Czy może tu być coś nie tak ? za bardzo nie mam jak się teraz rozpisać bo idę do pracy, ale macie loga z combofixa .. Windows 7 bardzo mi muli neta i kompa. cały czas z 70% procek.
ComboFix 11-10-13.05 - beata 2011-10-13 23:30:03.1.2 - x86
Microsoft Windows 7 Starter 6.1.7600.0.1250.48.1045.18.1012.123 [GMT
2:00]
Uruchomiony z: c:\users\beata\Downloads\ComboFix.exe
Kod:
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated*
{5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
AV: Norton Internet Security *Disabled/Outdated*
{63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Disabled*
{5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated*
{E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Norton Internet Security *Disabled/Outdated*
{D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated*
{D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Usunięto
)))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C: \Thumbs.db
c: \users\beata\AppData\Roaming\Adobe\plugs
c: \users\beata\AppData\Roaming\Adobe\plugs\mmc143.exe
c: \users\beata\AppData\Roaming\Adobe\plugs\mmc9739735.txt
c: \users\beata\AppData\Roaming\Adobe\plugs\mmc9752012.txt
c: \users\beata\AppData\Roaming\Adobe\shed
c: \users\beata\AppData\Roaming\Adobe\shed\thr1.chm
.
.
((((((((((((((((((((((((( Pliki utworzone od 2011-09-13 do 2011-10-13
)))))))))))))))))))))))))))))))
.
.
2011-10-13 22: 32 . 2011-10-13
22: 32 -------- d-----w- c: \users\Default\AppData\Local\temp
2011-10-13 22: 32 . 2011-10-13
22: 33 -------- d-----w- c: \users\beata\AppData\Local\temp
2011-10-13 20: 13 . 2011-10-13 20: 13 -------- d-----w- c: \program
files\Common Files\AVG Secure Search
2011-10-13 20: 12 . 2011-10-13 20: 13 -------- d-----w- c: \program files\AVG
Secure Search
2011-10-13 10: 47 . 2011-09-21
07: 00 7269712 ----a-w- c: \programdata\Microsoft\Windows Defender\Definition
Updates\{AFD45B9C-536C-4DF7-AA81-30CCD2676951}\mpengine.dll
2011-09-30 07: 51 . 2011-09-30
07: 51 -------- d-----w- C: \dbcb1fb080068eef74b2a990
2011-09-27 20: 59 . 2011-09-27 20: 59 -------- d-----w- c: \windows\Sun
2011-09-27 18: 00 . 2011-09-27
18: 00 -------- d-----w- c: \users\beata\AppData\Local\IMVU_Inc
2011-09-27 18: 00 . 2011-09-27
18: 00 -------- d-----w- c: \users\beata\AppData\Local\Softonic-Polska
2011-09-27 17: 59 . 2011-09-27 17: 59 -------- d-----w- c: \program
files\Common Files\McAfee
2011-09-27 17: 58 . 2011-09-27 18: 08 -------- d-----w- c: \program
files\McAfee
2011-09-27 17: 19 . 2011-09-28 11: 23 553832 ----a-w- c: \program
files\Mozilla Firefox\uninstall\helper.exe
2011-09-27 17: 19 . 2011-09-28 11: 23 25048 ----a-w- c: \program files\Mozilla
Firefox\components\browserdirprovider.dll
2011-09-27 17: 19 . 2011-09-28 11: 23 140248 ----a-w- c: \program
files\Mozilla Firefox\components\brwsrcmp.dll
2011-09-26 21: 33 . 2011-09-26
21: 33 -------- d-----w- C: \c64352a4ac8e988623fff1c561cffc
2011-09-26 18: 26 . 2011-09-26
18: 26 -------- d-----w- c: \users\beata\AppData\Roaming\AVG2012
2011-09-26 18: 23 . 2011-10-13
20: 25 -------- d-----w- c: \windows\system32\drivers\AVG
2011-09-26 18: 23 . 2011-10-13
20: 17 -------- d-----w- c: \programdata\AVG2012
2011-09-26 18: 19 . 2011-09-26 18: 19 -------- d-----w- c: \program files\AVG
2011-09-26 18: 07 . 2011-09-26 18: 07 -------- d--h--w- c: \programdata\Common
Files
2011-09-26 18: 05 . 2011-10-13
20: 25 -------- d-----w- c: \programdata\MFAData
2011-09-26 07: 11 . 2011-09-26
07: 11 -------- d-----w- C: \773956b1221128baee016eb19185d883
2011-09-25 08: 45 . 2011-07-09
