Witam Mam problem może mi ktoś pomóc mam strasznie duże zużycie procesora. Wklejam tutaj logo z combofixa http://wklej.org/id/654344/ Dodam że jak combofix zakończy prace to wszystko jest ok jednak gdy resetuje komputer to mam znowu duże zużycie procesora. Jestem początkującym na forum więc proszę o wyrozumiałość jeśli coś zrobiłem nie tak postaram się to naprawić.
ComboFix 11-12-24.07 - USER 2011-12-24 22:13:02.2.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.48.1045.18.3583.2534 [GMT 1:00]
Uruchomiony z: e:\downloads\ComboFix.exe
AV: ESET NOD32 Antivirus 5.0 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 5.0 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Rezydentny antywirus jest aktywny
.
.
.
((((((((((((((((((((((((( Pliki utworzone od 2011-11-24 do 2011-12-24 )))))))))))))))))))))))))))))))
.
.
2011-12-24 21:19 . 2011-12-24 21:19 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-12-24 12:43 . 2011-12-24 12:43 -------- d-----w- c:\program files\ESET
2011-12-23 17:45 . 2011-12-23 17:45 -------- d-----w- c:\windows\USB Vibration
2011-12-23 17:44 . 2002-08-02 01:20 237568 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0700\Intel32\iscript.dll
2011-12-23 17:44 . 2002-08-02 01:20 151552 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0700\Intel32\iuser.dll
2011-12-23 17:44 . 2011-12-23 17:44 270468 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0700\Intel32\Setup.dll
2011-12-23 17:44 . 2011-12-23 17:44 159876 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0700\Intel32\IGdi.dll
2011-12-23 17:44 . 2002-08-05 09:46 57344 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0700\Intel32\ctor.dll
2011-12-23 17:44 . 2002-08-02 02:10 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0700\Intel32\DotNetInstaller.exe
2011-12-23 17:44 . 2002-08-02 01:20 634880 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0700\Intel32\iKernel.dll
2011-12-23 17:44 . 2011-12-23 17:44 -------- d-----w- c:\program files\USB Vibration
2011-12-22 15:52 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2011-12-22 15:51 . 2011-12-22 15:51 -------- d-----w- c:\programdata\Solidshield
2011-12-21 18:45 . 2011-12-23 19:56 -------- d-----w- c:\users\USER\AppData\Roaming\AIMP
2011-12-21 18:45 . 2011-12-21 18:45 -------- d-----w- c:\program files\AIMP2
2011-12-21 15:51 . 2011-12-21 15:51 0 ---ha-w- c:\users\USER\AppData\Local\BIT8A1.tmp
2011-12-19 18:18 . 2011-12-19 18:18 -------- d-----w- c:\program files\Conduit
2011-12-19 18:18 . 2011-12-19 18:18 0 ----a-w- c:\windows\system32\ConduitEngine.tmp
2011-12-19 18:18 . 2011-12-19 18:18 -------- d-----w- c:\users\USER\AppData\Local\Conduit
2011-12-19 18:18 . 2011-12-19 18:18 -------- d-----w- c:\program files\SFT_Polska
2011-12-18 18:46 . 2011-12-18 18:46 -------- d-----w- c:\users\USER\AppData\Local\ElevatedDiagnostics
2011-12-18 10:36 . 2011-12-18 10:36 -------- d-----w- c:\program files\Electronic Arts
2011-12-18 10:34 . 2011-12-18 10:34 -------- d-----w- c:\program files\Microsoft WSE
2011-12-05 19:45 . 2011-12-05 19:45 1494 ----a-w- C:\user.js
2011-12-05 19:45 . 2011-12-05 19:45 -------- d-----w- c:\program files\BabylonToolbar
2011-12-05 19:44 . 2011-12-05 19:44 -------- d-----w- c:\users\USER\AppData\Roaming\Babylon
2011-12-05 19:44 . 2011-12-05 19:44 -------- d-----w- c:\users\USER\AppData\Local\Babylon
2011-12-05 19:44 . 2011-12-05 19:44 -------- d-----w- c:\programdata\Babylon
2011-12-05 19:44 . 2011-12-05 19:44 -------- d-----w- c:\program files\Grupa33
2011-12-01 15:58 . 2011-12-01 15:58 -------- d-----w- c:\program files\Ask.com
2011-12-01 15:58 . 2011-12-01 15:58 -------- d-----w- c:\program files\VirtualDJ
.
