REKLAMA

ComboFix.txt

Zniknięcie składników Windows po instalacji Portel99SE - jak przywrócić?

Witam, mam problem z systemem a mianowicie, po zainstalowaniu oprogramowania Portel99SE zauważyłem, że zostały usunięte wszystkie standardowe składniki systemu Windows. Nie działa Paint, kalkulator, eksplorator Windows oraz inne. Domyślam się że spowodowane jest to działaniem złośliwego oprogramowania jednakże takiego nie zlokalizowałem za pomocą programu Dr Web. Zamieszczam log z ComboFixa oraz OTL i proszę o pomoc w zlokalizowaniu przyczyny.


Pobierz plik - link do postu

ComboFix 11-11-26.03 - Styku 2011-11-26 17:53:30.1.4 - x86
Microsoft Windows 7 Professional 6.1.7600.0.1250.48.1045.18.3566.2301 [GMT 1:00]
Uruchomiony z: c:\users\Styku\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Utworzono nowy punkt przywracania
.
.
((((((((((((((((((((((((((((((((((((((( Usuniêto )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Styku\AppData\Roaming\3v
.
.
((((((((((((((((((((((((( Pliki utworzone od 2011-10-26 do 2011-11-26 )))))))))))))))))))))))))))))))
.
.
2011-11-26 16:58 . 2011-11-26 16:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-11-26 16:45 . 2011-11-26 16:45 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4847F02A-9280-4029-93A7-1EEF3E8CF2CC}\offreg.dll
2011-11-24 12:46 . 2000-12-14 18:52 730112 ----a-w- c:\windows\system32\ProtelComponents50.bpl
2011-11-24 12:46 . 2000-12-14 18:52 800256 ----a-w- c:\windows\system32\CSRTL50.bpl
2011-11-24 12:46 . 1999-08-11 04:00 557568 ----a-w- c:\windows\system32\vcldb50.bpl
2011-11-24 12:46 . 1999-08-11 04:00 248832 ----a-w- c:\windows\system32\vclx50.bpl
2011-11-24 12:46 . 1999-08-11 04:00 2020864 ----a-w- c:\windows\system32\vcl50.bpl
2011-11-24 12:43 . 2011-11-24 12:44 -------- d-----w- C:\pl
2011-11-23 13:15 . 2011-11-23 13:15 -------- d-----w- c:\programdata\McAfee
2011-11-23 13:15 . 2011-11-23 13:15 -------- d-----w- c:\programdata\McAfee Security Scan
2011-11-23 13:15 . 2011-11-23 13:15 -------- d-----w- c:\program files\McAfee Security Scan
2011-11-23 09:40 . 2011-11-23 09:40 -------- d-----w- c:\program files\HI-TECH Software
2011-11-23 09:38 . 2011-11-23 09:38 -------- d-----w- c:\windows\system32\cvirte
2011-11-22 13:45 . 2011-11-23 10:38 -------- d-----w- C:\Przerzutnik
2011-11-17 17:52 . 2011-11-17 17:52 -------- d-----w- c:\program files\Common Files\Java
2011-11-07 07:35 . 2011-11-07 07:35 -------- d-----w- c:\program files\Hewlett-Packard
2011-11-05 20:27 . 2011-11-05 20:27 -------- d-----w- c:\program files\Muzyczne Radio Player
2011-11-04 14:43 . 2009-10-10 02:57 12800 ----a-w- c:\windows\system32\drivers\sffp_sd.sys
2011-11-04 14:43 . 2009-10-10 02:31 84992 ----a-w- c:\windows\system32\drivers\sdbus.sys
2011-11-04 14:42 . 2011-02-19 05:32 1074176 ----a-w- c:\windows\system32\DWrite.dll
2011-11-04 14:42 . 2011-02-19 05:33 802304 ----a-w- c:\windows\system32\FntCache.dll
2011-11-04 14:42 . 2011-02-19 05:32 739840 ----a-w- c:\windows\system32\d2d1.dll
2011-11-04 14:24 . 2011-11-04 14:24 -------- d-----w- c:\program files\Cisco
2011-11-04 14:24 . 2009-11-11 08:54 583680 ----a-w- c:\windows\system32\drivers\rtl8192su.sys
2011-11-04 14:24 . 2009-04-02 02:27 188416 ----a-w- c:\windows\system32\RTLExtUI.dll
2011-11-04 14:24 . 2009-04-02 02:27 188416 ----a-w- c:\windows\RTLExtUI.dll
2011-11-04 14:24 . 2009-03-31 06:31 380928 ----a-w- c:\windows\system32\RtlUI2.exe
2011-11-04 14:24 . 2009-03-31 06:31 380928 ----a-w- c:\windows\RtlUI2.exe
2011-11-04 14:24 . 2008-07-01 04:31 614400 ----a-w- c:\windows\system32\Rtlihvs.dll
2011-11-04 14:24 . 2008-07-01 04:31 614400 ----a-w- c:\windows\Rtlihvs.dll
