Skocz do zawartości

  2. Przeglądanie profilu: Tematy: PcTowiec

PcTowiec

Rejestracja: 24 kwi 2010
OFFLINE Ostatnio: 25 04 2010 20:15
-----

Moje tematy

Logi - Oczyszczanie systemu

25 04 2010 - 09:52

Witam. Posiadam system Windows XP Professional SP2. Wczoraj na nowo zainstalowałem system. Dziś chciałbym sprawdzić czy wszystko w porządku z moim komputerem. Dlatego też przedstawiam wam "Profesjonalistom" mój log wygenerowany programem ComboFix. Proszę o sprawdzenie go i napisanie co jest nie tak. Nie mam szczególnych problemów ale wolę być spokojny :] Z góry dziękuję i pozdrawiam.
ComboFix 09-12-03.05 - Suchy 2010-04-25  9:47.2.1 - x86

Microsoft Windows XP Professional  5.1.2600.2.1250.48.1045.18.1014.495 [GMT 2:00]

Uruchomiony z: C:\ComboFix.exe

AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}



UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !!

.

- TRYB ZREDUKOWANEJ FUNKCJONALNOŚCI -

.



(((((((((((((((((((((((((   Pliki utworzone od 2010-03-25 do 2010-04-25  )))))))))))))))))))))))))))))))

.



2010-04-24 16:16 . 2010-04-24 16:16	--------	d-----w-	c:\documents and settings\Suchy\Ustawienia lokalne\Dane aplikacji\cache

2010-04-24 14:54 . 2009-12-04 14:54	3579811	----a-r-	C:\ComboFix.exe

2010-04-24 14:36 . 2004-03-22 13:17	25840	----a-w-	c:\windows\system32\Spool\prtprocs\w32x86\mdippr.dll

2010-04-24 14:36 . 2004-03-22 13:17	24816	----a-w-	c:\windows\system32\mdimon.dll

2010-04-24 14:34 . 2010-04-24 14:34	--------	d-----w-	c:\program files\Microsoft.NET

2010-04-24 14:33 . 2010-04-24 14:38	--------	d-----w-	c:\program files\Microsoft Works

2010-04-24 14:33 . 2010-04-24 14:34	--------	d-----w-	c:\windows\SHELLNEW

2010-04-24 14:32 . 2004-08-03 22:44	25600	----a-w-	c:\documents and settings\LocalService\Dane aplikacji\Microsoft\UPnP Device Host\upnphost\udhisapi.dll

2010-04-24 14:31 . 2010-04-24 14:31	--------	d-----w-	c:\program files\Windows Media Connect 2

2010-04-24 14:29 . 2010-04-24 14:30	--------	d-----w-	c:\windows\system32\drivers\UMDF

2010-04-24 14:29 . 2010-04-24 14:29	--------	d-----w-	c:\windows\system32\LogFiles

2010-04-24 14:29 . 2005-09-16 19:00	81920	----a-r-	c:\windows\system32\sm56co.dll

2010-04-24 14:19 . 2010-04-24 14:19	--------	d-----w-	c:\documents and settings\Suchy\Dane aplikacji\Intel

2010-04-24 14:19 . 2010-04-24 14:19	21275	----a-w-	c:\windows\system32\drivers\AegisP.sys

2010-04-24 14:19 . 2010-04-24 14:19	--------	d-----w-	c:\windows\system32\config\systemprofile\Dane aplikacji\Intel

2010-04-24 14:18 . 2010-04-24 14:18	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\Intel

2010-04-24 14:17 . 2010-04-24 14:17	--------	dc----w-	c:\windows\system32\DRVSTORE

2010-04-24 14:11 . 2004-08-03 21:07	2944	-c--a-w-	c:\windows\system32\dllcache\drmkaud.sys

2010-04-24 14:11 . 2004-08-03 21:07	2944	----a-w-	c:\windows\system32\drivers\drmkaud.sys

2010-04-24 14:11 . 2004-08-03 21:07	171776	-c--a-w-	c:\windows\system32\dllcache\kmixer.sys

2010-04-24 14:11 . 2004-08-03 21:07	171776	----a-w-	c:\windows\system32\drivers\kmixer.sys

2010-04-24 14:11 . 2004-08-03 21:07	52864	-c--a-w-	c:\windows\system32\dllcache\dmusic.sys

2010-04-24 14:11 . 2004-08-03 21:07	52864	----a-w-	c:\windows\system32\drivers\DMusic.sys

2010-04-24 14:11 . 2001-08-17 20:00	54272	-c--a-w-	c:\windows\system32\dllcache\swmidi.sys

2010-04-24 14:11 . 2001-08-17 20:00	54272	----a-w-	c:\windows\system32\drivers\swmidi.sys

2010-04-24 14:10 . 2004-08-03 20:39	142464	-c--a-w-	c:\windows\system32\dllcache\aec.sys

2010-04-24 14:10 . 2004-08-03 20:39	142464	------w-	c:\windows\system32\drivers\aec.sys

2010-04-24 14:03 . 2010-04-24 14:03	2560	----a-w-	c:\windows\_MSRSTRT.EXE

2010-04-24 13:57 . 2005-05-03 16:43	69632	----a-w-	c:\windows\ALCMTR.EXE

2010-04-24 13:54 . 2004-08-03 21:07	6400	-c--a-w-	c:\windows\system32\dllcache\splitter.sys