.
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-04 14:16 . 2011-11-04 14:16 0 ---ha-w- c:\users\USER\AppData\Local\BIT8F9D.tmp
2011-10-17 14:02 . 2011-10-17 13:08 3848 ---ha-w- C:\aaw7boot.cmd
2011-10-01 02:59 . 2011-10-15 15:56 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-09-30 18:07 . 2011-05-05 14:14 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2010-11-20 . F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 . 811520 . . [6.1.7601.17514] . . c:\windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
[-] 2009-07-14 . 8626F0C30D4E3564FFDD25C90F4426F1 . 811520 . . [6.1.7600.16385] . . c:\windows\System32\user32.dll
[7] 2009-07-14 . 34B7E222E81FAFA885F0C5F2CFA56861 . 811520 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domylne, prawid³owe wpisy nie s¹ pokazane
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
" {00000000-6E41-4FD3-8538-502F5495E5FC} " = " c:\program files\Ask.com\GenericAskToolbar.dll " [2011-02-01 1487240]
" {0F3DC9E0-C459-4a40-BCF8-747BD9322E10} " = " c:\program files\Splashtop\Splashtop Connect IE\AddressBarSearch.dll " [2011-01-21 165776]
" {5c5b9468-d672-4eb7-b52f-b5afabf28c5b} " = " c:\program files\SFT_Polska\prxtbSFT_.dll " [2011-03-28 176936]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_CLASSES_ROOT\clsid\{0f3dc9e0-c459-4a40-bcf8-747bd9322e10}]
[HKEY_CLASSES_ROOT\AddressBarSearch.SearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{4E8E0178-00EF-413d-9324-E7B3E31572E3}]
[HKEY_CLASSES_ROOT\AddressBarSearch.SearchHook]
.
[HKEY_CLASSES_ROOT\clsid\{5c5b9468-d672-4eb7-b52f-b5afabf28c5b}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-03-28 16:22 176936 ----a-w- c:\program files\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5c5b9468-d672-4eb7-b52f-b5afabf28c5b}]
2011-03-28 16:22 176936 ----a-w- c:\program files\SFT_Polska\prxtbSFT_.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9a95b751-bf3e-4ea8-a938-2d4d84cd4964}]
2011-05-30 14:44 87488 ----a-w- c:\progra~1\LPHANT~1\MediaBar\Datamngr\ToolBar\lpdtxmltbpi.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-02-01 18:17 1487240 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{DF925EF3-7A87-44E4-9CAF-8D7B280BF616}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
" {9a95b751-bf3e-4ea8-a938-2d4d84cd4964} " = " c:\progra~1\LPHANT~1\MediaBar\Datamngr\ToolBar\lpdtxmltbpi.dll " [2011-05-30 87488]
" {D4027C7F-154A-4066-A1AD-4243D8127440} " = " c:\program files\Ask.com\GenericAskToolbar.dll " [2011-02-01 1487240]
" {5c5b9468-d672-4eb7-b52f-b5afabf28c5b} " = " c:\program files\SFT_Polska\prxtbSFT_.dll " [2011-03-28 176936]
" {30F9B915-B755-4826-820B-08FBA6BD249D} " = " c:\program files\ConduitEngine\prxConduitEngine.dll " [2011-03-28 176936]
.
