x-kom hosting

Proszę o sprawdzenie loga combofixa

zafir
utworzono
utworzono (edytowane)
ComboFix 09-05-17.08 - jacek 2009-05-18 20:45.1 - NTFSx86Microsoft® Windows Vista™ Home Basic   6.0.6001.1.1250.48.1045.18.3069.2166 [GMT 2:00]Uruchomiony z: D:\ComboFix.exeAV: avast! antivirus 4.8.1229 [VPS 090518-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}SP: avast! antivirus 4.8.1229 [VPS 090518-0] *enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}.(((((((((((((((((((((((((((((((((((((((   Usunięto   ))))))))))))))))))))))))))))))))))))))))))))))))).c:\windows\struct~.inic:\windows\system32\AutoRun.inf.(((((((((((((((((((((((((   Pliki utworzone od 2009-04-18 do 2009-05-18  ))))))))))))))))))))))))))))))).2009-05-14 21:12 . 2009-05-14 21:12	--------	d-----w	c:\users\jacek\AppData\Local\Real2009-05-14 21:11 . 2009-05-14 21:11	--------	d-----w	c:\program files\Common Files\xing shared2009-05-02 08:52 . 2009-05-02 09:25	--------	d-----w	c:\users\jacek\AppData\Local\Microsoft Games.((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   )))))))))))))))))))))))))))))))))))))))))))))))))))).2009-05-18 18:48 . 2008-08-19 22:01	662056	----a-w	c:\windows\system32\perfh015.dat2009-05-18 18:48 . 2008-08-19 22:01	126908	----a-w	c:\windows\system32\perfc015.dat2009-05-18 18:38 . 2008-10-24 09:16	12	----a-w	c:\windows\bthservsdp.dat2009-05-14 21:11 . 2008-08-20 20:12	--------	d-----w	c:\program files\Common Files\Real2009-05-14 21:10 . 2008-08-19 12:51	--------	d-----w	c:\program files\Google2009-05-13 15:56 . 2006-11-02 11:18	--------	d-----w	c:\program files\Windows Mail2009-04-17 17:52 . 2009-04-17 16:20	--------	d-----w	c:\program files\Pity 20082009-04-17 16:19 . 2009-04-17 16:18	8655283	----a-w	C:\instaluj_pity2008.exe2009-04-10 02:39 . 2009-03-25 20:48	--------	d-----w	c:\program files\XTB-Trader 4 Contest2009-03-17 03:38 . 2009-04-16 07:37	13824	----a-w	c:\windows\system32\apilogen.dll2009-03-17 03:38 . 2009-04-16 07:37	24064	----a-w	c:\windows\system32\amxread.dll2009-03-03 04:46 . 2009-04-16 07:37	3599328	----a-w	c:\windows\system32\ntkrnlpa.exe2009-03-03 04:46 . 2009-04-16 07:37	3547632	----a-w	c:\windows\system32\ntoskrnl.exe2009-03-03 04:40 . 2009-04-16 07:36	827392	----a-w	c:\windows\system32\wininet.dll2009-03-03 04:39 . 2009-04-16 07:37	183296	----a-w	c:\windows\system32\sdohlp.dll2009-03-03 04:39 . 2009-04-16 07:37	551424	----a-w	c:\windows\system32\rpcss.dll2009-03-03 04:39 . 2009-04-16 07:37	26112	----a-w	c:\windows\system32\printfilterpipelineprxy.dll2009-03-03 04:37 . 2009-04-16 07:36	78336	----a-w	c:\windows\system32\ieencode.dll2009-03-03 04:37 . 2009-04-16 07:37	98304	----a-w	c:\windows\system32\iasrecst.dll2009-03-03 04:37 . 2009-04-16 07:37	54784	----a-w	c:\windows\system32\iasads.dll2009-03-03 04:37 . 2009-04-16 07:37	44032	----a-w	c:\windows\system32\iasdatastore.dll2009-03-03 03:04 . 2009-04-16 07:37	666624	----a-w	c:\windows\system32\printfilterpipelinesvc.exe2009-03-03 02:38 . 2009-04-16 07:37	17408	----a-w	c:\windows\system32\iashost.exe2009-03-03 02:28 . 2009-04-16 07:36	26624	----a-w	c:\windows\system32\ieUnatt.exe2008-08-29 08:57 . 2006-11-02 12:48	174	--sha-w	c:\program files\desktop.ini.