wklejto.pl

Dodane przez: ~Anonim (2009-02-09 19:52) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
241.
242.
243.
244.
245.
246.
247.
248.
249.
250.
251.
252.
253.
254.
255.
256.
257.
258.
259.
260.
261.
262.
263.
264.
265.
266.
267.
268.
269.
270.
271.
272.
273.
274.
275.
276.
277.
278.
279.
280.
281.
282.
283.
284.
285.
286.
287.
288.
289.
290.
291.
292.
293.
294.
295.
296.
297.
298.
299.
300.
301.
302.
303.
304.
305.
306.
307.
308.
309.
310.
311.
312.
313.
314.
315.
316.
317.
318.
319.
320.
321.
322.
323.
324.
ComboFix 09-02-08.02 - Jurek 2009-02-09 19:19:54.2 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.2.1250.1.1045.18.2046.1098 [GMT 1:00]
Uruchomiony z: c:\documents and settings\Jurek\Pulpit\rokit\ComboFix.exe
AV: Spyware Doctor with AntiVirus *On-access scanning enabled* (Updated)
AV: Symantec AntiVirus Corporate Edition *On-access scanning disabled* (Updated)
.
 
(((((((((((((((((((((((((   Pliki utworzone od 2009-01-09 do 2009-02-09  )))))))))))))))))))))))))))))))
.
 
2009-02-09 17:24 . 2009-02-09 17:24     <DIR>   d--------       c:\program files\Malwarebytes' Anti-Malware
2009-02-09 17:24 . 2009-01-14 16:11     38,496  --a------       c:\windows\system32\drivers\mbamswissarmy.sys
2009-02-09 17:24 . 2009-01-14 16:11     15,504  --a------       c:\windows\system32\drivers\mbam.sys
2009-02-09 17:19 . 2009-02-09 17:23     7,250,455       --a------       c:\windows\system32\IDERFCKGZPUJJU
2009-02-09 16:54 . 2009-02-09 16:54     0       --a------       c:\windows\system32\YTOGJMLUOWXMS
2009-02-09 16:00 . 2009-02-09 16:57     16      --a------       c:\windows\pop.htm
2009-02-08 14:05 . 2009-02-08 14:05     <DIR>   d--------       c:\program files\EA GAMES
2009-02-08 12:09 . 2009-02-06 20:51     24,064  --a------       c:\windows\system32\jwtch32.exe
2009-02-08 12:09 . 2009-02-08 12:09     5,632   --a------       c:\windows\system32\otmspr.exe
2009-02-07 14:19 . 2009-02-07 14:19     <DIR>   d--------       c:\program files\1C Publishing EU
2009-02-06 11:31 . 2009-02-06 11:31     <DIR>   d--------       c:\program files\XTB-Trader 4 PLN
2009-02-05 12:58 . 2009-02-05 12:58     18,432  --a------       c:\windows\system32\drivers\prcmondrv1041.sys
2009-02-05 09:34 . 2009-02-05 09:34     <DIR>   d--------       c:\documents and settings\Jurek\Dane aplikacji\Babylon
2009-02-05 09:34 . 2009-02-05 09:34     <DIR>   d--------       c:\documents and settings\All Users\Dane aplikacji\Babylon
2009-02-05 08:33 . 2009-02-05 08:33     <DIR>   d--------       c:\documents and settings\All Users\Dane aplikacji\Fugazo
2009-02-05 08:32 . 2009-02-05 08:32     <DIR>   d--------       c:\windows\Cooking Academy 2 World Cuisine
2009-02-05 08:32 . 2009-02-05 12:10     <DIR>   d--------       c:\program files\Cooking Academy 2 World Cuisine
2009-02-03 12:32 . 2009-02-03 12:32     <DIR>   d--------       c:\program files\MSECache
2009-02-02 12:27 . 2009-02-02 12:27     <DIR>   d--------       c:\documents and settings\Jurek\Dane aplikacji\Nokia Multimedia Player
2009-01-31 12:21 . 2009-01-31 12:21     21,512  --a------       c:\windows\system32\drivers\pxscan.sys
2009-01-30 14:02 . 2009-01-30 14:02     <DIR>   d--------       c:\program files\WorldOfGoo
2009-01-30 14:02 . 2009-01-30 14:02     <DIR>   d--------       c:\documents and settings\All Users\Dane aplikacji\2DBoy
2009-01-30 12:09 . 2009-01-30 12:09     <DIR>   d--------       c:\program files\QXL Poland
2009-01-25 17:44 . 2009-02-09 16:14     <DIR>   d--------       c:\program files\AskBarDis
2009-01-23 16:23 . 2009-01-23 16:23     <DIR>   d--------       c:\documents and settings\Jurek\Dane aplikacji\Datalayer
2009-01-23 16:11 . 2009-01-23 16:11     <DIR>   d--------       c:\program files\Common Files\PCSuite
2009-01-23 16:11 . 2009-01-23 16:11     <DIR>   d--------       c:\program files\Common Files\Nokia
2009-01-23 15:57 . 2009-01-23 15:57     0       --ah-----       c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-01-23 15:57 . 2009-01-23 15:57     0       --ah-----       c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-01-23 15:56 . 2008-03-21 13:57     14,640  ---------       c:\windows\system32\spmsgXP_2k3.dll
2009-01-23 09:33 . 2009-01-23 09:33     <DIR>   d--------       c:\program files\GFI
2009-01-21 13:22 . 2009-01-25 17:57     <DIR>   d--------       c:\program files\Advanced Registry Optimizer
2009-01-20 23:01 . 2009-01-20 23:01     <DIR>   d--------       c:\documents and settings\LocalService\Pulpit
2009-01-17 09:40 . 2009-02-08 13:30     <DIR>   d--------       c:\documents and settings\All Users\Dane aplikacji\Google Updater
2009-01-15 22:20 . 2009-01-15 22:20     <DIR>   d--------       c:\program files\Bethesda Softworks
2009-01-15 22:20 . 2009-02-08 08:49     <DIR>   d--------       c:\documents and settings\All Users\Dane aplikacji\Fallout3
2009-01-14 15:30 . 2009-01-31 17:09     <DIR>   d--------       c:\program files\SpeedFan
2009-01-14 15:30 . 2009-01-14 15:30     45      --a------       c:\windows\system32\initdebug.nfo
2009-01-12 19:49 . 2009-02-08 23:44     <DIR>   d--------       c:\program files\Crayon Physics Deluxe
2009-01-12 19:49 . 2009-01-12 20:21     <DIR>   d--------       c:\documents and settings\Jurek\Dane aplikacji\Crayon Physics Deluxe
2009-01-11 21:51 . 2009-01-11 21:51     <DIR>   d--------       c:\program files\PC Connectivity Solution
2009-01-11 21:50 . 2008-09-15 07:29     1,112,288       --a------       c:\windows\system32\wdfcoinstaller01007.dll
2009-01-11 21:50 . 2008-09-15 07:56     659,968 --a------       c:\windows\system32\nmwcdcocls.dll
2009-01-11 21:50 . 2008-09-15 07:56     22,016  --a------       c:\windows\system32\drivers\ccdcmbo.sys
2009-01-11 21:50 . 2008-09-15 07:56     17,664  --a------       c:\windows\system32\drivers\ccdcmb.sys
2009-01-11 21:50 . 2008-09-15 07:56     8,064   --a------       c:\windows\system32\drivers\usbser_lowerflt.sys
 
