TA STRONA UŻYWA COOKIE. Dowiedz się więcej o celu ich używania i zmianie ustawień cookie w przeglądarce. Korzystając ze strony wyrażasz zgodę na używanie cookie, zgodnie z aktualnymi ustawieniami przeglądarki.  [X]
Nick Data Język
czebrys 25/04/2011 13:45:36 Plain Text

log combofix

  1. ComboFix 11-04-24.06 - Gaba 2011-04-25  14:19:12.1.3 - x64
  2. Microsoft Windows 7 Ultimate  6.1.7600.0.1250.48.1045.18.4095.2705 [GMT 2:00]
  3. Uruchomiony z: c:\users\Gaba\Desktop\ComboFix.exe
  4. SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  5. * Utworzono nowy punkt przywracania
  6. .
  7. .
  8. (((((((((((((((((((((((((((((((((((((((  Usunięto  )))))))))))))))))))))))))))))))))))))))))))))))))
  9. .
  10. .
  11. c:\users\Gaba\AppData\Roaming\EurekaLog
  12. c:\users\Gaba\AppData\Roaming\EurekaLog\EurekaLog.ini
  13. c:\windows\system32\systemcpl.dll
  14. c:\windows\SysWow64\arp.exe
  15. c:\windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
  16. c:\windows\system32\arp.exe . . . . nie udało się usunąć
  17. .
  18. .
  19. (((((((((((((((((((((((((((((((((((((((  Sterowniki/Usługi  )))))))))))))))))))))))))))))))))))))))))))))))))
  20. .
  21. .
  22. -------\Service_Copyright (C) 1997-2008 Mark Russinovich
  23. -------\Service_Handle v3.42
  24. -------\Service_sidebar.exe        pid: 384      D0: c:\program files\Windows Sidebar\sidebar.exe
  25. -------\Service_Sysinternals - www.sysinternals.com
  26. .
  27. .
  28. (((((((((((((((((((((((((  Pliki utworzone od 2011-03-25 do 2011-04-25  )))))))))))))))))))))))))))))))
  29. .
  30. .
  31. 2011-04-25 12:34 . 2011-04-25 12:34      --------      d-----w-      c:\users\Default\AppData\Local\temp
  32. 2011-04-24 19:48 . 2011-04-24 19:48      106496      --sha-r-      c:\windows\SysWow64\yv12vfws.dll
  33. 2011-04-24 19:41 . 2010-09-07 14:52      121936      ----a-w-      c:\windows\system32\drivers\aswSP.sys
  34. 2011-04-24 19:41 . 2010-09-07 14:47      20048      ----a-w-      c:\windows\system32\drivers\aswFsBlk.sys
  35. 2011-04-24 19:41 . 2010-09-07 14:54      472656      ----a-w-      c:\windows\system32\drivers\aswSnx.sys
  36. 2011-04-24 19:41 . 2010-09-07 14:54      125520      ----a-w-      c:\windows\system32\drivers\aswFW.sys
  37. 2011-04-24 19:41 . 2010-09-07 14:53      250448      ----a-w-      c:\windows\system32\drivers\aswNdis2.sys
  38. 2011-04-24 19:41 . 2010-09-07 14:52      51280      ----a-w-      c:\windows\system32\drivers\aswTdi.sys
  39. 2011-04-24 19:41 . 2010-09-07 14:47      28752      ----a-w-      c:\windows\system32\drivers\aswRdr.sys
  40. 2011-04-24 19:41 . 2010-09-07 14:47      61008      ----a-w-      c:\windows\system32\drivers\aswMonFlt.sys
  41. 2011-04-24 19:41 . 2010-09-07 15:12      38848      ----a-w-      c:\windows\avastSS.scr
  42. 2011-04-24 19:41 . 2010-09-07 15:11      167592      ----a-w-      c:\windows\SysWow64\aswBoot.exe
  43. 2011-04-24 19:41 . 2010-09-07 14:24      12368      ----a-w-      c:\windows\system32\drivers\aswNdis.sys
  44. 2011-04-24 18:31 . 2011-04-24 18:31      --------      d-----w-      c:\users\Gaba\AppData\Local\{B8F28E4C-33A4-4A5C-8C4E-956909A98FB6}
