Skocz do zawartości
Nadchodzące zmiany w logowaniu

DjQbaS

Użytkownicy
 Pokaż profil  Zobacz aktywność

  • Postów

    4

  • Dołączył

  • Ostatnia wizyta

  1. DjQbaS
    na razie bez błędu, dziękuję za pomoc
  2. DjQbaS
    Log GMER, ale chyba coś nie tak bo trochę tego mało Wykonałem powyższe polecenia, lecz po ponownym uruchomieniu komputera błąd pozostaje... GMER.txt
  3. DjQbaS
    Logi z OTL OTL.Txt Extras.Txt
  4. DjQbaS
    Ma problem podczas uruchamiania komputera wyskakuje mi błąd exception processing message c00000a3 parameters 75b3bf7c 4 75b3bf7c 75b3bf7c i wszstko zamula . Zrobiłem skan Combofixem i wyszło coś takiego , proszę o radę. ComboFix 12-02-21.02 - Administrator 2012-02-21 12:55:03.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1250.48.1045.18.1023.101 [GMT 1:00] Uruchomiony z: e:\documents and settings\Administrator\Pulpit\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095} . . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . . e:\docume~1\ADMINI~1\USTAWI~1\Temp\b3ac04aa-9413-4ecb-ac45-ed44495e62a6\CliSecureRT.dll e:\documents and settings\Administrator\Ustawienia lokalne\Temp\b3ac04aa-9413-4ecb-ac45-ed44495e62a6\CliSecureRT.dll e:\documents and settings\All Users\Dane aplikacji\boost_interprocess\20120219102452.359375 e:\documents and settings\All Users\Dane aplikacji\TEMP e:\documents and settings\All Users\Menu Start\Programy\RelevantKnowledge e:\documents and settings\All Users\Menu Start\Programy\RelevantKnowledge\About RelevantKnowledge.lnk e:\documents and settings\All Users\Menu Start\Programy\RelevantKnowledge\Privacy Policy and User License Agreement.lnk e:\documents and settings\All Users\Menu Start\Programy\RelevantKnowledge\Support.lnk e:\documents and settings\All Users\Menu Start\Programy\RelevantKnowledge\Uninstall Instructions.lnk e:\program files\RelevantKnowledge e:\program files\RelevantKnowledge\chrome.manifest e:\program files\RelevantKnowledge\components\rlxg.dll e:\program files\RelevantKnowledge\components\rlxh.dll e:\program files\RelevantKnowledge\components\rlxi.dll e:\program files\RelevantKnowledge\components\rlxj.dll e:\program files\RelevantKnowledge\components\rlxk.dll e:\program files\RelevantKnowledge\install.rdf e:\program files\RelevantKnowledge\ncncf.dat e:\program files\RelevantKnowledge\nscf.dat e:\program files\RelevantKnowledge\rlcm.crx e:\program files\RelevantKnowledge\rlcm.txt e:\program files\RelevantKnowledge\rlls.dll e:\program files\RelevantKnowledge\rlls64.dll e:\program files\RelevantKnowledge\rloci.bin e:\program files\RelevantKnowledge\rlph.dll e:\program files\RelevantKnowledge\rlservice.exe e:\program files\RelevantKnowledge\rlvknlg.exe e:\program files\RelevantKnowledge\rlvknlg64.exe e:\program files\RelevantKnowledge\rlxf.dll e:\windows\IsUn0415.exe e:\windows\msmqinst.log e:\windows\system32\ctfmon(2).exe . . ((((((((((((((((((((((((( Pliki utworzone od 2012-01-21 do 2012-02-21 ))))))))))))))))))))))))))))))) . . 2012-02-21 10:33 . 2012-02-21 10:34 -------- d-----w- e:\documents and settings\Administrator\Dane aplikacji\SAS 2012-02-21 10:32 . 2012-02-21 10:32 -------- d-----w- e:\documents and settings\Administrator\Dane aplikacji\SAS Institute Inc 2012-02-20 23:00 . 2012-02-20 23:00 -------- d-----w- e:\documents and settings\Administrator\Ustawienia lokalne\Dane aplikacji\Sun 2012-02-20 22:59 . 2012-02-20 22:59 -------- d-----w- e:\documents and settings\Administrator\Ustawienia lokalne\Dane aplikacji\SAS 2012-02-20 22:59 . 2012-02-20 23:47 -------- d-----w- e:\program files\SAS 2012-02-20 22:58 . 