xyrxis utworzono 17 lutego 2009 utworzono 17 lutego 2009 (edytowane) Bardzo prosze o sprawdzenie loga z combofixa, z gory widze ze cos jest nie tak ale jak to naprawic, sczegolnie te wpisy "deregistered" ComboFix 09-02-15.01 - Adamik 2009-02-17 23:19:15.1 - NTFSx86Uruchomiony z: I:\ComboFix.exeUWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !!.((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))).c:\windows\system32\e1000msg.dllc:\windows\system32\NicEtCoE.dllc:\windows\system32\x64.((((((((((((((((((((((((( Pliki utworzone od 2009-01-17 do 2009-02-17 ))))))))))))))))))))))))))))))).2009-02-17 22:57 . 2009-02-17 22:57 <DIR> d--h----- c:\windows\system32\GroupPolicy2009-02-17 22:25 . 2009-02-17 22:25 <DIR> d-------- c:\program files\Trend Micro2009-02-17 21:52 . 2001-10-26 20:29 18,944 --a------ c:\windows\system32\simptcp.dll2009-02-17 20:32 . 2008-04-14 00:15 11,520 --a------ c:\windows\system32\drivers\scsiscan.sys2009-02-17 20:24 . 2009-02-17 20:24 <DIR> d-------- c:\documents and settings\Adamik\WINDOWS2009-02-17 20:14 . 2009-02-17 20:14 <DIR> d-------- c:\windows\system\color2009-02-17 20:08 . 2009-02-17 20:25 <DIR> d-------- c:\program files\Agfa2009-02-17 20:06 . 2009-02-17 20:06 <DIR> d-------- C:\Agfa ScanWise Installer2009-02-16 00:49 . 2009-02-16 00:49 <DIR> d-------- c:\program files\kRk Software2009-02-15 19:02 . 2009-02-15 19:19 <DIR> d-------- c:\documents and settings\Adamik\Dane aplikacji\Trados2009-02-15 18:09 . 2009-02-15 18:09 <DIR> d-------- c:\documents and settings\Adamik\Dane aplikacji\SYSTRAN2009-02-15 18:08 . 2009-02-15 18:08 <DIR> d-------- c:\program files\SYSTRAN2009-02-15 18:07 . 2009-02-15 18:09 <DIR> d-------- c:\windows\system32\E177E04D548C4006A465EEB92D3DE0212009-02-15 14:44 . 2009-02-15 14:44 <DIR> d-------- c:\program files\Common Files\Vbox2009-02-15 14:44 . 2002-05-06 13:44 243,712 --a------ c:\windows\KPCP32.DLL2009-02-15 14:44 . 2002-05-06 13:44 156,672 --a------ c:\windows\sprof32.dll2009-02-15 14:44 . 2002-05-06 13:44 70,144 --a------ c:\windows\KPFP32.DLL2009-02-15 14:44 . 2002-05-06 13:44 58,368 --a------ c:\windows\pfpick.dll2009-02-15 14:44 . 2002-05-06 13:44 53,760 --a------ c:\windows\PTPICK32.DLL2009-02-15 14:44 . 2002-05-06 13:44 48,128 --a------ c:\windows\KPSYS32.DLL2009-02-15 14:44 . 2002-05-06 13:44 42,483 --a------ c:\windows\ICCCODES.DAT2009-02-15 14:44 . 2002-05-06 13:44 39,095 --a------ c:\windows\Iccsigs.dat2009-02-15 14:44 . 2002-05-06 13:44 31,744 --a------ c:\windows\KPSHARP.DLL2009-02-15 14:44 . 2002-05-06 13:44 31,232 --a------ c:\windows\KPSCALE.DLL2009-02-15 14:44 . 2002-05-06 13:44 20,992 --a------ c:\windows\icccodes.dll2009-02-15 14:44 . 2002-05-06 13:44 156 --a------ c:\windows\KPCMS.INI2009-02-15 14:41 . 2009-02-15 14:41 800 --a------ c:\windows\hpinfo.lnk2009-02-15 14:40 . 2009-02-15 14:41 <DIR> d-------- c:\program files\hp deskjet 950c series2009-02-15 14:40 . 2009-02-15 14:40 <DIR> d-------- c:\program files\Hewlett-Packard2009-02-15 11:02 . 2009-02-15 11:02 69 --a------ c:\windows\NeroDigital.ini2009-02-14 23:19 . 2009-02-16 16:11 <DIR> d-------- c:\program files\DOSBox-0.722009-02-14 22:48 . 2009-02-14 22:48 <DIR> d-------- c:\program files\Tibia2009-02-14 22:48 . 2009-02-15 00:57 <DIR> d-------- c:\documents and settings\Adamik\Dane aplikacji\Tibia2009-02-14 19:33 . 2009-02-14 19:33 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\FLEXnet2009-02-14 19:33 . 