  45. 2011-04-24 18:28 . 2011-04-24 18:28      --------      d-----w-      c:\program files\Google
  46. 2011-04-24 18:28 . 2011-04-24 18:28      --------      d-----w-      c:\programdata\Google Updater
  47. 2011-04-24 18:28 . 2011-04-24 18:28      --------      d-----w-      c:\program files (x86)\Google
  48. 2011-04-24 14:20 . 2011-04-24 14:20      --------      d-----w-      c:\users\Gaba\AppData\Local\{6D24519C-31AD-4D8C-B347-ED40F3D40397}
  49. 2011-04-23 20:34 . 2011-04-23 20:34      --------      d-----w-      c:\users\Gaba\AppData\Local\{4C0C9573-D60D-49CA-B752-1A07E6595613}
  50. 2011-04-23 08:54 . 2011-04-11 08:21      8802128      ----a-w-      c:\programdata\Microsoft\Windows Defender\Definition Updates\{BCA4FD80-451E-407B-BC08-09DD61B83C96}\mpengine.dll
  51. 2011-04-23 08:26 . 2011-04-23 08:26      --------      d-----w-      c:\users\Gaba\AppData\Local\{C5E1C2DA-7FAA-46CA-87EA-5B3732D38E97}
  52. 2011-04-22 18:59 . 2011-04-22 18:59      --------      d-----w-      c:\users\Gaba\AppData\Local\{2547AEBB-A13E-4E2F-8308-23F742C38697}
  53. 2011-04-22 13:56 . 2011-04-22 13:56      --------      d-----w-      c:\users\Gaba\AppData\Local\{BD986621-F6CC-4841-9953-D8479A70CAD9}
  54. 2011-04-22 11:56 . 2011-04-22 11:56      --------      d-----w-      c:\users\Gaba\AppData\Local\{85380845-A3EB-4ED0-A078-B8FED99269CC}
  55. 2011-04-21 18:07 . 2011-04-21 18:07      --------      d-----w-      c:\users\Gaba\AppData\Local\{8E497C4D-2B8B-479F-9107-C390EF93711A}
  56. 2011-04-21 10:32 . 2011-04-21 10:32      --------      d-----w-      c:\users\Gaba\AppData\Local\{ABF4FE08-3859-4292-B828-D7AF7FBE0D96}
  57. 2011-04-21 10:04 . 2011-04-21 10:04      --------      d-----w-      c:\users\Gaba\AppData\Local\{E6292C06-0A20-4C72-82C5-38D543654CAD}
  58. 2011-04-20 09:34 . 2011-04-20 09:34      --------      d-----w-      c:\users\Gaba\AppData\Local\{57DD2739-9DBA-4F22-B70F-8F42BEF44B28}
  59. 2011-04-19 19:07 . 2011-04-19 19:07      178800      ----a-w-      c:\windows\SysWow64\CmdLineExt_x64.dll
  60. 2011-04-19 19:01 . 2011-04-19 19:06      --------      d-----w-      c:\programdata\Solidshield
  61. 2011-04-19 18:57 . 2011-04-19 18:57      --------      d-----w-      c:\program files (x86)\SimBin
  62. 2011-04-19 18:57 . 2011-04-25 11:31      --------      d-----w-      c:\program files (x86)\Steam
  63. 2011-04-19 14:15 . 2011-04-19 14:15      --------      d-----w-      c:\users\Gaba\AppData\Local\{698E4A7E-C663-48BD-B3F7-618CD6E12406}
  64. 2011-04-18 15:30 . 2011-04-18 15:30      --------      d-----w-      c:\users\Gaba\AppData\Local\{CC8E732E-7B34-49A6-BA7F-7DAED08F540C}
  65. 2011-04-17 13:12 . 2011-04-17 13:13      --------      d-----w-      c:\users\Gaba\AppData\Local\{BC96D22D-BFCF-442A-A4D4-6EBB62B94924}
  66. 2011-04-16 11:40 . 2011-04-16 11:41      --------      d-----w-      c:\users\Gaba\AppData\Local\{918A9E5C-E103-4DD3-BBFC-1C7AC38EB245}
  67. 2011-04-15 18:19 . 2011-04-15 18:19      --------      d-----w-      c:\users\Gaba\AppData\Local\{36CF44C4-3574-4991-BA70-BD2072B7D76E}