(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))..*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]"Gadu-Gadu"="c:\program files\Gadu-Gadu\gg.exe" [2008-03-20 2127296]"PcSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2005-06-24 860160]"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-03-10 39408]"CollaborationHost"="c:\windows\system32\p2phost.exe" [2008-01-19 192000][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-05-14 198160][HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"EnableLUA"= 0 (0x0)"EnableUIADesktopToggle"= 0 (0x0)[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]"{314ACBDF-323A-45D2-9A38-3E5615E0F40A}"= c:\program files\Skype\Phone\Skype.exe:Skype"{90136F0A-8378-4B1F-BA5C-B0521DEE1D43}"= UDP:c:\program files\Pinnacle\VideoSpin\Programs\RM.exe:Render Manager"{9F2111CA-69FC-490B-A6E5-3010AC9DC615}"= TCP:c:\program files\Pinnacle\VideoSpin\Programs\RM.exe:Render Manager"{C9E67825-2387-4FF9-83DE-2AC342835277}"= UDP:c:\program files\Pinnacle\VideoSpin\Programs\PMSRegisterFile.exe:PMSRegisterFile"{A86753AB-80B2-4ACE-A051-7F515D8C8AC1}"= TCP:c:\program files\Pinnacle\VideoSpin\Programs\PMSRegisterFile.exe:PMSRegisterFile"{E7769E1E-1C9D-41A4-A348-91D783B0B71D}"= UDP:c:\program files\Pinnacle\VideoSpin\Programs\umi.exe:umi"{1D7E79F4-AEA9-4237-91AC-6D2AFA8CC8C9}"= TCP:c:\program files\Pinnacle\VideoSpin\Programs\umi.exe:umi"{FF39779B-F8DF-4667-8C86-9CE2F47E9783}"= UDP:c:\program files\Pinnacle\VideoSpin\Programs\VideoSpin.exe:Pinnacle VideoSpin"{8A494032-8381-4E64-8834-782DC3225AED}"= TCP:c:\program files\Pinnacle\VideoSpin\Programs\VideoSpin.exe:Pinnacle VideoSpin"TCP Query User{E5179DD2-D2A3-4358-81E2-0CA813FAE893}c:\\program files\\wlite\\wlite.exe"= UDP:c:\program files\wlite\wlite.exe:webcamXP"UDP Query User{A3B473BA-15DD-4991-BB15-EA6613836016}c:\\program files\\wlite\\wlite.exe"= TCP:c:\program files\wlite\wlite.exe:webcamXP"TCP Query User{2E21C5F0-8236-4B44-9C72-A710344C9226}c:\\program files\\sopcast\\adv\\sopadver.exe"= UDP:c:\program files\sopcast\adv\sopadver.exe:SopCast Adver"UDP Query User{2E87B06A-4BB6-4A8B-A50B-2BBA7FD116AB}c:\\program files\\sopcast\\adv\\sopadver.exe"= TCP:c:\program files\sopcast\adv\sopadver.exe:SopCast Adver"TCP Query User{F522886C-4EC5-4273-8315-F19AFB07915D}c:\\program files\\sopcast\\sopcast.exe"= UDP:c:\program files\sopcast\sopcast.exe:SopCast Main Application"UDP Query User{877689C4-9168-4083-8FA0-1E51AADF25BB}c:\\program files\\sopcast\\sopcast.exe"= TCP:c:\program files\sopcast\sopcast.exe:SopCast Main Application"TCP Query User{1FFFCB15-F70F-4E84-A159-839D517746D8}c:\\program files\\ahead\\nero showtime\\showtime.exe"= UDP:c:\program files\ahead\nero showtime\showtime.exe:Nero ShowTime"UDP Query User{B5ACF205-B2C1-4BE8-94FA-867D683CDEC8}c:\\program files\\ahead\\nero showtime\\showtime.exe"= TCP:c:\program files\ahead\nero showtime\showtime.exe:Nero ShowTime"TCP Query User{88897E7B-040F-4A03-9436-2D1C19CCE9D2}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer"UDP Query User{A945D7CC-046B-4840-B5A4-9DDAC39F3030}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer"{22B72CF2-FA7A-41E3-A6C8-07EE7E139C2C}"= UDP:c:\windows\System32\LMabcoms.exe:Lexmark Enhanced