2009-02-14 19:33 <DIR> d-------- c:\documents and settings\Adamik\Dane aplikacji\NetLibCache2009-02-14 19:27 . 2009-02-14 19:27 <DIR> d-------- c:\program files\Common Files\Macrovision Shared2009-02-14 19:27 . 2009-02-14 19:27 <DIR> d-------- c:\program files\Common Files\Adobe AIR2009-02-14 00:38 . 2008-07-31 23:17 9,200 --------- c:\windows\system32\drivers\cdralw2k.sys2009-02-14 00:38 . 2008-07-31 23:17 9,072 --------- c:\windows\system32\drivers\cdr4_xp.sys2009-02-14 00:37 . 2009-02-14 00:37 <DIR> d-------- c:\windows\system32\IOSUBSYS2009-02-14 00:37 . 2009-02-17 22:44 <DIR> d-------- c:\program files\Google2009-02-13 16:22 . 2009-02-13 16:22 0 --a------ c:\windows\nsreg.dat2009-02-13 16:17 . 2009-02-13 16:17 <DIR> d-------- c:\program files\Nowe Gadu-Gadu2009-02-13 16:17 . 2009-02-13 16:31 <DIR> d-------- c:\documents and settings\Adamik\Dane aplikacji\Nowe Gadu-Gadu2009-02-13 16:15 . 2009-02-13 16:15 <DIR> d-------- c:\windows\system32\LogFiles2009-02-13 16:15 . 2009-02-13 21:54 107,832 --a------ c:\windows\system32\PnkBstrB.exe2009-02-13 16:15 . 2009-02-13 16:15 66,872 --a------ c:\windows\system32\PnkBstrA.exe2009-02-13 16:15 . 2009-02-13 21:54 22,328 --a------ c:\windows\system32\drivers\PnkBstrK.sys2009-02-12 16:50 . 2009-02-12 16:58 <DIR> d-------- c:\program files\Common Files\Autodesk Shared2009-02-12 16:50 . 2009-02-12 16:58 <DIR> d-------- c:\program files\AutoCAD 20092009-02-12 16:50 . 2009-02-16 23:28 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\Autodesk2009-02-12 16:50 . 2009-02-16 23:28 <DIR> d-------- c:\documents and settings\Adamik\Dane aplikacji\Autodesk2009-02-12 16:49 . 2007-07-19 18:14 3,727,720 --a------ c:\windows\system32\d3dx9_35.dll2009-02-12 16:27 . 2009-02-12 16:27 <DIR> d-------- c:\documents and settings\Adamik\Dane aplikacji\AdobeUM2009-02-12 00:09 . 2009-02-12 00:09 <DIR> d-------- c:\program files\TRADOS2009-02-12 00:08 . 2009-02-12 00:08 <DIR> d-------- c:\program files\Common Files\InstallShield2009-02-12 00:06 . 2009-02-12 00:06 <DIR> d-------- c:\windows\system32\URTTEMP2009-02-11 23:49 . 2009-02-11 23:49 <DIR> d-------- c:\windows\Cache2009-02-11 23:40 . 2009-02-11 23:40 <DIR> d-------- c:\program files\projects2009-02-11 23:40 . 2009-02-11 23:40 <DIR> d-------- c:\program files\help2009-02-11 23:40 . 2009-02-11 23:40 <DIR> d-------- c:\program files\db2009-02-11 23:40 . 2009-02-11 23:40 <DIR> d-------- c:\program files\config2009-02-11 23:40 . 2009-02-11 23:40 <DIR> d-------- c:\program files\bin2009-02-11 23:40 . 2009-02-11 23:40 19,275 --a------ c:\program files\unins000.dat2009-02-11 22:16 . 2009-02-15 14:43 <DIR> d-------- c:\program files\Common Files\Adobe2009-02-11 22:08 . 1998-11-17 12:44 328,704 --a------ c:\windows\IsUn0407.exe2009-02-11 22:03 . 2009-02-11 22:03 <DIR> d-------- c:\program files\IrfanView2009-02-11 21:53 . 2009-02-11 21:53 <DIR> d-------- c:\documents and settings\Adamik\Dane aplikacji\ABBYY2009-02-11 21:51 . 2009-02-11 21:53 <DIR> d-------- c:\program files\ABBYY FineReader 8.0 Professional Edition2009-02-11 21:45 . 2009-02-11 21:45 <DIR> d-------- c:\program files\Nero2009-02-11 21:45 . 2009-02-11 21:45 <DIR> d-------- c:\program files\Common Files\Nero2009-02-11 21:45 . 2009-02-11 21:45 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\Nero2009-02-11 21:45 . 2006-03-17 11:45 1,757,184 --a------ c:\windows\system32\imagX7.dll2009-02-11 21:45 . 