API tools faq
paste
Advertisement
Guest User

Kpc21

a guest
Jan 31st, 2010
148
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 21.38 KB | None | 0 0
raw download clone embed print report
  1. ComboFix 10-01-30.05 - Kacper 31.01.2010 13:19:51.1.2 - x86
  2. Microsoft Windows 7 Enterprise 6.1.7600.0.1250.48.1033.18.1791.896 [GMT 1:00]
  3. Uruchomiony z: c:\users\Kacper\Desktop\ComboFix.exe
  4. .
  5. [i] ADS - Windows: deleted 24 bytes in 1 streams. [/i]
  6.  
  7. ((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
  8. .
  9.  
  10. c:\$recycle.bin\S-1-5-21-1234489144-3826866285-3669583721-1001
  11. C:\data
  12. c:\programdata\hpeDCC.dll
  13. c:\users\Kacper\AppData\Roaming\EurekaLog
  14. c:\windows\system32\instsrv.exe
  15. c:\windows\system32\setup.ini
  16.  
  17. .
  18. ((((((((((((((((((((((((( Pliki utworzone od 2009-12-28 do 2010-01-31 )))))))))))))))))))))))))))))))
  19. .
  20.  
  21. 2010-01-31 12:25 . 2010-01-31 12:26 -------- d-----w- c:\users\Kacper\AppData\Local\temp
  22. 2010-01-31 12:25 . 2010-01-31 12:25 -------- d-----w- c:\users\Default\AppData\Local\temp
  23. 2010-01-31 12:17 . 2010-01-31 12:18 -------- d-----w- C:\32788R22FWJFW
  24. 2010-01-30 22:59 . 2010-01-30 22:59 -------- d-----w- c:\users\Kacper\AppData\Roaming\Malwarebytes
  25. 2010-01-30 22:59 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
  26. 2010-01-30 22:59 . 2010-01-30 22:59 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
  27. 2010-01-30 22:59 . 2010-01-30 22:59 -------- d-----w- c:\programdata\Malwarebytes
  28. 2010-01-30 22:59 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
  29. 2010-01-30 18:52 . 2010-01-30 22:35 -------- d-----w- c:\program files\SlySoft
  30. 2010-01-29 22:31 . 2010-01-29 22:37 -------- d-----w- c:\users\Kacper\.VirtualBox
  31. 2010-01-29 22:30 . 2009-12-17 14:02 123280 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
  32. 2010-01-29 22:30 . 2009-12-17 14:02 41616 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
  33. 2010-01-29 22:30 . 2010-01-29 22:30 -------- d-----w- c:\program files\Sun
  34. 2010-01-29 22:03 . 2010-01-29 22:03 -------- d-----w- C:\FPC
  35. 2010-01-27 15:58 . 2009-10-31 05:45 2614272 ----a-w- c:\windows\explorer.exe
  36. 2010-01-27 15:58 . 2009-10-28 06:17 285696 ----a-w- c:\windows\system32\winlogon.exe
  37. 2010-01-26 20:00 . 2010-01-26 20:01 -------- d-----w- c:\program files\nLite
  38. 2010-01-22 19:11 . 2009-12-19 09:02 977920 ----a-w- c:\windows\system32\wininet.dll
  39. 2010-01-19 21:02 . 2010-01-19 21:15 -------- d-----w- c:\users\Kacper\AppData\Roaming\.links
  40. 2010-01-19 21:02 . 2010-01-19 21:02 -------- d-----w- c:\program files\Links
  41. 2010-01-18 19:00 . 2010-01-18 19:00 70584 ----a-w- c:\programdata\Microsoft\Windows Defender\LocalCopy\{6A5DAE3D-ACE2-694B-4004-AC32F1F87BE1}-AdobeExtractFiles.dll
