ComboFix 11-02-09.05 - User 2011-02-10 23:12:19.6.2 - x86 Uruchomiony z: c:\documents and settings\User\Pulpit\ComboFix.exe . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\regedit.exe . . . jest zainfekowany!! c:\windows\system32\winlogon.exe . . . jest zainfekowany!! c:\windows\explorer.exe . . . jest zainfekowany!! c:\windows\system32\midimap.dll . . . jest zainfekowany!! . ((((((((((((((((((((((((( Pliki utworzone od 2011-01-10 do 2011-02-10 ))))))))))))))))))))))))))))))) . 2011-02-08 21:23 . 2008-04-13 21:15 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys 2011-02-08 21:23 . 2008-04-13 21:15 15104 ----a-w- c:\windows\system32\dllcache\usbscan.sys 2011-02-08 21:21 . 2011-02-08 21:21 -------- d-----w- c:\program files\epson 2011-02-08 21:21 . 2005-02-24 23:00 46080 ----a-w- c:\windows\system32\escimgd.dll 2011-02-08 21:21 . 2005-02-24 23:00 29696 ----a-w- c:\windows\system32\escwiad.dll 2011-02-08 21:21 . 2005-02-24 23:00 22016 ----a-w- c:\windows\system32\esccmd.dll 2011-02-07 06:14 . 2009-11-12 12:48 7168 ----a-w- c:\windows\system32\drivers\StarOpen.sys 2011-02-07 06:14 . 2011-02-07 06:14 -------- d-----w- c:\program files\CDBurnerXP 2011-01-31 17:55 . 2011-01-31 17:55 -------- d-----w- c:\documents and settings\User\Dane aplikacji\Adobe Mini Bridge CS5 2011-01-31 17:55 . 2011-01-31 17:55 -------- d-----w- c:\documents and settings\User\Dane aplikacji\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 2011-01-31 17:46 . 2011-02-08 21:32 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\regid.1986-12.com.adobe 2011-01-30 07:30 . 2011-01-30 07:30 -------- d-----w- c:\documents and settings\User\Ustawienia lokalne\Dane aplikacji\ESET 2011-01-30 04:46 . 2011-01-30 04:46 -------- d-----w- c:\program files\Tracker Software 2011-01-30 04:39 . 2011-01-30 04:39 -------- d-----w- c:\documents and settings\User\Ustawienia lokalne\Dane aplikacji\ABBYY 2011-01-30 04:39 . 2011-01-30 04:39 -------- d-----w- c:\documents and settings\User\Dane aplikacji\ABBYY 2011-01-30 04:38 . 2011-01-30 04:39 -------- d-----w- c:\program files\ABBYY FineReader 8.0 Professional Edition 2011-01-24 22:32 . 2011-01-24 22:32 -------- d-----w- c:\documents and settings\LocalService\Ustawienia lokalne\Dane aplikacji\ESET 2011-01-23 20:57 . 2011-01-23 20:57 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Nokia 2011-01-23 16:06 . 2011-01-23 20:57 -------- d-----w- c:\documents and settings\User\Ustawienia lokalne\Dane aplikacji\Nokia 2011-01-23 16:05 . 2011-01-23 16:05 -------- d-----w- c:\program files\DIFX 2011-01-23 16:05 . 2011-01-23 16:05 -------- d-----w- c:\program files\PC Connectivity Solution 2011-01-23 16:04 . 2010-07-30 13:16 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys 2011-01-23 16:04 . 2010-07-26 11:24 137600 ----a-w- c:\windows\system32\drivers\nmwcdnsu.sys 2011-01-23 16:04 . 2010-07-26 11:24 8576 ----a-w- c:\windows\system32\drivers\nmwcdnsuc.sys 2011-01-23 16:04 . 2010-07-30 13:16 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys 2011-01-23 16:04 . 2010-07-30 13:16 23040 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys 2011-01-23 16:04 . 2010-07-30 13:17 111104 ----a-w- c:\windows\system32\ccdcmbwu.dll 2011-01-23 16:04 . 2010-07-30 13:17 604160 ----a-w- c:\windows\system32\nmwcdcocls.dll 2011-01-23 16:04 . 2010-07-30 13:16 18048 ----a-w- c:\windows\system32\drivers\ccdcmb.sys 2011-01-23 16:04 . 2010-02-26 13:19 1461992 ----a-w- c:\windows\system32\wdfcoinstaller01009.dll 2011-01-23 16:03 . 2011-01-23 16:03 -------- d-----w- c:\program files\MSXML 6.0 2011-01-22 19:06 . 1998-10-07 11:54 327168 ----a-w- c:\windows\IsUn0415.exe 2011-01-22 18:27 . 