x-kom hosting

logi do sprawdzenia. bardzo bym prosil

shonpenp
utworzono
utworzono

zamieszczam logi z hi jack i combo fix czy mozecie sprawdzic co jest nie tak?dzieki za pomoc

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 21:17:05, on 2008-12-11

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Windows Defender\MSASCui.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Apoint\Apoint.exe

C:\Program Files\Sony\ISB Utility\ISBMgr.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Sony\Marketing Tools\MarketingTools.exe

C:\Program Files\PowerISO\PWRISOVM.EXE

C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe

C:\Program Files\McAfee.com\Agent\mcagent.exe

C:\Program Files\Search Settings\SearchSettings.exe

C:\Program Files\Sony\Network Utility\LANUtil.exe

C:\Program Files\Gadu-Gadu\gg.exe

C:\Users\KALiSz\AppData\Local\Temp\yyy9547.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe

C:\Program Files\DesktopEarth\DesktopEarth.exe

C:\Program Files\WordWeb\wweb32.exe

C:\Windows\System32\mobsync.exe

C:\Program Files\Apoint\ApMsgFwd.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program Files\Apoint\Apntex.exe

C:\Program Files\Common Files\Teleca Shared\Generic.exe

C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe

C:\Windows\system32\conime.exe

C:\Windows\system32\ctfmon.exe

C:\Program Files\Internet Explorer\ieuser.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\KALiSz\AppData\Local\Temp\~tmpe.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll

O1 - Hosts: ::1 localhost

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll

O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll

O3 - Toolbar: (no name) - {37B85A29-692B-4205-9CAD-2626E4993404} - (no file)

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [iSBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [MarketingTools] C:\Program Files\Sony\Marketing Tools\MarketingTools.exe

O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE

O4 - HKLM\..\Run: [bearShare] "C:\Program Files\BearShare\BearShare.exe" /pause

O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions

O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe

O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey

O4 - HKLM\..\Run: [searchSettings] C:\Program Files\Search Settings\SearchSettings.exe

O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart

O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter

O4 - HKCU\..\Run: [NSUFloatingUI] "C:\Program Files\Sony\Network Utility\LANUtil.exe"

O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray

O4 - HKCU\..\Run: [Cognac] C:\Users\KALiSz\AppData\Local\Temp\~tmpb.exe

O4 - HKCU\..\Run: [MSFox] C:\Users\KALiSz\AppData\Local\Temp\yyy9547.exe

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - Startup: DesktopEarth AutoStart.lnk = ?

O4 - Startup: Registration Heroes of Might & Magic 5.LNK = C:\Program Files\Ubisoft\Heroes of Might and Magic V\registration\RegistrationReminder.exe

O4 - Startup: WordWeb.lnk = C:\Program Files\WordWeb\wweb32.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O13 - Gopher Prefix:

O16 - DPF: {18506D80-9B80-11D4-82C2-0080C8D7ED4A} (GameDesire Roulette) - http://download.gamedesire.com/g_bin/pl/ro...te_2_0_0_27.cab

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

O23 - Service: Google Desktop Manager 5.7.801.7324 (GoogleDesktopManager-010708-104812) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe

O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe

O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe

O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe

O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe

O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe

O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe

O23 - Service: NSUService - Sony Corporation - C:\Program Files\Sony\Network Utility\NSUService.exe

O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe

O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe

O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDms.exe

O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDs.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe

O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe

O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe

O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe

O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe

O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--

End of file - 11821 bytes

oraz log z combo fix

ComboFix 08-12-11.06 - KALiSz 2009-01-13 14:46:14.3 - NTFSx86

Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1250.1.1033.18.1141 [GMT 0:00]

Uruchomiony z: c:\kalisz\Programsy\ComboFix.exe

* Resident AV is active

.

- TRYB ZREDUKOWANEJ FUNKCJONALNOŚCI -

.

((((((((((((((((((((((((( Pliki utworzone od 2008-12-13 do 2009-01-13 )))))))))))))))))))))))))))))))

.

2009-01-13 01:52 . 2009-01-13 01:52 <DIR> d-------- c:\users\KALiSz\AppData\Roaming\Yahoo!

