wklejto.pl

Dodane przez: ~Anonim (2009-11-08 21:44) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
241.
242.
243.
244.
245.
246.
247.
248.
249.
250.
251.
252.
253.
254.
255.
256.
257.
258.
259.
260.
261.
262.
263.
264.
265.
266.
267.
268.
269.
270.
271.
272.
273.
274.
275.
276.
277.
278.
279.
280.
281.
282.
283.
284.
285.
286.
287.
288.
289.
290.
291.
292.
293.
294.
295.
296.
297.
298.
299.
300.
301.
302.
303.
304.
305.
306.
307.
308.
309.
310.
311.
312.
313.
314.
315.
316.
317.
318.
319.
320.
321.
322.
323.
324.
325.
326.
327.
328.
329.
330.
331.
332.
333.
334.
335.
336.
337.
338.
339.
340.
341.
342.
343.
344.
345.
346.
347.
348.
349.
350.
351.
352.
353.
354.
355.
356.
357.
358.
359.
360.
361.
362.
363.
364.
365.
366.
367.
368.
369.
370.
371.
372.
373.
374.
375.
376.
377.
378.
379.
380.
381.
382.
383.
384.
385.
386.
387.
388.
389.
390.
391.
392.
393.
394.
395.
396.
397.
398.
399.
400.
401.
402.
403.
404.
405.
406.
407.
408.
409.
410.
411.
412.
413.
414.
415.
416.
417.
418.
419.
420.
421.
422.
423.
424.
425.
426.
427.
428.
429.
430.
431.
432.
433.
434.
435.
436.
437.
438.
439.
440.
441.
442.
443.
444.
445.
446.
447.
448.
449.
450.
451.
452.
453.
454.
455.
456.
457.
458.
459.
460.
461.
462.
463.
464.
465.
466.
467.
468.
469.
470.
471.
472.
473.
474.
475.
ComboFix 09-11-07.04 - ja 2009-11-08 18:45.3.4 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.2.1250.48.1045.18.3071.2538 [GMT 1:00]
Uruchomiony z: c:\\documents and settings\\ja\\Pulpit\\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kerio WinRoute Firewall *enabled* {916dafda-8250-4a1d-9095-000da68ac4da}
 
UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !!
.
 
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
 
c:\\documents and settings\\ja\\Moje dokumenty\\cc_20091107_095336.reg
 
.
(((((((((((((((((((((((((((((((((((((((   Sterowniki/Usługi   )))))))))))))))))))))))))))))))))))))))))))))))))
.
 
-------\\Legacy_NPF
 
 
(((((((((((((((((((((((((   Pliki utworzone od 2009-10-08 do 2009-11-08  )))))))))))))))))))))))))))))))
.
 
2009-11-08 11:45 . 2009-11-08 17:37     --------        d-----w-        c:\\documents and settings\\All Users\\Dane aplikacji\\Kaspersky Lab
2009-11-08 11:45 . 2009-11-08 11:45     --------        d-----w-        c:\\program files\\Kaspersky Lab
2009-11-07 22:48 . 2009-11-07 22:48     --------        d-----w-        c:\\program files\\ZoneAlarmSB
2009-11-07 22:47 . 2009-11-07 22:47     --------        d-----w-        c:\\documents and settings\\All Users\\Dane aplikacji\\MailFrontier
2009-11-07 22:47 . 2009-11-07 22:49     4212    ---h--w-        c:\\windows\\system32\\zllictbl.dat
2009-11-07 22:47 . 2004-04-27 03:40     11264   ----a-w-        c:\\windows\\system32\\SpOrder.dll
2009-11-07 22:46 . 2009-11-07 22:56     --------        d-----w-        c:\\windows\\Internet Logs
2009-11-06 20:12 . 2009-11-06 20:17     --------        d-----w-        c:\\program files\\Winamp
2009-11-06 15:16 . 2009-11-06 15:16     --------        d-----w-        C:\\_OTL
2009-11-05 22:20 . 2009-11-05 22:20     --------        d-----w-        c:\\program files\\Trend Micro
2009-11-05 22:05 . 2009-11-05 22:05     --------        d-----w-        c:\\windows\\system32\\NtmsData
2009-11-05 22:02 . 2009-11-05 22:02     --------        d-----w-        c:\\documents and settings\\All Users\\Dane aplikacji\\Sunbelt
2009-11-05 21:52 . 2009-11-05 21:52     --------        d-----w-        c:\\documents and settings\\ja\\DoctorWeb
2009-11-05 21:50 . 2009-11-05 21:50     --------        d-----w-        c:\\documents and settings\\ja\\Dane aplikacji\\Malwarebytes
2009-11-05 21:50 . 2009-09-10 13:54     38224   ----a-w-        c:\\windows\\system32\\drivers\\mbamswissarmy.sys
2009-11-05 21:50 . 2009-11-05 21:55     --------        d-----w-        c:\\program files\\Malwarebytes\' Anti-Malware
2009-11-05 21:50 . 2009-11-05 21:50     --------        d-----w-        c:\\documents and settings\\All Users\\Dane aplikacji\\Malwarebytes
2009-11-05 21:50 . 2009-09-10 13:53     19160   ----a-w-        c:\\windows\\system32\\drivers\\mbam.sys
2009-11-04 20:25 . 2009-11-04 20:25     --------        d-----w-        c:\\documents and settings\\ja\\Dane aplikacji\\.BitTornado
2009-11-04 20:24 . 2009-11-04 20:24     --------        d-----w-        c:\\program files\\BitTornado
2009-11-02 18:11 . 2009-11-02 18:11     --------        d-----w-        c:\\program files\\Raw Modders Union
2009-10-29 14:03 . 2009-10-30 16:38     --------        d-----w-        C:\\games
2009-10-22 19:35 . 2009-10-22 19:35     --------        d-----w-        c:\\documents and settings\\ja\\Dane aplikacji\\Leadertech
2009-10-21 14:40 . 2009-10-21 14:40     --------        d-----w-        c:\\program files\\SIL
2009-10-21 14:40 . 2009-10-21 14:40     --------        d-----w-        c:\\program files\\Common Files\\SIL
2009-10-21 14:40 . 2009-10-21 14:40     --------        d-----w-        c:\\documents and settings\\All Users\\Dane aplikacji\\SIL
2009-10-15 17:22 . 2007-12-13 20:16     73728   ----a-w-        c:\\windows\\system32\\BrDctF2.dll
2009-10-15 17:22 . 2007-12-13 20:16     4608    ----a-w-        c:\\windows\\system32\\BrDctF2L.dll
2009-10-15 17:22 . 2007-12-13 20:16     3072    ----a-w-        c:\\windows\\system32\\BrDctF2S.dll
2009-10-15 17:22 . 2006-12-28 11:39     176128  ----a-w-        c:\\windows\\system32\\BroSNMP.dll
2009-10-15 17:22 . 2008-01-25 13:21     167936  ----a-w-        c:\\windows\\system32\\NSSearch.dll
2009-10-15 17:20 . 2009-10-15 17:20     --------        d-----w-        c:\\program files\\Common Files\\ScanSoft Shared
2009-10-15 17:20 . 2009-10-15 17:20     --------        d-----w-        c:\\documents and settings\\All Users\\Dane aplikacji\\ScanSoft
2009-10-15 17:20 . 2009-10-15 17:20     --------        d-----w-        c:\\program files\\ScanSoft
2009-10-14 17:14 . 2009-10-24 09:07     --------        d-----w-        c:\\documents and settings\\ja\\Ustawienia lokalne\\Dane aplikacji\\Ashampoo
2009-10-14 17:14 . 2009-10-14 17:14     --------        d-----w-        c:\\program files\\Ashampoo
2009-10-11 19:22 . 2009-10-11 19:22     --------        d-----w-        c:\\documents and settings\\ja\\.thumbnails
2009-10-10 11:19 . 2009-11-08 17:49     --------        d-----w-        c:\\program files\\Steam
2009-10-10 11:19 . 2009-10-10 11:19     --------        d-----w-        c:\\documents and settings\\ja\\Ustawienia lokalne\\Dane aplikacji\\Conduit
2009-10-10 11:19 . 2009-09-30 08:06     52224   ----a-w-        c:\\documents and settings\\ja\\Dane aplikacji\\Mozilla\\Firefox\\Profiles\\bade5ddi.default\\extensions\\{b592e943-0cb6-482c-849e-a2311298cdfd}\\components\\FFExternalAlert.dll
2009-10-10 11:19 . 2009-09-30 08:06     114688  ----a-w-        c:\\documents and settings\\ja\\Dane aplikacji\\Mozilla\\Firefox\\Profiles\\bade5ddi.default\\extensions\\{b592e943-0cb6-482c-849e-a2311298cdfd}\\components\\npmozax.dll
 
