Skocz do zawartości
juzef95

Proszę o pomoc w odczytaniu logu z Combo fix

Przez juzef95, w Centrum Bezpieczeństwa

Rekomendowane odpowiedzi

juzef95 Newbie

juzef95

Opublikowano
Opublikowano

Wiem, że mam na komputerze wirusa, lub oprogramwowanie szpiegujące, lecz nie wiedziałem gdzie, polecono mi "Combo fix"

Więc postąpiłem zgodnie z całą procedurą i teraz musiał bym wiedzieć co z tego wynikło oto log:

 

ComboFix 12-05-19.01 - Krystian 2012-05-19 14:26:50.1.2 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1250.48.1045.18.2047.906 [GMT 2:00]

Uruchomiony z: C:\Users\Krystian\Downloads\ComboFix.exe

AV: Kaspersky Internet Security *Disabled/Updated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984}

FW: Kaspersky Internet Security *Disabled* {1691B380-548E-1A7A-BE85-9A42CE15AEFF}

SP: Kaspersky Internet Security *Disabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

 

((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))

 

 

C:\Users\Krystian\AppData\Local\promo.exe

C:\Users\Krystian\AppData\Local\setup.exe

C:\Users\Krystian\AppData\Local\Temp\6573b3c6-4299-4ce1-bc75-7f3a9cd9d739\CliSecureRT.dll

C:\Users\Krystian\AppData\Local\TempDIR

C:\Users\Krystian\AppData\Local\TempDIR\cacert.crt

C:\Windows\SysWow64\muzapp.exe

 

 

((((((((((((((((((((((((( Pliki utworzone od 2012-04-19 do 2012-05-19 )))))))))))))))))))))))))))))))

 

 

2012-05-19 13:10:20 . 2012-05-19 13:10:20 -------- d-----w- C:\Users\Default\AppData\Local\temp

2012-05-19 11:17:22 . 2003-09-03 00:26:06 192512 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime90\Intel32\iuser.dll

2012-05-19 11:17:21 . 2003-09-03 00:28:38 724992 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime90\Intel32\iKernel.dll

2012-05-19 11:17:21 . 2003-09-03 00:27:22 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime90\Intel32\ctor.dll

2012-05-19 11:17:21 . 2003-09-03 00:26:36 266240 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime90\Intel32\iscript.dll

2012-05-19 11:17:21 . 2003-09-03 00:25:54 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime90\Intel32\DotNetInstaller.exe

2012-05-19 11:17:19 . 2012-05-19 11:17:19 311428 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime90\Intel32\Setup.dll

2012-05-19 11:17:19 . 2012-05-19 11:17:19 184452 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime90\Intel32\iGdi.dll

2012-05-18 09:15:15 . 2012-05-08 17:02:23 8955792 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6CA7103A-5851-42B9-B51C-AE922A204989}\mpengine.dll

2012-05-17 17:15:18 . 2012-05-17 17:15:18 -------- d-----w- C:\Users\Krystian\AppData\Roaming\Need for Speed World

2012-05-17 16:34:04 . 2012-05-17 16:34:04 -------- d-----w- C:\Users\Krystian\AppData\Local\Electronic_Arts_Inc

2012-05-16 21:15:47 . 2012-05-16 21:15:47 -------- d-----w- C:\Users\Krystian\AppData\Roaming\Foxit Software

2012-05-11 15:17:16 . 2012-03-03 06:35:38 1544704 ----a-w- C:\Windows\system32\DWrite.dll

2012-05-11 15:17:16 . 2012-03-03 05:31:19 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll

2012-05-11 15:17:14 . 2012-03-31 06:05:57 5559664 ----a-w- C:\Windows\system32

toskrnl.exe

2012-05-11 15:17:13 . 2012-03-31 03:10:03 3146240 ----a-w- C:\Windows\system32\win32k.sys

2012-05-11 15:17:11 . 2012-03-31 04:39:37 3968368 ----a-w- C:\Windows\SysWow64

tkrnlpa.exe

2012-05-11 15:17:10 . 2012-03-31 04:39:37 3913072 ----a-w- C:\Windows\SysWow64

toskrnl.exe

2012-05-11 15:16:31 . 2012-03-17 07:58:57 75120 ----a-w- C:\Windows\system32\drivers\partmgr.sys

