wklejto.pl

Dodane przez: ~rozgu (2009-03-04 17:49) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
ComboFix 09-02-27.02 - Kaka 2009-03-03 15:53:32.1 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.2.1250.1.1045.18.2046.1601 [GMT 1:00]
Uruchomiony z: c:\documents and settings\Kaka\Pulpit\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090205-1] *On-access scanning disabled* (Outdated)
 * Utworzono nowy punkt przywracania
.
 
(((((((((((((((((((((((((   Pliki utworzone od 2009-02-03 do 2009-03-03  )))))))))))))))))))))))))))))))
.
 
2009-03-03 15:48 . 2009-03-03 15:48     <DIR>   d--------       c:\program files\RegCleaner
2009-03-03 15:32 . 2009-03-03 15:32     <DIR>   d--------       c:\program files\Alwil Software
2009-03-03 15:32 . 2003-03-18 21:20     1,060,864       --a------       c:\windows\system32\MFC71.dll
2009-03-03 15:32 . 2003-02-21 04:42     348,160 --a------       c:\windows\system32\MSVCR71.dll
2009-02-25 18:31 . 2009-02-25 18:31     <DIR>   d--------       c:\program files\Nowe Gadu-Gadu
2009-02-25 18:31 . 2009-02-25 18:32     <DIR>   d--------       c:\documents and settings\Kaka\Dane aplikacji\Nowe Gadu-Gadu
2009-02-18 16:23 . 2009-02-18 16:23     <DIR>   d--------       c:\program files\Tlen.pl
2009-02-18 16:23 . 2009-02-23 17:01     <DIR>   d--------       c:\documents and settings\Kaka\Dane aplikacji\Tlen.pl
2009-02-18 16:23 . 2009-02-18 16:23     <DIR>   d--------       c:\documents and settings\All Users\Dane aplikacji\Tlen.pl
2009-02-18 15:30 . 2009-02-18 15:45     <DIR>   d--------       c:\program files\Pity 2008
2009-02-15 14:29 . 2004-08-04 00:44     159,232 --a------       c:\windows\system32\ptpusd.dll
2009-02-15 14:29 . 2001-10-26 17:29     5,632   --a------       c:\windows\system32\ptpusb.dll
2009-02-07 17:00 . 2009-02-07 17:00     <DIR>   d--------       c:\documents and settings\Kaka\Dane aplikacji\Leadertech
2009-02-07 14:33 . 2009-02-07 14:33     <DIR>   d--------       c:\program files\Philips
2009-02-05 22:44 . 2009-02-05 22:44     <DIR>   d--------       c:\documents and settings\All Users\Dane aplikacji\WEBREG
2009-02-05 22:43 . 2009-02-05 22:43     <DIR>   d--------       c:\documents and settings\Kaka\Dane aplikacji\HP
2009-02-05 22:38 . 2009-02-05 09:10     169,166 ---------       c:\windows\hpoins27.dat.temp
2009-02-05 22:38 . 2008-01-18 16:56     932     ---------       c:\windows\hpomdl27.dat.temp
2009-02-05 22:37 . 2009-02-05 22:37     <DIR>   d--------       c:\documents and settings\All Users\Dane aplikacji\Hewlett-Packard
2009-02-05 22:37 . 2007-11-08 15:52     271,704 -ra------       c:\windows\system32\hpzids01.dll
2009-02-05 22:37 . 2007-10-20 18:25     117,760 --a------       c:\windows\system32\hpzll5mu.dll
2009-02-05 22:36 . 2007-10-30 10:11     729,088 -ra------       c:\windows\system32\hpowiax7.dll
2009-02-05 22:36 . 2007-10-30 10:11     581,632 -ra------       c:\windows\system32\hpotscl6.dll
2009-02-05 22:36 . 2007-10-30 10:25     372,736 -ra------       c:\windows\system32\hppldcoi.dll
2009-02-05 22:36 . 2007-10-30 10:25     309,760 -ra------       c:\windows\system32\difxapi.dll
2009-02-05 22:36 . 2007-10-30 10:11     303,104 -ra------       c:\windows\system32\hpovst15.dll
2009-02-05 22:36 . 2007-10-30 10:25     49,920  -ra------       c:\windows\system32\drivers\HPZid412.sys
2009-02-05 22:36 . 2007-10-30 10:25     21,568  -ra------       c:\windows\system32\drivers\HPZius12.sys
2009-02-05 22:36 . 2007-10-30 10:25     16,496  -ra------       c:\windows\system32\drivers\HPZipr12.sys
2009-02-05 22:36 . 2004-08-03 22:58     15,104  --a------       c:\windows\system32\drivers\usbscan.sys
2009-02-05 22:36 . 2004-08-03 22:58     15,104  --a--c---       c:\windows\system32\dllcache\usbscan.sys
2009-02-05 12:37 . 2009-03-02 19:59     <DIR>   d--------       c:\program files\eMule
2009-02-05 09:08 . 2009-02-05 09:08     <DIR>   d--------       c:\documents and settings\All Users\Dane aplikacji\HP Product Assistant
2009-02-05 09:08 . 2009-02-05 09:08     <DIR>   d--------       c:\documents and settings\All Users\Dane aplikacji\HP
2009-02-05 09:08 . 2009-02-05 09:08     0       --a------       c:\windows\system32\YY
2009-02-05 09:07 . 2009-02-05 09:07     <DIR>   d--------       c:\program files\Hewlett-Packard
2009-02-05 09:07 . 2009-02-05 09:07     <DIR>   d--------       c:\program files\Common Files\HP
2009-02-05 09:07 . 2009-02-05 09:07     <DIR>   d--------       c:\program files\Common Files\Hewlett-Packard
2009-02-05 09:06 . 2009-02-05 09:08     <DIR>   d--------       c:\program files\HP
2009-02-05 09:06 . 2009-02-05 22:44     169,194 --a------       c:\windows\hpoins27.dat
2009-02-05 09:06 . 2004-08-03 23:08     31,616  --a------       c:\windows\system32\drivers\usbccgp.sys
2009-02-05 09:06 . 2004-08-03 23:08     31,616  --a--c---       c:\windows\system32\dllcache\usbccgp.sys
2009-02-05 09:06 . 2004-08-03 23:01     25,856  --a------       c:\windows\system32\drivers\usbprint.sys
2009-02-05 09:06 . 2004-08-03 23:01     25,856  --a--c---       c:\windows\system32\dllcache\usbprint.sys
2009-02-05 09:06 . 2008-01-18 16:56     932     ---------       c:\windows\hpomdl27.dat
2009-02-05 08:56 . 2009-02-05 08:56     <DIR>   d--------       c:\program files\MediaKey
2009-02-05 08:56 . 2009-02-05 08:56     77      --a------       c:\windows\MMKEYBD.UNI
2009-02-05 08:56 . 2009-02-05 08:56     0       --a------       c:\windows\SelSet.INI
2009-02-03 20:14 . 2009-02-03 20:14     <DIR>   d--------       c:\windows\Cache
2009-02-03 20:14 . 2009-02-05 09:11     <DIR>   d--------       c:\program files\Common Files\Adobe
2009-02-03 05:32 . 2009-02-03 05:32     <DIR>   d--------       c:\windows\SHELLNEW
2009-02-03 05:32 . 2009-02-03 05:32     <DIR>   d--------       c:\program files\Microsoft.NET
2009-02-03 05:32 . 2003-06-19 01:31     17,920  --a------       c:\windows\system32\mdimon.dll
2009-02-03 05:32 . 2009-02-03 05:32     421     --a------       c:\windows\ODBC.INI
 