2010-04-24 13:54 . 2004-08-03 21:07	6400	----a-w-	c:\windows\system32\drivers\splitter.sys

2010-04-24 13:45 . 2004-08-03 21:15	82944	-c--a-w-	c:\windows\system32\dllcache\wdmaud.sys

2010-04-24 13:45 . 2004-08-03 21:15	82944	----a-w-	c:\windows\system32\drivers\wdmaud.sys

2010-04-24 13:45 . 2004-08-03 21:15	60800	-c--a-w-	c:\windows\system32\dllcache\sysaudio.sys

2010-04-24 13:45 . 2004-08-03 21:15	60800	----a-w-	c:\windows\system32\drivers\sysaudio.sys

2010-04-24 13:44 . 2010-04-24 13:44	--------	d-----w-	c:\windows\system32\Lang

2010-04-24 13:43 . 2004-08-03 20:58	5376	----a-w-	c:\windows\system32\drivers\MSPCLOCK.sys

2010-04-24 13:42 . 2005-07-15 14:48	40960	------r-	c:\windows\system32\ChCfg.exe

2010-04-24 13:41 . 2010-04-24 13:58	--------	d-----w-	c:\windows\system32\RTCOM

2010-04-24 13:41 . 2004-08-03 22:44	4096	-c--a-w-	c:\windows\system32\dllcache\ksuser.dll

2010-04-24 13:41 . 2004-08-03 22:44	4096	----a-w-	c:\windows\system32\ksuser.dll

2010-04-24 13:41 . 2004-08-03 21:08	60288	-c--a-w-	c:\windows\system32\dllcache\drmk.sys

2010-04-24 13:41 . 2004-08-03 21:08	60288	----a-w-	c:\windows\system32\drivers\drmk.sys

2010-04-24 13:39 . 2010-04-24 13:39	--------	d-----w-	c:\program files\ComboFix

2010-04-24 13:38 . 2006-09-25 15:58	23856	----a-w-	c:\windows\system32\spupdsvc.exe

2010-04-24 13:38 . 2006-05-04 14:22	86016	----a-w-	c:\windows\SOUNDMAN.EXE

2010-04-24 13:38 . 2006-05-16 16:04	2879488	----a-w-	c:\windows\SkyTel.exe

2010-04-24 13:38 . 2006-03-09 15:45	364544	----a-w-	c:\windows\RtlUpd.exe

2010-04-24 13:38 . 2006-05-04 14:35	9709568	----a-w-	c:\windows\RTLCPL.EXE

2010-04-24 13:38 . 2006-07-07 16:30	4313600	----a-w-	c:\windows\system32\drivers\RtkHDAud.sys

2010-04-24 13:38 . 2006-07-06 19:00	16251904	----a-w-	c:\windows\RTHDCPL.EXE

2010-04-24 13:38 . 2006-06-28 12:00	2158592	----a-w-	c:\windows\MicCal.exe

2010-04-24 13:38 . 2006-05-04 14:26	2808832	----a-w-	c:\windows\ALCWZRD.EXE

2010-04-24 13:38 . 2010-04-24 13:57	--------	d-----w-	c:\program files\Realtek

2010-04-24 13:38 . 2005-04-16 20:20	487424	------r-	c:\windows\RtlExUpd.dll

2010-04-24 13:36 . 2010-04-24 13:36	--------	d-----w-	c:\documents and settings\Suchy\Ustawienia lokalne\Dane aplikacji\ESET

2010-04-24 13:31 . 2010-04-24 13:31	--------	d-----w-	c:\documents and settings\Suchy\Ustawienia lokalne\Dane aplikacji\Stardock

2010-04-24 13:31 . 2010-04-24 14:09	--------	d-----w-	c:\program files\Common Files\Stardock

2010-04-24 13:31 . 2010-04-24 13:31	--------	d-----w-	c:\program files\Stardock

2010-04-24 13:22 . 2010-04-24 14:52	63592	----a-w-	c:\documents and settings\Suchy\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT

2010-04-24 13:21 . 2010-04-24 13:22	--------	d-----w-	c:\program files\RocketDock

2010-04-24 13:21 . 2010-04-24 13:21	--------	d-----w-	c:\program files\ESET

2010-04-24 13:21 . 2010-04-24 13:21	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\ESET

2010-04-24 13:19 . 2010-04-24 13:19	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\DAEMON Tools Lite

2010-04-24 13:19 . 2010-04-24 15:13	--------	d-----w-	c:\program files\DAEMON Tools Toolbar

2010-04-24 13:19 . 2010-04-24 13:19	--------	d-----w-	c:\program files\DAEMON Tools Lite

2010-04-24 13:18 . 2005-07-19 09:10	143360	----a-r-	c:\windows\system32\igfxres.dll

2010-04-24 13:17 . 2010-04-24 13:17	721904	----a-w-	c:\windows\system32\drivers\sptd.sys

2010-04-24 13:17 . 2010-04-24 13:20	--------	d-----w-	c:\documents and settings\Suchy\Dane aplikacji\DAEMON Tools Lite

2010-04-24 13:16 . 2004-08-03 21:08	26496	-c--a-w-	c:\windows\system32\dllcache\usbstor.sys

2010-04-24 13:15 . 2006-07-14 12:08	69722	----a-w-	c:\windows\system32\SynTPFcs.dll

2010-04-24 13:15 . 2006-07-14 12:11	81920	----a-w-	c:\windows\system32\SynTPCo2.dll