[HKEY_CLASSES_ROOT\clsid\{9a95b751-bf3e-4ea8-a938-2d4d84cd4964}]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CLASSES_ROOT\clsid\{5c5b9468-d672-4eb7-b52f-b5afabf28c5b}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
" Philips Intelligent Agent " = " NOT_IN_USE_DUMMY_PATH " [X]
" Gadu-Gadu 10 " = " d:\program files\Gadu-Gadu 10\gg.exe " [2011-07-04 13374048]
" swg " = " c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe " [2011-05-06 39408]
" miniNK " = " c:\users\USER\AppData\Local\miniNK\nk.exe " [2011-09-28 242800]
" DAEMON Tools Lite " = " c:\program files\DAEMON Tools Lite\DTLite.exe " [2011-08-02 4910912]
" RGSC " = " e:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe " [2008-11-14 305064]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
" UpdReg " = " c:\windows\UpdReg.EXE " [2000-05-10 90112]
" RunDLLEntry " = " c:\windows\system32\AmbRunE.dll " [2009-02-26 14848]
" Monitor " = " c:\windows\Philips\SPC220NC\Monitor.exe " [2006-11-03 319488]
" STCAgent " = " c:\program files\Splashtop\Splashtop Connect IE\STCAgent.exe " [2011-01-21 776064]
" ZyngaGamesAgent " = " c:\program files\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe " [2010-11-15 841544]
" Malwarebytes' Anti-Malware " = " c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe " [2011-08-31 449608]
" egui " = " c:\program files\ESET\ESET NOD32 Antivirus\egui.exe " [2011-09-22 3080264]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
" ConsentPromptBehaviorAdmin " = 0 (0x0)
" ConsentPromptBehaviorUser " = 3 (0x3)
" EnableLUA " = 0 (0x0)
" EnableUIADesktopToggle " = 0 (0x0)
" PromptOnSecureDesktop " = 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
" AppInit_DLLs " =c:\progra~1\LPHANT~1\MediaBar\Datamngr\datamngr.dll c:\progra~1\LPHANT~1\MediaBar\Datamngr\IEBHO.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
" mixer3 " =wdmaud.drv
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TrayMin220.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\TrayMin220.lnk
backup=c:\windows\pss\TrayMin220.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^USER^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk]
path=c:\users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk
backup=c:\windows\pss\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-06-12 00:38 34672 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ALLUpdate]
2011-08-16 18:30 1379840 ----a-w- c:\program files\ALLPlayer\ALLUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-03-22 07:49 149040 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTSyncService]
2009-07-08 13:32 1233195 ------w- c:\program files\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-08-02 07:33 4910912 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GAINWARD]
2011-04-08 16:36 2265416 ----a-w- c:\program files\EXPERTool\TBPANEL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 22:47 31016 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDAudDeck]
2009-12-04 07:48 1728512 ----a-r- c:\program files\VIA\VIAudioi\VDeck\VDeck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IPLA!]
2011-10-18 15:25 19780040 ----a-w- c:\program files\ipla\ipla.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]
2006-05-16 08:58 213936 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
2011-08-15 15:18 1955208 ----a-w- d:\program files\LogMeIn Hamachi\hamachi-2-ui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-15 19:02 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\STCAgent]
2011-01-21 07:40 776064 ----a-w- c:\program files\Splashtop\Splashtop Connect IE\STCAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-06-09 11:06 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2011-05-06 19:31 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VolPanel]
2009-05-04 17:05 241789 ------w- c:\program files\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2009-07-01 16:37 37888 ----a-w- c:\program files\Winamp\winampa.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\XFastUsb]
2011-04-30 11:34 4942336 ----a-w- c:\program files\XFastUsb\XFastUsb.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZyngaGamesAgent]
2010-11-15 11:21 841544 ----a-w- c:\program files\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe
.
