ComboFix 11-01-10.04 - Admin2 2011-01-12 23:57:08.1.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.48.1045.18.3070.2159 [GMT 1:00] Uruchomiony z: c:\users\Admin2\Desktop\ComboFix.exe AV: Kaspersky Anti-Virus *Disabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06} SP: Kaspersky Anti-Virus *Disabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ((((((((((((((((((((((((( Pliki utworzone od 2010-12-12 do 2011-01-12 ))))))))))))))))))))))))))))))) . 2011-01-12 23:45 . 2011-01-12 23:45 -------- d-----w- C:\found.000 2011-01-12 23:03 . 2011-01-12 23:03 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-01-12 18:46 . 2011-01-12 19:03 97859 ----a-w- c:\windows\system32\drivers\klick.dat 2011-01-12 18:46 . 2011-01-12 19:03 114243 ----a-w- c:\windows\system32\drivers\klin.dat 2011-01-12 18:45 . 2011-01-12 22:44 -------- d-----w- c:\programdata\Kaspersky Lab 2011-01-12 18:45 . 2011-01-12 18:45 -------- d-----w- c:\program files\Kaspersky Lab 2011-01-12 18:31 . 2011-01-12 18:31 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files 2011-01-12 15:26 . 2010-12-28 15:55 413696 ----a-w- c:\windows\system32\odbc32(48).dll 2011-01-12 15:26 . 2010-12-28 15:53 253952 ----a-w- c:\program files\Common Files\System\ado\msadox(8).dll 2011-01-12 15:26 . 2010-12-28 15:53 241664 ----a-w- c:\program files\Common Files\System\ado\msadomd(7).dll 2011-01-12 15:26 . 2010-12-28 15:53 708608 ----a-w- c:\program files\Common Files\System\ado\msado15(0).dll 2011-01-12 15:26 . 2010-12-28 15:53 57344 ----a-w- c:\program files\Common Files\System\msadc\msadcs(10).dll 2011-01-12 15:26 . 2010-12-28 15:53 180224 ----a-w- c:\program files\Common Files\System\msadc\msadco(9).dll 2011-01-12 15:24 . 2010-12-14 14:49 1169408 ----a-w- c:\windows\system32\sdclt(54).exe 2011-01-12 15:09 . 2009-08-04 08:02 754688 ----a-w- c:\windows\system32\webservices.dll 2011-01-11 20:29 . 2011-01-11 20:29 -------- d-----w- c:\programdata\PDF Writer 2011-01-11 20:26 . 2008-01-21 02:23 89600 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\HPZPPLHN.DLL 2011-01-11 20:25 . 2011-01-11 20:25 -------- d-----w- c:\program files\Common Files\Bullzip 2011-01-11 20:25 . 2008-10-30 22:15 227840 ----a-w- c:\windows\system32\bzFlRdr.dll 2011-01-11 20:25 . 2008-07-09 23:19 103424 ----a-w- c:\windows\system32\bzDCT.dll 2011-01-11 20:25 . 2010-09-27 14:27 135168 ----a-w- c:\windows\system32\bzpdfc.dll 2011-01-11 20:25 . 2010-09-27 14:28 196096 ----a-w- c:\windows\system32\bzpdf.dll 2011-01-11 20:25 . 1999-05-06 23:00 140288 ----a-w- c:\windows\system32\comdlg32.OCX 2011-01-11 17:11 . 2010-11-16 11:01 6273872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E301650B-0BEE-4E68-A885-D9819B189B1C}\mpengine.dll 2011-01-10 19:57 . 2011-01-10 19:57 -------- d-----w- c:\program files\Common Files\Adobe AIR 2011-01-10 19:57 . 2011-01-10 19:57 -------- d-----w- c:\program files\MSXML 4.0 2011-01-10 19:47 . 2011-01-10 19:47 -------- d-----w- c:\programdata\HTC 2011-01-10 19:47 . 2011-01-10 19:47 -------- d-----w- c:\program files\Common Files\Teleca Shared 2011-01-10 19:47 . 2011-01-10 19:47 -------- d-----w- c:\programdata\Teleca 2011-01-10 19:45 . 2011-01-10 19:45 -------- d-----w- c:\program files\Spirent Communications 2011-01-10 19:45 . 2011-01-10 20:05 -------- d-----w- c:\program files\HTC 2011-01-10 19:42 . 2011-01-10 19:42 -------- d-----w- c:\windows\Downloaded Installations 2011-01-10 14:55 . 