johnybravo0
Nowy
Liczba postów: 9
|
RE: Problem z klikaniem
OK, odpaliłem i przesyłam wam treść loga, jaki wygenerował program:
Kod:
ComboFix 11-10-30.03 - Gosia 2011-11-01 10: 43: 43.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.48.1045.18.2935.1989 [GMT 1: 00]
Uruchomiony z: c: \users\Gosia\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Pliki utworzone od 2011-10-01 do 2011-11-01 )))))))))))))))))))))))))))))))
.
.
2011-11-01 09: 47 . 2011-11-01 09: 47 -------- d-----w- c: \users\Default\AppData\Local\temp
2011-10-31 11: 02 . 2011-10-31 11: 02 -------- d-----w- c: \program files (x86)\Microsoft Silverlight
2011-10-30 15: 27 . 2011-10-30 15: 28 -------- d-----w- c: \program files (x86)\PhotoFiltre
2011-10-30 14: 34 . 2011-10-30 14: 34 -------- d-----w- c: \program files (x86)\PIXresizer
2011-10-30 14: 34 . 2007-04-14 23: 05 991232 ----a-w- c: \windows\SysWow64\imageviewer2.ocx
2011-10-30 14: 34 . 2004-03-08 22: 00 224016 ----a-w- c: \windows\SysWow64\tabctl32.ocx
2011-10-30 14: 34 . 2002-08-29 18: 00 1703936 ----a-w- c: \windows\SysWow64\gdiplus.dll
2011-10-30 14: 34 . 2000-07-09 17: 15 106496 ----a-w- c: \windows\SysWow64\mbprgbar.ocx
2011-10-30 14: 34 . 2000-05-21 23: 00 608448 ----a-w- c: \windows\SysWow64\comctl32.ocx
2011-10-30 14: 34 . 2000-05-01 22: 02 110592 ----a-w- c: \windows\SysWow64\ccrpbds6.dll
2011-10-30 14: 34 . 1999-09-16 08: 04 151552 ----a-w- c: \windows\SysWow64\ccrpfd6.ocx
2011-10-30 14: 34 . 1998-06-23 23: 00 164144 ----a-w- c: \windows\SysWow64\comct232.ocx
2011-10-30 14: 34 . 1996-01-11 23: 00 200704 ----a-w- c: \windows\SysWow64\threed32.ocx
2011-10-28 06: 39 . 2011-10-07 04: 16 8570192 ----a-w- c: \programdata\Microsoft\Windows Defender\Definition Updates\{BE8DA8C9-568B-4F8D-B597-2A911E06267C}\mpengine.dll
2011-10-27 15: 45 . 2011-10-27 16: 44 -------- d-----w- c: \program files (x86)\Audio CD Burner Gold
2011-10-27 14: 56 . 2011-10-27 14: 56 -------- d-----w- c: \programdata\Astroburn Lite
2011-10-27 13: 34 . 2011-10-27 13: 34 -------- d-----w- c: \programdata\Gadu-Gadu 10
2011-10-27 13: 33 . 2011-10-27 13: 33 -------- d-----w- c: \program files (x86)\Gadu-Gadu 10
2011-10-26 10: 04 . 2011-10-26 10: 04 -------- d-----w- c: \program files (x86)\AP Tuner
2011-10-25 21: 19 . 2011-10-25 21: 19 -------- d-----w- c: \program files (x86)\GIMP-2.0
2011-10-25 21: 13 . 2011-10-25 21: 13 -------- d-----w- c: \program files (x86)\Google
2011-10-25 18: 00 . 2011-10-25 18: 00 -------- d-----w- c: \program files (x86)\MSECache
2011-10-24 18: 40 . 2010-07-30 12: 18 57856 ----a-w- c: \windows\system32\nmwcdclsX64.dll
2011-10-24 18: 40 . 2011-10-24 18: 40 -------- d-----w- c: \program files (x86)\Nokia
2011-10-23 21: 53 . 2011-10-23 21: 53 -------- d-----w- C: \fec13ebe9652bd0e672ce34b47a16b
2011-10-22 19: 23 . 2011-10-22 19: 23 -------- d-----w- c: \program files (x86)\Microsoft.NET
2011-10-22 19: 22 . 2011-10-31 21: 01 -------- d-sh--w- c: \windows\Installer
2011-10-22 12: 37 . 2011-10-22 12: 37 -------- d-----w- c: \program files (x86)\Foxit Software
2011-10-22 08: 26 . 2011-03-11 06: 41 189824 ----a-w- c: \windows\system32\drivers\storport.sys