  42. 2010-01-18 19:00 . 2010-01-18 19:00 326056 ----a-w- c:\programdata\Microsoft\Windows Defender\LocalCopy\{746FA792-5D65-BF03-4886-E5AE9366369B}-ReaderUpdater.exe
  43. 2010-01-18 18:50 . 2010-01-18 18:50 79280 ----a-w- c:\programdata\Microsoft\Windows Defender\LocalCopy\{5A45777C-4E17-3936-D4AE-04E8F2B949C3}-PDFPrevHndlr.dll
  44. 2010-01-17 20:41 . 2010-01-17 20:43 -------- d-----w- c:\users\Kacper\AppData\Local\Chromium
  45. 2010-01-17 20:25 . 2010-01-17 20:27 -------- d-----w- c:\users\Kacper\AppData\Local\Google
  46. 2010-01-17 18:53 . 2010-01-17 18:53 75200 ----a-w- c:\programdata\Microsoft\Windows Defender\LocalCopy\{AE03681C-2257-4889-955D-3BD23A945A4D}-AcroIEHelperShim.dll
  47. 2010-01-17 18:53 . 2010-01-17 18:53 61888 ----a-w- c:\programdata\Microsoft\Windows Defender\LocalCopy\{AAF06C95-2434-7B1B-2374-07ACCB18A8A4}-AcroIEHelper.dll
  48. 2010-01-17 18:44 . 2010-01-17 18:44 -------- d-----w- c:\windows\system32\Futuremark
  49. 2010-01-17 18:44 . 2010-01-17 18:44 -------- d-----w- c:\program files\Common Files\Futuremark Shared
  50. 2010-01-17 18:44 . 2008-09-17 14:14 27672 ----a-r- c:\windows\system32\drivers\Entech.sys
  51. 2010-01-17 18:43 . 2010-01-17 18:43 15288 ----a-w- c:\programdata\Microsoft\Windows Defender\LocalCopy\{69B2C4F0-8C93-B6A3-D91B-D59F0D715987}-AcroRd32Info.exe
  52. 2010-01-16 10:06 . 2010-01-16 10:06 349616 ----a-w- c:\programdata\Microsoft\Windows Defender\LocalCopy\{F68B8C3E-5355-14E2-E641-841C6DB5A90D}-AcroRd32.exe
  53. 2010-01-16 09:57 . 2010-01-16 09:58 -------- d-----w- c:\windows\system32\mkcp32
  54. 2010-01-15 15:28 . 2010-01-15 15:28 948672 ----a-w- c:\programdata\Microsoft\Windows Defender\LocalCopy\{D1DDFD72-0B3E-3857-5A12-E6B350730CFB}-AdobeARM.exe
  55. 2010-01-13 14:02 . 2009-10-19 14:10 108544 ----a-w- c:\windows\system32\t2embed.dll
  56. 2010-01-13 14:02 . 2009-10-19 14:10 70656 ----a-w- c:\windows\system32\fontsub.dll
  57. 2010-01-11 16:09 . 2010-01-11 16:09 -------- d-----w- c:\users\Kacper\AppData\Local\ElevatedDiagnostics
  58. 2010-01-04 16:41 . 2010-01-04 16:41 10134 ----a-r- c:\users\Kacper\AppData\Roaming\Microsoft\Installer\{EC8CC7AD-E11C-46F4-BBDF-5D61AD7C8AEE}\ARPPRODUCTICON.exe
  59. 2010-01-04 16:41 . 2010-01-04 16:41 -------- d-----w- c:\program files\KidsAdmin
  60. 2010-01-04 16:32 . 2010-01-04 16:32 -------- d-----w- c:\users\Kacper\AppData\Local\marxio-tools
  61. 2010-01-04 16:32 . 2010-01-04 16:32 -------- d-----w- c:\program files\Marxio Timer
  62. 2010-01-03 19:51 . 2010-01-03 19:51 -------- d-----w- c:\users\Kacper\AppData\Roaming\FastStone
  63. 2010-01-03 19:51 . 2010-01-03 19:51 -------- d-----w- c:\program files\FastStone Image Viewer
  64.  
  65. .
  66. (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
  67. .