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-08 15:13 . 2009-07-25 14:07     --------        d-----w-        c:\\program files\\BitComet
2009-11-08 11:47 . 2009-11-08 11:47     604140  --sha-w-        c:\\windows\\system32\\drivers\\ISwift3.dat
2009-11-06 15:16 . 2001-10-26 18:15     74434   ----a-w-        c:\\windows\\system32\\perfc015.dat
2009-11-06 15:16 . 2001-10-26 18:15     448334  ----a-w-        c:\\windows\\system32\\perfh015.dat
2009-11-03 18:15 . 2009-09-07 13:21     --------        d-----w-        c:\\program files\\Opera
2009-10-25 10:41 . 2009-09-03 14:34     138184  ----a-w-        c:\\windows\\system32\\drivers\\PnkBstrK.sys
2009-10-25 10:41 . 2009-09-03 14:34     183112  ----a-w-        c:\\windows\\system32\\PnkBstrB.exe
2009-10-21 14:41 . 2009-07-29 07:02     45752   ----a-w-        c:\\documents and settings\\ja\\Ustawienia lokalne\\Dane aplikacji\\GDIPFONTCACHEV1.DAT
2009-10-21 14:32 . 2009-07-29 17:08     --------        d-----w-        c:\\program files\\Common Files\\Adobe
2009-10-15 17:22 . 2009-10-08 19:32     50      ----a-w-        c:\\windows\\system32\\bridf08b.dat
2009-10-15 17:22 . 2009-10-08 19:31     --------        d-----w-        c:\\program files\\Brother
2009-10-15 17:22 . 2009-07-25 10:22     --------        d--h--w-        c:\\program files\\InstallShield Installation Information
2009-10-09 17:09 . 2009-10-09 15:57     --------        d-----w-        c:\\program files\\Kerio
2009-10-09 17:09 . 2009-10-09 15:57     9720    ----a-w-        c:\\windows\\system32\\drivers\\kwflower.log
2009-10-09 16:37 . 2009-10-09 15:57     9762    ----a-w-        c:\\windows\\system32\\drivers\\kwfupper.log
2009-10-09 15:58 . 2009-10-09 15:58     --------        d-----w-        c:\\documents and settings\\ja\\Dane aplikacji\\Kerio
2009-10-08 19:29 . 2009-10-08 19:29     10134   ----a-r-        c:\\documents and settings\\ja\\Dane aplikacji\\Microsoft\\Installer\\{2BC2781A-F7F6-452E-95EB-018A522F1B2C}\\ARPPRODUCTICON.exe
2009-10-08 19:29 . 2009-10-08 19:29     --------        d-----w-        c:\\program files\\Nuance
2009-10-08 19:29 . 2009-10-08 19:29     --------        d-----w-        c:\\documents and settings\\All Users\\Dane aplikacji\\InstallShield
2009-10-08 19:28 . 2009-07-25 10:21     --------        d-----w-        c:\\program files\\Common Files\\InstallShield
2009-10-08 19:28 . 2009-10-08 19:28     --------        d-----w-        c:\\documents and settings\\All Users\\Dane aplikacji\\Brother
2009-10-08 19:20 . 2009-10-08 19:20     --------        d-----w-        c:\\documents and settings\\ja\\Dane aplikacji\\Samsung
2009-10-08 19:17 . 2009-10-08 19:17     --------        d-----w-        c:\\program files\\Samsung
2009-10-08 18:49 . 2009-10-08 18:49     --------        d-----w-        c:\\documents and settings\\ja\\Dane aplikacji\\Ahead
2009-10-06 20:13 . 2009-10-06 20:13     --------        d-----w-        c:\\documents and settings\\ja\\Dane aplikacji\\Activision
2009-10-06 20:13 . 2009-10-06 20:13     --------        d-----w-        c:\\documents and settings\\All Users\\Dane aplikacji\\Activision
2009-10-06 20:04 . 2009-10-06 20:04     --------        d-----w-        c:\\program files\\Activision
2009-10-04 05:14 . 2009-09-12 09:17     --------        d-----w-        c:\\program files\\ESET
2009-09-14 18:47 . 2009-09-03 10:40     16      ----a-w-        c:\\windows\\pxydb.dat
2009-09-14 18:46 . 2009-09-14 18:46     272     ----a-w-        c:\\windows\\system32\\drivers\\sfi.dat
2009-09-14 15:16 . 2009-09-14 15:15     --------        d-----w-        c:\\program files\\COMODO
2009-09-14 15:16 . 2009-09-14 15:16     --------        d-----w-        c:\\documents and settings\\ja\\Dane aplikacji\\Comodo
2009-09-13 15:42 . 2009-09-05 15:03     --------        d---a-w-        c:\\documents and settings\\All Users\\Dane aplikacji\\TEMP
2009-09-12 09:17 . 2009-09-11 14:44     --------        d-----w-        c:\\documents and settings\\All Users\\Dane aplikacji\\ESET
2009-09-11 20:43 . 2009-09-11 20:43     --------        d-----w-        c:\\program files\\AGAVA TBP
2009-09-11 14:44 . 2009-09-11 14:44     --------        d-----w-        c:\\documents and settings\\ja\\Dane aplikacji\\ESET
2009-09-11 14:18 . 2009-07-28 16:21     --------        d-----w-        c:\\documents and settings\\All Users\\Dane aplikacji\\Kaspersky Lab Setup Files
2009-09-09 19:39 . 2009-08-29 06:01     --------        d-----w-        c:\\documents and settings\\All Users\\Dane aplikacji\\Symantec
2009-09-08 14:15 . 2009-08-29 06:02     60808   ----a-w-        c:\\windows\\system32\\S32EVNT1.DLL
2009-09-08 14:15 . 2009-08-29 06:02     124464  ----a-w-        c:\\windows\\system32\\drivers\\SYMEVENT.SYS
2009-09-03 14:34 . 2009-09-03 14:34     66872   ----a-w-        c:\\windows\\system32\\PnkBstrA.exe
2009-09-02 12:14 . 2009-09-02 12:14     281760  ----a-w-        c:\\windows\\system32\\drivers\\atksgt.sys
2009-09-02 12:14 . 2009-09-02 12:14     25888   ----a-w-        c:\\windows\\system32\\drivers\\lirsgt.sys
2009-08-26 14:36 . 2009-08-26 14:36     59992   ----a-w-        c:\\documents and settings\\All Users\\Dane aplikacji\\Kaspersky Lab Setup Files\\Kaspersky Internet Security 2010 9.0.0.463\\Polish\\setup.exe
2009-08-22 00:38 . 2009-08-22 00:38     59992   ----a-w-        c:\\documents and settings\\All Users\\Dane aplikacji\\Kaspersky Lab Setup Files\\Kaspersky Internet Security 2010 9.0.0.684\\English\\setup.exe
.
 
