wklejto.pl

Dodane przez: ~Anonim (2011-01-17 13:53) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
ComboFix 11-01-16.03 - Tomek 2011-01-17  13:33:08.2.4 - x86
Microsoft Windows 7 Ultimate   6.1.7600.0.1250.48.1045.18.3582.2580 [GMT 1:00]
Uruchomiony z: c:usersTomekDesktopComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
 
(((((((((((((((((((((((((   Pliki utworzone od 2010-12-17 do 2011-01-17  )))))))))))))))))))))))))))))))
.
 
2011-01-17 12:42 . 2011-01-17 12:42     --------        d-----w-        c:usersPublicAppDataLocaltemp
2011-01-17 12:42 . 2011-01-17 12:42     --------        d-----w-        c:usersDefaultAppDataLocaltemp
2011-01-17 12:42 . 2011-01-17 12:42     --------        d-----w-        c:usersAdministratorAppDataLocaltemp
2011-01-16 00:45 . 2011-01-17 12:43     --------        d-----w-        c:program filescFosSpeed
2011-01-16 00:45 . 2010-10-25 14:32     965336  ----a-w-        c:windowssystem32driverscfosspeed6.sys
2011-01-15 23:30 . 2010-11-30 13:02     80416   ----a-w-        c:windowssystem32RtNicProp32.dll
2011-01-15 23:30 . 2010-11-30 13:02     327272  ----a-w-        c:windowssystem32driversRt86win7.sys
2011-01-15 23:30 . 2010-11-30 13:02     100896  ----a-w-        c:windowssystem32RTNUninst32.dll
2011-01-15 23:30 . 2011-01-15 23:30     --------        d-----w-        c:program filesRealtek
2011-01-15 23:24 . 2011-01-15 23:24     --------        d-----w-        c:program filesPixarra
2011-01-15 23:11 . 2011-01-15 23:11     --------        d-----w-        c:programdataIObit
2011-01-15 23:11 . 2011-01-15 23:11     --------        d-----w-        c:program filesIObit
2011-01-14 17:34 . 2010-11-10 04:33     6273872 ----a-w-        c:programdataMicrosoftWindows DefenderDefinition Updates{7C57F27A-2E04-4837-923E-88F89658A76C}mpengine.dll
2011-01-08 15:34 . 2011-01-08 15:35     --------        d-----w-        c:program filesLuxand
2011-01-01 17:04 . 2011-01-01 17:04     --------        d-----w-        c:programdataNVIDIA Corporation
2011-01-01 17:04 . 2010-10-22 06:23     888424  ----a-w-        c:windowssystem32nvdispco322050.dll
2011-01-01 17:04 . 2010-10-22 06:23     813672  ----a-w-        c:windowssystem32nvgenco322030.dll
2011-01-01 17:04 . 2010-10-22 06:23     57960   ----a-w-        c:windowssystem32OpenCL.dll
2011-01-01 17:04 . 2010-10-22 06:23     319080  ----a-w-        c:windowssystem32nvdecodemft.dll
2011-01-01 17:04 . 2010-10-22 06:23     14899816        ----a-w-        c:windowssystem32nvoglv32.dll
2011-01-01 17:04 . 2010-10-22 06:23     10084360        ----a-w-        c:windowssystem32driversnvlddmkm.sys
2011-01-01 17:04 . 2010-10-22 06:23     10023528        ----a-w-        c:windowssystem32nvd3dum.dll
2011-01-01 17:04 . 2010-10-22 06:23     4837480 ----a-w-        c:windowssystem32nvcuda.dll
2011-01-01 17:04 . 2010-10-22 06:23     2912360 ----a-w-        c:windowssystem32nvcuvid.dll
2011-01-01 17:04 . 2010-10-22 06:23     2666600 ----a-w-        c:windowssystem32nvcuvenc.dll
2011-01-01 17:04 . 2010-10-22 06:23     13019752        ----a-w-        c:windowssystem32nvcompiler.dll
2011-01-01 16:48 . 2011-01-01 16:48     --------        d-----w-        c:program filesPiranha Bytes
2011-01-01 16:15 . 1998-10-07 11:54     327168  ----a-w-        c:windowsIsUn0415.exe
2010-12-31 17:45 . 2010-12-31 17:45     444952  ----a-w-        c:windowssystem32wrap_oal.dll
2010-12-31 17:45 . 2010-12-31 17:45     109080  ----a-w-        c:windowssystem32OpenAL32.dll
2010-12-31 17:45 . 2010-12-31 17:45     --------        d-----w-        c:program filesOpenAL
2010-12-31 17:44 . 2010-12-31 17:44     --------        d-----w-        c:program filesCommon FilesFuturemark Shared
2010-12-31 17:41 . 2010-12-31 17:41     --------        d-----w-        c:program filesFuturemark
2010-12-31 15:33 . 2010-12-31 15:34     --------        d-----w-        c:program filesRivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
2010-12-27 01:31 . 2010-12-27 01:31     --------        d-----w-        c:usersTomekAppDataRoamingNeed for Speed World
2010-12-26 23:39 . 2010-12-26 23:39     --------        d-----w-        c:usersTomekAppDataLocalElectronic_Arts_Inc
2010-12-22 23:11 . 2010-12-22 23:27     --------        d-----w-        c:usersTomekAppDataLocalDFUserRoot
2010-12-22 23:11 . 2010-12-22 23:11     --------        d-----w-        c:usersTomekAppDataRoamingDefault
2010-12-21 01:43 . 2010-12-21 01:43     --------        d-----w-        C:gPotato.eu
2010-12-18 16:21 . 2010-12-18 16:21     --------        d-----w-        c:program filesOCCT
 