02: 26 222720 ----a-w- c: \windows\system32\drivers\mrxsmb10.sys
2011-09-25 08: 42 . 2011-07-09
04: 30 2048 ----a-w- c: \windows\system32\tzres.dll
2011-09-25 08: 37 . 2011-07-16
04: 37 169984 ----a-w- c: \windows\system32\winsrv.dll
2011-09-25 08: 32 . 2011-06-15
09: 04 319488 ----a-w- c: \windows\system32\odbcjt32.dll
2011-09-25 08: 32 . 2011-06-15
09: 04 122880 ----a-w- c: \windows\system32\odbccp32.dll
2011-09-25 08: 32 . 2011-06-15
09: 04 86016 ----a-w- c: \windows\system32\odbccu32.dll
2011-09-25 08: 32 . 2011-06-15
09: 04 81920 ----a-w- c: \windows\system32\odbccr32.dll
2011-09-25 08: 32 . 2011-06-15
09: 04 163840 ----a-w- c: \windows\system32\odbctrac.dll
2011-09-25 08: 32 . 2011-06-15 09: 04 94208 ----a-w- c: \program files\Common
Files\System\Ole DB\msdaosp.dll
2011-09-25 08: 30 . 2011-06-23
04: 38 3957120 ----a-w- c: \windows\system32\ntkrnlpa.exe
2011-09-25 08: 30 . 2011-06-23
04: 38 3902336 ----a-w- c: \windows\system32\ntoskrnl.exe
2011-09-25 08: 26 . 2011-06-21
05: 39 1286016 ----a-w- c: \windows\system32\drivers\tcpip.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M
))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-13 04: 30 . 2011-09-13
04: 30 32592 ----a-w- c: \windows\system32\drivers\avgrkx86.sys
2011-08-08 04: 08 . 2011-08-08
04: 08 40016 ----a-w- c: \windows\system32\drivers\avgmfx86.sys
2011-07-17 11: 43 . 2011-05-16
19: 56 404640 ----a-w- c: \windows\system32\FlashPlayerCPLApp.cpl
.
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru
))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}"= "c: \program
files\Softonic-Polska\tbSoft.dll" [2010-11-13 3913000]
"{90b49673-5506-483e-b92b-ca0265bd9ca8}"= "c: \program
files\IMVU_Inc\prxtbIMVU.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}]
.
[HKEY_CLASSES_ROOT\clsid\{90b49673-5506-483e-b92b-ca0265bd9ca8}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper
Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-11-13 20: 58 3913000 ----a-w- c: \program
files\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper
Objects\{90b49673-5506-483e-b92b-ca0265bd9ca8}]
2011-01-17 14: 54 175912 ----a-w- c: \program files\IMVU_Inc\prxtbIMVU.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper
Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2011-10-13 20: 12 1451336 ----a-w- c: \program files\AVG Secure
Search\8.0.0.34\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper
Objects\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}]
2010-11-13 20: 58 3913000 ----a-w- c: \program
files\Softonic-Polska\tbSoft.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}"= "c: \program
files\Softonic-Polska\tbSoft.dll" [2010-11-13 3913000]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c: \program
files\ConduitEngine\ConduitEngine.dll" [2010-11-13 3913000]
"{90b49673-5506-483e-b92b-ca0265bd9ca8}"= "c: \program
files\IMVU_Inc\prxtbIMVU.dll" [2011-01-17 175912]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c: \program files\AVG Secure
Search\8.0.0.34\AVG Secure Search_toolbar.dll" [2011-10-13 1451336]
.
[HKEY_CLASSES_ROOT\clsid\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CLASSES_ROOT\clsid\{90b49673-5506-483e-b92b-ca0265bd9ca8}]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet
Explorer\Toolbar\Webbrowser]
"{C86EB8A9-CCC2-4B6C-B75D-73576ED591BF}"= "c: \program
files\Softonic-Polska\tbSoft.dll" [2010-11-13 3913000]
"{90B49673-5506-483E-B92B-CA0265BD9CA8}"= "c: \program
files\IMVU_Inc\prxtbIMVU.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}]
.