(((((((((((((((((((((((((((((   SnapShot@2009-11-06_17.06.09   )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-11-08 17:49 . 2009-11-08 17:49   16384              c:\\windows\\Temp\\Perflib_Perfdata_f04.dat
+ 2009-11-08 17:49 . 2009-11-08 17:49   16384              c:\\windows\\Temp\\Perflib_Perfdata_84.dat
+ 2009-11-08 17:49 . 2009-11-08 17:49   16384              c:\\windows\\Temp\\Perflib_Perfdata_3b4.dat
+ 2005-01-28 12:44 . 2005-01-28 12:44   10752              c:\\windows\\system32\\wpdtrace.dll
+ 2005-01-28 12:44 . 2005-01-28 12:44   66560              c:\\windows\\system32\\wpdmtpus.dll
+ 2005-01-28 12:44 . 2005-01-28 12:44   61952              c:\\windows\\system32\\wpdconns.dll
+ 2005-01-28 12:44 . 2005-01-28 12:44   38912              c:\\windows\\system32\\wpd_ci.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44   33792              c:\\windows\\system32\\WMDMPS.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44   28160              c:\\windows\\system32\\WMDMLOG.dll
+ 2005-01-28 12:44 . 2005-01-28 12:44   38912              c:\\windows\\system32\\wdfmgr.exe
+ 2005-01-28 12:44 . 2005-01-28 12:44   15872              c:\\windows\\system32\\wdfapi.dll
+ 2009-11-06 20:13 . 2006-08-25 03:47   39672              c:\\windows\\system32\\vxblock.dll
+ 2005-01-28 12:44 . 2005-01-28 12:44   47104              c:\\windows\\system32\\uwdf.exe
+ 2009-11-06 20:13 . 2006-08-25 03:47   62632              c:\\windows\\system32\\pxinsa64.exe
+ 2009-11-06 20:13 . 2006-08-25 03:47   67240              c:\\windows\\system32\\pxhpinst.exe
+ 2009-11-06 20:13 . 2006-08-25 03:47   63144              c:\\windows\\system32\\pxcpya64.exe
+ 2004-08-03 22:44 . 2005-01-28 12:44   25088              c:\\windows\\system32\\MsPMSNSv.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44   96768              c:\\windows\\system32\\logagent.exe
+ 2004-08-03 22:43 . 2005-01-28 12:44   96768              c:\\windows\\system32\\drmstor.dll
+ 2005-01-28 12:44 . 2005-01-28 12:44   18944              c:\\windows\\system32\\drivers\\wpdusb.sys
+ 2009-11-06 20:13 . 2006-08-25 03:47   36528              c:\\windows\\system32\\drivers\\PxHelp20.sys
+ 2009-07-03 14:45 . 2009-07-03 14:45   27507              c:\\windows\\system32\\drivers\\klopp.dat
+ 2009-05-16 19:59 . 2009-05-16 19:59   19472              c:\\windows\\system32\\drivers\\klmouflt.sys
+ 2009-05-13 16:46 . 2009-05-13 16:46   31760              c:\\windows\\system32\\drivers\\klim5.sys
+ 2009-11-08 11:46 . 2009-11-08 12:31   95259              c:\\windows\\system32\\drivers\\klick.dat
+ 2008-12-15 19:41 . 2008-12-15 19:41   33808              c:\\windows\\system32\\drivers\\klbg.sys
+ 2004-08-03 22:44 . 2005-01-28 12:44   33792              c:\\windows\\system32\\dllcache\\wmdmps.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44   28160              c:\\windows\\system32\\dllcache\\wmdmlog.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44   25088              c:\\windows\\system32\\dllcache\\mspmsnsv.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44   96768              c:\\windows\\system32\\dllcache\\logagent.exe
+ 2004-08-03 22:43 . 2005-01-28 12:44   96768              c:\\windows\\system32\\dllcache\\drmstor.dll
+ 2009-11-06 20:13 . 2005-01-28 12:44   96768              c:\\windows\\RegisteredPackages\\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}\\drmstor.dll
+ 2009-11-06 20:13 . 2004-08-03 22:43   87040              c:\\windows\\RegisteredPackages\\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}$BACKUP$\\System\\drmstor.dll
+ 2009-11-06 20:13 . 2005-01-28 12:44   96768              c:\\windows\\RegisteredPackages\\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\\logagent.exe
+ 2009-11-06 20:13 . 2005-01-28 12:44   18944              c:\\windows\\RegisteredPackages\\{981FB688-E76B-4246-987B-92083185B90A}\\wpdusb.sys
+ 2009-11-06 20:13 . 2005-01-28 12:44   10752              c:\\windows\\RegisteredPackages\\{981FB688-E76B-4246-987B-92083185B90A}\\wpdtrace.dll
+ 2009-11-06 20:13 . 2005-01-28 12:44   66560              c:\\windows\\RegisteredPackages\\{981FB688-E76B-4246-987B-92083185B90A}\\wpdmtpus.dll
+ 2009-11-06 20:13 . 2005-01-28 12:44   61952              c:\\windows\\RegisteredPackages\\{981FB688-E76B-4246-987B-92083185B90A}\\wpdconns.dll
+ 2009-11-06 20:13 . 2005-01-28 12:44   38912              c:\\windows\\RegisteredPackages\\{981FB688-E76B-4246-987B-92083185B90A}\\wpd_ci.dll
+ 2009-11-06 20:13 . 2005-01-28 12:44   38912              c:\\windows\\RegisteredPackages\\{981FB688-E76B-4246-987B-92083185B90A}\\wdfmgr.exe
+ 2009-11-06 20:13 . 2005-01-28 12:44   15872              c:\\windows\\RegisteredPackages\\{981FB688-E76B-4246-987B-92083185B90A}\\wdfapi.dll
+ 2009-11-06 20:13 . 2005-01-28 12:44   47104              c:\\windows\\RegisteredPackages\\{981FB688-E76B-4246-987B-92083185B90A}\\uwdf.exe
+ 2009-11-06 20:13 . 2005-01-28 12:44   33792              c:\\windows\\RegisteredPackages\\{30C7234B-6482-4A55-A11D-ECD9030313F2}\\WMDMPS.dll
+ 2009-11-06 20:13 . 2005-01-28 12:44   28160              c:\\windows\\RegisteredPackages\\{30C7234B-6482-4A55-A11D-ECD9030313F2}\\WMDMLOG.dll
+ 2009-11-06 20:13 . 2005-01-28 12:44   25088              c:\\windows\\RegisteredPackages\\{30C7234B-6482-4A55-A11D-ECD9030313F2}\\MsPMSNSv.dll
+ 2009-11-06 20:13 . 2004-08-03 22:44   23552              c:\\windows\\RegisteredPackages\\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\\System\\WMDMPS.dll
+ 2009-11-06 20:13 . 2004-08-03 22:44   27136              c:\\windows\\RegisteredPackages\\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\\System\\WMDMLOG.dll
+ 2009-11-06 20:13 . 2004-08-03 22:44   52736              c:\\windows\\RegisteredPackages\\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\\System\\MsPMSNSv.dll
- 2004-08-03 22:44 . 2004-08-03 22:44   6656              c:\\windows\\system32\\laprxy.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44   6656              c:\\windows\\system32\\laprxy.dll
+ 2009-11-06 20:13 . 2006-08-25 03:47   2560              c:\\windows\\system32\\drivers\\cdralw2k.sys
+ 2009-11-06 20:13 . 2006-08-25 03:47   2432              c:\\windows\\system32\\drivers\\cdr4_xp.sys
- 2004-08-03 22:44 . 2004-08-03 22:44   6656              c:\\windows\\system32\\dllcache\\laprxy.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44   6656              c:\\windows\\system32\\dllcache\\laprxy.dll
+ 2009-11-06 20:13 . 2005-01-28 12:44   6656              c:\\windows\\RegisteredPackages\\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\\laprxy.dll
+ 2009-11-06 20:13 . 2004-08-03 22:44   6656              c:\\windows\\RegisteredPackages\\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\\System\\laprxy.dll
+ 2005-01-28 12:44 . 2005-01-28 12:44   331264              c:\\windows\\system32\\wpdsp.dll
+ 2005-01-28 12:44 . 2005-01-28 12:44   331776              c:\\windows\\system32\\wpdmtpdr.dll