2011-10-22 08: 26 . 2011-03-11 06: 41 1659776 ----a-w- c: \windows\system32\drivers\ntfs.sys
2011-10-22 08: 26 . 2011-03-11 06: 41 148352 ----a-w- c: \windows\system32\drivers\nvraid.sys
2011-10-22 08: 26 . 2011-03-11 06: 41 410496 ----a-w- c: \windows\system32\drivers\iaStorV.sys
2011-10-22 08: 26 . 2011-03-11 06: 41 27008 ----a-w- c: \windows\system32\drivers\amdxata.sys
2011-10-22 08: 26 . 2011-03-11 06: 41 107904 ----a-w- c: \windows\system32\drivers\amdsata.sys
2011-10-22 08: 26 . 2011-03-11 06: 33 2565632 ----a-w- c: \windows\system32\esent.dll
2011-10-22 08: 26 . 2011-03-11 06: 30 96768 ----a-w- c: \windows\system32\fsutil.exe
2011-10-22 08: 26 . 2011-03-11 05: 33 1699328 ----a-w- c: \windows\SysWow64\esent.dll
2011-10-22 08: 26 . 2011-03-11 05: 31 74240 ----a-w- c: \windows\SysWow64\fsutil.exe
2011-10-22 08: 26 . 2011-03-11 06: 41 166272 ----a-w- c: \windows\system32\drivers\nvstor.sys
2011-10-22 08: 05 . 2011-03-25 03: 29 343040 ----a-w- c: \windows\system32\drivers\usbhub.sys
2011-10-22 08: 05 . 2011-03-25 03: 29 98816 ----a-w- c: \windows\system32\drivers\usbccgp.sys
2011-10-22 08: 05 . 2011-03-25 03: 29 325120 ----a-w- c: \windows\system32\drivers\usbport.sys
2011-10-22 08: 05 . 2011-03-25 03: 29 52736 ----a-w- c: \windows\system32\drivers\usbehci.sys
2011-10-22 08: 05 . 2011-03-25 03: 29 25600 ----a-w- c: \windows\system32\drivers\usbohci.sys
2011-10-22 08: 05 . 2011-03-25 03: 29 30720 ----a-w- c: \windows\system32\drivers\usbuhci.sys
2011-10-22 08: 05 . 2011-03-25 03: 28 7936 ----a-w- c: \windows\system32\drivers\usbd.sys
2011-10-21 18: 03 . 2011-10-21 18: 03 -------- d-----w- c: \windows\system32\Macromed
2011-10-21 17: 17 . 2011-10-21 17: 17 -------- d-----w- c: \programdata\Canneverbe Limited
2011-10-21 17: 15 . 2011-10-21 17: 15 -------- d-----w- c: \program files\CDBurnerXP
2011-10-21 14: 13 . 2011-10-21 14: 13 -------- d-----w- c: \windows\SysWow64\Wat
2011-10-21 14: 13 . 2011-10-21 14: 13 -------- d-----w- c: \windows\system32\Wat
2011-10-21 00: 41 . 2011-07-09 05: 26 2048 ----a-w- c: \windows\system32\tzres.dll
2011-10-21 00: 41 . 2011-07-09 04: 29 2048 ----a-w- c: \windows\SysWow64\tzres.dll
2011-10-20 21: 35 . 2011-06-23 05: 43 5561216 ----a-w- c: \windows\system32\ntoskrnl.exe
2011-10-20 21: 35 . 2011-06-23 04: 33 3967872 ----a-w- c: \windows\SysWow64\ntkrnlpa.exe
2011-10-20 21: 35 . 2011-06-23 04: 33 3912576 ----a-w- c: \windows\SysWow64\ntoskrnl.exe
2011-10-20 21: 04 . 2011-03-12 12: 08 1465344 ----a-w- c: \windows\system32\XpsPrint.dll
2011-10-20 21: 04 . 2011-03-12 11: 23 870912 ----a-w- c: \windows\SysWow64\XpsPrint.dll
2011-10-20 20: 34 . 2011-04-25 02: 34 499200 ----a-w- c: \windows\system32\drivers\afd.sys
2011-10-20 20: 27 . 2011-09-06 03: 03 3138048 ----a-w- c: \windows\system32\win32k.sys
2011-10-20 19: 58 . 2011-06-15 10: 02 212992 ----a-w- c: \windows\system32\odbctrac.dll
2011-10-20 19: 58 . 2011-06-15 10: 02 163840 ----a-w- c: \windows\system32\odbccp32.dll
2011-10-20 19: 58 . 2011-06-15 10: 02 106496 ----a-w- c: \windows\system32\odbccu32.dll