[HKEY_CLASSES_ROOT\clsid\{90b49673-5506-483e-b92b-ca0265bd9ca8}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00Zecter]
@="{D25B32FE-CB96-491A-98FF-AD59DA382D69}"
[HKEY_CLASSES_ROOT\CLSID\{D25B32FE-CB96-491A-98FF-AD59DA382D69}]
2010-03-28 22: 22 718848 ----a-w- c: \program files\Hewlett-Packard\HP
CloudDrive\ShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\01Zecter]
@="{EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5}"
[HKEY_CLASSES_ROOT\CLSID\{EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5}]
2010-03-28 22: 22 718848 ----a-w- c: \program files\Hewlett-Packard\HP
CloudDrive\ShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\02Zecter]
@="{B3C78E40-6B64-47C3-AE34-60B770881EB8}"
[HKEY_CLASSES_ROOT\CLSID\{B3C78E40-6B64-47C3-AE34-60B770881EB8}]
2010-03-28 22: 22 718848 ----a-w- c: \program files\Hewlett-Packard\HP
CloudDrive\ShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\03Zecter]
@="{622AFE52-33F6-4D9F-9966-E0BC52D7D69D}"
[HKEY_CLASSES_ROOT\CLSID\{622AFE52-33F6-4D9F-9966-E0BC52D7D69D}]
2010-03-28 22: 22 718848 ----a-w- c: \program files\Hewlett-Packard\HP
CloudDrive\ShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\04Zecter]
@="{855156F0-2A0F-11DE-8C30-0800200C9A66}"
[HKEY_CLASSES_ROOT\CLSID\{855156F0-2A0F-11DE-8C30-0800200C9A66}]
2010-03-28 22: 22 718848 ----a-w- c: \program files\Hewlett-Packard\HP
CloudDrive\ShellExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IPLA!"="c: \program files\ipla\ipla.exe" [2011-02-24 18636800]
"Nowe Gadu-Gadu"="c: \program files\Nowe Gadu-Gadu\gg.exe" [2009-10-28
11539048]
"swg"="c: \program
files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-05-24
39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c: \windows\system32\igfxtray.exe" [2010-04-23 141848]
"HotKeysCmds"="c: \windows\system32\hkcmd.exe" [2010-04-23 173592]
"Persistence"="c: \windows\system32\igfxpers.exe" [2010-04-23 150552]
"SynTPEnh"="c: \program files\Synaptics\SynTP\SynTPEnh.exe" [2010-05-28
1778984]
"IAAnotif"="c: \program files\Intel\Intel Matrix Storage
Manager\iaanotif.exe" [2009-10-13 186904]
"AmIcoSinglun"="c: \program files\AmIcoSingLun\AmIcoSinglun.exe" [2010-06-17
237568]
"SysTrayApp"="c: \program files\IDT\WDM\sttray.exe" [2010-06-18 495708]
"Skyhook Wireless XPS Service"="c: \program files\Skyhook
Wireless\XPS\xpscontrolpanel.exe" [2010-06-28 671048]
"HP Connection Manager.exe"="c: \program files\Hewlett-Packard\HP Connection
Manager\HP Connection Manager.exe" [2010-06-08 1120072]
"HP Quick Launch"="c: \program files\Hewlett-Packard\HP Quick
Launch\HPMSGSVC.exe" [2010-06-29 602168]
"ZumoDrive"="c: \program files\Hewlett-Packard\HP
CloudDrive\ZumoLauncher.lnk" [2010-08-23 2038]
"HPWirelessAssistant"="c: \program files\Hewlett-Packard\HP Wireless
Assistant\DelayedAppStarter.exe" [2010-07-06 8192]
"Adobe Reader Speed Launcher"="c: \program files\Adobe\Reader
9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c: \program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
[2010-09-20 932288]
"AVG_TRAY"="c: \program files\AVG\AVG2012\avgtray.exe" [2011-09-23 2404704]
"vProt"="c: \program files\AVG Secure Search\vprot.exe" [2011-10-13 218440]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"="start
http: //www.avg.com/pl.special-uninstallation-feedback-lsf?lic=TlVIRDQtWUg5UEUtTzNQNEUtUVJERUstR0RKWjctVk9YVUw&inst=NzctNzQwNDI1NjM3LVNUMTJGT0krMS1ERFQrMC1FVUxBKzEtU1QxMkZBUFArMQ&prod=55&ver=2012.0.1809&mid=a5a83c31de7947d18f277dd9abefce03-2eaa33d64eb934371bb473de406e3ff2335cb5b1";
[?]