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-09 18:15        ---------       d---a-w c:\documents and settings\All Users\Dane aplikacji\TEMP
2009-02-09 18:15        ---------       d-----w c:\program files\Symantec AntiVirus
2009-02-09 17:56        ---------       d-----w c:\documents and settings\Jurek\Dane aplikacji\Skype
2009-02-09 16:43        ---------       d-----w c:\program files\SuperAdBlocker.com
2009-02-09 16:38        ---------       d-----w c:\program files\Common Files\Wise Installation Wizard
2009-02-09 16:01        ---------       d-----w c:\documents and settings\Jurek\Dane aplikacji\uTorrent
2009-02-09 16:00        ---------       d--h--w c:\program files\InstallShield Installation Information
2009-02-09 15:59        ---------       d-----w c:\documents and settings\All Users\Dane aplikacji\PrevxCSI
2009-02-09 15:52        ---------       d-----w c:\documents and settings\All Users\Dane aplikacji\Spybot - Search & Destroy
2009-02-09 14:22        ---------       d-----w c:\program files\DC++
2009-02-09 13:20        ---------       d-----w c:\program files\Spyware Doctor
2009-02-08 19:14        ---------       d-----w c:\program files\eMule
2009-02-08 13:58        ---------       d-----w c:\program files\City Interactive
2009-02-06 06:38        ---------       d-----w c:\program files\AGEIA Technologies
2009-02-05 11:35        ---------       d-----w c:\program files\Lavasoft
2009-02-05 11:23        ---------       d-----w c:\documents and settings\All Users\Dane aplikacji\Lavasoft
2009-02-05 11:09        ---------       d-----w c:\program files\CCleaner
2009-02-05 08:14        ---------       d-----w c:\program files\IE New Window Maximizer
2009-02-03 11:30        ---------       d-----w c:\documents and settings\All Users\Dane aplikacji\Microsoft Help
2009-01-23 15:11        ---------       d-----w c:\program files\Nokia
2009-01-23 15:11        ---------       d-----w c:\program files\DIFX
2009-01-23 15:10        ---------       d-----w c:\documents and settings\All Users\Dane aplikacji\Installations
2009-01-21 17:03        ---------       d-----w c:\program files\Google
2009-01-09 22:29        ---------       d-----w c:\program files\GaduGadu
2009-01-09 12:55        ---------       d-----w c:\program files\NAPI-PROJEKT
2009-01-06 22:43        ---------       d-----w c:\program files\Common Files\PC Tools
2009-01-06 22:21        805     ----a-w c:\windows\system32\drivers\SYMEVENT.INF
2009-01-06 22:21        8,014   ----a-w c:\windows\system32\drivers\SYMEVENT.CAT
2009-01-06 22:21        48,768  ----a-w c:\windows\system32\S32EVNT1.DLL
2009-01-06 22:21        110,952 ----a-w c:\windows\system32\drivers\SYMEVENT.SYS
2009-01-06 22:21        ---------       d-----w c:\program files\Symantec
2009-01-06 22:21        ---------       d-----w c:\program files\Common Files\Symantec Shared
2009-01-06 22:21        ---------       d-----w c:\documents and settings\All Users\Dane aplikacji\Symantec
2009-01-01 15:27        ---------       d-----w c:\program files\Electronic Arts
2008-12-31 12:12        230,664 ----a-w c:\windows\system32\PDBoot.exe
2008-12-25 23:08        453,152 ----a-w c:\windows\system32\nvudisp.exe
2008-12-23 20:58        453,152 ----a-w c:\windows\system32\NVUNINST.EXE
2008-12-22 07:29        ---------       d-----w c:\documents and settings\Jurek\Dane aplikacji\Malwarebytes
2008-12-22 07:29        ---------       d-----w c:\documents and settings\All Users\Dane aplikacji\Malwarebytes
2008-12-19 08:17        ---------       d-----w c:\documents and settings\Jurek\Dane aplikacji\skypePM
2008-12-16 18:38        ---------       d-----w c:\program files\Common Files\BinarySense
2008-12-16 17:29        ---------       d-----w c:\program files\Activision
2008-12-16 17:09        ---------       d-----w c:\program files\Simpli Software
2008-12-13 07:32        ---------       d-----w c:\program files\KYE
2008-12-13 07:32        ---------       d-----w c:\program files\Common Files\snpstd2
2008-12-11 14:09        ---------       d-----w c:\documents and settings\Jurek\Dane aplikacji\Uniblue
2008-12-11 14:09        ---------       d-----w c:\documents and settings\All Users\Dane aplikacji\DriverScanner
2008-12-11 14:08        ---------       d-----w c:\program files\Uniblue
2008-12-11 13:07        ---------       dc-h--w c:\documents and settings\All Users\Dane aplikacji\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}
2008-12-11 12:58        ---------       d-----w c:\program files\Reference Assemblies
2008-12-11 12:58        ---------       d-----w c:\program files\MSBuild
2008-12-11 12:54        ---------       d-----w c:\program files\MSXML 6.0
2008-12-11 11:57        333,184 ----a-w c:\windows\system32\drivers\srv.sys
2008-12-11 11:34        ---------       d-----w c:\program files\Konnekt
2008-12-11 11:10        ---------       dc-h--w c:\documents and settings\All Users\Dane aplikacji\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
2008-12-10 08:45        70,936  ----a-w c:\windows\system32\PhysXLoader.dll
2008-12-04 08:28        24,344  ----a-w c:\windows\system32\PhysXDevice.dll
2008-11-26 07:55        288,024 ----a-w c:\windows\system32\PhysXCplUI.exe
2008-11-25 07:38        288,024 ----a-w c:\windows\system32\PhysXCompatCplUI.exe
2008-11-15 17:52        111,928 ----a-w c:\windows\system32\PnkBstrB.exe
2008-11-12 07:16        682,280 ----a-w c:\windows\system32\pbsvc.exe
2008-11-12 07:16        22,328  ----a-w c:\documents and settings\Jurek\Dane aplikacji\PnkBstrK.sys
2008-02-04 17:59        1       ----a-w c:\documents and settings\Jurek\SI.bin
.
 