2006-03-17 11:45 802,816 --a------ c:\windows\system32\imagXRA7.dll2009-02-11 21:45 . 2006-03-17 11:45 497,296 --a------ c:\windows\system32\imagXpr7.dll2009-02-11 21:45 . 2006-03-17 14:49 368,640 --a------ c:\windows\system32\TwnLib4.dll2009-02-11 21:45 . 2006-03-17 11:45 258,048 --a------ c:\windows\system32\imagXR7.dll2009-02-11 21:37 . 2009-02-11 21:37 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\Symantec2009-02-11 21:35 . 2007-04-09 13:23 28,040 --a------ c:\windows\system32\mdimon.dll2009-02-11 21:35 . 2009-02-11 21:35 421 --a------ c:\windows\ODBC.INI2009-02-11 21:33 . 2009-02-15 14:43 <DIR> d-------- c:\windows\SHELLNEW2009-02-11 21:33 . 2009-02-11 21:33 <DIR> d-------- c:\program files\Microsoft.NET2009-02-11 21:12 . 2009-02-11 21:12 <DIR> d-------- c:\program files\Sigmatel2009-02-11 21:11 . 2008-04-14 00:49 146,048 --a------ c:\windows\system32\drivers\portcls.sys2009-02-11 21:11 . 2008-04-14 22:51 129,536 --a------ c:\windows\system32\ksproxy.ax2009-02-11 21:11 . 2008-04-14 00:15 60,160 --a------ c:\windows\system32\drivers\drmk.sys2009-02-11 21:11 . 2008-04-14 22:50 4,096 --a------ c:\windows\system32\ksuser.dll2009-02-11 21:09 . 2009-02-11 21:09 4,444 --a------ c:\windows\system32\pid.PNF2009-02-11 21:08 . 2008-04-14 01:17 25,856 --a------ c:\windows\system32\drivers\usbprint.sys2009-02-11 21:08 . 2001-08-17 22:59 3,072 --a------ c:\windows\system32\drivers\audstub.sys2009-02-11 21:07 . 2006-06-15 03:58 159,744 -ra------ c:\windows\system32\igfxres.dll2009-02-11 21:07 . 2008-04-14 22:35 58,880 --a------ c:\windows\system32\drivers\redbook.sys2009-02-11 21:06 . 2009-02-11 21:06 <DIR> d-------- c:\windows\system32\Lang2009-02-11 21:06 . 2006-06-23 06:40 405,504 -ra------ c:\windows\system32\igxpun.exe2009-02-11 21:06 . 2006-01-23 04:29 121,232 -ra------ c:\windows\system32\IScrNB.bmp2009-02-11 21:06 . 2008-04-14 22:50 77,312 --a------ c:\windows\system32\usbui.dll2009-02-11 21:06 . 2001-08-17 22:46 6,400 --a------ c:\windows\system32\drivers\enum1394.sys2009-02-11 21:04 . 2009-02-17 23:19 <DIR> d-------- c:\windows\system32\CatRoot22009-02-11 21:04 . 2009-02-11 21:04 <DIR> d-------- c:\windows\system32\CatRoot2009-02-11 21:04 . 2009-02-11 21:04 <DIR> dr-h----- c:\documents and settings\Default User\Ustawienia lokalne2009-02-11 21:04 . 2009-02-11 21:04 <DIR> d-------- c:\documents and settings\Default User\Ulubione2009-02-11 21:04 . 2009-02-11 20:16 <DIR> d--h----- c:\documents and settings\Default User\Szablony2009-02-11 21:04 . 2009-02-11 21:04 <DIR> d-------- c:\documents and settings\Default User\Pulpit2009-02-11 21:04 . 2009-02-11 21:04 <DIR> d-------- c:\documents and settings\Default User\Moje dokumenty2009-02-11 21:04 . 2009-02-11 21:04 <DIR> dr------- c:\documents and settings\Default User\Menu Start2009-02-11 21:04 . 2009-02-11 21:04 <DIR> dr-h----- c:\documents and settings\Default User\Dane aplikacji2009-02-11 21:04 . 2009-02-14 00:37 <DIR> d--h----- c:\documents and settings\Default User2009-02-11 21:04 . 2009-02-11 21:04 <DIR> d-------- c:\documents and settings\All Users\Ulubione2009-02-11 21:04 . 2009-02-11 21:04 <DIR> d--h----- c:\documents and settings\All Users\Szablony2009-02-11 21:04 . 2009-02-17 22:42 <DIR> d-------- c:\documents and settings\All Users\Pulpit2009-02-11 21:04 . 2009-02-17 21:14 <DIR> dr------- c:\documents and settings\All Users\Menu Start2009-02-11 21:04 . 2009-02-15 13:46 <DIR> dr------- c:\documents and settings\All Users\Dokumenty2009-02-11 21:04 . 