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-03 14:48        16,608  ----a-w c:\windows\gdrv.sys
2009-03-03 14:48        ---------       d-----w c:\program files\AutoConnect
2009-03-03 14:32        ---------       d-----w c:\documents and settings\Kaka\Dane aplikacji\U3
2009-02-07 13:33        ---------       d--h--w c:\program files\InstallShield Installation Information
2009-02-02 19:34        ---------       d-----w c:\documents and settings\All Users\Dane aplikacji\Logishrd
2009-02-02 19:22        ---------       d-----w c:\documents and settings\All Users\Dane aplikacji\Logitech
2009-02-02 19:20        ---------       d-----w c:\documents and settings\Kaka\Dane aplikacji\Gadu-Gadu
2009-02-02 19:17        ---------       d-----w c:\documents and settings\Kaka\Dane aplikacji\uTorrent
2009-02-02 19:13        138,464 ----a-w c:\windows\system32\drivers\PnkBstrK.sys
2009-02-02 19:12        111,928 ----a-w c:\windows\system32\PnkBstrB.exe
2009-02-02 19:11        682,280 ----a-w c:\windows\system32\pbsvc.exe
2009-02-02 19:11        66,872  ----a-w c:\windows\system32\PnkBstrA.exe
2009-02-02 19:11        22,328  ----a-w c:\documents and settings\Kaka\Dane aplikacji\PnkBstrK.sys
2009-02-02 18:59        ---------       d-----w c:\program files\uTorrent
2009-02-02 18:43        ---------       d-----w c:\program files\DAEMON Tools
2009-02-02 18:41        685,816 ----a-w c:\windows\system32\drivers\sptd.sys
2009-02-02 18:35        ---------       d-----w c:\program files\NAPI-PROJEKT
2009-02-02 18:35        ---------       d-----w c:\program files\ALLPlayer
2009-02-02 18:34        ---------       d-----w c:\program files\Winamp
2009-02-02 18:34        ---------       d-----w c:\documents and settings\Kaka\Dane aplikacji\Winamp
2009-02-02 18:32        ---------       d-----w c:\program files\Opera
2009-02-02 18:31        737,280 ----a-w c:\windows\iun6002.exe
2009-02-02 18:31        ---------       d-----w c:\program files\Codec Pack - All In 1
2009-02-02 18:27        23      ----a-w c:\windows\system32\drivers\adidsl.cfg
2009-02-02 18:27        ---------       d-----w c:\program files\SAGEM
2009-02-02 18:27        ---------       d-----w c:\program files\Common Files\InstallShield
2009-02-02 17:42        ---------       d-----w c:\program files\Common Files\Wise Installation Wizard
2009-02-02 17:42        ---------       d-----w c:\program files\AGEIA Technologies
2009-02-02 17:40        ---------       d-----w c:\program files\Vtune
2009-02-02 17:38        ---------       d-----w c:\program files\Realtek
2009-02-02 17:38        ---------       d-----w c:\documents and settings\Kaka\Dane aplikacji\InstallShield
2009-02-02 17:34        ---------       d-----w c:\program files\Intel
2009-02-02 17:33        ---------       d-----w c:\program files\Gigabyte
2009-02-02 17:33        ---------       d-----w c:\program files\Browser Configuration Utility
2009-02-02 17:32        315,392 ----a-w c:\windows\HideWin.exe
2009-02-02 17:26        ---------       d-----w c:\program files\microsoft frontpage
2009-02-02 17:25        ---------       d-----w c:\program files\Usugi online
.
 