R2 DCService.exe;DCService.exe;c:\programdata\DatacardService\DCService.exe [2010-05-08 229376]
R2 gupdate;Us³uga Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-05-06 136176]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [2010-03-20 101504]
R3 FNETTBOH_305;FNETTBOH_305;c:\windows\system32\drivers\FNETTBOH_305.SYS [2011-05-02 29248]
R3 gupdatem;Us³uga Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-05-06 136176]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [x]
R3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
R3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
R3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
R3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
R3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
R3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
R3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
R3 Sound Blaster X-Fi MB Licensing Service;Sound Blaster X-Fi MB Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\XMBLicensing.exe [2011-04-30 79360]
R3 WatAdminSvc;WatAdminSvc;c:\windows\system32\Wat\WatAdminSvc.exe [2011-05-02 1343400]
R4 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-04-30 79360]
R4 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-04-30 79360]
S1 AsrAppCharger;AsrAppCharger;c:\windows\system32\DRIVERS\AsrAppCharger.sys [2010-06-11 13832]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-05-06 232512]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2011-08-04 118104]
S1 FNETURPX;FNETURPX;c:\windows\system32\drivers\FNETURPX.SYS [2011-04-30 14656]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2011-08-09 163424]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2011-09-22 974944]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2011-08-04 103112]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;d:\program files\LogMeIn Hamachi\hamachi-2.exe [2011-08-15 1361288]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S2 SCBackService;Splashtop Connect Service;c:\program files\Splashtop\Splashtop Connect\BackService.exe [2010-11-15 477000]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-04-07 378472]
S2 WCUService_STC_IE;Splashtop Connect IE Software Updater Service;c:\program files\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe [2011-03-22 497480]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [2010-04-30 206336]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [2010-05-22 70656]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [2010-08-24 68208]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-08-31 22216]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2011-04-19 139368]
S3 SPC220NC;Philips SPC220NC Webcam;c:\windows\system32\DRIVERS\SPC220NC.SYS [2007-01-09 507136]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-11-25 1108480]
.
.
Zawartoæ folderu 'Zaplanowane zadania'
.
2011-12-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-06 19:31]
.
2011-12-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-06 19:31]
.
2011-12-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2890287680-1522731090-1644161990-1000Core.job
- c:\users\USER\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-21 12:58]
.
2011-12-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2890287680-1522731090-1644161990-1000UA.job
- c:\users\USER\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-21 12:58]
.
.
------- Skan uzupe³niaj¹cy -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10 & ctid=CT3031817
mStart Page = hxxp://home.sweetim.com
IE: E & ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Funkcja Google Sidewiki - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: Search the Web - c:\program files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
TCP: Interfaces\{12640E8C-9ACE-443A-9DB6-74B6F9B375C7}: NameServer = 89.108.195.21 217.17.34.10
TCP: Interfaces\{7B82CA03-6D9D-4F29-935A-B7F932104A01}: NameServer = 89.108.195.21 217.17.34.10
TCP: Interfaces\{CF055C3E-3C79-49D6-B521-27F336A6410E}: NameServer = 89.108.195.21 217.17.34.10
.
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2890287680-1522731090-1644161990-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
" ?? " =hex:d6,73,cf,1c,2b,1a,5f,c1,9e,d1,b1,0a,01,17,c3,8f,af,50,38,30,5f,cf,1a,
2e,b6,8c,78,26,8a,0f,65,64,c2,d3,6d,4a,6a,17,12,1b,b2,52,03,38,ae,45,0c,90,\
" ?? " =hex:a1,41,7b,2c,e5,89,a5,e9,45,ea,3c,31,82,31,ad,53
.
[HKEY_USERS\S-1-5-21-2890287680-1522731090-1644161990-1000\Software\SecuROM\License information*]
" datasecu " =hex:0b,ce,a4,a0,6a,25,a2,27,64,c9,c4,2a,86,23,fe,db,19,34,ba,cb,f1,
1f,70,2a,b9,31,35,56,41,5a,08,1e,e2,06,1a,b0,0d,29,8a,59,50,37,a1,27,24,b6,\
" rkeysecu " =hex:d1,9d,14,0e,30,0a,70,4d,b8,e2,d0,b3,37,92,7e,af
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
" BlindDial " =dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
" BlindDial " =dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
" BlindDial " =dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
" BlindDial " =dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
" BlindDial " =dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
" BlindDial " =dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Czas ukoñczenia: 2011-12-24 22:20:56
ComboFix-quarantined-files.txt 2011-12-24 21:20
ComboFix2.txt 2011-12-24 21:06
.
Przed: 15 366 180 864 bajtów wolnych
Po: 15 295 770 624 bajtów wolnych
.
- - End Of File - - 036EFB57170E2F65CC5661CC4FFF5BA6