2012-02-20 23:01 -------- d-----w- e:\program files\Common Files\Java 2012-02-20 22:58 . 2012-02-20 22:57 73728 ----a-w- e:\windows\system32\javacpl.cpl 2012-02-20 22:58 . 2012-02-20 22:57 472808 ----a-w- e:\windows\system32\deployJava1.dll 2012-02-20 22:57 . 2012-02-20 23:02 -------- d-----w- e:\program files\Java 2012-02-20 22:27 . 2012-02-20 22:50 -------- d-----w- e:\program files\SAS Depot 2012-02-20 14:20 . 2012-02-20 14:20 -------- d-----w- e:\documents and settings\Administrator\Dane aplikacji\SuperMemo World 2012-02-20 14:14 . 2012-02-08 06:03 6552120 ----a-w- e:\documents and settings\All Users\Dane aplikacji\Microsoft\Microsoft Antimalware\Definition Updates\{9021E174-DB88-4933-866D-F3D2E24B1A55}\mpengine.dll 2012-02-15 10:08 . 2012-01-11 19:07 3072 -c----w- e:\windows\system32\dllcache\iacenc.dll 2012-02-15 10:08 . 2012-01-11 19:07 3072 ------w- e:\windows\system32\iacenc.dll 2012-02-10 10:30 . 2012-02-10 10:30 -------- d-----w- e:\documents and settings\Administrator\Dane aplikacji\MathWorks 2012-02-10 10:19 . 2004-03-01 21:05 407104 ----a-w- e:\windows\system32\MSHFLXGD.OCX 2012-02-10 10:19 . 2004-02-11 13:37 203976 ----a-w- e:\windows\system32\RICHTX32.OCX 2012-02-10 10:18 . 2002-02-14 09:26 647872 ----a-w- e:\windows\system32\mscomct2.ocx 2012-02-06 20:39 . 2012-02-06 20:39 -------- d-----w- e:\program files\Mozilla Maintenance Service 2012-02-06 15:55 . 2012-02-06 15:55 -------- d-----w- e:\documents and settings\All Users\Dane aplikacji\CanonIJWSpt 2012-02-06 15:51 . 2012-02-06 15:55 -------- d-----w- e:\documents and settings\Administrator\Dane aplikacji\Canon 2012-02-06 15:50 . 2012-02-06 16:18 -------- d-----w- e:\documents and settings\Administrator\Ustawienia lokalne\Dane aplikacji\Canon Easy-PhotoPrint EX 2012-02-06 15:50 . 2012-02-06 15:50 -------- d--h--w- e:\documents and settings\All Users\Dane aplikacji\CanonIJEPPEX2 2012-02-06 15:50 . 2012-02-06 15:50 -------- d--h--w- e:\documents and settings\All Users\Dane aplikacji\CanonEPP 2012-02-06 15:47 . 2012-02-06 15:50 -------- d-----w- e:\program files\Canon 2012-01-30 16:17 . 2012-01-30 16:17 -------- d-----w- e:\documents and settings\Administrator\Ustawienia lokalne\Dane aplikacji\GHISLER 2012-01-30 16:02 . 2009-09-09 06:50 545 ----a-w- e:\windows\UC.PIF 2012-01-30 16:02 . 2009-09-09 06:50 545 ----a-w- e:\windows\RAR.PIF 2012-01-30 16:02 . 2009-09-09 06:50 545 ----a-w- e:\windows\PKZIP.PIF 2012-01-30 16:02 . 2009-09-09 06:50 545 ----a-w- e:\windows\PKUNZIP.PIF 2012-01-30 16:02 . 2012-02-05 13:24 -------- d-----w- e:\documents and settings\Administrator\Dane aplikacji\GHISLER 2012-01-30 16:02 . 2009-09-09 06:50 545 ----a-w- e:\windows\NOCLOSE.PIF 2012-01-30 16:02 . 2009-09-09 06:50 545 ----a-w- e:\windows\LHA.PIF 2012-01-30 16:02 . 2009-09-09 06:50 545 ----a-w- e:\windows\ARJ.PIF 2012-01-26 17:00 . 2012-01-26 17:00 -------- d-----w- e:\documents and settings\Administrator\Dane aplikacji\AnvSoft 2012-01-24 17:13 . 2012-01-24 17:13 -------- d-----w- e:\program files\ASUS 2012-01-24 17:12 . 2012-01-24 17:12 -------- d-----w- e:\program files\ATK Hotkey 2012-01-24 17:07 . 2010-11-05 08:20 1938272 ----a-w- e:\windows\system32\drivers\athw.sys 2012-01-24 16:53 . 2012-01-24 16:53 -------- d-----w- e:\windows\ATK0100 2012-01-24 16:13 . 2006-11-17 10:03 249925 ----a-w- e:\windows\system32\wsimd.dll 2012-01-24 16:13 . 2006-11-17 10:03 254023 ----a-w- e:\windows\system32\wsfwDS.dll 2012-01-24 16:13 . 2006-11-17 09:51 40960 ----a-w- e:\windows\system32\dsaNac.dll 2012-01-24 16:13 . 2006-11-17 09:51 1241151 ----a-w- e:\windows\system32\dsa.dll 2012-01-24 16:13 . 