2009-01-13 01:52 . 2009-01-13 01:52 <DIR> d-------- c:\program files\FLV Player

2009-01-13 00:04 . 2009-01-13 00:04 <DIR> d-------- c:\users\KALiSz\AppData\Roaming\CBL-Electronics

2009-01-12 22:28 . 2009-01-12 22:28 <DIR> d-------- c:\users\All Users\CBL-Electronics

2009-01-12 22:28 . 2009-01-12 22:28 <DIR> d-------- c:\programdata\CBL-Electronics

2009-01-12 21:21 . 2009-01-12 21:21 <DIR> d-------- c:\users\KALiSz\AppData\Roaming\COWON

2009-01-12 21:20 . 2009-01-12 21:20 <DIR> d-------- c:\program files\JetAudio

2009-01-12 21:20 . 2009-01-12 21:20 <DIR> d-------- c:\program files\Common Files\COWON

2009-01-12 16:30 . 2009-01-12 16:30 <DIR> d-------- c:\program files\Common Files\Stardock

2009-01-12 16:09 . 2009-01-12 16:09 <DIR> d-------- c:\users\KALiSz\AppData\Roaming\IObit

2009-01-12 16:09 . 2009-01-12 16:09 <DIR> d-------- c:\program files\IObit

2009-01-12 15:51 . 2009-01-12 15:51 <DIR> d-------- c:\users\KALiSz\AppData\Roaming\PeerNetworking

2009-01-11 03:33 . 2009-01-11 03:33 29 --a------ c:\windows\.wb4

2009-01-11 03:31 . 2009-01-12 16:30 <DIR> d-------- c:\program files\Stardock

2009-01-11 03:31 . 2008-04-26 16:14 58,792 --a------ c:\windows\System32\wbload.dll

2009-01-11 03:31 . 2008-04-26 16:14 42,672 --a------ c:\windows\System32\wbsys.dll

2009-01-11 03:18 . 2009-01-11 03:18 <DIR> d-------- c:\users\KALiSz\AppData\Roaming\Media Player Classic

2009-01-11 03:16 . 2009-01-11 03:16 <DIR> d-------- c:\program files\K-Lite Codec Pack

2009-01-11 02:10 . 2009-01-11 02:10 <DIR> d-------- c:\users\KALiSz\AppData\Roaming\dvdcss

2009-01-11 02:08 . 2009-01-11 02:11 <DIR> d-------- c:\users\KALiSz\AppData\Roaming\vlc

2009-01-11 02:06 . 2009-01-11 02:06 <DIR> d-------- c:\program files\VideoLAN

2009-01-10 19:03 . 2009-01-10 19:03 <DIR> d-------- c:\program files\Common Files\Digidesign

2009-01-10 19:02 . 2009-01-10 19:02 <DIR> d-------- c:\program files\Steinberg

2009-01-10 19:02 . 2009-01-10 19:02 <DIR> d-------- c:\program files\Common Files\Native Instruments

2009-01-09 21:41 . 2009-01-09 21:41 <DIR> d-------- c:\program files\NAPI-PROJEKT

2009-01-04 16:52 . 2009-01-04 16:52 <DIR> d-------- c:\users\KALiSz\AppData\Roaming\GHISLER

2009-01-04 16:52 . 2009-01-04 16:52 <DIR> d-------- C:\totalcmd

2009-01-04 16:52 . 2008-08-08 07:04 545 --a------ c:\windows\UC.PIF

2009-01-04 16:52 . 2008-08-08 07:04 545 --a------ c:\windows\RAR.PIF

2009-01-04 16:52 . 2008-08-08 07:04 545 --a------ c:\windows\PKZIP.PIF

2009-01-04 16:52 . 2008-08-08 07:04 545 --a------ c:\windows\PKUNZIP.PIF

2009-01-04 16:52 . 2008-08-08 07:04 545 --a------ c:\windows\NOCLOSE.PIF

2009-01-04 16:52 . 2008-08-08 07:04 545 --a------ c:\windows\LHA.PIF

2009-01-04 16:52 . 2008-08-08 07:04 545 --a------ c:\windows\ARJ.PIF

2008-12-30 21:50 . 2008-12-30 21:51 <DIR> d-------- c:\users\KALiSz\AppData\Roaming\Ableton