2012-05-11 15:16:22 . 2012-03-30 11:35:47 1918320 ----a-w- C:\Windows\system32\drivers\tcpip.sys

2012-05-11 15:16:19 . 2012-03-31 05:42:06 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL

2012-05-11 15:16:19 . 2012-03-31 05:40:32 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll

2012-05-11 15:16:18 . 2012-03-31 05:40:32 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll

2012-05-11 15:16:18 . 2012-03-31 05:40:31 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll

2012-05-11 15:16:18 . 2012-03-31 04:29:48 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll

2012-05-08 21:47:34 . 2012-05-08 21:47:34 -------- d-----w- C:\Program Files (x86)\Robster Productions

2012-05-03 19:39:53 . 2012-05-03 19:39:55 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service

2012-05-03 19:39:46 . 2012-05-03 19:39:46 157352 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice_installer.exe

2012-05-03 19:39:46 . 2012-05-03 19:39:46 129976 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice.exe

2012-05-02 14:05:30 . 2012-05-02 14:05:30 -------- d-----w- C:\Windows\SysWow64\it

2012-04-29 20:26:06 . 2012-04-29 20:26:10 -------- d-----w- C:\Users\UpdatusUser

2012-04-29 20:25:03 . 2012-04-29 20:26:03 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation

2012-04-28 10:47:21 . 2012-04-28 15:18:32 -------- d-----w- C:\Fraps

2012-04-26 12:48:02 . 2012-04-26 12:48:02 71680 ----a-w- C:\Windows\system32\frapsv64.dll

2012-04-26 12:48:00 . 2012-04-26 12:48:00 65536 ----a-w- C:\Windows\SysWow64\frapsvid.dll

.

 

 

(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

 

2012-05-04 20:24:04 . 2012-04-14 19:28:41 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-05-04 20:24:04 . 2002-01-04 03:56:02 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-05-04 20:23:52 . 2012-04-14 20:23:18 8744608 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe

2012-03-19 12:08:17 . 2012-03-19 12:08:17 48648 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll

2012-03-14 17:23:00 . 2012-03-14 17:23:00 147248 ----a-w- C:\Windows\system32\drivers\VBoxNetAdp.sys

2012-03-14 17:22:58 . 2012-03-14 17:22:58 166192 ----a-w- C:\Windows\system32\drivers\VBoxNetFlt.sys

2012-03-14 17:22:56 . 2012-03-18 20:48:33 130864 ----a-w- C:\Windows\system32\drivers\VBoxUSBMon.sys

2012-03-14 17:22:54 . 2012-03-18 20:48:50 224048 ----a-w- C:\Windows\system32\drivers\VBoxDrv.sys

2012-03-14 17:22:42 . 2012-03-14 17:22:42 320816 ----a-w- C:\Windows\system32\VBoxNetFltNobj.dll

2012-03-01 15:08:48 . 2011-03-28 17:36:46 18328 ----a-w- C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2012-03-01 15:04:47 . 2012-03-01 15:04:47 48648 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll

2012-03-01 15:04:43 . 2012-03-01 15:04:43 686416 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll

2012-03-01 06:46:16 . 2012-04-14 18:55:57 23408 ----a-w- C:\Windows\system32\drivers\fs_rec.sys

2012-03-01 06:38:27 . 2012-04-14 18:55:57 220672 ----a-w- C:\Windows\system32\wintrust.dll

2012-03-01 06:33:50 . 2012-04-14 18:55:57 81408 ----a-w- C:\Windows\system32\imagehlp.dll

2012-03-01 06:28:47 . 2012-04-14 18:55:57 5120 ----a-w- C:\Windows\system32\wmi.dll

2012-03-01 05:37:41 . 2012-04-14 18:55:57 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll

2012-03-01 05:33:23 . 2012-04-14 18:55:57 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll

2012-03-01 05:29:16 . 2012-04-14 18:55:57 5120 ----a-w- C:\Windows\SysWow64\wmi.dll