2011-01-22 18:27 520192 ----a-w- c:\windows\system32\Side 9 Screensaver.scr 2011-01-22 18:27 . 2011-01-22 18:27 -------- d-----w- c:\windows\system32\Side 9 Screensaver dir 2011-01-22 17:46 . 2011-01-22 17:46 -------- d-----w- c:\program files\ESET 2011-01-22 17:46 . 2011-01-22 17:46 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\ESET 2011-01-22 17:34 . 2011-01-22 17:34 -------- d-----w- c:\documents and settings\User\Dane aplikacji\Media Player Classic 2011-01-22 17:33 . 2011-01-22 17:33 -------- d-----w- c:\program files\Media Player Classic - Home Cinema 2011-01-22 17:29 . 2011-01-22 17:31 -------- d-----w- c:\documents and settings\User\Dane aplikacji\BESTplayer 2011-01-22 17:29 . 2010-03-15 10:31 165376 ----a-w- c:\windows\system32\unrar.dll 2011-01-22 17:29 . 2011-01-13 08:00 80896 ----a-w- c:\windows\system32\ff_vfw.dll 2011-01-22 17:29 . 2010-12-07 18:40 183808 ----a-w- c:\windows\system32\xvidvfw.dll 2011-01-22 17:29 . 2010-12-07 18:22 810496 ----a-w- c:\windows\system32\xvidcore.dll 2011-01-22 17:29 . 2010-11-03 19:08 237568 ----a-w- c:\windows\system32\yv12vfw.dll 2011-01-22 17:29 . 2010-01-17 16:18 151552 ----a-w- c:\windows\system32\ac3acm.acm 2011-01-22 17:29 . 2006-10-18 19:05 232448 ----a-w- c:\windows\system32\mp3fhg.acm 2011-01-22 17:29 . 2011-01-22 17:29 -------- d-----w- c:\program files\K-Lite Codec Pack 2011-01-21 18:07 . 2004-09-10 19:12 49152 ----a-w- c:\windows\system32\E_DCINST.DLL 2011-01-21 18:07 . 2006-08-10 01:02 75264 ----a-w- c:\windows\system32\E_FLBBEE.DLL 2011-01-21 18:07 . 2006-04-19 01:00 62976 ----a-w- c:\windows\system32\E_FD4BBEE.DLL 2011-01-21 18:06 . 2011-01-21 18:07 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\EPSON 2011-01-21 18:03 . 2008-04-13 21:17 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys 2011-01-21 18:03 . 2008-04-13 21:17 25856 ----a-w- c:\windows\system32\dllcache\usbprint.sys 2011-01-21 18:03 . 2008-04-13 21:15 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys 2011-01-21 18:03 . 2008-04-13 21:15 32128 ----a-w- c:\windows\system32\dllcache\usbccgp.sys 2011-01-15 08:29 . 2011-01-15 08:29 -------- d-----w- c:\windows\Applian FLV Player 2011-01-15 07:53 . 2011-01-15 07:53 -------- d-----w- c:\documents and settings\User\Dane aplikacji\Need for Speed World 2011-01-15 07:39 . 2011-01-15 07:39 -------- d-----w- c:\documents and settings\User\Ustawienia lokalne\Dane aplikacji\Electronic_Arts_Inc 2011-01-15 07:10 . 2011-01-15 07:10 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Electronic Arts 2011-01-13 20:54 . 2011-01-13 22:39 -------- d-----w- c:\program files\G Data 2011-01-13 19:09 . 2011-01-13 19:09 -------- d-----w- c:\documents and settings\User\Ustawienia lokalne\Dane aplikacji\IVONA_INST 2011-01-13 19:00 . 2011-01-13 19:07 -------- d-----w- c:\documents and settings\User\Dane aplikacji\DeskSoft 2011-01-13 18:10 . 2011-01-13 18:46 -------- d-----w- c:\documents and settings\User\Dane aplikacji\HateML 2011-01-13 18:10 . 2011-01-13 18:46 -------- d-----w- c:\program files\Migajek Software 2011-01-13 17:58 . 2011-01-13 17:58 -------- d-----w- c:\documents and settings\User\workspace 2011-01-11 22:25 . 2011-01-11 22:25 -------- d-----w- c:\documents and settings\User\Dane aplikacji\GameRanger . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-01-13 20:55 . 2010-04-16 16:40 61512 ----a-w- c:\windows\system32\drivers\MiniIcpt.sys 2011-01-13 20:55 . 2010-04-16 16:39 33480 ----a-w- c:\windows\system32\drivers\GDBehave.sys 2010-12-30 12:03 . 2010-12-30 12:03 106 ----a-w- c:\documents and settings\User\tsMS.reg 2010-11-18 18:15 . 