TCP/IP"{8D67869B-CBD4-4C6A-8C99-F6EBF047CE9D}"= TCP:c:\windows\System32\LMabcoms.exe:Lexmark Enhanced TCP/IP"TCP Query User{10C6D8F7-77AE-4B97-A977-981AED7EA196}c:\\program files\\huawei technologies\\huawei umts data card\\huawei mobile connect.exe"= UDP:c:\program files\huawei technologies\huawei umts data card\huawei mobile connect.exe:HUAWEI Mobile Connect"UDP Query User{F734B6DE-122B-4F3D-A939-5580A1643249}c:\\program files\\huawei technologies\\huawei umts data card\\huawei mobile connect.exe"= TCP:c:\program files\huawei technologies\huawei umts data card\huawei mobile connect.exe:HUAWEI Mobile Connect"TCP Query User{39122395-5908-4D62-92BD-7AF80F27BDDD}c:\\program files\\gadu-gadu\\gg.exe"= UDP:c:\program files\gadu-gadu\gg.exe:Gadu-Gadu - program główny"UDP Query User{1A56F32B-70D0-4037-8E82-C60FE62BF42B}c:\\program files\\gadu-gadu\\gg.exe"= TCP:c:\program files\gadu-gadu\gg.exe:Gadu-Gadu - program główny"TCP Query User{1A3960AB-E937-4C40-9DC7-32BA2AC40441}c:\\program files\\capturix videospy\\cvse.exe"= UDP:c:\program files\capturix videospy\cvse.exe:Digital Video Surveillance System"UDP Query User{5256A6BC-B45B-4250-8540-F7FCA808667E}c:\\program files\\capturix videospy\\cvse.exe"= TCP:c:\program files\capturix videospy\cvse.exe:Digital Video Surveillance System"TCP Query User{EAE1136D-CAAA-4118-ADD8-D0169A1575AB}c:\\program files\\capturix videospy\\cvse2.exe"= UDP:c:\program files\capturix videospy\cvse2.exe:cvse2"UDP Query User{044F5EE4-0C5F-4C4A-8877-0513F5FDE94D}c:\\program files\\capturix videospy\\cvse2.exe"= TCP:c:\program files\capturix videospy\cvse2.exe:cvse2"TCP Query User{6CD44E4D-84FD-4590-974B-8A47A611A092}c:\\program files\\u-broadcast\\ubroadcast.exe"= UDP:c:\program files\u-broadcast\ubroadcast.exe:UBroadcast"UDP Query User{FD47980D-BC0B-4CD7-93AC-0B67E39BB5FF}c:\\program files\\u-broadcast\\ubroadcast.exe"= TCP:c:\program files\u-broadcast\ubroadcast.exe:UBroadcast"TCP Query User{381CDD62-8CB2-482D-8845-97D47519C5B8}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox"UDP Query User{45253356-B568-4F2A-B9AB-006045493B54}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox"TCP Query User{E02AED52-5553-4773-AF23-5D6FAF503046}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule"UDP Query User{326A21C6-4086-4960-97AB-91E2985E7BA4}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule"TCP Query User{A6495BC7-DB82-4BCD-959C-CB0AEEDCA97C}c:\\program files\\electronic arts\\eadm\\core.exe"= UDP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager"UDP Query User{B1202C0C-FC7E-4A10-B15E-5DBC6D0D4051}c:\\program files\\electronic arts\\eadm\\core.exe"= TCP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager"TCP Query User{BB688820-8722-4676-86C0-977B25144099}c:\\program files\\tartel\\tartel.exe"= UDP:c:\program files\tartel\tartel.exe:TARTEL"UDP Query User{BBA18631-FD58-4014-B03F-4F07BC0C6D7C}c:\\program files\\tartel\\tartel.exe"= TCP:c:\program files\tartel\tartel.exe:TARTELR0 WPXT;WinPcap Packet Driver (WPXT);c:\windows\System32\drivers\wpxt.sys [2008-09-25 35328]R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [2008-08-19 78416]R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [2008-08-19 