2012-03-01 00:02:00 . 2012-01-09 14:54:36 9717568 ----a-w- C:\Windows\system32

vwgf2umx.dll

2012-03-01 00:02:00 . 2012-01-09 14:54:36 2660160 ----a-w- C:\Windows\system32

vapi64.dll

2012-03-01 00:02:00 . 2012-01-09 14:54:36 1737536 ----a-w- C:\Windows\system32

vdispco64.dll

2012-03-01 00:02:00 . 2012-01-09 14:54:36 1466176 ----a-w- C:\Windows\system32

vgenco64.dll

2012-02-29 21:00:22 . 2012-01-09 14:55:41 3089728 ----a-w- C:\Windows\system32

vsvc64.dll

2012-02-29 21:00:09 . 2012-01-09 14:55:41 6074176 ----a-w- C:\Windows\system32

vcpl.dll

2012-02-29 20:59:47 . 2012-01-09 14:55:41 889664 ----a-w- C:\Windows\system32

vvsvc.exe

2012-02-29 20:59:47 . 2012-01-09 14:55:41 63296 ----a-w- C:\Windows\system32

vshext.dll

2012-02-29 20:59:47 . 2012-01-09 14:55:41 2561856 ----a-w- C:\Windows\system32

vsvcr.dll

2012-02-29 20:59:47 . 2012-01-09 14:55:41 118080 ----a-w- C:\Windows\system32

vmctray.dll

2012-02-29 19:00:18 . 2011-12-27 22:39:15 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2012-02-29 11:26:56 . 2012-02-29 11:26:56 416064 ----a-w- C:\Windows\SysWow64

vStreaming.exe

2012-02-28 06:56:48 . 2012-04-14 18:59:47 2311168 ----a-w- C:\Windows\system32\jscript9.dll

2012-02-28 06:49:56 . 2012-04-14 18:59:45 1390080 ----a-w- C:\Windows\system32\wininet.dll

2012-02-28 06:48:57 . 2012-04-14 18:59:46 1493504 ----a-w- C:\Windows\system32\inetcpl.cpl

2012-02-28 06:42:55 . 2012-04-14 18:59:49 2382848 ----a-w- C:\Windows\system32\mshtml.tlb

2012-02-28 01:18:55 . 2012-04-14 18:59:47 1799168 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-02-28 01:11:21 . 2012-04-14 18:59:46 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-02-28 01:11:07 . 2012-04-14 18:59:45 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-02-28 01:03:16 . 2012-04-14 18:59:49 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-02-23 08:18:36 . 2011-12-31 19:06:37 279656 ------w- C:\Windows\system32\MpSigStub.exe

 

 

------- Sigcheck -------

Note: Unsigned files aren't necessarily malware.

 

[7] 2010-11-20 13:27:27 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514 (win7sp1_rtm.101119-1850)] .. C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll

[7] 2009-07-14 01:41:56 . 72D7B3EA16946E8F0CF7458150031CC6 . 1008640 . . [6.1.7600.16385 (win7_rtm.090713-1255)] .. C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll

[-] 2012-01-30 13:43:04 . 2C353B6CE0C8D03225CAA2AF33B68D79 . 1008640 . . [6.1.7601.17514 (win7sp1_rtm.101119-1850)] .. C:\Windows\system32\user32.dll

 

[-] 2012-01-30 13:43:03 . 861C4346F9281DC0380DE72C8D55D6BE . 833024 . . [6.1.7601.17514 (win7sp1_rtm.101119-1850)] .. C:\Windows\SysWOW64\user32.dll

[7] 2010-11-20 12:08:57 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514 (win7sp1_rtm.101119-1850)] .. C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll

[7] 2009-07-14 01:11:24 . E8B0FFC209E504CB7E79FC24E6C085F0 . 833024 . . [6.1.7600.16385 (win7_rtm.090713-1255)] .. C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll

 

((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))

 

 

*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2010-11-20 13:25:17 1475584]

"RocketDock"="C:\Program Files (x86)\RocketDock\RocketDock.exe" [2007-09-02 12:58:52 495616]

"OscarEditor"="C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe" [2010-07-22 13:18:32 2636800]

"LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2011-03-04 11:45:28 2741616]

"Akamai NetSession Interface"="C:\Users\Krystian\AppData\Local\Akamai

etsession_win.exe" [2012-05-07 22:31:08 3331872]