2010-04-24 13:15 . 2006-07-14 11:54	94298	----a-w-	c:\windows\system32\SynTPAPI.dll

2010-04-24 13:15 . 2006-07-14 11:49	194400	----a-w-	c:\windows\system32\drivers\SynTP.sys

2010-04-24 13:15 . 2006-07-14 11:54	114688	----a-w-	c:\windows\system32\SynCtrl.dll

2010-04-24 13:15 . 2006-07-14 11:54	86109	----a-w-	c:\windows\system32\SynCOM.dll

2010-04-24 13:15 . 2010-04-24 13:15	--------	d-----w-	c:\program files\Synaptics

2010-04-24 13:13 . 2004-12-02 14:36	70912	----a-w-	c:\windows\system32\drivers\Rtlnicxp.sys

2010-04-24 13:13 . 2010-04-24 13:13	--------	d-----w-	c:\windows\OPTIONS

2010-04-24 13:13 . 2010-04-24 13:38	--------	d--h--w-	c:\program files\InstallShield Installation Information

2010-04-24 13:13 . 2010-04-24 13:38	--------	d-----w-	c:\program files\Common Files\InstallShield

2010-04-24 13:12 . 2010-04-24 14:17	--------	d-----w-	c:\program files\Intel

2010-04-24 13:11 . 2010-04-24 20:25	--------	d-----w-	c:\documents and settings\Suchy\Dane aplikacji\Nowe Gadu-Gadu

2010-04-24 13:11 . 2010-04-24 13:12	--------	d-----w-	c:\program files\Nowe Gadu-Gadu

2010-04-24 13:10 . 2010-04-24 13:10	0	----a-w-	c:\windows\nsreg.dat

2010-04-24 13:10 . 2010-04-24 13:10	--------	d-----w-	c:\documents and settings\Suchy\Ustawienia lokalne\Dane aplikacji\Mozilla

2010-04-24 13:10 . 2009-05-29 20:31	881664	----a-w-	c:\windows\system32\xvidcore.dll

2010-04-24 13:10 . 2008-07-02 17:44	258048	----a-w-	c:\windows\system32\libFLAC.dll

2010-04-24 13:10 . 2010-04-24 13:10	--------	d-----w-	c:\program files\NAPI-PROJEKT

2010-04-24 13:10 . 2010-04-24 13:10	--------	d-----w-	c:\program files\ALLPlayer

2010-04-24 13:10 . 2010-04-24 13:10	--------	d-----w-	c:\program files\Common Files\Adobe

2010-04-24 13:05 . 2010-04-25 07:47	--------	d--h--r-	c:\windows\system32\config\systemprofile\Ustawienia lokalne

2010-04-24 13:05 . 2010-04-24 14:19	--------	d--h--r-	c:\windows\system32\config\systemprofile\Dane aplikacji

2010-04-24 13:05 . 2010-04-24 12:57	--------	d--h--w-	c:\windows\system32\config\systemprofile\Szablony

2010-04-24 13:05 . 2010-04-22 14:46	--------	d-----w-	c:\windows\system32\config\systemprofile\Ulubione

2010-04-24 13:05 . 2010-04-22 14:46	--------	d-----w-	c:\windows\system32\config\systemprofile\Pulpit

2010-04-24 13:05 . 2010-04-22 14:46	--------	d-----w-	c:\windows\system32\config\systemprofile\Moje dokumenty

2010-04-24 13:05 . 2010-04-22 14:46	--------	d-----r-	c:\windows\system32\config\systemprofile\Menu Start

2010-04-24 13:03 . 2004-08-03 22:44	7680	-c--a-w-	c:\windows\system32\dllcache\migregdb.exe

2010-04-24 13:02 . 2001-10-26 17:29	19456	-c--a-w-	c:\windows\system32\dllcache\cprofile.exe

2010-04-24 13:01 . 2010-04-24 13:01	--------	d-----w-	c:\documents and settings\Default User\Ustawienia lokalne\Dane aplikacji\Microsoft

2010-04-24 13:00 . 2010-04-24 14:30	--------	d-sh--w-	c:\documents and settings\All Users\DRM

2010-04-24 13:00 . 2010-04-24 13:00	--------	d-s---w-	c:\windows\Downloaded Program Files

2010-04-24 13:00 . 2010-04-24 13:00	--------	d-----w-	c:\program files\Usługi online



.

((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-04-24 14:30 . 2001-10-26 16:15	49910	----a-w-	c:\windows\system32\perfc015.dat

2010-04-24 14:30 . 2001-10-26 16:15	356068	----a-w-	c:\windows\system32\perfh015.dat

2010-04-24 14:28 . 2010-04-24 14:27	--------	d-----w-	c:\program files\CCleaner

2010-04-24 13:58 . 2010-04-24 13:01	86327	----a-w-	c:\windows\pchealth\helpctr\OfflineCache\index.dat

2010-04-24 13:18 . 2010-04-24 13:14	--------	d-----w-	c:\program files\Launch Manager

2010-04-24 13:02 . 2010-04-24 13:02	--------	d-----w-	c:\program files\microsoft frontpage

2010-04-24 12:58 . 2010-04-24 12:58	21856	----a-w-	c:\windows\system32\emptyregdb.dat

.