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domylne, prawidowe wpisy nie s pokazane  
REGEDIT4
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TBPanel"="c:\program files\Vtune\TBPanel.exe" [2008-09-05 2154496]
"AutoConnect"="c:\program files\AutoConnect\AutoConnect.exe" [2006-12-03 310784]
"ALLUpdate"="c:\program files\ALLPlayer\ALLUpdate.exe" [2008-11-24 869888]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2007-09-18 171464]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GEST"="m|\" [X]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-11 13574144]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-11 86016]
"MediaKey"="c:\progra~1\MediaKey\MMKeybd.EXE" [2004-08-04 184320]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2007-08-22 80896]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"RTHDCPL"="RTHDCPL.EXE" [2008-02-13 c:\windows\RTHDCPL.exe]
"nwiz"="nwiz.exe" [2008-09-11 c:\windows\system32\nwiz.exe]
 
c:\documents and settings\All Users\Menu Start\Programy\Autostart\
DSLMON.lnk - c:\program files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2009-02-02 962661]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
 
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"d:\\Gry\\Call of duty WAW\\CoDWaWmp.exe"=
"d:\\Gry\\Call of duty WAW\\CoDWaW.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\Tlen.pl\\tlen.exe"=
"c:\\Program Files\\Nowe Gadu-Gadu\\gg.exe"=
 
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-03-03 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-03-03 20560]
R2 ES lite Service;ES lite Service for program management.;c:\program files\Gigabyte\EasySaver\essvr.exe [2009-02-02 80392]
 
--- Inne Usugi/Sterowniki w Pamici ---
 
*NewlyCreated* - AAVMKER4
*NewlyCreated* - ASWFSBLK
*NewlyCreated* - ASWMON2
*NewlyCreated* - ASWRDR
*NewlyCreated* - ASWSP
*NewlyCreated* - ASWTDI
*NewlyCreated* - ASWUPDSV
*NewlyCreated* - AVAST!_ANTIVIRUS
*NewlyCreated* - AVAST!_MAIL_SCANNER
*NewlyCreated* - AVAST!_WEB_SCANNER
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12   REG_MULTI_SZ    Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt       REG_MULTI_SZ    hpqcxs08 hpqddsvc
 
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3ce3c32c-f151-11dd-962a-001fd068eabe}]
\Shell\AutoRun\command - G:\LaunchU3.exe -a
 
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3ce3c32d-f151-11dd-962a-001fd068eabe}]
\Shell\AutoRun\command - H:\i6g6x.cmd
\Shell\open\Command - H:\i6g6x.cmd
.
- - - - USUNITO PUSTE WPISY - - - -
 
HKLM-Run-WinampAgent - c:\program files\Winamp\winampa.exe
 
 
.
------- Skan uzupeniajcy -------
.
uStart Page = hxxp://google.daemonsearch.com/intl/
IE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: {A9E4473F-E5B0-4638-8C75-C2A51D2053EC} = 194.204.159.1 217.98.63.164
FF - ProfilePath - c:\documents and settings\Kaka\Dane aplikacji\Mozilla\Firefox\Profiles\qnhk56mz.default\
FF - prefs.js: browser.startup.homepage - www.onet.pl
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
.
 
**************************************************************************
 
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-03 15:54:11
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
 
skanowanie ukrytych procesw ...  
 
skanowanie ukrytych wpisw autostartu ... 
 
skanowanie ukrytych plikw ...  
 
 
c:\docume~1\KAKA~1\USTAWI~1\Temp\catchme.dll 53248 bytes executable
 
skanowanie pomylnie ukoczone
ukryte pliki: 1
 
**************************************************************************
.
Czas ukoczenia: 2009-03-03 15:54:42
ComboFix-quarantined-files.txt  2009-03-03 14:54:41
 
Przed: 60275355648 bajtw wolnych
Po: 60,313,694,208 bajtw wolnych
 
WindowsXP-KB310994-SP2-Pro-BootDisk-PLK.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
 
199
 
Wygenerowano w 0.084s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!