2011-10-20 19: 58 . 2011-06-15 10: 02 106496 ----a-w- c: \windows\system32\odbccr32.dll
2011-10-20 19: 58 . 2011-06-15 09: 59 126976 ----a-w- c: \program files\Common Files\System\Ole DB\msdaosp.dll
2011-10-20 19: 58 . 2011-06-15 08: 55 86016 ----a-w- c: \windows\SysWow64\odbccu32.dll
2011-10-20 19: 58 . 2011-06-15 08: 55 81920 ----a-w- c: \windows\SysWow64\odbccr32.dll
2011-10-20 19: 58 . 2011-06-15 08: 55 319488 ----a-w- c: \windows\SysWow64\odbcjt32.dll
2011-10-20 19: 58 . 2011-06-15 08: 55 163840 ----a-w- c: \windows\SysWow64\odbctrac.dll
2011-10-20 19: 58 . 2011-06-15 08: 55 122880 ----a-w- c: \windows\SysWow64\odbccp32.dll
2011-10-20 19: 58 . 2011-06-15 08: 54 94208 ----a-w- c: \program files (x86)\Common Files\System\Ole DB\msdaosp.dll
2011-10-20 18: 56 . 2011-02-25 06: 19 2871808 ----a-w- c: \windows\explorer.exe
2011-10-20 18: 56 . 2011-02-25 05: 30 2616320 ----a-w- c: \windows\SysWow64\explorer.exe
2011-10-20 18: 53 . 2011-07-09 02: 46 288768 ----a-w- c: \windows\system32\drivers\mrxsmb10.sys
2011-10-20 18: 53 . 2011-04-27 02: 40 158208 ----a-w- c: \windows\system32\drivers\mrxsmb.sys
2011-10-20 18: 53 . 2011-04-27 02: 39 128000 ----a-w- c: \windows\system32\drivers\mrxsmb20.sys
2011-10-20 17: 54 . 2011-04-22 22: 15 27520 ----a-w- c: \windows\system32\drivers\Diskdump.sys
2011-10-20 17: 53 . 2011-04-29 03: 06 467456 ----a-w- c: \windows\system32\drivers\srv.sys
2011-10-20 17: 53 . 2011-04-29 03: 05 410112 ----a-w- c: \windows\system32\drivers\srv2.sys
2011-10-20 17: 53 . 2011-04-29 03: 05 168448 ----a-w- c: \windows\system32\drivers\srvnet.sys
2011-10-20 17: 47 . 2011-08-17 05: 26 613888 ----a-w- c: \windows\system32\psisdecd.dll
2011-10-20 17: 47 . 2011-08-17 05: 25 108032 ----a-w- c: \windows\system32\psisrndr.ax
2011-10-20 17: 47 . 2011-08-17 04: 24 465408 ----a-w- c: \windows\SysWow64\psisdecd.dll
2011-10-20 17: 47 . 2011-08-17 04: 19 75776 ----a-w- c: \windows\SysWow64\psisrndr.ax
2011-10-20 17: 45 . 2011-02-05 17: 10 642944 ----a-w- c: \windows\system32\winload.efi
2011-10-20 17: 45 . 2011-02-05 17: 10 20352 ----a-w- c: \windows\system32\kdusb.dll
2011-10-20 17: 45 . 2011-02-05 17: 10 19328 ----a-w- c: \windows\system32\kd1394.dll
2011-10-20 17: 45 . 2011-02-05 17: 10 17792 ----a-w- c: \windows\system32\kdcom.dll
2011-10-20 17: 45 . 2011-02-05 17: 06 605552 ----a-w- c: \windows\system32\winload.exe
2011-10-20 17: 45 . 2011-02-05 17: 06 566208 ----a-w- c: \windows\system32\winresume.efi
2011-10-20 17: 45 . 2011-02-05 17: 06 518672 ----a-w- c: \windows\system32\winresume.exe
2011-10-20 17: 27 . 2011-02-18 10: 51 31232 ----a-w- c: \windows\system32\prevhost.exe
2011-10-20 17: 27 . 2011-02-18 05: 39 31232 ----a-w- c: \windows\SysWow64\prevhost.exe
2011-10-20 17: 26 . 2011-02-12 11: 34 267776 ----a-w- c: \windows\system32\FXSCOVER.exe
2011-10-20 17: 26 . 2011-05-03 05: 29 976896 ----a-w- c: \windows\system32\inetcomm.dll
2011-10-20 17: 26 . 2011-05-03 04: 30 741376 ----a-w- c: \windows\SysWow64\inetcomm.dll
2011-10-20 17: 26 . 2011-08-27 05: 37 861696 ----a-w- c: \windows\system32\oleaut32.dll
2011-10-20 17: 26 . 2011-08-27 05: 37 331776 ----a-w- c: \windows\system32\oleacc.dll