2006-07-20 06:00 54432 ----a-w- e:\windows\system32\wsimd.sys 2012-01-24 16:10 . 2004-10-22 01:18 749568 ----a-w- e:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll 2012-01-24 16:10 . 2004-10-22 01:17 69715 ----a-w- e:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll 2012-01-24 16:10 . 2004-10-22 01:17 274432 ----a-w- e:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll 2012-01-24 16:10 . 2004-10-22 01:16 180224 ----a-w- e:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll 2012-01-24 16:10 . 2004-10-22 01:16 5632 ----a-w- e:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe 2012-01-24 16:10 . 2012-01-24 16:10 323716 ----a-w- e:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll 2012-01-24 16:10 . 2012-01-24 16:10 192644 ----a-w- e:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll 2012-01-23 13:34 . 2007-03-29 15:04 249856 ----a-w- e:\windows\system32\vsnp2std.dll 2012-01-23 13:34 . 2006-12-04 16:27 633 ----a-w- e:\windows\Uninst.bat 2012-01-23 13:34 . 2006-12-04 16:04 376 ----a-w- e:\windows\Uninst.reg 2012-01-23 13:34 . 2006-09-15 12:21 675840 ----a-w- e:\windows\vsnp2std.exe 2012-01-23 13:34 . 2007-03-30 13:41 12033024 ----a-w- e:\windows\system32\drivers\snp2sxp.sys 2012-01-23 13:34 . 2007-01-25 17:48 25472 ----a-w- e:\windows\system32\drivers\sncamd.sys 2012-01-23 13:34 . 2006-11-23 21:20 11776 ----a-w- e:\windows\DrvInst.exe 2012-01-23 13:34 . 2006-11-16 14:57 77824 ----a-w- e:\windows\system32\csnp2std.dll 2012-01-23 13:31 . 2006-12-05 16:36 529344 ----a-w- e:\windows\system32\drivers\ar5211.sys 2012-01-23 13:31 . 2012-01-23 13:31 -------- d-----w- e:\documents and settings\Administrator\Dane aplikacji\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 2012-01-23 13:31 . 2012-01-23 13:31 -------- d-----w- e:\documents and settings\Administrator\Dane aplikacji\Adobe Mini Bridge CS5 2012-01-23 13:16 . 2012-01-26 17:43 -------- d-----w- e:\documents and settings\All Users\Dane aplikacji\regid.1986-12.com.adobe 2012-01-23 13:01 . 2012-01-23 13:01 -------- d-----w- e:\program files\Adobe Media Player 2012-01-23 12:58 . 2012-01-23 12:58 -------- d-----w- e:\program files\Common Files\Adobe AIR . . . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-01-31 12:44 . 2011-11-14 10:42 237072 ------w- e:\windows\system32\MpSigStub.exe 2012-01-12 17:20 . 2006-03-02 13:00 1860224 ----a-w- e:\windows\system32\win32k.sys 2012-01-06 04:19 . 2011-11-15 13:43 6557240 ----a-w- e:\documents and settings\All Users\Dane aplikacji\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2011-12-19 08:53 . 2006-03-02 13:00 81920 ----a-w- e:\windows\system32\ieencode.dll 2011-12-19 08:53 . 2006-03-02 13:00 669696 ----a-w- e:\windows\system32\wininet.dll 2011-12-19 08:53 . 2006-03-02 13:00 61952 ----a-w- e:\windows\system32\tdc.ocx 2011-12-19 08:52 . 2006-03-02 13:00 370688 ----a-w- e:\windows\system32\html.iec 2011-11-25 21:57 . 2006-03-02 13:00 293888 ----a-w- e:\windows\system32\winsrv.dll . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [-] 2008-04-14 . 1F5929A43BFBAB609ED25B2EEA7D428A . 1433600 . . [6.00.2900.5512] . . e:\windows\explorer.exe [7] 2008-04-14 . C791ED9EAC5E76D9525E157B1D7A599A . 1035264 . . [6.00.2900.5512] . . e:\windows\ServicePackFiles\i386\explorer.exe [7] 2008-04-14 . C791ED9EAC5E76D9525E157B1D7A599A . 1035264 . . [6.00.2900.5512] . . e:\windows\UXBackup\explorer.exe [7] 2006-03-02 . 379098A96E6C165B659DE7E4328010EA . 1033728 . . [6.00.2900.2180] . . e:\windows\$NtServicePackUninstall$\explorer.exe . [7] 2008-04-14 . AF3C3F051675CF688EAD4065FE11542D . 