2008-12-30 21:50 . 2003-06-20 12:28 1,777,664 --a------ c:\windows\System32\gdiplus.dll

2008-12-19 21:10 . 2008-12-19 21:10 <DIR> d-------- c:\program files\FreeCall.com

2008-12-17 20:17 . 2008-12-19 20:40 <DIR> d-------- c:\program files\Poker.co.uk

2008-12-15 12:34 . 2008-12-19 21:19 <DIR> d-------- c:\users\KALiSz\AppData\Roaming\FreeCall

2008-12-14 17:43 . 2009-01-13 03:57 <DIR> d-------- c:\program files\Yahoo!

2008-12-14 17:43 . 2008-12-14 17:44 <DIR> d-------- c:\program files\CCleaner

.

(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-01-13 05:02 --------- d-----w c:\users\KALiSz\AppData\Roaming\BitTorrent

2009-01-13 03:48 --------- d-----w c:\program files\BearShare

2009-01-12 21:20 --------- d--h--w c:\program files\InstallShield Installation Information

2009-01-12 20:09 --------- d-----w c:\programdata\Google Updater

2009-01-12 19:52 2,560 ----a-w c:\windows\_MSRSTRT.EXE

2009-01-12 15:36 63,366 ----a-w c:\users\KALiSz\AppData\Roaming\nvModes.dat

2009-01-12 06:33 --------- d-----w c:\users\KALiSz\AppData\Roaming\Skype

2009-01-12 06:30 --------- d-----w c:\users\KALiSz\AppData\Roaming\skypePM

2009-01-11 03:19 --------- d-----w c:\program files\MarBit

2009-01-11 02:26 --------- d-----w c:\program files\DivX

2009-01-11 00:43 --------- d-----w c:\program files\SubEdit-Player

2009-01-10 14:50 --------- d-----w c:\program files\Google

2008-12-30 21:56 --------- d-----w c:\program files\Native Instruments

2008-12-22 15:58 --------- d-----w c:\program files\Winamp

2008-12-19 20:27 --------- d-----w c:\users\KALiSz\AppData\Roaming\Teleca

2008-12-19 20:27 --------- d-----w c:\program files\Common Files\Teleca Shared

2008-12-12 19:03 --------- d-----w c:\program files\Malwarebytes' Anti-Malware

2008-12-12 19:01 --------- d-----w c:\users\KALiSz\AppData\Roaming\Malwarebytes

2008-12-12 19:01 --------- d-----w c:\programdata\Malwarebytes

2008-12-11 21:16 --------- d-----w c:\program files\Trend Micro

2008-12-11 20:39 --------- d-----w c:\program files\Windows Mail

2008-12-11 19:20 --------- d-----w c:\programdata\Lavasoft

2008-12-11 19:16 --------- d-----w c:\program files\Lavasoft

2008-12-11 19:15 --------- d-----w c:\program files\Common Files\Wise Installation Wizard

2008-12-11 18:39 --------- d-----w c:\program files\Picasa2

2008-12-11 00:05 --------- d---a-w c:\programdata\TEMP

2008-12-10 16:38 --------- d-----w c:\users\KALiSz\AppData\Roaming\Command & Conquer 3 Wojny o tyberium

2008-12-10 16:13 --------- d-----w c:\program files\Electronic Arts

2008-12-05 04:43 --------- d-----w c:\program files\McAfee

2008-12-04 16:13 --------- d-----w c:\program files\Eidos

2008-12-03 19:52 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys

2008-12-03 19:52 15,504 ----a-w c:\windows\system32\drivers\mbam.sys

2008-12-03 13:32 --------- d-----w c:\program files\WordWeb

2008-12-03 12:41 --------- d-----w c:\program files\DesktopEarth

2008-12-03 11:18 --------- d-----w c:\program files\EA GAMES

2008-12-03 11:14 --------- d-----w c:\program files\AV Digital Talking Parrot

2008-12-03 10:39 --------- d-----w c:\program files\Earth 3D Screensaver

2008-12-03 00:40 --------- d-----w c:\programdata\McAfee

2008-12-03 00:38 --------- d-----w c:\program files\Common Files\McAfee

2008-12-03 00:37 --------- d-----w c:\program files\McAfee.com

2008-12-02 14:15 --------- d-----w c:\programdata\Kaspersky Lab

2008-12-01 19:40 410,976 ----a-w c:\windows\System32\deploytk.dll

2008-12-01 19:40 --------- d-----w c:\program files\Java

2008-12-01 19:35 --------- d-----w c:\program files\Kaspersky Lab

2008-11-28 11:26 56,863 ----a-w c:\users\Administrator\AppData\Roaming\nvModes.dat