  68. 2011-04-12 20:43 . 2011-04-12 20:43      --------      d-----w-      c:\users\Gaba\AppData\Local\{7AC6CDC2-BD45-4DA5-BCBB-9A3DCB7E1FEE}
  69. 2011-04-12 20:21 . 2011-04-12 20:21      --------      d-----w-      c:\users\Gaba\AppData\Local\{295B1C3A-60E0-49A5-A096-FA89481FC493}
  70. 2011-04-12 14:31 . 2011-04-12 14:31      --------      d-----w-      c:\users\Gaba\AppData\Local\{E1C0423D-5CF1-4966-A08F-D7D2C3F221EB}
  71. 2011-04-11 12:21 . 2011-04-11 12:21      --------      d-----w-      c:\users\Gaba\AppData\Local\{3382EE39-A0D5-4482-A2D9-B3577E700472}
  72. 2011-04-10 16:24 . 2011-04-10 17:23      --------      d-----w-      c:\programdata\TrackMania
  73. 2011-04-10 08:41 . 2011-04-10 08:41      --------      d-----w-      c:\users\Gaba\AppData\Local\{602E4F2A-251F-4604-9AF2-5474791810F3}
  74. 2011-04-09 14:28 . 2011-04-09 14:31      --------      d-----w-      c:\program files (x86)\Sony Ericsson
  75. 2011-04-09 09:36 . 2011-04-09 09:36      --------      d-----w-      c:\users\Gaba\AppData\Local\{5C20983E-1DD9-4160-8F73-13085A8F32D4}
  76. 2011-04-08 13:12 . 2011-04-08 13:12      --------      d-----w-      c:\users\Gaba\AppData\Local\{73F35D03-CE10-441A-8C86-97EF9FE708E6}
  77. 2011-04-07 19:59 . 2011-04-07 19:59      --------      d-----w-      c:\users\Gaba\AppData\Local\{DF1D2309-3CBE-44A4-B688-1F7867ED7D7B}
  78. 2011-04-07 18:03 . 2011-04-07 18:03      --------      d-----w-      c:\users\Gaba\AppData\Local\{DFF1BBAD-5827-4556-B089-09156A8E7169}
  79. 2011-04-07 16:42 . 2011-04-07 16:42      --------      d-----w-      c:\users\Gaba\AppData\Local\{19B1F871-3047-4B3B-A910-C3E3CF676E34}
  80. 2011-04-06 13:10 . 2011-04-06 13:10      --------      d-----w-      c:\users\Gaba\AppData\Local\Apps
  81. 2011-04-06 09:44 . 2011-04-06 09:44      --------      d-----w-      c:\users\Gaba\AppData\Local\{79150F12-D471-4860-9C6B-6D61CEFC5AE3}
  82. 2011-04-05 13:53 . 2011-04-05 13:53      --------      d-----w-      c:\users\Gaba\AppData\Local\{44530127-712F-426A-8B33-0088CF9DB5A9}
  83. 2011-04-04 19:29 . 2011-04-04 19:29      --------      d-----w-      c:\windows\system32\appmgmt
  84. 2011-04-04 17:19 . 2011-04-04 17:19      --------      d-----w-      c:\users\Gaba\AppData\Local\{28BFE66D-4B75-4195-8361-44966D8D0C64}
  85. 2011-04-04 13:16 . 2011-04-04 13:16      --------      d-----w-      c:\users\Gaba\AppData\Local\{B8063B4E-EA35-40E3-BFE6-F19E54B9DE94}
  86. 2011-04-03 11:32 . 2011-04-03 11:33      --------      d-----w-      c:\users\Gaba\AppData\Local\{95B4A0C5-5224-4A83-83D7-15A2BEB7793E}
  87. 2011-04-02 20:47 . 2011-04-02 20:47      --------      d-----w-      c:\users\Gaba\AppData\Local\{D530408C-2ABA-4834-80AF-E5A868FB337E}
  88. 2011-04-02 12:14 . 2011-04-02 12:14      --------      d-----w-      c:\program files (x86)\Common Files\Steam
  89. 2011-04-02 11:05 . 2011-04-02 11:05      --------      d-----w-      c:\users\Gaba\AppData\Local\{85945C78-E733-434C-92C3-63EEA5335F61}
  90. 2011-04-01 13:11 . 2011-04-01 13:11      --------      d-----w-      c:\users\Gaba\AppData\Local\{99B30CE2-906B-4C22-B1EC-107639BDE662}