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domylne, prawidowe wpisy nie s pokazane  
REGEDIT4
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2007-11-17 171464]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]
"IE New Window Maximizer"="c:\program files\IE New Window Maximizer\iemaximizer.exe" [2005-02-08 356352]
"SpybotSD TeaTimer"="c:\program files\Spybot\TeaTimer.exe" [2008-09-16 1833296]
"Gadu-Gadu"="c:\program files\GaduGadu\gg.exe" [2008-03-20 2127296]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-10-23 202024]
"GAINWARD"="c:\program files\EXPERTool\TBPanel.exe" [2008-05-23 2170880]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-11-18 21633320]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-17 39408]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-15 13680640]
"Gainward"="c:\windows\TBPanel.exe" [2007-10-12 2189864]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-03-28 413696]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-10 136600]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"SNPSTD2"="c:\windows\vsnpstd2.exe" [2004-06-10 286720]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2007-05-29 52840]
"vptray"="c:\progra~1\SYMANT~1\VPTray.exe" [2007-10-07 125368]
"PCSuiteTrayApplication"="c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2006-11-08 222208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-01-15 86016]
"Microsoft netswitch"="c:\windows\system32\jwtch32.exe" [2009-02-06 24064]
"RTHDCPL"="RTHDCPL.EXE" [2006-11-14 c:\windows\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 c:\windows\SkyTel.exe]
"CTHelper"="CTHELPER.EXE" [2006-08-17 c:\windows\CTHELPER.EXE]
"CTxfiHlp"="CTXFIHLP.EXE" [2006-08-17 c:\windows\system32\CTXFIHLP.EXE]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-10-10 c:\windows\KHALMNPR.Exe]
"nwiz"="nwiz.exe" [2009-01-15 c:\windows\system32\nwiz.exe]
 