2008-11-01 03:44 541,696 ----a-w c:\windows\AppPatch\AcLayers.dll

2008-11-01 03:44 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll

2008-11-01 03:44 460,288 ----a-w c:\windows\AppPatch\AcSpecfc.dll

2008-11-01 03:44 28,672 ----a-w c:\windows\System32\Apphlpdm.dll

2008-11-01 03:44 2,154,496 ----a-w c:\windows\AppPatch\AcGenral.dll

2008-11-01 03:44 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll

2008-11-01 01:21 4,240,384 ----a-w c:\windows\System32\GameUXLegacyGDFs.dll

2008-10-29 06:29 2,927,104 ----a-w c:\windows\explorer.exe

2008-10-22 03:57 241,152 ----a-w c:\windows\System32\PortableDeviceApi.dll

2008-10-22 01:22 2,048 ----a-w c:\windows\System32\tzres.dll

2008-10-21 05:25 296,960 ----a-w c:\windows\System32\gdi32.dll

2008-10-21 05:25 1,645,568 ----a-w c:\windows\System32\connect.dll

2008-10-18 14:08 1,050,296 ------w c:\windows\wweb32.dll

2008-10-16 21:13 1,809,944 ----a-w c:\windows\System32\wuaueng.dll

2008-10-16 21:12 561,688 ----a-w c:\windows\System32\wuapi.dll

2008-10-16 21:09 51,224 ----a-w c:\windows\System32\wuauclt.exe

2008-10-16 21:09 43,544 ----a-w c:\windows\System32\wups2.dll

2008-10-16 21:08 34,328 ----a-w c:\windows\System32\wups.dll

2008-10-16 20:56 1,524,736 ----a-w c:\windows\System32\wucltux.dll

2008-10-16 20:55 83,456 ----a-w c:\windows\System32\wudriver.dll

2008-10-16 14:08 162,064 ----a-w c:\windows\System32\wuwebv.dll

2008-10-16 13:56 31,232 ----a-w c:\windows\System32\wuapp.exe

2008-10-16 04:47 827,392 ----a-w c:\windows\System32\wininet.dll

2008-10-15 15:07 466,944 ----a-w c:\windows\System32\Parrot.scr

2008-10-12 13:02 62,322,172 ----a-w c:\users\KALiSz\Traktor3_341U_Win.zip

2008-10-05 10:49 22,328 ----a-w c:\users\KALiSz\AppData\Roaming\PnkBstrK.sys

2008-08-24 14:33 225,280 ----a-w c:\users\KALiSz\AppData\Roaming\Rewire.dll

2008-08-18 19:19 32 ----a-w c:\users\All Users\ezsid.dat

2008-08-18 19:19 32 ----a-w c:\programdata\ezsid.dat

2008-01-21 02:43 174 --sha-w c:\program files\desktop.ini

.

((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NSUFloatingUI"="c:\program files\Sony\Network Utility\LANUtil.exe" [2008-07-16 262144]

"Gadu-Gadu"="c:\program files\Gadu-Gadu\gg.exe" [2008-03-20 2127296]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

"WindowsWelcomeCenter"="oobefldr.dll" [2008-01-21 c:\windows\System32\oobefldr.dll]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NvSvc"="c:\windows\system32\nvsvc.dll" [2008-02-12 86016]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-02-12 8497696]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-02-12 81920]

"Apoint"="c:\program files\Apoint\Apoint.exe" [2008-02-23 122880]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-12 39792]

"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2007-11-21 311296]

"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-04-10 29744]

"MarketingTools"="c:\program files\Sony\Marketing Tools\MarketingTools.exe" [2008-04-10 36864]