93184 . . [6.00.2900.5512] . . e:\windows\ServicePackFiles\i386\iexplore.exe [7] 2008-04-14 . AF3C3F051675CF688EAD4065FE11542D . 93184 . . [6.00.2900.5512] . . e:\windows\UXBackup\iexplore.exe [7] 2006-03-02 . 94E790CB14279FF3EA244DAF0864B8A6 . 93184 . . [6.00.2900.2180] . . e:\windows\$NtServicePackUninstall$\iexplore.exe . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="e:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112] "Gadu-Gadu 10"="e:\program files\Programy\Gadu-Gadu 10\gg.exe" [2011-07-04 13374048] "ChomikBox"="e:\program files\Program\ChomikBox\chomikbox.exe" [2012-02-09 5902336] "Steam"="e:\program files\Gry\Steam\Steam.exe" [2012-01-13 1242448] "KiesPDLR"="e:\program files\Programy\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2011-11-02 21392] "AdobeBridge"="e:\program files\Programy\Adobe\Adobe Bridge CS5\Bridge.exe" [2010-03-09 11989960] "ctfmon.exe"="e:\windows\system32\ctfmon.exe" [2008-04-14 15360] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" [2006-11-14 16270848] "SkyTel"="SkyTel.EXE" [2006-05-16 2879488] "SMSERIAL"="e:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-11-22 630784] "MSC"="e:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920] "KiesHelper"="e:\program files\Programy\Kies\KiesHelper.exe" [2011-11-02 928656] "KiesTrayAgent"="e:\program files\Programy\Kies\KiesTrayAgent.exe" [2011-11-02 3508624] "APSDaemon"="e:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240] "QuickTime Task"="e:\program files\Programy\QuickTime\QTTask.exe" [2011-10-24 421888] "BrMfcWnd"="e:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2007-03-12 663552] "ControlCenter3"="e:\program files\Brother\ControlCenter3\brctrcen.exe" [2007-01-26 65536] "Adobe Reader Speed Launcher"="e:\program files\Programy\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-03 37296] "Adobe ARM"="e:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712] "AdobeAAMUpdater-1.0"="e:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208] "SwitchBoard"="e:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] "AdobeCS5ServiceManager"="e:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992] "ACU"="e:\program files\Atheros\ACU.exe" [2006-11-17 348249] "HControl"="e:\windows\ATK0100\HControl.exe" [2006-10-14 110592] "ATKHOTKEY"="e:\program files\ATK Hotkey\Hcontrol.exe" [2007-06-29 225280] "ATKMEDIA"="e:\program files\ASUS\ATK Media\DMEDIA.EXE" [2006-06-08 53248] "snp2std"="e:\windows\vsnp2std.exe" [2006-09-15 675840] "PWRISOVM.EXE"="e:\program files\Programy\PowerISO\PWRISOVM.EXE" [2011-11-15 312376] "CanonSolutionMenuEx"="e:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE" [2011-08-04 1612920] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="e:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . e:\documents and settings\Administrator\Menu Start\Programy\Autostart\ CCC.lnk - e:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-9-29 49152] . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "e:\\Program Files\\Programy\\Gadu-Gadu 10\\gg.exe"= "e:\\Program Files\\Programy\\Winamp\\winamp.exe"= "e:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"= "e:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"= "e:\\Program Files\\Gry\\Steam\\Steam.exe"= "e:\\WINDOWS\\system32\\muzapp.exe"= "e:\\WINDOWS\\system32\\usmt\\migwiz.exe"= "e:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"= "e:\\Program Files\\Gry\\Steam\\SteamApps\\common\\king arthur - the role-playing wargame\\KingArthur.exe"= "e:\\Program Files\\Gry\\Steam\\SteamApps\\common\\king