20560]R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [2008-08-19 51280]R2 GtDetectSc;GtDetectSc;c:\program files\Option\GlobeTrotter Connect\GtDetectSc.exe [2007-12-18 196704]R3 b57nd60x;%SvcDispName%;c:\windows\System32\drivers\b57nd60x.sys [2008-08-28 179712]R3 GTPTSER;GT PT SER;c:\windows\System32\drivers\gtptser.sys [2008-09-25 8064]R3 GTUQBUS;GT UQ BUS;c:\windows\System32\drivers\gtuqbus.sys [2008-09-25 37120]S2 gupdate1c9d4d84f5384de;Usługa Google Update (gupdate1c9d4d84f5384de);c:\program files\Google\Update\GoogleUpdate.exe [2009-05-14 133104][HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]LocalServiceNoNetwork	REG_MULTI_SZ   	PLA DPS BFE mpssvcWindowsMobile	REG_MULTI_SZ   	wcescomm rapimgrLocalServiceRestricted	REG_MULTI_SZ   	WcesComm RapiMgrbthsvcs	REG_MULTI_SZ   	BthServHPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12.Zawartość folderu 'Zaplanowane zadania'2009-05-18 c:\windows\Tasks\GoogleUpdateTaskMachine.job- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-14 21:09].- - - - USUNIĘTO PUSTE WPISY - - - -HKCU-Run-TARTEL - (no file).------- Skan uzupełniający -------.uStart Page = hxxp://www.daemon-search.com/startpageLSP: bmnet.dllTCP: {D184F61E-B3A9-4E27-A602-2B83BEFF2F22} = 208.67.222.222,208.67.222.220Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dllFF - ProfilePath - c:\users\jacek\AppData\Roaming\Mozilla\Firefox\Profiles\rdlubwr2.default\FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=FF - prefs.js: browser.search.selectedEngine - GoogleFF - prefs.js: browser.startup.homepage - hxxp://wp.plFF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dllFF - plugin: c:\program files\Google\Update\1.2.145.5\npGoogleOneClick8.dllFF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll.**************************************************************************catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2009-05-18 20:52Windows 6.0.6001 Service Pack 1 NTFSskanowanie ukrytych procesów ...  skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ...  skanowanie pomyślnie ukończoneukryte pliki: 0**************************************************************************.--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*]"ThreadingModel"="Apartment"@="c:\\Windows\\system32\\OLE32.DLL""cd042efbbd7f7af1647644e76e06692b"=hex:c8,28,51,af,b0,29,a3,98,d4,27,d8,b4,1f,   d8,53,cf,c8,28,51,af,b0,29,a3,98,f2,75,da,fb,78,7b,17,b9,e2,63,26,f1,3f,c8,\[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*]"ThreadingModel"="Apartment"@="c:\\Windows\\system32\\OLE32.DLL""bca643cdc5c2726b20d2ecedcc62c59b"=hex:6a,9c,d6,61,af,45,84,18,5b,63,4c,04,ae,   2c,55,2e,71,3b,04,66,8b,46,0d,96,d2,36,34,b4,32,6e,8e,ce,6a,9c,d6,61,af,45,\[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*]"ThreadingModel"="Apartment"@="c:\\Windows\\system32\\OLE32.DLL""2c81e34222e8052573023a60d06dd016"=hex:ff,7c,85,e0,43,d4,0e,fe,87,ee,4a,09,a6,   43,38,2d,25,da,ec,7e,55,20,c9,26,a1,28,7e,96,34,3e,4b,d1,ff,7c,85,e0,43,d4,\[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*]"ThreadingModel"="Apartment"@="c:\\Windows\\system32\\OLE32.DLL""2582ae41fb52324423be06337561aa48"=hex:86,8c,21,01,be,91,eb,e7,21,09,f1,e1,01,   