  68. 2010-01-24 21:54 . 2009-10-13 20:05 -------- d-----w- c:\users\Kacper\AppData\Roaming\foobar2000
  69. 2010-01-22 19:06 . 2009-09-10 16:56 -------- d-----w- c:\program files\Microsoft Silverlight
  70. 2010-01-20 17:56 . 2009-12-02 13:11 -------- d-----w- c:\users\Kacper\AppData\Roaming\gtk-2.0
  71. 2010-01-18 16:17 . 2009-09-04 15:39 687590 ----a-w- c:\windows\system32\perfh015.dat
  72. 2010-01-18 16:17 . 2009-09-04 15:39 131176 ----a-w- c:\windows\system32\perfc015.dat
  73. 2010-01-17 18:44 . 2009-09-15 14:50 -------- d--h--w- c:\program files\InstallShield Installation Information
  74. 2010-01-15 15:27 . 2009-09-04 15:34 -------- d-----w- c:\program files\Common Files\Adobe
  75. 2010-01-14 10:12 . 2009-10-03 13:43 181120 ------w- c:\windows\system32\MpSigStub.exe
  76. 2010-01-13 23:08 . 2009-09-04 16:05 -------- d-----w- c:\programdata\Microsoft Help
  77. 2010-01-13 15:50 . 2009-12-29 12:55 -------- d-----w- c:\users\Kacper\AppData\Roaming\Kadu
  78. 2010-01-10 10:51 . 2009-12-25 19:40 -------- d-----w- c:\users\Kacper\AppData\Roaming\codeblocks
  79. 2010-01-08 20:03 . 2009-10-01 10:13 -------- d-----w- c:\program files\Opera
  80. 2010-01-01 17:53 . 2009-12-31 21:09 -------- d-----w- c:\users\Kacper\AppData\Roaming\Skype
  81. 2010-01-01 17:49 . 2009-12-31 21:10 -------- d-----w- c:\users\Kacper\AppData\Roaming\skypePM
  82. 2009-12-31 21:10 . 2009-12-31 21:10 56 ---ha-w- c:\programdata\ezsidmv.dat
  83. 2009-12-31 21:09 . 2009-12-31 21:08 -------- d-----r- c:\program files\Skype
  84. 2009-12-31 21:08 . 2009-12-31 21:08 -------- d-----w- c:\program files\Common Files\Skype
  85. 2009-12-31 21:08 . 2009-12-31 21:08 -------- d-----w- c:\programdata\Skype
  86. 2009-12-30 22:16 . 2009-12-30 22:16 -------- d-----w- c:\program files\Gadu-Gadu 10
  87. 2009-12-30 22:16 . 2009-12-30 22:16 -------- d-----w- c:\users\Kacper\AppData\Roaming\Gadu-Gadu 10
  88. 2009-12-29 12:55 . 2009-12-29 12:55 -------- d-----w- c:\program files\Kadu
  89. 2009-12-25 19:51 . 2009-12-25 19:39 -------- d-----w- c:\program files\CodeBlocks
  90. 2009-12-24 12:18 . 2009-12-24 12:18 -------- d-----w- c:\users\Kacper\AppData\Roaming\.wtw
  91. 2009-12-24 12:09 . 2009-12-24 12:09 -------- d-----w- c:\program files\K2T
  92. 2009-12-22 13:37 . 2009-12-22 13:16 -------- d-----w- c:\users\Kacper\AppData\Roaming\XnView
  93. 2009-12-22 13:15 . 2009-12-22 13:15 -------- d-----w- c:\program files\XnView
  94. 2009-12-21 13:47 . 2009-12-21 13:47 37376 ----a-w- c:\users\Kacper\AppData\Roaming\Gadu-Gadu 10\_userdata\ggbho.2.dll
  95. 2009-12-21 13:47 . 2009-12-21 13:47 11776 ----a-w- c:\users\Kacper\AppData\Roaming\Gadu-Gadu 10\_userdata\npgg.2.dll
  96. 2009-12-17 14:02 . 2009-12-17 14:02 99152 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
  97. 2009-12-17 14:02 . 2009-12-17 14:02 133648 ----a-w- c:\windows\system32\VBoxNetFltNotify.dll
  98. 2009-12-17 14:02 . 2009-12-17 14:02 110096 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
  99. 2009-12-09 14:28 . 2009-10-06 16:15 -------- d-----w- c:\program files\Java
  100. 2009-12-06 13:56 . 2009-09-04 15:38 -------- d-----w- c:\users\Kacper\AppData\Roaming\Nowe Gadu-Gadu
  101. 2009-12-05 12:32 . 2009-09-04 16:38 108824 ----a-w- c:\users\Kacper\AppData\Local\GDIPFONTCACHEV1.DAT
  102. 2009-12-02 13:09 . 2009-12-02 13:09 -------- d-----w- c:\program files\GIMP-2.0
  103. 2009-12-02 12:39 . 2009-11-19 21:08 -------- d-----w- c:\program files\Microsoft Office 2010
  104. 2009-12-02 12:39 . 2009-09-10 17:17 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
  105. 2009-12-02 12:36 . 2009-09-04 16:06 -------- d-----w- c:\program files\Microsoft Visual Studio 8
  106. 2009-12-02 12:34 . 2009-11-24 16:57 -------- d-----w- c:\users\Kacper\AppData\Roaming\SoftGrid Client
  107. 2009-11-24 23:54 . 2009-09-04 15:39 1280480 ----a-w- c:\windows\system32\aswBoot.exe
  108. 2009-11-24 23:50 . 2009-09-04 15:39 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
  109. 2009-11-24 23:50 . 2009-09-04 15:39 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
  110. 2009-11-24 23:49 . 2009-09-04 15:39 53328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
  111. 2009-11-24 23:49 . 2009-09-04 15:39 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
  112. 2009-11-24 23:48 . 2009-09-04 15:40 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
  113. 2009-11-24 23:47 . 2009-09-04 15:39 97480 ----a-w- c:\windows\system32\AvastSS.scr
  114. 2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
  115. 2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
  116. .
