51      32      --a------      c:\windows\[u]0[/u]
  123. 2009-03-05 15:07 . 2009-03-05 15:07      0      --a------      c:\windows\system32\[u]0[/u]
  124. 2009-03-05 15:02 . 2008-04-14 01:16      37,888      --a------      c:\windows\system32\drivers\bthmodem.sys
  125. 2009-03-05 15:02 . 2008-04-14 01:16      37,888      --a--c---      c:\windows\system32\dllcache\bthmodem.sys
  126. 2009-03-05 14:53 . 2008-04-14 01:21      101,120      --a------      c:\windows\system32\drivers\bthpan.sys
  127. 2009-03-05 14:53 . 2008-04-14 01:21      101,120      --a--c---      c:\windows\system32\dllcache\bthpan.sys
  128. 2009-03-05 14:52 . 2008-04-14 23:51      152,064      --a------      c:\windows\system32\irftp.exe
  129. 2009-03-05 14:52 . 2008-04-14 23:51      152,064      --a--c---      c:\windows\system32\dllcache\irftp.exe
  130. 2009-03-05 14:52 . 2008-04-14 01:16      59,136      --a------      c:\windows\system32\drivers\rfcomm.sys
  131. 2009-03-05 14:52 . 2008-04-14 01:16      59,136      --a--c---      c:\windows\system32\dllcache\rfcomm.sys
  132. 2009-03-05 14:52 . 2008-04-14 23:50      28,672      --a------      c:\windows\system32\irmon.dll
  133. 2009-03-05 14:52 . 2008-04-14 23:50      28,672      --a--c---      c:\windows\system32\dllcache\irmon.dll
  134. 2009-03-05 14:52 . 2008-04-14 01:16      18,944      --a------      c:\windows\system32\drivers\BTHUSB.SYS
  135. 2009-03-05 14:52 . 2008-04-14 01:16      18,944      --a--c---      c:\windows\system32\dllcache\bthusb.sys
  136. 2009-03-05 14:52 . 2008-04-14 01:16      17,024      --a------      c:\windows\system32\drivers\BthEnum.sys
  137. 2009-03-05 14:52 . 2008-04-14 01:16      17,024      --a--c---      c:\windows\system32\dllcache\bthenum.sys
  138. 2009-03-05 14:52 . 2008-04-14 23:51      8,192      --a------      c:\windows\system32\wshirda.dll
  139. 2009-03-05 14:52 . 2008-04-14 23:51      8,192      --a--c---      c:\windows\system32\dllcache\wshirda.dll
  140. 2009-03-04 18:29 . 2009-03-04 18:29      <DIR>      d--------      c:\program files\SystemRequirementsLab
  141. 2009-03-04 18:29 . 2009-03-04 18:29      <DIR>      d--------      c:\documents and settings\x\SystemRequirementsLab
  142. 2009-03-04 17:02 . 2009-03-04 17:02      <DIR>      d--------      c:\documents and settings\Gabi\Dane aplikacji\BESTplayer
  143. 2009-03-04 14:17 . 2009-03-25 16:48      <DIR>      d--------      c:\documents and settings\x\Dane aplikacji\BESTplayer
  144. 2009-03-04 14:16 . 2009-03-04 14:17      1,213,952      --a------      c:\program files\BESTplayer.exe
  145. 2009-03-02 21:14 . 2009-03-02 21:14      <DIR>      d--------      C:\programs
  146. 2009-03-01 11:18 . 2009-03-01 11:18      <DIR>      d--------      c:\program files\MOBILedit!
  147.  
  148. .
  149. ((((((((((((((((((((((((((((((((((((((((  Sekcja Find3M  ))))))))))))))))))))))))))))))))))))))))))))))))))))
  150. .