2009-02-17 22:42 <DIR> dr-h----- c:\documents and settings\All Users\Dane aplikacji2009-02-11 21:04 . 2009-02-11 20:19 <DIR> d-------- c:\documents and settings\All Users2009-02-11 21:04 . 2009-02-11 20:25 <DIR> d-------- C:\Documents and Settings2009-02-11 21:04 . 2008-04-15 00:04 1,246,357 -ra------ c:\windows\SET3.tmp2009-02-11 21:04 . 2008-04-14 23:56 1,088,840 -ra------ c:\windows\SET4.tmp2009-02-11 21:04 . 2006-06-01 05:43 43,264 -ra------ c:\windows\system32\drivers\HECI.sys2009-02-11 21:04 . 2008-04-14 23:56 16,825 -ra------ c:\windows\SET8.tmp2009-02-11 21:02 . 2009-02-11 20:22 261 --a------ c:\windows\system32\$winnt$.inf.(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))).2009-02-11 22:06 --------- d-----w c:\program files\Common Files\Symantec Shared2009-02-11 19:58 --------- d-----w c:\program files\xp-AntiSpy2009-02-11 19:56 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Norton2009-02-11 19:51 --------- d-----w c:\program files\MSBuild2009-02-11 19:50 --------- d-----w c:\program files\Reference Assemblies2009-02-11 19:36 --------- d-----w c:\program files\Intel2009-02-11 19:35 --------- d-----w c:\program files\MSXML 4.02009-02-11 19:31 806 ----a-w c:\windows\system32\drivers\SYMEVENT.INF2009-02-11 19:31 60,808 ----a-w c:\windows\system32\S32EVNT1.DLL2009-02-11 19:31 36,272 ----a-r c:\windows\system32\drivers\SymIM.sys2009-02-11 19:31 124,464 ----a-w c:\windows\system32\drivers\SYMEVENT.SYS2009-02-11 19:31 10,635 ----a-w c:\windows\system32\drivers\SYMEVENT.CAT2009-02-11 19:31 --------- d-----w c:\program files\Symantec2009-02-11 19:31 --------- d-----w c:\program files\Norton Internet Security2009-02-11 19:30 --------- d-----w c:\program files\Windows Sidebar2009-02-11 19:30 --------- d-----w c:\program files\NortonInstaller2009-02-11 19:30 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\NortonInstaller2009-02-11 19:20 --------- d-----w c:\program files\microsoft frontpage2009-02-11 19:19 --------- d-----w c:\program files\Usługi online2009-01-05 22:33 3,751,995 ----a-w c:\windows\system32\GPhotos.scr2003-03-11 11:01 2,471 ----a-w c:\program files\readme.txt2003-02-01 23:00 86,408 ----a-w c:\program files\unins000.exe1999-12-13 13:38 135,168 ----a-w c:\windows\inf\Agfa\message.exe.((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))..*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"IgfxTray"="c:\windows\system32\igfxtray.exe" [2006-06-15 98304]"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2006-06-15 86016]"Persistence"="c:\windows\system32\igfxpers.exe" [2006-06-15 81920]"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb04.exe" [2001-11-07 196608][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]c:\documents and settings\All Users\Menu Start\Programy\Autostart\Acrobat Assistant.lnk - c:\program files\Adobe\Acrobat 6.0\Distillr\acrotray.exe [2003-05-15 217193][HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]"gusvc"=3 (0x3)"gupdate1c98e39f0da1938"=3 (0x3)[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]"EnableFirewall"= 0 (0x0)[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\system32\\sessmgr.exe"=R2 .norton2009Reset;Norton 2009 Reset;c:\documents and settings\All Users\Dane aplikacji\Norton\Norton2009Reset.exe [2009-02-11 281625]R3 EPPSCSIx;Agfa EPPSCSI Driver; [x]R3 scsiscan;Sterownik skanera SCSI;c:\windows\system32\DRIVERS\scsiscan.sys [2008-04-14 11520]R4 gupdate1c98e39f0da1938;Usługa Google Update (gupdate1c98e39f0da1938);c:\program files\Google\Update\GoogleUpdate.exe [2009-02-14 133104]S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1002000.007\SYMEFA.SYS [2009-02-11 309296]S1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\NIS\1002000.007\BHDrvx86.sys [2009-02-11 255536]S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NIS\1002000.007\ccHPx86.sys [2009-02-11 362544]S1 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20090212.003\IDSxpx86.sys [2009-01-29 276344]S2 Norton Internet Security;Norton Internet Security;c:\program files\Norton Internet Security\Engine\16.2.0.7\ccSvcHst.exe [2009-02-11 115560]S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2009-02-11 99376]--- Inne Usługi/Sterowniki w Pamięci ---*Deregistered* - AFD*Deregistered* - AudioSrv*Deregistered* - audstub*Deregistered* - Beep*Deregistered* - BHDrvx86*Deregistered* - BITS*Deregistered* - Browser*Deregistered* - ccHP*Deregistered* - Cdfs*Deregistered* - CryptSvc*Deregistered* - DcomLaunch*Deregistered* - dmio*Deregistered* - dmload*Deregistered* - dmserver*Deregistered* - eeCtrl*Deregistered* - EraserUtilRebootDrv*Deregistered* - EventSystem*Deregistered* - Fastfat*Deregistered* - FastUserSwitchingCompatibility*Deregistered* - Fips*Deregistered* - FltMgr*Deregistered* - Ftdisk*Deregistered* - Gpc*Deregistered* - helpsvc*Deregistered* - IDSxpx86*Deregistered* - ImapiService*Deregistered* - IPSec*Deregistered* - KSecDD*Deregistered* - LanmanServer*Deregistered* - lanmanworkstation*Deregistered* - LmHosts*Deregistered* - mnmdd*Deregistered* - Mouclass*Deregistered* - MountMgr*Deregistered* - MRxDAV*Deregistered* - MRxSmb*Deregistered* - Msfs*Deregistered* - mssmbios*Deregistered* - Mup*Deregistered* - NAVENG*Deregistered* - NAVEX15*Deregistered* - NDIS*Deregistered* - NdisTapi*Deregistered* - Ndisuio*Deregistered* - NdisWan*Deregistered* - NDProxy*Deregistered* - NetBIOS*Deregistered* - NetBT*Deregistered* - Netman*Deregistered* - Norton Internet Security*Deregistered* - Npfs*Deregistered* - Ntfs*Deregistered* - Null*Deregistered* - PartMgr*Deregistered* - ParVdm*Deregistered* - PnkBstrA*Deregistered* - PptpMiniport*Deregistered* - ProtectedStorage*Deregistered* - PSched*Deregistered* - RasAcd*Deregistered* - Rasl2tp*Deregistered* - RasPppoe*Deregistered* - Raspti*Deregistered* - Rdbss*Deregistered* - RDPCDD*Deregistered* - rdpdr*Deregistered* - RemoteRegistry*Deregistered* - RpcSs*Deregistered* - SamSs*Deregistered* - Schedule*Deregistered* - seclogon*Deregistered* - SENS*Deregistered* - sfng32*Deregistered* - SharedAccess*Deregistered* - ShellHWDetection*Deregistered* - SimpTcp*Deregistered* - Spooler*Deregistered* - sr*Deregistered* - srservice*Deregistered* - SRTSP*Deregistered* - SRTSPX*Deregistered* - Srv*Deregistered* - stisvc*Deregistered* - swenum*Deregistered* - SYMDNS*Deregistered* - SymEFA*Deregistered* - SymEvent*Deregistered* - SYMFW*Deregistered* - SYMIDS*Deregistered* - SymIMMP*Deregistered* - SYMNDIS*Deregistered* - SYMREDRV*Deregistered* - SYMTDI*Deregistered* - TermDD*Deregistered* - TermService*Deregistered* - Themes*Deregistered* - TrkWks*Deregistered* - Update*Deregistered* - VgaSave*Deregistered* - VolSnap*Deregistered* - W32Time*Deregistered* - WebClient*Deregistered* - winmgmt*Deregistered* - WmiApSrv*Deregistered* - wscsvc*Deregistered* - wuauserv*Deregistered* - WZCSVC[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bf6bf861-f871-11dd-8702-806d6172696f}]\Shell\AutoRun\command - H:\setup.exe.Zawartość folderu 'Zaplanowane zadania'2009-02-17 c:\windows\Tasks\GoogleUpdateTaskMachine.job- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-14 01:19].