36,41,6d,3e,1e,9e,e0,57,5a,93,61,00,e5,fd,5d,5a,fa,06,5d,86,8c,21,01,be,91,\[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*]"ThreadingModel"="Apartment"@="c:\\Windows\\system32\\OLE32.DLL""caaeda5fd7a9ed7697d9686d4b818472"=hex:e9,02,6c,fa,fb,1d,47,57,79,6b,af,90,fb,   e2,08,8e,cd,44,cd,b9,a6,33,6c,cd,17,5d,40,16,bc,94,31,6b,f5,1d,4d,73,a8,13,\[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*]"ThreadingModel"="Apartment"@="c:\\Windows\\system32\\OLE32.DLL""a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:b0,18,ed,a7,3f,8d,37,a4,fd,a1,63,1a,10,   5b,48,fa,b0,18,ed,a7,3f,8d,37,a4,14,e5,11,9a,cc,a8,c0,64,df,20,58,62,78,6b,\[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*]"ThreadingModel"="Apartment"@="c:\\Windows\\system32\\OLE32.DLL""4d370831d2c43cd13623e232fed27b7b"=hex:31,77,e1,ba,b1,f8,68,02,3a,6c,d8,04,0d,   b6,30,9a,31,77,e1,ba,b1,f8,68,02,b7,5a,09,76,fa,70,d9,da,fb,a7,78,e6,12,2f,\[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*]"ThreadingModel"="Apartment"@="c:\\Windows\\system32\\OLE32.DLL""1d68fe701cdea33e477eb204b76f993d"=hex:83,6c,56,8b,a0,85,96,ab,cf,ef,72,5c,15,   79,ae,aa,83,6c,56,8b,a0,85,96,ab,16,72,3f,df,09,39,b9,79,01,3a,48,fc,e8,04,\[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*]"ThreadingModel"="Apartment"@="c:\\Windows\\system32\\OLE32.DLL""1fac81b91d8e3c5aa4b0a51804d844a3"=hex:51,fa,6e,91,28,9e,14,cc,38,dd,c3,2d,98,   79,fd,a1,51,fa,6e,91,28,9e,14,cc,b1,1d,0f,ba,a8,5c,e5,47,f6,0f,4e,58,98,5b,\[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*]"ThreadingModel"="Apartment"@="c:\\Windows\\system32\\OLE32.DLL""f5f62a6129303efb32fbe080bb27835b"=hex:3d,ce,ea,26,2d,45,aa,78,6f,63,cd,29,bb,   84,18,1d,b1,cd,45,5a,a8,c4,f8,b9,9a,23,b2,5c,e5,69,19,8c,3d,ce,ea,26,2d,45,\[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*]"ThreadingModel"="Apartment"@="c:\\Windows\\system32\\OLE32.DLL""fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:f8,31,0f,a9,5f,a0,ec,fb,a3,57,93,45,f2,   25,73,ce,e3,0e,66,d5,eb,bc,2f,6b,28,f5,bf,7d,e3,93,85,8f,2a,b7,cc,b5,b9,7f,\[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*]"ThreadingModel"="Apartment"@="c:\\Windows\\system32\\OLE32.DLL""8a8aec57dd6508a385616fbc86791ec2"=hex:6c,43,2d,1e,aa,22,2f,9c,3a,fc,a8,8f,04,   14,0d,aa,fa,ea,66,7f,d4,3b,6b,70,48,d8,d3,a9,c1,4c,37,60,6c,43,2d,1e,aa,22,\[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\[u]0[/u]000\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\[u]0[/u]001\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\[u]0[/u]002\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\[u]0[/u]003\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\[u]0[/u]004\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\[u]0[/u]005\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)@SACL="BlindDial"=dword:00000000.--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------- - - - - - - > 'lsass.exe'(696)c:\windows\system32\bmnet.dll.Czas ukończenia: 2009-05-18 20:55ComboFix-quarantined-files.txt  2009-05-18 18:55Przed: 8 442 122 240 bajtów wolnychPo: 12 415 152 128 bajtów wolnych251	--- E O F ---	2009-05-15 00:05

Gość
komentarz
komentarz

Czysto.

.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.