  151. 2009-04-01 19:59      ---------      d-----w      c:\program files\AutoConnect
  152. 2009-04-01 19:19      ---------      d-----w      c:\program files\Mozilla Thunderbird
  153. 2009-04-01 19:06      ---------      d-----w      c:\documents and settings\x\Dane aplikacji\Skype
  154. 2009-04-01 19:05      ---------      d-----w      c:\documents and settings\x\Dane aplikacji\skypePM
  155. 2009-04-01 18:53      ---------      d-----w      c:\documents and settings\All Users\Dane aplikacji\comodo
  156. 2009-04-01 18:49      ---------      d-----w      c:\program files\COMODO
  157. 2009-04-01 18:49      ---------      d-----w      c:\documents and settings\x\Dane aplikacji\Comodo
  158. 2009-03-30 14:00      ---------      d-----w      c:\documents and settings\All Users\Dane aplikacji\PC Suite
  159. 2009-03-29 20:58      ---------      d-----w      c:\documents and settings\Asia\Dane aplikacji\Tlen.pl
  160. 2009-03-29 18:09      ---------      d--h--w      c:\program files\InstallShield Installation Information
  161. 2009-03-26 21:04      ---------      d-----w      c:\program files\EA GAMES
  162. 2009-03-25 14:57      ---------      d-----w      c:\program files\SpeedFan
  163. 2009-03-23 16:51      ---------      d-----w      c:\documents and settings\Gabi\Dane aplikacji\DAEMON Tools Pro
  164. 2009-03-23 12:47      ---------      d-----w      c:\program files\Microsoft.NET
  165. 2009-03-23 12:26      ---------      d-----w      c:\documents and settings\x\Dane aplikacji\Ahead
  166. 2009-03-19 09:40      ---------      d-----w      c:\documents and settings\x\Dane aplikacji\uTorrent
  167. 2009-03-18 18:02      ---------      d-----w      c:\documents and settings\x\Dane aplikacji\Nokia
  168. 2009-03-18 18:00      ---------      d-----w      c:\documents and settings\x\Dane aplikacji\PC Suite
  169. 2009-03-18 17:12      ---------      d-----w      c:\documents and settings\x\Dane aplikacji\Tlen.pl
  170. 2009-03-08 03:34      914,944      ----a-w      c:\windows\system32\wininet.dll
  171. 2009-03-08 03:34      43,008      ----a-w      c:\windows\system32\licmgr10.dll
  172. 2009-03-08 03:33      420,352      ----a-w      c:\windows\system32\vbscript.dll
  173. 2009-03-08 03:33      18,944      ----a-w      c:\windows\system32\corpol.dll
  174. 2009-03-08 03:32      72,704      ----a-w      c:\windows\system32\admparse.dll
  175. 2009-03-08 03:32      71,680      ----a-w      c:\windows\system32\iesetup.dll
  176. 2009-03-08 03:31      48,128      ----a-w      c:\windows\system32\mshtmler.dll
  177. 2009-03-08 03:31      45,568      ----a-w      c:\windows\system32\mshta.exe
  178. 2009-03-08 03:31      34,816      ----a-w      c:\windows\system32\imgutil.dll
  179. 2009-03-08 03:22      156,160      ----a-w      c:\windows\system32\msls31.dll
  180. 2009-03-07 14:35      ---------      d-----w      c:\program files\sXe Injected
  181. 2009-03-05 21:39      ---------      d-----w      c:\documents and settings\x\Dane aplikacji\Winamp
  182. 2009-03-05 21:18      ---------      d-----w      c:\program files\Winamp
  183. 2009-03-04 12:18      ---------      d-----w      c:\program files\ALLPlayer
  184. 2009-03-03 20:34      ---------      d-----w      c:\program files\NAPI-PROJEKT
  185. 2009-03-03 20:31      ---------      d-----w      c:\documents and settings\x\Dane aplikacji\DMCache
  186. 2009-03-02 18:31      ---------      d-----w      c:\documents and settings\x\Dane aplikacji\vlc
  187. 2009-02-28 19:45      ---------      d-----w      c:\program files\Google
  188. 2009-02-27 11:16      ---------      d-----w      c:\program files\Common Files\Wise Installation Wizard
  189. 2009-02-27 11:16      ---------      d-----w      c:\program files\AGEIA Technologies
  190. 2009-02-27 10:53      ---------      d-----w      c:\program files\Driver Cleaner
  191. 2009-02-27 10:13      16,608      ----a-w      c:\windows\gdrv.sys
  192. 2009-02-26 23:25      ---------      d-----w      c:\program files\RivaTuner v2.24