2011-11-04 14:24 . 2009-02-05 01:49 451072 ----a-w- c:\windows\system32\ISSRemoveSP.exe
2011-11-04 14:17 . 2011-11-04 14:17 -------- d-----w- c:\windows\PCHEALTH
2011-11-04 14:17 . 2011-11-04 14:17 -------- d-----w- c:\program files\Microsoft.NET
2011-11-04 14:15 . 2011-11-04 14:15 -------- d-----w- c:\program files\Microsoft Analysis Services
2011-11-04 14:15 . 2011-11-04 14:19 -------- d-----w- c:\programdata\Microsoft Help
2011-11-04 14:14 . 2011-11-04 14:14 -------- d-----r- C:\MSOCache
2011-11-04 14:03 . 2011-11-04 14:03 -------- d-----w- c:\windows\Tapety
2011-11-04 13:59 . 2011-11-04 13:59 -------- d-----r- c:\program files\Skype
2011-11-04 13:59 . 2011-11-04 13:59 -------- d-----w- c:\programdata\Skype
2011-11-04 13:47 . 2011-11-10 10:52 -------- d-----w- c:\program files\IrfanView
2011-11-04 13:46 . 2011-11-04 13:46 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2011-11-04 13:40 . 2011-11-04 13:40 -------- d-----w- c:\windows\system32\IOSUBSYS
2011-11-04 13:40 . 2011-11-04 13:40 -------- d-----w- c:\program files\Google
2011-11-04 13:37 . 2011-11-04 13:37 -------- d-----w- c:\program files\Common Files\Adobe
2011-11-04 13:30 . 2011-11-04 13:30 -------- d-----w- c:\program files\foobar2000
2011-11-04 13:26 . 2011-11-04 13:26 -------- d-----w- c:\programdata\ashampoo
2011-11-04 13:26 . 2011-11-04 13:26 -------- d-----w- c:\program files\Ashampoo
2011-11-04 13:25 . 2011-11-13 21:48 -------- d-----w- c:\program files\NAPI-PROJEKT
2011-11-04 13:25 . 2010-03-15 09:31 165376 ----a-w- c:\windows\system32\unrar.dll
2011-11-04 13:25 . 2008-09-24 18:41 839680 ----a-w- c:\windows\system32\lameACM.acm
2011-11-04 13:25 . 2010-06-28 08:00 108032 ----a-w- c:\windows\system32\ff_vfw.dll
2011-11-04 13:25 . 2010-06-08 16:10 790528 ----a-w- c:\windows\system32\xvidcore.dll
2011-11-04 13:25 . 2010-06-08 16:10 134144 ----a-w- c:\windows\system32\xvidvfw.dll
2011-11-04 13:25 . 2010-01-17 15:18 151552 ----a-w- c:\windows\system32\ac3acm.acm
2011-11-04 13:25 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2011-11-04 13:25 . 2011-11-04 13:25 -------- d-----w- c:\program files\K-Lite Codec Pack
2011-11-04 12:22 . 2011-11-04 12:22 -------- d-----w- c:\programdata\ATI
2011-11-04 12:12 . 2011-11-04 12:13 -------- d-----w- c:\program files\ATI Technologies
2011-11-04 12:12 . 2011-11-04 12:12 -------- d-----w- c:\program files\ATI
2011-11-04 11:54 . 2011-11-04 11:54 -------- d-----w- c:\program files\Apoint
2011-11-04 11:51 . 2010-09-15 12:53 1461992 ----a-w- c:\windows\system32\WdfCoinstaller01009.dll
2011-11-04 11:51 . 2010-09-15 12:53 109122 ----a-w- c:\windows\system32\Vxdif.dll
2011-11-04 11:51 . 2010-09-15 12:52 254072 ----a-w- c:\windows\system32\drivers\Apfiltr.sys
2011-11-04 11:49 . 2010-09-15 13:34 1245696 ----a-w- c:\windows\system32\drivers\athr.sys
2011-11-04 11:48 . 2010-09-15 12:31 9344 ----a-w- c:\windows\system32\drivers\SFEP.sys
2011-11-04 11:46 . 2010-09-15 13:23 132480 ----a-w- c:\windows\system32\drivers\Impcd.sys
2011-11-04 11:41 . 2010-09-15 12:47 18728 ----a-w- c:\windows\system32\drivers\btwrchid.sys
2011-11-04 11:41 . 2010-09-15 12:47 88616 ----a-w- c:\windows\system32\drivers\btwaudio.sys
2011-11-04 11:41 . 2010-09-15 12:47 294952 ----a-w- c:\windows\system32\drivers\btwampfl.sys
2011-11-04 11:41 . 2010-09-15 12:47 111144 ----a-w- c:\windows\system32\drivers\btwavdt.sys
2011-11-04 11:41 . 2010-09-15 12:44 33320 ----a-w- c:\windows\system32\drivers\btwl2cap.sys
2011-11-04 11:40 . 2011-11-04 11:40 -------- d-----w- c:\program files\WIDCOMM
2011-11-04 11:38 . 2010-09-15 13:23 53248 ----a-w- c:\windows\system32\CSVer.dll
2011-11-04 11:38 . 2010-09-15 12:49 2622496 ----a-w- c:\windows\system32\RtkHDMI.dll