.
c: \users\beata\AppData\Roaming\Microsoft\Windows\Start
Menu\Programs\Startup\
IMVU.lnk - c: \users\beata\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe
[N/A]
.
c: \programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c: \program files\WIDCOMM\Bluetooth Software\BTTray.exe
[2010-6-9 828704]
HP Media Suite.lnk - c: \program files\Hewlett-Packard\HP Media
Suite\Home\ArcStart.exe [2010-4-1 91648]
McAfee Security Scan Plus.lnk - c: \program files\McAfee Security
Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows
nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk
*\0c: \progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg
pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN
v4.0.30319_X86;c: \windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
[2010-03-18 130384]
R2 gupdate;Usługa Google Update (gupdate);c: \program
files\Google\Update\GoogleUpdate.exe [2011-05-24 136176]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor
Service;c: \progra~1\mcafee\SITEAD~1\mcsacore.exe [2011-08-10 94880]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c: \program files\Common
Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-02-13 102448]
R3 gupdatem;Usługa Google Update (gupdatem);c: \program
files\Google\Update\GoogleUpdate.exe [2011-05-24 136176]
R3 McComponentHostService;McAfee Security Scan Component Host
Service;c: \program files\McAfee Security Scan\2.0.181\McCHSvc.exe
[2010-01-15 227232]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for
Windows Vista 32 Bit;c: \windows\system32\DRIVERS\netw5v32.sys [2009-07-13
4231168]
R3 SrvHsfHDA;SrvHsfHDA;c: \windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13
207360]
R3 SrvHsfV92;SrvHsfV92;c: \windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13
980992]
R3 SrvHsfWinac;SrvHsfWinac;c: \windows\system32\DRIVERS\VSTCNXT3.SYS
[2009-07-13 661504]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet
Controller;c: \windows\system32\DRIVERS\yk62x86.sys [2009-07-13 311296]
R4 wlcrasvc;Windows Live Mesh remote connections service;c: \program
files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 AVGIDSEH;AVGIDSEH;c: \windows\system32\DRIVERS\AVGIDSEH.Sys [2011-07-10
23120]
S0 Avgrkx86;AVG Anti-Rootkit
Driver;c: \windows\system32\DRIVERS\avgrkx86.sys [2011-09-13 32592]
S0 SymDS;Symantec Data
Store;c: \windows\system32\drivers\NIS\1206000.01D\SYMDS.SYS [2011-01-27
340088]
S0 SymEFA;Symantec Extended File
Attributes;c: \windows\system32\drivers\NIS\1206000.01D\SYMEFA.SYS
[2011-03-15 744568]
S1 Avgldx86;AVG AVI Loader Driver;c: \windows\system32\DRIVERS\avgldx86.sys
[2011-07-10 229840]
S1 Avgtdix;AVG TDI Driver;c: \windows\system32\DRIVERS\avgtdix.sys
[2011-07-10 295248]
S1
BHDrvx86;BHDrvx86;c: \programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\BASHDefs\20110309.001\BHDrvx86.sys
[2011-02-25 800376]
S1 DVMIO;DeviceVM IO Service;c: \windows\system32\DRIVERS\dvmio.sys
[2009-11-11 18136]
S1
IDSVix86;IDSVix86;c: \programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\IPSDefs\20110317.005\IDSvix86.sys
[2010-11-09 353912]
S1 SymIRON;Symantec Iron
Driver;c: \windows\system32\drivers\NIS\1206000.01D\Ironx86.SYS [2011-01-27
136312]
S1 SymNetS;Symantec Network Security WFP