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]
"PcSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-11-09 1634304]
 
c:\documents and settings\Jurek\Menu Start\Programy\Autostart\
Ustawienia myszy i klawiatury firmy Logitech.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2008-12-16 809488]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-11-07 16:41 72208 c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.ac3filter"= ac3filter.acm
 
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute     REG_MULTI_SZ    PDBoot.exe\[u]0[/u]autocheck autochk *
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
--a------ 2007-09-20 08:51 1836328 c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2007-03-01 14:57 153136 c:\program files\Common Files\Nero\Lib\NeroCheck.exe
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
--a------ 2007-08-07 01:05 200704 c:\program files\PowerISO\PWRISOVM.EXE
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-03-28 22:37 413696 c:\program files\QuickTime\QTTask.exe
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
--a------ 2008-08-04 00:02 36352 c:\program files\Winamp\winampa.exe
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a------ 2009-01-15 08:19 1657376 c:\windows\system32\nwiz.exe
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"LBTServ"=3 (0x3)
 
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
 
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\totalcmd\\TOTALCMD.EXE"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"e:\\gry\\conflict\\ConflictDeniedOps.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\GaduGadu\\gg.exe"=
"e:\\Torrenty\\Left.4.Dead.Full-Rip.Skullptura\\Left 4 Dead\\left4dead.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\DC++\\DCPlusPlus.exe"=
"c:\\Program Files\\Electronic Arts\\Dead Space\\Dead Space.exe"=
"c:\\WINDOWS\\system32\\otmspr.exe"=
"c:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
 
R0 pxscan;pxscan;c:\windows\system32\drivers\pxscan.sys [2009-01-31 21512]
R0 Si3531;SiI-3531 SATA Controller;c:\windows\system32\drivers\Si3531.sys [2007-11-27 204080]
R1 pctfw2;pctfw2;c:\windows\system32\drivers\pctfw2.sys [2009-01-06 160792]
R1 prcmondrv;prcmondrv;c:\windows\system32\drivers\prcmondrv1041.sys [2009-02-05 18432]
R1 SABKUTIL;SABKUTIL;\??\c:\program files\SuperAdBlocker.com\Super Ad Blocker\SABKUTIL.sys --> c:\program files\SuperAdBlocker.com\Super Ad Blocker\SABKUTIL.sys [?]
R2 CSIScanner;CSIScanner;c:\program files\PrevxCSI\prevxcsi.exe [2008-09-27 4107832]
R2 PD91Agent;PD91Agent;c:\program files\Raxco\PerfectDisk2008\PD91Agent.exe [2008-12-31 693512]
R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2009-01-06 356920]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2009-02-08 99376]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2009-02-09 38496]
S3 CMTUELP;CMTUELP;c:\docume~1\Jurek\USTAWI~1\Temp\CMTUELP.exe --> c:\docume~1\Jurek\USTAWI~1\Temp\CMTUELP.exe [?]
S3 PD91Engine;PD91Engine;c:\program files\Raxco\PerfectDisk2008\PD91Engine.exe [2008-12-31 910600]
S3 SavRoam;SAVRoam;c:\program files\Symantec AntiVirus\SavRoam.exe [2007-10-07 116664]
S3 XXU;XXU;c:\docume~1\Jurek\USTAWI~1\Temp\XXU.exe --> c:\docume~1\Jurek\USTAWI~1\Temp\XXU.exe [?]
 