2011-01-10 15:07 -------- d-----w- c:\programdata\Google Updater 2011-01-09 21:59 . 2011-01-09 21:59 -------- d-----w- c:\program files\Microsoft Synchronization Services 2011-01-09 21:58 . 2011-01-09 21:58 -------- d-----w- c:\program files\Microsoft Sync Framework 2011-01-09 21:58 . 2011-01-09 21:58 -------- d-----w- c:\program files\Microsoft.NET 2011-01-09 21:46 . 2011-01-09 21:46 -------- d-----w- c:\program files\Microsoft Visual Studio 8 2011-01-09 21:45 . 2011-01-09 21:45 -------- d-----w- c:\program files\Microsoft Analysis Services 2011-01-09 21:26 . 2011-01-09 21:26 218176 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys 2011-01-09 17:20 . 2011-01-12 18:37 -------- d-----w- c:\programdata\Alwil Software 2011-01-09 17:07 . 2011-01-09 17:07 -------- d-----w- c:\users\Public\CyberLink 2011-01-04 02:22 . 2011-01-04 02:22 -------- d-----w- c:\program files\Windows Portable Devices 2011-01-04 02:05 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll 2011-01-04 02:05 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll 2011-01-04 02:05 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll 2011-01-04 02:02 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll 2011-01-04 02:02 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll 2011-01-04 02:02 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll 2011-01-04 01:25 . 2010-05-04 19:13 231424 ----a-w- c:\windows\system32\msshsq.dll 2011-01-03 20:21 . 2011-01-03 20:21 -------- d-----w- c:\windows\system32\ca-ES 2011-01-03 20:21 . 2011-01-03 20:21 -------- d-----w- c:\windows\system32\eu-ES 2011-01-03 20:20 . 2011-01-03 20:21 -------- d-----w- c:\windows\system32\vi-VN 2011-01-03 20:05 . 2011-01-03 20:05 -------- d-----w- c:\windows\system32\EventProviders 2011-01-03 20:03 . 2011-01-03 20:03 691696 ----a-w- c:\windows\system32\drivers\sptd.sys 2011-01-03 19:58 . 2011-01-09 23:35 -------- d-----w- c:\programdata\DAEMON Tools Lite 2011-01-01 22:44 . 2011-01-10 15:06 -------- d-----w- c:\program files\Google 2011-01-01 19:58 . 2011-01-01 19:58 -------- d-----w- c:\windows\system32\Side 9 Screensaver dir 2011-01-01 19:58 . 2011-01-01 19:58 520192 ----a-w- c:\windows\system32\Side 9 Screensaver.scr 2011-01-01 19:32 . 2011-01-12 21:16 -------- d-----w- C:\Program Files2 2011-01-01 13:17 . 2011-01-01 13:18 -------- d-----w- c:\users\Olo 2011-01-01 12:06 . 2011-01-12 18:46 -------- d-----w- c:\users\Admin2 2011-01-01 11:41 . 2009-11-08 09:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll 2011-01-01 11:41 . 2009-11-08 09:55 49472 ----a-w- c:\windows\system32\netfxperf.dll 2011-01-01 11:41 . 2009-11-08 09:55 297808 ----a-w- c:\windows\system32\mscoree.dll 2011-01-01 11:41 . 2009-11-08 09:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe 2011-01-01 11:41 . 2009-11-08 09:55 1130824 ----a-w- c:\windows\system32\dfshim.dll 2010-12-31 12:10 . 2010-09-06 16:20 125952 ----a-w- c:\windows\system32\srvsvc.dll 2010-12-31 12:10 . 2010-09-06 16:19 17920 ----a-w- c:\windows\system32\netevent.dll 2010-12-31 12:10 . 2010-09-06 13:45 304128 ----a-w- c:\windows\system32\drivers\srv.sys 2010-12-31 12:10 . 2010-09-06 13:45 145408 ----a-w- c:\windows\system32\drivers\srv2.sys 2010-12-31 12:10 . 2010-09-06 13:45 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys 2010-12-31 12:10 . 2009-08-24 11:36 377344 ----a-w- c:\windows\system32\winhttp.dll 2010-12-31 12:09 . 2010-05-27 20:08 739328 ----a-w- c:\windows\system32\inetcomm.dll 2010-12-30 13:37 . 