arthur - the role-playing wargame\\KingArthurMulti.exe"= "e:\\Program Files\\Java\\jre1.5.0_12\\bin\\java.exe"= . S2 KMService;KMService;e:\windows\system32\srvany.exe [2011-11-17 8192] S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;e:\windows\system32\drivers\ssadadb.sys [2011-11-17 30312] S3 EverestDriver;Lavalys EVEREST Kernel Driver;e:\program files\Programy\Lavalys\EVEREST Home Edition\kerneld.wnt [2005-08-18 7168] S3 MozillaMaintenance;Mozilla Maintenance Service;e:\program files\Mozilla Maintenance Service\maintenanceservice.exe [2012-02-06 129992] S3 osppsvc;Office Software Protection Platform;e:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000] S3 PCANDIS5_RETWIFI;PCANDIS5_RETWIFI Protocol Driver;\??\e:\progra~1\Programy\EEYEDI~1\RETINA~1\PCANDIS5_RETWIFI.SYS --> e:\progra~1\Programy\EEYEDI~1\RETINA~1\PCANDIS5_RETWIFI.SYS [?] S3 PCANDIS5_WIFISCAN.SYS;PCANDIS5_WIFISCAN.SYS;\??\e:\program files\Programy\eEye Digital Security\Retina Wireless Scanner\PCANDIS5_WIFISCAN.SYS --> e:\program files\Programy\eEye Digital Security\Retina Wireless Scanner\PCANDIS5_WIFISCAN.SYS [?] S3 pcouffin;VSO Software pcouffin;e:\windows\system32\drivers\pcouffin.sys [2011-11-18 47360] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);e:\windows\system32\drivers\ssadbus.sys [2011-11-17 121064] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);e:\windows\system32\drivers\ssadmdfl.sys [2011-11-17 12776] S3 ssadmdm;SAMSUNG Android USB Modem Drivers;e:\windows\system32\drivers\ssadmdm.sys [2011-11-17 136808] S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);e:\windows\system32\drivers\ssadserd.sys [2011-11-17 114280] S3 SwitchBoard;SwitchBoard;e:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] . Zawartość folderu 'Zaplanowane zadania' . 2012-01-24 e:\windows\Tasks\AdobeAAMUpdater-1.0-KUBAS-Administrator.job - e:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2012-01-23 02:44] . 2012-02-20 e:\windows\Tasks\AppleSoftwareUpdate.job - e:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 16:57] . 2012-02-21 e:\windows\Tasks\MP Scheduled Scan.job - e:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 14:39] . . ------- Skan uzupełniający ------- . uStart Page = hxxp://www.windowsxlive.net IE: E&ksportuj do programu Microsoft Excel - e:\progra~1\MICROS~4\Office14\EXCEL.EXE/3000 IE: Wyślij &do programu OneNote - e:\progra~1\MICROS~4\Office14\ONBttnIE.dll/105 TCP: DhcpNameServer = 153.19.208.2 153.19.208.67 153.19.208.68 153.19.250.101 FF - ProfilePath - e:\documents and settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\iqhyanch.default\ FF - prefs.js: browser.search.selectedEngine - Seek FF - prefs.js: browser.startup.homepage - hxxp://www.google.pl/ . - - - - USUNIĘTO PUSTE WPISY - - - - . HKCU-Run-BitTorrent - e:\program files\Programy\BitTorrent\BitTorrent.exe HKLM-Run-DrvIcon - e:\program files\Vista Drive Icon\DrvIcon.exe HKLM-Run-SunJavaUpdateSched - e:\program files\Java\jre6\bin\jusched.exe AddRemove-SuperMemo UX - Angielski. No problem!+ 1 - e:\windows\IsUn0415.exe AddRemove-SuperMemo UX - Angielski. No problem!