"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2008-07-07 167936]

"WinampAgent"="c:\program files\Winamp\winampa.exe" [2007-02-13 35328]

"mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2007-11-01 582992]

"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]

"RtHDVCpl"="RtHDVCpl.exe" [2008-01-23 c:\windows\RtHDVCpl.exe]

c:\users\KALiSz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

DesktopEarth AutoStart.lnk - c:\users\KALiSz\AppData\Roaming\Microsoft\Installer\{D87176E9-ECD0-48C6-8E8B-B0054781DFB4}\_2B52280D74B238E888B1F2.exe [2008-12-03 29926]

Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDock\ObjectDock.exe [2009-01-12 3450608]

WordWeb.lnk - c:\program files\WordWeb\wweb32.exe [2008-12-03 42168]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-11-04 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]

2008-09-17 08:05 222456 c:\program files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]

2007-08-15 03:05 98304 c:\windows\System32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GOEC62~1.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"VIDC.dvsd"= c:\program files\Common Files\Sony Shared\VideoLib\sonydv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FreeCall]

--a------ 2008-09-01 11:09 9109296 c:\program files\FreeCall.com\FreeCall\FreeCall.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]

"{33055A94-CDDF-44B8-A8ED-F59039A75EF3}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook

"{ADEF565F-D80F-4A72-82F0-E1C1A3B51D14}"= UDP:c:\program files\Google\Google Talk\googletalk.exe:Google Talk

"{EE53C2A6-BBAE-4DF4-B52F-AA7CB54C2F3A}"= TCP:c:\program files\Google\Google Talk\googletalk.exe:Google Talk

"{9FA96EAF-FE46-4F03-A82F-5A588E24D807}"= UDP:c:\program files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)

"{8BEF6779-AD7F-4C84-9D69-44FD57FF6611}"= TCP:c:\program files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)

"{299B70F5-0609-49E8-A8B8-17563A1096FE}"= UDP:c:\program files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)

"{37581ECC-A839-4A4B-B261-74AE220DF91E}"= TCP:c:\program files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)

"{316D4311-BDBC-4AC5-9CA7-842F95E813B4}"= UDP:c:\program files\DNA\btdna.exe:DNA (TCP-In)

"{F6D97B78-2004-43FA-9E98-F0787C485D8B}"= TCP:c:\program files\DNA\btdna.exe:DNA (UDP-In)

"TCP Query User{7ACB4A11-888D-4184-A381-D0314DDF06DF}c:\\program files\\3alab\\iradio\\iradio.exe"= UDP:c:\program files\3alab\iradio\iradio.exe:iRadio

"UDP Query User{EED664A3-8301-4F36-B6B1-C9E975904A30}c:\\program files\\3alab\\iradio\\iradio.exe"= TCP:c:\program files\3alab\iradio\iradio.exe:iRadio

"{6A57295A-06F1-48F7-880B-7CEC9EA25B2E}"= UDP:c:\program files\Sierra\FEAR\FEARXP\FEARXP.exe:FEARXP

"{E4058137-BA5E-4FB5-A974-864F17B9BB10}"= TCP:c:\program files\Sierra\FEAR\FEARXP\FEARXP.exe:FEARXP

"TCP Query User{C1936423-A45B-4460-B814-FB7AA983856F}c:\\program files\\bittorrent\\bittorrent.exe"= UDP:c:\program files\bittorrent\bittorrent.exe:µTorrent

"UDP Query User{5E65E115-D77E-4DB8-AA60-B78EF3002B9E}c:\\program files\\bittorrent\\bittorrent.exe"= TCP:c:\program files\bittorrent\bittorrent.exe:µTorrent

"TCP Query User{9F93208C-415C-44CA-BBFC-E6F8FC34FE2D}c:\\program files\\bittorrent\\bittorrent.exe"= UDP:c:\program files\bittorrent\bittorrent.exe:µTorrent

"UDP Query User{71476319-3B98-405C-8894-A3DA64758504}c:\\program files\\bittorrent\\bittorrent.exe"= TCP:c:\program files\bittorrent\bittorrent.exe:µTorrent