2011-10-20 17: 26 . 2011-08-27 04: 26 571904 ----a-w- c: \windows\SysWow64\oleaut32.dll
2011-10-20 17: 26 . 2011-08-27 04: 26 233472 ----a-w- c: \windows\SysWow64\oleacc.dll
2011-10-20 16: 51 . 2011-10-20 16: 00 -------- d-----w- c: \windows\Panther
2011-10-20 16: 44 . 2011-10-28 06: 37 414368 ----a-w- c: \windows\SysWow64\FlashPlayerCPLApp.cpl
2011-10-20 16: 44 . 2011-10-20 16: 44 -------- d-----w- c: \windows\SysWow64\Macromed
2011-10-20 16: 21 . 2011-10-20 16: 21 -------- d-----w- c: \program files (x86)\uTorrent
2011-10-20 16: 18 . 2011-10-26 09: 46 -------- d-----w- c: \program files (x86)\Opera
2011-10-20 16: 13 . 2011-10-20 16: 13 -------- d-----w- c: \program files (x86)\Intel
2011-10-20 16: 13 . 2011-10-20 16: 13 -------- d-----w- C: \Intel
.
.
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-31 18: 08 . 2011-08-31 18: 08 167704 ----a-w- c: \windows\system32\igfxtray.exe
2011-08-31 18: 08 . 2011-08-31 18: 08 510232 ----a-w- c: \windows\system32\igfxsrvc.exe
2011-08-31 18: 08 . 2011-08-31 18: 08 416024 ----a-w- c: \windows\system32\igfxpers.exe
2011-08-31 18: 08 . 2011-08-31 18: 08 239896 ----a-w- c: \windows\system32\igfxext.exe
2011-08-31 18: 08 . 2011-08-31 18: 08 392472 ----a-w- c: \windows\system32\hkcmd.exe
2011-08-31 18: 08 . 2011-08-31 18: 08 4378392 ----a-w- c: \windows\system32\GfxUI.exe
2011-08-31 18: 08 . 2011-08-31 18: 08 179992 ----a-w- c: \windows\system32\difx64.exe
2011-08-31 17: 58 . 2011-08-31 17: 58 90112 ----a-w- c: \windows\system32\igfxCoIn_v2509.dll
2011-08-31 17: 53 . 2011-08-31 17: 53 12306848 ----a-w- c: \windows\system32\drivers\igdkmd64.sys
2011-08-31 17: 53 . 2011-08-31 17: 53 8312320 ----a-w- c: \windows\system32\igdumd64.dll
2011-08-31 17: 51 . 2011-08-31 17: 51 867020 ----a-w- c: \windows\system32\igkrng575.bin
2011-08-31 17: 51 . 2011-08-31 17: 51 128204 ----a-w- c: \windows\system32\igcompkrng575.bin
2011-08-31 17: 51 . 2011-08-31 17: 51 105608 ----a-w- c: \windows\system32\igfcg575m.bin
2011-08-31 17: 47 . 2011-08-31 17: 47 6322688 ----a-w- c: \windows\SysWow64\igdumd32.dll
2011-08-31 17: 45 . 2011-08-31 17: 45 581120 ----a-w- c: \windows\SysWow64\igdumdx32.dll
2011-08-31 17: 42 . 2011-08-31 17: 42 14598656 ----a-w- c: \windows\system32\igd10umd64.dll
2011-08-31 17: 37 . 2011-08-31 17: 37 12340224 ----a-w- c: \windows\SysWow64\igd10umd32.dll
2011-08-31 17: 31 . 2011-08-31 17: 31 18641408 ----a-w- c: \windows\system32\ig4icd64.dll
2011-08-31 17: 26 . 2011-08-31 17: 26 13903872 ----a-w- c: \windows\SysWow64\ig4icd32.dll
2011-08-31 17: 22 . 2011-08-31 17: 22 286720 ----a-w- c: \windows\system32\igfxrrom.lrc
2011-08-31 17: 22 . 2011-08-31 17: 22 286720 ----a-w- c: \windows\system32\igfxrsky.lrc
2011-08-31 17: 22 . 2011-08-31 17: 22 286720 ----a-w- c: \windows\system32\igfxrhrv.lrc
2011-08-31 17: 22 . 2011-08-31 17: 22 286208 ----a-w- c: \windows\system32\igfxrtrk.lrc
2011-08-31 17: 22 . 2011-08-31 17: 22 286208 ----a-w- c: \windows\system32\igfxrslv.lrc
2011-08-31 17: 22 . 2011-08-31 17: 22 287232 ----a-w- c: \windows\system32\igfxresn.lrc
2011-08-31 17: 22 . 2011-08-31 17: 22 286208 ----a-w- c: \windows\system32\igfxrsve.lrc