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-31 20:06 . 2010-07-11 19:14     38848   ----a-w-        c:windowsavastSS.scr
2010-12-31 20:06 . 2010-05-03 21:23     188216  ----a-w-        c:windowssystem32aswBoot.exe
2010-12-31 20:00 . 2010-05-03 21:33     293968  ----a-w-        c:windowssystem32driversaswSP.sys
2010-12-31 19:59 . 2010-05-03 21:33     47440   ----a-w-        c:windowssystem32driversaswTdi.sys
2010-12-31 19:56 . 2010-05-03 21:33     23632   ----a-w-        c:windowssystem32driversaswRdr.sys
2010-12-31 19:56 . 2010-05-03 21:33     51280   ----a-w-        c:windowssystem32driversaswMonFlt.sys
2010-12-31 19:56 . 2010-05-03 21:33     17744   ----a-w-        c:windowssystem32driversaswFsBlk.sys
2010-12-25 18:14 . 2010-05-24 23:22     189480  ----a-w-        c:windowssystem32PnkBstrB.xtr
2010-12-25 18:14 . 2010-11-27 15:57     137544  ----a-w-        c:windowssystem32driversPnkBstrK.sys
2010-12-25 18:13 . 2010-11-27 15:57     189480  ----a-w-        c:windowssystem32PnkBstrB.exe
2010-11-27 16:54 . 2010-05-24 23:21     138056  ----a-w-        c:usersTomekAppDataRoamingPnkBstrK.sys
2010-11-27 16:50 . 2010-11-27 15:57     75064   ----a-w-        c:windowssystem32PnkBstrA.exe
2010-11-22 00:33 . 2010-05-24 23:21     3360624 ----a-w-        c:windowssystem32pbsvc.exe
2010-11-04 05:52 . 2010-12-15 14:03     978944  ----a-w-        c:windowssystem32wininet.dll
2010-11-04 05:48 . 2010-12-15 14:03     44544   ----a-w-        c:windowssystem32licmgr10.dll
2010-11-04 04:41 . 2010-12-15 14:03     386048  ----a-w-        c:windowssystem32html.iec
2010-11-04 04:08 . 2010-12-15 14:03     1638912 ----a-w-        c:windowssystem32mshtml.tlb
2010-11-02 04:41 . 2010-12-15 14:03     351232  ----a-w-        c:windowssystem32wmicmiplugin.dll
2010-11-02 04:40 . 2010-12-15 14:03     496128  ----a-w-        c:windowssystem32taskschd.dll
2010-11-02 04:40 . 2010-12-15 14:03     305152  ----a-w-        c:windowssystem32taskcomp.dll
2010-11-02 04:39 . 2010-12-15 14:03     749056  ----a-w-        c:windowssystem32schedsvc.dll
2010-11-02 04:34 . 2010-12-15 14:03     192000  ----a-w-        c:windowssystem32taskeng.exe
2010-11-02 04:34 . 2010-12-15 14:03     179712  ----a-w-        c:windowssystem32schtasks.exe
2010-10-27 04:32 . 2010-12-15 14:03     2048    ----a-w-        c:windowssystem32tzres.dll
2010-10-22 06:23 . 2009-07-13 22:09     5473896 ----a-w-        c:windowssystem32nvwgf2um.dll
2010-10-22 06:23 . 2011-01-01 17:04     10920   ----a-w-        c:windowssystem32driversnvBridge.kmd
2010-10-22 06:23 . 2010-04-03 16:07     1719912 ----a-w-        c:windowssystem32nvapi.dll
2010-10-20 04:54 . 2010-12-15 14:03     34304   ----a-w-        c:windowssystem32atmlib.dll
2010-10-20 03:00 . 2010-12-15 14:03     2327552 ----a-w-        c:windowssystem32win32k.sys
2010-10-20 02:58 . 2010-12-15 14:03     294400  ----a-w-        c:windowssystem32atmfd.dll
2010-04-03 15:06 . 2010-04-03 15:06     1093632 ----a-w-        c:program filesBESTplayer.exe
2007-11-06 23:19 . 2010-09-24 22:03     568832  ----a-w-        c:program filesoperaprogrampluginsmsvcp90.dll
2007-11-06 23:19 . 2010-09-24 22:03     655872  ----a-w-        c:program filesoperaprogrampluginsmsvcr90.dll
.
 