"TCP Query User{F9F49D53-0D8A-4924-9B9B-99E76C0D719D}c:\\program files\\skype\\phone\\skype.exe"= UDP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath

"UDP Query User{38C609CD-D5EA-40F0-BE3C-AB464B15BD13}c:\\program files\\skype\\phone\\skype.exe"= TCP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath

"TCP Query User{B642B0CF-5A22-42B6-9F3C-99F262974EC8}c:\\programdata\\kaspersky lab setup files\\kaspersky internet security 2009\\english\\setup.exe"= UDP:c:\programdata\kaspersky lab setup files\kaspersky internet security 2009\english\setup.exe:Kaspersky Internet Security 2009 Setup

"UDP Query User{6BA5C18D-B6DA-4AF4-8E10-8864D0332458}c:\\programdata\\kaspersky lab setup files\\kaspersky internet security 2009\\english\\setup.exe"= TCP:c:\programdata\kaspersky lab setup files\kaspersky internet security 2009\english\setup.exe:Kaspersky Internet Security 2009 Setup

"{5EAEE741-F7DF-4E01-9BD9-DB486D399924}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA

"{24A5B896-66FA-4D14-925F-F5CCBC208ADC}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA

"{5B505FDD-BB28-45B5-8DBE-CF54985F4251}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB

"{09FCFBE0-0E8C-4B60-A1B1-EF1E68BFE794}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB

"{BF0323D1-5A7C-49FE-8F03-7E6F471626D4}"= UDP:c:\program files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty® 4 - Modern Warfare

"{02F8AD16-34C1-478F-9566-1F4F8889232A}"= TCP:c:\program files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty® 4 - Modern Warfare

"{0B836FD1-C784-4C9E-B271-B0E65AAD41DE}"= UDP:c:\program files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:Crysis_32

"{F3F008D7-2074-47D0-88F8-A09F37F69106}"= TCP:c:\program files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:Crysis_32

"{30451CEE-77EA-443E-94BA-2F95E8D5DBDC}"= UDP:c:\program files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:CrysisDedicatedServer_32

"{9DD847D3-8F9F-4F28-9EBB-436D09DBF450}"= TCP:c:\program files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:CrysisDedicatedServer_32

"TCP Query User{EA14A8F9-C7AE-41C6-AE91-1721514DF82A}c:\\programdata\\kaspersky lab setup files\\kaspersky anti-virus 7.0.1.325\\polish\\setup.exe"= UDP:c:\programdata\kaspersky lab setup files\kaspersky anti-virus 7.0.1.325\polish\setup.exe:Kaspersky Anti-Virus 7.0 Setup

"UDP Query User{DF745D2A-243A-408C-AEF5-57AFD3F66C90}c:\\programdata\\kaspersky lab setup files\\kaspersky anti-virus 7.0.1.325\\polish\\setup.exe"= TCP:c:\programdata\kaspersky lab setup files\kaspersky anti-virus 7.0.1.325\polish\setup.exe:Kaspersky Anti-Virus 7.0 Setup

"TCP Query User{3FACBDD0-B55D-41C9-AFA1-558E25319E21}c:\\program files\\skype\\phone\\skype.exe"= UDP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath

"UDP Query User{56885893-5DE7-4597-A9FC-A62F8EF5EC14}c:\\program files\\skype\\phone\\skype.exe"= TCP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath

"TCP Query User{F1853822-35C3-415F-BF64-56EF4D674C70}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule

"UDP Query User{EB4FB4DB-843D-4913-8B11-0EE442B6D6EE}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule

"{9C371D9E-9E4D-4973-A2CC-CD5E2DEB8856}"= Profile=Private|Profile=Public|c:\program files\Common Files\Mcafee\MNA\McNaSvc.exe:McAfee Network Agent

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]

"c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;"c:\program files\McAfee\SiteAdvisor\McSACore.exe" [2008-12-03 203280]

R2 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);"c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sMSSMLBIZ [2006-04-14 28933976]

R2 NSUService;NSUService;"c:\program files\Sony\Network Utility\NSUService.exe" [2008-04-10 233472]

R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-18 11032]

R3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2007-12-17 9344]

R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2007-08-17 812544]