2011-11-04 11:38 . 2010-09-15 12:49 183584 ----a-w- c:\windows\system32\drivers\RtHDMIV.sys
2011-11-04 11:38 . 2010-09-15 12:49 73928 ----a-w- c:\windows\system32\RTEEL32H.dll
2011-11-04 11:38 . 2010-09-15 12:49 62664 ----a-w- c:\windows\system32\RTEEG32H.dll
2011-11-04 11:38 . 2010-09-15 12:49 355528 ----a-w- c:\windows\system32\RTEEP32H.dll
2011-11-04 11:38 . 2010-09-15 12:49 168648 ----a-w- c:\windows\system32\RTEED32H.dll
2011-11-04 11:38 . 2010-09-15 12:49 1640480 ----a-w- c:\windows\system32\RHDMIExt.dll
2011-11-04 11:38 . 2010-09-15 12:49 57376 ----a-w- c:\windows\system32\RHCoInst.dll
2011-11-04 11:38 . 2010-09-15 12:49 293600 ----a-w- c:\windows\system32\RH3DHT32.dll
2011-11-04 11:38 . 2010-09-15 12:49 293600 ----a-w- c:\windows\system32\RH3DAA32.dll
2011-11-04 11:30 . 2010-09-15 13:25 57856 ----a-w- c:\windows\system32\drivers\risdsne86.sys
2011-11-04 11:30 . 2011-11-04 11:30 -------- d-----w- c:\program files\DIFX
2011-11-04 11:29 . 2010-09-15 13:25 626688 ----a-w- c:\windows\snymsico.dll
2011-11-04 11:29 . 2010-09-15 13:25 74752 ----a-w- c:\windows\system32\drivers\rimssne86.sys
2011-11-04 11:10 . 2011-11-04 11:10 -------- d-----w- c:\program files\Mail.Ru
2011-11-04 10:58 . 2011-11-04 10:58 0 ----a-w- c:\windows\ativpsrm.bin
2011-11-04 10:57 . 2010-03-19 15:39 59904 ----a-w- c:\windows\system32\drivers\risdpe86.sys
2011-11-04 10:57 . 2009-10-26 13:39 48640 ----a-w- c:\windows\system32\drivers\rimspe86.sys
2011-11-04 10:57 . 2009-05-28 17:24 196608 ----a-w- c:\windows\system32\RiSDIcon.dll
2011-11-04 10:57 . 2009-05-28 17:24 188416 ----a-w- c:\windows\system32\RiMMCIcon.dll
2011-11-04 10:57 . 2004-09-04 02:00 90112 ----a-w- c:\windows\system32\snymsico.dll
2011-11-04 10:46 . 2011-11-04 10:52 -------- d-----w- c:\program files\RadarSync
2011-11-04 10:14 . 2011-11-04 12:40 -------- d-----w- c:\program files\Intel
2011-11-04 10:14 . 2011-11-04 10:14 -------- d-----w- C:\Intel
2011-11-04 10:13 . 2011-11-04 10:13 -------- d-----w- c:\program files\Marvell
2011-11-04 09:58 . 2011-11-04 10:03 -------- d-----w- c:\windows\system32\RTCOM
2011-11-04 09:44 . 2011-11-04 11:44 -------- d--h--w- c:\program files\Temp
2011-11-04 09:44 . 2011-08-31 18:12 1698408 ----a-w- c:\windows\RtlExUpd.dll
2011-11-04 09:13 . 2011-11-04 09:13 -------- d-----w- c:\windows\system32\Wat
2011-11-04 06:10 . 2009-09-10 05:52 257024 ----a-w- c:\windows\system32\msv1_0.dll
2011-11-04 06:07 . 2009-11-25 11:47 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-11-04 06:07 . 2009-11-25 11:47 49472 ----a-w- c:\windows\system32\netfxperf.dll
2011-11-04 06:07 . 2009-11-25 11:47 297808 ----a-w- c:\windows\system32\mscoree.dll
2011-11-04 06:07 . 2009-11-25 11:47 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2011-11-04 06:07 . 2009-11-25 11:47 1130824 ----a-w- c:\windows\system32\dfshim.dll
2011-11-04 05:58 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe
2011-11-04 05:57 . 2010-03-04 04:04 146304 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2011-11-04 05:57 . 2010-03-04 03:57 190976 ----a-w- c:\windows\system32\drivers\ks.sys
2011-11-04 05:56 . 2010-09-14 06:07 276992 ----a-w- c:\windows\system32\wcncsvc.dll
2011-11-04 05:45 . 2010-06-29 05:02 1413632 ----a-w- c:\windows\system32\ole32.dll
2011-11-04 05:45 . 2010-06-29 04:57 4247040 ----a-w- c:\program files\Windows NT\Accessories\wordpad.exe
2011-11-04 05:45 . 2009-09-26 05:58 194488 ----a-w- c:\windows\system32\drivers\fvevol.sys
2011-11-04 05:45 . 2011-04-29 02:57 311296 ----a-w- c:\windows\system32\drivers\srv.sys