(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  

REGEDIT4



[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ALLUpdate"="c:\program files\ALLPlayer\ALLUpdate.exe sleep" [X]

"Nowe Gadu-Gadu"="c:\program files\Nowe Gadu-Gadu\gg.exe" [2009-10-28 11539048]

"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]

"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]



[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-21 35760]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]

"LaunchAp"="c:\program files\Launch Manager\LaunchAp.exe" [2005-07-25 32768]

"HotkeyApp"="c:\program files\Launch Manager\HotkeyApp.exe" [2006-07-17 65536]

"CtrlVol"="c:\program files\Launch Manager\CtrlVol.exe" [2003-09-16 20480]

"LMgrOSD"="c:\program files\Launch Manager\OSD.exe" [2005-03-16 204800]

"Wbutton"="c:\program files\Launch Manager\Wbutton.exe" [2006-07-10 86016]

"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-07-19 94208]

"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-07-19 77824]

"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-07-19 114688]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-07-14 798810]

"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-09-11 2054360]

"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2006-04-14 667718]

"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2006-04-14 602182]

"EOUApp"="c:\program files\Intel\Wireless\Bin\EOUWiz.exe" [2006-04-14 569413]

"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2006-07-06 16251904]

"SkyTel"="SkyTel.EXE" - c:\windows\SkyTel.exe [2006-05-16 2879488]

"SMSERIAL"="sm56hlpr.exe" - c:\windows\sm56hlpr.exe [2005-09-16 557056]



[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]



[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Nowe Gadu-Gadu\\gg.exe"=

"d:\\Program Files\\Valve\\hl.exe"=

"d:\\metin2 patch\\metin2.bin"=

"d:\\metin2 patch\\metin2client.bin"=



R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2009-09-11 108792]

R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2009-09-11 96408]

R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-09-11 735960]

S1 mailKmd;mailKmd; [x]

S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2010-04-24 721904]

.

.

------- Skan uzupełniający -------

.

uStart Page = hxxp://www.daemon-search.com/startpage

IE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

FF - ProfilePath - c:\documents and settings\Suchy\Dane aplikacji\Mozilla\Firefox\Profiles\2zyk8fpb.default\

FF - prefs.js: browser.startup.homepage - www.google.pl

FF - plugin: c:\documents and settings\Suchy\Dane aplikacji\Nowe Gadu-Gadu\_userdata\npgg.1.dll



---- FIREFOX - SPOSÓB POSTĘPOWANIA ----

c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency",   1600);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug",            false);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight",       2);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize",       1);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight",   25);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight",     5);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);

c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);

c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");

c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);

c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation",  false);

c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);

c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");

c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

.



**************************************************************************



catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2010-04-25 09:47

Windows 5.1.2600 Dodatek Service Pack 2 NTFS



skanowanie ukrytych procesów ...  



skanowanie ukrytych wpisów autostartu ... 



skanowanie ukrytych plików ...  



skanowanie pomyślnie ukończone

ukryte pliki: 0



**************************************************************************

.

--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------



- - - - - - - > 'explorer.exe'(2300)

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

Czas ukończenia: 2010-04-25 09:48

ComboFix-quarantined-files.txt  2010-04-25 07:48



Przed: 15 629 729 792 bajtów wolnych

Po: 16 233 328 640 bajtów wolnych



- - End Of File - - 9A1B5C07334EB877D085FFAF480D5E70

Logi - Ciągłe alerty antyvirusa

24 04 2010 - 11:20

Witam. Mój problem polega na tym, ze odrazu po zainstalowaniu systemu i programu antywirusowego, antywirus wykrywa mi wirusy. Przeskanowałem system programem ComboFix i otrzymałem następujący LOG. Proszę o sprawdzenie loga i wyjaśnienie w czym tkwi problem. Zaznaczam, że jestem początkujący. :]
ComboFix 10-04-21.01 - Suchy 2010-04-25  11:05:48.1.1 - x86

Microsoft Windows XP Professional  5.1.2600.2.1250.48.1045.18.1014.571 [GMT 2:00]

Uruchomiony z: c:\documents and settings\Suchy\Moje dokumenty\Pobieranie\ComboFix.exe

AV: avast! antivirus 4.7.1029 [VPS 100423-1] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

.



(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))

.



c:\windows\system32\AutoRun.inf



.

(((((((((((((((((((((((((   Pliki utworzone od 2010-03-25 do 2010-04-25  )))))))))))))))))))))))))))))))

.



2010-04-25 08:16 . 2010-04-25 08:46	--------	d-----w-	c:\windows\system32\CatRoot_bak

2010-04-25 07:55 . 2009-05-29 20:31	881664	----a-w-	c:\windows\system32\xvidcore.dll

2010-04-25 07:55 . 2008-07-02 17:44	258048	----a-w-	c:\windows\system32\libFLAC.dll

2010-04-25 07:55 . 2010-04-25 07:56	--------	d-----w-	c:\program files\NAPI-PROJEKT

2010-04-25 07:55 . 2010-04-25 07:56	--------	d-----w-	c:\program files\ALLPlayer

2010-04-25 07:35 . 2010-04-25 07:35	42168	----a-w-	c:\documents and settings\Suchy\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT

2010-04-25 07:35 . 2010-04-25 07:50	--------	d-----w-	c:\documents and settings\Suchy\Ustawienia lokalne\Dane aplikacji\gctmp

2010-04-25 07:35 . 2010-04-25 07:35	--------	d-----w-	c:\documents and settings\Suchy\Ustawienia lokalne\Dane aplikacji\Xenocode