--- Inne Usugi/Sterowniki w Pamici ---
 
*NewlyCreated* - MBAMSWISSARMY
*NewlyCreated* - SABKUTIL
*NewlyCreated* - XXU
*Deregistered* - mchInjDrv
*Deregistered* - RKREVEAL150
.
Zawarto folderu 'Zaplanowane zadania'
 
2009-02-09 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe []
 
2009-02-09 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-17 09:40]
.
.
------- Skan uzupeniajcy -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://www.onet.pl/
uInternet Settings,ProxyServer = http=194.146.248.2:8080
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel
LSP: c:\program files\Common Files\PC Tools\LSP\PCTLsp.dll
TCP: {A3F44599-7925-464B-8687-0CBD7109FE73} = 195.177.64.66,195.177.64.69
DPF: Cdm.Sdig - hxxps://www.cdm.net.pl/cdm2/sdig/aplet/SdigApplet.cab
DPF: CDMNet - hxxps://www.cdm.net.pl/cdm2/jar/CDMNetOnl.cab
DPF: ING Bank Online - hxxps://ssl.bsk.com.pl/bskonl/component/INGOnl.cab
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
DPF: {14E35D5F-DEBA-4DB3-B2ED-17542BA12D1F} - hxxp://rettpol.dyndns.tv:9090/AVC_AX_DVR.cab
DPF: {3D8700FB-86A4-4CB4-B738-6F0FC016AC7D} - hxxp://slimak.onet.pl/_m/wirusy/ArcaOnline.cab
DPF: {68282C51-9459-467B-95BF-3C0E89627E55} - hxxp://www.mks.com.pl/skaner/SkanerOnline.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game11.zylom.com/activex/zylomgamesplayer.cab
.
 
**************************************************************************
 
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-09 19:20:58
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
 
skanowanie ukrytych procesw ...  
 
skanowanie ukrytych wpisw autostartu ... 
 
skanowanie ukrytych plikw ...  
 
skanowanie pomylnie ukoczone
ukryte pliki: 0
 
**************************************************************************
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
 
[HKEY_USERS\S-1-5-21-343818398-2139871995-682003330-1003\*! V*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"MachineID"=hex:73,cb,96,ee,b2,cf,c9,00
 
[HKEY_USERS\S-1-5-21-343818398-2139871995-682003330-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:00,cd,06,e4,ec,42,bd,0a,f8,42,08,41,69,ef,e6,69,35,12,ea,db,34,d7,74,
   1e,a2,30,b8,b7,37,63,60,c1,f6,39,c2,07,d2,68,d1,4b,d9,28,e7,a6,57,48,63,8a,\
"??"=hex:35,fc,c6,3d,c9,02,ad,db,37,1f,61,de,0f,33,8f,50
 
[HKEY_USERS\S-1-5-21-343818398-2139871995-682003330-1003\Software\SecuROM\License information*]
"datasecu"=hex:37,c1,19,e8,88,6d,7f,b3,d9,d9,7c,65,6a,f3,4d,0c,d0,10,61,e2,1a,
   e4,6d,f6,af,b4,e4,c9,e1,2a,ea,a7,57,22,2b,48,a0,99,c0,11,d7,38,47,cb,1d,e1,\
"rkeysecu"=hex:a2,9f,f0,16,86,fd,f7,dd,da,44,96,df,7c,ab,bc,9b
.
--------------------- Pliki DLL adowane pod uruchomionymi procesami ---------------------
 
- - - - - - - > 'winlogon.exe'(1320)
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
c:\program files\common files\logishrd\bluetooth\LBTServ.dll
.
Czas ukoczenia: 2009-02-09 19:22:05
ComboFix-quarantined-files.txt  2009-02-09 18:21:53
ComboFix2.txt  2009-01-07 08:43:10
 
Przed: 3,636,846,592 bajtw wolnych
Po: 3,688,615,936 bajtw wolnych
 
282     --- E O F ---   2009-01-14 08:19:05
 
Wygenerowano w 0.136s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!