  91. 2011-03-31 13:31 . 2011-03-31 13:31      --------      d-----w-      c:\users\Gaba\AppData\Local\{4066F57B-5F43-4D2B-A885-7CA0FE8FEC9A}
  92. 2011-03-30 20:39 . 2011-03-30 20:39      --------      d-----w-      c:\windows\Sun
  93. 2011-03-30 13:34 . 2011-03-30 13:34      --------      d-----w-      c:\users\Gaba\AppData\Local\{0A56494B-78F4-424B-B8F2-525D004497C9}
  94. 2011-03-29 19:25 . 2011-03-29 19:25      --------      d-----w-      c:\users\Gaba\AppData\Roaming\Leadertech
  95. 2011-03-29 19:21 . 2011-03-29 19:21      --------      d-----w-      c:\program files (x86)\EA Sports
  96. 2011-03-29 15:55 . 2011-03-29 15:55      --------      d-----w-      c:\users\Gaba\AppData\Local\{19E60566-C207-4ADD-8E54-F07991FE9B82}
  97. 2011-03-28 16:56 . 2011-03-28 16:56      --------      d-----w-      c:\users\Gaba\AppData\Local\{BB079A7E-86B1-48A1-A7AC-345050AD8F53}
  98. 2011-03-27 20:13 . 2011-03-27 20:13      --------      d-----w-      c:\users\Gaba\AppData\Local\{8DC947F2-FA0B-40CE-AFE0-82ED96EF0207}
  99. 2011-03-26 22:20 . 2011-03-26 22:20      --------      d-----w-      c:\users\Gaba\AppData\Local\{5D713049-5589-4607-BFAB-9D6E9D6A566B}
  100. .
  101. .
  102. .
  103. ((((((((((((((((((((((((((((((((((((((((  Sekcja Find3M  ))))))))))))))))))))))))))))))))))))))))))))))))))))
  104. .
  105. 2011-03-23 20:22 . 2011-03-23 20:22      472808      ----a-w-      c:\windows\SysWow64\deployJava1.dll
  106. 2011-03-20 16:24 . 2010-06-24 10:33      18328      ----a-w-      c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
  107. 2011-03-19 17:02 . 2011-03-19 17:02      2048      ----a-w-      c:\windows\SysWow64\winver.exe
  108. 2011-03-19 17:02 . 2011-03-19 17:02      833024      ----a-w-      c:\windows\SysWow64\user32.dll
  109. 2011-03-19 17:02 . 2011-03-19 17:02      410624      ----a-w-      c:\windows\SysWow64\systemcpl.dll
  110. 2011-03-19 17:02 . 2011-03-19 17:02      1536      ----a-w-      c:\windows\SysWow64\sppcomapi.dll
  111. 2011-03-19 17:02 . 2011-03-19 17:02      113543      ----a-w-      c:\windows\SysWow64\slmgr.vbs
  112. 2011-02-19 06:37 . 2011-03-24 15:35      1135104      ----a-w-      c:\windows\system32\FntCache.dll
  113. 2011-02-19 06:37 . 2011-03-24 15:35      1540608      ----a-w-      c:\windows\system32\DWrite.dll
  114. 2011-02-19 06:36 . 2011-03-24 15:35      902656      ----a-w-      c:\windows\system32\d2d1.dll
  115. 2011-02-19 05:32 . 2011-03-24 15:35      1074176      ----a-w-      c:\windows\SysWow64\DWrite.dll
  116. 2011-02-19 05:32 . 2011-03-24 15:35      739840      ----a-w-      c:\windows\SysWow64\d2d1.dll
  117. 2011-02-02 16:11 . 2011-03-20 15:51      270720      ------w-      c:\windows\system32\MpSigStub.exe
  118. 2011-01-26 06:53 . 2011-03-20 16:44      982912      ----a-w-      c:\windows\system32\drivers\dxgkrnl.sys
  119. 2011-01-26 06:53 . 2011-03-20 16:44      265088      ----a-w-      c:\windows\system32\drivers\dxgmms1.sys
  120. 2011-01-26 06:31 . 2011-03-20 16:44      144384      ----a-w-      c:\windows\system32\cdd.dll
  121. .