2010-04-25 07:31 . 2010-04-25 08:02	--------	d-----w-	c:\program files\Game Cam V2

2010-04-22 03:24 . 2010-04-22 03:24	--------	d-----w-	c:\documents and settings\Suchy\Ustawienia lokalne\Dane aplikacji\Identities

2010-04-21 16:34 . 2010-04-21 16:34	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\WEBREG

2010-04-21 16:29 . 2010-04-21 16:29	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\Hewlett-Packard

2010-04-21 16:28 . 2007-03-28 12:01	117760	----a-w-	c:\windows\system32\hpzll5ha.dll

2010-04-21 16:28 . 2007-03-28 11:57	274944	----a-w-	c:\windows\system32\Spool\prtprocs\w32x86\hpzpp5ha.dll

2010-04-21 16:28 . 2006-09-13 16:19	15104	----a-w-	c:\windows\system32\drivers\usbscan.sys

2010-04-20 14:55 . 2010-04-20 14:55	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\HPSSUPPLY

2010-04-20 14:53 . 2010-04-20 14:53	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\HP Product Assistant

2010-04-20 14:53 . 2010-04-20 14:54	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\HP

2010-04-20 14:53 . 2010-04-20 14:53	--------	d-----w-	c:\program files\Common Files\HP

2010-04-20 14:53 . 2010-04-20 14:53	--------	d-----w-	c:\program files\Hewlett-Packard

2010-04-20 14:53 . 2010-04-20 14:53	--------	d-----w-	c:\program files\Common Files\Hewlett-Packard

2010-04-20 14:48 . 2010-04-21 16:34	141057	----a-w-	c:\windows\hpoins14.dat

2010-04-20 14:48 . 2007-09-20 15:56	2000	------w-	c:\windows\hpomdl14.dat

2010-04-20 03:51 . 2010-04-20 03:51	--------	d-----w-	c:\windows\system32\Lang



.

((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-04-25 07:31 . 2001-10-26 17:15	74648	----a-w-	c:\windows\system32\perfc015.dat

2010-04-25 07:31 . 2001-10-26 17:15	448586	----a-w-	c:\windows\system32\perfh015.dat

2010-04-24 19:52 . 2010-04-19 18:09	86327	----a-w-	c:\windows\pchealth\helpctr\OfflineCache\index.dat

2010-04-22 16:05 . 2010-04-19 19:00	--------	d-----w-	c:\documents and settings\Suchy\Dane aplikacji\Nowe Gadu-Gadu

2010-04-20 14:55 . 2010-04-20 14:52	--------	d-----w-	c:\program files\HP

2010-04-19 19:00 . 2010-04-19 19:00	--------	d-----w-	c:\program files\Nowe Gadu-Gadu

2010-04-19 18:54 . 2010-04-19 18:54	--------	d-----w-	c:\program files\Alwil Software

2010-04-19 18:49 . 2010-04-19 18:49	0	----a-w-	c:\windows\nsreg.dat

2010-04-19 18:41 . 2010-04-19 18:41	--------	d-----w-	c:\program files\Microsoft.NET

2010-04-19 18:36 . 2010-04-19 18:32	--------	d-----w-	c:\program files\Launch Manager

2010-04-19 18:35 . 2010-04-19 18:35	--------	d-----w-	c:\windows\system32\config\systemprofile\Dane aplikacji\Intel

2010-04-19 18:34 . 2010-04-19 18:32	--------	d--h--w-	c:\program files\InstallShield Installation Information

2010-04-19 18:33 . 2010-04-19 18:31	--------	d-----w-	c:\program files\Common Files\InstallShield

2010-04-19 18:32 . 2010-04-19 18:32	--------	d-----w-	c:\program files\Synaptics

2010-04-19 18:30 . 2010-04-19 18:30	--------	d-----w-	c:\documents and settings\Suchy\Dane aplikacji\Intel

2010-04-19 18:30 . 2010-04-19 18:30	21275	----a-w-	c:\windows\system32\drivers\AegisP.sys

2010-04-19 18:28 . 2010-04-19 18:28	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\Intel

2010-04-19 18:27 . 2010-04-19 18:27	--------	d-----w-	c:\program files\Intel

2010-04-19 18:08 . 2010-04-19 18:08	--------	d-----w-	c:\program files\Usługi online

2010-04-19 18:06 . 2010-04-19 18:06	21856	----a-w-	c:\windows\system32\emptyregdb.dat

.



------- Sigcheck -------



[-] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys

[-] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\atapi.sys

[-] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\drivers\atapi.sys



[-] 2004-08-03 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\asyncmac.sys

[-] 2004-08-03 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\drivers\asyncmac.sys



[-] 2001-08-17 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys



[-] 2004-08-03 . CC13DB862F929AE33F64C3BEDC01CD31 . 24960 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\kbdclass.sys

[-] 2004-08-03 . CC13DB862F929AE33F64C3BEDC01CD31 . 24960 . . [5.1.2600.2180] . . c:\windows\system32\drivers\kbdclass.sys



[-] 2004-08-03 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\ndis.sys

[-] 2004-08-03 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\system32\drivers\ndis.sys



[-] 2004-08-03 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\ntfs.sys

[-] 2004-08-03 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\system32\drivers\ntfs.sys



[-] 2001-08-17 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys



[-] 2004-08-03 . 210830D2497FEF78694076179AF8C795 . 77312 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\browser.dll