+ 2005-01-28 12:44 . 2005-01-28 12:44   114176              c:\\windows\\system32\\wpdmtp.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44   895736              c:\\windows\\system32\\wmvdmod.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44   940544              c:\\windows\\system32\\wmspdmoe.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44   413944              c:\\windows\\system32\\wmspdmod.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44   774904              c:\\windows\\system32\\wmsdmod.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44   150016              c:\\windows\\system32\\wmidx.dll
+ 2005-01-28 12:44 . 2005-01-28 12:44   290816              c:\\windows\\system32\\WMDRMNet.dll
+ 2005-01-28 12:44 . 2005-01-28 12:44   335872              c:\\windows\\system32\\WMDRMdev.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44   224768              c:\\windows\\system32\\wmasf.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44   716288              c:\\windows\\system32\\wmadmoe.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44   396528              c:\\windows\\system32\\wmadmod.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44   221184              c:\\windows\\system32\\qasf.dll
+ 2009-11-06 20:13 . 2006-08-25 03:47   379640              c:\\windows\\system32\\pxwave.dll
+ 2009-11-06 20:13 . 2006-08-25 03:47   183032              c:\\windows\\system32\\pxmas.dll
+ 2009-11-06 20:13 . 2006-08-25 03:47   115880              c:\\windows\\system32\\pxinsi64.exe
+ 2009-11-06 20:13 . 2006-08-25 03:47   477944              c:\\windows\\system32\\pxdrv.dll
+ 2009-11-06 20:13 . 2006-08-25 03:47   129784              c:\\windows\\system32\\pxafs.dll
+ 2009-11-06 20:13 . 2006-08-25 03:47   514808              c:\\windows\\system32\\px.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44   315904              c:\\windows\\system32\\MSWMDM.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44   364784              c:\\windows\\system32\\MSSCP.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44   173568              c:\\windows\\system32\\MsPMSP.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44   142336              c:\\windows\\system32\\msnetobj.dll
+ 2009-07-03 14:48 . 2009-07-03 14:48   219664              c:\\windows\\system32\\klogon.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44   502272              c:\\windows\\system32\\drmv2clt.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44   258296              c:\\windows\\system32\\drmclien.dll
+ 2009-11-08 11:46 . 2009-11-08 12:31   108059              c:\\windows\\system32\\drivers\\klin.dat
+ 2009-11-08 11:45 . 2009-11-08 11:45   296976              c:\\windows\\system32\\drivers\\klif.sys
+ 2009-06-15 13:01 . 2009-06-15 13:01   128016              c:\\windows\\system32\\drivers\\kl1.sys
+ 2004-08-03 22:44 . 2005-01-28 12:44   895736              c:\\windows\\system32\\dllcache\\wmvdmod.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44   940544              c:\\windows\\system32\\dllcache\\wmspdmoe.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44   413944              c:\\windows\\system32\\dllcache\\wmspdmod.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44   774904              c:\\windows\\system32\\dllcache\\wmsdmod.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44   150016              c:\\windows\\system32\\dllcache\\wmidx.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44   224768              c:\\windows\\system32\\dllcache\\wmasf.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44   716288              c:\\windows\\system32\\dllcache\\wmadmoe.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44   396528              c:\\windows\\system32\\dllcache\\wmadmod.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44   221184              c:\\windows\\system32\\dllcache\\qasf.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44   315904              c:\\windows\\system32\\dllcache\\mswmdm.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44   364784              c:\\windows\\system32\\dllcache\\msscp.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44   173568              c:\\windows\\system32\\dllcache\\mspmsp.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44   142336              c:\\windows\\system32\\dllcache\\msnetobj.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44   502272              c:\\windows\\system32\\dllcache\\drmv2clt.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44   258296              c:\\windows\\system32\\dllcache\\drmclien.dll
+ 2004-08-03 22:43 . 2005-01-28 12:44   164864              c:\\windows\\system32\\dllcache\\cewmdm.dll
+ 2004-08-03 22:43 . 2005-01-28 12:44   294912              c:\\windows\\system32\\dllcache\\blackbox.dll
+ 2004-08-03 22:43 . 2005-01-28 12:44   164864              c:\\windows\\system32\\cewmdm.dll
+ 2004-08-03 22:43 . 2005-01-28 12:44   294912              c:\\windows\\system32\\blackbox.dll
+ 2009-11-06 20:13 . 2005-01-28 12:44   142336              c:\\windows\\RegisteredPackages\\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}\\msnetobj.dll
+ 2009-11-06 20:13 . 2005-01-28 12:44   502272              c:\\windows\\RegisteredPackages\\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}\\drmv2clt.dll
+ 2009-11-06 20:13 . 2005-01-28 12:44   258296              c:\\windows\\RegisteredPackages\\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}\\drmclien.dll
+ 2009-11-06 20:13 . 2005-01-28 12:44   294912              c:\\windows\\RegisteredPackages\\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}\\blackbox.dll
+ 2009-11-06 20:13 . 2004-08-03 22:44   259072              c:\\windows\\RegisteredPackages\\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}$BACKUP$\\System\\msnetobj.dll
+ 2009-11-06 20:13 . 2004-08-03 22:44   695296              c:\\windows\\RegisteredPackages\\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}$BACKUP$\\System\\drmv2clt.dll
+ 2009-11-06 20:13 . 2004-08-03 22:44   299520              c:\\windows\\RegisteredPackages\\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}$BACKUP$\\System\\drmclien.dll
+ 2009-11-06 20:13 . 2004-08-03 22:43   286208              c:\\windows\\RegisteredPackages\\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}$BACKUP$\\System\\blackbox.dll
+ 2009-11-06 20:13 . 2005-01-28 12:44   940544              c:\\windows\\RegisteredPackages\\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\\wmspdmoe.dll
+ 2009-11-06 20:13 . 2005-01-28 12:44   150016              c:\\windows\\RegisteredPackages\\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\\wmidx.dll
+ 2009-11-06 20:13 . 2005-01-28 12:44   290816              c:\\windows\\RegisteredPackages\\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\\WMDRMNet.dll
+ 2009-11-06 20:13 . 2005-01-28 12:44   335872              c:\\windows\\RegisteredPackages\\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\\WMDRMdev.dll
+ 2009-11-06 20:13 . 2005-01-28 12:44   224768              c:\\windows\\RegisteredPackages\\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\\wmasf.dll
+ 2009-11-06 20:13 . 2005-01-28 12:44   716288              c:\\windows\\RegisteredPackages\\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\\wmadmoe.dll
+ 2009-11-06 20:13 . 2005-01-28 12:44   221184              c:\\windows\\RegisteredPackages\\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\\qasf.dll