2011-11-04 05:45 . 2011-04-29 02:57 309760 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-11-04 05:45 . 2011-04-29 02:57 114176 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-11-04 05:45 . 2011-04-25 02:35 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2011-11-04 05:45 . 2010-08-21 05:32 316928 ----a-w- c:\windows\system32\spoolsv.exe
2011-11-04 05:45 . 2011-02-18 05:36 428032 ----a-w- c:\windows\system32\vbscript.dll
2011-11-04 05:45 . 2011-02-18 05:33 31232 ----a-w- c:\windows\system32\prevhost.exe
2011-11-04 05:43 . 2011-05-24 10:35 294912 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-11-04 05:42 . 2011-09-06 02:38 2332672 ----a-w- c:\windows\system32\win32k.sys
2011-11-04 05:41 . 2011-07-16 04:37 169984 ----a-w- c:\windows\system32\winsrv.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-14 13:58 . 2011-09-14 13:58 319264 ----a-w- c:\windows\system32\drivers\yk62x86.sys
2011-09-14 10:47 . 2011-09-14 10:47 53760 ----a-w- c:\windows\system32\OVDecode.dll
2011-09-14 10:47 . 2011-09-14 10:47 43520 ----a-w- c:\windows\system32\OpenCL.dll
2011-09-14 10:46 . 2011-09-14 10:46 13625856 ----a-w- c:\windows\system32\amdocl.dll
2011-09-14 10:38 . 2011-09-14 10:38 37376 ----a-w- c:\windows\system32\amdoclcl.dll
2011-06-22 10:44 . 2011-06-22 10:44 158720 ----a-w- c:\program files\internet explorer\plugins\LV2011ActiveXControl.dll
2008-12-10 13:50 . 2008-12-10 13:50 118784 ----a-w- c:\program files\internet explorer\plugins\LV86ActiveXControl.dll
2010-10-19 17:15 . 2010-10-19 17:15 158720 ----a-w- c:\program files\internet explorer\plugins\LV90ActiveXControl.dll
2011-11-09 18:41 . 2011-11-04 05:43 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyœlne, prawid³owe wpisy nie s¹ pokazane
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
" HW_OPENEYE_OUC_PLAY ONLINE " = " c:\program files\PLAY ONLINE\UpdateDog\ouc.exe " [2009-04-14 110592]
" Gadu-Gadu 10 " = " c:\program files\Gadu-Gadu 10\gg.exe " [2011-07-04 13374048]
" Skype " = " c:\program files\Skype\Phone\Skype.exe " [2011-10-13 17351304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
" RtHDVBg_Dolby " = " c:\program files\Realtek\Audio\HDA\RtHDVBg.exe " [2010-02-26 678432]
" RtHDVCpl " = " c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe " [2010-02-26 8120864]
" Apoint " = " c:\program files\Apoint\Apoint.exe " [2010-09-15 177448]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-6-8 828704]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
" ConsentPromptBehaviorAdmin " = 0 (0x0)
" ConsentPromptBehaviorUser " = 3 (0x3)
" EnableLUA " = 0 (0x0)
" EnableUIADesktopToggle " = 0 (0x0)
" PromptOnSecureDesktop " = 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
" mixer2 " =wdmaud.drv
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
backup=c:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NI Error Reporting.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\NI Error Reporting.lnk
backup=c:\windows\pss\NI Error Reporting.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-03-30 04:59 937920 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-09-07 22:58 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DrvUpdater]
2011-04-28 08:27 192856 ----a-w- c:\users\Styku\AppData\Roaming\DRPSu\DrvUpdater.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NI Update Service]
2011-06-07 11:41 3002976 ----a-w- c:\program files\National Instruments\Shared\Update Service\NIUpdateService.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NIRegistrationWizard]
2010-06-21 13:53 846520 ----a-w- c:\program files\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2010-02-09 00:07 98304 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-06-09 12:06 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