2010-03-16 16:57 86016 ----a-w- c:\windows\system32\isign32.dll . ------- Sigcheck ------- [-] 2008-06-16 01:28 . 4678172D19476FA7D539682FCA42C942 . 1420800 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll [-] 2008-06-16 . 0886C5DA322803357E29B1C4C4B7A27A . 549888 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe [-] 2007-07-10 . CE594E18FE0D0AF804F1F3694921CE62 . 642560 . . [5.1.2600.3099] . . c:\windows\system32\user32.dll [-] 2010-11-01 . 2888985FC10BEB46E2FD7AE9D7B01328 . 1424896 . . [6.00.2900.5512] . . c:\windows\explorer.exe [-] 2008-06-16 . C8BDAD4065118558B3DC360FC96D81DB . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll [-] 2008-06-16 . 572B0A653990AFE6B71D38D7DD2F202D . 370688 . . [5.1.2600.5512] . . c:\windows\system32\hnetcfg.dll c:\windows\System32\wscntfy.exe ... - brak elementu !! c:\windows\System32\ctfmon.exe ... - brak elementu !! c:\windows\System32\regsvc.dll ... - brak elementu !! . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X] "cFosSpeed"="c:\program files\Topos\cFosSpeed\cFosSpeed.exe" [2009-10-30 977624] "AMD_Display"="c:\program files\AMD\AMD Power Monitor\AMD_PwrMon.exe" [2007-12-17 1445888] "RTHDCPL"="RTHDCPL.EXE" [2010-07-28 19557480] "nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-07-07 1753192] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-07-09 13923432] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-07-09 110696] "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-04-07 2145000] "AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208] "SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] "AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "nltide_2"="shell32" [X] "nltide_3"="advpack.dll" [2009-03-08 128512] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "DisableStatusMessages"= 1 (0x1) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoSMHelp"= 1 (0x1) "NoSMMyPictures"= 1 (0x1) "NoSMConfigurePrograms"= 1 (0x1) "NoResolveTrack"= 1 (0x1) [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoSMHelp"= 1 (0x1) "NoSMMyPictures"= 1 (0x1) "NoSMConfigurePrograms"= 1 (0x1) "NoResolveTrack"= 1 (0x1) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\SopCast\\adv\\SopAdver.exe"= "c:\\Program Files\\SopCast\\SopCast.exe"= "c:\\WINDOWS\\system32\\dplaysvr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\GIGABYTE\\@BIOS\\gwflash.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "d:\\Gry\\Football Manager 2011\\fm.exe"= "c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"= "d:\\Gry\\Pro Evolution Soccer 2011\\PES2011.exe"= "c:\\Program Files\\Gadu-Gadu 10\\gg.exe"= "c:\\Documents and Settings\\User\\Dane aplikacji\\GameRanger\\GameRanger\\GameRanger.exe"= "d:\\Gry\\Heroes of Might and Magic V\\bin\\H5_Game.exe"= "c:\\Program Files\\Nokia\\Nokia Ovi Suite\\NokiaOviSuite.exe"= "c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "18684:TCP"= 18684:TCP:BitComet 18684 TCP "18684:UDP"= 18684:UDP:BitComet 18684 UDP "9881:TCP"= 9881:TCP:BitComet 9881 TCP "9881:UDP"= 9881:UDP:BitComet 9881 UDP "9640:TCP"= 9640:TCP:BitComet 9640 TCP "9640:UDP"= 9640:UDP:BitComet 9640 UDP "7734:TCP"= 7734:TCP:BitComet 7734 TCP "7734:UDP"= 7734:UDP:BitComet 7734 UDP "5353:TCP"= 5353:TCP:Adobe CSI CS4 R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-02-26 1047880] R3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2009-11-17 1691480] R3 etdrv;etdrv;c:\windows\etdrv.sys [2010-11-08 17488] R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2010-07-26 137600] R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2010-07-26 8576] R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27064] R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-24 