+ 2009-11-06 20:13 . 2004-08-03 22:44   896512              c:\\windows\\RegisteredPackages\\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\\System\\wmspdmoe.dll
+ 2009-11-06 20:13 . 2004-08-03 22:44   151552              c:\\windows\\RegisteredPackages\\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\\System\\wmidx.dll
+ 2009-11-06 20:13 . 2004-08-03 22:44   230400              c:\\windows\\RegisteredPackages\\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\\System\\wmasf.dll
+ 2009-11-06 20:13 . 2004-08-03 22:44   670720              c:\\windows\\RegisteredPackages\\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\\System\\wmadmoe.dll
+ 2009-11-06 20:13 . 2004-08-03 22:44   237568              c:\\windows\\RegisteredPackages\\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\\System\\qasf.dll
+ 2009-11-06 20:13 . 2004-08-03 22:44   103936              c:\\windows\\RegisteredPackages\\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\\System\\logagent.exe
+ 2009-11-06 20:13 . 2005-01-28 12:44   895736              c:\\windows\\RegisteredPackages\\{A47B3654-48EE-48A5-B629-97D70175E58F}\\wmvdmod.dll
+ 2009-11-06 20:13 . 2005-01-28 12:44   413944              c:\\windows\\RegisteredPackages\\{A47B3654-48EE-48A5-B629-97D70175E58F}\\wmspdmod.dll
+ 2009-11-06 20:13 . 2005-01-28 12:44   774904              c:\\windows\\RegisteredPackages\\{A47B3654-48EE-48A5-B629-97D70175E58F}\\wmsdmod.dll
+ 2009-11-06 20:13 . 2005-01-28 12:44   396528              c:\\windows\\RegisteredPackages\\{A47B3654-48EE-48A5-B629-97D70175E58F}\\wmadmod.dll
+ 2009-11-06 20:13 . 2004-08-03 22:44   809984              c:\\windows\\RegisteredPackages\\{A47B3654-48EE-48A5-B629-97D70175E58F}$BACKUP$\\System\\wmvdmod.dll
+ 2009-11-06 20:13 . 2004-08-03 22:44   484864              c:\\windows\\RegisteredPackages\\{A47B3654-48EE-48A5-B629-97D70175E58F}$BACKUP$\\System\\wmspdmod.dll
+ 2009-11-06 20:13 . 2004-08-03 22:44   759296              c:\\windows\\RegisteredPackages\\{A47B3654-48EE-48A5-B629-97D70175E58F}$BACKUP$\\System\\wmsdmod.dll
+ 2009-11-06 20:13 . 2004-08-03 22:44   408064              c:\\windows\\RegisteredPackages\\{A47B3654-48EE-48A5-B629-97D70175E58F}$BACKUP$\\System\\wmadmod.dll
+ 2009-11-06 20:13 . 2005-01-28 12:44   331264              c:\\windows\\RegisteredPackages\\{981FB688-E76B-4246-987B-92083185B90A}\\wpdsp.dll
+ 2009-11-06 20:13 . 2005-01-28 12:44   331776              c:\\windows\\RegisteredPackages\\{981FB688-E76B-4246-987B-92083185B90A}\\wpdmtpdr.dll
+ 2009-11-06 20:13 . 2005-01-28 12:44   114176              c:\\windows\\RegisteredPackages\\{981FB688-E76B-4246-987B-92083185B90A}\\wpdmtp.dll
+ 2009-11-06 20:13 . 2005-01-28 12:44   315904              c:\\windows\\RegisteredPackages\\{30C7234B-6482-4A55-A11D-ECD9030313F2}\\MSWMDM.dll
+ 2009-11-06 20:13 . 2005-01-28 12:44   364784              c:\\windows\\RegisteredPackages\\{30C7234B-6482-4A55-A11D-ECD9030313F2}\\MSSCP.dll
+ 2009-11-06 20:13 . 2005-01-28 12:44   173568              c:\\windows\\RegisteredPackages\\{30C7234B-6482-4A55-A11D-ECD9030313F2}\\MsPMSP.dll
+ 2009-11-06 20:13 . 2005-01-28 12:44   164864              c:\\windows\\RegisteredPackages\\{30C7234B-6482-4A55-A11D-ECD9030313F2}\\cewmdm.dll
+ 2009-11-06 20:13 . 2004-08-03 22:44   246272              c:\\windows\\RegisteredPackages\\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\\System\\MSWMDM.dll
+ 2009-11-06 20:13 . 2004-08-03 22:44   356352              c:\\windows\\RegisteredPackages\\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\\System\\MSSCP.dll
+ 2009-11-06 20:13 . 2004-08-03 22:44   201728              c:\\windows\\RegisteredPackages\\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\\System\\MsPMSP.dll
+ 2009-11-06 20:13 . 2004-08-03 22:43   159232              c:\\windows\\RegisteredPackages\\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\\System\\cewmdm.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44   1003008              c:\\windows\\system32\\wmvdmoe2.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44   2370296              c:\\windows\\system32\\wmvcore.dll
+ 2005-01-28 12:44 . 2005-01-28 12:44   1512448              c:\\windows\\system32\\WMVADVE.DLL
+ 2005-01-28 12:44 . 2005-01-28 12:44   1218808              c:\\windows\\system32\\wmvadvd.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44   1119744              c:\\windows\\system32\\wmsdmoe2.dll
- 2004-08-03 22:44 . 2004-08-03 22:44   1119744              c:\\windows\\system32\\wmsdmoe2.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44   1027072              c:\\windows\\system32\\wmnetmgr.dll
+ 2009-11-06 20:13 . 2006-08-25 03:47   1309432              c:\\windows\\system32\\pxsfs.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44   1003008              c:\\windows\\system32\\dllcache\\wmvdmoe2.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44   2370296              c:\\windows\\system32\\dllcache\\wmvcore.dll
- 2004-08-03 22:44 . 2004-08-03 22:44   1119744              c:\\windows\\system32\\dllcache\\wmsdmoe2.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44   1119744              c:\\windows\\system32\\dllcache\\wmsdmoe2.dll
+ 2004-08-03 22:44 . 2005-01-28 12:44   1027072              c:\\windows\\system32\\dllcache\\wmnetmgr.dll
+ 2009-11-06 20:13 . 2005-01-28 12:44   1003008              c:\\windows\\RegisteredPackages\\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\\wmvdmoe2.dll
+ 2009-11-06 20:13 . 2005-01-28 12:44   2370296              c:\\windows\\RegisteredPackages\\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\\wmvcore.dll
+ 2009-11-06 20:13 . 2005-01-28 12:44   1512448              c:\\windows\\RegisteredPackages\\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\\WMVADVE.DLL
+ 2009-11-06 20:13 . 2005-01-28 12:44   1119744              c:\\windows\\RegisteredPackages\\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\\wmsdmoe2.dll
+ 2009-11-06 20:13 . 2005-01-28 12:44   1027072              c:\\windows\\RegisteredPackages\\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\\wmnetmgr.dll
+ 2009-11-06 20:13 . 2004-08-03 22:44   1001472              c:\\windows\\RegisteredPackages\\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\\System\\wmvdmoe2.dll
+ 2009-11-06 20:13 . 2004-08-03 22:44   2105344              c:\\windows\\RegisteredPackages\\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\\System\\wmvcore.dll
+ 2009-11-06 20:13 . 2004-08-03 22:44   1119744              c:\\windows\\RegisteredPackages\\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\\System\\wmsdmoe2.dll
+ 2009-11-06 20:13 . 2004-08-03 22:44   1050624              c:\\windows\\RegisteredPackages\\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\\System\\wmnetmgr.dll
+ 2009-11-06 20:13 . 2005-01-28 12:44   1218808              c:\\windows\\RegisteredPackages\\{A47B3654-48EE-48A5-B629-97D70175E58F}\\wmvadvd.dll
+ 2009-11-08 11:46 . 2009-11-08 11:46   3394560              c:\\windows\\Installer\\e9ddc3.msi
.
-- Migawka wyzerowana --
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
 
[HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run]
\"Gadu-Gadu\"=\"c:\\program files\\Gadu-Gadu\\gg.exe\" [2006-02-17 2396160]
\"MSMSGS\"=\"c:\\program files\\Messenger\\msmsgs.exe\" [2004-08-03 1667584]
\"Steam\"=\"c:\\program files\\Steam\\Steam.exe\" [2009-10-24 1217808]
 
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run]
\"DelReg\"=\"c:\\program files\\MSI\\DualCoreCenter\\DelReg.exe\" [2008-05-13 196608]
\"NvCplDaemon\"=\"c:\\windows\\system32\\NvCpl.dll\" [2008-01-03 13508608]
\"NvMediaCenter\"=\"c:\\windows\\system32\\NvMcTray.dll\" [2008-01-03 86016]
\"NeroFilterCheck\"=\"c:\\windows\\system32\\NeroCheck.exe\" [2001-07-09 155648]
\"SunJavaUpdateSched\"=\"c:\\program files\\Java\\jre6\\bin\\jusched.exe\" [2009-08-05 149280]
\"COMODO livePCsupport\"=\"c:\\program files\\COMODO\\livePCsupport\\ELPS.exe\" [2009-05-08 689416]
\"SSBkgdUpdate\"=\"c:\\program files\\Common Files\\Scansoft Shared\\SSBkgdUpdate\\SSBkgdupdate.exe\" [2006-10-25 210472]
\"PaperPort PTD\"=\"c:\\program files\\ScanSoft\\PaperPort\\pptd40nt.exe\" [2007-10-11 29984]
\"IndexSearch\"=\"c:\\program files\\ScanSoft\\PaperPort\\IndexSearch.exe\" [2007-10-11 46368]
\"PPort11reminder\"=\"c:\\program files\\ScanSoft\\PaperPort\\Ereg\\Ereg.exe\" [2007-08-31 328992]
\"Adobe Reader Speed Launcher\"=\"c:\\program files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\" [2009-10-03 35696]
\"Adobe ARM\"=\"c:\\program files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\" [2009-09-04 935288]
\"Malwarebytes Anti-Malware (reboot)\"=\"c:\\program files\\Malwarebytes\' Anti-Malware\\mbam.exe\" [2009-09-10 1312080]
\"WinampAgent\"=\"c:\\program files\\Winamp\\winampa.exe\" [2006-11-21 35328]
\"avp\"=\"c:\\program files\\Kaspersky Lab\\Kaspersky Internet Security 2010\\avp.exe\" [2009-07-03 303376]
\"RTHDCPL\"=\"RTHDCPL.EXE\" - c:\\windows\\RTHDCPL.EXE [2008-04-10 16861184]
\"nwiz\"=\"nwiz.exe\" - c:\\windows\\system32\\nwiz.exe [2008-01-03 1626112]
 