  193. 2009-02-26 20:43      ---------      d-----w      c:\documents and settings\Gabi\Dane aplikacji\Media Player Classic
  194. 2009-02-23 22:39      ---------      d-----w      c:\program files\Microsoft Bootvis
  195. 2009-02-23 16:22      ---------      d-----w      c:\program files\Debugging Tools for Windows (x86)
  196. 2009-02-23 13:27      ---------      d-----w      c:\documents and settings\Asia\Dane aplikacji\TrueCrypt
  197. 2009-02-22 19:32      ---------      d-----w      c:\program files\UltraISO
  198. 2009-02-22 19:32      ---------      d-----w      c:\program files\Common Files\EZB Systems
  199. 2009-02-22 14:26      ---------      d-----w      c:\documents and settings\x\Dane aplikacji\Disney Interactive Studios
  200. 2009-02-22 10:29      ---------      d-----w      c:\program files\Meetsoft
  201. 2009-02-22 10:24      ---------      d-----w      c:\program files\Runtime Software
  202. 2009-02-22 10:19      ---------      d-----w      c:\program files\PC Inspector File Recovery
  203. 2009-02-22 10:05      ---------      d-----w      c:\program files\R-Studio
  204. 2009-02-21 21:31      107,888      ----a-w      c:\windows\system32\CmdLineExt.dll
  205. 2009-02-21 20:51      ---------      d-----w      c:\program files\Internet Download Manager
  206. 2009-02-21 16:29      ---------      d-----w      c:\documents and settings\x\Dane aplikacji\IDM
  207. 2009-02-21 15:45      ---------      d-----w      c:\program files\MoorHunt
  208. 2009-02-21 12:31      ---------      d-----w      c:\program files\Microsoft Virtual PC
  209. 2009-02-21 11:26      ---------      d-----w      c:\program files\No-IP Client
  210. 2009-02-21 11:11      ---------      d-----w      c:\documents and settings\x\Dane aplikacji\TeamViewer
  211. 2009-02-20 19:32      ---------      d-----w      c:\documents and settings\Gabi\Dane aplikacji\Corel
  212. 2009-02-15 14:09      ---------      d-----w      c:\program files\NSS
  213. 2009-02-10 18:44      ---------      d-----w      c:\documents and settings\x\Dane aplikacji\FileZilla
  214. 2009-02-10 15:16      ---------      d-----w      c:\documents and settings\All Users\Dane aplikacji\Barbie Fashion Show
  215. 2009-02-10 15:15      ---------      d-----w      c:\program files\Barbie(TM)
  216. 2009-02-09 14:07      1,847,040      ------w      c:\windows\system32\win32k.sys
  217. 2009-02-09 12:18      453,152      ----a-w      c:\windows\system32\nvudisp.exe
  218. 2009-02-09 12:18      401,408      ----a-w      c:\windows\system32\nvcuvid.dll
  219. 2009-02-07 17:31      ---------      d-----w      c:\documents and settings\Asia\Dane aplikacji\EPSON
  220. 2009-02-07 13:20      ---------      d-----w      c:\documents and settings\Asia\Dane aplikacji\PC Suite
  221. 2009-02-06 19:01      28,760      ----a-w      c:\windows\system32\BsTrace.dll
  222. 2009-02-05 19:35      ---------      d-----w      c:\program files\Psi
  223. 2009-02-04 20:38      ---------      d-----w      c:\documents and settings\Gabi\Dane aplikacji\PC Suite
  224. 2009-02-04 18:33      ---------      d-----w      c:\program files\Nokia
  225. 2009-02-04 18:33      ---------      d-----w      c:\documents and settings\All Users\Dane aplikacji\Nokia
  226. 2009-02-04 18:23      ---------      d-----w      c:\program files\Common Files\Nokia
  227. 2009-02-04 18:22      ---------      d-----w      c:\documents and settings\All Users\Dane aplikacji\Installations
  228. 2009-02-04 17:22      0      ---ha-w      c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
  229. 2009-02-04 17:22      0      ---ha-w      c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
  230. 2009-02-04 17:14      ---------      d-----w      c:\program files\PC Connectivity Solution
  231. 2009-02-04 17:14      ---------      d-----w      c:\program files\DIFX
  232. 2009-02-04 17:14      ---------      d-----w      c:\program files\Common Files\PCSuite
  233. 2009-02-02 18:25      ---------      d-----w      c:\program files\Lonely Cat Games