2010-02-12 10:48 293376 ----a-w- c:\windows\system32\browserchoice.exe 2010-12-30 13:09 . 2010-02-20 23:06 24064 ----a-w- c:\windows\system32\nshhttp.dll 2010-12-30 13:09 . 2010-02-20 23:05 30720 ----a-w- c:\windows\system32\httpapi.dll 2010-12-30 13:09 . 2010-02-20 20:53 411648 ----a-w- c:\windows\system32\drivers\http.sys 2010-12-30 13:08 . 2010-12-30 13:08 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help 2010-12-30 12:30 . 2009-04-11 06:28 1086464 ----a-w- c:\windows\system32\NetProjW.dll 2010-12-30 12:29 . 2009-04-11 06:28 19968 ----a-w- c:\windows\system32\winrnr.dll 2010-12-30 12:28 . 2009-04-11 06:28 247808 ----a-w- c:\windows\system32\drvstore.dll 2010-12-30 11:58 . 2010-10-19 09:41 222080 ------w- c:\windows\system32\MpSigStub.exe 2010-12-15 14:03 . 2010-12-15 14:03 -------- d-----w- c:\programdata\ASUS 2010-12-15 13:49 . 2010-01-25 12:00 471552 ----a-w- c:\windows\system32\secproc_isv.dll 2010-12-15 13:49 . 2010-01-25 12:00 471552 ----a-w- c:\windows\system32\secproc.dll 2010-12-15 13:49 . 2010-01-25 08:21 526336 ----a-w- c:\windows\system32\RMActivate_isv.exe 2010-12-15 13:49 . 2010-01-25 08:21 518144 ----a-w- c:\windows\system32\RMActivate.exe 2010-12-15 13:49 . 2010-01-25 12:00 152576 ----a-w- c:\windows\system32\secproc_ssp_isv.dll 2010-12-15 13:49 . 2010-01-25 12:00 152064 ----a-w- c:\windows\system32\secproc_ssp.dll 2010-12-15 13:49 . 2010-01-25 11:58 332288 ----a-w- c:\windows\system32\msdrm.dll 2010-12-15 13:49 . 2010-01-25 08:21 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe 2010-12-15 13:49 . 2010-01-25 08:21 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe 2010-12-15 13:45 . 2009-08-14 13:49 27136 ----a-w- c:\windows\system32\NETSTAT.EXE 2010-12-15 13:45 . 2009-08-14 13:49 19968 ----a-w- c:\windows\system32\ARP.EXE 2010-12-15 13:45 . 2009-08-14 13:48 105984 ----a-w- c:\windows\system32\netiohlp.dll 2010-12-15 13:45 . 2009-08-14 13:49 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE 2010-12-15 13:45 . 2009-08-14 13:49 17920 ----a-w- c:\windows\system32\ROUTE.EXE 2010-12-15 13:45 . 2009-08-14 13:49 11264 ----a-w- c:\windows\system32\MRINFO.EXE 2010-12-15 13:45 . 2009-08-14 13:49 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE 2010-12-15 13:45 . 2009-08-14 13:49 10240 ----a-w- c:\windows\system32\finger.exe 2010-12-15 13:39 . 2010-11-03 10:51 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat 2010-12-15 13:37 . 2009-09-10 14:58 1418752 ----a-w- c:\program files\Windows Media Player\setup_wm.exe 2010-12-15 13:37 . 2009-09-10 14:58 310784 ----a-w- c:\windows\system32\unregmp2.exe 2010-12-15 13:36 . 2010-08-26 16:34 1696256 ----a-w- c:\windows\system32\gameux.dll 2010-12-15 13:36 . 2010-08-26 16:33 28672 ----a-w- c:\windows\system32\Apphlpdm.dll 2010-12-15 13:36 . 2010-08-26 14:23 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll 2010-12-15 13:26 . 2009-06-10 11:41 2868224 ----a-w- c:\windows\system32\mf.dll 2010-12-15 13:26 . 2009-04-11 06:28 98816 ----a-w- c:\windows\system32\mfps.dll 2010-12-15 13:26 . 2009-04-11 06:27 53248 ----a-w- c:\windows\system32\rrinstaller.exe 2010-12-15 13:26 . 2009-04-11 06:27 24576 ----a-w- c:\windows\system32\mfpmp.exe 2010-12-15 13:26 . 2009-04-11 04:54 2048 ----a-w- c:\windows\system32\mferror.dll 2010-12-15 13:25 . 2010-09-13 13:56 168960 ----a-w- c:\program files\Windows Media Player\wmplayer.exe 2010-12-15 13:25 . 