Beruflich Dokumente
Kultur Dokumente
1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.48.1045.18.1023.679 [GMT 2:00
]
Uruchomiony z: c:\documents and settings\piotrek\Pulpit\ComboFix.exe
AV: avast! antivirus 4.8.1351 [VPS 090917-0] *On-access scanning disabled* (Upda
ted) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: ZoneAlarm Firewall *disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
((((((((((((((((((((((((((((((((((((((( Usuniêto )))))))))))))))))))))))))))))
))))))))))))))))))))
.
c:\documents and settings\piotrek\oashdihasidhasuidhiasdhiashdiuasdhasd
c:\documents and settings\piotrek\Ulubione\Online Security Test.url
c:\documents and settings\RK\Dane aplikacji\wiaserva.log
c:\documents and settings\RK\delself.bat
c:\documents and settings\RK\Menu Start\Programy\Autostart\ikowin32.exe
c:\documents and settings\RK\oashdihasidhasuidhiasdhiashdiuasdhasd
c:\documents and settings\RK\sys32_nov.exe
c:\windows\system32\ieuinit.inf
c:\windows\system32\sys32_nov.exe
.
((((((((((((((((((((((((((((((((((((((( Sterowniki/Us³ugi ))))))))))))))))))))
)))))))))))))))))))))))))))))
.
-------\Service_npf
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http:/
/www.gmer.net
Rootkit scan 2009-09-18 19:55
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
skanowanie ukrytych procesów ...
skanowanie ukrytych wpisów autostartu ...
skanowanie ukrytych plików ...
skanowanie pomy lnie ukoñczone
ukryte pliki: 0
**************************************************************************
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
[HKEY_USERS\S-1-5-21-527237240-926492609-1417001333-1003\Software\SecuROM\!CAUTI
ON! NEVER A OR CHANGE ANY KEY*]
"??"=hex:25,4e,20,28,a6,84,eb,8a,80,9c,3c,93,b5,84,f0,53,74,c1,3c,98,af,ed,27,
4b,1f,e5,cc,1a,3b,65,05,03,55,77,d9,fa,58,98,2e,44,07,65,77,6c,f0,d4,09,4f,\
"??"=hex:5a,cc,2b,df,7e,e1,a8,74,d9,b9,a0,49,66,37,fd,ef
[HKEY_USERS\S-1-5-21-527237240-926492609-1417001333-1003\Software\SecuROM\Licens
e information*]
"datasecu"=hex:9c,a3,e4,0f,90,40,e3,2a,6c,50,b5,f0,fa,ae,a9,b5,03,d5,89,b5,0c,
5f,0c,3e,72,f4,c8,73,c7,f6,dd,d6,c7,fc,98,29,b3,71,24,ce,03,70,01,2b,79,3d,\
"rkeysecu"=hex:18,2b,8f,3c,97,95,d9,04,92,ea,4d,8f,74,f4,59,2a
.
--------------------- Pliki DLL ³adowane pod uruchomionymi procesami -------------
--------
- - - - - - - > 'explorer.exe'(1300)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Pozosta³e uruchomione procesy ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\system32\Crypserv.exe
c:\program files\NVIDIA Corporation\nTune\nTuneService.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\system32\wscntfy.exe
c:\program files\Alwil Software\Avast4\Setup\avast.setup
.
**************************************************************************
.
Czas ukoñczenia: 2009-09-18 19:58 - komputer zosta³ uruchomiony ponownie
ComboFix-quarantined-files.txt 2009-09-18 17:58
Przed: 74653696 bajtów wolnych
Po: 1352499200 bajtów wolnych
WindowsXP-KB310994-SP2-Pro-BootDisk-PLK.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional"
/fastdetect /NoExecute=OptIn /usepmtimer
179 --- E O F --- 2008-08-07 18:47