  234. 2009-01-16 17:24      70,936      ----a-w      c:\windows\system32\PhysXLoader.dll
  235. 2009-01-14 18:39      472,576      ----a-w      c:\windows\Nvidia Omega Drivers v2.169.21 Uninstall.exe
  236. 2009-01-12 14:52      86,016      ----a-w      c:\windows\system32\OpenAL32.dll
  237. 2009-01-12 14:52      262,144      ----a-w      c:\windows\system32\wrap_oal.dll
  238. 2009-01-08 20:43      73,216      ----a-w      c:\windows\ST6UNST.EXE
  239. 2009-01-08 20:43      249,856      ------w      c:\windows\Setup1.exe
  240. 2009-01-07 17:21      26,144      ----a-w      c:\windows\system32\spupdsvc.exe
  241. 2009-01-07 17:20      265,720      ----a-w      c:\windows\system32\msdbg2.dll
  242. 2009-01-07 17:20      26,112      ----a-w      c:\windows\system32\idndl.dll
  243. 2009-01-07 17:20      24,576      ----a-w      c:\windows\system32\nlsdl.dll
  244. 2009-01-07 17:20      23,552      ----a-w      c:\windows\system32\normaliz.dll
  245. 2009-01-05 22:33      3,751,995      ----a-w      c:\windows\system32\GPhotos.scr
  246. 2008-12-22 16:54      32,768      --sha-w      c:\windows\system32\config\systemprofile\Ustawienia lokalne\Historia\History.IE5\MSHist012008122220081223\index.dat
  247. .
  248.  
  249. (((((((((((((((((((((((((((((((((((((  Wpisy startowe rejestru  ))))))))))))))))))))))))))))))))))))))))))))))))))
  250. .
  251. .
  252. *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane 
  253. REGEDIT4
  254.  
  255. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  256. "AutoConnect"="c:\program files\AutoConnect\AutoConnect.exe" [2004-08-28 295424]
  257. "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
  258.  
  259. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  260. "itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2008-06-10 1442888]
  261. "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2008-06-10 1406024]
  262. "BtTray"="c:\program files\IVT Corporation\BlueSoleil\BtTray.exe" [2008-08-04 226816]
  263. "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-08-24 13574144]
  264. "avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
  265. "COMODO Firewall Pro"="c:\program files\COMODO\Firewall\cfp.exe" [2009-04-01 1851128]
  266. "COMODO Internet Security"="c:\program files\COMODO\Firewall\cfp.exe" [2009-04-01 1851128]
  267. "BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 c:\windows\system32\bthprops.cpl]
  268.  
  269. [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
  270. "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
  271.  
  272. [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
  273. "nltide_2"="shell32" [X]
  274.  
  275. c:\documents and settings\Asia\Menu Start\Programy\Autostart\
  276. Girder3.lnk - c:\program files\girder32\Girder.exe [2003-06-11 1905152]
  277. taskmgr.lnk - c:\windows\system32\taskmgr.exe [2008-04-14 139776]
  278.  
  279. c:\documents and settings\Gabi\Menu Start\Programy\Autostart\
  280. Girder3.lnk - c:\program files\girder32\Girder.exe [2003-06-11 1905152]
  281.  
  282. c:\documents and settings\x\Menu Start\Programy\Autostart\
  283. Girder3.lnk - c:\program files\girder32\Girder.exe [2003-06-11 1905152]
  284. No-IP Client 1.42.lnk - c:\program files\No-IP Client\noipclient.exe [2009-02-21 571392]
  285.  
  286. [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
  287. "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]
  288.  
  289. [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
  290. "AppInit_DLLs"=
  291.  
  292. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
  293. @="Driver"
  294.  
  295. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]
  296. --a------ 2008-06-10 13:56 1406024 c:\program files\Microsoft IntelliPoint\ipoint.exe
  297.  
  298. [HKEY_LOCAL_MACHINE\software\microsoft\security center]
  299. "AntiVirusDisableNotify"=dword:00000001
  300. "UpdatesDisableNotify"=dword:00000001
  301.  
  302. [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
  303. "EnableFirewall"= 0 (0x0)
  304.  