[-] 2004-08-03 . 210830D2497FEF78694076179AF8C795 . 77312 . . [5.1.2600.2180] . . c:\windows\system32\browser.dll



[-] 2004-08-03 . F485FEFC8CC4FD29243D800BE5D275D1 . 13312 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\lsass.exe

[-] 2004-08-03 . F485FEFC8CC4FD29243D800BE5D275D1 . 13312 . . [5.1.2600.2180] . . c:\windows\system32\lsass.exe



[-] 2004-08-03 . A6BFD910074B02C8794FC65F39CC6B28 . 382464 . . [6.6.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\qmgr.dll

[-] 2004-08-03 . A6BFD910074B02C8794FC65F39CC6B28 . 382464 . . [6.6.2600.2180] . . c:\windows\system32\qmgr.dll



[-] 2009-02-09 . 02A467E27AF55F7064C5B251E587315F . 111104 . . [5.1.2600.5755] . . c:\windows\SoftwareDistribution\Download\759d1ea8b2dedf36036c168a2c973aa4\SP3GDR\services.exe

[-] 2009-02-09 . 8816E60BF654353E8E0D35ED98875445 . 111104 . . [5.1.2600.5755] . . c:\windows\SoftwareDistribution\Download\759d1ea8b2dedf36036c168a2c973aa4\SP3QFE\services.exe

[-] 2009-02-09 . ED4E5391100287B9EABF8F2CF4B42235 . 111104 . . [5.1.2600.3520] . . c:\windows\SoftwareDistribution\Download\759d1ea8b2dedf36036c168a2c973aa4\SP2GDR\services.exe

[-] 2009-02-09 . 245A46964D7F534E1D20563ACF215E80 . 111104 . . [5.1.2600.3520] . . c:\windows\SoftwareDistribution\Download\759d1ea8b2dedf36036c168a2c973aa4\SP2QFE\services.exe

[-] 2004-08-03 . 3DA8D964D2CC12EF8E8C342471A37917 . 108544 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\services.exe

[-] 2004-08-03 . 3DA8D964D2CC12EF8E8C342471A37917 . 108544 . . [5.1.2600.2180] . . c:\windows\system32\services.exe



[-] 2004-08-03 . 0344407089B08548D4FEBA62BB0F32D0 . 504832 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\winlogon.exe

[-] 2004-08-03 . 0344407089B08548D4FEBA62BB0F32D0 . 504832 . . [5.1.2600.2180] . . c:\windows\system32\winlogon.exe



[-] 2004-08-03 . 91723CD7C96C5854149F9CAE820A90DD . 60416 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\cryptsvc.dll

[-] 2004-08-03 . 91723CD7C96C5854149F9CAE820A90DD . 60416 . . [5.1.2600.2180] . . c:\windows\system32\cryptsvc.dll



[-] 2004-08-03 . BDB679C04273B19BF46BD0D591FDEEC3 . 110080 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\imm32.dll

[-] 2004-08-03 . BDB679C04273B19BF46BD0D591FDEEC3 . 110080 . . [5.1.2600.2180] . . c:\windows\system32\imm32.dll



[-] 2004-08-03 . 261DB4366ECB4220EA960F0CA78CABAC . 22016 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\lpk.dll

[-] 2004-08-03 . 261DB4366ECB4220EA960F0CA78CABAC . 22016 . . [5.1.2600.2180] . . c:\windows\system32\lpk.dll



[-] 2004-08-03 . 9AFE931CBC9244A5EB0B9E9D5FA74F44 . 343040 . . [7.0.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\msvcrt.dll

[-] 2004-08-03 . 9AFE931CBC9244A5EB0B9E9D5FA74F44 . 343040 . . [7.0.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\asms\70\msft\windows\mswincrt\msvcrt.dll

[-] 2004-08-03 . 9AFE931CBC9244A5EB0B9E9D5FA74F44 . 343040 . . [7.0.2600.2180] . . c:\windows\system32\msvcrt.dll



[-] 2008-06-20 . 300BCC512DE4038F1494230941DB2C2A . 246784 . . [5.1.2600.5625] . . c:\windows\SoftwareDistribution\Download\5cb56d26ae277f6fc62b86faa15488d1\sp3gdr\mswsock.dll

[-] 2008-06-20 . BF80D884E1C60DED1C7CEA3EC6F9DC28 . 246784 . . [5.1.2600.5625] . . c:\windows\SoftwareDistribution\Download\5cb56d26ae277f6fc62b86faa15488d1\sp3qfe\mswsock.dll

[-] 2008-06-20 . F1590C9B2294DB9ACE3B081ABD596174 . 246784 . . [5.1.2600.3394] . . c:\windows\SoftwareDistribution\Download\5cb56d26ae277f6fc62b86faa15488d1\sp2qfe\mswsock.dll

[-] 2004-08-03 . 83387067B25E000E64B178A62E5DCD24 . 246784 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\mswsock.dll

[-] 2004-08-03 . 83387067B25E000E64B178A62E5DCD24 . 246784 . . [5.1.2600.2180] . . c:\windows\system32\mswsock.dll



[-] 2009-02-06 . B771DCBE0449C9F0F290092DEC48E698 . 408064 . . [5.1.2600.3520] . . c:\windows\SoftwareDistribution\Download\b9be243db6b894ce9e323522cf6ec04e\sp2qfe\netlogon.dll