Driver;c: \windows\System32\Drivers\NIS\1206000.01D\SYMNETS.SYS [2011-07-08
299640]
S1 vwififlt;Virtual WiFi Filter
Driver;c: \windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AESTFilters;Andrea ST Filters Service;c: \program
files\IDT\WDM\aestsrv.exe [2009-03-03 81920]
S2 AVGIDSAgent;AVGIDSAgent;c: \program files\AVG\AVG2012\AVGIDSAgent.exe
[2011-09-12 5265248]
S2 avgwd;AVG WatchDog;c: \program files\AVG\AVG2012\avgwdsvc.exe [2011-08-02
192776]
S2 DvmMDES;DeviceVM Meta Data Export
Service;c: \swsetup\HPQWMM\QuickWeb\QW.SYS\config\DVMExportService.exe
[2010-07-20 338168]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c: \program
files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-07-08
103992]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c: \program
files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-01-25 92216]
S2 HPWMISVC;HPWMISVC;c: \program files\Hewlett-Packard\HP Quick
Launch\HPWMISVC.exe [2010-06-29 27192]
S2 NIS;Norton Internet Security;c: \program files\Norton Internet
Security\Engine\18.6.0.29\ccSvcHst.exe [2011-04-17 130008]
S2 QDLService2kHP;Qualcomm Gobi 2000 Download Service (HP);c: \program
files\QUALCOMM\QDLService2k\QDLService2kHP.exe [2010-05-12 331512]
S2 SMManager;HP Connection Manager Service;c: \program
files\Hewlett-Packard\HP Connection Manager\SMManager.exe [2010-06-08
84808]
S2 vToolbarUpdater;vToolbarUpdater;c: \program files\Common Files\AVG Secure
Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe [2011-10-13 246600]
S2 xpssvc;Skyhook Wireless XPS Service;c: \program files\Skyhook
Wireless\XPS\xpssvc.exe [2010-06-28 707400]
S3 AVGIDSDriver;AVGIDSDriver;c: \windows\system32\DRIVERS\AVGIDSDriver.Sys
[2011-07-10 134736]
S3 AVGIDSFilter;AVGIDSFilter;c: \windows\system32\DRIVERS\AVGIDSFilter.Sys
[2011-07-10 24272]
S3 AVGIDSShim;AVGIDSShim;c: \windows\system32\DRIVERS\AVGIDSShim.Sys
[2011-07-10 16720]
S3 btwampfl;Bluetooth AMP USB
Filter;c: \windows\system32\drivers\btwampfl.sys [2010-06-10 294952]
S3 btwl2cap;Bluetooth L2CAP
Service;c: \windows\system32\DRIVERS\btwl2cap.sys [2010-06-10 33320]
S3 qcfilterhp2k;Gobi 2000 USB Composite Device Filter
Driver(03F0-251D);c: \windows\system32\DRIVERS\qcfilterhp2k.sys [2010-05-12
5248]
S3 qcusbnethp2k;Gobi 2000 USB-NDIS
miniport(03F0-251D);c: \windows\system32\DRIVERS\qcusbnethp2k.sys
[2010-05-12 372224]
S3 qcusbserhp2k;Gobi 2000 USB Device for Legacy Serial
Communication(03F0-251D);c: \windows\system32\DRIVERS\qcusbserhp2k.sys
[2010-05-12 190592]
S3 RTL8167;Realtek 8167 NT Driver;c: \windows\system32\DRIVERS\Rt86win7.sys
[2010-06-24 275048]
S3 vwifimp;Microsoft Virtual WiFi Miniport
Service;c: \windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
S3 XPSVCOM;XPSVCOM;c: \windows\system32\DRIVERS\XPSVCOM.sys [2010-06-01
12416]
.
.
--- Inne Usługi/Sterowniki w Pamięci ---
.
*NewlyCreated* - AVGIDSEH
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr
TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed
components\{4FB2407C-C8E4-BBC8-BB1C-FCCB2EF5914B}]
2010-06-23 17: 47 687104 ----a-w- c: \program files\Hewlett-Packard\HP Media
Suite\Home\HPMediaSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed
components\{4FB2AA7C-C8E4-BBC8-BB1C-FAAB2EF5914B}]
2009-07-14 01: 14 141824 ----a-w- c: \windows\System32\wscript.exe
.