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domylne, prawidowe wpisy nie s pokazane  
REGEDIT4
 
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersIDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOTCLSID{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2010-08-25 14:36        70264   ----a-w-        c:program filesInternet Download ManagerIDMShellExt.dll
 
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
"avast5"="c:program filesAlwil SoftwareAvast5avastUI.exe" [2010-12-31 3395600]
"Malwarebytes' Anti-Malware"="c:program filesMalwarebytes' Anti-Malwarembamgui.exe" [2010-04-29 437584]
 
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
 
[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionpoliciesexplorer]
"TaskbarNoNotification"= 1 (0x1)
"DisallowCpl"= 1 (0x1)
 
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversiondrivers32]
"aux"=wdmaud.drv
 
[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregPC Suite Tray]
2010-05-14 09:32        1479680 ----a-w-        c:program filesNokiaNokia PC Suite 7PCSuite.exe
 
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:windowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe [2010-03-18 130384]
R2 KMService;KMService;c:windowssystem32srvany.exe [2010-08-26 8192]
R3 cpuz130;cpuz130; [x]
R3 hwusbfake;Huawei DataCard USB Fake;c:windowssystem32DRIVERSewusbfake.sys [2009-08-04 103040]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:program filesMicrosoft OfficeOffice14GROOVE.EXE [2010-03-25 30969208]
R3 npggsvc;nProtect GameGuard Service;c:windowssystem32GameMon.des [2010-04-22 3570600]
R3 osppsvc;Office Software Protection Platform;c:program filesCommon FilesMicrosoft SharedOfficeSoftwareProtectionPlatformOSPPSVC.EXE [2010-01-09 4640000]
R3 SwitchBoard;SwitchBoard;c:program filesCommon FilesAdobeSwitchBoardSwitchBoard.exe [2010-02-19 517096]
R3 WatAdminSvc;Usuga Technologie aktywacji systemu Windows;c:windowssystem32WatWatAdminSvc.exe [2010-05-18 1343400]
R4 sptd;sptd;c:windowssystem32Driverssptd.sys [2010-04-11 691696]
S1 aswSP;aswSP; [x]
S2 Akamai;Akamai NetSession Interface;c:windowsSystem32svchost.exe [2009-07-14 20992]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:windowssystem32driversaswMonFlt.sys [2010-12-31 51280]
S2 IDMWFP;IDMWFP;c:windowssystem32DRIVERSidmwfp.sys [2010-08-25 69264]
S2 MBAMService;MBAMService;c:program filesMalwarebytes' Anti-Malwarembamservice.exe [2010-04-29 304464]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:program filesNVIDIA Corporation3D VisionnvSCPAPISvr.exe [2010-10-16 369256]
S3 MBAMProtector;MBAMProtector;c:windowssystem32driversmbam.sys [2010-04-29 20952]
S3 RTL8167;Realtek 8167 NT Driver;c:windowssystem32DRIVERSRt86win7.sys [2010-11-30 327272]
 
 
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionsvchost]
Akamai  REG_MULTI_SZ    Akamai
.
Zawarto folderu 'Zaplanowane zadania'
 