  305. [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
  306. "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
  307. "%windir%\\system32\\sessmgr.exe"=
  308. "c:\\Program Files\\Tlen.pl\\tlen.exe"=
  309. "f:\\Download\\CS16_DiGiTALZONE-eVoluti0N-www.darkwarez.pl\\hl.exe"=
  310. "c:\\Program Files\\uTorrent\\uTorrent.exe"=
  311. "c:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"=
  312. "c:\\Program Files\\Java\\jre6\\launch4j-tmp\\JDownloader.exe"=
  313. "c:\\WINDOWS\\system32\\java.exe"=
  314. "f:\\USDownloader-Lite\\usdwonloader_by_NARUTOPL90\\USDownloader-Lite\\USDownloader.exe"=
  315. "c:\\Program Files\\Ubisoft\\Lost - Zagubieni\\Yeti_Final_Win32.exe"=
  316. "c:\\Program Files\\Ubisoft\\Lost - Zagubieni\\gu.exe"=
  317. "c:\\Program Files\\Ubisoft\\Lost - Zagubieni\\detection\\Launcher.exe"=
  318. "c:\\Program Files\\GIGABYTE\\@BIOS\\gwflash.exe"=
  319. "c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
  320. "f:\\Download\\USD\\Pure_Skullptura\\Pure.Multi-3.Full-Rip.Skullptura\\Pure\\Pure.exe"=
  321. "c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil_.exe"=
  322. "c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleilCS.exe"=
  323. "c:\\Program Files\\Skype\\Phone\\Skype.exe"=
  324.  
  325. R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [2008-07-31 20616]
  326. R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [2009-04-01 110992]
  327. R1 cmdHlp;COMODO Firewall Pro Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2009-04-01 24336]
  328. R1 ts_lb;ts_lb;c:\windows\system32\drivers\ts_lb.sys [2009-03-15 17920]
  329. R1 VBoxDrv;VirtualBox Service;c:\windows\system32\drivers\VBoxDrv.sys [2009-03-23 100560]
  330. R2 BsMobileCS;BsMobileCS;c:\program files\IVT Corporation\BlueSoleil\BsMobileCS.exe [2008-08-01 143467]
  331. R3 e4usbaw;USB ADSL2 WAN Adapter;c:\windows\system32\drivers\e4usbaw.sys [2008-12-23 116992]
  332. R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2008-07-02 26248]
  333. R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\drivers\VBoxNetFlt.sys [2009-03-23 87568]
  334. S2 gupdate1c983c09db15998;Google Update Service (gupdate1c983c09db15998);c:\program files\Google\Update\GoogleUpdate.exe [2009-01-31 133104]
  335. S2 IKANLOADER2;General Purpose USB Driver (e4ldr.sys);c:\windows\system32\drivers\e4ldr.sys [2008-12-23 64000]
  336. S3 CV2K1;CommView Network Monitor;c:\windows\system32\drivers\cv2k1.sys [2009-03-15 12800]
  337. S3 DVBSATUNER;DVB-S MCE Bridge Analog Tuner;c:\windows\system32\drivers\dvbsatuner.sys [2009-01-27 224816]
  338. S3 dvbsbridgecapture;DVB-S MCE Bridge Capture Device;c:\windows\system32\drivers\dvbsbridgecapture.sys [2009-01-27 17584]
  339. S3 DVBSBridgeTuner;DVB-S MCE Bridge Tuner Device;c:\windows\system32\drivers\dvbsbridgetuner.sys [2009-01-27 17584]
  340. S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2009-02-04 138112]
  341. S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2009-02-04 8320]
  342. S3 PAC207;SoC PC-Camer@;c:\windows\system32\drivers\pfc027.sys [2005-02-24 162176]
  343. S4 Keenfinder Service;Keenfinder Service;"c:\program files\Keenfinder\keenfinder.exe" "c:\program files\Keenfinder\keenfinder.dll" Service --> c:\program files\Keenfinder\keenfinder.exe [?]
  344.  
  345. [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
  346. "c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
  347. .
  348. Zawartość folderu 'Zaplanowane zadania'
  349.  
  350. 2009-04-01 c:\windows\Tasks\GoogleUpdateTaskMachine.job
  351. - c:\program files\Google\Update\GoogleUpdate.exe [2009-01-31 18:25]
  352.  
  353. 2009-04-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-1336601894-1177238915-1003.job
  354. - c:\documents and settings\x\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2009-02-18 18:45]
  355.  
  356. 2009-04-01 c:\windows\Tasks\User_Feed_Synchronization-{F30CFA57-88C4-4609-B2B0-8802C8F64DB2}.job
  357. - c:\windows\system32\msfeedssync.exe [2009-03-08 05:31]
  358. .