R2 HWDeviceService.exe;HWDeviceService.exe;c:\programdata\DatacardService\HWDeviceService.exe [2010-11-16 264704]
R2 risdpcie;risdpcie;c:\windows\system32\DRIVERS\risdpe86.sys [2010-03-19 59904]
R3 AIDA32Driver;AIDA32Driver;c:\users\Styku\Desktop\aida\aida32.sys [x]
R3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-09-15 5091328]
R3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-10-08 157184]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 102784]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [2010-08-31 208896]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 PortTalk;PortTalk;c:\windows\system32\Drivers\PortTalk.sys [2002-01-12 3567]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [2009-11-11 583680]
R3 WatAdminSvc;Us³uga Technologie aktywacji systemu Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-11-04 1343400]
R4 Realtek11nSU;Realtek11nSU;c:\program files\Realtek\11n USB Wireless LAN Utility\RtlService.exe [2009-12-07 40960]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-09-15 172032]
S2 NIApplicationWebServer;NI Application Web Server;c:\program files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [2011-05-27 50336]
S2 nimDNSResponder;National Instruments mDNS Responder Service;c:\program files\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [2011-06-01 194224]
S2 NINetworkDiscovery;NI Network Discovery;c:\program files\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe [2011-06-10 121032]
S2 rimspci;rimspci;c:\windows\system32\DRIVERS\rimssne86.sys [2010-09-15 74752]
S2 risdsnpe;risdsnpe;c:\windows\system32\DRIVERS\risdsne86.sys [2010-09-15 57856]
S3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-09-15 294952]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-09-15 33320]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [2010-10-09 72576]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-09-15 132480]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2010-09-15 9344]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2011-09-14 319264]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
.
------- Skan uzupe³niaj¹cy -------
.
uStart Page = hxxp://www.mail.ru/cnt/9134
IE: Add to Google Photos Screensa & ver - c:\windows\system32\GPhotos.scr/200
IE: E & ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Wyœlij & do programu OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1 0.0.0.0
TCP: Interfaces\{43051C93-980E-44FC-AA0F-38187D151A13}: NameServer = 89.108.195.20 217.17.34.10
TCP: Interfaces\{A40B5800-F1E5-4357-9FCC-154942557917}: NameServer = 89.108.195.20 217.17.34.10
TCP: Interfaces\{B6B836E7-C206-4915-9DE5-C840AA7E8AC0}: NameServer = 89.108.195.21 217.17.34.10
FF - ProfilePath - c:\users\Styku\AppData\Roaming\Mozilla\Firefox\Profiles\tqjqnq7q.default\
FF - prefs.js: browser.startup.homepage - www.google.pl
.
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
" BlindDial " =dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
" BlindDial " =dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
" BlindDial " =dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
" BlindDial " =dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Pliki DLL ³adowane pod uruchomionymi procesami ---------------------
.
- - - - - - - & gt; 'Explorer.exe'(1268)
c:\program files\WIDCOMM\Bluetooth Software\btmmhook.dll
.
Czas ukoñczenia: 2011-11-26 18:01:10
ComboFix-quarantined-files.txt 2011-11-26 17:01
.
Przed: 77 064 556 544 bajtów wolnych
Po: 77 774 340 096 bajtów wolnych
.
- - End Of File - - 697925FE9E2FDE5580BD3A4A784D1D94