Logi z combofix proszę sprawdzić

toperprg · Sierpień 18, 2013

tak jak w temacie proszę sprawdzić logi z combofix

ComboFix 13-08-16.03 - Łukasz 2013-08-18 3:13.1.4 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.48.1045.18.2935.2214 [GMT 2:00]
Uruchomiony z: d:\pobrane\ComboFix.exe
AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\BrrOwwsie2save
c:\programdata\Bruowsee2save
.
Zainfekowana kopia c:\windows\system32\Services.exe została znaleziona. Problem naprawiono
Plik odzyskano z - c:\windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe
.
.
((((((((((((((((((((((((( Pliki utworzone od 2013-07-18 do 2013-08-18 )))))))))))))))))))))))))))))))
.
.
2013-08-18 01:18 . 2013-08-18 01:18 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-08-17 21:55 . 2013-08-17 21:55 388096 ----a-r- c:\users\Łukasz\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-08-17 21:55 . 2013-08-17 21:55 -------- d-----w- C:\HT
2013-08-17 21:54 . 2013-08-18 01:20 -------- d-----w- c:\users\Łukasz\AppData\Roaming\Tepfel
2013-08-17 21:54 . 2013-08-17 21:54 -------- d-----w- c:\program files\Tepfel
2013-08-17 21:54 . 2013-08-17 21:54 -------- d-----w- c:\programdata\Tarma Installer
2013-08-17 21:22 . 2013-08-17 21:22 -------- d-----w- c:\programdata\Licenses
2013-08-17 21:21 . 2013-08-17 21:30 -------- d-----w- c:\program files\SpywareBlaster
2013-08-17 21:21 . 2011-11-04 03:13 1070352 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2013-08-17 21:21 . 2009-03-24 10:52 129872 ----a-w- c:\windows\system32\MSSTDFMT.DLL
2013-08-17 02:11 . 2013-08-17 02:11 -------- d-----w- c:\users\Łukasz\AppData\Roaming\Need for Speed World
2013-08-17 01:37 . 2013-08-17 01:37 -------- d-----w- c:\users\Łukasz\AppData\Local\Electronic_Arts_Inc
2013-08-17 00:18 . 2013-08-17 00:18 -------- d-----w- c:\program files\Common Files\InstallShield
2013-08-15 23:12 . 2013-08-15 23:12 -------- d-----w- c:\program files\Lavalys
2013-08-15 07:55 . 2013-08-15 07:55 -------- d-----w- c:\users\Default\AppData\Roaming\TuneUp Software
2013-08-15 07:54 . 2013-08-15 08:02 -------- d-----w- c:\users\Łukasz\AppData\Roaming\BESTplayer
2013-08-14 20:52 . 2013-07-09 04:50 652800 ----a-w- c:\windows\system32\rpcrt4.dll
2013-08-14 20:52 . 2013-07-09 04:52 175104 ----a-w- c:\windows\system32\wintrust.dll
2013-08-14 20:52 . 2013-07-09 04:46 1166848 ----a-w- c:\windows\system32\crypt32.dll
2013-08-14 20:52 . 2013-07-09 04:46 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2013-08-14 20:52 . 2013-07-09 04:46 103936 ----a-w- c:\windows\system32\cryptnet.dll
2013-08-14 20:52 . 2013-07-09 05:03 3968960 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-08-14 20:52 . 2013-07-09 05:03 3913664 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-08-14 20:52 . 2013-07-09 04:53 1289096 ----a-w- c:\windows\system32\ntdll.dll
2013-08-14 20:52 . 2013-07-25 08:57 1620992 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-08-14 20:52 . 2013-07-06 05:05 1293760 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-08-14 20:52 . 2013-07-19 01:41 2048 ----a-w- c:\windows\system32\tzres.dll
2013-08-14 20:51 . 2013-06-15 03:38 31232 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2013-08-09 21:59 . 2013-08-09 21:59 -------- d-----w- c:\users\Łukasz\AppData\Local\Chromium
2013-08-09 21:55 . 2013-08-09 21:55 -------- d-----w- c:\users\Łukasz\AppData\Local\SKIDROW
2013-08-09 21:55 . 2013-08-09 21:55 -------- d-----w- c:\users\Łukasz\AppData\Roaming\Sports Interactive
2013-08-09 21:55 . 2013-08-09 21:55 -------- d-----w- c:\users\Łukasz\AppData\Local\Sports Interactive
2013-08-09 21:44 . 2013-08-09 21:49 -------- d-----w- c:\program files\Common Files\Steam
2013-08-09 21:33 . 2013-08-09 21:33 243128 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-08-09 21:33 . 2013-08-09 21:33 -------- d-----w- c:\program files\DAEMON Tools Lite