  359. .
  360. ------- Skan uzupełniający -------
  361. .
  362. IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
  363. IE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
  364. IE: Wyslij przez wiadomosc(&M)... - c:\program files\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm
  365. IE: Wyślij przez Bluetooth - c:\program files\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm
  366. IE: Ściągnij przez IDM - c:\program files\Internet Download Manager\IEExt.htm
  367. IE: Ściągnij wszystkie linki przez IDM - c:\program files\Internet Download Manager\IEGetAll.htm
  368. IE: Ściągnij zawartość wideo FLV przez IDM - c:\program files\Internet Download Manager\IEGetVL.htm
  369. TCP: {29043F6B-7263-43DF-B0EF-EEA5E1572414} = 217.116.100.65 79.163.127.70
  370. FF - ProfilePath - c:\documents and settings\x\Dane aplikacji\Mozilla\Firefox\Profiles\xdsdmiej.default\
  371. FF - prefs.js: browser.startup.homepage - hxxp://google.pl
  372. FF - prefs.js: network.proxy.type - 2
  373. FF - component: c:\documents and settings\x\Dane aplikacji\IDM\idmmzcc2\components\idmmzcc.dll
  374. FF - component: c:\documents and settings\x\Dane aplikacji\Mozilla\Firefox\Profiles\xdsdmiej.default\extensions\piclens@cooliris.com\components\coolirisstub.dll
  375. FF - plugin: c:\documents and settings\x\Ustawienia lokalne\Dane aplikacji\Google\Update\1.2.141.5\npGoogleOneClick7.dll
  376. FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
  377. FF - plugin: c:\program files\Google\Update\1.2.141.5\npGoogleOneClick7.dll
  378. FF - plugin: c:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
  379. FF - plugin: c:\program files\Opera\program\plugins\npFoxitReaderPlugin.dll
  380. FF - plugin: c:\program files\Opera\program\plugins\nppl3260.dll
  381. FF - plugin: c:\program files\Opera\program\plugins\nprpjplug.dll
  382. .
  383.  
  384. **************************************************************************
  385.  
  386. catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
  387. Rootkit scan 2009-04-01 21:59:57
  388. Windows 5.1.2600 Dodatek Service Pack 3 NTFS
  389.  
  390. detected NTDLL code modification:
  391. ZwClose, ZwOpenFile
  392.  
  393. skanowanie ukrytych procesów ... 
  394.  
  395. skanowanie ukrytych wpisów autostartu ...
  396.  
  397. skanowanie ukrytych plików ... 
  398.  
  399. skanowanie pomyślnie ukończone
  400. ukryte pliki: 0
  401.  
  402. **************************************************************************
  403. .
  404. --------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------
  405.  
  406. - - - - - - - > 'winlogon.exe'(1752)
  407. c:\windows\system32\guard32.dll
  408.  
  409. - - - - - - - > 'lsass.exe'(1820)
  410. c:\windows\system32\guard32.dll
  411. .
  412. ------------------------ Pozostałe uruchomione procesy ------------------------
  413. .
  414. c:\program files\COMODO\Firewall\cmdagent.exe
  415. c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe
  416. c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe
  417. c:\program files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
  418. c:\documents and settings\All Users\Dane aplikacji\EPSON\EPW!3 SSRP\E_S40RP7.EXE
  419. c:\program files\Java\jre6\bin\jqs.exe
  420. c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
  421. c:\windows\system32\nvsvc32.exe
  422. c:\windows\system32\PAStiSvc.exe
  423. c:\windows\system32\searchindexer.exe
  424. c:\program files\IVT Corporation\BlueSoleil\BsHelpCS.exe
  425. c:\windows\system32\wbem\wmiapsrv.exe
  426. c:\windows\system32\rundll32.exe
  427. .
  428. **************************************************************************
  429. .
  430. Czas ukończenia: 2009-04-01 22:01:22 - komputer został uruchomiony ponownie
  431. ComboFix-quarantined-files.txt  2009-04-01 20:01:19
  432. ComboFix2.txt  2009-02-08 18:33:48
  433.  
  434. Przed: 53 632 630 784 bajtów wolnych
  435. Po: 53,667,631,104 bajtów wolnych
  436.  
  437. 395
  438.