[HKEY_USERS\\.DEFAULT\\Software\\Microsoft\\Windows\\CurrentVersion\\Run]
\"CTFMON.EXE\"=\"c:\\windows\\system32\\CTFMON.EXE\" [2004-08-03 15360]
 
c:\\documents and settings\\All Users\\Menu Start\\Programy\\Autostart\\
DualCoreCenter.lnk - c:\\program files\\MSI\\DualCoreCenter\\StartUpDualCoreCenter.exe [2009-7-25 192512]
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\security center\\Monitoring]
\"DisableMonitoring\"=dword:00000001
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\security center\\Monitoring\\KasperskyAntiVirus]
\"DisableMonitoring\"=dword:00000001
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\security center\\Monitoring\\SymantecAntiVirus]
\"DisableMonitoring\"=dword:00000001
 
[HKEY_LOCAL_MACHINE\\software\\microsoft\\security center\\Monitoring\\SymantecFirewall]
\"DisableMonitoring\"=dword:00000001
 
[HKLM\\~\\services\\sharedaccess\\parameters\\firewallpolicy\\standardprofile]
\"EnableFirewall\"= 0 (0x0)
 
[HKLM\\~\\services\\sharedaccess\\parameters\\firewallpolicy\\standardprofile\\AuthorizedApplications\\List]
\"%windir%\\\\system32\\\\sessmgr.exe\"=
\"c:\\\\Program Files\\\\BitComet\\\\BitComet.exe\"=
\"c:\\\\Program Files\\\\Ubisoft\\\\Related Designs\\\\ANNO 1404\\\\Anno4.exe\"=
\"c:\\\\Program Files\\\\Ubisoft\\\\Related Designs\\\\ANNO 1404\\\\tools\\\\Anno4Web.exe\"=
\"c:\\\\Program Files\\\\Activision\\\\Transformers - Revenge of the Fallen\\\\Transformers2.exe\"=
\"c:\\\\games\\\\PES.2010-KaOs\\\\pes2010.exe\"=
\"c:\\\\games\\\\PES\\\\pes2010.exe\"=
\"c:\\\\Program Files\\\\Steam\\\\steamapps\\\\vvmadafakavv\\\\counter-strike\\\\hl.exe\"=
 