2013-08-07 21:04 . 2013-08-14 21:49 -------- d-----w- c:\windows\system32\MRT
2013-08-06 00:25 . 2013-08-06 00:25 -------- d-----w- c:\users\Łukasz\AppData\Roaming\AVG2013
2013-08-06 00:25 . 2013-08-06 00:25 -------- d-----w- c:\users\Łukasz\AppData\Roaming\TuneUp Software
2013-08-06 00:24 . 2013-08-06 00:25 -------- d-----w- c:\programdata\AVG2013
2013-08-06 00:24 . 2013-08-06 00:24 -------- d-----w- C:\$AVG
2013-08-06 00:24 . 2013-08-06 00:24 -------- d-----w- c:\program files\AVG
2013-08-06 00:22 . 2013-08-17 20:45 -------- d-----w- c:\programdata\MFAData
2013-08-06 00:22 . 2013-08-09 21:34 -------- d-----w- c:\users\Łukasz\AppData\Local\Avg2013
2013-08-06 00:22 . 2013-08-06 00:22 -------- d--h--w- c:\programdata\Common Files
2013-08-06 00:22 . 2013-08-06 00:22 -------- d-----w- c:\users\Łukasz\AppData\Local\MFAData
2013-08-05 23:37 . 2013-07-30 13:04 268968 ----a-w- c:\windows\system32\sqlite3.dll
2013-08-05 23:37 . 2013-08-05 23:43 -------- d-----w- c:\program files\Secure Speed Dial
2013-08-05 23:37 . 2013-08-05 23:37 -------- d-----w- c:\users\Łukasz\AppData\Roaming\IObit
2013-08-05 10:43 . 2013-08-06 01:52 -------- d-----w-kasz c:\users\UKASZ~2
2013-08-05 10:11 . 2013-08-10 02:20 -------- d-----w- C:\Games
2013-08-05 03:57 . 2013-08-05 03:57 -------- d-----w- c:\program files\uTorrent
2013-08-05 03:57 . 2013-08-18 01:20 -------- d-----w- c:\users\Łukasz\AppData\Roaming\uTorrent
2013-08-05 02:50 . 2013-08-05 02:50 -------- d-sh--w- c:\programdata\DSS
2013-08-05 02:34 . 2013-08-05 04:03 -------- d-----w- c:\users\Łukasz\AppData\Roaming\Origin
2013-08-05 02:33 . 2013-08-05 04:03 -------- d-----w- c:\programdata\Origin
2013-08-05 00:57 . 2008-03-05 13:56 3786760 ----a-w- c:\windows\system32\D3DX9_37.dll
2013-08-05 00:57 . 2007-07-19 16:14 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2013-08-05 00:57 . 2007-05-16 14:45 3497832 ----a-w- c:\windows\system32\d3dx9_34.dll
2013-08-05 00:57 . 2007-04-04 16:53 81768 ----a-w- c:\windows\system32\xinput1_3.dll
2013-08-05 00:57 . 2007-03-12 14:42 3495784 ----a-w- c:\windows\system32\d3dx9_33.dll
2013-08-05 00:56 . 2005-05-26 13:34 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll
2013-08-05 00:24 . 2013-08-05 00:24 -------- d-----w- c:\users\Łukasz\AppData\Roaming\dll-files.com
2013-08-05 00:23 . 2013-08-05 00:23 -------- d-----w- c:\programdata\Logs
2013-08-05 00:23 . 2013-08-05 00:23 -------- d-----w- c:\program files\Dll-Files.com Fixer
2013-08-04 23:55 . 2013-08-04 23:55 -------- d-----w- c:\users\Łukasz\AppData\Local\Downloaded Installations
2013-08-02 19:51 . 2013-07-15 01:34 7143960 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1415EB41-6FE7-4F22-82DE-E0CE61E4574B}\mpengine.dll
2013-07-30 22:21 . 2013-08-02 17:32 -------- d-----w- c:\program files\Google
2013-07-30 22:21 . 2013-07-30 22:21 -------- d-----w- c:\users\Łukasz\AppData\Local\Deployment
2013-07-30 22:21 . 2013-07-30 22:21 -------- d-----w- c:\users\Łukasz\AppData\Local\Apps
2013-07-19 23:51 . 2013-07-19 23:51 246072 ----a-w- c:\windows\system32\drivers\avglogx.sys
2013-07-19 23:50 . 2013-07-19 23:50 60216 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2013-07-19 23:50 . 2013-07-19 23:50 208184 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2013-07-19 23:50 . 2013-07-19 23:50 171320 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2013-07-19 16:33 . 2013-02-21 12:44 75608 ----a-w- c:\windows\system32\drivers\klflt.sys
2013-07-19 16:26 . 2013-08-05 23:47 -------- d-----w- c:\program files\CheckPoint
2013-07-19 16:26 . 2013-08-05 23:46 -------- d-----w- c:\programdata\CheckPoint
2013-07-19 16:06 . 2011-12-15 18:29 26624 ----a-w- c:\windows\system32\drivers\tap0901.sys
2013-07-19 16:06 . 2013-08-02 21:44 -------- d-----w- c:\program files\CyberGhost VPN
.