2010-09-13 13:56 8147456 ----a-w- c:\windows\system32\wmploc.DLL 2010-12-15 13:25 . 2009-07-15 12:39 107520 ----a-w- c:\program files\Windows Media Player\wmpconfig.exe 2010-12-15 13:25 . 2009-07-15 12:39 4096 ----a-w- c:\windows\system32\msdxm.ocx 2010-12-15 13:25 . 2009-07-15 12:39 4096 ----a-w- c:\windows\system32\dxmasf.dll 2010-12-15 13:25 . 2009-07-15 12:39 7680 ----a-w- c:\windows\system32\spwmp.dll 2010-12-15 13:25 . 2009-07-15 12:39 107520 ----a-w- c:\program files\Windows Media Player\wmpshare.exe 2010-12-15 13:24 . 2009-09-10 16:48 218624 ----a-w- c:\windows\system32\msv1_0.dll 2010-12-15 13:22 . 2009-06-15 14:52 1259008 ----a-w- c:\windows\system32\lsasrv.dll 2010-12-15 13:22 . 2009-06-15 23:15 439864 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2010-12-15 13:22 . 2009-06-15 14:54 175104 ----a-w- c:\windows\system32\wdigest.dll 2010-12-15 13:22 . 2009-06-15 14:52 499712 ----a-w- c:\windows\system32\kerberos.dll 2010-12-15 13:22 . 2009-06-15 14:53 72704 ----a-w- c:\windows\system32\secur32.dll 2010-12-15 13:22 . 2009-06-15 12:48 9728 ----a-w- c:\windows\system32\lsass.exe . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-01-12 22:43 . 2009-08-11 22:09 45056 ----a-w- c:\windows\system32\acovcnt.exe 2011-01-12 15:29 . 2006-11-02 10:24 37403080 ----a-w- c:\windows\system32\mrt(45).exe 2010-12-02 03:35 . 2010-12-02 03:35 4280320 ----a-w- c:\windows\system32\GPhotos.scr 2010-11-12 08:51 . 2010-11-12 08:51 782600 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2008-10-14 21:57 . 2008-10-14 21:57 106496 ----a-w- c:\program files\Common Files\CPInstallAction.dll . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1] @="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}" [HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}] 2007-06-02 00:08 143360 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504] "CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2008-07-19 104936] "UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-04 218408] "HControlUser"="c:\program files\ASUS\ATK Hotkey\HControlUser.exe" [2008-08-18 98304] "ATKOSD2"="c:\program files\ASUS\ATKOSD2\ATKOSD2.exe" [2008-09-03 8105984] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-03-19 61440] "HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2009-04-30 1392640] "ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-04-21 540576] "Wireless Console 3"="c:\program files\ASUS\Wireless Console 3\wcourier.exe" [2009-02-06 1593344] "ATKMEDIA"="c:\program files\ASUS\ATK Media\DMedia.exe" [2008-08-19 159744] "ADSMTray"="c:\program files\ASUS\ASUS Data Security Manager\ADSMTray.exe" [2008-04-01 266240] "ACMON"="c:\program files\ASUS\Splendid\ACMON.exe" [2008-10-01 851968] "ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2009-08-11 3054136] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288] "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2011-01-10 30192] "Mobile Connectivity Suite"="c:\program files\HTC\HTC Sync\Application Launcher\Application Launcher.exe" [2009-11-19 598016] "HTC Sync Loader"="c:\program files\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2010-10-28 294912] "avp"="c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe" [2010-11-02 365336] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll c:\progra~1\KASPER~1\KASPER~1\mzvkbd3.