2011-01-17 c:windowsTasksRegistryBooster.job
- c:program filesUniblueRegistryBoosterrbmonitor.exe [2010-11-23 12:18]
.
.
------- Skan uzupeniajcy -------
.
uStart Page = hxxp://www.aol.com/
IE: E&ksportuj do programu Microsoft Excel - c:progra~1MICROS~2Office14EXCEL.EXE/3000
IE: Pobierz za pomoc Mega Manager...
IE: Wylij &do programu OneNote - c:progra~1MICROS~2Office14ONBttnIE.dll/105
IE: cignij przez IDM - c:program filesInternet Download ManagerIEExt.htm
IE: cignij wideo FLV przez IDM z 10 ostatnio danych - c:program filesInternet Download ManagerIEGetVL2.htm
IE: cignij wszystkie linki przez IDM - c:program filesInternet Download ManagerIEGetAll.htm
IE: cignij zawarto wideo FLV przez IDM - c:program filesInternet Download ManagerIEGetVL.htm
LSP: %SystemRoot%system32PrxerDrv.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:program filesCommon Filesmicrosoft sharedOFFICE14MSOXMLMF.DLL
FF - ProfilePath - c:usersTomekAppDataRoamingMozillaFirefoxProfiles320m9srg.default
FF - prefs.js: browser.search.defaulturl - hxxp://search.aol.com/search/search?query={searchTerms}&invocationType=tb50ffaoldesktop-chromesbox-en-us&tb_uuid=20101212130154625&tb_oid=12-12-2010&tb_mrud=12-12-2010
FF - prefs.js: browser.startup.homepage - hxxp://pl.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:pl:official
FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=843&invocationType=tb50ffaoldesktop-ab-en-us&tb_uuid=20101212130154625&tb_oid=12-12-2010&tb_mrud=12-12-2010&query=
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:program filesMozilla Firefoxextensions{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:program filesMozilla Firefoxextensions{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Battlefield Heroes Updater: battlefieldheroespatcher@ea.com - %profile%extensionsbattlefieldheroespatcher@ea.com
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%extensions{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: SOE Web Installer: {000F1EA4-5E08-4564-A29B-29076F63A37A} - %profile%extensions{000F1EA4-5E08-4564-A29B-29076F63A37A}
FF - Ext: IDM CC: mozilla_cc@internetdownloadmanager.com - c:usersTomekAppDataRoamingIDMidmmzcc3
FF - Ext: PC Sync 2 Synchronisation Extension: bkmrksync@nokia.com - c:program filesNokiaNokia PC Suite 7bkmrksync
.
 
[HKEY_LOCAL_MACHINEsystemControlSet001servicesnpggsvc]
"ImagePath"="c:windowssystem32GameMon.des -service"
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
 
[HKEY_USERSS-1-5-21-1934014915-3750418739-912919871-1001SoftwareSecuROMLicense information*]
"datasecu"=hex:77,9f,34,29,63,2a,b8,80,f7,8c,bc,8e,b5,a9,91,f0,bc,a2,14,86,83,
   a9,b3,d4,35,71,59,44,e6,fa,d5,d5,02,6f,56,c8,ab,8f,52,91,b8,5a,59,73,74,40,
"rkeysecu"=hex:e6,1a,73,39,62,a9,00,2a,09,83,42,30,d4,cf,99,bd
 
[HKEY_USERSS-1-5-21-1934014915-3750418739-912919871-1001_ClassesCLSID{2aace546-d637-438d-aa0c-b1de3d6646f5}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000149
"Therad"=dword:00000007
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
   1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,
 
[HKEY_USERSS-1-5-21-1934014915-3750418739-912919871-1001_ClassesCLSID{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):05,d9,80,85,8f,d3,69,c2,48,80,c9,fd,00,ef,ee,c8,f6,90,81,f6,17,
   db,c2,c2,43,8d,da,83,58,73,4a,ec,ac,3a,98,d3,d6,9c,3e,00,00,00,00,00,00,00,
 
[HKEY_LOCAL_MACHINEsystemControlSet001ControlClass{4D36E96D-E325-11CE-BFC1-08002BE10318}000AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
 
[HKEY_LOCAL_MACHINEsystemControlSet001ControlClass{4D36E96D-E325-11CE-BFC1-08002BE10318}001AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
 
[HKEY_LOCAL_MACHINEsystemControlSet001ControlClass{4D36E96D-E325-11CE-BFC1-08002BE10318}002AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
 
[HKEY_LOCAL_MACHINEsystemControlSet001ControlPCWSecurity]
@Denied: (Full) (Everyone)
.
--------------------- Pliki DLL adowane pod uruchomionymi procesami ---------------------
 
- - - - - - - > 'Explorer.exe'(5372)
c:program filesUnlockerUnlockerCOM.dll
c:program filesMalwarebytes' Anti-Malwarembamext.dll
.
Czas ukoczenia: 2011-01-17  13:48:01
ComboFix-quarantined-files.txt  2011-01-17 12:47
 
Przed: 253473140736 bajtw wolnych
Po: 260726505472 bajtw wolnych
 
- - End Of File - - 145863670436983C6C8B4426F9639325
 
Wygenerowano w 0.112s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!