10064] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] R3 ZD1211BU(Atheros);Atheros ZD1211B IEEE 802.11 Wireless LAN Driver (USB)(Atheros);c:\windows\system32\DRIVERS\zd1211Bu.sys [2008-09-23 735232] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-11-01 691696] S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-04-07 114984] S1 epfwtdir;epfwtdir;c:\windows\system32\DRIVERS\epfwtdir.sys [2010-04-07 95872] S2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x32.sys [2010-07-09 20328] S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-04-07 810120] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . Zawartość folderu 'Zaplanowane zadania' 2011-02-07 c:\windows\Tasks\AdobeAAMUpdater-1.0-KOMPUTER-User.job - c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2011-01-31 02:44] 2011-02-06 c:\windows\Tasks\Automatyczna konserwacja.job - c:\program files\TuneUp Utilities 2010\OneClickStarter.exe [2010-02-26 12:54] . . ------- Skan uzupełniający ------- . uStart Page = about:blank uInternet Settings,ProxyOverride = *.local IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 TCP: {45A697B0-B122-40B7-B8A5-3ED2E3251F83} = 83.142.116.242,83.142.118.10 FF - ProfilePath - c:\documents and settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\7x55sohq.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p= FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: G Data WebFilter: {9AA46F4F-4DC7-4c06-97AF-5035170633FE} - c:\program files\Mozilla Firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} FF - Ext: CoolPreviews : {CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B} - %profile%\extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B} FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} FF - Ext: ColorfulTabs: {0545b830-f0aa-4d7e-8820-50a4629a56fe} - %profile%\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} FF - Ext: DownThemAll!: {DDC359D1-844A-42a7-9AA1-88A850A938A8} - %profile%\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8} FF - Ext: Read It Later: isreaditlater@ideashower.com - %profile%\extensions\isreaditlater@ideashower.com FF - Ext: Redirect Remover: {fe0258ab-4f74-43a1-8781-bcdf340f9ee9} - %profile%\extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9} FF - Ext: FoxTab: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a} - %profile%\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a} FF - Ext: QuickDrag: quickdrag@mozilla.ktechcomputing.com - %profile%\extensions\quickdrag@mozilla.ktechcomputing.com FF - Ext: FoxLingo: {ef62e1ce-d2a4-4cdd-b7ec-92b120366b66} - %profile%\extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66} FF - Ext: ImTranslator: {9AA46F4F-4DC7-4c06-97AF-5035170634FE} - %profile%\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE} FF - Ext: Firebug: firebug@software.joehewitt.com - %profile%\extensions\firebug@software.joehewitt.com FF - Ext: FoxyProxy Standard: foxyproxy@eric.h.jung - %profile%\extensions\foxyproxy@eric.h.jung FF - Ext: FoxyProxy Basic: foxyproxy@eric.h.jung - %profile%\extensions\foxyproxy@eric.h.jung FF - Ext: Window Shopper - Powered by Superfish: superfish@superfish.com - %profile%\extensions\superfish@superfish.com FF - Ext: Torrent Finder Toolbar: TFToolbarX@torrent-finder - %profile%\extensions\TFToolbarX@torrent-finder FF - Ext: Extended Statusbar: {daf44bf7-a45e-4450-979c-91cf07434c3d} - %profile%\extensions\{daf44bf7-a45e-4450-979c-91cf07434c3d} FF - Ext: Easy Youtube Video Downloader: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b} - %profile%\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b} FF - Ext: YouTube