S3 s115bus;Sony Ericsson Device 115 driver (WDM);c:\windows\system32\DRIVERS\s115bus.sys [2008-09-05 83208]

S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s115mdfl.sys [2008-09-05 15112]

S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s115mdm.sys [2008-09-05 108680]

S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s115mgmt.sys [2008-09-05 100488]

S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s115obex.sys [2008-09-05 98568]

S3 SOHCImp;VAIO Media plus Content Importer;"c:\program files\Sony\VAIO Media plus\SOHCImp.exe" [2008-04-10 104288]

S3 SOHDms;VAIO Media plus Digital Media Server;"c:\program files\Sony\VAIO Media plus\SOHDms.exe" [2008-04-10 350048]

S3 SOHDs;VAIO Media plus Device Searcher;"c:\program files\Sony\VAIO Media plus\SOHDs.exe" [2008-04-10 63328]

S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;"c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe" [2008-04-10 333088]

S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;"c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe" [2008-04-10 87328]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

bthsvcs REG_MULTI_SZ BthServ

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]

\shell\AutoRun\command - F:\Autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]

\shell\AutoRun\command - G:\Install.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H]

\shell\AutoRun\command - H:\AutorunUAW.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ca4ecba4-985e-11dd-9592-001a80bc3ffb}]

\shell\AutoRun\command - I:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ca4ecbbb-985e-11dd-9592-001a80bc3ffb}]

\shell\AutoRun\command - I:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f9b111b2-c286-11dd-a94a-001a80bc3ffb}]

\shell\AutoRun\command - J:\LaunchU3.exe -a

.

Zawartość folderu 'Zaplanowane zadania'

2009-01-13 c:\windows\Tasks\AWC Startup.job

- c:\program files\IObit\Advanced SystemCare 3\AWC.exe [2008-12-21 11:44]

2008-09-04 c:\windows\Tasks\iRadio task 1.job

- c:\progra~1\3aLab\iRadio\iRadio.exe [2006-02-10 15:04]

2008-09-04 c:\windows\Tasks\iRadio task 2.job

- c:\progra~1\3aLab\iRadio\iRadio.exe [2006-02-10 15:04]

2008-12-03 c:\windows\Tasks\McDefragTask.job

- c:\progra~1\mcafee\mqc\QcConsol.exe [2007-12-04 13:32]

2008-12-03 c:\windows\Tasks\McQcTask.job

- c:\progra~1\mcafee\mqc\QcConsol.exe [2007-12-04 13:32]

.

.

------- Skan uzupełniający -------

.

uStart Page = hxxp://www.google.pl/

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

c:\windows\Downloaded Program Files\Roulette.dll - O16 -: {18506D80-9B80-11D4-82C2-0080C8D7ED4A}

hxxp://download.gamedesire.com/g_bin/pl/roulette_2_0_0_27.cab

c:\windows\Downloaded Program Files\Roulette.inf

.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-01-13 14:46:46

Windows 6.0.6001 Service Pack 1 NTFS

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ...

skanowanie pomyślnie ukończone

ukryte pliki: 0

**************************************************************************

.

Czas ukończenia: 2009-01-13 14:48:57

ComboFix-quarantined-files.txt 2009-01-13 14:48:52

Przed: 35,045,117,952 bytes free

Po: 35,077,951,488 bytes free

293 --- E O F --- 2009-01-12 17:02:43

Sean
komentarz
komentarz

Wywal folder

C:\Program Files\Search Settings\

Włącz pokazywanie plików ukrytch i wywal ten plik:

C:\Users\KALiSz\AppData\Local\Temp\~tmpe.exe

Następnie wywal wpisy:

 R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dllO3 - Toolbar: (no name) - {37B85A29-692B-4205-9CAD-2626E4993404} - (no file) O4 - HKLM\..\Run: [searchSettings] C:\Program Files\Search Settings\SearchSettings.exeUnknownO4 - HKCU\..\Run: [Cognac] C:\Users\KALiSz\AppData\Local\Temp\~tmpb.exe O4 - HKCU\..\Run: [MSFox] C:\Users\KALiSz\AppData\Local\Temp\yyy9547.exe

Następnie daj nowe logi

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.