[HKLM\\~\\services\\sharedaccess\\parameters\\firewallpolicy\\standardprofile\\GloballyOpenPorts\\List]
\"20548:TCP\"= 20548:TCP:BitComet 20548 TCP
\"20548:UDP\"= 20548:UDP:BitComet 20548 UDP
\"53:UDP\"= 53:UDP:Promo
\"2963:TCP\"= 2963:TCP:vhzywv
 
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\\windows\\system32\\drivers\\klbg.sys [2008-12-15 33808]
R3 DualCoreCenter;DualCoreCenter;c:\\program files\\MSI\\DualCoreCenter\\NTGLM7X.sys [2009-07-25 28160]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\\windows\\system32\\drivers\\klim5.sys [2009-05-13 31760]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\\windows\\system32\\drivers\\klmouflt.sys [2009-05-16 19472]
R3 RushTopDevice2;RushTopDevice2;c:\\program files\\MSI\\DualCoreCenter\\RushTop.sys [2009-07-25 56320]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\\windows\\system32\\drivers\\vcsvad.sys [2009-07-29 17792]
S2 acqlqvpes;Config Windows;c:\\windows\\system32\\svchost.exe -k netsvcs [2004-08-03 14336]
S2 ihkgrzc;Manager Helper;c:\\windows\\system32\\svchost.exe -k netsvcs [2004-08-03 14336]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\\program files\\Common Files\\Symantec Shared\\EENGINE\\EraserUtilRebootDrv.sys [2009-08-29 102448]
S3 kvnet;Kerio Virtual Network Adapter;c:\\windows\\system32\\drivers\\kvnet.sys [2009-03-23 29696]
S3 kwflower;Kerio WinRoute Firewall Driver - Lower Layer;c:\\windows\\system32\\DRIVERS\\kwflower.sys --> c:\\windows\\system32\\DRIVERS\\kwflower.sys [?]
 
--- Inne Usługi/Sterowniki w Pamięci ---
 
*Deregistered* - mbr
 
HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Svchost  - NetSvcs
acqlqvpes
ihkgrzc
.
.
------- Skan uzupełniający -------
.
uStart Page = 
uInternet Connection Wizard,ShellNext = iexplore
IE: Pobierz wszystkie VIdeo za pomocą BitComet - c:\\program files\\BitComet\\BitComet.exe/AddVideo.htm
IE: Pobierz wszystko za pomocą BitComet - c:\\program files\\BitComet\\BitComet.exe/AddAllLink.htm
IE: Pobierz za pomocą BitComet - c:\\program files\\BitComet\\BitComet.exe/AddLink.htm
FF - ProfilePath - c:\\documents and settings\\ja\\Dane aplikacji\\Mozilla\\Firefox\\Profiles\\bade5ddi.default\\
FF - prefs.js: browser.search.defaulturl - 
FF - prefs.js: browser.search.selectedEngine - Softonic-Eng3 Customized Web Search
FF - prefs.js: browser.startup.homepage - google.pl
FF - component: c:\\documents and settings\\ja\\Dane aplikacji\\Mozilla\\Firefox\\Profiles\\bade5ddi.default\\extensions\\{b592e943-0cb6-482c-849e-a2311298cdfd}\\components\\FFExternalAlert.dll
FF - component: c:\\program files\\Comodo\\HopSurfToolbar\\hopsurfext_ff3_5\\components\\hopsurf.dll
FF - component: c:\\program files\\Mozilla Firefox\\extensions\\linkfilter@kaspersky.ru\\components\\KavLinkFilter.dll
FF - plugin: c:\\program files\\Mozilla Firefox\\plugins\\np-mswmp.dll
FF - plugin: c:\\program files\\Mozilla Firefox\\plugins\\NPZoneSB.dll
 
---- FIREFOX - SPOSÓB POSTĘPOWANIA ----
c:\\program files\\Mozilla Firefox\\greprefs\\security-prefs.js - pref(\"security.ssl3.rsa_seed_sha\", true);
.
- - - - USUNIĘTO PUSTE WPISY - - - -
 
AddRemove-Winamp5PL - c:\\program files\\Winamp\\Uninstall_PL
 
 
 
**************************************************************************
 
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-08 18:49
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
 
skanowanie ukrytych procesów ...  
 
skanowanie ukrytych wpisów autostartu ... 
 
skanowanie ukrytych plików ...  
 
skanowanie pomyślnie ukończone
ukryte pliki: 0
 
**************************************************************************
 
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
 
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll SCSIPORT.SYS >>UNKNOWN [0x8AACD328]<< 
kernel: MBR read successfully
detected MBR rootkit hooks:
\\Driver\\atapi -> 0x8a687220
Warning: possible MBR rootkit infection !
user & kernel MBR OK 
Use \"Recovery Console\" command \"fixmbr\" to clear infection !
 
**************************************************************************
 
[HKEY_LOCAL_MACHINE\\System\\ControlSet001\\Services\\ASFWHide]
\"ImagePath\"=\"\\??\\c:\\docume~1\\ja\\USTAWI~1\\Temp\\ASFWHide\"
 
[HKEY_LOCAL_MACHINE\\System\\ControlSet001\\Services\\acqlqvpes]
 
--
 
[HKEY_LOCAL_MACHINE\\System\\ControlSet001\\Services\\ihkgrzc]
 
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------
 
- - - - - - - > \'explorer.exe\'(3612)
c:\\program files\\Gadu-Gadu\\ggwhook.dll
c:\\windows\\system32\\msi.dll
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c:\\program files\\Java\\jre6\\bin\\jqs.exe
c:\\program files\\NVIDIA Corporation\\nTune\\nTuneService.exe
c:\\windows\\system32\\RUNDLL32.EXE
c:\\windows\\system32\\nvsvc32.exe
c:\\windows\\system32\\PnkBstrA.exe
c:\\windows\\system32\\wdfmgr.exe
c:\\program files\\MSI\\DualCoreCenter\\DualCoreCenter.exe
c:\\windows\\system32\\wbem\\wmiapsrv.exe
.
**************************************************************************
.
Czas ukończenia: 2009-11-08 18:51 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt  2009-11-08 17:51
ComboFix2.txt  2009-11-06 17:53
ComboFix3.txt  2009-11-06 17:07
 
Przed: 58 386 665 472 bajtów wolnych
Po: 58 366 435 328 bajtów wolnych
 
- - End Of File - - ED916A1343A0481227BA5D46FD0DA352
 
Wygenerowano w 0.275s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!