2011-08-31 17: 22 . 2011-08-31 17: 22 285696 ----a-w- c: \windows\system32\igfxrtha.lrc
2011-08-31 17: 22 . 2011-08-31 17: 22 286720 ----a-w- c: \windows\system32\igfxrrus.lrc
2011-08-31 17: 22 . 2011-08-31 17: 22 286720 ----a-w- c: \windows\system32\igfxrptg.lrc
2011-08-31 17: 22 . 2011-08-31 17: 22 286720 ----a-w- c: \windows\system32\igfxrplk.lrc
2011-08-31 17: 22 . 2011-08-31 17: 22 286208 ----a-w- c: \windows\system32\igfxrptb.lrc
2011-08-31 17: 22 . 2011-08-31 17: 22 286208 ----a-w- c: \windows\system32\igfxrnor.lrc
2011-08-31 17: 22 . 2011-08-31 17: 22 283136 ----a-w- c: \windows\system32\igfxrkor.lrc
2011-08-31 17: 22 . 2011-08-31 17: 22 286720 ----a-w- c: \windows\system32\igfxrita.lrc
2011-08-31 17: 22 . 2011-08-31 17: 22 283648 ----a-w- c: \windows\system32\igfxrjpn.lrc
2011-08-31 17: 22 . 2011-08-31 17: 22 287232 ----a-w- c: \windows\system32\igfxrell.lrc
2011-08-31 17: 22 . 2011-08-31 17: 22 286720 ----a-w- c: \windows\system32\igfxrdeu.lrc
2011-08-31 17: 22 . 2011-08-31 17: 22 286208 ----a-w- c: \windows\system32\igfxrhun.lrc
2011-08-31 17: 22 . 2011-08-31 17: 22 285184 ----a-w- c: \windows\system32\igfxrheb.lrc
2011-08-31 17: 22 . 2011-08-31 17: 22 287232 ----a-w- c: \windows\system32\igfxrfra.lrc
2011-08-31 17: 22 . 2011-08-31 17: 22 286720 ----a-w- c: \windows\system32\igfxrnld.lrc
2011-08-31 17: 22 . 2011-08-31 17: 22 286208 ----a-w- c: \windows\system32\igfxrfin.lrc
2011-08-31 17: 22 . 2011-08-31 17: 22 286720 ----a-w- c: \windows\system32\igfxrcsy.lrc
2011-08-31 17: 22 . 2011-08-31 17: 22 285696 ----a-w- c: \windows\system32\igfxrdan.lrc
2011-08-31 17: 22 . 2011-08-31 17: 22 282624 ----a-w- c: \windows\system32\igfxrcht.lrc
2011-08-31 17: 22 . 2011-08-31 17: 22 285184 ----a-w- c: \windows\system32\igfxrara.lrc
2011-08-31 17: 22 . 2011-08-31 17: 22 282624 ----a-w- c: \windows\system32\igfxrchs.lrc
2011-08-31 17: 22 . 2011-08-31 17: 22 126976 ----a-w- c: \windows\system32\igfxcpl.cpl
2011-08-31 17: 21 . 2011-08-31 17: 21 375808 ----a-w- c: \windows\system32\igfxpph.dll
2011-08-31 17: 21 . 2011-08-31 17: 21 378368 ----a-w- c: \windows\system32\igfxTMM.dll
2011-08-31 17: 21 . 2011-08-31 17: 21 28672 ----a-w- c: \windows\system32\igfxexps.dll
2011-08-31 17: 21 . 2011-08-31 17: 21 62464 ----a-w- c: \windows\system32\igfxsrvc.dll
2011-08-31 17: 20 . 2011-08-31 17: 20 110080 ----a-w- c: \windows\system32\hccutils.dll
2011-08-31 17: 20 . 2011-08-31 17: 20 4096 ----a-w- c: \windows\system32\IGFXDEVLib.dll
2011-08-31 17: 20 . 2011-08-31 17: 20 146432 ----a-w- c: \windows\system32\gfxSrvc.dll
2011-08-31 17: 20 . 2011-08-31 17: 20 390144 ----a-w- c: \windows\system32\igfxdev.dll
2011-08-31 17: 20 . 2011-08-31 17: 20 285696 ----a-w- c: \windows\system32\igfxrenu.lrc
2011-08-31 17: 20 . 2011-08-31 17: 20 9014784 ----a-w- c: \windows\system32\igfxress.dll
2011-08-31 17: 20 . 2011-08-31 17: 20 142336 ----a-w- c: \windows\system32\igfxdo.dll
2011-08-31 17: 16 . 2011-08-31 17: 16 24576 ----a-w- c: \windows\SysWow64\igfxexps32.dll
2011-08-31 17: 15 . 2011-08-31 17: 15 294400 ----a-w- c: \windows\SysWow64\igfxdv32.dll