.
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-09 09:08 . 2013-02-15 09:03 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-08-09 09:08 . 2013-02-15 09:03 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-07-09 23:32 . 2013-07-09 23:32 39224 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2013-07-05 01:58 . 2013-07-05 01:58 745472 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-07-05 01:58 . 2013-07-05 01:58 185344 ----a-w- c:\windows\system32\elshyph.dll
2013-07-05 01:58 . 2013-07-05 01:58 158720 ----a-w- c:\windows\system32\msls31.dll
2013-07-05 01:57 . 2013-07-05 01:57 523264 ----a-w- c:\windows\system32\vbscript.dll
2013-07-05 01:57 . 2013-07-05 01:57 150528 ----a-w- c:\windows\system32\iexpress.exe
2013-07-05 01:57 . 2013-07-05 01:57 138752 ----a-w- c:\windows\system32\wextract.exe
2013-07-05 01:57 . 2013-07-05 01:57 137216 ----a-w- c:\windows\system32\ieUnatt.exe
2013-07-05 01:57 . 2013-07-05 01:57 38400 ----a-w- c:\windows\system32\imgutil.dll
2013-07-05 01:57 . 2013-07-05 01:57 12800 ----a-w- c:\windows\system32\mshta.exe
2013-07-05 01:57 . 2013-07-05 01:57 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-07-05 01:57 . 2013-07-05 01:57 73728 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-07-05 01:57 . 2013-07-05 01:57 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-07-05 01:57 . 2013-07-05 01:57 61952 ----a-w- c:\windows\system32\tdc.ocx
2013-07-05 01:57 . 2013-07-05 01:57 361984 ----a-w- c:\windows\system32\html.iec
2013-07-05 01:57 . 2013-07-05 01:57 719360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-07-05 01:57 . 2013-07-05 01:57 23040 ----a-w- c:\windows\system32\licmgr10.dll
2013-07-05 01:57 . 2013-07-05 01:57 1441280 ----a-w- c:\windows\system32\inetcpl.cpl
2013-07-05 01:57 . 2013-07-05 01:57 49152 ----a-w- c:\windows\system32\taskhost.exe
2013-07-05 01:51 . 2013-07-05 01:51 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-07-05 01:51 . 2013-07-05 01:51 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-07-05 01:51 . 2013-07-05 01:51 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-07-05 01:51 . 2013-07-05 01:51 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-07-05 01:51 . 2013-07-05 01:51 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-07-05 01:51 . 2013-07-05 01:51 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-07-05 01:51 . 2013-07-05 01:51 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-07-05 01:51 . 2013-07-05 01:51 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-07-05 01:51 . 2013-07-05 01:51 1158144 ----a-w- c:\windows\system32\XpsPrint.dll
2013-07-05 01:51 . 2013-07-05 01:51 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-07-05 01:51 . 2013-07-05 01:51 364544 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-07-05 01:51 . 2013-07-05 01:51 906240 ----a-w- c:\windows\system32\FntCache.dll
2013-07-05 01:51 . 2013-07-05 01:51 604160 ----a-w- c:\windows\system32\d3d10level9.dll
2013-07-05 01:51 . 2013-07-05 01:51 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2013-07-05 01:51 . 2013-07-05 01:51 249856 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-07-05 01:51 . 2013-07-05 01:51 2284544 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-07-05 01:51 . 2013-07-05 01:51 220160 ----a-w- c:\windows\system32\d3d10core.dll
2013-07-05 01:51 . 2013-07-05 01:51 207872 ----a-w- c:\windows\system32\WindowsCodec***t.dll
2013-07-05 01:51 . 2013-07-05 01:51 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2013-07-05 01:51 . 2013-07-05 01:51 1080832 ----a-w- c:\windows\system32\d3d10.dll
2013-07-05 01:51 . 2013-07-05 01:51 3419136 ----a-w- c:\windows\system32\d2d1.dll
2013-07-05 01:51 . 2013-07-05 01:51 293376 ----a-w- c:\windows\system32\dxgi.dll
2013-07-05 01:51 . 2013-07-05 01:51 1988096 ----a-w- c:\windows\system32\d3d10warp.dll
2013-07-05 01:51 . 2013-07-05 01:51 187392 ----a-w- c:\windows\system32\UIAnimation.dll
2013-07-05 01:22 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2013-07-04 22:47 . 2011-03-28 16:36 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-06-30 23:45 . 2013-06-30 23:45 96568 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2013-06-05 03:05 . 2013-07-11 16:01 2347520 ----a-w- c:\windows\system32\win32k.sys
2013-06-04 04:53 . 2013-07-11 16:01 509440 ----a-w- c:\windows\system32\qedit.dll
.