Zawartość folderu 'Zaplanowane zadania'
.
2011-10-13 c: \windows\Tasks\GoogleUpdateTaskMachineCore.job
- c: \program files\Google\Update\GoogleUpdate.exe [2011-05-24 19: 35]
.
2011-10-13 c: \windows\Tasks\GoogleUpdateTaskMachineUA.job
- c: \program files\Google\Update\GoogleUpdate.exe [2011-05-24 19: 35]
.
2011-10-13
c: \windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3742081175-1836016944-324221307-1000Core.job
- c: \users\beata\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-01
09: 30]
.
2011-10-13
c: \windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3742081175-1836016944-324221307-1000UA.job
- c: \users\beata\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-01
09: 30]
.
2011-09-25 c: \windows\Tasks\HPCeeScheduleForbeata.job
- c: \program files\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 02: 22]
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp: //search.conduit.com?SearchSource=10&ctid=CT2612669
mStart Page = hxxp: //www.bing.com
uInternet Settings,ProxyServer = http=127.0.0.1: 51960
IE: Funkcja Google Sidewiki - c: \program files\Google\Google
Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: Wyślij obraz do urządzenia &Bluetooth... - c: \program
files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Wyślij stronę do urządzenia &Bluetooth... - c: \program
files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: Interfaces\{8AD1E324-53FD-4D9B-AB48-A13DCE7A1FC8}: NameServer =
217.116.100.65 79.163.127.70
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c: \program
files\Common Files\AVG Secure
Search\ViProtocolInstaller\8.0.1\ViProtocol.dll
FF - ProfilePath -
c: \users\beata\AppData\Roaming\Mozilla\Firefox\Profiles\miwaoxdb.default\
FF - prefs.js: browser.search.defaulturl -
hxxp: //search.conduit.com/ResultsExt.aspx?ctid=CT2612669&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage -
hxxp: //pl.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla: pl: official
FF - prefs.js: keyword.URL -
hxxp: //isearch.avg.com/search?cid=%7Ba424aa3d-992b-40fa-b40e-1080ae0de94a%7D&mid=a5a83c31de7947d18f277dd9abefce03-2eaa33d64eb934371bb473de406e3ff2335cb5b1&ds=AVG&v=8.0.0.34.1&lang=pl&pr=fr&d=2011-10-13%2022%3A13%3A10&sap=ku&q=
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 51960
FF - prefs.js: network.proxy.type - 4
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c: \program
files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Symantec IPS: {BBDA0591-3099-440a-AA10-41764D9DB4DB} -
c: \programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\IPSFFPlgn
FF - Ext: Norton Toolbar: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62} -
c: \programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\coFFPlgn_2011_7_2_3
FF - Ext: AVG Safe Search: {1E73965B-8B48-48be-9C8D-68B920ABC1C4} -
c: \program files\AVG\AVG2012\Firefox4
FF - Ext: AVG Security Toolbar: avg@toolbar -
%profile%\extensions\avg@toolbar
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
AddRemove-{E92D47A1-D27D-430A-8368-0BAFD956507D} - c: \program
files\InstallShield Installation
Information\{E92D47A1-D27D-430A-8368-0BAFD956507D}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NIS]
"ImagePath"="\"c: \program files\Norton Internet
Security\Engine\18.6.0.29\ccSvcHst.exe\" /s \"NIS\" /m \"c: \program
files\Norton Internet Security\Engine\18.6.0.29\diMaster.dll\"
/prefetch: 1"
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword: 00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword: 00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword: 00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Czas ukończenia: 2011-10-14 00: 45: 22
ComboFix-quarantined-files.txt 2011-10-13 22: 45
.
Przed: 179 755 413 504 bajtów wolnych
Po: 180 175 863 808 bajtów wolnych
.
- - End Of File - - 9F86799F43C89855B67DB30FD28BC23D
Post: #1
![[Obrazek: 04a55a03ba27.jpg]](http://naforum.zapodaj.net/thumbs/04a55a03ba27.jpg)