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Notification Packages REG_MULTI_SZ scecli c:\program files\ASUS\ASUS Data Security Manager\ASPWDFLT [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 R2 gupdate;Usługa Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x] R3 GoogleDesktopManager-051210-111108;Menedżer Google Desktop 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2011-01-10 30192] R3 HTCAND32;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-06-10 24576] R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-23 23040] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000] R3 ZTEusbnmeaext;ZTE NMEAExt Port;c:\windows\system32\DRIVERS\ZTEusbnmeaext.sys [2008-10-14 103936] S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [2008-05-29 15416] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2011-01-03 691696] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-01-09 218176] S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [2010-06-09 11352] S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2010-04-22 22104] S2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [2010-09-16 80896] S2 SRS_VolSync_Service;SRS Volume Sync Service;c:\program files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe [2009-04-07 70880] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [2009-03-19 4386304] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2009-03-19 93184] S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2009-04-21 90112] S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-11-02 19984] S3 SRS_PremiumSound_Service;SRS Labs Premium Sound;c:\windows\system32\drivers\srs_PremiumSound_i386.sys [2009-04-01 233128] S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2008-05-29 22072] S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-04-28 1019392] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Zawartość folderu 'Zaplanowane zadania' 2011-01-12 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-01-10 14:55] 2011-01-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3279764437-1638303042-1976369821-1001Core.job - c:\users\Olo\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-10 14:53] 2011-01-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3279764437-1638303042-1976369821-1001UA.job - c:\users\Olo\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-10 14:53] . . ------- Skan uzupełniający ------- . uStart Page = hxxp://www.google.com/ uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-01-13 00:03 Windows 6.0.6002 Service Pack 2 NTFS skanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run HDAudDeck = c:\program files\VIA\VIAudioi\VDeck\VDeck.exe -r??????????????????????????????????????????????? skanowanie ukrytych plików ... skanowanie pomyślnie ukończone ukryte pliki: 0 ************************************************************************** . --------------------- ZABLOKOWANE KLUCZE REJESTRU --------------------- [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . --------------------- Pliki DLL ładowane pod uruchomionymi procesami --------------------- - - - - - - - > 'lsass.exe'(764) c:\program files\ASUS\ASUS Data Security Manager\ASPWDFLT.dll - - - - - - - > 'Explorer.exe'(2792) c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll . Czas ukończenia: 2011-01-13 00:05:38 ComboFix-quarantined-files.txt 2011-01-12 23:05 ComboFix2.txt 2011-01-12 22:40 Przed: 126 122 487 808 bajtów wolnych Po: 126 097 276 928 bajtów wolnych - - End Of File - - E628815BB12A78F7FEDCE6C7B9795D51