"KiesHelper"="C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe" [2012-02-03 16:50:16 943504]

"ChomikBox"="C:\Program Files (x86)\ChomikBox\chomikbox.exe" [2012-02-22 15:27:02 5951488]

"KiesPDLR"="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-03-23 20:03:25 21416]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"ATICustomerCare"="C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-04 15:05:02 311296]

"AVP"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe" [2011-04-24 22:15:02 202296]

"NBAgent"="C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" [2011-09-20 13:53:16 1493288]

"BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 13:54:26 91520]

"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 22:25:58 59240]

"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" [2012-01-16 16:22:12 421736]

"LogMeIn Hamachi Ui"="C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-02-28 16:38:56 1987976]

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 13:02:04 254696]

"KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-02-03 16:50:18 3508624]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

"EnableLinkedConnections"= 1 (0x1)

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]

"DisableMonitoring"=dword:00000001

 

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 12:16:28 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 13:27:14 138576]

R2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-02-29 07:50:48 158856]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-04 20:24:05 257696]

R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [x]

R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys [x]

R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys [x]

R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudbus.sys [x]

R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 10:15:00 31125880]

R3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-03 19:39:46 129976]

R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 20:34:24 4925184]

R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudmdm.sys [x]

R3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys [x]

R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;C:\Windows\system32\Wat\WatAdminSvc.exe [x]

S0 NBVol;Nero Backup Volume Filter Driver;C:\Windows\system32\DRIVERS\NBVol.sys [x]

S0 NBVolUp;Nero Backup Volume Upper Filter Driver;C:\Windows\system32\DRIVERS\NBVolUp.sys [x]

S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys [x]

S1 kl2;kl2;C:\Windows\system32\DRIVERS\kl2.sys [x]

S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys [x]

S1 VBoxDrv;VirtualBox Service;C:\Windows\system32\DRIVERS\VBoxDrv.sys [x]

S1 VBoxUSBMon;VirtualBox USB Monitor Driver;C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [x]

S2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe [x]

S2 cpuz135;cpuz135;C:\Windows\system32\drivers\cpuz135_x64.sys [x]

S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-02-28 16:38:54 2343816]

S2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [2011-12-19 15:32:26 394672]

S2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-09-23 17:37:42 641832]

S2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-01 00:02:00 2348352]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision

vSCPAPISvr.exe [2012-02-29 11:26:46 382272]

S3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;C:\Windows\system32\DRIVERS\l160x64.sys [x]

S3 athrusb;Atheros Wireless LAN USB device driver;C:\Windows\system32\DRIVERS\athrxusb.sys [x]

S3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\system32\DRIVERS\klmouflt.sys [x]

S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [x]

S3 VBoxNetFlt;VirtualBox Bridged Networking Service;C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [x]

 

 

--- Inne Usługi/Sterowniki w Pamięci ---

 

*NewlyCreated* - WS2IFSL

 

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

2011-03-04 11:29:54 451872 ----a-w- C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe

 

Zawartość folderu 'Zaplanowane zadania'

 

2012-05-19 C:\Windows\Tasks\Adobe Flash Player Updater.job

- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-14 19:28:41 . 2012-05-04 20:24:05]

 

2012-05-17 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1434318543-3284610840-1764989577-1001Core.job

- C:\Users\Krystian\AppData\Local\Google\Update\GoogleUpdate.exe [2001-12-27 20:44:34 . 2001-12-27 20:44:34]

 

2012-05-19 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1434318543-3284610840-1764989577-1001UA.job

- C:\Users\Krystian\AppData\Local\Google\Update\GoogleUpdate.exe [2001-12-27 20:44:34 . 2001-12-27 20:44:34]

 

 

--------- x86-64 -----------

 

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4SyncOverlay1]

@="{2012DE06-50C0-48BD-ACDE-88F95D4CAD1F}"

[HKEY_CLASSES_ROOT\CLSID\{2012DE06-50C0-48BD-ACDE-88F95D4CAD1F}]

2011-11-04 15:46:58 1212928 ----a-w- C:\Program Files (x86)\4Sync\ShellExt.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4SyncOverlay2]