+ 2 - e:\windows\IsUn0415.exe AddRemove-01_Simmental - e:\program files\Programy\USB Drivers\01_Simmental\Uninstall.exe AddRemove-02_Siberian - e:\program files\Programy\USB Drivers\02_Siberian\Uninstall.exe AddRemove-03_Swallowtail - e:\program files\Programy\USB Drivers\03_Swallowtail\Uninstall.exe AddRemove-04_semseyite - e:\program files\Programy\USB Drivers\04_semseyite\Uninstall.exe AddRemove-05_Sloan - e:\program files\Programy\USB Drivers\05_Sloan\Uninstall.exe AddRemove-06_Spencer - e:\program files\Programy\USB Drivers\06_Spencer\Uninstall.exe AddRemove-07_Schorl - e:\program files\Programy\USB Drivers\07_Schorl\Uninstall.exe AddRemove-08_EMPChipset - e:\program files\Programy\USB Drivers\08_EMPChipset\Uninstall.exe AddRemove-09_Hsp - e:\program files\Programy\USB Drivers\09_Hsp\Uninstall.exe AddRemove-11_HSP_Plus_Default - e:\program files\Programy\USB Drivers\11_HSP_Plus_Default\Uninstall.exe AddRemove-16_Shrewsbury - e:\program files\Programy\USB Drivers\16_Shrewsbury\Uninstall.exe AddRemove-17_EMP_Chipset2 - e:\program files\Programy\USB Drivers\17_EMP_Chipset2\Uninstall.exe AddRemove-18_Zinia_Serial_Driver - e:\program files\Programy\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe AddRemove-19_VIA_driver - e:\program files\Programy\USB Drivers\19_VIA_driver\Uninstall.exe AddRemove-20_NXP_Driver - e:\program files\Programy\USB Drivers\20_NXP_Driver\Uninstall.exe AddRemove-21_Searsburg - e:\program files\Programy\USB Drivers\21_Searsburg\Uninstall.exe AddRemove-22_WiBro_WiMAX - e:\program files\Programy\USB Drivers\22_WiBro_WiMAX\Uninstall.exe AddRemove-24_flashusbdriver - e:\program files\Programy\USB Drivers\24_flashusbdriver\Uninstall.exe AddRemove-25_escape - e:\program files\Programy\USB Drivers\25_escape\Uninstall.exe AddRemove-{d08d9f98-1c78-4704-87e6-368b0023d831} - e:\program files\RelevantKnowledge\rlvknlg.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-02-21 13:12 Windows 5.1.2600 Dodatek Service Pack 3 NTFS . skanowanie ukrytych procesów ... . skanowanie ukrytych wpisów autostartu ... . skanowanie ukrytych plików ... . skanowanie pomyślnie ukończone ukryte pliki: 0 . ************************************************************************** . Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net Windows 5.1.2600 Disk: Brother_ rev.1.00 -> Harddisk3\DR6 -> \Device\00000078 . device: opened successfully user: error reading MBR kernel: MBR read successfully user != kernel MBR !!! . ************************************************************************** . [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EverestDriver] "ImagePath"="\??\e:\program files\Programy\Lavalys\EVEREST Home Edition\kerneld.wnt" . --------------------- Pliki DLL ładowane pod uruchomionymi procesami --------------------- . - - - - - - - > 'winlogon.exe'(952) e:\windows\system32\Ati2evxx.dll . - - - - - - - > 'explorer.exe'(3440) e:\windows\system32\WPDShServiceObj.dll e:\windows\system32\PortableDeviceTypes.dll e:\windows\system32\PortableDeviceApi.dll . ------------------------ Pozostałe uruchomione procesy ------------------------ . e:\windows\system32\Ati2evxx.exe e:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe e:\windows\system32\Ati2evxx.exe e:\windows\system32\acs.exe e:\windows\RTHDCPL.EXE e:\program files\Brother\ControlCenter3\brccMCtl.exe e:\program files\Brother\Brmfcmon\BrMfcmon.exe e:\windows\ATK0100\ATKOSD.exe e:\program files\ATI Technologies\ATI.ACE\Core-Static\mom.exe e:\program files\Java\jre6\bin\jqs.exe e:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe e:\windows\system32\wbem\wmiapsrv.exe e:\program files\Canon\Solution Menu EX\CNSEUPDT.EXE . ************************************************************************** . Czas ukończenia: 2012-02-21 13:18:23 - komputer został uruchomiony ponownie ComboFix-quarantined-files.txt 2012-02-21 12:18 . Przed: 91 416 276 992 bajtów wolnych Po: 91 878 203 392 bajtów wolnych . - - End Of File - - 6458C832331832A8B13BFFCFD2984D38
×
×
  • Dodaj nową pozycję...