  122. .
  123. ------- Sigcheck -------
  124. .
  125. [7] 2009-07-14 . 72D7B3EA16946E8F0CF7458150031CC6 . 1008640 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
  126. [-] 2009-07-14 . E573BD9AB55C8E333C202B9E255F972E . 1008640 . . [6.1.7600.16385] .. c:\windows\system32\user32.dll
  127. .
  128. [-] 2011-03-19 . 2C9CC9F492CA596B1B9FC1AE5E916356 . 833024 . . [6.1.7600.16385] .. c:\windows\SysWOW64\user32.dll
  129. [7] 2009-07-14 . E8B0FFC209E504CB7E79FC24E6C085F0 . 833024 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
  130. .
  131. (((((((((((((((((((((((((((((((((((((  Wpisy startowe rejestru  ))))))))))))))))))))))))))))))))))))))))))))))))))
  132. .
  133. .
  134. *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane 
  135. REGEDIT4
  136. .
  137. [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\snxPluginsShell]
  138. @="{F4B3B0AA-13D1-4a36-BDA2-2055B0F3D5DE}"
  139. [HKEY_CLASSES_ROOT\CLSID\{F4B3B0AA-13D1-4a36-BDA2-2055B0F3D5DE}]
  140. 2010-09-07 15:14      152160      ----a-w-      c:\program files\Alwil Software\Avast5\snxPlugins.dll
  141. .
  142. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  143. "GAINWARD"="c:\program files (x86)\EXPERTool\TBPanel.exe" [2010-09-02 2181744]
  144. "RSD_HDDThermo"="c:\program files (x86)\HDD Thermometer\HDD Thermometer.exe" [2004-05-30 213504]
  145. "AQQ"="c:\progra~2\WapSter\WAPSTE~1\AQQ.exe" [2011-04-07 8882688]
  146. "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
  147. .
  148. [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
  149. "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
  150. .
  151. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
  152. "ConsentPromptBehaviorAdmin"= 0 (0x0)
  153. "ConsentPromptBehaviorUser"= 3 (0x3)
  154. "EnableLUA"= 0 (0x0)
  155. "EnableUIADesktopToggle"= 0 (0x0)
  156. "PromptOnSecureDesktop"= 0 (0x0)
  157. .
  158. [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
  159. "mixer3"=wdmaud.drv
  160. .
  161. [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
  162. Security Packages      REG_MULTI_SZ        kerberos msv1_0 schannel wdigest tspkg pku2u livessp
  163. .
  164. R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
  165. R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
  166. R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-03-22 1038088]
  167. R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [x]
  168. R3 PPJoyBus;Parallel Port Joystick Bus Enumerator;c:\windows\system32\DRIVERS\PPJoyBus64.sys [x]
  169. R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
  170. S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys [x]
  171. S0 aswNdis2;avast! Firewall Core Firewall Service; [x]
  172. S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
  173. S1 aswFW;avast! TDI Firewall driver; [x]
  174. S1 aswSnx;aswSnx; [x]
  175. S1 aswSP;aswSP; [x]
  176. S2 aswFsBlk;aswFsBlk; [x]
  177. S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
  178. S2 avast! Firewall;avast! Firewall;c:\program files\Alwil Software\Avast5\afwServ.exe [2010-09-07 119200]
  179. S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-08 369256]
  180. S3 ALSysIO;ALSysIO;c:\users\Gaba\AppData\Local\Temp\ALSysIO64.sys [x]
  181. S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
  182. S3 RTL8023x64;Sterownik Realtek 10/100 NIC Family NDIS x64;c:\windows\system32\DRIVERS\Rtnic64.sys [x]
  183. S3 RTL8167;Sterownik Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
  184. .
  185. .
  186. Zawartość folderu 'Zaplanowane zadania'
  187. .
  188. 2011-04-25 c:\windows\Tasks\Google Software Updater.job
  189. - c:\program files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-04-24 18:28]
  190. .
  191. .
  192. --------- x86-64 -----------
  193. .
  194. .