@="{C72C6188-BEF2-46E5-A89A-52F0ED75219E}"

[HKEY_CLASSES_ROOT\CLSID\{C72C6188-BEF2-46E5-A89A-52F0ED75219E}]

2011-11-04 15:46:58 1212928 ----a-w- C:\Program Files (x86)\4Sync\ShellExt.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4SyncOverlay3]

@="{C92F6BC2-AF61-4C0E-80E0-939B8282DDB7}"

[HKEY_CLASSES_ROOT\CLSID\{C92F6BC2-AF61-4C0E-80E0-939B8282DDB7}]

2011-11-04 15:46:58 1212928 ----a-w- C:\Program Files (x86)\4Sync\ShellExt.dll

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-10-17 14:13:58 13307496]

"EKIJ5000StatusMonitor"="C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe" [2011-06-16 16:53:44 2922496]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

 

------- Skan uzupełniający -------

 

uLocal Page = C:\Windows\system32\blank.htm

uStart Page = about:blank

mStart Page = about:blank

mLocal Page = C:\Windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = 127.0.0.1:9421;*.local;<local>

IE: Download all by FlashGet3 - C:\Program Files (x86)\FlashGet Network\FlashGet 3\GetAllUrl.htm

IE: Download all links by FlashGet3 - C:\Program Files (x86)\FlashGet Network\FlashGet 3\BHO\fdgetallurl.htm

IE: Download by FlashGet3 - C:\Program Files (x86)\FlashGet Network\FlashGet 3\GetUrl.htm

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105

IE: ????3?? - C:\Users\Krystian\AppData\Roaming\FlashGetBHO\GetUrl.htm

IE: ????3?????? - C:\Users\Krystian\AppData\Roaming\FlashGetBHO\GetAllUrl.htm

TCP: Interfaces\{7C9A2B0D-E0D9-409F-9820-FB35A4A5DAEB}: NameServer = 192.168.2.1

FF - ProfilePath - C:\Users\Krystian\AppData\Roaming\Mozilla\Firefox\Profiles

ww8zq6t.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - about:blank

FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?AF=109980&babsrc=adbartrp&mntrId=b44578f200000000000000116b34223c&q=

FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=109980

FF - user.js: extensions.BabylonToolbar_i.babExt -

FF - user.js: extensions.BabylonToolbar_i.srcExt - ss

FF - user.js: extensions.BabylonToolbar_i.id - b44578f200000000000000116b34223c

FF - user.js: extensions.BabylonToolbar_i.hardId - b44578f200000000000000116b34223c

FF - user.js: extensions.BabylonToolbar_i.instlDay - 15401

FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17

FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17

FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1716:48:19

FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon

FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar

FF - user.js: extensions.BabylonToolbar_i.aflt - babsst

FF - user.js: extensions.BabylonToolbar_i.smplGrp - none

FF - user.js: extensions.BabylonToolbar_i.tlbrId - base

FF - user.js: extensions.BabylonToolbar_i.instlRef - sst

 

- - - - USUNIĘTO PUSTE WPISY - - - -

 

Wow6432Node-HKLM-Run-Conime - C:\Windows\system32\conime.exe

AddRemove-Adobe Shockwave Player - C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe

Mam też Kasperskyego internet security 2012

Windows 7 home premium service pack1

 

Z góry dziękuję za pomoc 8O

Udostępnij tę odpowiedź

Odnośnik do odpowiedzi
Udostępnij na innych stronach

Dołącz do dyskusji

Możesz dodać zawartość już teraz a zarejestrować się później. Jeśli posiadasz już konto, zaloguj się aby dodać zawartość za jego pomocą.

Gość
Dodaj odpowiedź do tematu...

×   Wklejono zawartość z formatowaniem.   Przywróć formatowanie

  Dozwolonych jest tylko 75 emoji.

×   Odnośnik został automatycznie osadzony.   Przywróć wyświetlanie jako odnośnik

×   Przywrócono poprzednią zawartość.   Wyczyść edytor

×   Nie możesz bezpośrednio wkleić grafiki. Dodaj lub załącz grafiki z adresu URL.

Ładowanie
×
Tematy
×
×
  • Dodaj nową pozycję...