  117.  
  118. ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
  119. .
  120. .
  121. *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
  122. REGEDIT4
  123.  
  124. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  125. "Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2009-09-24 434176]
  126. "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
  127. "Google Update"="c:\users\Kacper\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-01-17 135664]
  128.  
  129. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  130. "avast!"="c:\program files\Alwil Software\Avast4\ashDisp.exe" [2009-11-24 81000]
  131. "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
  132. "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
  133. "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
  134. "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-01-07 1394000]
  135.  
  136. c:\users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
  137. AQQ.lnk - c:\program files\WapSter\WapSter AQQ\AQQ.exe [2009-11-17 6807552]
  138.  
  139. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
  140. "ConsentPromptBehaviorAdmin"= 5 (0x5)
  141. "ConsentPromptBehaviorUser"= 3 (0x3)
  142. "EnableUIADesktopToggle"= 0 (0x0)
  143.  
  144. [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
  145. "aux"=wdmaud.drv
  146.  
  147. [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
  148. Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
  149.  
  150. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
  151. 2009-12-11 14:57 948672 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
  152.  
  153. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
  154. 2009-12-22 00:57 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
  155.  
  156. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdslTaskBar]
  157. 2008-04-23 08:30 167936 ----a-r- c:\windows\System32\stmctrl.dll
  158.  
  159. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
  160. 2009-04-24 03:05 203416 ----a-w- c:\program files\Alcohol Soft\Alcohol 52\AxCmd.exe
  161.  
  162. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ExprOElauncher]
  163. 2008-09-24 06:50 86016 ----a-w- c:\program files\ivo\Expressivo\integr\OutlookExpress\ExprOElauncher.exe
  164.  
  165. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IPLA!]
  166. 2009-10-13 13:21 6039960 ----a-w- c:\program files\ipla\ipla.exe
  167.  
  168. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nowe Gadu-Gadu]
  169. 2009-09-04 15:56 11391592 ----a-w- c:\program files\Nowe Gadu-Gadu\gg.exe
  170.  
  171. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
  172. 2009-10-09 12:11 25623336 ----a-r- c:\program files\Skype\Phone\Skype.exe
  173.  
  174. R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [04.09.2009 16:39 114768]
  175. R1 VBoxDrv;VirtualBox Service;c:\windows\System32\drivers\VBoxDrv.sys [29.01.2010 23:30 123280]
  176. R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\System32\drivers\VBoxUSBMon.sys [29.01.2010 23:30 41616]
  177. R2 AMD External Events Utility;AMD External Events Utility;c:\windows\System32\atiesrxx.exe [18.08.2009 01:36 176128]
  178. R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [04.09.2009 16:39 20560]
  179. R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [04.09.2009 16:39 53328]
  180. R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\System32\drivers\seehcri.sys [10.11.2009 16:37 27632]
  181. R3 Stmatm;ATM/ADSL miniport;c:\windows\System32\drivers\stmatm.sys [13.10.2009 19:42 60533]
  182. R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\System32\drivers\VBoxNetAdp.sys [17.12.2009 15:02 99152]
  183. R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\System32\drivers\VBoxNetFlt.sys [17.12.2009 15:02 110096]
  184. S0 sptd;sptd;c:\windows\System32\drivers\sptd.sys [04.09.2009 16:37 721904]
  185. S2 mkcp32;mkcp32;c:\windows\System32\srvany.exe [18.04.2003 18:06 8192]
  186. S2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [10.11.2009 16:37 90112]
  187. S2 WLMS;Windows Licensing Monitoring Service;c:\windows\System32\wlms\wlms.exe [14.07.2009 08:15 17920]
  188. S3 fssfltr;fssfltr;c:\windows\System32\drivers\fssfltr.sys [10.09.2009 18:18 54632]
  189. S3 fsssvc;Funkcja Bezpieczeństwo rodzinne usługi Windows Live;c:\program files\Windows Live\Family Safety\fsssvc.exe [05.08.2009 21:48 704864]
  190. S3 RTL8167;Realtek 8167 NT Driver;c:\windows\System32\drivers\Rt86win7.sys [01.03.2009 22:05 139776]
  191. S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\System32\drivers\s0016bus.sys [10.11.2009 16:37 89256]
  192. S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\System32\drivers\s0016mdfl.sys [10.11.2009 16:37 15016]
  193. S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\System32\drivers\s0016mdm.sys [10.11.2009 16:37 120744]
  194. S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\System32\drivers\s0016mgmt.sys [10.11.2009 16:37 114216]
  195. S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\System32\drivers\s0016nd5.sys [10.11.2009 16:37 25512]
  196. S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\System32\drivers\s0016obex.sys [10.11.2009 16:37 110632]
  197. S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\System32\drivers\s0016unic.sys [10.11.2009 16:37 115752]
  198. S3 TaurusUsb;ADSL Modem USB Service;c:\windows\System32\drivers\torususb.sys [13.10.2009 19:42 684672]
  199. .