  195. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\snxPluginsShell]
  196. @="{F4B3B0AA-13D1-4a36-BDA2-2055B0F3D5DE}"
  197. [HKEY_CLASSES_ROOT\CLSID\{F4B3B0AA-13D1-4a36-BDA2-2055B0F3D5DE}]
  198. 2010-09-07 15:11      176904      ----a-w-      c:\program files\Alwil Software\Avast5\snxPlugins64.dll
  199. .
  200. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
  201. "LoadAppInit_DLLs"=0x0
  202. .
  203. ------- Skan uzupełniający -------
  204. .
  205. uLocal Page = c:\windows\system32\blank.htm
  206. mLocal Page = c:\windows\SysWOW64\blank.htm
  207. IE: E&ksportuj do programu Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
  208. FF - ProfilePath - c:\users\Gaba\AppData\Roaming\Mozilla\Firefox\Profiles\po2pfaze.default\
  209. FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
  210. FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
  211. .
  212. - - - - USUNIĘTO PUSTE WPISY - - - -
  213. .
  214. AddRemove-HijackThis - c:\users\Gaba\AppData\Local\Temp\Rar$EX00.144\HijackThis.exe
  215. .
  216. .
  217. "ServiceDll"="%SystemRoot%\System32\shsvcs.dll"
  218. .
  219. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\sidebar.exe        pid: 384      D0: C:]
  220. .
  221. --------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
  222. .
  223. [HKEY_USERS\S-1-5-21-571771290-69305783-3511181310-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
  224. @Denied: (2) (LocalSystem)
  225. "Progid"="WindowsLiveMail.Email.1"
  226. .
  227. [HKEY_USERS\S-1-5-21-571771290-69305783-3511181310-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
  228. @Denied: (2) (LocalSystem)
  229. "Progid"="WindowsLiveMail.VCard.1"
  230. .
  231. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
  232. @Denied: (A 2) (Everyone)
  233. @="FlashBroker"
  234. "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe,-101"
  235. .
  236. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
  237. "Enabled"=dword:00000001
  238. .
  239. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
  240. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe"
  241. .
  242. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
  243. @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
  244. .
  245. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
  246. @Denied: (A 2) (Everyone)
  247. @="Shockwave Flash Object"
  248. .
  249. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
  250. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx"
  251. "ThreadingModel"="Apartment"
  252. .
  253. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
  254. @="0"
  255. .
  256. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
  257. @="ShockwaveFlash.ShockwaveFlash.10"
  258. .
  259. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
  260. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx, 1"
  261. .
  262. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
  263. @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
  264. .
  265. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
  266. @="1.0"
  267. .
  268. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
  269. @="ShockwaveFlash.ShockwaveFlash"
  270. .
  271. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
  272. @Denied: (A 2) (Everyone)
  273. @="Macromedia Flash Factory Object"
  274. .
  275. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
  276. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx"
  277. "ThreadingModel"="Apartment"
  278. .
  279. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
  280. @="FlashFactory.FlashFactory.1"
  281. .
  282. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
  283. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx, 1"
  284. .
  285. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
  286. @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
  287. .
  288. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
  289. @="1.0"
  290. .
  291. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
  292. @="FlashFactory.FlashFactory"
  293. .
  294. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
  295. @Denied: (A 2) (Everyone)
  296. @="IFlashBroker4"
  297. .
  298. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
  299. @="{00020424-0000-0000-C000-000000000046}"
  300. .
  301. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
  302. @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
  303. "Version"="1.0"
  304. .
  305. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
  306. @Denied: (Full) (Everyone)
  307. .
  308. ------------------------ Pozostałe uruchomione procesy ------------------------
  309. .
  310. c:\program files\Alwil Software\Avast5\AvastSvc.exe
  311. c:\windows\SysWOW64\rundll32.exe
  312. .
  313. **************************************************************************
  314. .
  315. Czas ukończenia: 2011-04-25  14:42:59 - komputer został uruchomiony ponownie
  316. ComboFix-quarantined-files.txt  2011-04-25 12:42
  317. .
  318. Przed: 49 652 101 120 bajtów wolnych
  319. Po: 49 576 325 120 bajtów wolnych
  320. .
  321. - - End Of File - - 44B5BF428B4ED8AE2343AC4FB90F8809
  322.