- - - - USUNIĘTO PUSTE WPISY - - - -HKLM-Run-SigmatelSysTrayApp - sttray.exe.------- Skan uzupełniający -------.uStart Page = hxxp://www.onet.pl/uDefault_Search_URL = hxxp://www.google.com/ieuSearchURL,(Default) = hxxp://www.google.com/search?q=%sIE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200IE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - c:\program files\Norton Internet Security\Engine\16.2.0.7\CoIEPlg.dllFF - ProfilePath - c:\documents and settings\Adamik\Dane aplikacji\Mozilla\Firefox\Profiles\65rcx4gx.default\FF - prefs.js: browser.startup.homepage - hxxp://www.onet.pl/FF - component: c:\documents and settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\components\coFFPlgn.dllFF - component: c:\documents and settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\IPSFFPlgn\components\IPSFFPl.dllFF - plugin: c:\program files\Google\Picasa3\npPicasa3.dllFF - plugin: c:\program files\Google\Update\1.2.141.5\npGoogleOneClick7.dll.**************************************************************************catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2009-02-17 23:22:23Windows 5.1.2600 Dodatek Service Pack 3 NTFSskanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ... skanowanie pomyślnie ukończoneukryte pliki: 0**************************************************************************[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Norton Internet Security]"ImagePath"="\"c:\program files\Norton Internet Security\Engine\16.2.0.7\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Engine\16.2.0.7\diMaster.dll\" /prefetch:1".--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{3749AA95-0B95-97D6-573EA782D1087389}\{140D5DD1-4454-9D01-1A62C863EE2D72CA}\{AFBD57C5-0E25-C0E9-BB318052A3DC6730}*]"N3ON3SCQTOHKQM23SBHY163HKH1"=hex:01,00,01,00,00,00,00,00,fa,de,c6,7c,16,d0,d3, 6d,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{406CE662-49A5-A824-9AD16CDB8C980A83}\{51810E7B-CC7B-50CD-91DC82E76A5CA55B}\{3C9B1055-B264-EADB-6986DE03867D1DB4}*]"N3ON3SCQTOHKQM23SBHY163HKH1"=hex:01,00,01,00,00,00,00,00,fa,de,c6,7c,16,d0,d3, 6d,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7129CE56-6141-5E78-1B43C38ACD84D6F1}\{8114B6F0-1072-5EBB-3EE28A5CFE52E012}\{69EA7742-3579-BB32-476F346B94EBE888}*]"N3ON3SCQTOHKQM23SBHY163HKH1"=hex:01,00,01,00,00,00,00,00,fa,de,c6,7c,16,d0,d3, 6d,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{959CDFD9-242F-9381-450EBA075CF8D1EA}\{E4126DDE-B1CF-F46E-6FBC1229E79DA1E8}\{36374683-3A91-E5DA-C1D5F9EB3706FEB8}*]"N3ON3SCQTOHKQM23SBHY163HKH1"=hex:01,00,01,00,00,00,00,00,fa,de,c6,7c,16,d0,d3, 6d,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EC36979A-271C-CB21-250CD586E00814A2}\{8EF4E408-9A98-28EF-CDFA1ACBF6ED5141}\{501B0FF8-8336-4915-6C99805756A8837E}*]"N3ON3SCQTOHKQM23SBHY163HKH1"=hex:01,00,01,00,00,00,00,00,fa,de,c6,7c,16,d0,d3, 6d,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61.Czas ukończenia: 2009-02-17 23:23:38ComboFix-quarantined-files.txt 2009-02-17 22:23:35Przed: 72 933 253 120 bajtów wolnychPo: 73,351,675,904 bajtów wolnych360
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.