[-] 2009-02-06 . B771DCBE0449C9F0F290092DEC48E698 . 408064 . . [5.1.2600.3520] . . c:\windows\SoftwareDistribution\Download\d6a0beecc09811560f2d8f8cf59409a0\sp2qfe\netlogon.dll

[-] 2004-08-03 . 8BE1BEBB1447EFFAF5F2135DC098431E . 407040 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\netlogon.dll

[-] 2004-08-03 . 8BE1BEBB1447EFFAF5F2135DC098431E . 407040 . . [5.1.2600.2180] . . c:\windows\system32\netlogon.dll



[-] 2004-08-03 . B20BB2A65349EF132FA7F2EB51A29E5C . 17408 . . [6.00.2900.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\powrprof.dll

[-] 2004-08-03 . B20BB2A65349EF132FA7F2EB51A29E5C . 17408 . . [6.00.2900.2180] . . c:\windows\system32\powrprof.dll



[-] 2004-08-03 . 3609496AE18FF399920C494270C526F9 . 185344 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\scecli.dll

[-] 2004-08-03 . 3609496AE18FF399920C494270C526F9 . 185344 . . [5.1.2600.2180] . . c:\windows\system32\scecli.dll



[-] 2004-08-03 . 3F342B984E9E1ABD58347DA859CD44C6 . 5120 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\sfc.dll

[-] 2004-08-03 . 3F342B984E9E1ABD58347DA859CD44C6 . 5120 . . [5.1.2600.2180] . . c:\windows\system32\sfc.dll



[-] 2004-08-03 . BA98327E90022DBD6EE76490E0622E2E . 14336 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\svchost.exe

[-] 2004-08-03 . BA98327E90022DBD6EE76490E0622E2E . 14336 . . [5.1.2600.2180] . . c:\windows\system32\svchost.exe



[-] 2004-08-03 . BD768099B4C44AA631728CB74EB54396 . 25088 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\userinit.exe

[-] 2004-08-03 . BD768099B4C44AA631728CB74EB54396 . 25088 . . [5.1.2600.2180] . . c:\windows\system32\userinit.exe



[-] 2004-08-03 . AB82237486B727DD7DAB36A76F38A3A2 . 82944 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\ws2_32.dll

[-] 2004-08-03 . AB82237486B727DD7DAB36A76F38A3A2 . 82944 . . [5.1.2600.2180] . . c:\windows\system32\ws2_32.dll



[-] 2004-08-03 . F309D9894FCA821E3C2F557A8032D47A . 171008 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\srsvc.dll

[-] 2004-08-03 . F309D9894FCA821E3C2F557A8032D47A . 171008 . . [5.1.2600.2180] . . c:\windows\system32\srsvc.dll



[-] 2004-08-03 . 1905812AB06A70FF21907FAA10C927D6 . 13824 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\wscntfy.exe

[-] 2004-08-03 . 1905812AB06A70FF21907FAA10C927D6 . 13824 . . [5.1.2600.2180] . . c:\windows\system32\wscntfy.exe



[-] 2004-08-03 . E3C9EF5BCC9EB171BD81051CD19BDED7 . 129536 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\xmlprov.dll

[-] 2004-08-03 . E3C9EF5BCC9EB171BD81051CD19BDED7 . 129536 . . [5.1.2600.2180] . . c:\windows\system32\xmlprov.dll



[-] 2004-08-03 . 05684DE2DA55A04C8AAAB5911AFE7643 . 55808 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\eventlog.dll

[-] 2004-08-03 . 05684DE2DA55A04C8AAAB5911AFE7643 . 55808 . . [5.1.2600.2180] . . c:\windows\system32\eventlog.dll



[-] 2004-08-03 . F044A12CFFB8E58BC044A2605283A636 . 1548288 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\sfcfiles.dll

[-] 2004-08-03 . F044A12CFFB8E58BC044A2605283A636 . 1548288 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll



[-] 2004-08-03 . CBFA30492D70CE3938D8A7783D0C0436 . 15360 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\ctfmon.exe

[-] 2004-08-03 . CBFA30492D70CE3938D8A7783D0C0436 . 15360 . . [5.1.2600.2180] . . c:\windows\system32\ctfmon.exe



[-] 2004-08-03 . A19BFED61736127DB5B8B815AFB35190 . 59904 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\regsvc.dll

[-] 2004-08-03 . A19BFED61736127DB5B8B815AFB35190 . 59904 . . [5.1.2600.2180] . . c:\windows\system32\regsvc.dll



[-] 2004-08-03 . E5F1C9EAD4C6617ACD40CA90882CC7D4 . 192000 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\schedsvc.dll

[-] 2004-08-03 . E5F1C9EAD4C6617ACD40CA90882CC7D4 . 192000 . . [5.1.2600.2180] . . c:\windows\system32\schedsvc.dll



[-] 2004-08-03 . BB754C4BE0B18F0FAF01A7EBDE7025C4 . 71680 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\ssdpsrv.dll

[-] 2004-08-03 . BB754C4BE0B18F0FAF01A7EBDE7025C4 . 71680 . . [5.1.2600.2180] . . c:\windows\system32\ssdpsrv.dll



[-] 2004-08-03 . 2C28157229925280916B3041CCC5FE4B . 296448 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\termsrv.dll