  200. Zawartość folderu 'Zaplanowane zadania'
  201.  
  202. 2010-01-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-605776097-300395452-567341650-1001Core.job
  203. - c:\users\Kacper\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-17 20:25]
  204.  
  205. 2010-01-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-605776097-300395452-567341650-1001UA.job
  206. - c:\users\Kacper\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-17 20:25]
  207. .
  208. .
  209. ------- Skan uzupełniający -------
  210. .
  211. IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
  212. IE: E&xport to Microsoft Excel - c:\progra~1\MIC30F~1\Office14\EXCEL.EXE/3000
  213. IE: Se&nd to OneNote - /105
  214. FF - ProfilePath - c:\users\Kacper\AppData\Roaming\Mozilla\Firefox\Profiles\2yoj79em.Domyślny użytkownik\
  215. FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
  216. FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
  217. FF - plugin: c:\program files\Mozilla Firefox\plugins\npOGAPlugin.dll
  218. FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
  219. FF - plugin: c:\users\Kacper\AppData\Local\Google\Update\1.2.183.13\npGoogleOneClick8.dll
  220. FF - plugin: c:\users\Kacper\AppData\Roaming\Gadu-Gadu 10\_userdata\npgg.2.dll
  221.  
  222. ---- FIREFOX - SPOS�B POSTĘPOWANIA ----
  223. c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
  224. c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
  225. c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
  226. c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
  227. c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
  228. c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
  229. c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
  230. c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
  231. c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
  232. c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
  233. c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
  234. c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
  235. c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
  236. c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
  237. c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
  238. c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
  239. c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
  240. c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
  241. c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
  242. c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
  243. c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
  244. c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
  245. c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
  246. c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
  247. c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
  248. c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
  249. c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
  250. c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
  251. c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
  252. c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
  253. c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
  254. c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
  255. .
  256. - - - - USUNIĘTO PUSTE WPISY - - - -
  257.  
  258. HKLM-Run-GrooveMonitor - c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
  259. MSConfigStartUp-AMP WinOFF - c:\users\kacper\desktop\winoff\winoff.exe
  260. MSConfigStartUp-AQQ - c:\users\Kacper\Desktop\AQQ_PO~1\WAPSTE~1\AQQ.exe
  261. MSConfigStartUp-GrooveMonitor - c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
  262. MSConfigStartUp-mkam - c:\windows\csrss.exe
  263. MSConfigStartUp-msnmsgr - c:\program files\Windows Live\Messenger\msnmsgr.exe
  264.  
  265.  
  266.  
  267. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\mkcp32]
  268. "ImagePath"="C:\Windows/system32/srvany.exe"
  269. .
  270. --------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
  271.  
  272. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
  273. @Denied: (A) (Users)
  274. @Denied: (A) (Everyone)
  275. @Allowed: (B 1 2 3 4 5) (S-1-5-20)
  276. "BlindDial"=dword:00000000
  277.  
  278. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
  279. @Denied: (A) (Users)
  280. @Denied: (A) (Everyone)
  281. @Allowed: (B 1 2 3 4 5) (S-1-5-20)
  282. "BlindDial"=dword:00000000
  283.  
  284. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
  285. @Denied: (Full) (Everyone)
  286. .
  287. Czas ukończenia: 2010-01-31 13:27:32
  288. ComboFix-quarantined-files.txt 2010-01-31 12:27
  289.  
  290. Przed: 15�916�453�888 bajt�w wolnych
  291. Po: 17�753�894�912 bajt�w wolnych
  292.  
  293. - - End Of File - - 16884EF322CE41B28BFCC92E6F4BAF01
  294.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!