to MP3: youtube2mp3@mondayx.de - %profile%\extensions\youtube2mp3@mondayx.de FF - Ext: Image Zoom: {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68} - %profile%\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68} FF - Ext: SkipScreen: SkipScreen@SkipScreen - %profile%\extensions\SkipScreen@SkipScreen FF - Ext: Snip It! Button for eBay: {aab35b56-0206-4472-9993-9cb5c09bb722} - %profile%\extensions\{aab35b56-0206-4472-9993-9cb5c09bb722} FF - Ext: Table2Clipboard: {9ab67d74-ec41-4cb2-b417-df5d93ba1beb} - %profile%\extensions\{9ab67d74-ec41-4cb2-b417-df5d93ba1beb} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF - Ext: PC Sync 2 Synchronisation Extension: bkmrksync@nokia.com - c:\program files\Nokia\Nokia PC Suite 7\bkmrksync FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff FF - Ext: Firefox Synchronisation Extension: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} - c:\program files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension FF - user.js: nglayout.initialpaint.delay - 600 FF - user.js: content.notify.interval - 600000 FF - user.js: content.max.tokenizing.time - 1800000 FF - user.js: content.switch.threshold - 600000 FF - user.js: network.http.max-persistent-connections-per-server - 4 . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-02-10 23:15 Windows 5.1.2600 Dodatek Service Pack 3 NTFS skanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ... skanowanie pomyślnie ukończone ukryte pliki: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MySql] "ImagePath"="C:\serv/MYSQL/bin/mysqld.exe" . --------------------- ZABLOKOWANE KLUCZE REJESTRU --------------------- [HKEY_USERS\S-1-5-21-583907252-682003330-1177238915-1001\Software\G*e*n*i*e*"!\FM Genie Scout 10] "GameDir"="c:\\Documents and Settings\\User\\Moje dokumenty\\Sports Interactive\\Football Manager 2010\\games" "ShortlistDir"="" "ScreenshotsDir"="c:\\Documents and Settings\\User\\Moje dokumenty\\Sports Interactive\\Football Manager 2010" "SaveDir"="c:\\Documents and Settings\\User\\Moje dokumenty\\Sports Interactive\\Football Manager 2010\\" "HistoryDir"="c:\\Documents and Settings\\User\\Moje dokumenty\\Pobieranie\\fm_genie_scout_10_v1_11_b116\\FM Genie Scout 10\\History Points" "LangDB"="d:\\Gry\\Football Manager 2010\\data\\updates\\update-1030\\db\\1030\\lang_db.dat" "LastSaveGame"="c:\\Documents and Settings\\User\\Moje dokumenty\\Sports Interactive\\Football Manager 2010\\games\\xxx.fm" "Language"="English" "LoadLangDB"=dword:00000001 "CompressHistoryPoints"=dword:00000000 "HighlightedAttributes"=dword:00000000 "MinCondition"=dword:00000050 "GraphStep"=dword:00000000 "SkinName"="Steklo Black" "LastUpdateCheck"=dword:00009de7 "HighQualityGUI"=dword:00000001 "AutomaticallyUpdateCheck"=dword:00000001 "AdvancedGeneration"=dword:00000000 "TranslateStaffSkills"=dword:00000001 "TranslatePlayerSkills"=dword:00000001 "TranslatePositions"=dword:00000001 "ShowHistory"=dword:00000001 "Version"=dword:00000074 "UniqueID"="E8-F4C5-2033" "Currency"=dword:00000056 "UseProxy"=dword:00000000 "ProxyHost"="" "ProxyPort"="" "UseAuthentication"=dword:00000000 "UserName"="" "UserPassword"="" . --------------------- Pliki DLL ładowane pod uruchomionymi procesami --------------------- - - - - - - - > 'winlogon.exe'(1204) c:\windows\system32\cscui.dll . Czas ukończenia: 2011-02-10 23:16:26 ComboFix-quarantined-files.txt 2011-02-10 22:16 ComboFix2.txt 2011-02-10 22:05 ComboFix3.txt 2011-01-13 16:08 ComboFix4.txt 2011-01-03 19:13 ComboFix5.txt 2011-02-10 22:11 Przed: 9 808 715 776 bajtów wolnych Po: 9 799 622 656 bajtów wolnych - - End Of File - - 93B06544D1CBC3C6C08969B001907B78