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2013-08-05 399736]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"WebCake Desktop"="c:\users\Łukasz\AppData\Roaming\Tepfel\WebCakeDesktop.exe" [2013-08-10 52504]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"="c:\program files\AVG\AVG2013\avgui.exe" [2013-06-30 4411440]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2013-08-01 13:13 3673696 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2012-08-09 14:21 177472 ----a-w- c:\windows\System32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2012-08-09 14:21 142656 ----a-w- c:\windows\System32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2012-08-09 14:21 177984 ----a-w- c:\windows\System32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2010-11-20 02:17 1174016 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-06-21 07:58 19875432 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2013-08-05 03:57 399736 ----a-w- c:\program files\uTorrent\uTorrent.exe
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-06-21 162408]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files\Lavalys\EVEREST Home Edition\kerneld.wnt [2005-08-17 7168]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2013-07-05 1343400]
S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [2013-07-19 60216]
S0 Avglogx;AVG Logging Driver;c:\windows\system32\DRIVERS\avglogx.sys [2013-07-19 246072]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2013-07-09 39224]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [2013-07-19 208184]
S1 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [2013-03-01 22328]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2013-07-19 171320]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2013-03-21 182072]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-08-09 243128]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2013\avgidsagent.exe [2013-07-04 4939312]
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2013\avgwdsvc.exe [2013-07-23 283136]
S2 WebCakeUpdater;WebCakeUpdater;c:\program files\Tepfel\WebCakeDesktop.Updater.exe [2013-08-10 51992]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-26 132480]
S3 IntcDAud;Intel(R) Audio dla ekranów;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-08-23 270336]
.
.
--- Inne Usługi/Sterowniki w Pamięci ---
.
*NewlyCreated* - WS2IFSL
.
Zawartość folderu 'Zaplanowane zadania'
.
2013-08-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-15 09:08]
.
2013-08-07 c:\windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job
- c:\program files\Dll-Files.com Fixer\DLLFixer.exe [2013-08-05 14:12]
.
2013-08-17 c:\windows\Tasks\DLL-Files.Com Fixer_Updates.job
- c:\program files\Dll-Files.com Fixer\DLLFixer.exe [2013-08-05 14:12]
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Łukasz\AppData\Roaming\Mozilla\Firefox\Profiles\2r8i9l91.default\
FF - ExtSQL: 2013-06-23 22:28; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Ă…Âukasz\AppData\Roaming\Mozilla\Firefox\Profiles\2r8i9l91.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-06-30 10:44; [email protected]; c:\users\Ă…Âukasz\AppData\Roaming\Mozilla\Firefox\Profiles\2r8i9l91.default\extensions\[email protected]
FF - ExtSQL: 2013-08-06 01:37; [email protected]; c:\users\Ă…Âukasz\AppData\Roaming\Mozilla\Firefox\Profiles\2r8i9l91.default\extensions\[email protected]
FF - ExtSQL: 2013-08-16 01:45; [email protected]; c:\users\Ă…Âukasz\AppData\Roaming\Mozilla\Firefox\Profiles\2r8i9l91.default\extensions\[email protected]
FF - ExtSQL: 2013-08-17 23:54; [email protected]; c:\users\Ă…Âukasz\AppData\Roaming\Mozilla\Firefox\Profiles\2r8i9l91.default\extensions\[email protected]
FF - user.js: extentions.webcake.installId - c26fb0c0-1abc-444f-b2d7-0c4382089f20
FF - user.js: extentions.webcake.defaultEnableAppsList - layers/banner,layers/inline,layers/search,layers/shopping,newOffers/wc
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
MSConfigStartUp-ZoneAlarm - c:\program files\CheckPoint\ZoneAlarm\zatray.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\EverestDriver]
"ImagePath"="\??\c:\program files\Lavalys\EVEREST Home Edition\kerneld.wnt"
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c:\progra~1\AVG\AVG2013\avgrsx.exe
c:\program files\AVG\AVG2013\avgcsrvx.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\AVG\AVG2013\avgnsx.exe
c:\program files\AVG\AVG2013\avgemcx.exe
c:\windows\system32\conhost.exe
c:\users\c:\windows\system32\SearchIndexer.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Czas ukończenia: 2013-08-18 03:23:11 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt 2013-08-18 01:23
.
Przed: 30*102*560*768 bajtów wolnych
Po: 29*598*535*680 bajtów wolnych
.
- - End Of File - - 88244908989F1F6858E7B591E1322917
1F998BE06DC960CE70B919FFF503E98C

Logi z combofix proszę sprawdzić

toperprg

Użytkownik