[-] 2004-08-03 . 2C28157229925280916B3041CCC5FE4B . 296448 . . [5.1.2600.2180] . . c:\windows\system32\termsrv.dll



[-] 2004-08-03 . 8D60B308D061DA209CC271D9B480468C . 172032 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\appmgmts.dll

[-] 2004-08-03 . 8D60B308D061DA209CC271D9B480468C . 172032 . . [5.1.2600.2180] . . c:\windows\system32\appmgmts.dll



[-] 2001-10-26 . 66A42B7DB194E24B973BBCCE840A0F3F . 12032 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys



[-] 2004-08-03 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\ip6fw.sys

[-] 2004-08-03 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\system32\drivers\ip6fw.sys



[-] 2004-08-03 . 1D0EBF9EDAE8A61CBF56ED1FF8489FAC . 33792 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\msgsvc.dll

[-] 2004-08-03 . 1D0EBF9EDAE8A61CBF56ED1FF8489FAC . 33792 . . [5.1.2600.2180] . . c:\windows\system32\msgsvc.dll



[-] 2004-08-03 23:44 . C8CE1566B0537C3F5F7AE1CA458A6697 . 435712 . . [5.1.2400.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\ntmssvc.dll

[-] 2004-08-03 23:44 . C8CE1566B0537C3F5F7AE1CA458A6697 . 435712 . . [5.1.2400.2180] . . c:\windows\system32\ntmssvc.dll



[-] 2004-08-03 . 387D2A06C8E7CCCEA8E9A350C8FE6781 . 185856 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\upnphost.dll

[-] 2004-08-03 . 387D2A06C8E7CCCEA8E9A350C8FE6781 . 185856 . . [5.1.2600.2180] . . c:\windows\system32\upnphost.dll



[-] 2004-08-03 . 9E46388FE1308B54F843959FBE2764F9 . 367616 . . [5.3.2600.2180] . . c:\windows\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\dsound.dll

[-] 2004-08-03 . 9E46388FE1308B54F843959FBE2764F9 . 367616 . . [5.3.2600.2180] . . c:\windows\system32\dsound.dll

.

(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  

REGEDIT4



[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Nowe Gadu-Gadu"="c:\program files\Nowe Gadu-Gadu\gg.exe" [2009-10-28 11539048]

"ALLUpdate"="c:\program files\ALLPlayer\ALLUpdate.exe" [2010-03-23 1432064]



[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-07-19 94208]

"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-07-19 77824]

"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-07-19 114688]

"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2006-04-14 667718]

"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2006-04-14 602182]

"EOUApp"="c:\program files\Intel\Wireless\Bin\EOUWiz.exe" [2006-04-14 569413]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-07-14 798810]

"LaunchAp"="c:\program files\Launch Manager\LaunchAp.exe" [2005-07-25 32768]

"HotkeyApp"="c:\program files\Launch Manager\HotkeyApp.exe" [2006-07-17 65536]

"CtrlVol"="c:\program files\Launch Manager\CtrlVol.exe" [2003-09-16 20480]

"LMgrOSD"="c:\program files\Launch Manager\OSD.exe" [2005-03-16 204800]

"Wbutton"="c:\program files\Launch Manager\Wbutton.exe" [2006-07-10 86016]

"RTHDCPL"="RTHDCPL.EXE" [2006-07-06 16251904]

"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]

"SMSERIAL"="sm56hlpr.exe" [2005-09-16 557056]

"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]



[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]



c:\documents and settings\All Users\Menu Start\Programy\Autostart\

HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]



[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Nowe Gadu-Gadu\\gg.exe"=

"d:\\metin2 patch\\metin2.bin"=

"d:\\metin2 patch\\metin2client.bin"=

"d:\\Program Files\\Valve\\hlds.exe"=

"d:\\Program Files\\Valve\\hl.exe"=



S1 mailKmd;mailKmd; [x]



[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12

hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc

.

.

------- Skan uzupełniający -------

.

IE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000

FF - ProfilePath - c:\documents and settings\Suchy\Dane aplikacji\Mozilla\Firefox\Profiles\tipmddx9.default\

FF - plugin: c:\documents and settings\Suchy\Dane aplikacji\Nowe Gadu-Gadu\_userdata\npgg.1.dll



---- FIREFOX - SPOSÓB POSTĘPOWANIA ----

c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency",   1600);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug",            false);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight",       2);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize",       1);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight",   25);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight",     5);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);

c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);

c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");

c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);

c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation",  false);

c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);

c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");

c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

.



**************************************************************************



catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2010-04-25 11:09

Windows 5.1.2600 Dodatek Service Pack 2 NTFS



skanowanie ukrytych procesów ...  



skanowanie ukrytych wpisów autostartu ... 



skanowanie ukrytych plików ...  



skanowanie pomyślnie ukończone

ukryte pliki: 0



**************************************************************************

.

Czas ukończenia: 2010-04-25  11:10:40

ComboFix-quarantined-files.txt  2010-04-25 09:10



Przed: 14 970 757 120 bajtów wolnych

Po: 15 551 139 840 bajtów wolnych



WindowsXP-KB310994-SP2-Pro-BootDisk-PLK.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect



- - End Of File - - 7EC5C3B5EC43DA9B9307F036677FFEA2

  1. Forum Komputerowe Tweaks.pl
  2. Przeglądanie profilu: Tematy: PcTowiec
  3. Polityka prywatności
  4. Szukaj
  5. Regulamin Forum ·