2011-08-31 17: 13 . 2011-08-31 17: 13 98304 ----a-w- c: \windows\SysWow64\iglhcp32.dll
2011-08-31 17: 13 . 2011-08-31 17: 13 98304 ----a-w- c: \windows\system32\iglhcp64.dll
2011-08-31 17: 13 . 2011-08-31 17: 13 94208 ----a-w- c: \windows\system32\IccLibDll_x64.dll
2011-08-31 17: 13 . 2011-08-31 17: 13 376832 ----a-w- c: \windows\SysWow64\iglhsip32.dll
2011-08-31 17: 13 . 2011-08-31 17: 13 376832 ----a-w- c: \windows\system32\iglhsip64.dll
2011-08-31 17: 13 . 2011-08-31 17: 13 162816 ----a-w- c: \windows\SysWow64\igfxcmrt32.dll
2011-08-31 17: 13 . 2011-08-31 17: 13 140288 ----a-w- c: \windows\system32\igfxcmrt64.dll
.
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c: \program files (x86)\uTorrent\uTorrent.exe" [2011-10-20 646008]
"Gadu-Gadu 10"="c: \program files (x86)\Gadu-Gadu 10\gg.exe" [2011-07-04 13374048]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c: \windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c: \windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 dmvsc;dmvsc;c: \windows\system32\drivers\dmvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c: \windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c: \windows\system32\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;c: \windows\system32\Wat\WatAdminSvc.exe [x]
S1 vwififlt;Virtual WiFi Filter Driver;c: \windows\system32\DRIVERS\vwififlt.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c: \windows\system32\DRIVERS\L1C62x64.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c: \windows\system32\igfxtray.exe" [2011-08-31 167704]
"HotKeysCmds"="c: \windows\system32\hkcmd.exe" [2011-08-31 392472]
"Persistence"="c: \windows\system32\igfxpers.exe" [2011-08-31 416024]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Skan uzupełniający -------
.
uLocal Page = c: \windows\system32\blank.htm
uDefault_Search_URL = hxxp: //www.google.com/ie
mLocal Page = c: \windows\SysWOW64\blank.htm
uSearchAssistant = hxxp: //www.google.com/ie
uSearchURL,(Default) = hxxp: //www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c: \windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
FF - ProfilePath - c: \users\Gosia\AppData\Roaming\Mozilla\Firefox\Profiles\t6b2nh98.default\
.
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c: \\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword: 00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c: \\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c: \\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c: \\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c: \\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c: \\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Czas ukończenia: 2011-11-01 10: 51: 11 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt 2011-11-01 09: 51
.
Przed: 133 568 159 744 bajtów wolnych
Po: 133 169 790 976 bajtów wolnych
.
- - End Of File - - B50401110260697ABC63AC9E38CCD72C
Notatka została dodana nie znane . Ostatnia edycja dokonana 01.11.2011 11:41 przez peciaq:
Logi, analizy, itd. zamykamy w [code], żeby ktoś, kto czyta wątek nie musiał rolować w dół jak wariat.
|
Post: #8
